Package net.shibboleth.idp.saml.profile.impl

Class BaseAddAuthenticationStatementToAssertion

java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.authn.AbstractAuthenticationAction
net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action
Direct Known Subclasses:
AddAuthenticationStatementToAssertion, AddAuthnStatementToAssertion
public abstract class BaseAddAuthenticationStatementToAssertion extends AbstractAuthenticationAction
Base class for actions that encode authentication information into a SAML 1 or SAML 2 statement.
Event:
EventIds.PROCEED_EVENT_ID, EventIds.INVALID_PROFILE_CTX, EventIds.INVALID_MSG_CTX, AuthnEventIds.INVALID_AUTHN_CTX

  • Field Details

  • Constructor Details

    • BaseAddAuthenticationStatementToAssertion

      public BaseAddAuthenticationStatementToAssertion()
      Constructor.

  • Method Details

    • isStatementInOwnAssertion

      public boolean isStatementInOwnAssertion()
      Set whether the generated statement should be placed in its own assertion or added to one if it exists.
      Returns:
      whether the generated statement should be placed in its own assertion or added to one if it exists

    • setStatementInOwnAssertion

      public void setStatementInOwnAssertion(boolean inOwnAssertion)
      Set whether the generated authentication statement should be placed in its own assertion or added to one if it exists.
      Parameters:
      inOwnAssertion - whether the generated authentication statement should be placed in its own assertion or added to one if it exists

    • setIdentifierGeneratorLookupStrategy

      public void setIdentifierGeneratorLookupStrategy(@Nonnull Function<ProfileRequestContext,IdentifierGenerationStrategy> strategy)
      Set the strategy used to locate the IdentifierGenerationStrategy to use.
      Parameters:
      strategy - lookup strategy

    • setIssuerLookupStrategy

      public void setIssuerLookupStrategy(@Nonnull Function<ProfileRequestContext,String> strategy)
      Set the strategy used to locate the issuer value to use.
      Parameters:
      strategy - lookup strategy

    • getAddressLookupStrategy

      @NonnullAfterInit public Function<ProfileRequestContext,String> getAddressLookupStrategy()
      Get the strategy used to obtain the client IP address to insert into the statement.
      Returns:
      lookup strategy
      Since:
      4.0.0

    • setAddressLookupStrategy

      public void setAddressLookupStrategy(@Nullable Function<ProfileRequestContext,String> strategy)
      Set the strategy used to obtain the client IP address to insert into the statement.
      Parameters:
      strategy - lookup strategy
      Since:
      4.0.0

    • getAuthenticationResult

      @Nonnull public AuthenticationResult getAuthenticationResult()
      Get the AuthenticationResult to encode.
      Returns:
      the result to encode

    • getIdGenerator

      @Nonnull public IdentifierGenerationStrategy getIdGenerator()
      Get the IdentifierGenerationStrategy to use if an assertion must be created.
      Returns:
      the ID generation strategy

    • getIssuerId

      @Nonnull public String getIssuerId()
      Get the issuer name to use if an assertion must be created.
      Returns:
      the issuer name

    • doInitialize

      protected void doInitialize() throws ComponentInitializationException
      Overrides:
      doInitialize in class AbstractInitializableComponent
      Throws:
      ComponentInitializationException

    • doPreExecute

      protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action's pre-execute step. Default implementation just returns true.
      Overrides:
      doPreExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context
      Returns:
      true iff execution should continue