External authentication and MetadataProvider id

Jason Pyeron jpyeron at pdinc.us
Sun Jan 30 22:39:55 UTC 2022

[Not sure if this is too in depth for the users list, apologies if so]

We have business rules in the external authentication that need access to the MetadataProvider objects. For now the id property is sufficient.

The RelyingPartyContext gets us the SAMLMetadataContext, which in turn grants us access to the EntityDescriptor. Internally the SAMLMetadataContext is resolved via the MetadataProviderContainer.

We found that we can do a post order depth-first search from the MetadataProviderContainer and stop on the first resolve(new CriteriaSet(new EntityIdCriterion(ed.getEntityID()))) to return a result.

This does not seem to be the best way. 


On a side note: It would be nice if EntityDescriptor had a List<MetadataResolver> getResolvers(), would that make sense as a patch?


Jason Pyeron

Jason Pyeron  | Architect
PD Inc        | Certified SBA 8(a)
10 w 24th St  | Certified SBA HUBZone
Baltimore, MD | CAGE Code: 1WVR6
.mil: jason.j.pyeron.ctr at mail.mil
.com: jpyeron at pdinc.us
.edu: jpyeron at jhu.edu
tel : 202-741-9397

More information about the users mailing list