com.sun.identity.federation.services

Class FSAuthnDecisionHandler

java.lang.Object

com.sun.identity.federation.services.FSAuthnDecisionHandler

public class FSAuthnDecisionHandler
extends Object

Used by IDP to decide which authentication to use to meet the need of requested authentication context.

Constructor Summary

Constructors

Constructor and Description
FSAuthnDecisionHandler(String realm, String entityID, javax.servlet.http.HttpServletRequest request) Constructs a new FSAuthnDecisionHandler object.

Method Summary

Modifier and Type	Method and Description
FSAuthContextResult	decideAuthnContext(List authContextRef, String presentAuthContext, String authType) Decides if present authentication context is sufficient comparing to the requested authentication context.
FSAuthContextResult	getURLForAuthnContext(List authContextClassRef) Finds authentication context result based on the request authentication context.
FSAuthContextResult	getURLForAuthnContext(List authContextClassRef, String authType) Finds authentication context result based on the request authentication context and comparison type.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FSAuthnDecisionHandler

public FSAuthnDecisionHandler(String realm,
                              String entityID,
                              javax.servlet.http.HttpServletRequest request)

Constructs a new FSAuthnDecisionHandler object. It handles authentication decision based on the configuration per identity provider.

Parameters:

realm - The realm under which the entity resides.

entityID - hosted identity provider entity ID

request - http servlet request

Method Detail

decideAuthnContext

public FSAuthContextResult decideAuthnContext(List authContextRef,
                                              String presentAuthContext,
                                              String authType)

Decides if present authentication context is sufficient comparing to the requested authentication context.

Parameters:

authContextRef - requested authentication contexts

presentAuthContext - present authentication context

authType - authentication context comparison type. The possible values are exact, minimum, better, and maximum.

Returns:

FSAuthContextResult object with login url set if the present authentication context is not sufficient; login url set to null if the present authentication context is sufficient. Return null if it cannot be decided or appropriate authentication context cannot be obtained.

getURLForAuthnContext

public FSAuthContextResult getURLForAuthnContext(List authContextClassRef,
                                                 String authType)

Finds authentication context result based on the request authentication context and comparison type.

Parameters:

authContextClassRef - list of requested authentication context class references

authType - requested authentication context comparison type. Possible values are exact, minimum, better, and maximum

Returns:

FSAuthContextResult object

getURLForAuthnContext

public FSAuthContextResult getURLForAuthnContext(List authContextClassRef)

Finds authentication context result based on the request authentication context. Comparison type is set to minimum.

Parameters:

authContextClassRef - list of requested authentication context class references

Returns:

FSAuthContextResult object