Class ProcessRequestedAuthnContext
java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.authn.AbstractAuthenticationAction
net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
An authentication action that processes the
RequestedAuthnContext in a SAML 2 AuthnRequest,
and populates a RequestedPrincipalContext with the corresponding information.
If this feature is disallowed by profile configuration, then an error event is signaled.
Each requested context class or declaration reference is translated into a custom Principal
for use by the authentication subsystem to drive flow selection.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AuthnRequestThe request message to read from.private Function<ProfileRequestContext,AuthnRequest> Lookup strategy function for obtainingAuthnRequest.Context URIs to ignore in a request.private final org.slf4j.LoggerClass logger.Strategy used to look up aRelyingPartyContextfor configuration options. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext) Performs this authentication action.protected booleandoPreExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext) Performs this authentication action's pre-execute step.voidSet the strategy used to locate theAuthnRequestto read from.voidsetIgnoredContexts(Collection<String> contexts) Set the context class or declaration URIs to ignore if found in a request.voidSet the strategy used to return theRelyingPartyContextfor configuration options.Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doPreExecute, setAuthenticationContextLookupStrategyMethods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, setHttpServletRequest, setHttpServletRequestSupplier, setHttpServletResponse, setHttpServletResponseSupplierMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
relyingPartyContextLookupStrategy
@Nonnull private Function<ProfileRequestContext,RelyingPartyContext> relyingPartyContextLookupStrategyStrategy used to look up aRelyingPartyContextfor configuration options. -
authnRequestLookupStrategy
Lookup strategy function for obtainingAuthnRequest. -
ignoredContexts
Context URIs to ignore in a request. -
authnRequest
The request message to read from.
-
-
Constructor Details
-
ProcessRequestedAuthnContext
public ProcessRequestedAuthnContext()Constructor.
-
-
Method Details
-
setRelyingPartyContextLookupStrategy
public void setRelyingPartyContextLookupStrategy(@Nonnull Function<ProfileRequestContext, RelyingPartyContext> strategy) Set the strategy used to return theRelyingPartyContextfor configuration options.- Parameters:
strategy- lookup strategy- Since:
- 3.3.0
-
setAuthnRequestLookupStrategy
public void setAuthnRequestLookupStrategy(@Nonnull Function<ProfileRequestContext, AuthnRequest> strategy) Set the strategy used to locate theAuthnRequestto read from.- Parameters:
strategy- lookup strategy
-
setIgnoredContexts
Set the context class or declaration URIs to ignore if found in a request.This defaults to only
AuthnContext.UNSPECIFIED_AUTHN_CTX.- Parameters:
contexts- contexts to ignore
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) Performs this authentication action's pre-execute step. Default implementation just returns true.- Overrides:
doPreExecutein classAbstractAuthenticationAction- Parameters:
profileRequestContext- the current IdP profile request contextauthenticationContext- the current authentication context- Returns:
- true iff execution should continue
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) Performs this authentication action. Default implementation throws an exception.- Overrides:
doExecutein classAbstractAuthenticationAction- Parameters:
profileRequestContext- the current IdP profile request contextauthenticationContext- the current authentication context
-