edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.attributeDefinition

Class TransientIdAttributeDefinition

java.lang.Object

edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.AbstractResolutionPlugIn<BaseAttribute>

edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.attributeDefinition.BaseAttributeDefinition

edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.attributeDefinition.TransientIdAttributeDefinition

All Implemented Interfaces:

AttributeDefinition, ResolutionPlugIn<BaseAttribute>

public class TransientIdAttributeDefinition
extends BaseAttributeDefinition

An attribute definition that generates random identifiers useful for transient subject IDs. Information about the created IDs are stored within a provided StorageService in the form of TransientIdEntrys. Each entry is mapped under two keys; the generated ID and a key derived from the tuple (outbound message issuer, inbound message issuer, principal name).

Field Summary

Fields

Modifier and Type	Field and Description
private IdentifierGenerator	idGenerator Generator of random, hex-encoded, tokens.
private long	idLifetime Length, in milliseconds, tokens are valid.
private int	idSize Size, in bytes, of the token.
private StorageService<String,TransientIdEntry>	idStore Store used to map tokens to principals.
private org.slf4j.Logger	log Class logger.
private String	partition Storage partition in which IDs are stored.

Constructor Summary

Constructors

Constructor and Description
TransientIdAttributeDefinition(StorageService<String,TransientIdEntry> store) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected BaseAttribute	doResolve(ShibbolethResolutionContext resolutionContext) Creates and populates the values for the resolved attribute.
long	getIdLifetime() Gets the time, in milliseconds, ids are valid.
int	getIdSize() Gets the size, in bytes, of the id.
void	setIdSize(int size) Sets the size, in bytes, of the id.
void	setTokenLiftetime(long lifetime) Sets the time, in milliseconds, ids are valid.
void	validate() Validate the internal state of this plug-in.

Methods inherited from class edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.attributeDefinition.BaseAttributeDefinition

getAttributeEncoders, getDisplayDescriptions, getDisplayNames, getSourceAttributeID, getValuesFromAllDependencies, isDependencyOnly, resolve, setDependencyOnly, setSourceAttributeID

Methods inherited from class edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.AbstractResolutionPlugIn

getDependencyIds, getId, getValuesFromAllDependencies, getValuesFromAttributeDependency, getValuesFromConnectorDependency, setId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.ResolutionPlugIn

getDependencyIds, getId

Field Detail

log

private final org.slf4j.Logger log

Class logger.

idStore

private StorageService<String,TransientIdEntry> idStore

Store used to map tokens to principals.

partition

private String partition

Storage partition in which IDs are stored.

idGenerator

private IdentifierGenerator idGenerator

Generator of random, hex-encoded, tokens.

idSize

private int idSize

Size, in bytes, of the token.

idLifetime

private long idLifetime

Length, in milliseconds, tokens are valid.

Constructor Detail

TransientIdAttributeDefinition

public TransientIdAttributeDefinition(StorageService<String,TransientIdEntry> store)
                               throws NoSuchAlgorithmException

Constructor.

Parameters:

store - store used to map tokens to principals

Throws:

NoSuchAlgorithmException - thrown if the SHA1PRNG, used as the default random number generation algorithm, is not supported

Method Detail

doResolve

protected BaseAttribute doResolve(ShibbolethResolutionContext resolutionContext)
                           throws AttributeResolutionException

Creates and populates the values for the resolved attribute. Implementations should *not* set, or otherwise manage, the attribute encoders for the resolved attribute.

Specified by:

doResolve in class BaseAttributeDefinition

Parameters:

resolutionContext - current attribute resolution context

Returns:

resolved attribute

Throws:

AttributeResolutionException - thrown if there is a problem resolving and creating the attribute

getIdSize

public int getIdSize()

Gets the size, in bytes, of the id.

Returns:

size, in bytes, of the id

setIdSize

public void setIdSize(int size)

Sets the size, in bytes, of the id.

Parameters:

size - size, in bytes, of the id

getIdLifetime

public long getIdLifetime()

Gets the time, in milliseconds, ids are valid.

Returns:

time, in milliseconds, ids are valid

setTokenLiftetime

public void setTokenLiftetime(long lifetime)

Sets the time, in milliseconds, ids are valid.

Parameters:

lifetime - time, in milliseconds, ids are valid

validate

public void validate()
              throws AttributeResolutionException

Validate the internal state of this plug-in. This process may not rely on information from any dependency.

Throws:

AttributeResolutionException - if the plug-in has an invalid internal state