Package net.shibboleth.idp.saml.nameid.impl

Class CryptoTransientIdGenerationStrategy

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

net.shibboleth.idp.saml.nameid.impl.CryptoTransientIdGenerationStrategy

All Implemented Interfaces:

TransientIdGenerationStrategy, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

public class CryptoTransientIdGenerationStrategy
extends AbstractIdentifiableInitializableComponent
implements TransientIdGenerationStrategy

Generates transients using a DataSealer to encrypt the result into a recoverable value, for use with stateless clustering.

Field Summary

Fields

Modifier and Type	Field	Description
private DataSealer	dataSealer	Object used to protect and encrypt the data.
private Duration	idLifetime	Length tokens are valid.

Constructor Summary

Constructors

Constructor	Description
CryptoTransientIdGenerationStrategy()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doInitialize()
String	generate(String relyingPartyId, String principalName)	Generate a new Transient ID.
Duration	getIdLifetime()	Get the time ids are valid.
void	setDataSealer(DataSealer sealer)	Set the data sealer to use.
void	setIdLifetime(Duration lifetime)	Set the time ids are valid.

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

ensureId, getId, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent

getId

Field Details

dataSealer

@NonnullAfterInit
private DataSealer dataSealer

Object used to protect and encrypt the data.

idLifetime

@Nonnull
private Duration idLifetime

Length tokens are valid.

Constructor Details

CryptoTransientIdGenerationStrategy

public CryptoTransientIdGenerationStrategy()

Constructor.

Method Details

setDataSealer

public void setDataSealer(@Nonnull
 DataSealer sealer)

Set the data sealer to use.

Parameters:

sealer - object used to protect and encrypt the data

getIdLifetime

@Nonnull
public Duration getIdLifetime()

Get the time ids are valid.

Returns:

time ids are valid

setIdLifetime

public void setIdLifetime(@Nonnull
 Duration lifetime)

Set the time ids are valid.

Parameters:

lifetime - time ids are valid

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractIdentifiedInitializableComponent

Throws:

ComponentInitializationException

generate

@Nonnull
@NotEmpty
public String generate(@Nonnull @NotEmpty
 String relyingPartyId,
 @Nonnull @NotEmpty
 String principalName)
                throws SAMLException

Generate a new Transient ID.

Specified by:

generate in interface TransientIdGenerationStrategy

Parameters:

relyingPartyId - the relying party for whom we're generating

principalName - the principal to map to

Returns:

the new identifier

Throws:

SAMLException - if an error occurs generating the identifier