public class HttpServletRequestMessageChannelSecurity extends AbstractMessageChannelSecurity
MessageChannelSecurityContext
based on a
HttpServletRequest
.Constructor and Description |
---|
HttpServletRequestMessageChannelSecurity()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
protected void |
doExecute(ProfileRequestContext profileRequestContext)
Performs this action.
|
protected void |
doInitialize() |
void |
setDefaultPortInsecure(boolean flag)
Set whether traffic on the default TLS port is "secure" for the purposes of this action.
|
doPreExecute, getParentContext, setParentContextLookupStrategy
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
destroy, doDestroy, initialize, isDestroyed, isInitialized
public HttpServletRequestMessageChannelSecurity()
public void setDefaultPortInsecure(boolean flag)
Defaults to "true"
Ordinarily TLS is considered a "secure" channel, but traffic to a default port meant for browser access tends to rely on server certificates that are unsuited to secure messaging use cases. This flag allows software layers to recognize traffic on this port as "insecure" and needing additional security measures.
flag
- flag to setprotected void doInitialize() throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
doInitialize
in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
net.shibboleth.utilities.java.support.component.ComponentInitializationException
protected void doExecute(ProfileRequestContext profileRequestContext)
doExecute
in class AbstractProfileAction
profileRequestContext
- the current IdP profile request contextCopyright © 2018. All rights reserved.