Class HTTPMetadataProvider
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
-
- se.litsec.opensaml.saml2.metadata.provider.HTTPMetadataProvider
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,MetadataProvider
public class HTTPMetadataProvider extends AbstractMetadataProvider
A provider that downloads metadata from a HTTP resource.- Author:
- Martin Lindström (martin.lindstrom@litsec.se)
- See Also:
HTTPMetadataResolver,FileBackedHTTPMetadataResolver
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
AbstractMetadataProvider.EntityDescriptorIterator
-
-
Constructor Summary
Constructors Constructor Description HTTPMetadataProvider(String metadataUrl, String backupFile)Creates a provider that periodically downloads data from the URL given bymetadataUrl.HTTPMetadataProvider(String metadataUrl, String backupFile, org.apache.http.client.HttpClient httpClient)Creates a provider that periodically downloads data from the URL given bymetadataUrl.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static org.apache.http.client.HttpClientcreateDefaultHttpClient()Creates a defaultHttpClientinstance that uses system properties and sets a SSLSocketFactory that is configured in a "no trust" mode, meaning that all peer certificates are accepted and no hostname check is made.static org.apache.http.client.HttpClientcreateDefaultHttpClient(KeyStore trustKeyStore, HostnameVerifier hostnameVerifier)Creates aHttpClientinstance that sets up a trust manager that accepts all certificates supplied in thetrustKeyStoreparameter.protected voidcreateMetadataResolver(boolean requireValidMetadata, boolean failFastInitialization, MetadataFilter filter)Creates the specificMetadataResolverinstance for the provider implementation.protected voiddestroyMetadataResolver()Destroys the metadata resolver.StringgetID()Returns the identifier for the provider.MetadataResolvergetMetadataResolver()Returns the underlying OpenSAML metadata resolver.protected voidinitializeMetadataResolver()Initializes the metadata resolver.-
Methods inherited from class se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
createFilter, doDestroy, doInitialize, getEntityDescriptor, getIdentityProviders, getIDPSSODescriptor, getLastUpdate, getMetadata, getMetadataDOM, getServiceProviders, getSignatureVerificationCertificates, getSPSSODescriptor, iterator, iterator, refresh, setExclusionPredicates, setFailFastInitialization, setInclusionPredicates, setPerformSchemaValidation, setRequireValidMetadata, setSignatureVerificationCertificate, setSignatureVerificationCertificates
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.DestructableComponent
destroy, isDestroyed
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Constructor Detail
-
HTTPMetadataProvider
public HTTPMetadataProvider(String metadataUrl, String backupFile) throws ResolverException
Creates a provider that periodically downloads data from the URL given bymetadataUrl. If thebackupFileparameter is given the provider also stores the downloaded metadata on disk as backup.This constructor will initialize the underlying
MetadataResolverwith a defaultHttpClientinstance that is initialized according tocreateDefaultHttpClient().- Parameters:
metadataUrl- the URL to use when downloading metadatabackupFile- optional path to the file to where the provider should store downloaded metadata- Throws:
ResolverException- if the supplied metadata URL is invalid
-
HTTPMetadataProvider
public HTTPMetadataProvider(String metadataUrl, String backupFile, org.apache.http.client.HttpClient httpClient) throws ResolverException
Creates a provider that periodically downloads data from the URL given bymetadataUrl. If thebackupFileparameter is given the provider also stores the downloaded metadata on disk as backup.- Parameters:
metadataUrl- the URL to use when downloading metadatabackupFile- optional path to the file to where the provider should store downloaded metadatahttpClient- theHttpClientthat should be used to download the metadata- Throws:
ResolverException- if the supplied metadata URL is invalid
-
-
Method Detail
-
createDefaultHttpClient
public static org.apache.http.client.HttpClient createDefaultHttpClient() throws ResolverExceptionCreates a defaultHttpClientinstance that uses system properties and sets a SSLSocketFactory that is configured in a "no trust" mode, meaning that all peer certificates are accepted and no hostname check is made.TLS security parameters, such as a trust engine, may later be added by assigning a configured
HttpClientSecurityParametersinstance in the constructor.- Returns:
- a default
HttpClientinstance - Throws:
ResolverException- for errors creating the client
-
createDefaultHttpClient
public static org.apache.http.client.HttpClient createDefaultHttpClient(KeyStore trustKeyStore, HostnameVerifier hostnameVerifier) throws ResolverException
Creates aHttpClientinstance that sets up a trust manager that accepts all certificates supplied in thetrustKeyStoreparameter. ThehostnameVerifierparameter tells which hostname verifier that should be used. If not supplied, aDefaultHostnameVerifierwill be used.- Parameters:
trustKeyStore- a KeyStore holding the certificates that should be accepted (if null, all certificates are accepted)hostnameVerifier- the HostnameVerifier to use (if null a DefaultHostnameVerifier is used)- Returns:
- a HttpClient instance
- Throws:
ResolverException- for errors creating the client
-
getID
public String getID()
Returns the identifier for the provider.- Returns:
- the identifier
-
getMetadataResolver
public MetadataResolver getMetadataResolver()
Returns the underlying OpenSAML metadata resolver.- Returns:
- OpenSAML metadata resolver
-
createMetadataResolver
protected void createMetadataResolver(boolean requireValidMetadata, boolean failFastInitialization, MetadataFilter filter) throws ResolverExceptionCreates the specificMetadataResolverinstance for the provider implementation.The
filterparameter is aMetadataFilterthat must be installed for the resolver. Any other filters that should be installed by the specific instance should be placed last in a filter chain.- Specified by:
createMetadataResolverin classAbstractMetadataProvider- Parameters:
requireValidMetadata- should be passed intoMetadataResolver.setRequireValidMetadata(boolean)failFastInitialization- should be passed intoAbstractMetadataResolver.setFailFastInitialization(boolean)(if applicable)filter- filter that must be installed for the resolver- Throws:
ResolverException- for errors creating the resolver
-
initializeMetadataResolver
protected void initializeMetadataResolver() throws ComponentInitializationExceptionInitializes the metadata resolver.- Specified by:
initializeMetadataResolverin classAbstractMetadataProvider- Throws:
ComponentInitializationException- for initialization errors
-
destroyMetadataResolver
protected void destroyMetadataResolver()
Destroys the metadata resolver.- Specified by:
destroyMetadataResolverin classAbstractMetadataProvider
-
-