Class SAML2SPSessionCreationStrategy

All Implemented Interfaces:

public class SAML2SPSessionCreationStrategy extends Object implements Function<ProfileRequestContext,SPSession>
A function to create a SAML2SPSession based on profile execution state.

This strategy is a default approach that uses a RelyingPartyContext via lookup strategy to obtain a requester value, used as the SPSession's relying party ID. The authentication flow ID comes from the AuthenticationResult in the AuthenticationContext. The session has a creation time based on the time of execution, and the expiration is based on a configurable lifetime, bounded by the per-SP lifetime setting for the profile.

The SAML 2 specific data is extracted from the first assertion containing an authn statement found in a Response message located via a lookup strategy, by default the outbound message context. Failure to locate any of this data will cause a null return value.

  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.
    • sessionLifetime

      @Nonnull private final Duration sessionLifetime
      Lifetime of sessions to create.
    • relyingPartyContextLookupStrategy

      @Nonnull private Function<ProfileRequestContext,RelyingPartyContext> relyingPartyContextLookupStrategy
      RelyingPartyContext lookup strategy.
    • responseLookupStrategy

      @Nonnull private Function<ProfileRequestContext,Response> responseLookupStrategy
      Response lookup strategy.
  • Constructor Details

    • SAML2SPSessionCreationStrategy

      public SAML2SPSessionCreationStrategy(@Nonnull Duration lifetime)
      lifetime - determines upper bound for expiration of SAML2SPSession to be created
  • Method Details