Package net.shibboleth.idp.saml.nameid.impl

Class CryptoTransientIdGenerationStrategy

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.saml.nameid.impl.CryptoTransientIdGenerationStrategy

All Implemented Interfaces:

TransientIdGenerationStrategy, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

public class CryptoTransientIdGenerationStrategy
extends AbstractIdentifiableInitializableComponent
implements TransientIdGenerationStrategy

Generates transients using a DataSealer to encrypt the result into a recoverable value, for use with stateless clustering.

Field Summary

Fields

Modifier and Type	Field	Description
private DataSealer	dataSealer	Object used to protect and encrypt the data.
private Duration	idLifetime	Length tokens are valid.
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
CryptoTransientIdGenerationStrategy()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doInitialize()
String	generate(String relyingPartyId, String principalName)	Generate a new Transient ID.
Duration	getIdLifetime()	Get the time ids are valid.
void	setDataSealer(DataSealer sealer)	Set the data sealer to use.
void	setIdLifetime(Duration lifetime)	Set the time ids are valid.

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

dataSealer

@NonnullAfterInit
private DataSealer dataSealer

Object used to protect and encrypt the data.

idLifetime

@Nonnull
private Duration idLifetime

Length tokens are valid.

Constructor Details

CryptoTransientIdGenerationStrategy

public CryptoTransientIdGenerationStrategy()

Constructor.

Method Details

setDataSealer

public void setDataSealer(@Nonnull
DataSealer sealer)

Set the data sealer to use.

Parameters:

sealer - object used to protect and encrypt the data

getIdLifetime

@Nonnull
public Duration getIdLifetime()

Get the time ids are valid.

Returns:

time ids are valid

setIdLifetime

public void setIdLifetime(@Nonnull
Duration lifetime)

Set the time ids are valid.

Parameters:

lifetime - time ids are valid

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractIdentifiedInitializableComponent

Throws:

ComponentInitializationException

generate

@Nonnull
@NotEmpty
public String generate(@Nonnull @NotEmpty
String relyingPartyId,
@Nonnull @NotEmpty
String principalName)
                throws SAMLException

Generate a new Transient ID.

Specified by:

generate in interface TransientIdGenerationStrategy

Parameters:

relyingPartyId - the relying party for whom we're generating

principalName - the principal to map to

Returns:

the new identifier

Throws:

SAMLException - if an error occurs generating the identifier