Skip to content

Support Customizing Set of OpenSAML Validators #15578

New issue
New issue
Closed
Closed
Support Customizing Set of OpenSAML Validators#15578
Assignees
jzheaux
Labels
in: saml2An issue in SAML2 modulestype: enhancementA general enhancement
Milestone
 
6.5.0-RC1
@mathewm3

Description

@mathewm3
mathewm3
opened on Aug 12, 2024

Expected Behavior
Option to add/modify/remove SAML20AssertionValidators.attributeValidator especially subjects (BearerSubjectConfirmationValidator) in OpenSaml4AuthenticationProvider.java.

SAML20AssertionValidators.attributeValidator cannot be modified.

Even the method: createDefaultAssertionValidatorWithParameters() does not provide the option to modify SAML20AssertionValidators.attributeValidator

Current Behavior

Currently, it is hardcoded with SAML20AssertionValidators.attributeValidator with default conditions:

  1. AudienceRestrictionConditionValidator
  2. DelegationRestrictionConditionValidator
  3. ConditionValidator
  4. ProxyRestrictionConditionValidator

And a subject:

  1. BearerSubjectConfirmationValidator

Context

This will give flexibility to take the default assertion validator (createDefaultAssertionValidatorWithParameters) and modify only specific conditions or subjects.

Metadata

Metadata

Assignees

Labels

in: saml2An issue in SAML2 modulestype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions