org.apache.nifi.web.security.configuration

Class SamlAuthenticationSecurityConfiguration

java.lang.Object

org.apache.nifi.web.security.configuration.SamlAuthenticationSecurityConfiguration

@Configuration
public class SamlAuthenticationSecurityConfiguration
extends Object

SAML Configuration for Authentication Security

Field Summary

Fields

Modifier and Type	Field and Description
private BearerTokenProvider	bearerTokenProvider
private IdpUserGroupService	idpUserGroupService
private LogoutRequestManager	logoutRequestManager
private NiFiProperties	properties
private static Duration	REQUEST_EXPIRATION
private static long	REQUEST_MAXIMUM_CACHE_SIZE

Constructor Summary

Constructors

Constructor and Description
SamlAuthenticationSecurityConfiguration(NiFiProperties properties, BearerTokenProvider bearerTokenProvider, LogoutRequestManager logoutRequestManager, IdpUserGroupService idpUserGroupService)

Method Summary

Modifier and Type	Method and Description
private Saml2AuthenticationSuccessHandler	getAuthenticationSuccessHandler()
private org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository	getDisabledRelyingPartyRegistrationRepository()
org.springframework.security.saml2.provider.service.authentication.OpenSamlAuthenticationProvider	openSamlAuthenticationProvider() Spring Security OpenSAML Authentication Provider for processing SAML 2 login responses
org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository	relyingPartyRegistrationRepository() Spring Security SAML 2 Relying Party Registration Repository generated using NiFi Properties
org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver	relyingPartyRegistrationResolver() Spring Security SAML 2 Relying Party Registration Resolver for SAML 2 initial login processing
org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository<org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest>	saml2AuthenticationRequestRepository() Spring Security Saml 2 Authentication Request Repository for tracking SAML 2 across multiple HTTP requests
org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver	saml2AuthenticationRequestResolver() Spring Security SAML 2 Authentication Request Resolver uses OpenSAML 3 for compatibility with Java 8
Saml2LocalLogoutFilter	saml2LocalLogoutFilter() SAML 2 Local Logout Filter for clearing application caches on Logout requests
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter	saml2LogoutRequestFilter() Spring Security SAML 2 Single Logout Request Filter processing from an IDP
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository	saml2LogoutRequestRepository() SAML 2 Logout Request Repository for tracking Single Logout requests
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver	saml2LogoutRequestResolver() Spring Security SAML 2 Logout Request Resolver uses OpenSAML 3 for compatibility with Java 8
org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator	saml2LogoutRequestValidator() Spring Security SAML 2 Logout Request Validator
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter	saml2LogoutResponseFilter() Spring Security SAML 2 Single Logout Response Filter processing from an IDP
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver	saml2LogoutResponseResolver() Spring Security SAML 2 Logout Response Resolver uses OpenSAML 3 for compatibility with Java 8
org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator	saml2LogoutResponseValidator() Spring Security SAML 2 Logout Response Validator
Saml2LogoutSuccessHandler	saml2LogoutSuccessHandler() Standard SAML 2 Logout Success Handler for Logout processing after Single or Local Logout success
org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter	saml2MetadataFilter() Spring Security SAML 2 Metadata Filter returns SAML 2 Metadata XML
org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResolver	saml2MetadataResolver() Spring Security SAML 2 Metadata Resolver
Saml2SingleLogoutFilter	saml2SingleLogoutFilter() Spring Security Single Logout Filter for initiating Single Logout Requests sending to an IDP
Saml2SingleLogoutHandler	saml2SingleLogoutHandler() Standard SAML 2 Single Logout Handler
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler	saml2SingleLogoutSuccessHandler() SAML 2 Logout Success Handler for Single Logout processing
org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter	saml2WebSsoAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager) Spring Security SAML 2 Web SSO Authentication Filter for SAML 2 login response processing from an IDP
org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter	saml2WebSsoAuthenticationRequestFilter() Spring Security SAML 2 Web SSO Authentication Request Filter for SAML 2 initial login sending to an IDP

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REQUEST_EXPIRATION

private static final Duration REQUEST_EXPIRATION

REQUEST_MAXIMUM_CACHE_SIZE

private static final long REQUEST_MAXIMUM_CACHE_SIZE

See Also:

Constant Field Values

properties

private final NiFiProperties properties

bearerTokenProvider

private final BearerTokenProvider bearerTokenProvider

logoutRequestManager

private final LogoutRequestManager logoutRequestManager

idpUserGroupService

private final IdpUserGroupService idpUserGroupService

Constructor Detail

SamlAuthenticationSecurityConfiguration

@Autowired
public SamlAuthenticationSecurityConfiguration(NiFiProperties properties,
                                                          BearerTokenProvider bearerTokenProvider,
                                                          LogoutRequestManager logoutRequestManager,
                                                          IdpUserGroupService idpUserGroupService)

Method Detail

saml2MetadataFilter

@Bean
public org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter saml2MetadataFilter()

Spring Security SAML 2 Metadata Filter returns SAML 2 Metadata XML

Returns:

SAML 2 Metadata Filter

saml2WebSsoAuthenticationRequestFilter

@Bean
public org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter saml2WebSsoAuthenticationRequestFilter()

Spring Security SAML 2 Web SSO Authentication Request Filter for SAML 2 initial login sending to an IDP

Returns:

SAML 2 Authentication Request Filter

saml2WebSsoAuthenticationFilter

@Bean
public org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter saml2WebSsoAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)

Spring Security SAML 2 Web SSO Authentication Filter for SAML 2 login response processing from an IDP

Parameters:

authenticationManager - Spring Security Authentication Manager

Returns:

SAML 2 Authentication Filter

saml2SingleLogoutFilter

@Bean
public Saml2SingleLogoutFilter saml2SingleLogoutFilter()

Spring Security Single Logout Filter for initiating Single Logout Requests sending to an IDP

Returns:

SAML 2 Single Logout Filter

saml2LogoutRequestFilter

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter saml2LogoutRequestFilter()

Spring Security SAML 2 Single Logout Request Filter processing from an IDP

Returns:

SAML 2 Logout Request Filter

saml2LogoutResponseFilter

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter saml2LogoutResponseFilter()

Spring Security SAML 2 Single Logout Response Filter processing from an IDP

Returns:

SAML 2 Logout Response Filter

saml2SingleLogoutHandler

@Bean
public Saml2SingleLogoutHandler saml2SingleLogoutHandler()

Standard SAML 2 Single Logout Handler

Returns:

SAML 2 Single Logout Handler

saml2LocalLogoutFilter

@Bean
public Saml2LocalLogoutFilter saml2LocalLogoutFilter()

SAML 2 Local Logout Filter for clearing application caches on Logout requests

Returns:

SAML 2 Local Logout Filter

openSamlAuthenticationProvider

@Bean
public org.springframework.security.saml2.provider.service.authentication.OpenSamlAuthenticationProvider openSamlAuthenticationProvider()

Spring Security OpenSAML Authentication Provider for processing SAML 2 login responses

Returns:

OpenSAML 3 Authentication Provider required for compatibility with Java 8

saml2AuthenticationRequestResolver

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver saml2AuthenticationRequestResolver()

Spring Security SAML 2 Authentication Request Resolver uses OpenSAML 3 for compatibility with Java 8

Returns:

OpenSAML 3 version of SAML 2 Authentication Request Resolver

saml2LogoutRequestValidator

@Bean
public org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator saml2LogoutRequestValidator()

Spring Security SAML 2 Logout Request Validator

Returns:

OpenSAML Logout Request Validator

saml2LogoutResponseValidator

@Bean
public org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator saml2LogoutResponseValidator()

Spring Security SAML 2 Logout Response Validator

Returns:

OpenSAML Logout Response Validator

saml2LogoutRequestResolver

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver saml2LogoutRequestResolver()

Spring Security SAML 2 Logout Request Resolver uses OpenSAML 3 for compatibility with Java 8

Returns:

OpenSAML 3 version of SAML 2 Logout Request Resolver

saml2LogoutResponseResolver

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver saml2LogoutResponseResolver()

Spring Security SAML 2 Logout Response Resolver uses OpenSAML 3 for compatibility with Java 8

Returns:

OpenSAML 3 version of SAML 2 Logout Response Resolver

saml2AuthenticationRequestRepository

@Bean
public org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository<org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest> saml2AuthenticationRequestRepository()

Spring Security Saml 2 Authentication Request Repository for tracking SAML 2 across multiple HTTP requests

Returns:

SAML 2 Authentication Request Repository

relyingPartyRegistrationResolver

@Bean
public org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver relyingPartyRegistrationResolver()

Spring Security SAML 2 Relying Party Registration Resolver for SAML 2 initial login processing

Returns:

Default Relying Party Registration Resolver

relyingPartyRegistrationRepository

@Bean
public org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository relyingPartyRegistrationRepository()

Spring Security SAML 2 Relying Party Registration Repository generated using NiFi Properties

Returns:

Standard Relying Party Registration Repository or placeholder repository when SAML is disabled

saml2MetadataResolver

@Bean
public org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResolver saml2MetadataResolver()

Spring Security SAML 2 Metadata Resolver

Returns:

OpenSAML SAML 2 Metadata Resolver

saml2LogoutSuccessHandler

@Bean
public Saml2LogoutSuccessHandler saml2LogoutSuccessHandler()

Standard SAML 2 Logout Success Handler for Logout processing after Single or Local Logout success

Returns:

SAML 2 Logout Success Handler

saml2SingleLogoutSuccessHandler

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler saml2SingleLogoutSuccessHandler()

SAML 2 Logout Success Handler for Single Logout processing

Returns:

Spring Security SAML 2 Logout Success Handler

saml2LogoutRequestRepository

@Bean
public org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository saml2LogoutRequestRepository()

SAML 2 Logout Request Repository for tracking Single Logout requests

Returns:

SAML 2 Logout Request Repository

getAuthenticationSuccessHandler

private Saml2AuthenticationSuccessHandler getAuthenticationSuccessHandler()

getDisabledRelyingPartyRegistrationRepository

private org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository getDisabledRelyingPartyRegistrationRepository()