net.shibboleth.idp.saml.profile.impl

Class InitializeAuthenticationContext

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>

org.opensaml.profile.action.AbstractConditionalProfileAction<InboundMessageType,OutboundMessageType>

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, org.springframework.beans.factory.Aware, org.springframework.context.MessageSource, org.springframework.context.MessageSourceAware, org.springframework.webflow.execution.Action

public class InitializeAuthenticationContext
extends AbstractProfileAction

An action that creates an AuthenticationContext and attaches it to the current ProfileRequestContext.

If the incoming message is a SAML 2.0 AuthnRequest, then basic authentication policy (IsPassive, ForceAuthn) is copied into the context from the request.

If a previously populated AuthenticationContext is found, and it contains a successful AuthenticationResult, that result is copied to the new context via AuthenticationContext.setInitialAuthenticationResult(net.shibboleth.idp.authn.AuthenticationResult).

Event:

EventIds.PROCEED_EVENT_ID

Postcondition:

ProfileRequestContext.getSubcontext(AuthenticationContext.class) != true, SAML 2.0 AuthnRequest policy flags are copied to the AuthenticationContext

Field Summary

Fields

Modifier and Type	Field and Description
private AuthnRequest	authnRequest Incoming SAML 2.0 request, if present.
private com.google.common.base.Predicate<ProfileRequestContext>	forceAuthnPredicate Extracts forceAuthn property from profile config.
private org.slf4j.Logger	log Class logger.
private com.google.common.base.Function<ProfileRequestContext,AuthnRequest>	requestLookupStrategy Strategy used to locate the AuthnRequest to operate on, if any.

Constructor Summary

Constructors

Constructor and Description
InitializeAuthenticationContext() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected void	doExecute(ProfileRequestContext profileRequestContext)
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext)
void	setForceAuthnPredicate(com.google.common.base.Predicate<ProfileRequestContext> condition) Set the predicate to apply to derive the message-independent forced authn default.
void	setRequestLookupStrategy(com.google.common.base.Function<ProfileRequestContext,AuthnRequest> strategy) Set the strategy used to locate the AuthnRequest to examine, if any.

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

forceAuthnPredicate

@Nonnull
private com.google.common.base.Predicate<ProfileRequestContext> forceAuthnPredicate

Extracts forceAuthn property from profile config.

requestLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,AuthnRequest> requestLookupStrategy

Strategy used to locate the AuthnRequest to operate on, if any.

authnRequest

@Nullable
private AuthnRequest authnRequest

Incoming SAML 2.0 request, if present.

Constructor Detail

InitializeAuthenticationContext

public InitializeAuthenticationContext()

Constructor.

Method Detail

setForceAuthnPredicate

public void setForceAuthnPredicate(@Nonnull
                          com.google.common.base.Predicate<ProfileRequestContext> condition)

Set the predicate to apply to derive the message-independent forced authn default.

Parameters:

condition - condition to set

Since:

3.4.0

setRequestLookupStrategy

public void setRequestLookupStrategy(@Nonnull
                            com.google.common.base.Function<ProfileRequestContext,AuthnRequest> strategy)

Set the strategy used to locate the AuthnRequest to examine, if any.

Parameters:

strategy - strategy used to locate the AuthnRequest

doPreExecute

protected boolean doPreExecute(@Nonnull
                   ProfileRequestContext profileRequestContext)

Overrides:

doPreExecute in class AbstractConditionalProfileAction

doExecute

protected void doExecute(@Nonnull
             ProfileRequestContext profileRequestContext)

Overrides:

doExecute in class AbstractProfileAction