edu.internet2.middleware.shibboleth.common.attribute.provider

クラス ShibbolethSAML2AttributeAuthority

java.lang.Object

edu.internet2.middleware.shibboleth.common.config.BaseService

edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority

すべての実装されたインタフェース:

AttributeAuthority<SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration>>, SAML2AttributeAuthority, Service, org.springframework.beans.factory.BeanNameAware, org.springframework.context.ApplicationContextAware

public class ShibbolethSAML2AttributeAuthority
extends BaseService
implements SAML2AttributeAuthority

SAML 2.0 Attribute Authority.

コンストラクタの概要

コンストラクタ

コンストラクタと説明
ShibbolethSAML2AttributeAuthority(ShibbolethAttributeResolver resolver) This creates a new attribute authority.

メソッドの概要

メソッド

修飾子とタイプ	メソッドと説明
AttributeStatement	buildAttributeStatement(AttributeQuery query, Collection<BaseAttribute> attributes) Creates a SAML 2 attribute statement from a collection of BaseAttribute.
protected Collection<Attribute>	encodeAttributes(AttributeQuery query, Collection<BaseAttribute> attributes) This encodes the supplied attributes with that attribute's SAML2 encoder.
protected void	filterAttributesByValue(AttributeQuery query, Collection<Attribute> attributes) Filters out all but the values, for an attribute, provided in the query, if and only if, the query specifies at least one value for the attribute.
protected Set<String>	getAttribtueIds(EntityDescriptor metadata) Gets the attribute IDs for those attributes requested in the entity metadata.
String	getAttributeIDBySAMLAttribute(Attribute attribute) Translates SAML 2 attribute naming information into the internal attribute ID used by the resolver and filtering engine.
protected Set<String>	getAttributeIds(List<Attribute> attributes) This parses the attribute ids from the supplied list of attributes.
protected Set<String>	getAttributeIds(RequestAbstractType samlRequest) Gets the attribute IDs for those attributes requested in the attribute query.
ShibbolethAttributeResolver	getAttributeResolver() Gets the attribute resolver.
Map<String,BaseAttribute>	getAttributes(SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration> requestContext) Gets the attributes for the principal identified in the request.
ShibbolethAttributeFilteringEngine	getFilteringEngine() Gets the filtering engine.
String	getPrincipal(SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration> requestContext) Resolves a NameID into the internal principal name used by Shibboleth.
Attribute	getSAMLAttributeByAttributeID(String id) Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 2 attribute name.
protected void	onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext) Called after a new context has been created but before it set as the service's context.
void	setFilteringEngine(ShibbolethAttributeFilteringEngine engine) Sets the attribute filtering engine.

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.common.config.BaseService

destroy, getApplicationContext, getId, getReadWriteLock, getServiceConfigurations, getServiceContext, initialize, isDestroyed, isInitialized, loadContext, setApplicationContext, setBeanName, setInitialized, setServiceConfigurations, setServiceContext

クラスから継承されたメソッド java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

コンストラクタの詳細

ShibbolethSAML2AttributeAuthority

public ShibbolethSAML2AttributeAuthority(ShibbolethAttributeResolver resolver)

This creates a new attribute authority.

パラメータ:

resolver - The attribute resolver to set

メソッドの詳細

getAttributeResolver

public ShibbolethAttributeResolver getAttributeResolver()

Gets the attribute resolver.

戻り値:

Returns the attributeResolver.

getFilteringEngine

public ShibbolethAttributeFilteringEngine getFilteringEngine()

Gets the filtering engine.

戻り値:

Returns the filteringEngine.

setFilteringEngine

public void setFilteringEngine(ShibbolethAttributeFilteringEngine engine)

Sets the attribute filtering engine.

パラメータ:

engine - attribute filtering engine

buildAttributeStatement

public AttributeStatement buildAttributeStatement(AttributeQuery query,
                                         Collection<BaseAttribute> attributes)
                                           throws AttributeEncodingException

Creates a SAML 2 attribute statement from a collection of BaseAttribute.

定義:

buildAttributeStatement インタフェース内 SAML2AttributeAuthority

パラメータ:

query - the attribute query the statement is in response to, may be null

attributes - the attributes to create the attribute statement form

戻り値:

the generated attribute statement

例外:

AttributeEncodingException - thrown if an BaseAttribute can not be encoded

getAttributeIDBySAMLAttribute

public String getAttributeIDBySAMLAttribute(Attribute attribute)

Translates SAML 2 attribute naming information into the internal attribute ID used by the resolver and filtering engine.

定義:

getAttributeIDBySAMLAttribute インタフェース内 SAML2AttributeAuthority

パラメータ:

attribute - the SAML 2 attribute to translate

戻り値:

the attribute ID used by the resolver and filtering engine

getSAMLAttributeByAttributeID

public Attribute getSAMLAttributeByAttributeID(String id)

Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 2 attribute name.

定義:

getSAMLAttributeByAttributeID インタフェース内 SAML2AttributeAuthority

パラメータ:

id - internal attribute ID

戻り値:

SAML 2 attribute name

getPrincipal

public String getPrincipal(SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration> requestContext)
                    throws AttributeRequestException

Resolves a NameID into the internal principal name used by Shibboleth.

定義:

getPrincipal インタフェース内 SAML2AttributeAuthority

パラメータ:

requestContext - The request context within which to retrieve the principal. At a minimum, a NameID and relying party ID must be included.

戻り値:

NameID into the internal principal name used by Shibboleth

例外:

AttributeRequestException - thrown if the principal could not be resolved

getAttributes

public Map<String,BaseAttribute> getAttributes(SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration> requestContext)
                                        throws AttributeRequestException

Gets the attributes for the principal identified in the request.

定義:

getAttributes インタフェース内 AttributeAuthority<SAMLProfileRequestContext<? extends RequestAbstractType,? extends StatusResponseType,NameID,? extends AbstractSAML2ProfileConfiguration>>

パラメータ:

requestContext - contextual information for the attribute request

戻り値:

the request attributes keyed by the attributes' IDs.

例外:

AttributeRequestException - thrown if there is a problem retrieving the attributes

encodeAttributes

protected Collection<Attribute> encodeAttributes(AttributeQuery query,
                                     Collection<BaseAttribute> attributes)
                                          throws AttributeEncodingException

This encodes the supplied attributes with that attribute's SAML2 encoder.

パラメータ:

query - request that may containing filtering designators

attributes - the attributes to encode

戻り値:

the encoded attributes

例外:

AttributeEncodingException - thrown if an attribute could not be encoded

filterAttributesByValue

protected void filterAttributesByValue(AttributeQuery query,
                           Collection<Attribute> attributes)

Filters out all but the values, for an attribute, provided in the query, if and only if, the query specifies at least one value for the attribute. That is to say, if the attribute query does not specify any attribute values then all values for that attribute are accepted and remain. Because this comparison acts on the marshalled form the provided attributes will be encoded prior to filtering.

パラメータ:

query - the attribute query

attributes - the attributes to filter

getAttributeIds

protected Set<String> getAttributeIds(RequestAbstractType samlRequest)

Gets the attribute IDs for those attributes requested in the attribute query.

パラメータ:

samlRequest - incomming SAML request

戻り値:

attribute IDs for those attributes requested in the attribute query

getAttribtueIds

protected Set<String> getAttribtueIds(EntityDescriptor metadata)

Gets the attribute IDs for those attributes requested in the entity metadata.

パラメータ:

metadata - the entity metadata

戻り値:

attribute IDs for those attributes requested in the entity metadata

getAttributeIds

protected Set<String> getAttributeIds(List<Attribute> attributes)

This parses the attribute ids from the supplied list of attributes.

パラメータ:

attributes - List

戻り値:

Set of attribute ids

onNewContextCreated

protected void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
                            throws ServiceException

Called after a new context has been created but before it set as the service's context. If an exception is thrown the new context will not be set as the service's context and the current service context will be retained.

定義:

onNewContextCreated クラス内 BaseService

パラメータ:

newServiceContext - the newly created context for the service

例外:

ServiceException - thrown if there is a problem with the given service context