Class ResponseValidator

    • Constructor Detail

      • ResponseValidator

        public ResponseValidator​(SignatureTrustEngine trustEngine,
                                 SignaturePrevalidator signaturePrevalidator)
        Constructor.
        Parameters:
        trustEngine - the trust used to validate the object's signature
        signaturePrevalidator - the signature pre-validator used to pre-validate the object's signature
    • Method Detail

      • validate

        public ValidationResult validate​(Response response,
                                         ValidationContext context)
        Validates the given object.
        Parameters:
        response - object to be evaluated
        context - current validation context
        Returns:
        the result of the evaluation
      • validateID

        protected ValidationResult validateID​(Response response,
                                              ValidationContext context)
        Validates that the Response object has an ID attribute.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateVersion

        protected ValidationResult validateVersion​(Response response,
                                                   ValidationContext context)
        Validates that the Response object has a valid Version attribute.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateStatus

        protected ValidationResult validateStatus​(Response response,
                                                  ValidationContext context)
        Validates that the Response object has a Status attribute.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateDestination

        protected ValidationResult validateDestination​(Response response,
                                                       ValidationContext context)
        Ensures that the Destination attribute is present and matches the URL on which we received the message. This value is found in the context under the CoreValidatorParameters.RECEIVE_URL key.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateConsent

        protected ValidationResult validateConsent​(Response response,
                                                   ValidationContext context)
        Validates the Consent attribute. The default implementation returns ValidationResult.VALID since the attribute is optional according to the SAML 2.0 Core specifications.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateAssertions

        protected ValidationResult validateAssertions​(Response response,
                                                      ValidationContext context)
        Validates the Assertion and/or EncryptedAssertion element. The default implementation checks:
        • If status is success - At least of assertion (or encrypted assertion) is present.
        • Else - No assertions are present.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result
      • validateExtensions

        protected ValidationResult validateExtensions​(Response response,
                                                      ValidationContext context)
        Validates the Extensions element. The default implementation returns ValidationResult.VALID since the element is optional according to the SAML 2.0 Core specifications.
        Parameters:
        response - the response
        context - the validation context
        Returns:
        a validation result