edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.match.saml
Class AbstractNameIDFormatSupportedMatchFunctor

java.lang.Object
  extended by edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.match.basic.AbstractMatchFunctor
      extended by edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.match.saml.AbstractNameIDFormatSupportedMatchFunctor
All Implemented Interfaces:
MatchFunctor
Direct Known Subclasses:
AttributeIssuerNameIDFormatExactMatchFunctor, AttributeRequesterNameIDFormatExactMatchFunctor

public abstract class AbstractNameIDFormatSupportedMatchFunctor
extends AbstractMatchFunctor

Base class for matching functions that check if an SAML entity supports a particular NameID format type.


Constructor Summary
AbstractNameIDFormatSupportedMatchFunctor()
           
 
Method Summary
protected  boolean doEvaluatePolicyRequirement(ShibbolethFilteringContext filterContext)
          Evaluates this matching criteria.
protected  boolean doEvaluateValue(ShibbolethFilteringContext filterContext, String attributeId, Object attributeValue)
          Evaluates this matching criteria.
protected abstract  org.opensaml.saml2.metadata.SSODescriptor getEntitySSODescriptor(ShibbolethFilteringContext filterContext)
          Gets the SSO role descriptor for the entity to be checked.
 String getNameIdFormat()
          Get the NameID format that needs to be supported by the entity.
protected  boolean isNameIDFormatSupported(ShibbolethFilteringContext filterContext)
          Checks to see if the metadata for the entity supports the required NameID format.
 void setNameIdFormat(String format)
          Sets the NameID format that needs to be supported by the entity.
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.match.basic.AbstractMatchFunctor
evaluateDenyRule, evaluatePermitValue, evaluatePolicyRequirement
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AbstractNameIDFormatSupportedMatchFunctor

public AbstractNameIDFormatSupportedMatchFunctor()
Method Detail

getNameIdFormat

public String getNameIdFormat()
Get the NameID format that needs to be supported by the entity.

Returns:
NameID format that needs to be supported by the entity

setNameIdFormat

public void setNameIdFormat(String format)
Sets the NameID format that needs to be supported by the entity.

Parameters:
format - NameID format that needs to be supported by the entity

doEvaluatePolicyRequirement

protected boolean doEvaluatePolicyRequirement(ShibbolethFilteringContext filterContext)
                                       throws FilterProcessingException
Evaluates this matching criteria. This evaluation is used while the filtering engine determines policy applicability.

Specified by:
doEvaluatePolicyRequirement in class AbstractMatchFunctor
Parameters:
filterContext - current filtering context
Returns:
true if the criteria for this matching function are meant
Throws:
FilterProcessingException - thrown if the function can not be evaluated

doEvaluateValue

protected boolean doEvaluateValue(ShibbolethFilteringContext filterContext,
                                  String attributeId,
                                  Object attributeValue)
                           throws FilterProcessingException
Evaluates this matching criteria. This evaluation is used while the filtering engine is evaluating either a deny or permit value rule.

Specified by:
doEvaluateValue in class AbstractMatchFunctor
Parameters:
filterContext - the current filtering context
attributeId - ID of the attribute being evaluated
attributeValue - value of the attribute being evaluated
Returns:
true if the criteria for this matching function are meant
Throws:
FilterProcessingException - thrown if the function can not be evaluated

isNameIDFormatSupported

protected boolean isNameIDFormatSupported(ShibbolethFilteringContext filterContext)
Checks to see if the metadata for the entity supports the required NameID format.

Parameters:
filterContext - current filter context
Returns:
true if the entity supports the required NameID format, false otherwise

getEntitySSODescriptor

protected abstract org.opensaml.saml2.metadata.SSODescriptor getEntitySSODescriptor(ShibbolethFilteringContext filterContext)
Gets the SSO role descriptor for the entity to be checked.

Parameters:
filterContext - current filtering context
Returns:
the SSO role descriptor of the entity or null if the entity does not have such a descriptor


Copyright © 2006-2011 Internet2. All Rights Reserved.