Package net.shibboleth.idp.saml.nameid.impl

Class NameIdentifierCanonicalization

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction

net.shibboleth.idp.saml.nameid.impl.NameIdentifierCanonicalization

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class NameIdentifierCanonicalization
extends AbstractSubjectCanonicalizationAction

Action to perform subject canonicalization, transforming the input Subject into a principal name by searching for one and only one NameIdentifierPrincipal custom principal, using an injected NameIdentifierDecoder to carry out the process.

Event:

EventIds.PROCEED_EVENT_ID, AuthnEventIds.INVALID_SUBJECT

Precondition:

 ProfileRequestContext.getSubcontext(SubjectCanonicalizationContext.class, false) != null
 

Postcondition:

 SubjectCanonicalizationContext.getPrincipalName() != null || SubjectCanonicalizationContext.getException() != null
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	NameIdentifierCanonicalization.ActivationCondition	A predicate that determines if this action can run or not.

Field Summary

Fields

Modifier and Type	Field	Description
private NameIdentifierDecoder	decoder	Supplies logic for decoding the NameIdentifier into a principal.
private final NameIdentifierCanonicalization.ActivationCondition	embeddedPredicate	Supplies logic for pre-execute test.

Constructor Summary

Constructors

Constructor	Description
NameIdentifierCanonicalization()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext, SubjectCanonicalizationContext c14nContext)	Performs this authentication action.
protected void	doInitialize()
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext, SubjectCanonicalizationContext c14nContext)	Performs this c14n action's pre-execute step.
NameIdentifierDecoder	getDecoder()	Get the class responsible for decoding the NameIdentifier into a principal.
void	setDecoder(NameIdentifierDecoder theDecoder)	Set the class responsible for decoding the NameIdentifier into a principal.

Methods inherited from class net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction

applyTransforms, doExecute, doPreExecute, setLookupStrategy, setLowercase, setTransforms, setTrim, setUppercase

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplier

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Field Details

embeddedPredicate

@Nonnull
private final NameIdentifierCanonicalization.ActivationCondition embeddedPredicate

Supplies logic for pre-execute test.

decoder

@NonnullAfterInit
private NameIdentifierDecoder decoder

Supplies logic for decoding the NameIdentifier into a principal.

Constructor Details

NameIdentifierCanonicalization

public NameIdentifierCanonicalization()

Constructor.

Method Details

getDecoder

@NonnullAfterInit
public NameIdentifierDecoder getDecoder()

Get the class responsible for decoding the NameIdentifier into a principal.

Returns:

the decoder

setDecoder

public void setDecoder(@Nonnull
 NameIdentifierDecoder theDecoder)

Set the class responsible for decoding the NameIdentifier into a principal.

Parameters:

theDecoder - the decoder

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doPreExecute

protected boolean doPreExecute(@Nonnull
 ProfileRequestContext profileRequestContext,
 @Nonnull
 SubjectCanonicalizationContext c14nContext)

Performs this c14n action's pre-execute step. Default implementation just returns true iff a subject is set.

Overrides:

doPreExecute in class AbstractSubjectCanonicalizationAction

Parameters:

profileRequestContext - the current IdP profile request context

c14nContext - the current subject canonicalization context

Returns:

true iff execution should continue

doExecute

protected void doExecute(@Nonnull
 ProfileRequestContext profileRequestContext,
 @Nonnull
 SubjectCanonicalizationContext c14nContext)

Performs this authentication action. Default implementation throws an exception.

Overrides:

doExecute in class AbstractSubjectCanonicalizationAction

Parameters:

profileRequestContext - the current IdP profile request context

c14nContext - the current subject canonicalization context