Package org.opensaml.saml.metadata.resolver.filter.impl

Class EntityRoleFilter

java.lang.Object
org.opensaml.saml.metadata.resolver.filter.impl.EntityRoleFilter
All Implemented Interfaces:
MetadataFilter
public class EntityRoleFilter extends Object implements MetadataFilter
A filter that removes roles from an entity descriptor. For those roles specified within the SAML metadata specification the role element QName is used to identify the role. For other roles, those that appear as <RoleDescriptor xsi:type="someRoleType"> the role schema type is used to identify the role. If the entity descriptor does not contain any roles after filter it may, optionally be removed as well. If the root element of the metadata document is an entity descriptor it will never be removed, regardless of of whether it still contains roles. If and entities descriptor does not contains any entity descriptors after filter it may, optionally, be removed as well. If the root element of the metadata document is an entities descriptor it will never be removed, regardless of of whether it still contains entity descriptors.

  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.

    • retainedRoles

      @Nonnull @NonnullElements private List<QName> retainedRoles
      List of roles that are NOT removed by this filter.

    • removeRolelessEntityDescriptors

      private boolean removeRolelessEntityDescriptors
      Whether to keep entity descriptors that contain no roles; default value: true.

    • removeEmptyEntitiesDescriptors

      private boolean removeEmptyEntitiesDescriptors
      Whether to keep entities descriptors that contain no entity descriptors; default value: true.

    • extRoleDescriptor

      @Nonnull private final QName extRoleDescriptor
      QName of extension role element.

  • Constructor Details

  • Method Details

    • getRoleWhiteList

      @Deprecated(forRemoval=true, since="4.1.0") @Nonnull @NonnullElements @Unmodifiable @NotLive public List<QName> getRoleWhiteList()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Get the unmodifiable list of roles that are NOT removed by this filter.
      Returns:
      unmodifiable list of roles that are NOT removed by this filter

    • getRetainedRoles

      @Nonnull @NonnullElements @Unmodifiable @NotLive public List<QName> getRetainedRoles()
      Get the unmodifiable list of roles that are NOT removed by this filter.
      Returns:
      unmodifiable list of roles that are NOT removed by this filter

    • getRemoveRolelessEntityDescriptors

      public boolean getRemoveRolelessEntityDescriptors()
      Get whether to remove an entity descriptor if it does not contain any roles after filtering.
      Returns:
      whether to remove an entity descriptor if it does not contain any roles after filtering

    • setRemoveRolelessEntityDescriptors

      public void setRemoveRolelessEntityDescriptors(boolean remove)
      Set whether to remove an entity descriptor if it does not contain any roles after filtering.
      Parameters:
      remove - whether to remove an entity descriptor if it does not contain any roles after filtering

    • getRemoveEmptyEntitiesDescriptors

      public boolean getRemoveEmptyEntitiesDescriptors()
      Get whether to remove an entities descriptor if it does not contain any entity descriptor or entities descriptors.
      Returns:
      whether to remove an entities descriptor if it does not contain any entity descriptor or entities descriptors

    • setRemoveEmptyEntitiesDescriptors

      public void setRemoveEmptyEntitiesDescriptors(boolean remove)
      Set whether to remove an entities descriptor if it does not contain any entity descriptor or entities descriptors.
      Parameters:
      remove - whether to remove an entities descriptor if it does not contain any entity descriptor or entities descriptors

    • filter

      @Nullable public XMLObject filter(@Nullable XMLObject metadata, @Nonnull MetadataFilterContext context) throws FilterException
      Filters the given metadata, perhaps to remove elements that are not wanted.
      Specified by:
      filter in interface MetadataFilter
      Parameters:
      metadata - the metadata to be filtered.
      context - the metadata filter context
      Returns:
      the filtered XMLObject, which may or may not be the same as the XMLObject instance passed in to the method. Maybe be null, for example if the top-level element was removed by the filter.
      Throws:
      FilterException - thrown if an error occurs during the filtering process

    • filterEntitiesDescriptor

      protected void filterEntitiesDescriptor(@Nonnull EntitiesDescriptor descriptor) throws FilterException
      Filters EntitiesDescriptor.
      Parameters:
      descriptor - entities descriptor to filter
      Throws:
      FilterException - thrown if an effective role name can not be determined

    • filterEntityDescriptor

      protected void filterEntityDescriptor(@Nonnull EntityDescriptor descriptor) throws FilterException
      Filters entity descriptor roles.
      Parameters:
      descriptor - entity descriptor to filter
      Throws:
      FilterException - thrown if an effective role name can not be determined

    • getRoleName

      protected QName getRoleName(@Nonnull RoleDescriptor role) throws FilterException
      Gets the effective name for the role. This is either the element QName for roles defined within the SAML metadata specification or the element schema type QName for those that are not.
      Parameters:
      role - role to get the effective name for
      Returns:
      effective name of the role
      Throws:
      FilterException - thrown if the effective role name can not be determined