net.geant.edugain.base
Class Response

java.lang.Object
  net.geant.edugain.base.Response

All Implemented Interfaces:

java.io.Serializable

Direct Known Subclasses:

AttributeResponse, AuthenticationResponse, AuthorizationResponse

public abstract class Response
extends java.lang.Object
implements java.io.Serializable

Defines a generic eduGAIN class for responses. The class will be extended depending on the type of response: Authentication, Attributes, Authorization or Home Location.

Version:

1.0

Author:

Jose Manuel Macias, Jaime Perez

See Also:

Serialized Form

Field Summary

protected java.lang.String	additionalData Any other data the Authentication Service is willing to include.
protected java.net.URI	consumerId The component identifier for the consumer of the response.
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_ACCEPTED The request was accepted
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_CONNECT_TO Connect to...
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_DENY The request was denied
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_EXPIRED_MESSAGE The validity time of the content of the message has expired.
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_FAULT Fault
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_INCOMPATIBLE_VERSIONS The version of the message is incompatible with the version of the service.
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_INSUFFICIENT_DATA Not enough data to perform the authentication operation
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_INVALID_CREDENTIALS The provided credentials were invalid
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_MALFORMED_MESSAGE Error in the structure or codification of the message
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_REDIRECT_USER_TO The user must be redirected to...
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_TRUST_ERROR Error checking the authenticity of the message
static javax.xml.namespace.QName	EDUGAIN_NAMESPACE_RESULT_UNKNOWN_HOMESITE The homesite provided (or guessed by the HLS) is unknown
protected java.lang.String	errorMessage Extra information about the error.
protected javax.xml.namespace.QName	errorReason One of the possible error types taken into account in the system (see below)
protected java.lang.String	inResponseTo A reference to the RequestID contained in the input message of the operation.
protected java.util.ArrayList<java.net.URI>	interfaces A list of (possible) interfaces associated with a CONNECT_TO result
protected java.util.Date	issued The instant this response was issued
protected org.apache.log4j.Logger	log Generic logger attribute.
protected java.util.Date	notBefore The date after this response will be valid
protected java.util.Date	notOnOrAfter The date after this response will no longer be valid
protected java.net.URI	producerId The component identifier for the producer of the response.
private java.security.SecureRandom	random A secure random number generator
protected java.net.URI	recipient The URI representing the intended consumer of the response.
protected java.lang.String	responseID A reference (internally generated by the responder) for this operation to be used in further interactions regarding the request.
protected javax.xml.namespace.QName	result The result of the request.
protected java.lang.String	resultMessage Extra information about the error.
protected java.lang.Object	samlObject The OpenSAML object associated with this response.
protected boolean	strictMode According to the eduGAIN Trust Fabric:
protected Validator	validator The validator used to verify any response.

Constructor Summary

Response()
Creates a new instance of Response

Method Summary

void	addInterface(java.net.URI iface) Returns the list of interfaces associated with a ConnectTo result.
protected void	fromSAML(java.lang.Object obj) Fill this Response with a SAML Document.
abstract void	fromSAML(org.opensaml.saml2.core.Response response) Fill this Response with a SAML 2 Response
abstract void	fromSAML(org.opensaml.SAMLResponse response) Fill this Response with a SAMLResponse.
void	generateResponseID() Sets a randomly generated id for this request operation to be used in further interactions regarding this request.
java.lang.String	getAdditionalData() Gets additional data
java.net.URI	getConsumerId() Gets the component identifier for the eduGAIN component consuming this response .
java.lang.String	getInResponseTo() Gets the identifier of the query being responded
java.util.ArrayList<java.net.URI>	getInterfaces() Returns the list of interfaces associated with a ConnectTo result.
java.util.Date	getIssued() Returns the date this response was issued
java.util.Date	getNotBefore() Gets the date before this response should not be used
java.util.Date	getNotOnOrAfter() Gets the date after this response should not be used
java.net.URI	getProducerId() Gets the component identifier for the eduGAIN component producing this response .
java.net.URI	getRecipient() Gets the recipient of the query being responded
java.lang.String	getResponseID() Gets the identifier for this result
javax.xml.namespace.QName	getResult() Gets the status code of this response
java.lang.String	getResultMessage() Gets the message associated with the result.
boolean	isStrict() Check if this Response is in strict mode.
void	setAdditionalData(java.lang.String data) Sets additional data
void	setConsumerId(java.net.URI consumerId) Sets the component identifier for the eduGAIN component consuming this response.
void	setInResponseTo(java.lang.String id) Sets the identifier of the query being responded
void	setInterfaces(java.util.ArrayList<java.net.URI> list) Returns the list of interfaces associated with a ConnectTo result.
void	setIssued(java.util.Date issued) Sets the date this response is being issued (Issue Instant)
void	setNotBefore(java.util.Date notBefore) Sets the date before this response should not be used
void	setNotOnOrAfter(java.util.Date notOnOrAfter) Sets the date after this response should not be used
void	setProducerId(java.net.URI producerId) Sets the component identifier for the eduGAIN component producing this response.
void	setRecipient(java.net.URI rcp) Sets the recipient of the query being responded
void	setResponseID(java.lang.String id) Sets a reference for this request operation to be used in further interactions regarding this request.
void	setResult(javax.xml.namespace.QName code) Sets the result code for the response
void	setResultMessage(java.lang.String resultMessage) Sets the message associated with the result.
void	setStrict(boolean mode) Set this Response in strict mode.
void	setValidator(Validator v) Sets the Validator to use for every eduGAIN trust fabric operation.
byte[]	toBase64() Marshalls this Response into its base 64 representation.
abstract java.lang.Object	toSAML() Converts this response object into a SAML response.
java.lang.String	toString() Marshalls this Response into its string representation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

random

private java.security.SecureRandom random

A secure random number generator

log

protected org.apache.log4j.Logger log

Generic logger attribute. Please initialize it adequately in the implementing classes.

responseID

protected java.lang.String responseID

A reference (internally generated by the responder) for this operation to be used in further interactions regarding the request.

producerId

protected java.net.URI producerId

The component identifier for the producer of the response.

consumerId

protected java.net.URI consumerId

The component identifier for the consumer of the response.

inResponseTo

protected java.lang.String inResponseTo

A reference to the RequestID contained in the input message of the operation.

recipient

protected java.net.URI recipient

The URI representing the intended consumer of the response.

result

protected javax.xml.namespace.QName result

The result of the request. Possible values are:

• Accept: The request is authorised.
• ConnectTo: Following parameters will include the interfaces where further AA requests can be satisfied.
• Deny: The request is denied.
• InvalidCredentials: The result of the credential evaluation at the service does not allow providing any other response.
• Fault: An error occurred. The reason (and optionally additional information) will be provided by the errorReason and errorMessage parameters.

resultMessage

protected java.lang.String resultMessage

Extra information about the error.

issued

protected java.util.Date issued

The instant this response was issued

notBefore

protected java.util.Date notBefore

The date after this response will be valid

notOnOrAfter

protected java.util.Date notOnOrAfter

The date after this response will no longer be valid

EDUGAIN_NAMESPACE_RESULT_ACCEPTED

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_ACCEPTED

The request was accepted

EDUGAIN_NAMESPACE_RESULT_DENY

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_DENY

The request was denied

EDUGAIN_NAMESPACE_RESULT_CONNECT_TO

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_CONNECT_TO

Connect to... (a list of interfaces)

EDUGAIN_NAMESPACE_RESULT_REDIRECT_USER_TO

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_REDIRECT_USER_TO

The user must be redirected to...

EDUGAIN_NAMESPACE_RESULT_INSUFFICIENT_DATA

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_INSUFFICIENT_DATA

Not enough data to perform the authentication operation

EDUGAIN_NAMESPACE_RESULT_INVALID_CREDENTIALS

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_INVALID_CREDENTIALS

The provided credentials were invalid

EDUGAIN_NAMESPACE_RESULT_UNKNOWN_HOMESITE

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_UNKNOWN_HOMESITE

The homesite provided (or guessed by the HLS) is unknown

EDUGAIN_NAMESPACE_RESULT_FAULT

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_FAULT

Fault

interfaces

protected java.util.ArrayList<java.net.URI> interfaces

A list of (possible) interfaces associated with a CONNECT_TO result

additionalData

protected java.lang.String additionalData

Any other data the Authentication Service is willing to include. Possible purposes of these data are to provide additional logging and diagnostic information, or information relevant to the requesting resource, and any assumptions on their format is out of scope of this document.

This element is mapped to StatusDetail element which is unsupported in OpenSAML1, so for this version of the library, additionalData is unused.

errorReason

protected javax.xml.namespace.QName errorReason

One of the possible error types taken into account in the system (see below)

EDUGAIN_NAMESPACE_RESULT_TRUST_ERROR

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_TRUST_ERROR

Error checking the authenticity of the message

EDUGAIN_NAMESPACE_RESULT_MALFORMED_MESSAGE

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_MALFORMED_MESSAGE

Error in the structure or codification of the message

EDUGAIN_NAMESPACE_RESULT_EXPIRED_MESSAGE

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_EXPIRED_MESSAGE

The validity time of the content of the message has expired.

EDUGAIN_NAMESPACE_RESULT_INCOMPATIBLE_VERSIONS

public static final javax.xml.namespace.QName EDUGAIN_NAMESPACE_RESULT_INCOMPATIBLE_VERSIONS

The version of the message is incompatible with the version of the service.

errorMessage

protected java.lang.String errorMessage

Extra information about the error.

samlObject

protected java.lang.Object samlObject

The OpenSAML object associated with this response.

strictMode

protected boolean strictMode

According to the eduGAIN Trust Fabric:

XML Signatures MUST be used in the following SAML constructs:

• Assertions containing one SAML AuthenticationStatement and (optionally) several SAML AttributeStatement in response to an eduGAIN AuthenticationRequest.

XML Signatures SHOULD be used in the following SAML constructs:

• Assertions containing SAML AttributeStatement in response to an eduGAIN AttributeRequest.

validator

protected Validator validator

The validator used to verify any response.

Constructor Detail

Response

public Response()
         throws BaseException

Creates a new instance of Response

Throws:

BaseException

Method Detail

isStrict

public boolean isStrict()

Check if this Response is in strict mode. If strict mode set, then every Response will be signed and validated. Strict mode will be ignored when the eduGAIN Trust Model forces signatures. Please, refer to the eduGAIN Trust Model in the specifications to know when this signatures are mandatory.

Returns:

True if this Response is in strict mode, False else.

setStrict

public void setStrict(boolean mode)

Set this Response in strict mode. If strict mode set, then every Response will be signed and validated. Strict mode will be ignored when the eduGAIN Trust Model forces signatures. Please, refer to the eduGAIN Trust Model in the specifications to know when this signatures are mandatory.

Parameters:

mode - True if this Response should be strict, False else.

setValidator

public void setValidator(Validator v)

Sets the Validator to use for every eduGAIN trust fabric operation.

Parameters:

v - The custom Validator to use.

setResponseID

public void setResponseID(java.lang.String id)

Sets a reference for this request operation to be used in further interactions regarding this request.

Parameters:

id - The response ID.

generateResponseID

public void generateResponseID()

Sets a randomly generated id for this request operation to be used in further interactions regarding this request.

getResponseID

public java.lang.String getResponseID()

Gets the identifier for this result

Returns:

the identier of this result

setInResponseTo

public void setInResponseTo(java.lang.String id)

Sets the identifier of the query being responded

Parameters:

id - The identifier

getInResponseTo

public java.lang.String getInResponseTo()

Gets the identifier of the query being responded

Returns:

The inResponseTo identifier

setRecipient

public void setRecipient(java.net.URI rcp)

Sets the recipient of the query being responded

Parameters:

rcp - The recipient

getRecipient

public java.net.URI getRecipient()

Gets the recipient of the query being responded

Returns:

The recipient URI

setResult

public void setResult(javax.xml.namespace.QName code)

Sets the result code for the response

Parameters:

code - A valid result code (as thefined above)

getResult

public javax.xml.namespace.QName getResult()

Gets the status code of this response

Returns:

A qualified name describing the result

getInterfaces

public java.util.ArrayList<java.net.URI> getInterfaces()

Returns the list of interfaces associated with a ConnectTo result.

Returns:

An string array with the list of interfaces

setInterfaces

public void setInterfaces(java.util.ArrayList<java.net.URI> list)

Returns the list of interfaces associated with a ConnectTo result.

Parameters:

list - The list of interfaces.

addInterface

public void addInterface(java.net.URI iface)

Returns the list of interfaces associated with a ConnectTo result.

Parameters:

iface - An string array with the list of interfaces.

setAdditionalData

public void setAdditionalData(java.lang.String data)

Sets additional data

getAdditionalData

public java.lang.String getAdditionalData()

Gets additional data

getProducerId

public java.net.URI getProducerId()

Gets the component identifier for the eduGAIN component producing this response .

Returns:

an URN following eduGAIN naming conventions.

setProducerId

public void setProducerId(java.net.URI producerId)

Sets the component identifier for the eduGAIN component producing this response.

Parameters:

producerId - An URN following eduGAIN component naming conventions.

getConsumerId

public java.net.URI getConsumerId()

Gets the component identifier for the eduGAIN component consuming this response .

Returns:

an URN following eduGAIN naming conventions.

setConsumerId

public void setConsumerId(java.net.URI consumerId)

Sets the component identifier for the eduGAIN component consuming this response.

Parameters:

consumerId - An URN following eduGAIN component naming conventions.

getResultMessage

public java.lang.String getResultMessage()

Gets the message associated with the result.

setResultMessage

public void setResultMessage(java.lang.String resultMessage)

Sets the message associated with the result.

Parameters:

resultMessage - The message

getIssued

public java.util.Date getIssued()

Returns the date this response was issued

Returns:

the issue instant

setIssued

public void setIssued(java.util.Date issued)

Sets the date this response is being issued (Issue Instant)

Parameters:

issued - The issue instant

getNotBefore

public java.util.Date getNotBefore()

Gets the date before this response should not be used

Returns:

the date before this response should not be used

setNotBefore

public void setNotBefore(java.util.Date notBefore)

Sets the date before this response should not be used

Parameters:

notBefore - The date when this response will be valid

getNotOnOrAfter

public java.util.Date getNotOnOrAfter()

Gets the date after this response should not be used

Returns:

the date after this response should not be used

setNotOnOrAfter

public void setNotOnOrAfter(java.util.Date notOnOrAfter)

Sets the date after this response should not be used

Parameters:

notOnOrAfter - The date when this response won't be valid

fromSAML

protected void fromSAML(java.lang.Object obj)
                 throws BaseException

Fill this Response with a SAML Document. Supports as many type of objects as the OpenSAML version used supports. Please refer to your installed OpenSAML documentation what sources are supported.

Parameters:

obj - The SAML response.

Throws:

BaseException

fromSAML

public abstract void fromSAML(org.opensaml.SAMLResponse response)
                       throws BaseException

Fill this Response with a SAMLResponse.

Parameters:

response - The SAML response.

Throws:

BaseException

fromSAML

public abstract void fromSAML(org.opensaml.saml2.core.Response response)
                       throws BaseException

Fill this Response with a SAML 2 Response

Throws:

BaseException

toSAML

public abstract java.lang.Object toSAML()
                                 throws BaseException

Converts this response object into a SAML response. Please consider that this method returns an OpenSAML1 or an OpenSAML2 Response object depending on the SAML version eduGAIN is configured to use.

Returns:

A SAMLResponse or a Response, depending on the SAML version eduGAIN is configured to use.

Throws:

BaseException

toString

public java.lang.String toString()

Marshalls this Response into its string representation.

Overrides:

toString in class java.lang.Object

Returns:

the string representation of this Response.

toBase64

public byte[] toBase64()

Marshalls this Response into its base 64 representation.

Returns:

the base 64 representation of this Response.