edu.internet2.middleware.shibboleth.idp.profile.saml2

クラス SAML2ECPProfileHandler

java.lang.Object

edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<HTTPInTransport,HTTPOutTransport>

edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<SAMLMDRelyingPartyConfigurationManager,Session>

edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler

edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler

edu.internet2.middleware.shibboleth.idp.profile.saml2.SAML2ECPProfileHandler

すべての実装されたインタフェース:

ProfileHandler<HTTPInTransport,HTTPOutTransport>

public class SAML2ECPProfileHandler
extends SSOProfileHandler

SAML 2.0 ECP request profile handler.

ネストされたクラスの概要

ネストされたクラス

修飾子とタイプ	クラスと説明
protected class	SAML2ECPProfileHandler.ECPRequestContext In case we ever add something to the base context

クラスから継承されたネストされたクラス/インタフェース edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler

SSOProfileHandler.SSORequestContext

クラスから継承されたネストされたクラス/インタフェース edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

AbstractSAML2ProfileHandler.SAML2AuditLogEntry

フィールドの概要

クラスから継承されたフィールド edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

SAML_VERSION

コンストラクタの概要

コンストラクタ

コンストラクタと説明
SAML2ECPProfileHandler() Constructor.

メソッドの概要

メソッド

修飾子とタイプ	メソッドと説明
protected AuthnContext	buildAuthnContext(SSOProfileHandler.SSORequestContext requestContext) Creates an AuthnContext for a successful authentication request.
protected AuthnStatement	buildAuthnStatement(SSOProfileHandler.SSORequestContext requestContext) Creates an authentication statement for the current request.
protected HandlerChain	buildOutboundHandlerChain() Build the outbound handler chain.
protected HandlerChain	buildPostSecurityInboundHandlerChain() Build the post-security inbound handler chain.
protected HandlerChain	buildPreSecurityInboundHandlerChain() Build the pre-security inbound handler chain.
protected SAML2ECPProfileHandler.ECPRequestContext	buildRequestContext(HTTPInTransport in, HTTPOutTransport out) Creates an authentication request context from the current environmental information.
protected void	decodeRequest(SAML2ECPProfileHandler.ECPRequestContext requestContext, HTTPInTransport inTransport, HTTPOutTransport outTransport) Decodes an incoming request and stores the information in a created request context.
String	getAuthnContextClassRef() Gets the AuthnContext class reference.
protected SAMLMessageDecoder	getInboundMessageDecoder(BaseSAMLProfileRequestContext requestContext) Get the inbound message decoder to use.
protected HandlerChainResolver	getOutboundHandlerChainResolver() Get the resolver used to resolve the outbound handler chain.
protected SAMLMessageEncoder	getOutboundMessageEncoder(BaseSAMLProfileRequestContext requestContext) Get the outbound message encoder to use.
protected HandlerChainResolver	getPostSecurityInboundHandlerChainResolver() Get the resolver used to resolve the post-security inbound handler chain.
protected HandlerChainResolver	getPreSecurityInboundHandlerChainResolver() Get the resolver used to resolve the pre-security inbound handler chain.
String	getProfileId() Gets the ID of the profile supported by this handler.
void	initialize() Initialize the profile handler.
protected void	populateSAMLMessageInformation(BaseSAMLProfileRequestContext requestContext) Populates the request context with information from the inbound SAML message.
void	processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) Processes an incoming request.
void	setAuthnContextClassRef(String ref) Sets the AuthnContext class reference.

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler

buildNameId, buildRequestContext, buildSubjectLocality, checkNameIDPolicy, completeAuthenticationRequest, decodeRequest, deserializeRequest, getRequiredNameIDFormat, performAuthentication, populateAssertingPartyInformation, populateRelyingPartyInformation, postProcessAssertion, postProcessResponse, selectEndpoint

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

buildAssertion, buildAttributeStatement, buildConditions, buildEntityIssuer, buildErrorResponse, buildResponse, buildStatus, buildSubject, buildSubjectConfirmation, checkSamlVersion, getEncrypter, getKeyEncryptionCredential, getSessionIndexFromNameID, isEncryptAssertion, isEncryptNameID, isRequestRequiresEncryptNameID, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler

encodeResponse, filterNameIDAttributesByFormats, filterNameIDAttributesByProtocol, getAduitLog, getAuditLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getMessageDecoders, getMessageEncoders, getMetadataCredentialResolver, getMetadataProvider, getRelyingPartyConfiguration, getSecurityPolicyResolver, getSupportedNameFormats, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, populateProfileInformation, selectNameIDAttributeAndEncoder, selectNameIDAttributeAndEncoder, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler

getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, getStorageService, setParserPool, setRelyingPartyConfigurationManager, setSessionManager, setStorageService

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler

getRequestPaths, setRequestPaths

クラスから継承されたメソッド java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

コンストラクタの詳細

SAML2ECPProfileHandler

public SAML2ECPProfileHandler()

Constructor.

メソッドの詳細

initialize

public void initialize()

Initialize the profile handler.

getProfileId

public String getProfileId()

Gets the ID of the profile supported by this handler.

オーバーライド:

getProfileId クラス内 SSOProfileHandler

戻り値:

ID of the profile supported by this handler

setAuthnContextClassRef

public void setAuthnContextClassRef(String ref)

Sets the AuthnContext class reference.

パラメータ:

ref - AuthnContext class reference to set

getAuthnContextClassRef

public String getAuthnContextClassRef()

Gets the AuthnContext class reference.

戻り値:

AuthnContext class reference

processRequest

public void processRequest(HTTPInTransport inTransport,
                  HTTPOutTransport outTransport)
                    throws ProfileException

Processes an incoming request.

定義:

processRequest インタフェース内 ProfileHandler<HTTPInTransport,HTTPOutTransport>

オーバーライド:

processRequest クラス内 SSOProfileHandler

パラメータ:

inTransport - the incoming request transport

outTransport - the outgoing response transport

例外:

ProfileException - throw if there was a problem while processing the request

decodeRequest

protected void decodeRequest(SAML2ECPProfileHandler.ECPRequestContext requestContext,
                 HTTPInTransport inTransport,
                 HTTPOutTransport outTransport)
                      throws ProfileException

Decodes an incoming request and stores the information in a created request context.

パラメータ:

inTransport - inbound transport

outTransport - outbound transport

requestContext - request context to which decoded information should be added

例外:

ProfileException - thrown if the incoming message failed decoding

buildRequestContext

protected SAML2ECPProfileHandler.ECPRequestContext buildRequestContext(HTTPInTransport in,
                                                           HTTPOutTransport out)
                                                                throws ProfileException

Creates an authentication request context from the current environmental information.

パラメータ:

in - inbound transport

out - outbount transport

戻り値:

created authentication request context

例外:

ProfileException - thrown if there is a problem creating the context

populateSAMLMessageInformation

protected void populateSAMLMessageInformation(BaseSAMLProfileRequestContext requestContext)
                                       throws ProfileException

Populates the request context with information from the inbound SAML message. This method requires the the following request context properties to be populated: login context This methods populates the following request context properties: inbound saml message, relay state, inbound saml message ID, subject name identifier

オーバーライド:

populateSAMLMessageInformation クラス内 SSOProfileHandler

パラメータ:

requestContext - current request context

例外:

ProfileException - thrown if the inbound SAML message or subject identifier is null

buildAuthnStatement

protected AuthnStatement buildAuthnStatement(SSOProfileHandler.SSORequestContext requestContext)

Creates an authentication statement for the current request.

オーバーライド:

buildAuthnStatement クラス内 SSOProfileHandler

パラメータ:

requestContext - current request context

戻り値:

constructed authentication statement

buildAuthnContext

protected AuthnContext buildAuthnContext(SSOProfileHandler.SSORequestContext requestContext)

Creates an AuthnContext for a successful authentication request.

オーバーライド:

buildAuthnContext クラス内 SSOProfileHandler

パラメータ:

requestContext - current request

戻り値:

the built authn context

buildPreSecurityInboundHandlerChain

protected HandlerChain buildPreSecurityInboundHandlerChain()

Build the pre-security inbound handler chain.

戻り値:

the handler chain

buildPostSecurityInboundHandlerChain

protected HandlerChain buildPostSecurityInboundHandlerChain()

Build the post-security inbound handler chain.

戻り値:

the handler chain

getPreSecurityInboundHandlerChainResolver

protected HandlerChainResolver getPreSecurityInboundHandlerChainResolver()

Get the resolver used to resolve the pre-security inbound handler chain.

戻り値:

the handler chain resolver

getPostSecurityInboundHandlerChainResolver

protected HandlerChainResolver getPostSecurityInboundHandlerChainResolver()

Get the resolver used to resolve the post-security inbound handler chain.

戻り値:

the handler chain resolver

buildOutboundHandlerChain

protected HandlerChain buildOutboundHandlerChain()

Build the outbound handler chain.

戻り値:

the handler chain

getOutboundHandlerChainResolver

protected HandlerChainResolver getOutboundHandlerChainResolver()

Get the resolver used to resolve the outbound handler chain.

戻り値:

the handler chain resolver

getOutboundMessageEncoder

protected SAMLMessageEncoder getOutboundMessageEncoder(BaseSAMLProfileRequestContext requestContext)
                                                throws ProfileException

Get the outbound message encoder to use.

The default implementation uses the binding URI from the SAMLMessageContext.getPeerEntityEndpoint() to lookup the encoder from the supported message encoders defined in AbstractSAMLProfileHandler.getMessageEncoders().

Subclasses may override to implement a different mechanism to determine the encoder to use, such as for example cases where an active intermediary actor sits between this provider and the peer entity endpoint (e.g. the SAML 2 ECP case).

オーバーライド:

getOutboundMessageEncoder クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

戻り値:

the message encoder to use

例外:

ProfileException - if the encoder to use can not be resolved based on the request context

getInboundMessageDecoder

protected SAMLMessageDecoder getInboundMessageDecoder(BaseSAMLProfileRequestContext requestContext)
                                               throws ProfileException

Get the inbound message decoder to use.

The default implementation uses the binding URI from AbstractSAMLProfileHandler.getInboundBinding() to lookup the decoder from the supported message decoders defined in AbstractSAMLProfileHandler.getMessageDecoders().

Subclasses may override to implement a different mechanism to determine the decoder to use.

オーバーライド:

getInboundMessageDecoder クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

戻り値:

the message decoder to use

例外:

ProfileException - if the decoder to use can not be resolved based on the request context