Class DefaultActionMapper

  • All Implemented Interfaces:
    ActionMapper

    public class DefaultActionMapper
    extends Object
    implements ActionMapper
    The class DefaultActionMapper provide a default implementation of the ActionMapper interface.
    • Constructor Detail

      • DefaultActionMapper

        public DefaultActionMapper()
        Default Constructor
    • Method Detail

      • getSSOTokenID

        public String getSSOTokenID​(AuthorizationDecisionQuery query)
        This method exams the SubjectConfirmation of the Subject in the AuthorizationDecisionQuery. If the SubjectConfirmation has only one ConfirmationMethod; and this ConfirmationMethod is equals to "urn:com:sun:identity"; and its SubjectConfirmationData contains TEXT node only, then the method returns the concatenated string of all the TEXT nodes. Otherwise, it returns null.

        Specified by:
        getSSOTokenID in interface ActionMapper
        Parameters:
        query - The received AuthorizationDecisionQuery.
        Returns:
        String which is the single sign on token ID. Return null if the OpenAM single sign on token id could not be obtained from the query.
        See Also:
        ActionMapper.getSSOTokenID(com.sun.identity.saml.protocol.AuthorizationDecisionQuery)
      • getAuthorizationDecisions

        public Map getAuthorizationDecisions​(AuthorizationDecisionQuery query,
                                             Object token,
                                             String sourceID)
                                      throws SAMLException
        This method first converts the AttributeStatements in Evidence to OpenAM Policy API environment variables. The Attributes in the AttributeStatement(s) are expected to be OpenAM attributes. It then query the Policy decision one action at a time. Currently, it handles actions defined in urn:oasis:names:tc:SAML:1.0:ghpp only. This action Namespace is mapped to OpenAM iPlanetAMWebAgentService.
        Specified by:
        getAuthorizationDecisions in interface ActionMapper
        Parameters:
        query - The received AuthorizationDecisionQuery.
        token - User sessioin to retrieve the decisions.
        sourceID - The sourceID from which the query is coming from.
        Returns:
        Map which contains the following possible key value pairs:
        • PERMIT List of permitted actions, or
        • DENY List of denied actions, or
        • INDETERMINATE List of indeterminate actions
        Throws:
        SAMLException - if an error occurs