edu.internet2.middleware.shibboleth.idp.profile.saml2
Class ArtifactResolution

java.lang.Object
  extended by edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>
      extended by edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
          extended by edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
              extended by edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
                  extended by edu.internet2.middleware.shibboleth.idp.profile.saml2.ArtifactResolution
All Implemented Interfaces:
edu.internet2.middleware.shibboleth.common.profile.ProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>

public class ArtifactResolution
extends AbstractSAML2ProfileHandler

SAML 2.0 Artifact resolution profile handler.


Nested Class Summary
 class ArtifactResolution.ArtifactResolutionRequestContext
          Represents the internal state of a SAML 2.0 Artifact resolver request while it's being processed by the IdP.
 
Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
AbstractSAML2ProfileHandler.SAML2AuditLogEntry
 
Field Summary
 
Fields inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
SAML_VERSION
 
Constructor Summary
ArtifactResolution(org.opensaml.common.binding.artifact.SAMLArtifactMap map)
          Constructor.
 
Method Summary
protected  org.opensaml.saml2.core.ArtifactResponse buildArtifactErrorResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
          Constructs an artifact resolution response with an error status as content.
protected  org.opensaml.saml2.core.ArtifactResponse buildArtifactResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
          Constructs a artifact resolution response with the derferenced SAML message inside.
protected  void decodeRequest(ArtifactResolution.ArtifactResolutionRequestContext requestContext, org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
          Decodes an incoming request and populates a created request context with the resultant information.
 String getProfileId()
          
protected  void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information about the asserting party.
protected  void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information about the relying party.
protected  void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Populates the request context with information from the inbound SAML message.
 void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
          
protected  org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
          Selects the appropriate endpoint for the relying party and stores it in the request context.
 
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
buildAssertion, buildAttributeStatement, buildConditions, buildEntityIssuer, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, buildSubjectConfirmation, checkSamlVersion, getEncrypter, getKeyEncryptionCredential, isEncryptAssertion, isEncryptNameID, isRequestRequiresEncryptNameID, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, postProcessAssertion, postProcessResponse, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry
 
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
encodeResponse, getAduitLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getInboundMessageDecoder, getMessageDecoders, getMessageEncoders, getMetadataProvider, getNameFormats, getOutboundMessageEncoder, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, populateProfileInformation, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler
getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, setParserPool, setRelyingPartyConfigurationManager, setSessionManager
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler
getRequestPaths, setRequestPaths
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ArtifactResolution

public ArtifactResolution(org.opensaml.common.binding.artifact.SAMLArtifactMap map)
Constructor.

Parameters:
map - ArtifactMap used to lookup artifacts to be resolved.
Method Detail

getProfileId

public String getProfileId()

Specified by:
getProfileId in class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>

processRequest

public void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
                           org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
                    throws edu.internet2.middleware.shibboleth.common.profile.ProfileException

Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException

decodeRequest

protected void decodeRequest(ArtifactResolution.ArtifactResolutionRequestContext requestContext,
                             org.opensaml.ws.transport.http.HTTPInTransport inTransport,
                             org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
                      throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Decodes an incoming request and populates a created request context with the resultant information.

Parameters:
inTransport - inbound message transport
outTransport - outbound message transport
requestContext - request context to which decoded information should be added
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - throw if there is a problem decoding the request

populateRelyingPartyInformation

protected void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                        throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information about the relying party. This method requires the the following request context properties to be populated: peer entity ID This methods populates the following request context properties: peer entity metadata, relying party configuration

Overrides:
populateRelyingPartyInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the relying party's metadata

populateAssertingPartyInformation

protected void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                          throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information about the asserting party. Unless overridden, AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext) has already been invoked and the properties it provides are available in the request context. This method requires the the following request context properties to be populated: metadata provider, relying party configuration This methods populates the following request context properties: local entity ID, outbound message issuer, local entity metadata

Overrides:
populateAssertingPartyInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the asserting party's metadata

populateSAMLMessageInformation

protected void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
                                       throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Populates the request context with information from the inbound SAML message. This method requires the the following request context properties to be populated: inbound saml message This methods populates the following request context properties: subject name identifier

Specified by:
populateSAMLMessageInformation in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Throws:
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the inbound SAML message or subject identifier is null

selectEndpoint

protected org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Selects the appropriate endpoint for the relying party and stores it in the request context.

Specified by:
selectEndpoint in class AbstractSAMLProfileHandler
Parameters:
requestContext - current request context
Returns:
Endpoint selected from the information provided in the request context

buildArtifactResponse

protected org.opensaml.saml2.core.ArtifactResponse buildArtifactResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
Constructs a artifact resolution response with the derferenced SAML message inside.

Parameters:
requestContext - current request context
Returns:
constructed response

buildArtifactErrorResponse

protected org.opensaml.saml2.core.ArtifactResponse buildArtifactErrorResponse(ArtifactResolution.ArtifactResolutionRequestContext requestContext)
Constructs an artifact resolution response with an error status as content.

Parameters:
requestContext - current request context
Returns:
constructed response


Copyright © 2006-2009 Internet2. All Rights Reserved.