net.shibboleth.idp.saml.saml2.profile.delegation.impl

Class PopulateLibertyContext

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>

org.opensaml.profile.action.AbstractConditionalProfileAction<InboundMessageType,OutboundMessageType>

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateLibertyContext

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, org.opensaml.profile.action.ProfileAction, org.springframework.beans.factory.Aware, org.springframework.context.MessageSource, org.springframework.context.MessageSourceAware, org.springframework.webflow.execution.Action

@Prototype
public class PopulateLibertyContext
extends AbstractProfileAction

Locate a pre-validated Assertion WS-Security token, and populate the LibertySSOSContext.

The default token strategy is to resolve the first instance of SAML20AssertionToken present in the inbound WSSecurityContext which has a validation status of Token.ValidationStatus.VALID

Event:

AuthnEventIds.NO_CREDENTIALS

Precondition:

assertionTokenStrategy.apply() != null

Postcondition:

profileRequestContext.getSubcontext(LibertySSOSContext.class) != null

,

LibertySSOSContext.getAttestedToken() != null

,

LibertySSOSContext.getAttestedSubjectConfirmationMethod != null

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
class	PopulateLibertyContext.TokenStrategy Default strategy for resolving the assertion token to process.

Field Summary

Fields

Modifier and Type	Field and Description
private org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken	assertionToken The SAML 2 Assertion token being processed.
private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken>	assertionTokenStrategy Function used to resolve the assertion token to process.
private Function<org.opensaml.profile.context.ProfileRequestContext,LibertySSOSContext>	libertyContextLookupStrategy Function used to resolve the Liberty context to populate.
private org.slf4j.Logger	log Logger.
private LibertySSOSContext	ssosContext Liberty context to populate.

Constructor Summary

Constructors

Constructor and Description
PopulateLibertyContext() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected void	doExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
protected boolean	doPreExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
void	setAssertionTokenStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken> strategy) Set the strategy used to locate the requester ID for canonicalization.
void	setLibertyContextLookupStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,LibertySSOSContext> strategy) Set the strategy used to locate the LibertySSOSContext to populate.

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

private org.slf4j.Logger log

Logger.

assertionTokenStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken> assertionTokenStrategy

Function used to resolve the assertion token to process.

libertyContextLookupStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,LibertySSOSContext> libertyContextLookupStrategy

Function used to resolve the Liberty context to populate.

assertionToken

private org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken assertionToken

The SAML 2 Assertion token being processed.

ssosContext

private LibertySSOSContext ssosContext

Liberty context to populate.

Constructor Detail

PopulateLibertyContext

public PopulateLibertyContext()

Constructor.

Method Detail

setLibertyContextLookupStrategy

public void setLibertyContextLookupStrategy(@Nonnull
                                   Function<org.opensaml.profile.context.ProfileRequestContext,LibertySSOSContext> strategy)

Set the strategy used to locate the LibertySSOSContext to populate.

Parameters:

strategy - lookup strategy

setAssertionTokenStrategy

public void setAssertionTokenStrategy(@Nonnull
                             Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken> strategy)

Set the strategy used to locate the requester ID for canonicalization.

Parameters:

strategy - lookup strategy

doPreExecute

protected boolean doPreExecute(@Nonnull
                   org.opensaml.profile.context.ProfileRequestContext profileRequestContext)

Overrides:

doPreExecute in class org.opensaml.profile.action.AbstractConditionalProfileAction

doExecute

protected void doExecute(@Nonnull
             org.opensaml.profile.context.ProfileRequestContext profileRequestContext)

Overrides:

doExecute in class org.opensaml.profile.action.AbstractProfileAction