|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectedu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<HTTPInTransport,HTTPOutTransport>
edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<SAMLMDRelyingPartyConfigurationManager,Session>
edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler
public abstract class AbstractSAML1ProfileHandler
Common implementation details for profile handlers.
| Nested Class Summary | |
|---|---|
protected class |
AbstractSAML1ProfileHandler.SAML1AuditLogEntry
SAML 1 specific audit log entry. |
| Field Summary | |
|---|---|
private SAMLObjectBuilder<Assertion> |
assertionBuilder
Builder of Assertion objects. |
private SAMLObjectBuilder<Audience> |
audienceBuilder
Builder of AudienceRestrictionCondition objects. |
private SAMLObjectBuilder<AudienceRestrictionCondition> |
audienceRestrictionConditionBuilder
Builder of AudienceRestrictionCondition objects. |
private SAMLObjectBuilder<Conditions> |
conditionsBuilder
Builder of Conditions objects. |
private SAMLObjectBuilder<ConfirmationMethod> |
confirmationMethodBuilder
Builder of ConfirmationMethod objects. |
private static org.slf4j.Logger |
log
Class logger. |
private SAMLObjectBuilder<Response> |
responseBuilder
Builder of Response objects. |
static SAMLVersion |
SAML_VERSION
SAML Version for this profile handler. |
private XMLObjectBuilder<Signature> |
signatureBuilder
For building signature. |
private SAMLObjectBuilder<Status> |
statusBuilder
Builder for Status objects. |
private SAMLObjectBuilder<StatusCode> |
statusCodeBuilder
Builder for StatusCode objects. |
private SAMLObjectBuilder<StatusMessage> |
statusMessageBuilder
Builder for StatusMessage objects. |
private SAMLObjectBuilder<Subject> |
subjectBuilder
Builder of Subject objects. |
private SAMLObjectBuilder<SubjectConfirmation> |
subjectConfirmationBuilder
Builder of SubjectConfirmation objects. |
| Constructor Summary | |
|---|---|
AbstractSAML1ProfileHandler()
Default constructor. |
|
| Method Summary | |
|---|---|
protected Assertion |
buildAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
org.joda.time.DateTime issueInstant)
Builds a basic assertion with its id, issue instant, SAML version, issuer, subject, and conditions populated. |
protected AttributeStatement |
buildAttributeStatement(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
String subjectConfMethod)
Executes a query for attributes and builds a SAML attribute statement from the results. |
protected Conditions |
buildConditions(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
org.joda.time.DateTime issueInstant)
Builds a SAML assertion condition set. |
protected Response |
buildErrorResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Constructs an SAML response message carrying a request error. |
protected NameIdentifier |
buildNameId(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Builds a NameIdentifier appropriate for this request. |
protected Response |
buildResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
List<Statement> statements)
Builds a response to the attribute query within the request context. |
protected Status |
buildStatus(QName topLevelCode,
QName secondLevelCode,
String failureMessage)
Build a status message, with an optional second-level failure message. |
protected Subject |
buildSubject(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
String confirmationMethod)
Builds the SAML subject for the user for the service provider. |
protected void |
checkSamlVersion(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Checks that the SAML major version for a request is 1. |
protected boolean |
isSignAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Determine whether issued assertions should be signed. |
protected void |
populateRequestContext(BaseSAMLProfileRequestContext requestContext)
Populates the request context with information. |
protected void |
populateStatusResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
ResponseAbstractType response)
Populates the response's id, in response to, issue instant, version, and issuer properties. |
protected void |
populateUserInformation(BaseSAMLProfileRequestContext requestContext)
Populates the request context with the information about the user. |
protected void |
resolveAttributes(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Resolved the attributes for the principal. |
protected void |
resolvePrincipal(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
Resolves the principal name of the subject of the request. |
protected void |
signAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
Assertion assertion)
Signs the given assertion if either the current profile configuration or the relying party configuration contains signing credentials. |
protected void |
writeAuditLogEntry(BaseSAMLProfileRequestContext context)
Writes an audit log entry indicating the successful response to the attribute request. |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler |
|---|
getBuilderFactory, getParserPool, getProfileConfiguration, getProfileId, getRelyingPartyConfigurationManager, getSessionManager, getStorageService, setParserPool, setRelyingPartyConfigurationManager, setSessionManager, setStorageService |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler |
|---|
getRequestPaths, setRequestPaths |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Methods inherited from interface edu.internet2.middleware.shibboleth.common.profile.ProfileHandler |
|---|
processRequest |
| Field Detail |
|---|
public static final SAMLVersion SAML_VERSION
private static org.slf4j.Logger log
private SAMLObjectBuilder<Response> responseBuilder
private SAMLObjectBuilder<Assertion> assertionBuilder
private SAMLObjectBuilder<Conditions> conditionsBuilder
private SAMLObjectBuilder<AudienceRestrictionCondition> audienceRestrictionConditionBuilder
private SAMLObjectBuilder<Audience> audienceBuilder
private SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder
private SAMLObjectBuilder<ConfirmationMethod> confirmationMethodBuilder
private SAMLObjectBuilder<Subject> subjectBuilder
private SAMLObjectBuilder<Status> statusBuilder
private SAMLObjectBuilder<StatusCode> statusCodeBuilder
private SAMLObjectBuilder<StatusMessage> statusMessageBuilder
private XMLObjectBuilder<Signature> signatureBuilder
| Constructor Detail |
|---|
public AbstractSAML1ProfileHandler()
| Method Detail |
|---|
protected void populateRequestContext(BaseSAMLProfileRequestContext requestContext)
throws ProfileException
populateRequestContext in class AbstractSAMLProfileHandlerrequestContext - current request context
ProfileException - thrown if there is a problem looking up the relying party's metadataprotected void populateUserInformation(BaseSAMLProfileRequestContext requestContext)
populateUserInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
protected void checkSamlVersion(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
throws ProfileException
requestContext - current request context containing the SAML message
ProfileException - thrown if the major version of the SAML request is not 1
protected Response buildResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
List<Statement> statements)
throws ProfileException
requestContext - current request contextstatements - the statements to include in the response
ProfileException - thrown if there is a problem creating the SAML response
protected Assertion buildAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
org.joda.time.DateTime issueInstant)
requestContext - current request contextissueInstant - time to use as assertion issue instant
protected Conditions buildConditions(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
org.joda.time.DateTime issueInstant)
requestContext - current request contextissueInstant - timestamp the assertion was created
protected Subject buildSubject(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
String confirmationMethod)
throws ProfileException
requestContext - current request contextconfirmationMethod - subject confirmation method used for the subject
ProfileException - thrown if a NameID can not be created either because there was a problem encoding the
name ID attribute or because there are no supported name formats
protected NameIdentifier buildNameId(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
throws ProfileException
requestContext - current request context
ProfileException - thrown if a NameIdentifier can not be created either because there was a problem
encoding the name ID attribute or because there are no supported name formatsprotected Response buildErrorResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
requestContext - current request context containing the failure status
protected void populateStatusResponse(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
ResponseAbstractType response)
requestContext - current request contextresponse - the response to populate
protected Status buildStatus(QName topLevelCode,
QName secondLevelCode,
String failureMessage)
topLevelCode - top-level status codesecondLevelCode - second-level status codefailureMessage - An optional second-level failure message
protected void resolveAttributes(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
throws ProfileException
requestContext - current request context
ProfileException - thrown if there is a problem resolving the attributes for the subject.
protected AttributeStatement buildAttributeStatement(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
String subjectConfMethod)
throws ProfileException
requestContext - current request contextsubjectConfMethod - subject confirmation method
ProfileException - thrown if there is a problem making the query
protected void resolvePrincipal(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
throws ProfileException
requestContext - current request context
ProfileException - thrown if the principal name can not be resolved
protected void signAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext,
Assertion assertion)
throws ProfileException
requestContext - current request contextassertion - assertion to sign
ProfileException - thrown if the metadata can not be located for the relying party or, if signing is
required, if a signing credential is not configured
protected boolean isSignAssertion(BaseSAML1ProfileRequestContext<?,?,?> requestContext)
throws ProfileException
requestContext - the current request context
ProfileException - if there is a problem determining whether assertions should be signedprotected void writeAuditLogEntry(BaseSAMLProfileRequestContext context)
writeAuditLogEntry in class AbstractSAMLProfileHandlercontext - current request context
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||