Package net.shibboleth.idp.authn.impl

Class ExtractRemoteUser

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.authn.AbstractAuthenticationAction

net.shibboleth.idp.authn.AbstractExtractionAction

net.shibboleth.idp.authn.impl.ExtractRemoteUser

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractRemoteUser
extends AbstractExtractionAction

An action that extracts an asserted user identity from the incoming request, creates a UsernameContext, and attaches it to the AuthenticationContext.

Event:

EventIds.PROCEED_EVENT_ID, AuthnEventIds.NO_CREDENTIALS

Precondition:

ProfileRequestContext.getSubcontext(AuthenticationContext.class, false) != null

Postcondition:

If getHttpServletRequest() != null, the content of either the getRemoteUser() method or a designated header or attribute will be attached via a UsernameContext.

Field Summary

Fields

Modifier and Type	Field	Description
private Collection<String>	checkAttributes	List of request attributes to check for an identity.
private Collection<String>	checkHeaders	List of request headers to check for an identity.
private boolean	checkRemoteUser	Whether to check REMOTE_USER for an identity.
private final org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
ExtractRemoteUser()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)	Performs this authentication action.
protected void	doInitialize()
void	setCheckAttributes(Collection<String> attributes)	Set the list of request attributes to check for an identity.
void	setCheckHeaders(Collection<String> headers)	Set the list of request headers to check for an identity.
void	setCheckRemoteUser(boolean flag)	Set whether to check REMOTE_USER for an identity.

Methods inherited from class net.shibboleth.idp.authn.AbstractExtractionAction

applyTransforms, applyTransforms, setLowercase, setTransforms, setTrim, setUppercase, setUsernameRemappingStrategy

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

doExecute, doPreExecute, doPreExecute, setAuthenticationContextLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplier

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

checkRemoteUser

private boolean checkRemoteUser

Whether to check REMOTE_USER for an identity. Defaults to true.

checkAttributes

@Nonnull
private Collection<String> checkAttributes

List of request attributes to check for an identity.

checkHeaders

@Nonnull
private Collection<String> checkHeaders

List of request headers to check for an identity.

Constructor Details

ExtractRemoteUser

public ExtractRemoteUser()

Constructor.

Method Details

setCheckRemoteUser

public void setCheckRemoteUser(boolean flag)

Set whether to check REMOTE_USER for an identity.

Parameters:

flag - value to set

setCheckAttributes

public void setCheckAttributes(@Nullable
 Collection<String> attributes)

Set the list of request attributes to check for an identity.

Parameters:

attributes - list of request attributes to check

setCheckHeaders

public void setCheckHeaders(@Nullable
 Collection<String> headers)

Set the list of request headers to check for an identity.

Parameters:

headers - list of request headers to check

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doExecute

protected void doExecute(@Nonnull
 ProfileRequestContext profileRequestContext,
 @Nonnull
 AuthenticationContext authenticationContext)

Performs this authentication action. Default implementation throws an exception.

Overrides:

doExecute in class AbstractAuthenticationAction

Parameters:

profileRequestContext - the current IdP profile request context

authenticationContext - the current authentication context