Package net.shibboleth.idp.session.impl

Class UpdateSessionWithAuthenticationResult

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.authn.AbstractAuthenticationAction

net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class UpdateSessionWithAuthenticationResult
extends AbstractAuthenticationAction

An authentication action that establishes a record of the AuthenticationResult in an IdPSession for the client, either by updating an existing session or creating a new one.

A new AuthenticationResult may be added to the session, or the last activity time of an existing one updated. A new one will only be added if the authentication context indicates that the result is "cacheable".

An existing session is identified via a SessionContext attached to the ProfileRequestContext. If a new session is created, it will be placed into a SessionContext, creating it if necessary, with the principal name coming from a SubjectContext.

An error interacting with the session layer will result in an EventIds.IO_ERROR event.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_PROFILE_CTX, EventIds.IO_ERROR

Precondition:

ProfileRequestContext.getSubcontext(AuthenticationContext.class) != null

Postcondition:

If AuthenticationContext.getAuthenticationResult() != null and SubjectContext.getPrincipalName() != null then the steps above are performed, and ProfileRequestContext.getSubcontext(SessionContext.class).getIdPSession() != null

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.
private Function<ProfileRequestContext,SessionContext>	sessionContextCreationStrategy	Lookup/creation function for SessionContext.
private SessionContext	sessionCtx	Existing or newly created SessionContext.
private SessionManager	sessionManager	SessionManager.
private Function<ProfileRequestContext,SubjectContext>	subjectContextLookupStrategy	Lookup function for SubjectContext.
private SubjectContext	subjectCtx	Existing SubjectContext.

Constructor Summary

Constructors

Constructor	Description
UpdateSessionWithAuthenticationResult()	Constructor.

Method Summary

Modifier and Type	Method	Description
private void	createIdPSession(AuthenticationContext authenticationContext)	Create a new session and populate the SessionContext.
protected void	doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)
protected void	doInitialize()
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)
void	setSessionContextCreationStrategy(Function<ProfileRequestContext,SessionContext> strategy)	Set the lookup/creation strategy for the SessionContext to update.
void	setSessionManager(SessionManager manager)	Set the SessionManager to use.
void	setSubjectContextLookupStrategy(Function<ProfileRequestContext,SubjectContext> strategy)	Set the lookup strategy for the SubjectContext to access.
private void	updateIdPSession(AuthenticationContext authenticationContext, IdPSession session)	Update an existing session.

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

doExecute, doPreExecute, setAuthenticationContextLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

sessionManager

@NonnullAfterInit
private SessionManager sessionManager

SessionManager.

sessionContextCreationStrategy

@Nonnull
private Function<ProfileRequestContext,SessionContext> sessionContextCreationStrategy

Lookup/creation function for SessionContext.

subjectContextLookupStrategy

@Nonnull
private Function<ProfileRequestContext,SubjectContext> subjectContextLookupStrategy

Lookup function for SubjectContext.

sessionCtx

@Nullable
private SessionContext sessionCtx

Existing or newly created SessionContext.

subjectCtx

@Nullable
private SubjectContext subjectCtx

Existing SubjectContext.

Constructor Detail

UpdateSessionWithAuthenticationResult

public UpdateSessionWithAuthenticationResult()

Constructor.

Method Detail

setSessionManager

public void setSessionManager(@Nonnull
                              SessionManager manager)

Set the SessionManager to use.

Parameters:

manager - session manager to use

setSessionContextCreationStrategy

public void setSessionContextCreationStrategy(@Nonnull
                                              Function<ProfileRequestContext,SessionContext> strategy)

Set the lookup/creation strategy for the SessionContext to update.

Parameters:

strategy - creation/lookup strategy

setSubjectContextLookupStrategy

public void setSubjectContextLookupStrategy(@Nonnull
                                            Function<ProfileRequestContext,SubjectContext> strategy)

Set the lookup strategy for the SubjectContext to access.

Parameters:

strategy - lookup strategy

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doPreExecute

protected boolean doPreExecute(@Nonnull
                               ProfileRequestContext profileRequestContext,
                               @Nonnull
                               AuthenticationContext authenticationContext)

Overrides:

doPreExecute in class AbstractAuthenticationAction

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext,
                         @Nonnull
                         AuthenticationContext authenticationContext)

Overrides:

doExecute in class AbstractAuthenticationAction

updateIdPSession

private void updateIdPSession(@Nonnull
                              AuthenticationContext authenticationContext,
                              @Nonnull
                              IdPSession session)
                       throws SessionException

Update an existing session.

If the result is the product of an attempted flow, then it's added to the session. If reused, its last activity time is updated.

Parameters:

authenticationContext - current authentication context

session - session to update

Throws:

SessionException - if an error occurs updating the session

createIdPSession

private void createIdPSession(@Nonnull
                              AuthenticationContext authenticationContext)
                       throws SessionException

Create a new session and populate the SessionContext.

Parameters:

authenticationContext - current authentication context

Throws:

SessionException - if an error occurs creating the session