Package net.shibboleth.idp.saml.nameid.impl
Implementation of SAML
NameID
and
NameIdentifier
generation and consumption.-
Interface Summary Interface Description TransientIdGenerationStrategy Generates and manages transient identifiers according to specific strategies. -
Class Summary Class Description AttributeSourcedSAML1NameIdentifierGenerator Generator forNameIdentifier
objects based onIdPAttribute
data.AttributeSourcedSAML2NameIDGenerator Generator forNameID
objects based onIdPAttribute
data.BaseCryptoTransientDecoder An abstract action which contains the logic to do crypto transient decoding matching.BaseTransformingDecoder Regular expression, etc.BaseTransientDecoder An abstract action which contains the logic to do transient decoding matching (shared between SAML2 and SAML1).CryptoTransientIdGenerationStrategy Generates transients using aDataSealer
to encrypt the result into a recoverable value, for use with stateless clustering.CryptoTransientNameIDDecoder Processes a transientNameID
, checks that itsNameIDType.getNameQualifier()
andNameIDType.getSPNameQualifier()
are correct, and decodesXSString.getValue()
via the base class (reversing the work done byCryptoTransientIdGenerationStrategy
).CryptoTransientNameIdentifierDecoder Processes a transientNameIdentifier
, checks that itsNameIdentifier.getNameQualifier()
is correct, and decodesXSString.getValue()
via the base class (reversing the work done byCryptoTransientIdGenerationStrategy
).LegacyCanonicalization Deprecated. NameIDCanonicalization Action to perform subject canonicalization, transforming the inputSubject
into a principal name by searching for one and only oneNameIDPrincipal
custom principal, using an injectedNameIDDecoder
to carry out the process.NameIDCanonicalization.ActivationCondition A predicate that determines if this action can run or not.NameIdentifierCanonicalization Action to perform subject canonicalization, transforming the inputSubject
into a principal name by searching for one and only oneNameIdentifierPrincipal
custom principal, using an injectedNameIdentifierDecoder
to carry out the process.NameIdentifierCanonicalization.ActivationCondition A predicate that determines if this action can run or not.NameIdentifierGenerationServiceImpl Implementation ofNameIdentifierGenerationService
.PersistentSAML2NameIDGenerator Generator for "persistent" FormatNameID
objects that provides a source/seed ID based onIdPAttribute
data.ProxySAML1NameIdentifierGenerator A compound implementation of theSAML1NameIdentifierGenerator
interface that wraps a sequence of candidate generators along with a default to try if no format-specific options are available.ProxySAML2NameIDGenerator A compound implementation of theSAML2NameIDGenerator
interface that wraps a sequence of candidate generators along with a default to try if no format-specific options are available.StoredPersistentIdDecoder An abstract decoder which contains the logic to decode SAML persistent IDs that are managed with aDurablePairwiseIdStore
.StoredTransientIdGenerationStrategy Generates transients using aStorageService
to manage the reverse mappings.TransformingNameIDDecoder Transform from aNameID
.TransformingNameIdentifierDecoder Transform from aNameIdentifier
.TransientIdParameters The Parameters we need to store in, and get out of a transient ID, namely the attribute recipient (aka the SP) and the principal.TransientNameIDDecoder DecodesXSString.getValue()
via the base class (reversing the work done byTransientSAML2NameIDGenerator
).TransientNameIdentifierDecoder DecodesXSString.getValue()
via the base class (reversing the work done byTransientSAML1NameIdentifierGenerator
).TransientSAML1NameIdentifierGenerator Generator for transientNameIdentifier
objects.TransientSAML2NameIDGenerator Generator for transientNameID
objects.