Package com.sun.identity.saml.plugins

Class DefaultPartnerAccountMapper

  • All Implemented Interfaces:
    PartnerAccountMapper
    Direct Known Subclasses:
    NameIDPartnerAccountMapper
    public class DefaultPartnerAccountMapper
extends Object
implements PartnerAccountMapper
    The class DefaultPartnerAccountMapper provide a default implementation of the PartnerAccountMapper interface.

    The implementation assumes two sites have exactly the same DIT structure, and it maps remote user to the anonymous user by default if the DIT structure could not be determined.

    • Constructor Detail

      • DefaultPartnerAccountMapper

        public DefaultPartnerAccountMapper()
        Default Constructor

    • Method Detail

      • getUser

        public Map getUser​(List assertions,
                   String sourceID,
                   String targetURL)
        Returns user account in OpenAM to which the subject in the assertion is mapped. This method will be called in POST profile, ARTIFACT profile, AttributeQuery and AuthorizationDecisionQuery.
        Specified by:
        getUser in interface PartnerAccountMapper
        Parameters:
        assertions - a list of authentication assertions returned from partner side, this will contains user's identity in the partner side. The object in the list will be com.sun.identity.saml.assertion.Assertion
        sourceID - source ID for the site from which the subject originated.
        targetURL - value for TARGET query parameter when the user accessing the SAML aware servlet or post profile servlet
        Returns:
        Map which contains NAME, ORG and ATTRIBUTE keys, value of the NAME key is the user DN, value of the ORG is the user organization DN, value of the ATTRIBUTE is a Map containing key/value pairs which will be set as properties on the OpenAM SSO token, the key is the SSO property name, the value is a String value of the property. Returns empty map if the mapped user could not be obtained from the subject.

      • getUser

        public Map getUser​(SubjectQuery subjectQuery,
                   String sourceID)
        Returns user account in OpenAM to which the subject in the query is mapped. This method will be called in AttributeQuery.The returned Map is subject to changes per SAML specification.
        Specified by:
        getUser in interface PartnerAccountMapper
        Parameters:
        subjectQuery - subject query returned from partner side, this will contains user's identity in the partner side.
        sourceID - source ID for the site from which the subject originated.
        Returns:
        Map which contains NAME and ORG keys, value of the NAME key is the user DN, value of the ORG is the user organization DN. Returns empty map if the mapped user could not be obtained from the subject.