Class ExtractSubjectFromRequest

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractSubjectFromRequest
extends AbstractProfileAction
Action that extracts a SAML Subject from an inbound message, and prepares a SubjectCanonicalizationContext to process it into a principal identity.

If the inbound message does not supply a NameIdentifier or NameID to process, then nothing is done, and the local event ID NO_SUBJECT is signaled.

A policy predicate may also be executed to control the conditions under which a subject name may be used by a requester, possibly resulting in a AuthnEventIds.INVALID_SUBJECT event.

Otherwise, a custom Principal of the appropriate type is wrapped around the identifier object and a Java Subject is prepared for canonicalization.

Event:
EventIds.PROCEED_EVENT_ID, AuthnEventIds.INVALID_SUBJECT, NO_SUBJECT
Postcondition:
If "proceed" signaled, then ProfileRequestContext.getSubcontext(SubjectCanonicalizationContext.class) != null