|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>
edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler
public class ShibbolethSSOProfileHandler
Shibboleth SSO request profile handler.
Nested Class Summary | |
---|---|
class |
ShibbolethSSOProfileHandler.ShibbolethSSORequestContext
Represents the internal state of a Shibboleth SSO Request while it's being processed by the IdP. |
Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
---|
AbstractSAML1ProfileHandler.SAML1AuditLogEntry |
Field Summary |
---|
Fields inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
---|
SAML_VERSION |
Constructor Summary | |
---|---|
ShibbolethSSOProfileHandler(String authnManagerPath)
Constructor. |
Method Summary | |
---|---|
protected org.opensaml.saml1.core.AuthenticationStatement |
buildAuthenticationStatement(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
Builds the authentication statement for the authenticated principal. |
protected ShibbolethSSOProfileHandler.ShibbolethSSORequestContext |
buildRequestContext(ShibbolethSSOLoginContext loginContext,
org.opensaml.ws.transport.http.HTTPInTransport in,
org.opensaml.ws.transport.http.HTTPOutTransport out)
Creates an authentication request context from the current environmental information. |
protected org.opensaml.saml1.core.SubjectLocality |
buildSubjectLocality(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
Constructs the subject locality for the authentication statement. |
protected void |
completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a response to the Shibboleth SSO and sends the user, with response in tow, back to the relying party after they've been authenticated. |
protected void |
decodeRequest(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext,
org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Decodes an incoming request and populates a created request context with the resultant information. |
String |
getProfileId()
|
protected void |
performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a LoginContext an sends the request off to the AuthenticationManager to begin the process of
authenticating the user. |
protected void |
populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the asserting party. |
protected void |
populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the relying party. |
protected void |
populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information from the inbound SAML message. |
void |
processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
|
protected org.opensaml.saml2.metadata.Endpoint |
selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Selects the appropriate endpoint for the relying party and stores it in the request context. |
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
---|
buildAssertion, buildAttributeStatement, buildConditions, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, checkSamlVersion, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry |
Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler |
---|
encodeResponse, getAduitLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getInboundMessageDecoder, getMessageDecoders, getMessageEncoders, getMetadataProvider, getNameFormats, getOutboundMessageEncoder, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, populateProfileInformation, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings |
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler |
---|
getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, setParserPool, setRelyingPartyConfigurationManager, setSessionManager |
Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler |
---|
getRequestPaths, setRequestPaths |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ShibbolethSSOProfileHandler(String authnManagerPath)
authnManagerPath
- path to the authentication manager servletMethod Detail |
---|
public String getProfileId()
getProfileId
in class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
public void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
edu.internet2.middleware.shibboleth.common.profile.ProfileException
protected void performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
LoginContext
an sends the request off to the AuthenticationManager to begin the process of
authenticating the user.
inTransport
- inbound message transportoutTransport
- outbound message transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if there is a problem creating the login context and transferring control to the
authentication managerprotected void decodeRequest(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext, org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
inTransport
- inbound message transportoutTransport
- outbound message transportrequestContext
- the request context to which decoded information should be added
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- throw if there is a problem decoding the requestprotected void completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport, org.opensaml.ws.transport.http.HTTPOutTransport outTransport) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
inTransport
- inbound message transportoutTransport
- outbound message transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if the response can not be created and sent back to the relying partyprotected ShibbolethSSOProfileHandler.ShibbolethSSORequestContext buildRequestContext(ShibbolethSSOLoginContext loginContext, org.opensaml.ws.transport.http.HTTPInTransport in, org.opensaml.ws.transport.http.HTTPOutTransport out) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
loginContext
- current login contextin
- inbound transportout
- outbount transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if there is a problem creating the contextprotected void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
populateRelyingPartyInformation
in class AbstractSAMLProfileHandler
requestContext
- current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if there is a problem looking up the relying party's metadataprotected void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext)
has already invoked
AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext)
has already been invoked and the
properties it provides are available in the request context.
This method requires the the following request context properties to be populated: metadata provider, relying
party configuration
This methods populates the following request context properties: local entity ID, outbound message issuer, local
entity metadata
populateAssertingPartyInformation
in class AbstractSAMLProfileHandler
requestContext
- current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if there is a problem looking up the asserting party's metadataprotected void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext)
has already invoked
AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext)
,and
AbstractSAMLProfileHandler.populateAssertingPartyInformation(BaseSAMLProfileRequestContext)
have already been invoked and the
properties they provide are available in the request context.
populateSAMLMessageInformation
in class AbstractSAMLProfileHandler
requestContext
- current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if there is a problem populating the request context with informationprotected org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
selectEndpoint
in class AbstractSAMLProfileHandler
requestContext
- current request context
protected org.opensaml.saml1.core.AuthenticationStatement buildAuthenticationStatement(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext) throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
requestContext
- current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException
- thrown if the authentication statement can not be createdprotected org.opensaml.saml1.core.SubjectLocality buildSubjectLocality(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
requestContext
- current request context
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |