public class QueryString
extends org.opensaml.core.xml.schema.impl.XSStringImpl
The <QueryString> element enables an alternative model for invited user interaction which is expected to better defend against identity theft attacks in which a valid email is spoofed to fool users into clicking an embedded URL. The invitation received by the invited user will contain a string carrying a SAML artifact (and potentially relay state info) representing a SAML <samlp:AuthnRequest> message created by the PS provider. The invited user can, if they choose, present this artifact string to their identity provider - which can then use the SAML <samlp:ArtifactResolve> message to retrieve the original <samlp:AuthnRequest> message from the PS provider.
As the invited user visits their IDP by explicitly providing the address or using an existing bookmark, they can be more confident that the site is not spoofed. Once they are at their IDP and after presenting the SAML artifact , appropriate federations can be established for the invited user with the originating PS provider and SP.
<!-- Declaration of QueryString -->
<xs:element name="QueryString" type="QueryStringType"/>
<!-- Definition of QueryStringType-->
<xs:complexType name="QueryStringType">
<xs:annotation>
<xs:documentation>A PS provider may insert a QueryString in its AddEntityResponse or AddKnownEntityResponse. The invited Principal can present this artifact string to a certain provider.</xs:documentation>
</xs:annotation>
<xs:simpleContent>
<xs:extension base="xs:string"/>
</xs:simpleContent>
</xs:complexType>
| Modifier and Type | Class and Description |
|---|---|
static class |
QueryString.Builder
Static Builder
|
static class |
QueryString.Marshaller
Static Marshaller
|
static class |
QueryString.Unmarshaller
Static Unmarshaller
|
| Modifier and Type | Field and Description |
|---|---|
static String |
LOCAL_NAME |
| Modifier | Constructor and Description |
|---|---|
protected |
QueryString(String namespaceURI,
String elementLocalName,
String namespacePrefix) |
getOrderedChildren, getValue, setValuedetach, getDOM, getElementQName, getIDIndex, getNamespaceManager, getNamespaces, getNoNamespaceSchemaLocation, getObjectMetadata, getParent, getSchemaLocation, getSchemaType, hasChildren, hasParent, isNil, isNilXSBoolean, manageQualifiedAttributeNamespace, prepareAttributeValueForAssignment, prepareElementContentForAssignment, prepareForAssignment, prepareForAssignment, prepareForAssignment, registerOwnID, releaseChildrenDOM, releaseDOM, releaseParentDOM, releaseThisAndChildrenDOM, releaseThisandParentDOM, resolveID, resolveIDFromRoot, setDOM, setElementNamespacePrefix, setElementQName, setNil, setNil, setNoNamespaceSchemaLocation, setParent, setSchemaLocation, setSchemaTypeclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitdetach, getDOM, getElementQName, getIDIndex, getNamespaceManager, getNamespaces, getNoNamespaceSchemaLocation, getObjectMetadata, getParent, getSchemaLocation, getSchemaType, hasChildren, hasParent, isNil, isNilXSBoolean, releaseChildrenDOM, releaseDOM, releaseParentDOM, resolveID, resolveIDFromRoot, setDOM, setNil, setNil, setNoNamespaceSchemaLocation, setParent, setSchemaLocationpublic static final String LOCAL_NAME
Copyright © 1999–2015. All rights reserved.