Package net.shibboleth.idp.authn.impl

Class ExtractRemoteUser

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.authn.AbstractAuthenticationAction

net.shibboleth.idp.authn.AbstractExtractionAction

net.shibboleth.idp.authn.impl.ExtractRemoteUser

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractRemoteUser
extends AbstractExtractionAction

An action that extracts an asserted user identity from the incoming request, creates a UsernameContext, and attaches it to the AuthenticationContext.

Event:

EventIds.PROCEED_EVENT_ID, AuthnEventIds.NO_CREDENTIALS

Precondition:

ProfileRequestContext.getSubcontext(AuthenticationContext.class, false) != null

Postcondition:

If getHttpServletRequest() != null, the content of either the getRemoteUser() method or a designated header or attribute will be attached via a UsernameContext.

Field Summary

Fields

Modifier and Type	Field	Description
private Collection<String>	checkAttributes	List of request attributes to check for an identity.
private Collection<String>	checkHeaders	List of request headers to check for an identity.
private boolean	checkRemoteUser	Whether to check REMOTE_USER for an identity.
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
ExtractRemoteUser()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)
protected void	doInitialize()
void	setCheckAttributes(Collection<String> attributes)	Set the list of request attributes to check for an identity.
void	setCheckHeaders(Collection<String> headers)	Set the list of request headers to check for an identity.
void	setCheckRemoteUser(boolean flag)	Set whether to check REMOTE_USER for an identity.

Methods inherited from class net.shibboleth.idp.authn.AbstractExtractionAction

applyTransforms, setLowercase, setTransforms, setTrim, setUppercase

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

doExecute, doPreExecute, doPreExecute, setAuthenticationContextLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

checkRemoteUser

private boolean checkRemoteUser

Whether to check REMOTE_USER for an identity. Defaults to true.

checkAttributes

@Nonnull
@NonnullElements
private Collection<String> checkAttributes

List of request attributes to check for an identity.

checkHeaders

@Nonnull
@NonnullElements
private Collection<String> checkHeaders

List of request headers to check for an identity.

Constructor Detail

ExtractRemoteUser

public ExtractRemoteUser()

Constructor.

Method Detail

setCheckRemoteUser

public void setCheckRemoteUser(boolean flag)

Set whether to check REMOTE_USER for an identity.

Parameters:

flag - value to set

setCheckAttributes

public void setCheckAttributes(@Nullable @NonnullElements
                               Collection<String> attributes)

Set the list of request attributes to check for an identity.

Parameters:

attributes - list of request attributes to check

setCheckHeaders

public void setCheckHeaders(@Nullable @NonnullElements
                            Collection<String> headers)

Set the list of request headers to check for an identity.

Parameters:

headers - list of request headers to check

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext,
                         @Nonnull
                         AuthenticationContext authenticationContext)

Overrides:

doExecute in class AbstractAuthenticationAction