Class SAML2SPSessionCreationStrategy

java.lang.Object
net.shibboleth.idp.saml.session.impl.SAML2SPSessionCreationStrategy
All Implemented Interfaces:
Function<ProfileRequestContext,​SPSession>

public class SAML2SPSessionCreationStrategy
extends Object
implements Function<ProfileRequestContext,​SPSession>
A function to create a SAML2SPSession based on profile execution state.

This strategy is a default approach that uses a RelyingPartyContext via lookup strategy to obtain a requester value, used as the SPSession's relying party ID. The authentication flow ID comes from the AuthenticationResult in the AuthenticationContext. The session has a creation time based on the time of execution, and the expiration is based on a configurable lifetime, bounded by the per-SP lifetime setting for the profile.

The SAML 2 specific data is extracted from the first assertion containing an authn statement found in a Response message located via a lookup strategy, by default the outbound message context. Failure to locate any of this data will cause a null return value.

  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.
    • sessionLifetime

      @Nonnull private final Duration sessionLifetime
      Lifetime of sessions to create.
    • relyingPartyContextLookupStrategy

      @Nonnull private Function<ProfileRequestContext,​RelyingPartyContext> relyingPartyContextLookupStrategy
      RelyingPartyContext lookup strategy.
    • responseLookupStrategy

      @Nonnull private Function<ProfileRequestContext,​Response> responseLookupStrategy
      Response lookup strategy.
  • Constructor Details

    • SAML2SPSessionCreationStrategy

      public SAML2SPSessionCreationStrategy​(@Nonnull Duration lifetime)
      Constructor.
      Parameters:
      lifetime - determines upper bound for expiration of SAML2SPSession to be created
  • Method Details