com.sun.identity.saml.plugins

Class DefaultPartnerAccountMapper

java.lang.Object

com.sun.identity.saml.plugins.DefaultPartnerAccountMapper

All Implemented Interfaces:

PartnerAccountMapper

Direct Known Subclasses:

NameIDPartnerAccountMapper

public class DefaultPartnerAccountMapper
extends Object
implements PartnerAccountMapper

The class DefaultPartnerAccountMapper provide a default implementation of the PartnerAccountMapper interface.

The implementation assumes two sites have exactly the same DIT structure, and it maps remote user to the anonymous user by default if the DIT structure could not be determined.

Field Summary

Fields inherited from interface com.sun.identity.saml.plugins.PartnerAccountMapper

ATTRIBUTE, NAME, ORG

Constructor Summary

Constructors

Constructor and Description
DefaultPartnerAccountMapper() Default Constructor

Method Summary

Modifier and Type	Method and Description
Map	getUser(List assertions, String sourceID, String targetURL) Returns user account in OpenAM to which the subject in the assertion is mapped.
Map	getUser(SubjectQuery subjectQuery, String sourceID) Returns user account in OpenAM to which the subject in the query is mapped.
protected void	getUser(Subject subject, String sourceID, Map<String,String> map)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DefaultPartnerAccountMapper

public DefaultPartnerAccountMapper()

Default Constructor

Method Detail

getUser

public Map getUser(List assertions,
                   String sourceID,
                   String targetURL)

Returns user account in OpenAM to which the subject in the assertion is mapped. This method will be called in POST profile, ARTIFACT profile, AttributeQuery and AuthorizationDecisionQuery.

Specified by:

getUser in interface PartnerAccountMapper

Parameters:

assertions - a list of authentication assertions returned from partner side, this will contains user's identity in the partner side. The object in the list will be com.sun.identity.saml.assertion.Assertion

sourceID - source ID for the site from which the subject originated.

targetURL - value for TARGET query parameter when the user accessing the SAML aware servlet or post profile servlet

Returns:

Map which contains NAME, ORG and ATTRIBUTE keys, value of the NAME key is the user DN, value of the ORG is the user organization DN, value of the ATTRIBUTE is a Map containing key/value pairs which will be set as properties on the OpenAM SSO token, the key is the SSO property name, the value is a String value of the property. Returns empty map if the mapped user could not be obtained from the subject.

getUser

public Map getUser(SubjectQuery subjectQuery,
                   String sourceID)

Returns user account in OpenAM to which the subject in the query is mapped. This method will be called in AttributeQuery.The returned Map is subject to changes per SAML specification.

Specified by:

getUser in interface PartnerAccountMapper

Parameters:

subjectQuery - subject query returned from partner side, this will contains user's identity in the partner side.

sourceID - source ID for the site from which the subject originated.

Returns:

Map which contains NAME and ORG keys, value of the NAME key is the user DN, value of the ORG is the user organization DN. Returns empty map if the mapped user could not be obtained from the subject.

getUser

protected void getUser(Subject subject,
                       String sourceID,
                       Map<String,String> map)