Package net.shibboleth.idp.profile.impl
Class FilterAttributes
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class FilterAttributes extends AbstractProfileAction
Action that invokes the
AttributeFilter for the current request.- Event:
EventIds.PROCEED_EVENT_ID,IdPEventIds.UNABLE_FILTER_ATTRIBS- Postcondition:
- If resolution is successful, the relevant RelyingPartyContext.getSubcontext(AttributeContext.class, false) != null
-
Field Summary
-
Constructor Summary
Constructors Constructor Description FilterAttributes(ReloadableService<AttributeFilter> filterService)Constructor. -
Method Summary
Modifier and Type Method Description protected voiddoExecute(ProfileRequestContext profileRequestContext)protected booleandoPreExecute(ProfileRequestContext profileRequestContext)private voidpopulateFilterContext(ProfileRequestContext profileRequestContext, AttributeFilterContext filterContext)Fill in the filter context data.voidsetAttributeContextLookupStrategy(Function<ProfileRequestContext,AttributeContext> strategy)Set the strategy used to locate theAttributeContextassociated with a givenProfileRequestContext.voidsetFilterContextCreationStrategy(Function<ProfileRequestContext,AttributeFilterContext> strategy)Set the strategy used to locate or create theAttributeFilterContextto populate.voidsetIssuerLookupStrategy(Function<ProfileRequestContext,String> strategy)Set the strategy used to lookup the issuer for this attribute filtering.voidsetIssuerMetadataContextLookupStrategy(Function<ProfileRequestContext,SAMLMetadataContext> strategy)Sets the strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext.voidsetMaskFailures(boolean flag)Set whether to treat resolution failure as equivalent to resolving no attributes.voidsetMetadataContextLookupStrategy(Function<ProfileRequestContext,SAMLMetadataContext> strategy)Sets the strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext.voidsetMetadataResolver(MetadataResolver resolver)Set a metadata source to use during filtering.voidsetPrincipalNameLookupStrategy(Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the principal name for this attribute filtering.voidsetProxiedRequesterContextLookupStrategy(Function<ProfileRequestContext,ProxiedRequesterContext> strategy)Sets the strategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext.voidsetRecipientLookupStrategy(Function<ProfileRequestContext,String> strategy)Set the strategy used to lookup the recipient for this attribute filtering.Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponseMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
attributeFilterService
Service used to get the engine used to filter attributes. -
metadataResolver
Optional supplemental metadata source. -
issuerLookupStrategy
Strategy used to locate the identity of the issuer associated with the attribute filtering. -
recipientLookupStrategy
Strategy used to locate the identity of the recipient associated with the attribute filtering. -
filterContextCreationStrategy
@Nonnull private Function<ProfileRequestContext,AttributeFilterContext> filterContextCreationStrategyStrategy used to locate or create theAttributeFilterContext. -
attributeContextLookupStrategy
Strategy used to locate theAttributeContextto filter. -
principalNameLookupStrategy
Strategy used to locate the principal name associated with the attribute filtering. -
profileRequestContextFromFilterLookupStrategy
@Nonnull private Function<AttributeFilterContext,ProfileRequestContext> profileRequestContextFromFilterLookupStrategyStrategy to locate the effectively rootedProfileRequestContextfrom theAttributeFilterContext. -
issuerMetadataContextLookupStrategy
@Nullable private Function<ProfileRequestContext,SAMLMetadataContext> issuerMetadataContextLookupStrategyStrategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext. -
issuerMetadataFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,SAMLMetadataContext> issuerMetadataFromFilterLookupStrategyStrategy used to locate theSAMLMetadataContextfor the issuer associated with a givenAttributeFilterContext. -
metadataContextLookupStrategy
@Nullable private Function<ProfileRequestContext,SAMLMetadataContext> metadataContextLookupStrategyStrategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext. -
metadataFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,SAMLMetadataContext> metadataFromFilterLookupStrategyStrategy used to locate theSAMLMetadataContextfor the recipient associated with a givenAttributeFilterContext. -
proxiedRequesterContextLookupStrategy
@Nullable private Function<ProfileRequestContext,ProxiedRequesterContext> proxiedRequesterContextLookupStrategyStrategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext. -
proxiesFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,ProxiedRequesterContext> proxiesFromFilterLookupStrategyStrategy used to locate theProxiedRequesterContextassociated with a givenAttributeFilterContext. -
maskFailures
private boolean maskFailuresWhether to treat resolver errors as equivalent to resolving no attributes. -
attributeContext
AttributeContext to filter.
-
-
Constructor Details
-
FilterAttributes
Constructor.- Parameters:
filterService- engine used to filter attributes
-
-
Method Details
-
setMetadataResolver
Set a metadata source to use during filtering.- Parameters:
resolver- metadata resolver- Since:
- 3.4.0
-
setIssuerLookupStrategy
Set the strategy used to lookup the issuer for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setRecipientLookupStrategy
Set the strategy used to lookup the recipient for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setFilterContextCreationStrategy
public void setFilterContextCreationStrategy(@Nonnull Function<ProfileRequestContext,AttributeFilterContext> strategy)Set the strategy used to locate or create theAttributeFilterContextto populate.- Parameters:
strategy- lookup/creation strategy
-
setAttributeContextLookupStrategy
public void setAttributeContextLookupStrategy(@Nonnull Function<ProfileRequestContext,AttributeContext> strategy)Set the strategy used to locate theAttributeContextassociated with a givenProfileRequestContext.- Parameters:
strategy- strategy used to locate theAttributeContextassociated with a givenProfileRequestContext
-
setPrincipalNameLookupStrategy
public void setPrincipalNameLookupStrategy(@Nonnull Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the principal name for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setIssuerMetadataContextLookupStrategy
public void setIssuerMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext,SAMLMetadataContext> strategy)Sets the strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext. Also sets the strategy to find theSAMLMetadataContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy
-
setMetadataContextLookupStrategy
public void setMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext,SAMLMetadataContext> strategy)Sets the strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext. Also sets the strategy to find theSAMLMetadataContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy
-
setProxiedRequesterContextLookupStrategy
public void setProxiedRequesterContextLookupStrategy(@Nullable Function<ProfileRequestContext,ProxiedRequesterContext> strategy)Sets the strategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext. Also sets the strategy to find theProxiedRequesterContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
setMaskFailures
public void setMaskFailures(boolean flag)Set whether to treat resolution failure as equivalent to resolving no attributes.This matches the behavior of V2.
- Parameters:
flag- flag to set
-
doPreExecute
- Overrides:
doPreExecutein classAbstractConditionalProfileAction
-
doExecute
- Overrides:
doExecutein classAbstractProfileAction
-
populateFilterContext
private void populateFilterContext(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AttributeFilterContext filterContext)Fill in the filter context data.- Parameters:
profileRequestContext- current profile request contextfilterContext- context to populate
-