Package net.shibboleth.idp.profile.impl
Class FilterAttributes
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
Action that invokes the
AttributeFilter for the current request.- Event:
EventIds.PROCEED_EVENT_ID,IdPEventIds.UNABLE_FILTER_ATTRIBS- Postcondition:
- If resolution is successful, the relevant RelyingPartyContext.getSubcontext(AttributeContext.class, false) != null
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AttributeContextAttributeContext to filter.Strategy used to locate theAttributeContextto filter.private final ReloadableService<AttributeFilter>Service used to get the engine used to filter attributes.Strategy used to locate or create theAttributeFilterContext.private Function<ProfileRequestContext,String> Strategy used to locate the identity of the issuer associated with the attribute filtering.Strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext.Strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenAttributeFilterContext.private final org.slf4j.LoggerClass logger.private booleanWhether to treat resolver errors as equivalent to resolving no attributes.Strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext.Strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenAttributeFilterContext.private MetadataResolverOptional supplemental metadata source.private Function<ProfileRequestContext,String> Strategy used to locate the principal name associated with the attribute filtering.Strategy to locate the effectively rootedProfileRequestContextfrom theAttributeFilterContext.Strategy used to locate theSAMLMetadataContextfor the proxied requester via theAttributeFilterContext.Strategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext.Strategy used to locate theSAMLMetadataContextfor the proxied requester.Strategy used to locate theProxiedRequesterContextassociated with a givenAttributeFilterContext.private Function<ProfileRequestContext,String> Strategy used to locate the identity of the recipient associated with the attribute filtering. -
Constructor Summary
ConstructorsConstructorDescriptionFilterAttributes(ReloadableService<AttributeFilter> filterService) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoExecute(ProfileRequestContext profileRequestContext) protected booleandoPreExecute(ProfileRequestContext profileRequestContext) private voidpopulateFilterContext(ProfileRequestContext profileRequestContext, AttributeFilterContext filterContext) Fill in the filter context data.voidSet the strategy used to locate theAttributeContextassociated with a givenProfileRequestContext.voidSet the strategy used to locate or create theAttributeFilterContextto populate.voidSet the strategy used to lookup the issuer for this attribute filtering.voidsetIssuerMetadataContextLookupStrategy(Function<ProfileRequestContext, SAMLMetadataContext> strategy) Sets the strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext.voidsetMaskFailures(boolean flag) Set whether to treat resolution failure as equivalent to resolving no attributes.voidSets the strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext.voidsetMetadataResolver(MetadataResolver resolver) Set a metadata source to use during filtering.voidSet the strategy used to locate the principal name for this attribute filtering.voidsetProxiedRequesterContextLookupStrategy(Function<ProfileRequestContext, ProxiedRequesterContext> strategy) Sets the strategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext.voidsetProxiedRequesterMetadataContextLookupStrategy(Function<ProfileRequestContext, SAMLMetadataContext> strategy) Sets the strategy used to locate proxied requester metadata.voidSet the strategy used to lookup the recipient for this attribute filtering.Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, setHttpServletRequest, setHttpServletRequestSupplier, setHttpServletResponse, setHttpServletResponseSupplierMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
attributeFilterService
Service used to get the engine used to filter attributes. -
metadataResolver
Optional supplemental metadata source. -
issuerLookupStrategy
Strategy used to locate the identity of the issuer associated with the attribute filtering. -
recipientLookupStrategy
Strategy used to locate the identity of the recipient associated with the attribute filtering. -
filterContextCreationStrategy
@Nonnull private Function<ProfileRequestContext,AttributeFilterContext> filterContextCreationStrategyStrategy used to locate or create theAttributeFilterContext. -
attributeContextLookupStrategy
Strategy used to locate theAttributeContextto filter. -
principalNameLookupStrategy
Strategy used to locate the principal name associated with the attribute filtering. -
profileRequestContextFromFilterLookupStrategy
@Nonnull private Function<AttributeFilterContext,ProfileRequestContext> profileRequestContextFromFilterLookupStrategyStrategy to locate the effectively rootedProfileRequestContextfrom theAttributeFilterContext. -
issuerMetadataContextLookupStrategy
@Nullable private Function<ProfileRequestContext,SAMLMetadataContext> issuerMetadataContextLookupStrategyStrategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext. -
issuerMetadataFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,SAMLMetadataContext> issuerMetadataFromFilterLookupStrategyStrategy used to locate theSAMLMetadataContextfor the issuer associated with a givenAttributeFilterContext. -
metadataContextLookupStrategy
Strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext. -
metadataFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,SAMLMetadataContext> metadataFromFilterLookupStrategyStrategy used to locate theSAMLMetadataContextfor the recipient associated with a givenAttributeFilterContext. -
proxiedRequesterContextLookupStrategy
@Nullable private Function<ProfileRequestContext,ProxiedRequesterContext> proxiedRequesterContextLookupStrategyStrategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext. -
proxiesFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,ProxiedRequesterContext> proxiesFromFilterLookupStrategyStrategy used to locate theProxiedRequesterContextassociated with a givenAttributeFilterContext. -
proxiedRequesterMetadataLookupStrategy
@Nullable private Function<ProfileRequestContext,SAMLMetadataContext> proxiedRequesterMetadataLookupStrategyStrategy used to locate theSAMLMetadataContextfor the proxied requester. -
proxiedMetadataFromFilterLookupStrategy
@Nullable private Function<AttributeFilterContext,SAMLMetadataContext> proxiedMetadataFromFilterLookupStrategyStrategy used to locate theSAMLMetadataContextfor the proxied requester via theAttributeFilterContext. -
maskFailures
private boolean maskFailuresWhether to treat resolver errors as equivalent to resolving no attributes. -
attributeContext
AttributeContext to filter.
-
-
Constructor Details
-
FilterAttributes
Constructor.- Parameters:
filterService- engine used to filter attributes
-
-
Method Details
-
setMetadataResolver
Set a metadata source to use during filtering.- Parameters:
resolver- metadata resolver- Since:
- 3.4.0
-
setIssuerLookupStrategy
Set the strategy used to lookup the issuer for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setRecipientLookupStrategy
Set the strategy used to lookup the recipient for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setFilterContextCreationStrategy
public void setFilterContextCreationStrategy(@Nonnull Function<ProfileRequestContext, AttributeFilterContext> strategy) Set the strategy used to locate or create theAttributeFilterContextto populate.- Parameters:
strategy- lookup/creation strategy
-
setAttributeContextLookupStrategy
public void setAttributeContextLookupStrategy(@Nonnull Function<ProfileRequestContext, AttributeContext> strategy) Set the strategy used to locate theAttributeContextassociated with a givenProfileRequestContext.- Parameters:
strategy- strategy used to locate theAttributeContextassociated with a givenProfileRequestContext
-
setPrincipalNameLookupStrategy
public void setPrincipalNameLookupStrategy(@Nonnull Function<ProfileRequestContext, String> strategy) Set the strategy used to locate the principal name for this attribute filtering.- Parameters:
strategy- lookup strategy
-
setIssuerMetadataContextLookupStrategy
public void setIssuerMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext, SAMLMetadataContext> strategy) Sets the strategy used to locate theSAMLMetadataContextfor the issuer associated with a givenProfileRequestContext. Also sets the strategy to find theSAMLMetadataContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy
-
setMetadataContextLookupStrategy
public void setMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext, SAMLMetadataContext> strategy) Sets the strategy used to locate theSAMLMetadataContextfor the recipient associated with a givenProfileRequestContext. Also sets the strategy to find theSAMLMetadataContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy
-
setProxiedRequesterContextLookupStrategy
public void setProxiedRequesterContextLookupStrategy(@Nullable Function<ProfileRequestContext, ProxiedRequesterContext> strategy) Sets the strategy used to locate theProxiedRequesterContextassociated with a givenProfileRequestContext. Also sets the strategy to find theProxiedRequesterContextfrom theAttributeFilterContext.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
setProxiedRequesterMetadataContextLookupStrategy
public void setProxiedRequesterMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext, SAMLMetadataContext> strategy) Sets the strategy used to locate proxied requester metadata.- Parameters:
strategy- lookup strategy- Since:
- 4.2.0
-
setMaskFailures
public void setMaskFailures(boolean flag) Set whether to treat resolution failure as equivalent to resolving no attributes.This matches the behavior of V2.
- Parameters:
flag- flag to set
-
doPreExecute
- Overrides:
doPreExecutein classAbstractConditionalProfileAction
-
doExecute
- Overrides:
doExecutein classAbstractProfileAction
-
populateFilterContext
private void populateFilterContext(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AttributeFilterContext filterContext) Fill in the filter context data.- Parameters:
profileRequestContext- current profile request contextfilterContext- context to populate
-