opensaml-2.4.3
opensaml::saml2 Namespace Reference

SAML 2.0 assertion namespace. More...

Classes

class  EncryptableObject
 Marker interface for SAML types that can be encrypted. More...
 
class  RootObject
 SAML 2.0 assertion or protocol message. More...
 
class  NameIDTypeBuilder
 Builder for NameIDType objects. More...
 
class  ConditionBuilder
 Builder for Condition extension objects. More...
 
class  DelegationRestrictionTypeBuilder
 Builder for DelegationRestrictionType objects. More...
 
class  KeyInfoConfirmationDataTypeBuilder
 Builder for KeyInfoConfirmationDataType objects. More...
 
class  StatementBuilder
 Builder for Statement extension objects. More...
 
class  AssertionValidator
 
class  BrowserSSOProfileValidator
 
class  SAML2AssertionPolicy
 Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...
 

Functions

 DECL_XMLOBJECT_SIMPLE (, AssertionIDRef, AssertionID, SAML 2.0 AssertionIDRef element)
 
 DECL_XMLOBJECT_SIMPLE (, AssertionURIRef, AssertionURI, SAML 2.0 AssertionURIRef element)
 
 DECL_XMLOBJECT_SIMPLE (, Audience, AudienceURI, SAML 2.0 Audience element)
 
 DECL_XMLOBJECT_SIMPLE (, AuthnContextClassRef, Reference, SAML 2.0 AuthnContextClassRef element)
 
 DECL_XMLOBJECT_SIMPLE (, AuthnContextDeclRef, Reference, SAML 2.0 AuthnContextDeclRef element)
 
 DECL_XMLOBJECT_SIMPLE (, AuthenticatingAuthority, ID, SAML 2.0 AuthenticatingAuthority element)
 
 BEGIN_XMLOBJECT (, EncryptedElementType, xmltooling::XMLObject, SAML 2.0 EncryptedElementType type)
 
 DECL_TYPED_FOREIGN_CHILD (EncryptedData, xmlencryption)
 
 DECL_TYPED_FOREIGN_CHILDREN (EncryptedKey, xmlencryption)
 
virtual void encrypt (const EncryptableObject &xmlObject, const saml2md::MetadataProvider &metadataProvider, saml2md::MetadataCredentialCriteria &criteria, bool compact=false, const XMLCh *algorithm=nullptr)
 Encrypts an object to a single recipient using this object as a container. More...
 
virtual void encrypt (const EncryptableObject &xmlObject, const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > &recipients, bool compact=false, const XMLCh *algorithm=nullptr)
 Encrypts an object to multiple recipients using this object as a container. More...
 
virtual xmltooling::XMLObject * decrypt (const xmltooling::CredentialResolver &credResolver, const XMLCh *recipient, xmltooling::CredentialCriteria *criteria=nullptr) const
 Decrypts the element using the supplied CredentialResolver. More...
 
 BEGIN_XMLOBJECT (, EncryptedID, EncryptedElementType, SAML 2.0 EncryptedID element)
 
 BEGIN_XMLOBJECT (, BaseID, EncryptableObject, SAML 2.0 BaseID abstract element)
 
 DECL_STRING_ATTRIB (NameQualifier, NAMEQUALIFIER)
 
 DECL_STRING_ATTRIB (SPNameQualifier, SPNAMEQUALIFIER)
 
 BEGIN_XMLOBJECT (, NameIDType, xmltooling::XMLObject, SAML 2.0 NameIDType type)
 
 DECL_STRING_ATTRIB (Format, FORMAT)
 
 DECL_STRING_ATTRIB (SPProvidedID, SPPROVIDEDID)
 
 DECL_SIMPLE_CONTENT (Name)
 
 BEGIN_XMLOBJECT2 (, NameID, NameIDType, EncryptableObject, SAML 2.0 NameID element)
 
 BEGIN_XMLOBJECT (, Issuer, NameIDType, SAML 2.0 Issuer element)
 
 BEGIN_XMLOBJECT (, Condition, xmltooling::XMLObject, SAML 2.0 Condition element)
 
 BEGIN_XMLOBJECT (, AudienceRestriction, Condition, SAML 2.0 AudienceRestriction element)
 
 DECL_TYPED_CHILDREN (Audience)
 
 BEGIN_XMLOBJECT (, OneTimeUse, Condition, SAML 2.0 OneTimeUse element)
 
 BEGIN_XMLOBJECT (, ProxyRestriction, Condition, SAML 2.0 ProxyRestriction element)
 
 DECL_INTEGER_ATTRIB (Count, COUNT)
 
 BEGIN_XMLOBJECT (, Delegate, xmltooling::XMLObject, SAML 2.0 Delegation Restriction Condition Delegate element)
 
 DECL_STRING_ATTRIB (ConfirmationMethod, CONFIRMATIONMETHOD)
 
 DECL_DATETIME_ATTRIB (DelegationInstant, DELEGATIONINSTANT)
 
 DECL_TYPED_CHILD (BaseID)
 
 DECL_TYPED_CHILD (NameID)
 
 DECL_TYPED_CHILD (EncryptedID)
 
 BEGIN_XMLOBJECT (, DelegationRestrictionType, Condition, SAML 2.0 Delegation Restriction Condition type)
 
 DECL_TYPED_CHILDREN (Delegate)
 
 BEGIN_XMLOBJECT (, Conditions, xmltooling::XMLObject, SAML 2.0 Conditions element)
 
 DECL_DATETIME_ATTRIB (NotBefore, NOTBEFORE)
 
 DECL_DATETIME_ATTRIB (NotOnOrAfter, NOTONORAFTER)
 
 DECL_TYPED_CHILDREN (AudienceRestriction)
 
 DECL_TYPED_CHILDREN (OneTimeUse)
 
 DECL_TYPED_CHILDREN (ProxyRestriction)
 
 DECL_TYPED_CHILDREN (Condition)
 
 BEGIN_XMLOBJECT (, SubjectConfirmationDataType, xmltooling::XMLObject, SAML 2.0 SubjectConfirmationDataType base type)
 
 DECL_STRING_ATTRIB (Recipient, RECIPIENT)
 
 DECL_STRING_ATTRIB (InResponseTo, INRESPONSETO)
 
 DECL_STRING_ATTRIB (Address, ADDRESS)
 
 BEGIN_XMLOBJECT2 (, SubjectConfirmationData, SubjectConfirmationDataType, xmltooling::ElementProxy, SAML 2.0 SubjectConfirmationData element)
 
 DECL_SIMPLE_CONTENT (Data)
 
 BEGIN_XMLOBJECT2 (, KeyInfoConfirmationDataType, SubjectConfirmationDataType, xmltooling::AttributeExtensibleXMLObject, SAML 2.0 KeyInfoConfirmationDataType type)
 
 DECL_TYPED_FOREIGN_CHILDREN (KeyInfo, xmlsignature)
 
 BEGIN_XMLOBJECT (, SubjectConfirmation, xmltooling::XMLObject, SAML 2.0 SubjectConfirmation element)
 
 DECL_STRING_ATTRIB (Method, METHOD)
 
 DECL_XMLOBJECT_CHILD (SubjectConfirmationData)
 
 BEGIN_XMLOBJECT (, Subject, xmltooling::XMLObject, SAML 2.0 Subject element)
 
 DECL_TYPED_CHILDREN (SubjectConfirmation)
 
 BEGIN_XMLOBJECT (, Statement, xmltooling::XMLObject, SAML 2.0 Statement element)
 
 BEGIN_XMLOBJECT (, SubjectLocality, xmltooling::XMLObject, SAML 2.0 SubjectLocality element)
 
 DECL_STRING_ATTRIB (DNSName, DNSNAME)
 
 BEGIN_XMLOBJECT (, AuthnContextDecl, xmltooling::ElementProxy, SAML 2.0 AuthnContextDecl element)
 
 BEGIN_XMLOBJECT (, AuthnContext, xmltooling::XMLObject, SAML 2.0 AuthnContext element)
 
 DECL_TYPED_CHILD (AuthnContextClassRef)
 
 DECL_XMLOBJECT_CHILD (AuthnContextDecl)
 
 DECL_TYPED_CHILD (AuthnContextDeclRef)
 
 DECL_TYPED_CHILDREN (AuthenticatingAuthority)
 
 BEGIN_XMLOBJECT (, AuthnStatement, Statement, SAML 2.0 AuthnStatement element)
 
 DECL_DATETIME_ATTRIB (AuthnInstant, AUTHNINSTANT)
 
 DECL_STRING_ATTRIB (SessionIndex, SESSIONINDEX)
 
 DECL_DATETIME_ATTRIB (SessionNotOnOrAfter, SESSIONNOTONORAFTER)
 
 DECL_TYPED_CHILD (SubjectLocality)
 
 DECL_TYPED_CHILD (AuthnContext)
 
 BEGIN_XMLOBJECT (, Action, xmltooling::XMLObject, SAML 2.0 Action element)
 
 DECL_STRING_ATTRIB (Namespace, NAMESPACE)
 
 DECL_SIMPLE_CONTENT (Action)
 
 BEGIN_XMLOBJECT (, Evidence, xmltooling::XMLObject, SAML 2.0 Evidence element)
 
 DECL_TYPED_CHILDREN (AssertionIDRef)
 
 DECL_TYPED_CHILDREN (AssertionURIRef)
 
 DECL_TYPED_CHILDREN (Assertion)
 
 DECL_TYPED_CHILDREN (EncryptedAssertion)
 
 BEGIN_XMLOBJECT (, AuthzDecisionStatement, Statement, SAML 2.0 AuthzDecisionStatement element)
 
 DECL_STRING_ATTRIB (Resource, RESOURCE)
 
 DECL_STRING_ATTRIB (Decision, DECISION)
 
 DECL_TYPED_CHILDREN (Action)
 
 DECL_TYPED_CHILD (Evidence)
 
 BEGIN_XMLOBJECT (, AttributeValue, xmltooling::ElementProxy, SAML 2.0 AttributeValue element)
 
 BEGIN_XMLOBJECT2 (, Attribute, xmltooling::AttributeExtensibleXMLObject, EncryptableObject, SAML 2.0 Attribute element)
 
 DECL_STRING_ATTRIB (Name, NAME)
 
 DECL_STRING_ATTRIB (NameFormat, NAMEFORMAT)
 
 DECL_STRING_ATTRIB (FriendlyName, FRIENDLYNAME)
 
 DECL_XMLOBJECT_CHILDREN (AttributeValue)
 
 BEGIN_XMLOBJECT (, EncryptedAttribute, EncryptedElementType, SAML 2.0 EncryptedAttribute element)
 
 BEGIN_XMLOBJECT (, AttributeStatement, Statement, SAML 2.0 AttributeStatement element)
 
 DECL_TYPED_CHILDREN (Attribute)
 
 DECL_TYPED_CHILDREN (EncryptedAttribute)
 
 BEGIN_XMLOBJECT (, EncryptedAssertion, EncryptedElementType, SAML 2.0 EncryptedAssertion element)
 
 BEGIN_XMLOBJECT (, Advice, xmltooling::ElementExtensibleXMLObject, SAML 2.0 Advice element)
 
 BEGIN_XMLOBJECT3 (, Assertion, saml2::RootObject, opensaml::Assertion, EncryptableObject, SAML 2.0 Assertion element)
 
 DECL_INHERITED_STRING_ATTRIB (Version, VER)
 
 DECL_INHERITED_STRING_ATTRIB (ID, ID)
 
 DECL_INHERITED_DATETIME_ATTRIB (IssueInstant, ISSUEINSTANT)
 
 DECL_INHERITED_TYPED_CHILD (Issuer)
 
 DECL_TYPED_CHILD (Subject)
 
 DECL_TYPED_CHILD (Conditions)
 
 DECL_TYPED_CHILD (Advice)
 
 DECL_TYPED_CHILDREN (Statement)
 
 DECL_TYPED_CHILDREN (AuthnStatement)
 
 DECL_TYPED_CHILDREN (AttributeStatement)
 
 DECL_TYPED_CHILDREN (AuthzDecisionStatement)
 
 DECL_XMLOBJECTBUILDER (, Action, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Advice, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Assertion, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AssertionIDRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AssertionURIRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Attribute, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AttributeStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AttributeValue, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Audience, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AudienceRestriction, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthenticatingAuthority, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthnContext, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthnContextClassRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthnContextDecl, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthnContextDeclRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthnStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, AuthzDecisionStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Conditions, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, EncryptedAssertion, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, EncryptedAttribute, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, EncryptedID, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Evidence, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Issuer, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, NameID, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, OneTimeUse, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, ProxyRestriction, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Subject, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, SubjectConfirmation, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, SubjectConfirmationData, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, SubjectLocality, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 
 DECL_XMLOBJECTBUILDER (, Delegate, samlconstants::SAML20_DELEGATION_CONDITION_NS, samlconstants::SAML20_DELEGATION_CONDITION_PREFIX)
 
void registerAssertionClasses ()
 Registers builders and validators for SAML 2.0 Assertion classes into the runtime.
 

Variables

static const XMLCh TYPE_NAME []
 EncryptedElementType local name. More...
 
 END_XMLOBJECT
 
static const XMLCh UNSPECIFIED []
 Unspecified name format ID. More...
 
static const XMLCh EMAIL []
 Email address name format ID.
 
static const XMLCh X509_SUBJECT []
 X.509 subject name format ID.
 
static const XMLCh WIN_DOMAIN_QUALIFIED []
 Windows domain qualified name format ID.
 
static const XMLCh KERBEROS []
 Kerberos principal name format ID.
 
static const XMLCh ENTITY []
 Entity identifier name format ID.
 
static const XMLCh PERSISTENT []
 Persistent identifier name format ID.
 
static const XMLCh TRANSIENT []
 Transient identifier name format ID.
 
static const XMLCh BEARER []
 Bearer confirmation method.
 
static const XMLCh HOLDER_KEY []
 Holder of key confirmation method.
 
static const XMLCh SENDER_VOUCHES []
 Sender vouches confirmation method.
 
static const XMLCh RWEDC_NEG_ACTION_NAMESPACE []
 Read/Write/Execute/Delete/Control Action Namespace.
 
static const XMLCh RWEDC_ACTION_NAMESPACE []
 Read/Write/Execute/Delete/Control with Negation Action Namespace.
 
static const XMLCh GHPP_ACTION_NAMESPACE []
 Get/Head/Put/Post Action Namespace.
 
static const XMLCh UNIX_ACTION_NAMESPACE []
 UNIX File Permissions Action Namespace.
 
static const XMLCh DECISION_PERMIT []
 Permit Decision.
 
static const XMLCh DECISION_DENY []
 Deny Decision.
 
static const XMLCh DECISION_INDETERMINATE []
 Indeterminate Decision.
 
static const XMLCh URI_REFERENCE []
 URI reference attribute name format ID.
 
static const XMLCh BASIC []
 Basic attribute name format ID.
 

Detailed Description

SAML 2.0 assertion namespace.

Function Documentation

virtual xmltooling::XMLObject* opensaml::saml2::decrypt ( const xmltooling::CredentialResolver &  credResolver,
const XMLCh *  recipient,
xmltooling::CredentialCriteria *  criteria = nullptr 
) const
virtual

Decrypts the element using the supplied CredentialResolver.

The object returned will be unmarshalled around the decrypted DOM element in a new Document owned by the object.

Parameters
credResolverlocked resolver supplying decryption keys
recipientidentifier naming the recipient (the entity performing the decryption)
criteriaoptional external criteria to use with resolver
Returns
the decrypted and unmarshalled object
virtual void opensaml::saml2::encrypt ( const EncryptableObject &  xmlObject,
const saml2md::MetadataProvider &  metadataProvider,
saml2md::MetadataCredentialCriteria &  criteria,
bool  compact = false,
const XMLCh *  algorithm = nullptr 
)
virtual

Encrypts an object to a single recipient using this object as a container.

Parameters
xmlObjectobject to encrypt
metadataProvidera locked MetadataProvider to supply encryption keys
criteriametadata-based CredentialCriteria to use
compacttrue iff compact KeyInfo should be used
algorithmoptionally specifies data encryption algorithm if none can be determined from metadata
Returns
the encrypted object
virtual void opensaml::saml2::encrypt ( const EncryptableObject &  xmlObject,
const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > &  recipients,
bool  compact = false,
const XMLCh *  algorithm = nullptr 
)
virtual

Encrypts an object to multiple recipients using this object as a container.

Parameters
xmlObjectobject to encrypt
recipientspairs containing a locked MetadataProvider to supply encryption keys, and a metadata-based CredentialCriteria to use
compacttrue iff compact KeyInfo should be used
algorithmoptionally specifies data encryption algorithm if none can be determined from metadata
Returns
the encrypted object

Variable Documentation

static const XMLCh opensaml::saml2::TYPE_NAME
static

EncryptedElementType local name.

AssertionType local name.

AdviceType local name.

AttributeStatementType local name.

AttributeType local name.

AuthzDecisionStatementType local name.

EvidenceType local name.

ActionType local name.

AuthnStatementType local name.

AuthnContextType local name.

SubjectLocalityType local name.

SubjectType local name.

SubjectConfirmationType local name.

KeyInfoConfirmationDataType local name.

ConditionsType local name.

DelegationRestrictionType local name.

DelegateType local name.

ProxyRestrictionType local name.

OneTimeUseType local name.

AudienceRestrictionType local name.

NameIDType local name.

static const XMLCh opensaml::saml2::UNSPECIFIED
static

Unspecified name format ID.

Unspecified attribute name format ID.