The SAMLTokenProvider
The SAMLTokenProvider can issue SAML 1.1 and SAML 2.0 tokens. To request a SAML 1.1 token, the client must use one of the following Token Types:
- http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
- urn:oasis:names:tc:SAML:1.0:assertion
To request a SAML 2.0 token, the client must use one of the following Token Types:
-
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
- urn:oasis:names:tc:SAML:2.0:assertion
The following properties can be configured on the SAMLTokenProvider directly:
- List<AttributeStatementProvider> attributeStatementProviders - A list of objects that can add attribute statements to the token.
- List<AuthenticationStatementProvider> authenticationStatementProviders - A list of objects that can add authentication statements to the token.
- List<AuthDecisionStatementProvider> authDecisionStatementProviders - A list of objects that can add authorization decision statements to the token.
- SubjectProvider subjectProvider - An object used to add a Subject to the token.
- ConditionsProvider conditionsProvider - An object used to add a Conditions statement to the token.
- boolean signToken - Whether to sign the token or not. The default is true.
- Map<String, SAMLRealm> realmMap - A map of realms to SAMLRealm objects.
We will explain each of these properties in more detail in the next few sections.