public class ValidateUserAgentAddress extends AbstractValidationAction
UserAgentContext
is within a given range and generates an AuthenticationResult.EventIds.PROCEED_EVENT_ID, EventIds.INVALID_PROFILE_CTX, AuthnEventIds.NO_CREDENTIALS, AuthnEventIds.INVALID_CREDENTIALSProfileRequestContext.getSubcontext(AuthenticationContext.class, false).getAttemptedFlow() != null
AuthenticationResult is saved to the
AuthenticationContext.| Modifier and Type | Field and Description |
|---|---|
private static String |
DEFAULT_METRIC_NAME
Default prefix for metrics.
|
private org.slf4j.Logger |
log
Class logger.
|
private Map<String,Collection<IPRange>> |
mappings
Map of IP ranges to principal names.
|
private String |
principalName
The principal name established by the action, if any.
|
private UserAgentContext |
uaContext
User Agent context containing address to evaluate.
|
| Constructor and Description |
|---|
ValidateUserAgentAddress()
Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
doExecute(ProfileRequestContext profileRequestContext,
AuthenticationContext authenticationContext) |
protected boolean |
doPreExecute(ProfileRequestContext profileRequestContext,
AuthenticationContext authenticationContext) |
private boolean |
isAuthenticated(InetAddress address,
Collection<IPRange> ranges)
Checks whether the given IP address meets a set of IP range requirements.
|
protected Subject |
populateSubject(Subject subject) |
void |
setMappings(Map<String,Collection<IPRange>> newMappings)
Set the IP range(s) to authenticate as particular principals.
|
addDefaultPrincipals, buildAuthenticationResult, getClassifiedErrors, getMetricName, getResultCachingPredicate, getSubject, getSupportedPrincipals, handleError, handleError, handleWarning, recordFailure, recordSuccess, setAddDefaultPrincipals, setClassifiedMessages, setMetricName, setRequesterLookupStrategy, setResponderLookupStrategy, setResultCachingPredicate, setSupportedPrincipalsdoExecute, doPreExecute, setLookupStrategydoExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategygetActivationCondition, setActivationConditiondoPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponsedestroy, doDestroy, doInitialize, initialize, isDestroyed, isInitializedclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitinitialize, isInitialized@Nonnull @NotEmpty private static final String DEFAULT_METRIC_NAME
@Nonnull private final org.slf4j.Logger log
@Nonnull @NonnullElements private Map<String,Collection<IPRange>> mappings
@Nullable private UserAgentContext uaContext
public void setMappings(@Nonnull@NonnullElements Map<String,Collection<IPRange>> newMappings)
newMappings - the IP range(s) to authenticate as particular principalsprotected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
doPreExecute in class AbstractValidationActionprotected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
doExecute in class AbstractAuthenticationActionprivate boolean isAuthenticated(@Nonnull InetAddress address, @Nonnull@NonnullElements Collection<IPRange> ranges)
address - the IP address to checkranges - the ranges to check@Nonnull protected Subject populateSubject(@Nonnull Subject subject)
populateSubject in class AbstractValidationActionCopyright © 1999–2018 Shibboleth Consortium. All rights reserved.