1 /*
2 * Licensed to the University Corporation for Advanced Internet Development,
3 * Inc. (UCAID) under one or more contributor license agreements. See the
4 * NOTICE file distributed with this work for additional information regarding
5 * copyright ownership. The UCAID licenses this file to You under the Apache
6 * License, Version 2.0 (the "License"); you may not use this file except in
7 * compliance with the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 package edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml2;
19
20 /** SAML 2 SSO configuration settings. */
21 public class SSOConfiguration extends AbstractSAML2ProfileConfiguration {
22
23 /** ID for this profile configuration. */
24 public static final String PROFILE_ID = "urn:mace:shibboleth:2.0:profiles:saml2:sso";
25
26 /** Whether responses to the authentication request should include an attribute statement. */
27 private boolean includeAttributeStatement;
28
29 /** The maximum amount of time, in milliseconds, the service provider should maintain a session for the user. */
30 private long maximumSPSessionLifetime;
31
32 /** {@inheritDoc} */
33 public String getProfileId() {
34 return PROFILE_ID;
35 }
36
37 /**
38 * Gets whether responses to the authentication request should include an attribute statement.
39 *
40 * @return whether responses to the authentication request should include an attribute statement
41 */
42 public boolean includeAttributeStatement() {
43 return includeAttributeStatement;
44 }
45
46 /**
47 * Sets whether responses to the authentication request should include an attribute statement.
48 *
49 * @param include whether responses to the authentication request should include an attribute statement
50 */
51 public void setIncludeAttributeStatement(boolean include) {
52 includeAttributeStatement = include;
53 }
54
55 /**
56 * Gets the maximum amount of time, in milliseconds, the service provider should maintain a session for the user
57 * based on the authentication assertion. A value less than or equal to 0 is interpreted as an unlimited lifetime.
58 *
59 * @return max lifetime of service provider should maintain a session
60 */
61 public long getMaximumSPSessionLifetime() {
62 return maximumSPSessionLifetime;
63 }
64
65 /**
66 * Sets the maximum amount of time, in milliseconds, the service provider should maintain a session for the user
67 * based on the authentication assertion. A value less than or equal to 0 is interpreted as an unlimited lifetime.
68 *
69 * @param lifetime max lifetime of service provider should maintain a session
70 */
71 public void setMaximumSPSessionLifetime(long lifetime) {
72 if (lifetime < 1) {
73 maximumSPSessionLifetime = 0;
74 } else {
75 maximumSPSessionLifetime = lifetime;
76 }
77 }
78 }