Package com.sun.identity.saml.plugins
Class DefaultActionMapper
- java.lang.Object
-
- com.sun.identity.saml.plugins.DefaultActionMapper
-
- All Implemented Interfaces:
ActionMapper
public class DefaultActionMapper extends Object implements ActionMapper
The classDefaultActionMapper
provide a default implementation of theActionMapper
interface.
-
-
Field Summary
-
Fields inherited from interface com.sun.identity.saml.plugins.ActionMapper
DENY, INDETERMINATE, PERMIT
-
-
Constructor Summary
Constructors Constructor Description DefaultActionMapper()
Default Constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Map
getAuthorizationDecisions(AuthorizationDecisionQuery query, Object token, String sourceID)
This method first converts the AttributeStatements in Evidence to OpenAM Policy API environment variables.Assertion
getSSOAssertion(AuthorizationDecisionQuery query, String sourceID)
This method exams the Evidence in the AuthorizationDecisionQuery.String
getSSOTokenID(AuthorizationDecisionQuery query)
This method exams the SubjectConfirmation of the Subject in the AuthorizationDecisionQuery.
-
-
-
Method Detail
-
getSSOTokenID
public String getSSOTokenID(AuthorizationDecisionQuery query)
This method exams the SubjectConfirmation of the Subject in the AuthorizationDecisionQuery. If the SubjectConfirmation has only one ConfirmationMethod; and this ConfirmationMethod is equals to "urn:com:sun:identity"; and its SubjectConfirmationData contains TEXT node only, then the method returns the concatenated string of all the TEXT nodes. Otherwise, it returns null.- Specified by:
getSSOTokenID
in interfaceActionMapper
- Parameters:
query
- The receivedAuthorizationDecisionQuery
.- Returns:
- String which is the single sign on token ID. Return null if the OpenAM single sign on token id could not be obtained from the query.
- See Also:
ActionMapper.getSSOTokenID(com.sun.identity.saml.protocol.AuthorizationDecisionQuery)
-
getSSOAssertion
public Assertion getSSOAssertion(AuthorizationDecisionQuery query, String sourceID)
This method exams the Evidence in the AuthorizationDecisionQuery. It returns the first valid Assertion that contains at least one AuthenticationStatement.- Specified by:
getSSOAssertion
in interfaceActionMapper
- Parameters:
query
- The receivedAuthorizationDecisionQuery
.sourceID
- TheSourceID
from which this query is coming from.- Returns:
- Assertion The assertion contained inside the query.
- See Also:
ActionMapper.getSSOAssertion(com.sun.identity.saml.protocol.AuthorizationDecisionQuery, java.lang.String)
-
getAuthorizationDecisions
public Map getAuthorizationDecisions(AuthorizationDecisionQuery query, Object token, String sourceID) throws SAMLException
This method first converts the AttributeStatements in Evidence to OpenAM Policy API environment variables. The Attributes in the AttributeStatement(s) are expected to be OpenAM attributes. It then query the Policy decision one action at a time. Currently, it handles actions defined in urn:oasis:names:tc:SAML:1.0:ghpp only. This action Namespace is mapped to OpenAM iPlanetAMWebAgentService.- Specified by:
getAuthorizationDecisions
in interfaceActionMapper
- Parameters:
query
- The receivedAuthorizationDecisionQuery
.token
- User sessioin to retrieve the decisions.sourceID
- ThesourceID
from which the query is coming from.- Returns:
- Map which contains the following possible key value pairs:
PERMIT
List of permitted actions, orDENY
List of denied actions, orINDETERMINATE
List of indeterminate actions
- Throws:
SAMLException
- if an error occurs
-
-