AbstractSAML2ProfileConfiguration (Shibboleth IdP

java.lang.Object
- net.shibboleth.idp.profile.config.AbstractProfileConfiguration
- - net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration
  - - net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration
    - - net.shibboleth.idp.saml.saml2.profile.config.AbstractSAML2ProfileConfiguration

All Implemented Interfaces:

ConditionalProfileConfiguration, ProfileConfiguration, SAMLProfileConfiguration, SAML2ProfileConfiguration, Component, IdentifiedComponent

Direct Known Subclasses:

AbstractSAML2ArtifactAwareProfileConfiguration, ArtifactResolutionProfileConfiguration
```
public abstract class AbstractSAML2ProfileConfiguration
extends AbstractSAMLProfileConfiguration
implements SAML2ProfileConfiguration
```
Base class for SAML 2 profile configurations.

Field Summary

Fields
Modifier and Type	Field and Description
`private com.google.common.base.Predicate<ProfileRequestContext>`	`encryptAssertionsPredicate` Predicate used to determine if assertions should be encrypted.
`private com.google.common.base.Predicate<ProfileRequestContext>`	`encryptAttributesPredicate` Predicate used to determine if attributes should be encrypted.
`private com.google.common.base.Predicate<ProfileRequestContext>`	`encryptionOptionalPredicate` Whether encryption is optional in the face of no key, etc.
`private com.google.common.base.Predicate<ProfileRequestContext>`	`encryptNameIDsPredicate` Predicate used to determine if name identifiers should be encrypted.
`private Collection<String>`	`proxyAudiences` Audiences for the proxy.
`private com.google.common.base.Function<ProfileRequestContext,Collection<String>>`	`proxyAudiencesLookupStrategy` Lookup function to supply `proxyAudiences` property.
`private long`	`proxyCount` Maximum proxy count for an assertion.
`private com.google.common.base.Function<ProfileRequestContext,Long>`	`proxyCountLookupStrategy` Lookup function to supply `proxyCount` property.

Constructor Summary

Constructors
Constructor and Description

AbstractSAML2ProfileConfiguration(String profileId)
Constructor.

Constructors
Constructor and Description
`AbstractSAML2ProfileConfiguration(String profileId)` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`com.google.common.base.Predicate<ProfileRequestContext>`	`getEncryptAssertions()` Get the predicate used to determine if assertions should be encrypted.
`com.google.common.base.Predicate<ProfileRequestContext>`	`getEncryptAttributes()` Get the predicate used to determine if attributes should be encrypted.
`com.google.common.base.Predicate<ProfileRequestContext>`	`getEncryptionOptionalPredicate()` Get condition to determine whether encryption is optional in the face of a missing key, etc.
`com.google.common.base.Predicate<ProfileRequestContext>`	`getEncryptNameIDs()` Get the predicate used to determine if name identifiers should be encrypted.
`Collection<String>`	`getProxyAudiences()` Get the unmodifiable collection of audiences for a proxied assertion.
`long`	`getProxyCount()` Get the maximum number of times an assertion may be proxied.
`boolean`	`isEncryptionOptional()` Get whether to ignore an inability to encrypt due to external factors.
`void`	`setEncryptAssertions(com.google.common.base.Predicate<ProfileRequestContext> predicate)` Set the predicate used to determine if assertions should be encrypted.
`void`	`setEncryptAttributes(com.google.common.base.Predicate<ProfileRequestContext> predicate)` Set the predicate used to determine if attributes should be encrypted.
`void`	`setEncryptionOptional(boolean flag)` Set whether encryption is optional in the face of a missing key, etc.
`void`	`setEncryptionOptionalPredicate(com.google.common.base.Predicate<ProfileRequestContext> condition)` Set a condition to determine whether encryption is optional in the face of a missing key, etc.
`void`	`setEncryptNameIDs(com.google.common.base.Predicate<ProfileRequestContext> predicate)` Set the predicate used to determine if name identifiers should be encrypted.
`void`	`setProxyAudiences(Collection<String> audiences)` Set the proxy audiences to be added to responses.
`void`	`setProxyAudiencesLookupStrategy(com.google.common.base.Function<ProfileRequestContext,Collection<String>> strategy)` Set a lookup strategy for the `proxyAudiences` property.
`void`	`setProxyCount(long count)` Set the maximum number of times an assertion may be proxied.
`void`	`setProxyCountLookupStrategy(com.google.common.base.Function<ProfileRequestContext,Long> strategy)` Set a lookup strategy for the `proxyCount` property.

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration
getActivationCondition, setActivationCondition

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration
getOutboundInterceptorFlows, getSecurityConfiguration

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent
getId

- Field Detail
  - encryptionOptionalPredicate
```
@Nonnull
private com.google.common.base.Predicate<ProfileRequestContext> encryptionOptionalPredicate
```
    Whether encryption is optional in the face of no key, etc.
  - encryptAssertionsPredicate
```
@Nonnull
private com.google.common.base.Predicate<ProfileRequestContext> encryptAssertionsPredicate
```
    Predicate used to determine if assertions should be encrypted.
  - encryptNameIDsPredicate
```
@Nonnull
private com.google.common.base.Predicate<ProfileRequestContext> encryptNameIDsPredicate
```
    Predicate used to determine if name identifiers should be encrypted.
  - encryptAttributesPredicate
```
@Nonnull
private com.google.common.base.Predicate<ProfileRequestContext> encryptAttributesPredicate
```
    Predicate used to determine if attributes should be encrypted.
  - proxyCountLookupStrategy
```
@Nullable
private com.google.common.base.Function<ProfileRequestContext,Long> proxyCountLookupStrategy
```
    Lookup function to supply proxyCount property.
  - proxyCount
```
private long proxyCount
```
    Maximum proxy count for an assertion. Default value: 0
  - proxyAudiencesLookupStrategy
```
@Nullable
private com.google.common.base.Function<ProfileRequestContext,Collection<String>> proxyAudiencesLookupStrategy
```
    Lookup function to supply proxyAudiences property.
  - proxyAudiences
```
@Nonnull
@NonnullElements
private Collection<String> proxyAudiences
```
    Audiences for the proxy.
- Constructor Detail
  - AbstractSAML2ProfileConfiguration
```
public AbstractSAML2ProfileConfiguration(@Nonnull@NotEmpty
                                 String profileId)
```
    Constructor.
    
    Parameters:
    profileId - ID of the communication profile, never null or empty
- Method Detail
  - getProxyCount
```
public long getProxyCount()
```
    Get the maximum number of times an assertion may be proxied.
    
    Specified by:
    
    getProxyCount in interface SAML2ProfileConfiguration
    
    Returns:
    maximum number of times an assertion may be proxied
  - setProxyCount
```
public void setProxyCount(@NonNegative
                 long count)
```
    Set the maximum number of times an assertion may be proxied.
    
    Parameters:
    count - maximum number of times an assertion may be proxied
  - setProxyCountLookupStrategy
```
public void setProxyCountLookupStrategy(@Nullable
                               com.google.common.base.Function<ProfileRequestContext,Long> strategy)
```
    Set a lookup strategy for the proxyCount property.
    
    Parameters:
    strategy - lookup strategy
    Since:
    
    3.3.0
  - getProxyAudiences
```
public Collection<String> getProxyAudiences()
```
    Get the unmodifiable collection of audiences for a proxied assertion.
    
    Specified by:
    
    getProxyAudiences in interface SAML2ProfileConfiguration
    
    Returns:
    audiences for a proxied assertion
  - setProxyAudiences
```
public void setProxyAudiences(@Nullable@NonnullElements
                     Collection<String> audiences)
```
    Set the proxy audiences to be added to responses.
    
    Parameters:
    audiences - proxy audiences to be added to responses
  - setProxyAudiencesLookupStrategy
```
public void setProxyAudiencesLookupStrategy(@Nullable
                                   com.google.common.base.Function<ProfileRequestContext,Collection<String>> strategy)
```
    Set a lookup strategy for the proxyAudiences property.
    
    Parameters:
    strategy - lookup strategy
    Since:
    
    3.3.0
  - isEncryptionOptional
```
public boolean isEncryptionOptional()
```
    Get whether to ignore an inability to encrypt due to external factors.
    This allows a deployer to signal that encryption is "best effort" and can be omitted if a relying party doesn't possess a key, support a compatible algorithm, etc.
    
    Defaults to false.
    
    Specified by:
    
    isEncryptionOptional in interface SAML2ProfileConfiguration
    
    Returns:
    true iff encryption should be treated as optional
  - setEncryptionOptional
```
public void setEncryptionOptional(boolean flag)
```
    Set whether encryption is optional in the face of a missing key, etc.
    
    Parameters:
    flag - flag to set
  - getEncryptionOptionalPredicate
```
@Nonnull
public com.google.common.base.Predicate<ProfileRequestContext> getEncryptionOptionalPredicate()
```
    Get condition to determine whether encryption is optional in the face of a missing key, etc.
    
    Returns:
    condition
    Since:
    
    3.3.0
  - setEncryptionOptionalPredicate
```
public void setEncryptionOptionalPredicate(@Nonnull
                                  com.google.common.base.Predicate<ProfileRequestContext> condition)
```
    Set a condition to determine whether encryption is optional in the face of a missing key, etc.
    
    Parameters:
    condition - condition to set
    Since:
    
    3.3.0
  - getEncryptAssertions
```
@Nonnull
public com.google.common.base.Predicate<ProfileRequestContext> getEncryptAssertions()
```
    Get the predicate used to determine if assertions should be encrypted.
    
    Specified by:
    
    getEncryptAssertions in interface SAML2ProfileConfiguration
    
    Returns:
    predicate used to determine if assertions should be encrypted
  - setEncryptAssertions
```
public void setEncryptAssertions(@Nonnull
                        com.google.common.base.Predicate<ProfileRequestContext> predicate)
```
    Set the predicate used to determine if assertions should be encrypted.
    
    Parameters:
    predicate - predicate used to determine if assertions should be encrypted
  - getEncryptNameIDs
```
@Nonnull
public com.google.common.base.Predicate<ProfileRequestContext> getEncryptNameIDs()
```
    Get the predicate used to determine if name identifiers should be encrypted.
    
    Specified by:
    
    getEncryptNameIDs in interface SAML2ProfileConfiguration
    
    Returns:
    predicate used to determine if name identifiers should be encrypted
  - setEncryptNameIDs
```
public void setEncryptNameIDs(@Nonnull
                     com.google.common.base.Predicate<ProfileRequestContext> predicate)
```
    Set the predicate used to determine if name identifiers should be encrypted.
    
    Parameters:
    predicate - predicate used to determine if name identifiers should be encrypted
  - getEncryptAttributes
```
@Nonnull
public com.google.common.base.Predicate<ProfileRequestContext> getEncryptAttributes()
```
    Get the predicate used to determine if attributes should be encrypted.
    
    Specified by:
    
    getEncryptAttributes in interface SAML2ProfileConfiguration
    
    Returns:
    predicate used to determine if attributes should be encrypted
  - setEncryptAttributes
```
public void setEncryptAttributes(@Nonnull
                        com.google.common.base.Predicate<ProfileRequestContext> predicate)
```
    Set the predicate used to determine if attributes should be encrypted.
    
    Parameters:
    predicate - predicate used to determine if attributes should be encrypted

Class AbstractSAML2ProfileConfiguration

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

Field Detail

encryptionOptionalPredicate

encryptAssertionsPredicate

encryptNameIDsPredicate

encryptAttributesPredicate

proxyCountLookupStrategy

proxyCount

proxyAudiencesLookupStrategy

proxyAudiences

Constructor Detail

AbstractSAML2ProfileConfiguration

Method Detail

getProxyCount

setProxyCount

setProxyCountLookupStrategy

getProxyAudiences

setProxyAudiences

setProxyAudiencesLookupStrategy

isEncryptionOptional

setEncryptionOptional

getEncryptionOptionalPredicate

setEncryptionOptionalPredicate

getEncryptAssertions

setEncryptAssertions

getEncryptNameIDs

setEncryptNameIDs

getEncryptAttributes

setEncryptAttributes