|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectedu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<org.opensaml.ws.transport.http.HTTPInTransport,org.opensaml.ws.transport.http.HTTPOutTransport>
edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler
edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler
public class ShibbolethSSOProfileHandler
Shibboleth SSO request profile handler.
| Nested Class Summary | |
|---|---|
class |
ShibbolethSSOProfileHandler.ShibbolethSSORequestContext
Represents the internal state of a Shibboleth SSO Request while it's being processed by the IdP. |
| Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
|---|
AbstractSAML1ProfileHandler.SAML1AuditLogEntry |
| Field Summary |
|---|
| Fields inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
|---|
SAML_VERSION |
| Constructor Summary | |
|---|---|
ShibbolethSSOProfileHandler(String authnManagerPath)
Constructor. |
|
| Method Summary | |
|---|---|
protected org.opensaml.saml1.core.AuthenticationStatement |
buildAuthenticationStatement(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
Builds the authentication statement for the authenticated principal. |
protected ShibbolethSSOProfileHandler.ShibbolethSSORequestContext |
buildRequestContext(ShibbolethSSOLoginContext loginContext,
org.opensaml.ws.transport.http.HTTPInTransport in,
org.opensaml.ws.transport.http.HTTPOutTransport out)
Creates an authentication request context from the current environmental information. |
protected org.opensaml.saml1.core.SubjectLocality |
buildSubjectLocality(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
Constructs the subject locality for the authentication statement. |
protected void |
completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a response to the Shibboleth SSO and sends the user, with response in tow, back to the relying party after they've been authenticated. |
protected void |
decodeRequest(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext,
org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Decodes an incoming request and populates a created request context with the resultant information. |
String |
getProfileId()
|
protected void |
performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
Creates a LoginContext an sends the request off to the AuthenticationManager to begin the process of
authenticating the user. |
protected void |
populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the asserting party. |
protected void |
populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information about the relying party. |
protected void |
populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Populates the request context with information from the inbound SAML message. |
void |
processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
|
protected org.opensaml.saml2.metadata.Endpoint |
selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
Selects the appropriate endpoint for the relying party and stores it in the request context. |
| Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.saml1.AbstractSAML1ProfileHandler |
|---|
buildAssertion, buildAttributeStatement, buildConditions, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, checkSamlVersion, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry |
| Methods inherited from class edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler |
|---|
encodeResponse, getAduitLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getInboundMessageDecoder, getMessageDecoders, getMessageEncoders, getMetadataProvider, getNameFormats, getOutboundMessageEncoder, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, populateProfileInformation, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler |
|---|
getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, setParserPool, setRelyingPartyConfigurationManager, setSessionManager |
| Methods inherited from class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler |
|---|
getRequestPaths, setRequestPaths |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public ShibbolethSSOProfileHandler(String authnManagerPath)
authnManagerPath - path to the authentication manager servlet| Method Detail |
|---|
public String getProfileId()
getProfileId in class edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager,Session>
public void processRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
edu.internet2.middleware.shibboleth.common.profile.ProfileException
protected void performAuthentication(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
LoginContext an sends the request off to the AuthenticationManager to begin the process of
authenticating the user.
inTransport - inbound message transportoutTransport - outbound message transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem creating the login context and transferring control to the
authentication manager
protected void decodeRequest(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext,
org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
inTransport - inbound message transportoutTransport - outbound message transportrequestContext - the request context to which decoded information should be added
edu.internet2.middleware.shibboleth.common.profile.ProfileException - throw if there is a problem decoding the request
protected void completeAuthenticationRequest(org.opensaml.ws.transport.http.HTTPInTransport inTransport,
org.opensaml.ws.transport.http.HTTPOutTransport outTransport)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
inTransport - inbound message transportoutTransport - outbound message transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the response can not be created and sent back to the relying party
protected ShibbolethSSOProfileHandler.ShibbolethSSORequestContext buildRequestContext(ShibbolethSSOLoginContext loginContext,
org.opensaml.ws.transport.http.HTTPInTransport in,
org.opensaml.ws.transport.http.HTTPOutTransport out)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
loginContext - current login contextin - inbound transportout - outbount transport
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem creating the context
protected void populateRelyingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
populateRelyingPartyInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the relying party's metadata
protected void populateAssertingPartyInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked
AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext) has already been invoked and the
properties it provides are available in the request context.
This method requires the the following request context properties to be populated: metadata provider, relying
party configuration
This methods populates the following request context properties: local entity ID, outbound message issuer, local
entity metadata
populateAssertingPartyInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem looking up the asserting party's metadata
protected void populateSAMLMessageInformation(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked
AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext),and
AbstractSAMLProfileHandler.populateAssertingPartyInformation(BaseSAMLProfileRequestContext) have already been invoked and the
properties they provide are available in the request context.
populateSAMLMessageInformation in class AbstractSAMLProfileHandlerrequestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if there is a problem populating the request context with informationprotected org.opensaml.saml2.metadata.Endpoint selectEndpoint(edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext requestContext)
selectEndpoint in class AbstractSAMLProfileHandlerrequestContext - current request context
protected org.opensaml.saml1.core.AuthenticationStatement buildAuthenticationStatement(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
throws edu.internet2.middleware.shibboleth.common.profile.ProfileException
requestContext - current request context
edu.internet2.middleware.shibboleth.common.profile.ProfileException - thrown if the authentication statement can not be createdprotected org.opensaml.saml1.core.SubjectLocality buildSubjectLocality(ShibbolethSSOProfileHandler.ShibbolethSSORequestContext requestContext)
requestContext - current request context
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||