|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectedu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>
edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler
public class SSOProfileHandler
SAML 2.0 SSO request profile handler.
| Nested Class Summary | |
|---|---|
protected class |
SSOProfileHandler.SSORequestContext
Represents the internal state of a SAML 2.0 SSO Request while it's being processed by the IdP. |
| Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler |
|---|
AbstractSAML2ProfileHandler.SAML2AuditLogEntry |
| Field Summary |
|---|
| Fields inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler |
|---|
SAML_VERSION |
| Constructor Summary | |
|---|---|
SSOProfileHandler(String authnManagerPath)
Constructor. |
|
| Method Summary | |
|---|---|
protected org.opensaml.saml2.core.AuthnContext |
buildAuthnContext(SSOProfileHandler.SSORequestContext requestContext)
Creates an AuthnContext for a successful authentication request. |
protected org.opensaml.saml2.core.AuthnStatement |
buildAuthnStatement(SSOProfileHandler.SSORequestContext requestContext)
Creates an authentication statement for the current request. |
protected SSOProfileHandler.SSORequestContext |
buildRequestContext(Saml2LoginContext loginContext,
org.opensaml.ws.transport.http.HTTPInTransport in,
org.opensaml.ws.transport.http.HTTPOutTransport out)
Creates an authentication request context from the current environmental information. |
protected org.opensaml.saml2.core.SubjectLocality |
buildSubjectLocality(SSOProfileHandler.SSORequestContext requestContext)
Constructs the subject locality for the authentication statement. |
protected void |
completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a response to the AuthnRequest and sends the user, with response in tow, back to the relying
party after they've been authenticated. |
protected void |
decodeRequest(SSOProfileHandler.SSORequestContext requestContext,
org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Decodes an incoming request and stores the information in a created request context. |
protected org.opensaml.saml2.core.AuthnRequest |
deserializeRequest(String request)
Deserailizes an authentication request from a string. |
String |
getProfileId()
|
protected void |
performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a Saml2LoginContext an sends the request off to the AuthenticationManager to begin the process of
authenticating the user. |
protected void |
populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the asserting party. |
protected void |
populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the relying party. |
protected void |
populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information from the inbound SAML message. |
void |
processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
|
protected org.opensaml.saml2.metadata.Endpoint |
selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Selects the appropriate endpoint for the relying party and stores it in the request context. |
| Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler |
|---|
buildAssertion, buildAttributeStatement, buildConditions, buildEntityIssuer, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, buildSubjectConfirmation, checkSamlVersion, getEncrypter, getKeyEncryptionCredential, isEncryptAssertion, isEncryptNameID, isRequestRequiresEncryptNameID, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, postProcessAssertion, postProcessResponse, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry |
| Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler |
|---|
encodeResponse, getAduitLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getInboundMessageDecoder, getMessageDecoders, getMessageEncoders, getMetadataProvider, getNameFormats, getOutboundMessageEncoder, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, populateProfileInformation, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler |
|---|
getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, setParserPool, setRelyingPartyConfigurationManager, setSessionManager |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler |
|---|
getRequestPaths, setRequestPaths |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public SSOProfileHandler(String authnManagerPath)
authnManagerPath - path to the authentication manager Servlet| Method Detail |
|---|
public String getProfileId()
getProfileId in class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
public void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
edu.internet2.middleware.shibboleth.common.profile.ProfileException
protected void performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
Saml2LoginContext an sends the request off to the AuthenticationManager to begin the process of
authenticating the user.
inTransport - inbound request transportoutTransport - outbound response transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem creating the login context and transferring control to the
authentication manager
protected void completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AuthnRequest and sends the user, with response in tow, back to the relying
party after they've been authenticated.
inTransport - inbound message transportoutTransport - outbound message transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the response can not be created and sent back to the relying party
protected void decodeRequest(SSOProfileHandler.SSORequestContext requestContext,
org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
inTransport - inbound transportoutTransport - outbound transportrequestContext - request context to which decoded information should be added
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the incoming message failed decoding
protected SSOProfileHandler.SSORequestContext buildRequestContext(Saml2LoginContext loginContext,
org.opensaml.ws.transport.http.HTTPInTransport in,
org.opensaml.ws.transport.http.HTTPOutTransport out)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
loginContext - current login contextin - inbound transportout - outbount transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem creating the context
protected void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
populateRelyingPartyInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the relying party's metadata
protected void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked
AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext) has already been invoked and the
properties it provides are available in the request context.
This method requires the the following request context properties to be populated: metadata provider, relying
party configuration
This methods populates the following request context properties: local entity ID, outbound message issuer, local
entity metadata
populateAssertingPartyInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the asserting party's metadata
protected void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
populateSAMLMessageInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the inbound SAML message or subject identifier is nullprotected org.opensaml.saml2.core.AuthnStatement buildAuthnStatement(SSOProfileHandler.SSORequestContext requestContext)
requestContext - current request context
protected org.opensaml.saml2.core.AuthnContext buildAuthnContext(SSOProfileHandler.SSORequestContext requestContext)
AuthnContext for a successful authentication request.
requestContext - current request
protected org.opensaml.saml2.core.SubjectLocality buildSubjectLocality(SSOProfileHandler.SSORequestContext requestContext)
requestContext - curent request context
protected org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
selectEndpoint in class AbstractSAMLProfileHandlerrequestContext - current request context
protected org.opensaml.saml2.core.AuthnRequest deserializeRequest(String request)
throws org.opensaml.xml.io.UnmarshallingException
request - request to deserialize
org.opensaml.xml.io.UnmarshallingException - thrown if the request can no be deserialized and unmarshalled
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||