ProcessRequestedAuthnContext (Shibboleth IdP :: SAML Profile Implementation 3.3.2 API)

java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>
  - - org.opensaml.profile.action.AbstractConditionalProfileAction<InboundMessageType,OutboundMessageType>
    - - net.shibboleth.idp.profile.AbstractProfileAction<InboundMessageType,OutboundMessageType>
      - net.shibboleth.idp.authn.AbstractAuthenticationAction
        
        net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, org.opensaml.profile.action.ProfileAction, org.springframework.beans.factory.Aware, org.springframework.context.MessageSource, org.springframework.context.MessageSourceAware, org.springframework.webflow.execution.Action
```
public class ProcessRequestedAuthnContext
extends AbstractAuthenticationAction
```
An authentication action that processes the RequestedAuthnContext in a SAML 2 AuthnRequest, and populates a RequestedPrincipalContext with the corresponding information.
If this feature is disallowed by profile configuration, then an error event is signaled.

Each requested context class or declaration reference is translated into a custom Principal for use by the authentication subsystem to drive flow selection.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

Postcondition:

ProfileRequestContext.

Field Summary

Fields
Modifier and Type	Field and Description
`private org.opensaml.saml.saml2.core.AuthnRequest`	`authnRequest` The request message to read from.
`private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.AuthnRequest>`	`authnRequestLookupStrategy` Lookup strategy function for obtaining `AuthnRequest`.
`private Set<String>`	`ignoredContexts` Context URIs to ignore in a request.
`private org.slf4j.Logger`	`log` Class logger.
`private Function<org.opensaml.profile.context.ProfileRequestContext,RelyingPartyContext>`	`relyingPartyContextLookupStrategy` Strategy used to look up a `RelyingPartyContext` for configuration options.

Constructor Summary

Constructors
Constructor and Description

ProcessRequestedAuthnContext()
Constructor.

Constructors
Constructor and Description
`ProcessRequestedAuthnContext()` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected void`	`doExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)`
`protected boolean`	`doPreExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)`
`void`	`setAuthnRequestLookupStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.AuthnRequest> strategy)` Set the strategy used to locate the `AuthnRequest` to read from.
`void`	`setIgnoredContexts(Collection<String> contexts)` Set the context class or declaration URIs to ignore if found in a request.
`void`	`setRelyingPartyContextLookupStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,RelyingPartyContext> strategy)` Set the strategy used to return the `RelyingPartyContext` for configuration options.

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doPreExecute, setLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

relyingPartyContextLookupStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,RelyingPartyContext> relyingPartyContextLookupStrategy

Strategy used to look up a RelyingPartyContext for configuration options.

authnRequestLookupStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.AuthnRequest> authnRequestLookupStrategy

Lookup strategy function for obtaining AuthnRequest.

ignoredContexts

@Nonnull
@NonnullElements
private Set<String> ignoredContexts

Context URIs to ignore in a request.

authnRequest

@Nullable
private org.opensaml.saml.saml2.core.AuthnRequest authnRequest

The request message to read from.

Constructor Detail
- ProcessRequestedAuthnContext
```
public ProcessRequestedAuthnContext()
```
  Constructor.

Method Detail

setRelyingPartyContextLookupStrategy

public void setRelyingPartyContextLookupStrategy(@Nonnull
                                        Function<org.opensaml.profile.context.ProfileRequestContext,RelyingPartyContext> strategy)

Set the strategy used to return the RelyingPartyContext for configuration options.

Parameters:: strategy - lookup strategy
Since:: 3.3.0

setAuthnRequestLookupStrategy

public void setAuthnRequestLookupStrategy(@Nonnull
                                 Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.AuthnRequest> strategy)

Set the strategy used to locate the AuthnRequest to read from.

Parameters:: strategy - lookup strategy

setIgnoredContexts
```
public void setIgnoredContexts(@Nonnull@NonnullElements
                      Collection<String> contexts)
```
Set the context class or declaration URIs to ignore if found in a request.
This defaults to only AuthnContext.UNSPECIFIED_AUTHN_CTX.

Parameters:
contexts - contexts to ignore

doPreExecute

protected boolean doPreExecute(@Nonnull
                   org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                   @Nonnull
                   AuthenticationContext authenticationContext)

Overrides:: doPreExecute in class AbstractAuthenticationAction

doExecute

protected void doExecute(@Nonnull
             org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
             @Nonnull
             AuthenticationContext authenticationContext)

Overrides:: doExecute in class AbstractAuthenticationAction

Class ProcessRequestedAuthnContext

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent