Package com.sun.identity.xacml.spi

Interface SubjectMapper

  • All Known Implementing Classes:
    FMSubjectMapper
    public interface SubjectMapper
    This is an interface which provides an SPI to be able to map the Subject in the XACML Request to an Object which represents the "subject" in the Federation manager context. A plugin implementing this SPI needs to be defined and configured at the PDP end for each trusted PEP ( as part of the metadata). A default mapper has been provided out-of-box which would map the XACML Subject to a SSOToken, the SSOToken being the representation of the Subject in federation manager.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void initialize​(String pdpEntityId, String pepEntityId, Map properties)
      Initializes the configuration data needed by this mapper.
      Object mapToNativeSubject​(List xacmlContextSubjects)
      This is the main API which does the mapping of XACML Subject to native subject ( native being subject in the context of the federation manager).

    • Method Detail

      • initialize

        void initialize​(String pdpEntityId,
                String pepEntityId,
                Map properties)
         throws XACMLException
        Initializes the configuration data needed by this mapper. It uses the the entity IDs passed as parameters as index to the local metadata. It can also consume a generic Map of key-value pairs to define its configuration in addition to the metadata.
        Parameters:
        pdpEntityId - entity id of the PDP which is doing this subject mapping and who has received the XACML request
        pepEntityId - entity id of the PEP ( requester) of the policy decision.
        properties - Map of other properties which can be consumed by this mapper to do the subject mapping.
        Throws:
        XACMLException - if the configration intialization encounters an error condition.

      • mapToNativeSubject

        Object mapToNativeSubject​(List xacmlContextSubjects)
                   throws XACMLException
        This is the main API which does the mapping of XACML Subject to native subject ( native being subject in the context of the federation manager).
        Parameters:
        xacmlContextSubjects - xacml-context:Subjects from the xacml-context:Request object.
        Returns:
        OpenAM SSOToken representing the mapped native subject. If the mapping fails, null would be returned
        Throws:
        XACMLException - if an error conditions occurs.