public class AddNameIDToSubjects extends AbstractProfileAction
NameID
and adds it to the Subject
of all the assertions
found in a Response
. The message to update is returned by a lookup strategy, by default
the message returned by InOutOperationContext.getOutboundMessageContext()
.
If no Response
exists, then an Assertion
directly in the outbound message context will
be used or created by the default lookup strategy.
If no Subject
exists in the assertions found, it will be cretaed.
The source of the NameID
is one of a set of candidate SAML2NameIDGenerator
plugins injected into the action. The plugin(s) to attempt to use are derived from the Format value,
which is established by a lookup strategy.
In addition, the generation process is influenced by the requested NameIDPolicy
, which
is evaluated using a pluggable predicate.
Modifier and Type | Class and Description |
---|---|
static class |
AddNameIDToSubjects.NameIDPolicyLookupFunction
Lookup function that returns the
NameIDPolicy from an AuthnRequest message returned
from a lookup function, by default the inbound message. |
static class |
AddNameIDToSubjects.RequesterIdFromIssuerFunction
Lookup function that returns
RequestAbstractType.getIssuer()
from a request message returned from a lookup function, by default the inbound message. |
Constructor and Description |
---|
AddNameIDToSubjects()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
protected void |
doExecute(ProfileRequestContext profileRequestContext)
Performs this action.
|
protected void |
doInitialize()
Performs the initialization of the component.
|
protected boolean |
doPreExecute(ProfileRequestContext profileRequestContext)
Called prior to execution, actions may override this method to perform pre-processing for a request.
|
void |
setAssertionsLookupStrategy(com.google.common.base.Function<ProfileRequestContext,List<Assertion>> strategy)
Set the strategy used to locate the
Assertion s to operate on. |
void |
setFormatLookupStrategy(com.google.common.base.Function<ProfileRequestContext,List<String>> strategy)
Set the strategy function to use to obtain the formats to try.
|
void |
setIdentifierGeneratorLookupStrategy(com.google.common.base.Function<ProfileRequestContext,IdentifierGenerationStrategy> strategy)
Set the strategy used to locate the
IdentifierGenerationStrategy to use. |
void |
setIssuerLookupStrategy(com.google.common.base.Function<ProfileRequestContext,String> strategy)
Set the strategy used to locate the issuer value to use.
|
void |
setNameIDGenerator(SAML2NameIDGenerator theGenerator)
Set the generator to use.
|
void |
setNameIDPolicyPredicate(com.google.common.base.Predicate<ProfileRequestContext> predicate)
Set the predicate used to evaluate the
NameIDPolicy . |
void |
setOverwriteExisting(boolean flag)
Set whether to overwrite any existing
NameID objects found. |
void |
setRequestLookupStrategy(com.google.common.base.Function<ProfileRequestContext,AuthnRequest> strategy)
Set the strategy used to locate the
AuthnRequest to examine, if any. |
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
destroy, doDestroy, initialize, isDestroyed, isInitialized
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
initialize, isInitialized
public AddNameIDToSubjects() throws ComponentInitializationException
ComponentInitializationException
- if an error occurs initializing default predicate.public void setOverwriteExisting(boolean flag)
NameID
objects found.flag
- true iff the action should overwrite any existing objectspublic void setRequestLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,AuthnRequest> strategy)
AuthnRequest
to examine, if any.strategy
- strategy used to locate the AuthnRequest
public void setAssertionsLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,List<Assertion>> strategy)
Assertion
s to operate on.strategy
- lookup strategypublic void setIdentifierGeneratorLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,IdentifierGenerationStrategy> strategy)
IdentifierGenerationStrategy
to use.strategy
- lookup strategypublic void setIssuerLookupStrategy(@Nullable com.google.common.base.Function<ProfileRequestContext,String> strategy)
strategy
- lookup strategypublic void setNameIDPolicyPredicate(@Nonnull com.google.common.base.Predicate<ProfileRequestContext> predicate)
NameIDPolicy
.predicate
- predicate used to evaluate the NameIDPolicy
public void setFormatLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,List<String>> strategy)
strategy
- format lookup strategypublic void setNameIDGenerator(@Nullable SAML2NameIDGenerator theGenerator)
theGenerator
- the generator to useprotected void doInitialize() throws ComponentInitializationException
doInitialize
in class AbstractInitializableComponent
ComponentInitializationException
- thrown if there is a problem initializing the componentprotected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
If false is returned, execution will not proceed, and the action should attach an
EventContext
to the context tree to signal how to continue with overall
workflow processing.
If returning successfully, the last step should be to return the result of the superclass version of this method.
doPreExecute
in class AbstractProfileAction
profileRequestContext
- the current IdP profile request contextprotected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
doExecute
in class AbstractProfileAction
profileRequestContext
- the current IdP profile request contextCopyright © 2016 JBoss by Red Hat. All rights reserved.