edu.internet2.middleware.shibboleth.common.attribute.filtering.provider
Class ShibbolethAttributeFilteringEngine

java.lang.Object
  extended by edu.internet2.middleware.shibboleth.common.config.BaseService
      extended by edu.internet2.middleware.shibboleth.common.config.BaseReloadableService
          extended by edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine
All Implemented Interfaces:
AttributeFilteringEngine<SAMLProfileRequestContext>, ReloadableService, Service, org.springframework.beans.factory.BeanNameAware, org.springframework.context.ApplicationContextAware

public class ShibbolethAttributeFilteringEngine
extends BaseReloadableService
implements AttributeFilteringEngine<SAMLProfileRequestContext>

Implementation of AttributeFilteringEngine.


Nested Class Summary
 
Nested classes/interfaces inherited from class edu.internet2.middleware.shibboleth.common.config.BaseReloadableService
BaseReloadableService.ConfigurationResourceListener
 
Constructor Summary
ShibbolethAttributeFilteringEngine()
          Constructor.
 
Method Summary
 Map<String,BaseAttribute> filterAttributes(Map<String,BaseAttribute> attributes, SAMLProfileRequestContext context)
          Filters values for the given attribute, removing or allowing attributes per some implementation specific policy.
protected  void filterAttributes(ShibbolethFilteringContext filterContext, AttributeFilterPolicy filterPolicy)
          Evaluates the given policy's requirement and, if the requirement is met, filters the attributes according to the policy.
protected  void filterAttributes(ShibbolethFilteringContext filterContext, AttributeRule attributeRule)
          Evaluates the given attribute rule.
 List<AttributeFilterPolicy> getFilterPolicies()
          Gets the filter policies active for this engine.
protected  void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
          Called after a new context has been created but before it set as the service's context.
protected  void runDenyRules(ShibbolethFilteringContext filterContext)
          Runs the deny rules registered with the filter context upon the retained value set.
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.config.BaseReloadableService
destroy, getPollingFrequency, getPollingRetryAttempts, getPollingTimer, initialize, reload, setPollingFrequency, setPollingRetryAttempts, setPollingTimer
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.config.BaseService
getApplicationContext, getId, getReadWriteLock, getServiceConfigurations, getServiceContext, isDestroyed, isInitialized, loadContext, setApplicationContext, setBeanName, setInitialized, setServiceConfigurations, setServiceContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface edu.internet2.middleware.shibboleth.common.service.Service
getId, isDestroyed, isInitialized
 

Constructor Detail

ShibbolethAttributeFilteringEngine

public ShibbolethAttributeFilteringEngine()
Constructor.

Method Detail

getFilterPolicies

public List<AttributeFilterPolicy> getFilterPolicies()
Gets the filter policies active for this engine.

Returns:
filter policies active for this engine

filterAttributes

public Map<String,BaseAttribute> filterAttributes(Map<String,BaseAttribute> attributes,
                                                  SAMLProfileRequestContext context)
                                           throws AttributeFilteringException
Filters values for the given attribute, removing or allowing attributes per some implementation specific policy. This filtering process may remove attributes with no values but must not add attributes or attribute values.

Specified by:
filterAttributes in interface AttributeFilteringEngine<SAMLProfileRequestContext>
Parameters:
attributes - attributes to be filtered
context - attribute request context
Returns:
the filtered attributes, attribute ID is the key, attribute object is the value
Throws:
AttributeFilteringException - thrown if there is a problem retrieving or applying the attribute acceptance policy

filterAttributes

protected void filterAttributes(ShibbolethFilteringContext filterContext,
                                AttributeFilterPolicy filterPolicy)
                         throws FilterProcessingException
Evaluates the given policy's requirement and, if the requirement is met, filters the attributes according to the policy.

Parameters:
filterContext - current filtering context
filterPolicy - current filter policy
Throws:
FilterProcessingException - thrown if the given policy can be evaluated

filterAttributes

protected void filterAttributes(ShibbolethFilteringContext filterContext,
                                AttributeRule attributeRule)
                         throws FilterProcessingException
Evaluates the given attribute rule. If the attribute rule contains a permit value rule then that rule is evaluated against the unfiltered attributes and those values that meet the rule are moved into the filter contexts retained value set. If the attribute rule contains a deny value rule that rule is registered with the filter context so that it may be evaluated after all the permit value rules have run.

Parameters:
filterContext - current filtering context
attributeRule - current attribute rule
Throws:
FilterProcessingException - thrown if the given attribute rule can be evaluated

runDenyRules

protected void runDenyRules(ShibbolethFilteringContext filterContext)
                     throws FilterProcessingException
Runs the deny rules registered with the filter context upon the retained value set.

Parameters:
filterContext - current filtering context
Throws:
FilterProcessingException - thrown if there is a problem evaluating a deny value rule

onNewContextCreated

protected void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
                            throws ServiceException
Called after a new context has been created but before it set as the service's context. If an exception is thrown the new context will not be set as the service's context and the current service context will be retained.

Specified by:
onNewContextCreated in class BaseService
Parameters:
newServiceContext - the newly created context for the service
Throws:
ServiceException - thrown if there is a problem with the given service context


Copyright © 2006-2008 Internet2. All Rights Reserved.