Class SamlSpMetadataBuilder

java.lang.Object
org.elasticsearch.xpack.security.authc.saml.SamlSpMetadataBuilder

public class SamlSpMetadataBuilder extends Object
Constructs SAML Metadata to describe a Service Provider. This metadata is used to configure Identity Providers that will interact with the Service Provider.
  • Constructor Details

    • SamlSpMetadataBuilder

      public SamlSpMetadataBuilder(Locale locale, String entityId)
      Parameters:
      locale - The locale to use for element that require xml:lang attributes
      entityId - The URI for the Service Provider entity
  • Method Details

    • nameIdFormat

      public SamlSpMetadataBuilder nameIdFormat(String nameIdFormat)
      The format that the service provider expects for incoming NameID element.
    • serviceName

      public SamlSpMetadataBuilder serviceName(String serviceName)
      The name of the service, for use in a AttributeConsumingService
    • withAttribute

      public SamlSpMetadataBuilder withAttribute(String friendlyName, String name)
      Request a named attribute be provided as part of assertions. Specified in a AttributeConsumingService
    • assertionConsumerServiceUrl

      public SamlSpMetadataBuilder assertionConsumerServiceUrl(String acsUrl)
      The (POST) URL to be used to accept SAML assertions (authentication results)
    • singleLogoutServiceUrl

      public SamlSpMetadataBuilder singleLogoutServiceUrl(String slsUrl)
      The (GET/Redirect) URL to be used to handle SAML logout / session termination
    • authnRequestsSigned

      public SamlSpMetadataBuilder authnRequestsSigned(Boolean authnRequestsSigned)
      Whether this Service Provider signs AuthnRequest messages.
    • signingCertificate

      public SamlSpMetadataBuilder signingCertificate(X509Certificate signingCertificate)
      The certificate that the service provider users to sign SAML requests.
    • signingCredential

      public SamlSpMetadataBuilder signingCredential(org.opensaml.security.x509.X509Credential credential)
      The certificate credential that should be used to send encrypted data to the service provider.
    • encryptionCertificates

      public SamlSpMetadataBuilder encryptionCertificates(Collection<X509Certificate> encryptionCertificates)
      The certificate that should be used to send encrypted data to the service provider.
    • encryptionCredentials

      public SamlSpMetadataBuilder encryptionCredentials(Collection<org.opensaml.security.x509.X509Credential> credentials)
      The certificate credential that should be used to send encrypted data to the service provider.
    • organization

      The organisation that operates the service provider
    • organization

      public SamlSpMetadataBuilder organization(String orgName, String displayName, String url)
      The organisation that operates the service provider
    • withContact

      A contact within the organisation that operates the service provider
    • withContact

      public SamlSpMetadataBuilder withContact(String type, String givenName, String surName, String email)
      A contact within the organisation that operates the service provider
      Parameters:
      type - Must be one of the standard types on ContactPersonTypeEnumeration
    • build

      public org.opensaml.saml.saml2.metadata.EntityDescriptor build() throws Exception
      Constructs an EntityDescriptor that contains a single SPSSODescriptor.
      Throws:
      Exception