FAMSTSAttributeProvider (OpenAM Project 15.1.7-SNAPSHOT API)

java.lang.Object
- com.sun.identity.wss.sts.spi.FAMSTSAttributeProvider

All Implemented Interfaces:

com.sun.xml.ws.api.security.trust.STSAttributeProvider
```
public class FAMSTSAttributeProvider
extends Object
implements com.sun.xml.ws.api.security.trust.STSAttributeProvider
```
The STS attribute provider is used to retrieve an authenticated user or profile attributes and gives it to the assertion generator so that these attributes could be part of SAML attribute statements. The attribute checks first if the end user's SSOToken is present in the OnBehalfOf element in the WS-Trust request and generates SAML Attributes from the user profile. This is the case usually if the STS and web services client is deployed locally on the same or trusted Federal OpenAM instances. If not, it tries to retrieve the web services client profile attributes if it exists.

Field Summary

Fields
Modifier and Type Field and Description

protected static SSOTokenManager tokenManager
- Fields inherited from interface com.sun.xml.ws.api.security.trust.STSAttributeProvider
  NAME_IDENTIFIER

Fields
Modifier and Type	Field and Description
`protected static SSOTokenManager`	`tokenManager`

Constructor Summary

Constructors
Constructor and Description

FAMSTSAttributeProvider()

Constructors
Constructor and Description
`FAMSTSAttributeProvider()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Map<QName,List<String>>`	`getClaimedAttributes(Subject subject, String appliesTo, String tokenType, com.sun.xml.ws.api.security.trust.Claims claims)` Returns all claimed attributes for a given subject.
`protected SSOToken`	`getSSOToken(String token, String appTokenId)` Check if agent token ID is appended to the token string.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

tokenManager

protected static SSOTokenManager tokenManager

Constructor Detail
- FAMSTSAttributeProvider
```
public FAMSTSAttributeProvider()
```

Method Detail

getClaimedAttributes

public Map<QName,List<String>> getClaimedAttributes(Subject subject,
                                                    String appliesTo,
                                                    String tokenType,
                                                    com.sun.xml.ws.api.security.trust.Claims claims)

Returns all claimed attributes for a given subject.

Specified by:: getClaimedAttributes in interface com.sun.xml.ws.api.security.trust.STSAttributeProvider

getSSOToken
```
protected SSOToken getSSOToken(String token,
                               String appTokenId)
                        throws SSOException
```
Check if agent token ID is appended to the token string. if yes, we use it as a restriction context. This is meant for cookie hijacking feature where agent appends the agent token ID to the user sso token before sending it over to the server for validation.

Throws:

SSOException

Class FAMSTSAttributeProvider

Field Summary

Fields inherited from interface com.sun.xml.ws.api.security.trust.STSAttributeProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

tokenManager

Constructor Detail

FAMSTSAttributeProvider

Method Detail

getClaimedAttributes

getSSOToken