Class BaseAddAuthenticationStatementToAssertion
java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.authn.AbstractAuthenticationAction
net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
- Direct Known Subclasses:
AddAuthenticationStatementToAssertion,AddAuthnStatementToAssertion
public abstract class BaseAddAuthenticationStatementToAssertion
extends AbstractAuthenticationAction
Base class for actions that encode authentication information into a SAML 1 or SAML 2 statement.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate classDefault strategy for obtaining client address from servlet layer. -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate Function<ProfileRequestContext,String> Strategy used to obtain the client Address to insert.private AuthenticationResultAuthenticationResult basis of statement.private IdentifierGenerationStrategyThe generator to use.Strategy used to locate theIdentifierGenerationStrategyto use.private StringEntityID to populate as assertion issuer.private Function<ProfileRequestContext,String> Strategy used to obtain the assertion issuer value.private final org.slf4j.LoggerClass logger.private booleanWhether the generated authentication statement should be placed in its own assertion or added to one if it exists. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidprotected booleandoPreExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext) Performs this authentication action's pre-execute step.Get the strategy used to obtain the client IP address to insert into the statement.Get theAuthenticationResultto encode.Get theIdentifierGenerationStrategyto use if an assertion must be created.Get the issuer name to use if an assertion must be created.booleanSet whether the generated statement should be placed in its own assertion or added to one if it exists.voidSet the strategy used to obtain the client IP address to insert into the statement.voidsetIdentifierGeneratorLookupStrategy(Function<ProfileRequestContext, IdentifierGenerationStrategy> strategy) Set the strategy used to locate theIdentifierGenerationStrategyto use.voidSet the strategy used to locate the issuer value to use.voidsetStatementInOwnAssertion(boolean inOwnAssertion) Set whether the generated authentication statement should be placed in its own assertion or added to one if it exists.Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doExecute, doPreExecute, setAuthenticationContextLookupStrategyMethods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplierMethods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent
checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.shared.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
statementInOwnAssertion
private boolean statementInOwnAssertionWhether the generated authentication statement should be placed in its own assertion or added to one if it exists. -
idGeneratorLookupStrategy
@Nonnull private Function<ProfileRequestContext,IdentifierGenerationStrategy> idGeneratorLookupStrategyStrategy used to locate theIdentifierGenerationStrategyto use. -
issuerLookupStrategy
Strategy used to obtain the assertion issuer value. -
addressLookupStrategy
Strategy used to obtain the client Address to insert. -
authenticationResult
AuthenticationResult basis of statement. -
idGenerator
The generator to use. -
issuerId
EntityID to populate as assertion issuer.
-
-
Constructor Details
-
BaseAddAuthenticationStatementToAssertion
public BaseAddAuthenticationStatementToAssertion()Constructor.
-
-
Method Details
-
isStatementInOwnAssertion
public boolean isStatementInOwnAssertion()Set whether the generated statement should be placed in its own assertion or added to one if it exists.- Returns:
- whether the generated statement should be placed in its own assertion or added to one if it exists
-
setStatementInOwnAssertion
public void setStatementInOwnAssertion(boolean inOwnAssertion) Set whether the generated authentication statement should be placed in its own assertion or added to one if it exists.- Parameters:
inOwnAssertion- whether the generated authentication statement should be placed in its own assertion or added to one if it exists
-
setIdentifierGeneratorLookupStrategy
public void setIdentifierGeneratorLookupStrategy(@Nonnull Function<ProfileRequestContext, IdentifierGenerationStrategy> strategy) Set the strategy used to locate theIdentifierGenerationStrategyto use.- Parameters:
strategy- lookup strategy
-
setIssuerLookupStrategy
Set the strategy used to locate the issuer value to use.- Parameters:
strategy- lookup strategy
-
getAddressLookupStrategy
Get the strategy used to obtain the client IP address to insert into the statement.- Returns:
- lookup strategy
- Since:
- 4.0.0
-
setAddressLookupStrategy
Set the strategy used to obtain the client IP address to insert into the statement.- Parameters:
strategy- lookup strategy- Since:
- 4.0.0
-
getAuthenticationResult
Get theAuthenticationResultto encode.- Returns:
- the result to encode
-
getIdGenerator
Get theIdentifierGenerationStrategyto use if an assertion must be created.- Returns:
- the ID generation strategy
-
getIssuerId
Get the issuer name to use if an assertion must be created.- Returns:
- the issuer name
-
doInitialize
- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) Performs this authentication action's pre-execute step. Default implementation just returns true.- Overrides:
doPreExecutein classAbstractAuthenticationAction- Parameters:
profileRequestContext- the current IdP profile request contextauthenticationContext- the current authentication context- Returns:
- true iff execution should continue
-