Class InitializeAuthenticationContext
java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
An action that creates an
AuthenticationContext and attaches it to the current ProfileRequestContext.
If the incoming message is a SAML 2.0 AuthnRequest, then basic authentication policy (IsPassive,
ForceAuthn, Scoping) is copied into the context from the request.
- Event:
EventIds.PROCEED_EVENT_ID,EventIds.ACCESS_DENIED- Postcondition:
- ProfileRequestContext.getSubcontext(AuthenticationContext.class) != true, SAML 2.0 AuthnRequest policy flags are (optionally) copied to the
AuthenticationContext
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AuthnRequestIncoming SAML 2.0 request, if present.private Predicate<ProfileRequestContext>Extracts forceAuthn property from profile config.private Predicate<ProfileRequestContext>Extracts ignoreScoping property from profile config.private final org.slf4j.LoggerClass logger.private Function<ProfileRequestContext,Integer> Strategy used to determine proxy count from configuration.Strategy used to look up aRelyingPartyContextfor configuration options.private Function<ProfileRequestContext,AuthnRequest> Strategy used to locate theAuthnRequestto operate on, if any. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoExecute(ProfileRequestContext profileRequestContext) protected booleandoPreExecute(ProfileRequestContext profileRequestContext) private booleanprocessScoping(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext) Check an inboundAuthnRequestfor aScopingelement.voidsetForceAuthnPredicate(Predicate<ProfileRequestContext> condition) Set the predicate to apply to derive the message-independent forced authn default.voidsetIgnoreScopingPredicate(Predicate<ProfileRequestContext> condition) Set the predicate to apply to determine whether to ignore any inboundScopingelement.voidSet the lookup function to apply to derive the proxy count from the configuration.voidSet the strategy used to return theRelyingPartyContextfor configuration options.voidSet the strategy used to locate theAuthnRequestto examine, if any.Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponseMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
relyingPartyContextLookupStrategy
@Nonnull private Function<ProfileRequestContext,RelyingPartyContext> relyingPartyContextLookupStrategyStrategy used to look up aRelyingPartyContextfor configuration options. -
forceAuthnPredicate
Extracts forceAuthn property from profile config. -
ignoreScopingPredicate
Extracts ignoreScoping property from profile config. -
proxyCountLookupStrategy
Strategy used to determine proxy count from configuration. -
requestLookupStrategy
Strategy used to locate theAuthnRequestto operate on, if any. -
authnRequest
Incoming SAML 2.0 request, if present.
-
-
Constructor Details
-
InitializeAuthenticationContext
public InitializeAuthenticationContext()Constructor.
-
-
Method Details
-
setRelyingPartyContextLookupStrategy
public void setRelyingPartyContextLookupStrategy(@Nonnull Function<ProfileRequestContext, RelyingPartyContext> strategy) Set the strategy used to return theRelyingPartyContextfor configuration options.- Parameters:
strategy- lookup strategy- Since:
- 4.0.0
-
setForceAuthnPredicate
Set the predicate to apply to derive the message-independent forced authn default.- Parameters:
condition- condition to set- Since:
- 3.4.0
-
setIgnoreScopingPredicate
Set the predicate to apply to determine whether to ignore any inboundScopingelement.- Parameters:
condition- condition to set- Since:
- 4.0.0
-
setProxyCountLookupStrategy
Set the lookup function to apply to derive the proxy count from the configuration.- Parameters:
strategy- lookup strategy- Since:
- 4.0.0
-
setRequestLookupStrategy
public void setRequestLookupStrategy(@Nonnull Function<ProfileRequestContext, AuthnRequest> strategy) Set the strategy used to locate theAuthnRequestto examine, if any.- Parameters:
strategy- strategy used to locate theAuthnRequest
-
doPreExecute
- Overrides:
doPreExecutein classAbstractConditionalProfileAction
-
doExecute
- Overrides:
doExecutein classAbstractProfileAction
-
processScoping
private boolean processScoping(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) Check an inboundAuthnRequestfor aScopingelement.- Parameters:
profileRequestContext- current profile request contextauthenticationContext- the context to populate- Returns:
- true iff processing should continue
-