Package net.shibboleth.idp.saml.saml2.profile.impl

Class SAMLAuthnController

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.idp.saml.saml2.profile.impl.SAMLAuthnController

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent

@Controller
@RequestMapping("%{idp.authn.SAML.externalAuthnPath:/Authn/SAML2}")
public class SAMLAuthnController
extends AbstractInitializableComponent

MVC controller that handles outbound and inbound message I/O for proxied SAML authentication.

Outbound messaging is necessary to ensure webflow hygiene with respect to flow state, and inbound messaging is necessary to ensure a fixed URL for SAML endpoint management.

Since:

4.0.0

Field Summary

Fields

Modifier and Type	Field	Description
private Map<String,BindingDescriptor>	bindingMap	Map of binding short names to deduce inbound binding constant.
private final org.slf4j.Logger	log	Class logger.
private Function<ProfileRequestContext,ProfileRequestContext>	profileRequestContextLookupStrategy	Lookup strategy to locate the nested ProfileRequestContext.
private Function<ProfileRequestContext,SAMLAuthnContext>	samlContextLookupStrategy	Lookup strategy to locate the SAML context.

Constructor Summary

Constructors

Constructor	Description
SAMLAuthnController()	Constructor.

Method Summary

Modifier and Type	Method	Description
void	finishSAML(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String binding)	Inbound completion of the process, triggered by default for any methods.
void	setInboundBindings(Collection<BindingDescriptor> bindings)	Set inbound bindings to use to deduce ProtocolBinding attribute.
void	setProfileRequestContextLookupStrategy(Function<ProfileRequestContext,ProfileRequestContext> strategy)	Set the lookup strategy used to locate the nested ProfileRequestContext.
void	setSAMLAuthnContextLookupStrategy(Function<ProfileRequestContext,SAMLAuthnContext> strategy)	Set the lookup strategy used to locate the SAMLAuthnContext.
void	startSAML(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String binding)	Outbound initiation of the process, triggered with a fixed addition to the path.

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

profileRequestContextLookupStrategy

@Nonnull
private Function<ProfileRequestContext,ProfileRequestContext> profileRequestContextLookupStrategy

Lookup strategy to locate the nested ProfileRequestContext.

samlContextLookupStrategy

@Nonnull
private Function<ProfileRequestContext,SAMLAuthnContext> samlContextLookupStrategy

Lookup strategy to locate the SAML context.

bindingMap

@Nonnull
@NonnullElements
private Map<String,BindingDescriptor> bindingMap

Map of binding short names to deduce inbound binding constant.

Constructor Details

SAMLAuthnController

public SAMLAuthnController()

Constructor.

Method Details

setProfileRequestContextLookupStrategy

public void setProfileRequestContextLookupStrategy(@Nonnull
 Function<ProfileRequestContext,ProfileRequestContext> strategy)

Set the lookup strategy used to locate the nested ProfileRequestContext.

Parameters:

strategy - lookup strategy

setSAMLAuthnContextLookupStrategy

public void setSAMLAuthnContextLookupStrategy(@Nonnull
 Function<ProfileRequestContext,SAMLAuthnContext> strategy)

Set the lookup strategy used to locate the SAMLAuthnContext.

Parameters:

strategy - lookup strategy

setInboundBindings

public void setInboundBindings(@Nullable @NonnullElements
 Collection<BindingDescriptor> bindings)

Set inbound bindings to use to deduce ProtocolBinding attribute.

Parameters:

bindings - the bindings to set

startSAML

@GetMapping("/{binding}/SSO/start")
@Nullable
public void startSAML(@Nonnull
 javax.servlet.http.HttpServletRequest httpRequest,
 @Nonnull
 javax.servlet.http.HttpServletResponse httpResponse,
 @PathVariable @Nonnull @NotEmpty
 String binding)
               throws ExternalAuthenticationException,
IOException

Outbound initiation of the process, triggered with a fixed addition to the path.

Parameters:

httpRequest - servlet request

httpResponse - servlet response

binding - a key for the eventual inbound binding

Throws:

ExternalAuthenticationException - if an error occurs

IOException - if an I/O error occurs

finishSAML

@RequestMapping("/{binding}/SSO")
@Nullable
public void finishSAML(@Nonnull
 javax.servlet.http.HttpServletRequest httpRequest,
 @Nonnull
 javax.servlet.http.HttpServletResponse httpResponse,
 @PathVariable @Nonnull @NotEmpty
 String binding)
                throws ExternalAuthenticationException,
IOException

Inbound completion of the process, triggered by default for any methods.

Parameters:

httpRequest - servlet request

httpResponse - servlet response

binding - a key for the inbound binding

Throws:

ExternalAuthenticationException - if an error occurs

IOException - if an I/O error occurs