edu.internet2.middleware.shibboleth.common.attribute.provider
Class ShibbolethSAML1AttributeAuthority

java.lang.Object
  extended by edu.internet2.middleware.shibboleth.common.config.BaseService
      extended by edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML1AttributeAuthority
All Implemented Interfaces:
AttributeAuthority<SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration>>, SAML1AttributeAuthority, Service, org.springframework.beans.factory.BeanNameAware, org.springframework.context.ApplicationContextAware

public class ShibbolethSAML1AttributeAuthority
extends BaseService
implements SAML1AttributeAuthority

SAML 1 Attribute Authority.


Field Summary
private  ShibbolethAttributeResolver attributeResolver
          Attribute resolver.
private  ShibbolethAttributeFilteringEngine filteringEngine
          To determine releasable attributes.
private  org.slf4j.Logger log
          Class logger.
private  org.opensaml.common.SAMLObjectBuilder<org.opensaml.saml1.core.AttributeStatement> statementBuilder
          For building attribute statements.
 
Constructor Summary
ShibbolethSAML1AttributeAuthority(ShibbolethAttributeResolver resolver)
          This creates a new attribute authority.
 
Method Summary
 org.opensaml.saml1.core.AttributeStatement buildAttributeStatement(org.opensaml.saml1.core.AttributeQuery query, Collection<BaseAttribute> attributes)
          Creates a SAML 1 attribute statment from a collection of BaseAttribute.
protected  Collection<org.opensaml.saml1.core.Attribute> encodeAttributes(Collection<BaseAttribute> attributes)
          This encodes the supplied attributes with that attribute's SAML1 encoder.
protected  Set<String> getAttribtueIds(org.opensaml.saml2.metadata.EntityDescriptor metadata)
          Gets the attribute IDs for those attributes requested in the entity metadata.
 String getAttributeIDBySAMLAttribute(org.opensaml.saml1.core.AttributeDesignator attribute)
          Translates SAML 1 attribute naming information into the internal attribute ID used by the resolver and filtering engine.
protected  Set<String> getAttributeIds(List<org.opensaml.saml1.core.AttributeDesignator> attributes)
          This parses the attribute ids from the supplied list of attributes.
protected  Set<String> getAttributeIds(org.opensaml.common.SAMLObject samlRequest)
          Gets the attribute IDs for those attributes requested in the attribute query.
 ShibbolethAttributeResolver getAttributeResolver()
          Gets the attribute resolver.
 Map<String,BaseAttribute> getAttributes(SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration> requestContext)
          Gets the attributes for the principal identified in the request.
 ShibbolethAttributeFilteringEngine getFilteringEngine()
          Gets the filtering engine.
 String getPrincipal(SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration> requestContext)
          Resolves a NameIdentifier into the internal principal name used Shibboleth.
 org.opensaml.saml1.core.AttributeDesignator getSAMLAttributeByAttributeID(String id)
          Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 1 attribute name.
protected  void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
          Called after a new context has been created but before it set as the service's context.
 void setFilteringEngine(ShibbolethAttributeFilteringEngine engine)
          Sets the attribute filtering engine.
 
Methods inherited from class edu.internet2.middleware.shibboleth.common.config.BaseService
destroy, getApplicationContext, getId, getReadWriteLock, getServiceConfigurations, getServiceContext, initialize, isDestroyed, isInitialized, loadContext, setApplicationContext, setBeanName, setInitialized, setServiceConfigurations, setServiceContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

private final org.slf4j.Logger log
Class logger.


statementBuilder

private org.opensaml.common.SAMLObjectBuilder<org.opensaml.saml1.core.AttributeStatement> statementBuilder
For building attribute statements.


attributeResolver

private ShibbolethAttributeResolver attributeResolver
Attribute resolver.


filteringEngine

private ShibbolethAttributeFilteringEngine filteringEngine
To determine releasable attributes.

Constructor Detail

ShibbolethSAML1AttributeAuthority

public ShibbolethSAML1AttributeAuthority(ShibbolethAttributeResolver resolver)
This creates a new attribute authority.

Parameters:
resolver - The attribute resolver to set
Method Detail

getAttributeResolver

public ShibbolethAttributeResolver getAttributeResolver()
Gets the attribute resolver.

Returns:
Returns the attributeResolver.

getFilteringEngine

public ShibbolethAttributeFilteringEngine getFilteringEngine()
Gets the filtering engine.

Returns:
Returns the filteringEngine.

setFilteringEngine

public void setFilteringEngine(ShibbolethAttributeFilteringEngine engine)
Sets the attribute filtering engine.

Parameters:
engine - attribute filtering engine

buildAttributeStatement

public org.opensaml.saml1.core.AttributeStatement buildAttributeStatement(org.opensaml.saml1.core.AttributeQuery query,
                                                                          Collection<BaseAttribute> attributes)
                                                                   throws AttributeEncodingException
Creates a SAML 1 attribute statment from a collection of BaseAttribute.

Specified by:
buildAttributeStatement in interface SAML1AttributeAuthority
Parameters:
query - the attribute query the statement is in respone to, may be null
attributes - the attributes to create the attribute statement form
Returns:
the generated attribute statement
Throws:
AttributeEncodingException - thrown if an BaseAttribute can not be encoded

getAttributeIDBySAMLAttribute

public String getAttributeIDBySAMLAttribute(org.opensaml.saml1.core.AttributeDesignator attribute)
Translates SAML 1 attribute naming information into the internal attribute ID used by the resolver and filtering engine.

Specified by:
getAttributeIDBySAMLAttribute in interface SAML1AttributeAuthority
Parameters:
attribute - the SAML 1 attribute to translate
Returns:
the attribute ID used by the resolver and filtering engine

getPrincipal

public String getPrincipal(SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration> requestContext)
                    throws AttributeRequestException
Resolves a NameIdentifier into the internal principal name used Shibboleth.

Specified by:
getPrincipal in interface SAML1AttributeAuthority
Parameters:
requestContext - The request context within which to retrieve the principal. At a mimium, a NameIdentifier and relying party ID must be included.
Returns:
NameIdentifier into the internal principal name used Shibboleth
Throws:
AttributeRequestException - thrown if the principal get not be resolved

getSAMLAttributeByAttributeID

public org.opensaml.saml1.core.AttributeDesignator getSAMLAttributeByAttributeID(String id)
Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 1 attribute name.

Specified by:
getSAMLAttributeByAttributeID in interface SAML1AttributeAuthority
Parameters:
id - internal attribute ID
Returns:
SAML 1 attribute name

getAttributes

public Map<String,BaseAttribute> getAttributes(SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration> requestContext)
                                        throws AttributeRequestException
Gets the attributes for the principal identified in the request.

Specified by:
getAttributes in interface AttributeAuthority<SAMLProfileRequestContext<? extends org.opensaml.common.SAMLObject,? extends org.opensaml.saml1.core.ResponseAbstractType,org.opensaml.saml1.core.NameIdentifier,? extends AbstractSAML1ProfileConfiguration>>
Parameters:
requestContext - contextual information for the attribute request
Returns:
the request attributes keyed by the attributes' IDs.
Throws:
AttributeRequestException - thrown if there is a problem retrieving the attributes

getAttributeIds

protected Set<String> getAttributeIds(org.opensaml.common.SAMLObject samlRequest)
Gets the attribute IDs for those attributes requested in the attribute query.

Parameters:
samlRequest - the attribute query
Returns:
attribute IDs for those attributes requested in the attribute query

getAttribtueIds

protected Set<String> getAttribtueIds(org.opensaml.saml2.metadata.EntityDescriptor metadata)
Gets the attribute IDs for those attributes requested in the entity metadata.

Parameters:
metadata - the entity metadata
Returns:
attribute IDs for those attributes requested in the entity metadata

getAttributeIds

protected Set<String> getAttributeIds(List<org.opensaml.saml1.core.AttributeDesignator> attributes)
This parses the attribute ids from the supplied list of attributes.

Parameters:
attributes - List
Returns:
Set of attribute ids

encodeAttributes

protected Collection<org.opensaml.saml1.core.Attribute> encodeAttributes(Collection<BaseAttribute> attributes)
This encodes the supplied attributes with that attribute's SAML1 encoder.

Parameters:
attributes - shibboleth attributes to be encoded into SAML attributes
Returns:
collection of encoded SAML attributes

onNewContextCreated

protected void onNewContextCreated(org.springframework.context.ApplicationContext newServiceContext)
                            throws ServiceException
Called after a new context has been created but before it set as the service's context. If an exception is thrown the new context will not be set as the service's context and the current service context will be retained.

Specified by:
onNewContextCreated in class BaseService
Parameters:
newServiceContext - the newly created context for the service
Throws:
ServiceException - thrown if there is a problem with the given service context


Copyright © 1999-2012. All Rights Reserved.