All Classes (Shibboleth IdP :: SAML Profile Implementation 4.2.1 API)

All Classes Interface Summary Class Summary
Class	Description
AbstractPersistentIdDataConnector	The basis of a `DataConnector` that handles persistent IDs that depend on a source `IdPAttribute`.
AbstractProxyRestrictionAuditExtractor<T>	Base class for `Function` that returns content from the `ProxyRestriction` element.
AbstractScopingAuditExtractor<T>	Base class for `Function` that returns content from the `Scoping` element from an `AuthnRequest`.
AddAttributeStatementToAssertion	Action that builds an `AttributeStatement` and adds it to an `Assertion` returned by a lookup strategy, by default in the `InOutOperationContext.getOutboundMessageContext()`.
AddAttributeStatementToAssertion	Action that builds an `AttributeStatement` and adds it to an `Assertion` returned by a lookup strategy, by default in the `InOutOperationContext.getOutboundMessageContext()`.
AddAuthenticationStatementToAssertion	Action that builds an `AuthenticationStatement` and adds it to an `Assertion` returned by a lookup strategy, by default in the `InOutOperationContext.getOutboundMessageContext()`.
AddAuthnRequest	Action that creates an `AuthnRequest` and sets it as the message returned by `InOutOperationContext.getOutboundMessageContext()`.
AddAuthnStatementToAssertion	Action that builds an `AuthnStatement` and adds it to an `Assertion` returned by a lookup strategy, by default in the `InOutOperationContext.getOutboundMessageContext()`.
AddAuthnStatementToAssertionFromInboundAssertionToken	Action that builds an `AuthnStatement` and adds it to an `Assertion` returned by a lookup strategy, by default in the `InOutOperationContext.getOutboundMessageContext()`.
AddDelegationPolicyToAssertion	Action which adds a `DelegationPolicy` element to the `Advice` of an `Assertion`.
AddDelegationRestrictionToAssertions	Action which adds a `DelegationRestrictionType` `Condition` to each `Assertion` contained within the outbound `Response`.
AddFrameworkHandler	Handler implementation that adds a Liberty sbf:Framework header to the outbound SOAP envelope.
AddLogoutRequest	Action that creates a `LogoutRequest` based on an `SAML2SPSession` in a `LogoutPropagationContext` and sets it as the message returned by `InOutOperationContext.getOutboundMessageContext()`.
AddSenderHandler	Handler implementation that adds a Liberty sb:Sender header to the outbound SOAP envelope.
AddSenderHandler.SAMLSelfEntityIDLookupFunction	Function to return the SAML self entityID from the MessageContext.
AssertionIDAuditExtractor	`Function` that returns the ID attribute from the assertions in a response.
AssertionInstantAuditExtractor	`Function` that returns the IssueInstant attribute from the assertions in a response.
AttributeMappingNodeProcessor	An implementation of `MetadataNodeProcessor` which extracts `IdPRequestedAttribute`s from any `AttributeConsumingService` we find and `IdPAttribute`s from any `EntityDescriptor` that we find.
AttributeSourcedSAML1NameIdentifierGenerator	Generator for `NameIdentifier` objects based on `IdPAttribute` data.
AttributeSourcedSAML2NameIDGenerator	Generator for `NameID` objects based on `IdPAttribute` data.
AuthnContextAuditExtractor	`Function` that returns the first AuthenticationMethod, AuthnContextCLassRef, or AuthnContextDeclRef from an assertions in a response.
AuthnInstantAuditExtractor	`Function` that returns the first authentication timestamp from an assertions in a response.
BaseAddAttributeStatementToAssertion<T extends SAMLObject>	Base class for actions that encode an `AttributeContext` into a SAML attribute statement.
BaseAddAuthenticationStatementToAssertion	Base class for actions that encode authentication information into a SAML 1 or SAML 2 statement.
BaseCryptoTransientDecoder	An abstract action which contains the logic to do crypto transient decoding matching.
BaseIdPInitiatedSSORequestMessageDecoder	Decodes an incoming Shibboleth Authentication Request message.
BaseTransformingDecoder	Regular expression, etc.
BaseTransientDecoder	An abstract action which contains the logic to do transient decoding matching (shared between SAML2 and SAML1).
BestMatchLocationLookupStrategy	A strategy function for establishing an appropriate `BestMatchLocationCriterion` based on the `AssertionConsumerService` location used to initiate a `SAML2SPSession`.
ByReferenceMetadataFilterBridge	This is a bridge filter that uses Spring to locate extant `ByReferenceMetadataFilter` objects to run.
ContinueSAMLAuthentication	An action that checks for an `ExternalAuthenticationContext` for a signaled event via the `ExternalAuthenticationContext.getAuthnError()` method, and otherwise enforces the presence of an inbound SAML Response to process.
CryptoTransientIdGenerationStrategy	Generates transients using a `DataSealer` to encrypt the result into a recoverable value, for use with stateless clustering.
CryptoTransientNameIDDecoder	Processes a transient `NameID`, checks that its `NameIDType.getNameQualifier()` and `NameIDType.getSPNameQualifier()` are correct, and decodes `XSString.getValue()` via the base class (reversing the work done by `CryptoTransientIdGenerationStrategy`).
CryptoTransientNameIdentifierDecoder	Processes a transient `NameIdentifier`, checks that its `NameIdentifier.getNameQualifier()` is correct, and decodes `XSString.getValue()` via the base class (reversing the work done by `CryptoTransientIdGenerationStrategy`).
DecorateDelegatedAssertion	A profile action which decorates instances of `Assertion` appropriately for use as delegation tokens.
DecorateDelegatedAssertion.LibertySSOSEndpointURLStrategy	Strategy that builds the SSOS endpoint URL based on the current HTTP request using default values for scheme, port and URI path suffix.
DelegatedAssertionLookupStrategy	Lookup function to return the valid delegated assertion token in effect for the Liberty SSOS request.
DelegationPolicyBuilder	Builder of `DelegationPolicy` objects.
DelegationPolicyImpl	Implementation of `DelegationPolicy`.
DelegationPolicyMarshaller	Marshaller for `DelegationPolicy`.
DelegationPolicyUnmarshaller	Unmarshaller for `DelegationPolicy`.
EncryptionAlgorithmAuditExtractor	`Function` that returns the data encryption algorithm used.
EvaluateDelegationPolicy	Action which implements policy controls to decide whether an SSO request based on a delegated `Assertion` token is allowed to proceed.
ExtractSubjectFromRequest	Action that extracts a SAML Subject from an inbound message, and prepares a `SubjectCanonicalizationContext` to process it into a principal identity.
ExtractSubjectFromRequest.SubjectNameLookupFunction	Lookup function that returns the `NameIdentifier` or `NameID` from the request in the inbound message context.
FilterByQueriedAttributeDesignators	Action that filters a set of attributes against the `AttributeDesignator` objects in an `AttributeQuery`.
FilterByQueriedAttributes	Action that filters a set of attributes against the `Attribute` objects in an `AttributeQuery`.
FinalizeSAMLSubjectCanonicalization	An action that runs after a completed canonicalization of a SAML Subject and transfers information into a `SubjectContext` child of the `ProfileRequestContext`.
FinalizeSAMLTokenProcessing	Post-process the results of `Assertion` token subject canonicalization.
ForceAuthnAuditExtractor	`Function` that returns the ForceAuthn attribute from an `AuthnRequest`.
IdPInitiatedSSORequest	Object representing a Shibboleth Authentication Request message.
IdPInitiatedSSORequestMessageDecoder	Decodes an incoming Shibboleth Authentication Request message.
IdPInitiatedSSORequestMessageDecoder	Decodes an incoming Shibboleth Authentication Request message.
InitializeAuthenticationContext	An action that creates an `AuthenticationContext` and attaches it to the current `ProfileRequestContext`.
InitializeOutboundMessageContext	Action that adds an outbound `MessageContext` and related SAML contexts to the `ProfileRequestContext` based on the identity of a relying party accessed via a lookup strategy, by default an immediate child of the profile request context.
InitializeOutboundMessageContextForError	Action that prepares an outbound `MessageContext` and related SAML contexts in the event that they are not already prepared, to allow error responses to be generated in the case of synchronous bindings (i.e., SOAP).
InitializeRelyingPartyContextFromSAMLPeer	Message handler that adds a `RelyingPartyContext` to the current `InOutOperationContext` tree via a creation function.
InitializeRelyingPartyContextFromSAMLPeer	Action that adds a `RelyingPartyContext` to the current `ProfileRequestContext` tree via a creation function.
InResponseToAuditExtractor	`Function` that returns the InResponseTo attribute from a response.
IsPassiveAuditExtractor	`Function` that returns the IsPassive attribute from an `AuthnRequest`.
KeyAuthorityBuilder	Builder of `KeyAuthority` objects.
KeyAuthorityImpl	Implementation of `KeyAuthority`.
KeyAuthorityMarshaller	Marshaller for `KeyAuthority`.
KeyAuthorityNodeProcessor	An implementation of `MetadataNodeProcessor` which supports processing the Shibboleth `KeyAuthority` information within a metadata document.
KeyAuthorityUnmarshaller	Unmarshaller for `KeyAuthority`.
LegacyCanonicalization	Deprecated.
LibertyConstants	Liberty-related constants.
LibertyHTTPSOAP11Decoder	Decoder for Liberty ID-WSF 2.0 SOAP 1.1 HTTP binding carrying SAML protocol messages used in SAML delegation.
LibertyHTTPSOAP11Encoder	Encoder for Liberty ID-WSF 2.0 SOAP 1.1 HTTP binding carrying SAML protocol messages used in SAML delegation.
MapDrivenAuthnContextTranslationStrategy	Implements a set of default logic for mapping an `AuthnContext`'s content into a set of custom Principals based on a set of static mapping rules.
MapRequestedAttributesInAttributeConsumingService	Action that ensures that the attributes in the ACS (if any) are mapped.
MetadataPKIXValidationInformationResolver	An implementation of `PKIXValidationInformationResolver` which resolves `PKIXValidationInformation` based on information stored in SAML 2 metadata.
MetadataProtocolAuditExtractor	`Function` that returns the Metadata protocol (as defined by the bean called `shibboleth.MetadataLookup.Protocol`).
MetadataResolverServiceGaugeSet	Additional gauges for metadata resolvers.
NameIDAuditExtractor	`Function` that returns the Name Identifier from a request or response.
NameIDCanonicalization	Action to perform subject canonicalization, transforming the input `Subject` into a principal name by searching for one and only one `NameIDPrincipal` custom principal, using an injected `NameIDDecoder` to carry out the process.
NameIDCanonicalization.ActivationCondition	A predicate that determines if this action can run or not.
NameIdentifierCanonicalization	Action to perform subject canonicalization, transforming the input `Subject` into a principal name by searching for one and only one `NameIdentifierPrincipal` custom principal, using an injected `NameIdentifierDecoder` to carry out the process.
NameIdentifierCanonicalization.ActivationCondition	A predicate that determines if this action can run or not.
NameIdentifierGenerationServiceImpl	Implementation of `NameIdentifierGenerationService`.
NameIDFormatAuditExtractor	`Function` that returns the Name Identifier Format from a SAML Subject.
NameIDPolicyFormatAuditExtractor	`Function` that returns the NameID Format from a NameIDPolicy element.
NameIDPolicySPNameQualifierAuditExtractor	`Function` that returns the SPNameQualifier from a NameIDPolicy element.
NameIDPrincipalSerializer	Principal serializer for `NameIDPrincipal`.
PersistentSAML2NameIDGenerator	Generator for "persistent" Format `NameID` objects that provides a source/seed ID based on `IdPAttribute` data.
PopulateBindingAndEndpointContexts	Action that populates the outbound `SAMLBindingContext` and when appropriate the `SAMLEndpointContext` based on the inbound request.
PopulateDelegationContext	A profile action which determines whether issuance of a delegated `Assertion` token is active, and populates a `DelegationContext` appropriately.
PopulateEncryptionParameters	Action that resolves and populates `EncryptionParameters` on an `EncryptionContext` created/accessed via a lookup function, by default on a `RelyingPartyContext` child of the profile request context.
PopulateInboundMessageContextWithSAMLSelf	Action that adds a `SAMLSelfEntityContext` to the inbound `MessageContext`
PopulateLibertyContext	Locate a pre-validated `Assertion` WS-Security token, and populate the `LibertySSOSContext`.
PopulateOutboundMessageContext	Populate the outbound message context with data that is specific to the delegation flow.
PrepareInboundMessageContext	Action that adds an inbound `MessageContext` and a `SAMLPeerEntityContext` to the `ProfileRequestContext` based on the identity of a relying party, by default from a `SAML2SPSession` found in a `LogoutPropagationContext`.
PreProcessLogoutMessage	Profile action that performs initial analysis of a `LogoutRequest` or `LogoutResponse` to dispatch it for subsequent processing.
ProcessAssertionsForAuthentication	Perform processing of a SAML 2 Response's Assertions that have been validated by earlier actions for use in finalization of SAML-based authentication by later actions.
ProcessDelegatedAssertion	Process the pre-validated inbound `Assertion` WS-Security token, and set up the resulting `NameID` for subject canonicalization as the effective subject of the request.
ProcessFrameworkHandler	Handler implementation that handles sbf:Framework header on the inbound SOAP envelope.
ProcessLogoutRequest	Profile action that processes a `LogoutRequest` by resolving matching sessions, and destroys them, populating the associated `SPSession` objects (excepting the one initiating the logout) into a `LogoutContext`.
ProcessRequestedAuthnContext	An authentication action that processes the `RequestedAuthnContext` in a SAML 2 `AuthnRequest`, and populates a `RequestedPrincipalContext` with the corresponding information.
ProcessSenderHandler	Handler implementation that handles the sb:Sender header on the inbound SOAP envelope.
ProxyAudienceAuditExtractor	`Function` that returns `ProxyRestriction.getAudiences()`.
ProxyCountAuditExtractor	`Function` that returns `ProxyRestriction.getProxyCount()`.
ProxySAML1NameIdentifierGenerator	A compound implementation of the `SAML1NameIdentifierGenerator` interface that wraps a sequence of candidate generators along with a default to try if no format-specific options are available.
ProxySAML2NameIDGenerator	A compound implementation of the `SAML2NameIDGenerator` interface that wraps a sequence of candidate generators along with a default to try if no format-specific options are available.
ReloadingRelyingPartyMetadataProvider	This class uses the service interface to implement `MetadataResolver`.
ReloadMetadata	Action that refreshes or clears a `MetadataResolver` manually.
RelyingPartyConfigurationSupport	Support functions for building `RelyingPartyConfiguration` objects with SAML functionality.
SAML1ByteAttributeTranscoder	`AttributeTranscoder` that supports `AttributeDesignator` and `ByteAttributeValue` objects.
SAML1NameIdentifierAttributeDefinition	Deprecated, for removal: This API element is subject to removal in a future version.
SAML1ScopedStringAttributeTranscoder	`AttributeTranscoder` that supports `AttributeDesignator` and `ScopedStringAttributeValue` objects.
SAML1SPSessionCreationStrategy	A function to create a `SAML1SPSession` based on profile execution state.
SAML1SPSessionSerializer	A serializer for `SAML1SPSession` objects.
SAML1StringAttributeTranscoder	`AttributeTranscoder` that supports `AttributeDesignator` and `StringAttributeValue` objects.
SAML1XMLObjectAttributeTranscoder	`AttributeTranscoder` that supports `AttributeDesignator` and `XMLObjectAttributeValue` objects.
SAML2ByteAttributeTranscoder	`AttributeTranscoder` that supports `Attribute` and `ByteAttributeValue` objects.
SAML2NameIDAttributeDefinition	Deprecated, for removal: This API element is subject to removal in a future version.
SAML2ScopedStringAttributeTranscoder	`AttributeTranscoder` that supports `Attribute` and `ScopedStringAttributeValue` objects.
SAML2SPSessionCreationStrategy	A function to create a `SAML2SPSession` based on profile execution state.
SAML2SPSessionSerializer	A serializer for `SAML2SPSession` objects.
SAML2StringAttributeTranscoder	`AttributeTranscoder` that supports `Attribute` and `StringAttributeValue` objects.
SAML2XMLObjectAttributeTranscoder	`AttributeTranscoder` that supports `Attribute` and `XMLObjectAttributeValue` objects.
SAMLAuthnContext	Manages state during proxied SAML authentication.
SAMLAuthnController	MVC controller that handles outbound and inbound message I/O for proxied SAML authentication.
SAMLRelyingPartyIdLookupStrategy	A lookup strategy that returns a SAML entityID if the `RelyingPartyContext` contains a reference to a `SAMLPeerEntityContext` or `SAMLSelfEntityContext`.
SAMLSOAPDecoderBodyHandler	Body handler impl for use with SAML SOAP message decoders.
SAMLVerificationLookupStrategy	A lookup strategy that returns true iff the `RelyingPartyContext` contains a reference to a `SAMLPeerEntityContext` or `SAMLSelfEntityContext` that contains a `SAMLMetadataContext` such that `SAMLMetadataContext.getEntityDescriptor()` is non-null.
ScopeBuilder	Builder of `Scope` objects.
ScopedValueBuilder	Builder of `ScopedValue` objects.
ScopedValueImpl	Concrete implementation of `ScopedValue`.
ScopedValueMarshaller	Marshaller of `ScopedValue` objects.
ScopedValueUnmarshaller	Unmarshaller for `ScopedValue` objects.
ScopeImpl	Implementation of `Scope`.
ScopeMarshaller	Marshaller for `Scope`.
ScopesNodeProcessor	An implementation of `MetadataNodeProcessor` which extracts `Scope`s from any `AttributeConsumingService` or `EntityDescriptor`.
ScopeUnmarshaller	Unmarshaller for `Scope`.
ScopingIdPListAuditExtractor	`Function` that returns `Scoping.getIDPList()` from an `AuthnRequest`.
ScopingProxyCountAuditExtractor	`Function` that returns `Scoping.getProxyCount()` from an `AuthnRequest`.
ScopingRequesterListAuditExtractor	`Function` that returns `Scoping.getRequesterIDs()` from an `AuthnRequest`.
SessionIndexAuditExtractor	`Function` that returns SessionIndex values from assertions in a response or a logout request.
SOAPLogoutRequest	Profile action that propagates a prepared `LogoutRequest` message to an SP via the SOAP binding, encapsulating SOAP pipeline construction and execution.
SPNameQualifierAuditExtractor	`Function` that returns the SPNameQualifier from a SAML Subject.
SpringAwareMessageDecoderFactory	A function that returns the correct `MessageDecoder` to use based on a simple map of strings to bean IDs.
SpringAwareMessageEncoderFactory	A function that returns the correct `MessageEncoder` to use based on an underlying `BindingDescriptor`.
StatusCodeAuditExtractor	`Function` that returns the StatusCode from a response.
StatusMessageAuditExtractor	`Function` that returns the StatusMessage from a response.
StoredPersistentIdDecoder	An abstract decoder which contains the logic to decode SAML persistent IDs that are managed with a `DurablePairwiseIdStore`.
StoredTransientIdGenerationStrategy	Generates transients using a `StorageService` to manage the reverse mappings.
SubStatusCodeAuditExtractor	`Function` that returns the lower-level StatusCode(s) from a response.
TransformingNameIDDecoder	Transform from a `NameID`.
TransformingNameIdentifierDecoder	Transform from a `NameIdentifier`.
TransientIdGenerationStrategy	Generates and manages transient identifiers according to specific strategies.
TransientIdParameters	The Parameters we need to store in, and get out of a transient ID, namely the attribute recipient (aka the SP) and the principal.
TransientNameIDDecoder	Decodes `XSString.getValue()` via the base class (reversing the work done by `TransientSAML2NameIDGenerator`).
TransientNameIdentifierDecoder	Decodes `XSString.getValue()` via the base class (reversing the work done by `TransientSAML1NameIdentifierGenerator`).
TransientSAML1NameIdentifierGenerator	Generator for transient `NameIdentifier` objects.
TransientSAML2NameIDGenerator	Generator for transient `NameID` objects.
UIInfoNodeProcessor	An implementation of `MetadataNodeProcessor` which processes any `UIInfo`s into an `IdPUIInfo` and processes any `AttributeConsumingService` into an `ACSUIInfo`.
UpdateSAMLSelfEntityContext	Action that updates inbound and/or outbound instances of `SAMLSelfEntityContext` based on the identity of a relying party accessed via a lookup strategy, by default an immediate child of the profile request context.
ValidateSAMLAuthentication	An action that produces an `AuthenticationResult` based on an inbound SAML 2.0 SSO response.
WriteFTICKSLog	Action that produces F-TICKS log entries for successful SAML SSO responses.
XMLObjectProviderInitializer	XMLObject provider initializer for providers from OpenLiberty used in delegation.
XMLObjectProviderInitializer	XMLObject provider initializer for module "saml-impl".