edu.internet2.middleware.shibboleth.idp.profile.saml2
Class ArtifactResolution

java.lang.Object
  extended by edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>
      extended by edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
          extended by edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
              extended by edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
                  extended by edu.internet2.middleware.shibboleth.idp.profile.saml2.ArtifactResolution
All Implemented Interfaces:
edu.internet2.middleware.shibboleth.common.profile.ProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>

public class ArtifactResolution
extends AbstractSAML2ProfileHandler

SAML 2.0 Artifact resolution profile handler.


Nested Class Summary
 class ArtifactResolution.ArtifactResolutionRequestContext
          Represents the internal state of a SAML 2.0 Artiface resolver request while it's being processed by the IdP.
 
Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
AbstractSAML2ProfileHandler.SAML2AuditLogEntry
 
Field Summary
 
Fields inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
SAML_VERSION
 
Constructor Summary
ArtifactResolution(org.opensaml.common.binding.artifact.SAMLArtifactMap map)
          Constructor.
 
Method Summary
protected  org.opensaml.saml2.core.ArtifactResponse buildArtifactErrorResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
          Constructs an artifact resolution response with an error status as content.
protected  org.opensaml.saml2.core.ArtifactResponse buildArtifactResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
          Constructs a artifact resolution response with the derferenced SAML message inside.
protected  ArtifactResolution.ArtifactResolutionRequestContext decodeRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
          Decodes an incoming request and populates a created request context with the resultant information.
 String getProfileId()
          
protected  void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information about the asserting party.
protected  void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information about the relying party.
protected  void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information from the inbound SAML message.
 void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
          
protected  org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Selects the appropriate endpoint for the relying party and stores it in the request context.
 
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
buildAssertion, buildAttributeStatement, buildConditions, buildEntityIssuer, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, buildSubjectConfirmation, checkSamlVersion, getEncrypter, getKeyEncryptionCredential, populateRequestContext, populateStatusResponse, populateUserInformation, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry
 
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
encodeResponse, getAduitLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getMessageDecoders, getMessageEncoders, getMetadataProvider, getNameFormats, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedOutboundBindings, getUserSession, getUserSession, populateProfileInformation, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler
getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, setParserPool, setRelyingPartyConfigurationManager, setSessionManager
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler
getRequestPaths, setRequestPaths
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ArtifactResolution

public ArtifactResolution(org.opensaml.common.binding.artifact.SAMLArtifactMap map)
Constructor.

Parameters:
map - ArtifactMap used to lookup artifacts to be resolved.
Method Detail

getProfileId

public String getProfileId()

Specified by:
getProfileId in class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>

processRequest

public void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
                           org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
                    throws edu.internet2.middleware.shibboleth.common.profile.ProfileException

Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException

decodeRequest

protected ArtifactResolution.ArtifactResolutionRequestContext decodeRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
                                                                            org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
                                                                     throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Decodes an incoming request and populates a created request context with the resultant information.

Parameters:
inTransport - inbound message transport
outTransport - outbound message transport
Returns:
the created request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - throw if there is a problem decoding the request

populateRelyingPartyInformation

protected void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                        throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information about the relying party. This method requires the the following request context properties to be populated: peer entity ID This methods populates the following request context properties: peer entity metadata, relying party configuration

Overrides:
populateRelyingPartyInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the relying party's metadata

populateAssertingPartyInformation

protected void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                          throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information about the asserting party. Unless overridden, AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext) has already been invoked and the properties it provides are available in the request context. This method requires the the following request context properties to be populated: metadata provider, relying party configuration This methods populates the following request context properties: local entity ID, outbound message issuer, local entity metadata

Overrides:
populateAssertingPartyInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the asserting party's metadata

populateSAMLMessageInformation

protected void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                       throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information from the inbound SAML message. This method requires the the following request context properties to be populated: inbound saml message This methods populates the following request context properties: subject name identifier

Specified by:
populateSAMLMessageInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the inbound SAML message or subject identifier is null

selectEndpoint

protected org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Selects the appropriate endpoint for the relying party and stores it in the request context.

Specified by:
selectEndpoint in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Returns:
Endpoint selected from the information provided in the request context

buildArtifactResponse

protected org.opensaml.saml2.core.ArtifactResponse buildArtifactResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
Constructs a artifact resolution response with the derferenced SAML message inside.

Parameters:
requestContext - current request context
Returns:
constructed response

buildArtifactErrorResponse

protected org.opensaml.saml2.core.ArtifactResponse buildArtifactErrorResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
Constructs an artifact resolution response with an error status as content.

Parameters:
requestContext - current request context
Returns:
constructed response


Copyright © 2006-2008 Internet2. All Rights Reserved.