java.lang.Object

org.pac4j.core.util.InitializableObject

org.pac4j.core.client.BaseClient

org.pac4j.core.client.IndirectClient

org.pac4j.saml.client.SAML2Client

org.jenkinsci.plugins.saml.JenkinsSAML2Client

All Implemented Interfaces:: Closeable, AutoCloseable, org.pac4j.core.client.Client

public class JenkinsSAML2Client extends org.pac4j.saml.client.SAML2Client

This override of the base SAML2Client is needed to fix SECURITY-3613, by setting up a replay cache which is static to all client instances.

Field Summary

Fields inherited from class org.pac4j.saml.client.SAML2Client
authnResponseValidator, configuration, contextProvider, decrypter, identityProviderMetadataResolver, logoutRequestMessageSender, logoutValidator, replayCache, serviceProviderMetadataResolver, signatureSigningParametersProvider, signatureTrustEngineProvider, soapPipelineProvider, stateGenerator, webSsoMessageSender

Fields inherited from class org.pac4j.core.client.IndirectClient
ATTEMPTED_AUTHENTICATION_SUFFIX, callbackUrl, callbackUrlResolver, urlResolver

Fields inherited from class org.pac4j.core.client.BaseClient
logger, saveProfileInSession
Constructor Summary

Constructors

Constructor

Description

JenkinsSAML2Client(org.pac4j.saml.config.SAML2Configuration config)
Method Summary

Modifier and Type

Method

Description

protected void

initSAMLReplayCache(boolean forceReinit)

Methods inherited from class org.pac4j.saml.client.SAML2Client
close, destroy, getAuthnResponseValidator, getConfiguration, getContextProvider, getDecrypter, getIdentityProviderMetadataResolver, getIdentityProviderResolvedEntityId, getLogoutRequestMessageSender, getLogoutValidator, getReplayCache, getServiceProviderMetadataResolver, getServiceProviderResolvedEntityId, getSignatureSigningParametersProvider, getSignatureTrustEngineProvider, getSoapPipelineProvider, getStateGenerator, getWebSsoMessageSender, initAuthenticator, initCredentialExtractor, initDecrypter, initIdentityProviderMetadataResolver, initLogoutActionBuilder, initLogoutProcessor, initLogoutRequestMessageSender, initRedirectActionBuilder, initSAMLContextProvider, initSAMLLogoutResponseValidator, initSAMLResponseValidator, initServiceProviderMetadataResolver, initSignatureSigningParametersProvider, initSignatureTrustEngineProvider, initSOAPPipelineProvider, initStateGenerator, initWebSSOMessageSender, internalInit, notifySessionRenewal, setAuthnResponseValidator, setConfiguration, setContextProvider, setDecrypter, setIdentityProviderMetadataResolver, setLogoutRequestMessageSender, setLogoutValidator, setReplayCache, setServiceProviderMetadataResolver, setSignatureSigningParametersProvider, setSignatureTrustEngineProvider, setSoapPipelineProvider, setStateGenerator, setWebSsoMessageSender

Methods inherited from class org.pac4j.core.client.IndirectClient
afterInternalInit, beforeInternalInit, checkCredentials, computeFinalCallbackUrl, getAjaxRequestResolver, getCallbackUrl, getCallbackUrlResolver, getCodeVerifierSessionAttributeName, getLogoutAction, getLogoutActionBuilder, getLogoutProcessor, getNonceSessionAttributeName, getRedirectionAction, getRedirectionActionBuilder, getStateSessionAttributeName, getUrlResolver, isCheckAuthenticationAttempt, isLogoutActionBuilderUndefined, newDefaultCallbackUrlResolver, processLogout, setAjaxRequestResolver, setCallbackUrl, setCallbackUrlResolver, setCheckAuthenticationAttempt, setLogoutActionBuilder, setLogoutActionBuilderIfUndefined, setLogoutProcessor, setLogoutProcessorIfUndefined, setRedirectionActionBuilder, setRedirectionActionBuilderIfUndefined, setUrlResolver, toString

Methods inherited from class org.pac4j.core.client.BaseClient
addAuthorizationGenerator, addAuthorizationGenerators, findSessionLogoutHandler, getAuthenticator, getAuthorizationGenerators, getConfig, getCredentials, getCredentialsExtractor, getCustomProperties, getLogger, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getSaveProfileInSession, getSaveProfileInSession, getUserProfile, internalValidateCredentials, isMultiProfile, isMultiProfile, renewUserProfile, setAuthenticator, setAuthenticatorIfUndefined, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setConfig, setCredentialsExtractor, setCredentialsExtractorIfUndefined, setCustomProperties, setMultiProfile, setName, setProfileCreator, setProfileCreatorIfUndefined, setProfileFactoryWhenNotAuthenticated, setSaveProfileInSession, validateCredentials

Methods inherited from class org.pac4j.core.util.InitializableObject
getInitialized, getLastAttempt, getMaxAttempts, getMinTimeIntervalBetweenAttemptsInMilliseconds, getNbAttempts, init, init, isInitialized, reinit, setMaxAttempts, setMinTimeIntervalBetweenAttemptsInMilliseconds, shouldInitialize

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Details
- JenkinsSAML2Client
  
  public JenkinsSAML2Client(org.pac4j.saml.config.SAML2Configuration config)
Method Details
- initSAMLReplayCache
  
  protected void initSAMLReplayCache(boolean forceReinit)
  
  Overrides:
  
  initSAMLReplayCache in class org.pac4j.saml.client.SAML2Client

Class JenkinsSAML2Client

Field Summary

Fields inherited from class org.pac4j.saml.client.SAML2Client

Fields inherited from class org.pac4j.core.client.IndirectClient

Fields inherited from class org.pac4j.core.client.BaseClient

Constructor Summary

Method Summary

Methods inherited from class org.pac4j.saml.client.SAML2Client

Methods inherited from class org.pac4j.core.client.IndirectClient

Methods inherited from class org.pac4j.core.client.BaseClient

Methods inherited from class org.pac4j.core.util.InitializableObject

Methods inherited from class java.lang.Object

Constructor Details

JenkinsSAML2Client

Method Details

initSAMLReplayCache