public class ShibbolethSAML2AttributeAuthority extends BaseService implements SAML2AttributeAuthority
Constructor and Description |
---|
ShibbolethSAML2AttributeAuthority(ShibbolethAttributeResolver resolver)
This creates a new attribute authority.
|
Modifier and Type | Method and Description |
---|---|
org.opensaml.saml2.core.AttributeStatement |
buildAttributeStatement(org.opensaml.saml2.core.AttributeQuery query,
Collection<BaseAttribute> attributes)
Creates a SAML 2 attribute statement from a collection of
BaseAttribute . |
protected Collection<org.opensaml.saml2.core.Attribute> |
encodeAttributes(org.opensaml.saml2.core.AttributeQuery query,
Collection<BaseAttribute> attributes)
This encodes the supplied attributes with that attribute's SAML2 encoder.
|
protected void |
filterAttributesByValue(org.opensaml.saml2.core.AttributeQuery query,
Collection<org.opensaml.saml2.core.Attribute> attributes)
Filters out all but the values, for an attribute, provided in the query, if and only if, the query specifies at
least one value for the attribute.
|
protected Set<String> |
getAttribtueIds(org.opensaml.saml2.metadata.EntityDescriptor metadata)
Gets the attribute IDs for those attributes requested in the entity metadata.
|
String |
getAttributeIDBySAMLAttribute(org.opensaml.saml2.core.Attribute attribute)
Translates SAML 2 attribute naming information into the internal attribute ID used by the resolver and filtering
engine.
|
protected Set<String> |
getAttributeIds(List<org.opensaml.saml2.core.Attribute> attributes)
This parses the attribute ids from the supplied list of attributes.
|
protected Set<String> |
getAttributeIds(org.opensaml.saml2.core.RequestAbstractType samlRequest)
Gets the attribute IDs for those attributes requested in the attribute query.
|
ShibbolethAttributeResolver |
getAttributeResolver()
Gets the attribute resolver.
|
Map<String,BaseAttribute> |
getAttributes(SAMLProfileRequestContext<? extends org.opensaml.saml2.core.RequestAbstractType,? extends org.opensaml.saml2.core.StatusResponseType,org.opensaml.saml2.core.NameID,? extends AbstractSAML2ProfileConfiguration> requestContext)
Gets the attributes for the principal identified in the request.
|
ShibbolethAttributeFilteringEngine |
getFilteringEngine()
Gets the filtering engine.
|
String |
getPrincipal(SAMLProfileRequestContext<? extends org.opensaml.saml2.core.RequestAbstractType,? extends org.opensaml.saml2.core.StatusResponseType,org.opensaml.saml2.core.NameID,? extends AbstractSAML2ProfileConfiguration> requestContext)
Resolves a
NameID into the internal principal name used by Shibboleth. |
org.opensaml.saml2.core.Attribute |
getSAMLAttributeByAttributeID(String id)
Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 2
attribute name.
|
protected void |
onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
Called after a new context has been created but before it set as the service's context.
|
void |
setFilteringEngine(ShibbolethAttributeFilteringEngine engine)
Sets the attribute filtering engine.
|
destroy, getApplicationContext, getId, getReadWriteLock, getServiceConfigurations, getServiceContext, initialize, isDestroyed, isInitialized, loadContext, setApplicationContext, setBeanName, setInitialized, setServiceConfigurations, setServiceContext
public ShibbolethSAML2AttributeAuthority(ShibbolethAttributeResolver resolver)
resolver
- The attribute resolver to setpublic ShibbolethAttributeResolver getAttributeResolver()
public ShibbolethAttributeFilteringEngine getFilteringEngine()
public void setFilteringEngine(ShibbolethAttributeFilteringEngine engine)
engine
- attribute filtering enginepublic org.opensaml.saml2.core.AttributeStatement buildAttributeStatement(org.opensaml.saml2.core.AttributeQuery query, Collection<BaseAttribute> attributes) throws AttributeEncodingException
BaseAttribute
.buildAttributeStatement
in interface SAML2AttributeAuthority
query
- the attribute query the statement is in response to, may be nullattributes
- the attributes to create the attribute statement formAttributeEncodingException
- thrown if an BaseAttribute
can not be encodedpublic String getAttributeIDBySAMLAttribute(org.opensaml.saml2.core.Attribute attribute)
getAttributeIDBySAMLAttribute
in interface SAML2AttributeAuthority
attribute
- the SAML 2 attribute to translatepublic org.opensaml.saml2.core.Attribute getSAMLAttributeByAttributeID(String id)
getSAMLAttributeByAttributeID
in interface SAML2AttributeAuthority
id
- internal attribute IDpublic String getPrincipal(SAMLProfileRequestContext<? extends org.opensaml.saml2.core.RequestAbstractType,? extends org.opensaml.saml2.core.StatusResponseType,org.opensaml.saml2.core.NameID,? extends AbstractSAML2ProfileConfiguration> requestContext) throws AttributeRequestException
NameID
into the internal principal name used by Shibboleth.getPrincipal
in interface SAML2AttributeAuthority
requestContext
- The request context within which to retrieve the principal. At a minimum, a NameID
and relying party ID must be included.NameID
into the internal principal name used by ShibbolethAttributeRequestException
- thrown if the principal could not be resolvedpublic Map<String,BaseAttribute> getAttributes(SAMLProfileRequestContext<? extends org.opensaml.saml2.core.RequestAbstractType,? extends org.opensaml.saml2.core.StatusResponseType,org.opensaml.saml2.core.NameID,? extends AbstractSAML2ProfileConfiguration> requestContext) throws AttributeRequestException
getAttributes
in interface AttributeAuthority<SAMLProfileRequestContext<? extends org.opensaml.saml2.core.RequestAbstractType,? extends org.opensaml.saml2.core.StatusResponseType,org.opensaml.saml2.core.NameID,? extends AbstractSAML2ProfileConfiguration>>
requestContext
- contextual information for the attribute requestAttributeRequestException
- thrown if there is a problem retrieving the attributesprotected Collection<org.opensaml.saml2.core.Attribute> encodeAttributes(org.opensaml.saml2.core.AttributeQuery query, Collection<BaseAttribute> attributes) throws AttributeEncodingException
query
- request that may containing filtering designatorsattributes
- the attributes to encodeAttributeEncodingException
- thrown if an attribute could not be encodedprotected void filterAttributesByValue(org.opensaml.saml2.core.AttributeQuery query, Collection<org.opensaml.saml2.core.Attribute> attributes)
query
- the attribute queryattributes
- the attributes to filterprotected Set<String> getAttributeIds(org.opensaml.saml2.core.RequestAbstractType samlRequest)
samlRequest
- incomming SAML requestprotected Set<String> getAttribtueIds(org.opensaml.saml2.metadata.EntityDescriptor metadata)
metadata
- the entity metadataprotected Set<String> getAttributeIds(List<org.opensaml.saml2.core.Attribute> attributes)
attributes
- List
Set
of attribute idsprotected void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext) throws ServiceException
onNewContextCreated
in class BaseService
newServiceContext
- the newly created context for the serviceServiceException
- thrown if there is a problem with the given service contextCopyright © 1999–2014. All rights reserved.