org.sourceid.saml20.service
Interface BearerAssertionReplayPreventionService

All Known Implementing Classes:
BearerAssertionReplayPreventionServiceMulticastImpl, BearerAssertionReplayPreventionSvcInMemoryImpl, BearerAssertionReplayPreventionSvcProxy

public interface BearerAssertionReplayPreventionService

Defines the method needed by PingFederate to prevent replay style attacks of SSO assertions.

Note that this interface is utilized only when you have PingFederate configured to function as an SP and you are receiving SSO assertions via the POST binding.

Author:
Brian Campbell

Method Summary
 boolean isReplay(java.lang.String assertionId, java.util.Calendar notOnOrAfter)
          Checks to see if the assertion has previously been processed.
 

Method Detail

isReplay

boolean isReplay(java.lang.String assertionId,
                 java.util.Calendar notOnOrAfter)
                 throws BearerAssertionReplayPreventionServiceException
Checks to see if the assertion has previously been processed.

Parameters:
assertionId - the unique identifier of the assertion.
notOnOrAfter - the time at which the assertion is no longer valid.
Returns:
true if the assertion id has been processed previously, false otherwise.
Throws:
BearerAssertionReplayPreventionServiceException - for any unexpected runtime problem that the implementation cannot handle.


Copyright 2007 Ping Identity Corp. All rights reserved.