Package net.shibboleth.idp.saml.idwsf.profile.config

Class SSOSProfileConfiguration

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.profile.config.AbstractProfileConfiguration

net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration

net.shibboleth.idp.saml.saml2.profile.config.AbstractSAML2ProfileConfiguration

net.shibboleth.idp.saml.saml2.profile.config.AbstractSAML2ArtifactAwareProfileConfiguration

net.shibboleth.idp.saml.saml2.profile.config.BrowserSSOProfileConfiguration

net.shibboleth.idp.saml.idwsf.profile.config.SSOSProfileConfiguration

All Implemented Interfaces:

AuthenticationProfileConfiguration, AttributeResolvingProfileConfiguration, ConditionalProfileConfiguration, ProfileConfiguration, SAMLArtifactAwareProfileConfiguration, SAMLArtifactConsumerProfileConfiguration, SAMLProfileConfiguration, SAML2ProfileConfiguration, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

public class SSOSProfileConfiguration
extends BrowserSSOProfileConfiguration

Configuration support for the Liberty ID-WSF SSOS profile.

Field Summary

Fields

Modifier and Type	Field	Description
private Predicate<ProfileRequestContext>	delegationPredicate	Predicate used to determine if a token may be delegated to a relying party.
static final String	PROFILE_ID	ID for this profile configuration.

Fields inherited from class net.shibboleth.idp.saml.saml2.profile.config.BrowserSSOProfileConfiguration

DEFAULT_DELEGATION_CHAIN_LENGTH, FEATURE_AUTHNCONTEXT, FEATURE_SCOPING

Fields inherited from class net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration

DEFAULT_ASSERTION_LIFETIME

Fields inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

DEFAULT_DISALLOWED_FEATURES

Constructor Summary

Constructors

Modifier	Constructor	Description
	SSOSProfileConfiguration()	Constructor.
protected	SSOSProfileConfiguration(String profileId)	Constructor.

Method Summary

Modifier and Type	Method	Description
boolean	isDelegation(ProfileRequestContext profileRequestContext)	Get whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.
void	setDelegation(boolean flag)	Set whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.
void	setDelegationPredicate(Predicate<ProfileRequestContext> predicate)	Sets the predicate used to determine whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.

Methods inherited from class net.shibboleth.idp.saml.saml2.profile.config.BrowserSSOProfileConfiguration

getAuthenticationFlows, getAuthnContextComparison, getAuthnContextTranslationStrategy, getAuthnContextTranslationStrategyEx, getDefaultAuthenticationMethods, getMaximumSPSessionLifetime, getMaximumTimeSinceAuthn, getMaximumTokenDelegationChainLength, getNameIDFormatPrecedence, getPostAuthenticationFlows, isAllowDelegation, isCheckAddress, isForceAuthn, isIgnoreScoping, isIncludeAttributeStatement, isProxiedAuthnInstant, isRequireSignedRequests, isResolveAttributes, isSkipEndpointValidationWhenSigned, isSuppressAuthenticatingAuthority, setAllowDelegation, setAllowDelegationPredicate, setAuthenticationFlows, setAuthenticationFlowsLookupStrategy, setAuthnContextComparison, setAuthnContextComparisonLookupStrategy, setAuthnContextTranslationStrategy, setAuthnContextTranslationStrategyEx, setAuthnContextTranslationStrategyExLookupStrategy, setAuthnContextTranslationStrategyLookupStrategy, setCheckAddress, setCheckAddressPredicate, setDefaultAuthenticationMethods, setDefaultAuthenticationMethodsLookupStrategy, setForceAuthn, setForceAuthnPredicate, setIgnoreScoping, setIgnoreScopingPredicate, setIncludeAttributeStatement, setIncludeAttributeStatementPredicate, setMaximumSPSessionLifetime, setMaximumSPSessionLifetimeLookupStrategy, setMaximumTimeSinceAuthn, setMaximumTimeSinceAuthnLookupStrategy, setMaximumTokenDelegationChainLength, setMaximumTokenDelegationChainLengthLookupStrategy, setNameIDFormatPrecedence, setNameIDFormatPrecedenceLookupStrategy, setPostAuthenticationFlows, setPostAuthenticationFlowsLookupStrategy, setProxiedAuthnInstant, setProxiedAuthnInstantPredicate, setRequireSignedRequests, setRequireSignedRequestsPredicate, setResolveAttributes, setResolveAttributesPredicate, setSkipEndpointValidationWhenSigned, setSkipEndpointValidationWhenSignedPredicate, setSuppressAuthenticatingAuthority, setSuppressAuthenticatingAuthorityPredicate

Methods inherited from class net.shibboleth.idp.saml.saml2.profile.config.AbstractSAML2ArtifactAwareProfileConfiguration

getArtifactConfiguration, isClientTLSArtifactRequests, isSignArtifactRequests, setArtifactConfiguration, setArtifactConfigurationLookupStrategy, setClientTLSArtifactRequests, setClientTLSArtifactRequestsPredicate, setSignArtifactRequests, setSignArtifactRequestsPredicate

Methods inherited from class net.shibboleth.idp.saml.saml2.profile.config.AbstractSAML2ProfileConfiguration

getProxyAudiences, getProxyCount, isEncryptAssertions, isEncryptAttributes, isEncryptionOptional, isEncryptNameIDs, isIgnoreRequestSignatures, setEncryptAssertions, setEncryptAssertionsPredicate, setEncryptAttributes, setEncryptAttributesPredicate, setEncryptionOptional, setEncryptionOptionalPredicate, setEncryptNameIDs, setEncryptNameIDsPredicate, setIgnoreRequestSignatures, setIgnoreRequestSignaturesPredicate, setProxyAudiences, setProxyAudiencesLookupStrategy, setProxyCount, setProxyCountLookupStrategy

Methods inherited from class net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration

getAdditionalAudiencesForAssertion, getAssertionLifetime, isIncludeConditionsNotBefore, isSignAssertions, isSignRequests, isSignResponses, setAdditionalAudiencesForAssertion, setAdditionalAudiencesForAssertionLookupStrategy, setAssertionLifetime, setAssertionLifetimeLookupStrategy, setIncludeConditionsNotBefore, setIncludeConditionsNotBeforePredicate, setSignAssertions, setSignAssertionsPredicate, setSignRequests, setSignRequestsPredicate, setSignResponses, setSignResponsesPredicate

Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

getActivationCondition, setActivationCondition

Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

doInitialize, getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration

getProxyCount, isLocal

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows, getSecurityConfiguration

Methods inherited from interface net.shibboleth.idp.saml.profile.config.SAMLProfileConfiguration

getAdditionalAudiencesForAssertion, getAssertionLifetime, isIncludeConditionsNotBefore, isSignAssertions, isSignRequests, isSignResponses

Field Details

PROFILE_ID

@Nonnull
@NotEmpty
public static final String PROFILE_ID

ID for this profile configuration.

See Also:

• Constant Field Values

delegationPredicate

@Nonnull
private Predicate<ProfileRequestContext> delegationPredicate

Predicate used to determine if a token may be delegated to a relying party.

Constructor Details

SSOSProfileConfiguration

public SSOSProfileConfiguration()

Constructor.

SSOSProfileConfiguration

protected SSOSProfileConfiguration(@Nonnull @NotEmpty
 String profileId)

Constructor.

Parameters:

profileId - unique ID for this profile

Method Details

isDelegation

public boolean isDelegation(@Nullable
 ProfileRequestContext profileRequestContext)

Get whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.

Parameters:

profileRequestContext - current profile request context

Returns:

suitability of token for delegated authentication

setDelegation

public void setDelegation(boolean flag)

Set whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.

Parameters:

flag - flag to set

setDelegationPredicate

public void setDelegationPredicate(@Nonnull
 Predicate<ProfileRequestContext> predicate)

Sets the predicate used to determine whether a delegated token presented to the IdP by another non-user entity may be used to complete SAML 2 SSO to this relying party.

Parameters:

predicate - the new delegation predicate