edu.internet2.middleware.shibboleth.idp.profile.saml2

クラス SLOProfileHandler

java.lang.Object

edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler<HTTPInTransport,HTTPOutTransport>

edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler<SAMLMDRelyingPartyConfigurationManager,Session>

edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler

edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

edu.internet2.middleware.shibboleth.idp.profile.saml2.SLOProfileHandler

すべての実装されたインタフェース:

ProfileHandler<HTTPInTransport,HTTPOutTransport>

public class SLOProfileHandler
extends AbstractSAML2ProfileHandler

ネストされたクラスの概要

ネストされたクラス

修飾子とタイプ	クラスと説明
class	SLOProfileHandler.SLORequestContext Represents the internal state of a Logout Request while it's being processed by the IdP.

クラスから継承されたネストされたクラス/インタフェース edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

AbstractSAML2ProfileHandler.SAML2AuditLogEntry

フィールドの概要

フィールド

修飾子とタイプ	フィールドと説明
static String	HTTP_LOGOUT_BINDING_ATTRIBUTE
static String	LOCAL_LOGOUT_BINDING Binding identifier representing "local" logout.

クラスから継承されたフィールド edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

SAML_VERSION

コンストラクタの概要

コンストラクタ

コンストラクタと説明
SLOProfileHandler(String templatePath) Constructor.

メソッドの概要

メソッド

修飾子とタイプ	メソッドと説明
protected LogoutResponse	buildLogoutResponse(SLOProfileHandler.SLORequestContext requestContext, Status status) Builds LogoutResponse.
protected void	decodeRequest(SLOProfileHandler.SLORequestContext requestContext, HTTPInTransport inTransport, HTTPOutTransport outTransport) Decodes an incoming request and populates a created request context with the resultant information.
protected void	destroySession(Session session) Destroy a session.
String	getProfileId() Gets the ID of the profile supported by this handler.
org.apache.velocity.app.VelocityEngine	getVelocityEngine() Gets the VelocityEngine to use.
protected void	localLogout(Session indirect, HTTPInTransport inTransport, HTTPOutTransport outTransport) Handles clearing the active session, possibly an additional "indirect" session, and presenting a logout response to the client using a Velocity template.
protected void	populateAssertingPartyInformation(BaseSAMLProfileRequestContext requestContext) Populates the request context with information about the asserting party.
protected void	populateProfileInformation(BaseSAMLProfileRequestContext requestContext) Populates the request context with the information about the profile.
protected void	populateRelyingPartyInformation(BaseSAMLProfileRequestContext requestContext) Populates the request context with information about the relying party.
protected void	populateSAMLMessageInformation(BaseSAMLProfileRequestContext requestContext) Populates the request context with information from the inbound SAML message.
protected void	processLogoutRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) Process and respond to a SAML LogoutRequest message.
void	processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) Processes an incoming request.
protected Endpoint	selectEndpoint(BaseSAMLProfileRequestContext requestContext) Selects the appropriate endpoint for the relying party and stores it in the request context.
void	setVelocityEngine(org.apache.velocity.app.VelocityEngine velocity) Sets the VelocityEngine to use.

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler

buildAssertion, buildAttributeStatement, buildConditions, buildEntityIssuer, buildErrorResponse, buildNameId, buildResponse, buildStatus, buildSubject, buildSubjectConfirmation, checkSamlVersion, getEncrypter, getKeyEncryptionCredential, getSessionIndexFromNameID, isEncryptAssertion, isEncryptNameID, isRequestRequiresEncryptNameID, isSignAssertion, populateRequestContext, populateStatusResponse, populateUserInformation, postProcessAssertion, postProcessResponse, resolveAttributes, resolvePrincipal, signAssertion, writeAuditLogEntry

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler

encodeResponse, filterNameIDAttributesByFormats, filterNameIDAttributesByProtocol, getAduitLog, getAuditLog, getEntitySupportedFormats, getIdGenerator, getInboundBinding, getInboundMessageDecoder, getMessageDecoders, getMessageEncoders, getMetadataCredentialResolver, getMetadataProvider, getOutboundMessageEncoder, getRelyingPartyConfiguration, getRequiredNameIDFormat, getSecurityPolicyResolver, getSupportedNameFormats, getSupportedOutboundBindings, getUserSession, getUserSession, isSignResponse, selectNameIDAttributeAndEncoder, selectNameIDAttributeAndEncoder, setIdGenerator, setInboundBinding, setMessageDecoders, setMessageEncoders, setSecurityPolicyResolver, setSupportedOutboundBindings

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.common.profile.provider.AbstractShibbolethProfileHandler

getBuilderFactory, getParserPool, getProfileConfiguration, getRelyingPartyConfigurationManager, getSessionManager, getStorageService, setParserPool, setRelyingPartyConfigurationManager, setSessionManager, setStorageService

クラスから継承されたメソッド edu.internet2.middleware.shibboleth.common.profile.provider.AbstractRequestURIMappedProfileHandler

getRequestPaths, setRequestPaths

クラスから継承されたメソッド java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

フィールドの詳細

LOCAL_LOGOUT_BINDING

public static final String LOCAL_LOGOUT_BINDING

Binding identifier representing "local" logout.

関連項目:

定数フィールド値

HTTP_LOGOUT_BINDING_ATTRIBUTE

public static final String HTTP_LOGOUT_BINDING_ATTRIBUTE

関連項目:

定数フィールド値

コンストラクタの詳細

SLOProfileHandler

public SLOProfileHandler(String templatePath)

Constructor.

パラメータ:

templatePath - path to JSP or Velocity template

メソッドの詳細

getVelocityEngine

public org.apache.velocity.app.VelocityEngine getVelocityEngine()

Gets the VelocityEngine to use.

戻り値:

the VelocityEngine to use

setVelocityEngine

public void setVelocityEngine(org.apache.velocity.app.VelocityEngine velocity)

Sets the VelocityEngine to use.

パラメータ:

velocity - the VelocityEngine to use

getProfileId

public String getProfileId()

Gets the ID of the profile supported by this handler.

定義:

getProfileId クラス内 AbstractShibbolethProfileHandler<SAMLMDRelyingPartyConfigurationManager,Session>

戻り値:

ID of the profile supported by this handler

processRequest

public void processRequest(HTTPInTransport inTransport,
                  HTTPOutTransport outTransport)
                    throws ProfileException

Processes an incoming request.

パラメータ:

inTransport - the incoming request transport

outTransport - the outgoing response transport

例外:

ProfileException - throw if there was a problem while processing the request

localLogout

protected void localLogout(Session indirect,
               HTTPInTransport inTransport,
               HTTPOutTransport outTransport)
                    throws ProfileException

Handles clearing the active session, possibly an additional "indirect" session, and presenting a logout response to the client using a Velocity template.

パラメータ:

inTransport - incoming transport object

outTransport - outgoing transport object

例外:

ProfileException

processLogoutRequest

protected void processLogoutRequest(HTTPInTransport inTransport,
                        HTTPOutTransport outTransport)
                             throws ProfileException

Process and respond to a SAML LogoutRequest message. This is a very simplified version because it doesn't propagate the logout to any SPs. It just handles the IdP session(s) and then either responds to the client or to the SP depending on the async flag.

パラメータ:

inTransport - incoming transport object

outTransport - outgoing transport object

例外:

ProfileException

buildLogoutResponse

protected LogoutResponse buildLogoutResponse(SLOProfileHandler.SLORequestContext requestContext,
                                 Status status)
                                      throws ProfileException

Builds LogoutResponse. If status is null, the requestContext's failure status property will be used.

パラメータ:

requestContext - context information for the current request

status - a Status to add to the response

戻り値:

a new LogoutResponse message

例外:

ProfileException

destroySession

protected void destroySession(Session session)

Destroy a session.

パラメータ:

session - session to destroy

populateSAMLMessageInformation

protected void populateSAMLMessageInformation(BaseSAMLProfileRequestContext requestContext)
                                       throws ProfileException

Populates the request context with information from the inbound SAML message. Unless overridden, AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext),and AbstractSAMLProfileHandler.populateAssertingPartyInformation(BaseSAMLProfileRequestContext) have already been invoked and the properties they provide are available in the request context.

定義:

populateSAMLMessageInformation クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

例外:

ProfileException - thrown if there is a problem populating the request context with information

populateRelyingPartyInformation

protected void populateRelyingPartyInformation(BaseSAMLProfileRequestContext requestContext)
                                        throws ProfileException

Populates the request context with information about the relying party. This method requires the the following request context properties to be populated: inbound message issuer This methods populates the following request context properties: peer entityID, peer entity metadata, relying party configuration

オーバーライド:

populateRelyingPartyInformation クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

例外:

ProfileException - thrown if there is a problem looking up the relying party's metadata

populateAssertingPartyInformation

protected void populateAssertingPartyInformation(BaseSAMLProfileRequestContext requestContext)
                                          throws ProfileException

Populates the request context with information about the asserting party. Unless overridden, AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext) has already been invoked and the properties it provides are available in the request context. This method requires the the following request context properties to be populated: metadata provider, relying party configuration This methods populates the following request context properties: local entity ID, outbound message issuer, local entity metadata

オーバーライド:

populateAssertingPartyInformation クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

例外:

ProfileException - thrown if there is a problem looking up the asserting party's metadata

selectEndpoint

protected Endpoint selectEndpoint(BaseSAMLProfileRequestContext requestContext)
                           throws ProfileException

Selects the appropriate endpoint for the relying party and stores it in the request context.

定義:

selectEndpoint クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

戻り値:

Endpoint selected from the information provided in the request context

例外:

ProfileException - thrown if there is a problem selecting a response endpoint

populateProfileInformation

protected void populateProfileInformation(BaseSAMLProfileRequestContext requestContext)
                                   throws ProfileException

Populates the request context with the information about the profile. Unless overridden, AbstractSAMLProfileHandler.populateRequestContext(BaseSAMLProfileRequestContext) has already invoked AbstractSAMLProfileHandler.populateRelyingPartyInformation(BaseSAMLProfileRequestContext), AbstractSAMLProfileHandler.populateAssertingPartyInformation(BaseSAMLProfileRequestContext), and AbstractSAMLProfileHandler.populateSAMLMessageInformation(BaseSAMLProfileRequestContext) have already been invoked and the properties they provide are available in the request context. This method requires the the following request context properties to be populated: relying party configuration This methods populates the following request context properties: communication profile ID, profile configuration, outbound message artifact type, peer entity endpoint

オーバーライド:

populateProfileInformation クラス内 AbstractSAMLProfileHandler

パラメータ:

requestContext - current request context

例外:

ProfileException - thrown if there is a problem populating the profile information

decodeRequest

protected void decodeRequest(SLOProfileHandler.SLORequestContext requestContext,
                 HTTPInTransport inTransport,
                 HTTPOutTransport outTransport)
                      throws ProfileException

Decodes an incoming request and populates a created request context with the resultant information.

パラメータ:

requestContext - request context to which decoded information should be added

inTransport - inbound message transport

outTransport - outbound message transport

例外:

ProfileException - throw if there is a problem decoding the request