Package com.sun.liberty

Class LibertyManager

  • public class LibertyManager
extends Object
    LibertyManager forms the basis of the Public APIs. It has all the methods which the JSPs etc. need to use for federation/termination/logout etc.

    • Constructor Detail

      • LibertyManager

        public LibertyManager()

    • Method Detail

      • getIDPList

        public static Iterator getIDPList()
        Deprecated.
        This method has been deprecated. Please use getAllIDPList(String realm) instead.
        Returns a list of all trusted Identity Providers under root realm.
        Returns:
        an iterator to a list of strings, each containing the entity ID of Identity Providers.
        See Also:
        getAllIDPList(String)

      • getAllIDPList

        public static Iterator getAllIDPList​(String realm)
        Returns a list of all trusted Identity Providers under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        Returns:
        an iterator to a list of strings, each containing the entity ID of Identity Providers.

      • getIDPList

        public static Iterator getIDPList​(String hostedEntityID)
        Deprecated.
        This method is deprecated. Please use getIDPList(String,String)
        Returns a list of all trusted Identity Providers under root realm for a given hosted provider's entity ID.
        Parameters:
        hostedEntityID - hosted provider's entity ID.
        Returns:
        an iterator to a list of strings, each containing the provider ID of an trusted Identity Provider for this hosted provider.
        See Also:
        getIDPList(String,String)

      • getIDPList

        public static Iterator getIDPList​(String realm,
                                  String hostedEntityID)
        Returns a list of all trusted Identity Providers under the realm for a given hosted provider's entity ID.
        Parameters:
        realm - The realm under which the entity resides.
        hostedEntityID - hosted provider's entity ID.
        Returns:
        an iterator to a list of strings, each containing the provider ID of an trusted Identity Provider for this hosted provider.

      • getSPList

        public static Iterator getSPList()
        Deprecated.
        This method is deprecated. Please use getAllSPList(String realm).
        Returns a list of all trusted Service Providers under root realm.
        Returns:
        an iterator to a list of strings, each containing the entity ID of a Service Provider.
        See Also:
        getAllSPList(String)

      • getAllSPList

        public static Iterator getAllSPList​(String realm)
        Returns a list of all trusted Service Providers under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        Returns:
        an iterator to a list of strings, each containing the entity ID of a Service Provider.

      • getSPList

        public static Iterator getSPList​(String hostedEntityID)
        Deprecated.
        This method is deprecated. Please use getSPList(String,String)
        Returns a list of all trusted Service Providers under root realm for this Hosted Provider.
        Parameters:
        hostedEntityID - hosted provider's entity ID.
        Returns:
        an iterator to a list of strings, each containing the entity ID of an Service Provider for the given Hosted Provider.
        See Also:
        getSPList(String,String)

      • getSPList

        public static Iterator getSPList​(String realm,
                                 String hostedEntityID)
        Returns a list of all trusted Service Providers for this Hosted Provider.
        Parameters:
        realm - The realm under which the entity resides.
        hostedEntityID - hosted provider's entity ID.
        Returns:
        an iterator to a list of strings, each containing the entity ID of an Service Provider for the given Hosted Provider.

      • getIDPFederationStatus

        public static boolean getIDPFederationStatus​(String user,
                                             String remoteEntityId,
                                             String hostedEntityId,
                                             String hostedProviderRole)
        Deprecated.
        This method is deprecated.
        Returns the federation status of a user with an Identity Provider. This method assumes that the user is already federated with the provider.
        Parameters:
        user - The user name obtained by calling getUser() on a Liberty-authenticated HttpServletRequest from the user
        remoteEntityId - Entity ID of the Remote Identity Provider.
        hostedEntityId - Hosted Provider's entity ID.
        hostedProviderRole - Hosted Provider's Role.
        Returns:
        The federation status of a user with an Identity Provider.
        See Also:
        getIDPFederationStatus(String,String,String,String)

      • getIDPFederationStatus

        public static boolean getIDPFederationStatus​(String user,
                                             String realm,
                                             String remoteEntityId,
                                             String hostedEntityId,
                                             String hostedProviderRole)
        Returns the federation status of a user with an Identity Provider. This method assumes that the user is already federated with the provider.
        Parameters:
        user - The user name obtained by calling getUser() on a Liberty-authenticated HttpServletRequest from the user
        realm - The realm under which the entity resides.
        remoteEntityId - Entity ID of the Remote Identity Provider.
        hostedEntityId - Hosted Provider's entity ID.
        hostedProviderRole - Hosted Provider's Role.
        Returns:
        The federation status of a user with an Identity Provider.

      • getSPFederationStatus

        public static boolean getSPFederationStatus​(String user,
                                            String remoteProviderId,
                                            String hostedProviderId,
                                            String hostedProviderRole)
        Deprecated.
        This method is deprecated.
        Returns the federations status of a user with an Service Provider. This method assumes that the user is already federated with the provider.
        Parameters:
        user - The user name obtained by calling getRemoteUser() on a Liberty-authenticated HttpServletRequest from the user.
        remoteProviderId - The entity ID of the Remote Service Provider.
        hostedProviderId - Hosted provider's entity ID.
        hostedProviderRole - Hosted Provider Role.
        Returns:
        The federation status of a user with an Service Provider.
        See Also:
        getSPFederationStatus(String,String,String,String,String)

      • getSPFederationStatus

        public static boolean getSPFederationStatus​(String user,
                                            String realm,
                                            String remoteProviderId,
                                            String hostedProviderId,
                                            String hostedProviderRole)
        Returns the federations status of a user with an Service Provider. This method assumes that the user is already federated with the provider.
        Parameters:
        user - The user name obtained by calling getRemoteUser() on a Liberty-authenticated HttpServletRequest from the user.
        realm - The relam under which the entity resides.
        remoteProviderId - The entity ID of the Remote Service Provider.
        hostedProviderId - Hosted provider's entity ID.
        hostedProviderRole - Hosted Provider Role.
        Returns:
        The federation status of a user with an Service Provider.

      • getNonce

        public static String getNonce​(String user)
        Deprecated.
        This method has been deprecated. Please use other means to generate nounce.
        Returns a nonce for use in forms to be posted to well known servlets. Avoids cross site scripting type attacks.
        Parameters:
        user - The user obtained by calling getRemoteUser() on a Liberty-authenticated HttpServletRequestfrom the user.
        Returns:
        A string to be put in a hidden form field called "nonce".

      • checkNonce

        public static boolean checkNonce​(String nonce,
                                 String user)
        Deprecated.
        This method has been deprecated. Please use other means to verify nounce.
        Checks that the given nonce is the same as the last one returned via getNonce(), and invalidates it.
        Parameters:
        nonce - String containing nonce.
        user - User name passed to getNonce to obtain nonce.
        Returns:
        true is nonce is the same as the last one returned by getNonce method.

      • getIntroducedProvider

        public static String getIntroducedProvider​(jakarta.servlet.http.HttpServletRequest request)
        Returns the ID of the provider discovered via the introduction protocol. If null, no provider was discovered. Can be passed to LoginServlet if null.
        Parameters:
        request - HTTP servlet request.
        Returns:
        the provider ID

      • getMetaAliasKey

        public static String getMetaAliasKey()
        Returns the metaAliasKey from IFSConstants.
        Returns:
        the metaAliasKey from IFSConstants.

      • getTerminationProviderIDKey

        public static String getTerminationProviderIDKey()
        Returns the termination providerIDKey from IFSConstants.
        Returns:
        the termination providerIDKey from IFSConstants.

      • getRequestIDKey

        public static String getRequestIDKey()
        Returns the requestIDKey from IFSConstants.
        Returns:
        the requestIDKey from IFSConstants.

      • getProviderIDKey

        public static String getProviderIDKey()
        Returns the providerIDKey from IFSConstants.
        Returns:
        the providerIDKey from IFSConstants.

      • getLRURLKey

        public static String getLRURLKey()
        Returns the LRURLKey from IFSConstants.
        Returns:
        the LRURLKey from IFSConstants.

      • getCOTKey

        public static String getCOTKey()
        Returns the COT key from IFSConstants.
        Returns:
        the COT key from IFSConstants.

      • getSelectedProviderKey

        public static String getSelectedProviderKey()
        Returns the selectedProviderKey from IFSConstants.
        Returns:
        the selectedProviderKey from IFSConstants.

      • getFedErrorKey

        public static String getFedErrorKey()
        Returns Federation Error Key.
        Returns:
        Federation Error Key

      • getFedRemarkKey

        public static String getFedRemarkKey()
        Returns FederationRemark Key.
        Returns:
        FederationRemark Key

      • getUser

        public static String getUser​(jakarta.servlet.http.HttpServletRequest request)
        Returns the user from HttpServletRequest.
        Parameters:
        request - HTTP servlet request.
        Returns:
        the user from HttpServletRequest.

      • getHomeURL

        public static String getHomeURL​(String providerID,
                                String providerRole)
        Deprecated.
        This method is deprecated.
        Returns Provider's HomePageURL.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        Returns:
        Provider's HomePageURL.
        See Also:
        getHomeURL(String,String,String)

      • getHomeURL

        public static String getHomeURL​(String realm,
                                String providerID,
                                String providerRole)
        Returns Provider's HomePageURL.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        Returns:
        Provider's HomePageURL.

      • getPreLoginServletURL

        public static String getPreLoginServletURL​(String providerID,
                                           String providerRole,
                                           jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated.
        Returns PreLoginServlet URL and appends metaAlias to it.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        PreLoginServlet URL and appends metaAlias to it.
        See Also:
        getPreLoginServletURL(String,String,String,HttpServletRequest)

      • getPreLoginServletURL

        public static String getPreLoginServletURL​(String realm,
                                           String providerID,
                                           String providerRole,
                                           jakarta.servlet.http.HttpServletRequest request)
        Returns PreLoginServlet URL and appends metaAlias to it.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        PreLoginServlet URL and appends metaAlias to it.

      • getLoginURL

        public static String getLoginURL​(jakarta.servlet.http.HttpServletRequest request)
        Returns the LoginURL from IFSConstants.
        Parameters:
        request - HTTP servlet request.
        Returns:
        the LoginURL from IFSConstants

      • getInterSiteURL

        public static String getInterSiteURL​(jakarta.servlet.http.HttpServletRequest request)
        Returns the interSiteURL from IFSConstants.
        Parameters:
        request - HTTP servlet request.
        Returns:
        the interSiteURL from IFSConstants.

      • getEntityID

        public static String getEntityID​(String metaAlias)
        Returns entityID from the provider Alias using meta manager calls.
        Parameters:
        metaAlias - The metaAlias of the provider
        Returns:
        entityID corresponding to the metaAlias.

      • getProvidersToFederate

        public static Set getProvidersToFederate​(String providerID,
                                         String providerRole,
                                         String userName)
        Deprecated.
        This method is deprecated. Please use getProvidersToFederate(String, String, String,String)
        Returns the list of all Trusted Identity Providers of this user not already federated with. This is a subset of the Set returned by getIDPList(). This method is used to show the drop-down menu consisting of all the Identity Providers that the user is not already federated with.
        Parameters:
        providerID - provider's entity ID.
        providerRole - provider Role.
        userName - name of user.
        Returns:
        Set containing all the Identity Provider IDs which the user is not already federated with.
        See Also:
        getProvidersToFederate(String,String,String,String)

      • getProvidersToFederate

        public static Set getProvidersToFederate​(String realm,
                                         String providerID,
                                         String providerRole,
                                         String userName)
        Returns the list of all Trusted Identity Providers of this user not already federated with. This is a subset of the Set returned by getIDPList(). This method is used to show the drop-down menu consisting of all the Identity Providers that the user is not already federated with.
        Parameters:
        realm - the realm that the provider resides
        providerID - provider's entity ID.
        providerRole - provider Role.
        userName - name of user.
        Returns:
        Set containing all the Identity Provider IDs which the user is not already federated with.

      • getFederatedProviders

        public static Set getFederatedProviders​(String userName,
                                        String hostProviderId,
                                        String hostProviderRole)
        Deprecated.
        This method is deprecated.
        Returns the set of federated providers for an user using Account Management API.
        Parameters:
        userName - for which the federated providers are to be returned.
        hostProviderId - Hosted provider's entity ID.
        hostProviderRole - Hosted Provider Role.
        Returns:
        federated providers a Set containing the provider IDs of federated providers for the given userName.
        See Also:
        getFederatedProviders(String, String, String, String)

      • getFederatedProviders

        public static Set getFederatedProviders​(String userName,
                                        String realm,
                                        String hostProviderId,
                                        String hostProviderRole)
        Returns the set of federated providers for an user using Account Management API.
        Parameters:
        userName - for which the federated providers are to be returned.
        realm - The realm under which the entity resides.
        hostProviderId - Hosted provider's entity ID.
        hostProviderRole - Hosted Provider Role.
        Returns:
        federated providers a Set containing the provider IDs of federated providers for the given userName.

      • getListOfCOTs

        public static Set getListOfCOTs​(String providerId,
                                String providerRole)
        Deprecated.
        This method is deprecated.
        Returns the List of COTs for the given Provider under root realm.
        Parameters:
        providerId - The ID of the provider whose COTList is to be found
        providerRole - The Role of the provider whose COTList is to be found
        Returns:
        The set containing the authentication domains for the given provider.
        See Also:
        getListOfCOTs(String,String,String)

      • getListOfCOTs

        public static Set getListOfCOTs​(String realm,
                                String providerId,
                                String providerRole)
        Returns the List of COTs for the given Provider under a realm.
        Parameters:
        realm - The realm under which the entity resides.
        providerId - The ID of the provider whose COTList is to be found
        providerRole - The Role of the provider whose COTList is to be found
        Returns:
        The set containing the authentication domains for the given provider.

      • getMetaAlias

        public static String getMetaAlias​(String providerID,
                                  String providerRole)
        Deprecated.
        This method is deprecated by getMetaAlias(String,String,String).
        Returns metaAlias from provider ID under root realm.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        Returns:
        metaAlias from provider ID
        See Also:
        getMetaAlias(String,String,String)

      • getMetaAlias

        public static String getMetaAlias​(String realm,
                                  String providerID,
                                  String providerRole)
        Returns metaAlias from provider ID under a realm.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        Returns:
        metaAlias from provider ID

      • getFederationDonePageURL

        public static String getFederationDonePageURL​(String providerID,
                                              String providerRole,
                                              jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated.
        Returns the FederationDonePageURL from the provider ID under root realm.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the FederationDonePageURL from the provider ID.
        See Also:
        getFederationDonePageURL(String,String,String,HttpServletRequest)

      • getFederationDonePageURL

        public static String getFederationDonePageURL​(String realm,
                                              String providerID,
                                              String providerRole,
                                              jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated.
        Returns the FederationDonePageURL from the provider ID under a realm.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the FederationDonePageURL from the provider ID.
        See Also:
        getFederationDonePageURL(String,String,String,HttpServletRequest)

      • getTerminationDonePageURL

        public static String getTerminationDonePageURL​(String providerID,
                                               String providerRole,
                                               jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated
        Returns the TerminationDonePageURL from the provider ID under root realm.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the TerminationDonePageURL from the provider ID.
        See Also:
        getTerminationDonePageURL(String,String,String,HttpServletRequest)

      • getTerminationDonePageURL

        public static String getTerminationDonePageURL​(String realm,
                                               String providerID,
                                               String providerRole,
                                               jakarta.servlet.http.HttpServletRequest request)
        Returns the TerminationDonePageURL from the provider ID under a realm.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the TerminationDonePageURL from the provider ID.

      • getTerminationURL

        public static String getTerminationURL​(String providerID,
                                       String providerRole,
                                       jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated
        Returns Termination URL.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        Termination URL.
        See Also:
        getTerminationURL(String,String,String,HttpServletRequest)

      • getTerminationURL

        public static String getTerminationURL​(String realm,
                                       String providerID,
                                       String providerRole,
                                       jakarta.servlet.http.HttpServletRequest request)
        Returns Termination URL.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        Termination URL.

      • getNameRegistrationURL

        public static String getNameRegistrationURL​(String providerID,
                                            String providerRole,
                                            jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated.
        Returns NameRegistrationURL.
        Parameters:
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        NameRegistrationURL.
        See Also:
        getNameRegistrationURL(String,String,String,HttpServletRequest)

      • getNameRegistrationURL

        public static String getNameRegistrationURL​(String realm,
                                            String providerID,
                                            String providerRole,
                                            jakarta.servlet.http.HttpServletRequest request)
        Returns NameRegistrationURL.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        NameRegistrationURL.

      • getErrorPageURL

        public static String getErrorPageURL​(String providerId,
                                     String providerRole,
                                     jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated. Please use getErrorPageURL(String,String,String,HttpServletRequest)
        Returns the provider's error page.
        Parameters:
        providerId - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the provider's error page.
        See Also:
        getErrorPageURL(String,String,String,HttpServletRequest)

      • getErrorPageURL

        public static String getErrorPageURL​(String realm,
                                     String providerId,
                                     String providerRole,
                                     jakarta.servlet.http.HttpServletRequest request)
        Returns the provider's error page.
        Parameters:
        realm - The realm under which the entity resides.
        providerId - Provider's entity ID.
        providerRole - Provider Role.
        request - HTTP servlet request.
        Returns:
        the provider's error page.

      • getFederationHandlerURL

        public static String getFederationHandlerURL​(jakarta.servlet.http.HttpServletRequest request)
        Returns the FederationHandler.
        Parameters:
        request - HTTP servlet request
        Returns:
        the FederationHandler.

      • getConsentHandlerURL

        public static String getConsentHandlerURL​(jakarta.servlet.http.HttpServletRequest request)
        Returns the ConsentHandler.
        Parameters:
        request - HTTP servlet request.
        Returns:
        the ConsentHandler.

      • isLogoutSuccess

        public static boolean isLogoutSuccess​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if logout succeeded.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if logout succeeded.

      • isTerminationSuccess

        public static boolean isTerminationSuccess​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if Termination succeeds.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if Termination succeeds.

      • isFederationCancelled

        public static boolean isFederationCancelled​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if Federation is cancelled.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if Federation is cancelled.

      • isTerminationCancelled

        public static boolean isTerminationCancelled​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if termination is cancelled.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if termination is cancelled.

      • getRealmByMetaAlias

        public static String getRealmByMetaAlias​(String metaAlias)
        Returns the realm by parsing the metaAlias. MetaAlias format is 
         <realm>/<any string without '/'> for non-root realm or
 /<any string without '/'> for root realm.
        Parameters:
        metaAlias - The metaAlias.
        Returns:
        the realm associated with the metaAlias.

      • getNewRequest

        public static String getNewRequest​(jakarta.servlet.http.HttpServletRequest request)
        Creates New Request ID from the HttpRequestServlet.
        Parameters:
        request - HTTP servlet request.
        Returns:
        New Request ID from the HttpRequestServlet.

      • setAuthnRequest

        public static boolean setAuthnRequest​(FSAuthnRequest request,
                                      String entityID)
        Deprecated.
        This method is deprecated.
        Sets the authentication request to be sent to identity provider under root realm.
        Parameters:
        request - FSAuthnRequest associated with a user session.
        entityID - Hosted Provider's entity ID
        Returns:
        true if the operation is successful; false otherwise.
        See Also:
        setAuthnRequest(FSAuthnRequest,String,String)

      • setAuthnRequest

        public static boolean setAuthnRequest​(FSAuthnRequest request,
                                      String realm,
                                      String entityID)
        Sets the authentication request to be sent to identity provider.
        Parameters:
        request - FSAuthnRequest associated with a user session.
        realm - the realm in which the entity resides
        entityID - Hosted Provider's entity ID
        Returns:
        true if the operation is successful; false otherwise.

      • cleanQueryString

        public static String cleanQueryString​(jakarta.servlet.http.HttpServletRequest request)

      • getSuccinctID

        public static String getSuccinctID​(String entityID)
        Deprecated.
        This method has been deprecated. Use getSuccinctID(String, String)
        Returns succinct ID of a provider.
        Parameters:
        entityID - provider's entity ID.
        Returns:
        succinct ID of a provider.

      • getSuccinctID

        public static String getSuccinctID​(String providerID,
                                   String providerRole)
        Returns succinct ID of a provider.
        Parameters:
        providerID - provider's entity ID.
        providerRole - provider Role.
        Returns:
        succinct ID of a provider.

      • getRegisteredProviders

        public static Set getRegisteredProviders​(String userName,
                                         String hostProviderId,
                                         String providerRole)
        Deprecated.
        This method is deprecated. Please use getRegisteredProviders(String,String,String,String)
        Returns registered providers of an user.
        Parameters:
        userName - user ID.
        hostProviderId - Hosted provider's entity ID.
        providerRole - Hosted Provider Role.
        Returns:
        registered providers.
        See Also:
        getRegisteredProviders(String,String,String,String)

      • getRegisteredProviders

        public static Set getRegisteredProviders​(String userName,
                                         String realm,
                                         String hostProviderId,
                                         String providerRole)
        Returns registered providers of an user.
        Parameters:
        userName - user ID.
        realm - The realm under which the entity resides.
        hostProviderId - Hosted provider's entity ID.
        providerRole - Hosted Provider Role.
        Returns:
        registered providers.

      • getNameRegistrationProviderIDKey

        public static String getNameRegistrationProviderIDKey()
        Returns name registration provider ID key.
        Returns:
        name registration provider ID key.

      • isNameRegistrationCancelled

        public static boolean isNameRegistrationCancelled​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if name registration is cancelled.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if name registration is cancelled.

      • isNameRegistrationSuccess

        public static boolean isNameRegistrationSuccess​(jakarta.servlet.http.HttpServletRequest request)
        Returns true if name registration succeeds.
        Parameters:
        request - HTTP servlet request.
        Returns:
        true if name registration succeeds.

      • getNameRegistrationDonePageURL

        public static String getNameRegistrationDonePageURL​(String providerID,
                                                    String providerRole,
                                                    jakarta.servlet.http.HttpServletRequest request)
        Deprecated.
        This method is deprecated. Please use getNameRegistrationDonePageURL( String,String,String,HttpServletRequest)
        Returns the Name RegistrationDonePageURL from the providerID under root realm.
        Parameters:
        providerID - provider's entity ID.
        providerRole - provider Role.
        request - HTTP servlet request.
        Returns:
        the Name RegistrationDonePageURL from the providerID.
        See Also:
        getNameRegistrationDonePageURL(String,String,String,HttpServletRequest)

      • getNameRegistrationDonePageURL

        public static String getNameRegistrationDonePageURL​(String realm,
                                                    String providerID,
                                                    String providerRole,
                                                    jakarta.servlet.http.HttpServletRequest request)
        Returns the Name RegistrationDonePageURL from the providerID under a realm.
        Parameters:
        realm - The realm under which the entity resides.
        providerID - provider's entity ID.
        providerRole - provider Role.
        request - HTTP servlet request.
        Returns:
        the Name RegistrationDonePageURL from the providerID.

      • getAuthnRequestEnvelope

        public static String getAuthnRequestEnvelope​(jakarta.servlet.http.HttpServletRequest request)
        Returns Authentication Request Envelope from a HTTP servlet request.
        Parameters:
        request - a HTTP servlet request
        Returns:
        Authentication Request Envelope in String

      • isLECPProfile

        public static boolean isLECPProfile​(jakarta.servlet.http.HttpServletRequest request)
        Determines if a HTTP servlet request is Liberty-enabled client and proxy profile.
        Parameters:
        request - a HTTP servlet request
        Returns:
        true if it is Liberty-enabled client and proxy profile

      • getLECPHeaderName

        public static String getLECPHeaderName()
        Returns Liberty-enabled client and proxy profile HTTP header name.
        Returns:
        header name

      • getLECPContentType

        public static String getLECPContentType()
        Returns Liberty-enabled client and proxy profile HTTP content type.
        Returns:
        content type

      • getDiscoveryBootStrapResourceOfferings

        public static NodeList getDiscoveryBootStrapResourceOfferings​(jakarta.servlet.http.HttpServletRequest request,
                                                              String providerID)
        Deprecated.
        This method has been deprecated. Use getDiscoveryBootStrapResourceOfferings( HttpServletRequest request, String providerID, String providerRole)
        Returns the Discovery Service Resource Offerings nodes in an attribute statement. After a single sign-on with an Identity Provider, a service provider may get Discovery Service Resource Offerings through a SAML assertion. This APIs helps in retrieving the resource offerings if the user has been authenticated through the liberty SSO. It will need to have a valid single sign on token (generated through the liberty SSO).
        Parameters:
        request - HttpServletRequest associated with a user session.
        providerID - Hosted Provider's entity ID
        Returns:
        NodeList Discovery Resource Offering Nodes, null if there is any failure or if there is not one

      • getDiscoveryBootStrapResourceOfferings

        public static NodeList getDiscoveryBootStrapResourceOfferings​(jakarta.servlet.http.HttpServletRequest request,
                                                              String providerID,
                                                              String providerRole)
        Returns the Discovery Service Resource Offerings nodes in an attribute statement. After a single sign-on with an Identity Provider, a service provider may get Discovery Service Resource Offerings through a SAML assertion. This APIs helps in retrieving the resource offerings if the user has been authenticated through the liberty SSO. It will need to have a valid single sign on token (generated through the liberty SSO). The service provider should be under root realm.
        Parameters:
        request - HttpServletRequest associated with a user session.
        providerID - Hosted Provider's entity ID
        providerRole - Hosted Provider Role
        Returns:
        NodeList Discovery Resource Offering Nodes, null if there is any failure or if there is not one

      • getDiscoveryBootStrapCredentials

        public static List getDiscoveryBootStrapCredentials​(jakarta.servlet.http.HttpServletRequest request,
                                                    String providerID)
        Deprecated.
        This method has been deprecated. Use getDiscoveryBootStrapCredentials( HttpServletRequest request, String providerID, String providerRole)
        Returns the Discovery Service Credentials in the Advice element. After a single sign-on with an Identity Provider, a service provider may get Discovery Service Resource Offerings and Credentials through a SAML assertion. This APIs helps in retrieving the Credentials if the user has been authenticated through the liberty SSO. It will need to have a valid single sign on token (generated through the liberty SSO). The service provider should be under root realm.
        Parameters:
        request - HttpServletRequest associated with a user session.
        providerID - Hosted Provider's entity ID
        Returns:
        List of SecurityAssertions, null if there is any failure or if there is not one

      • getDiscoveryBootStrapCredentials

        public static List getDiscoveryBootStrapCredentials​(jakarta.servlet.http.HttpServletRequest request,
                                                    String providerID,
                                                    String providerRole)
        Returns the Discovery Service Credentials in the Advice element. After a single sign-on with an Identity Provider, a service provider may get Discovery Service Resource Offerings and Credentials through a SAML assertion. This APIs helps in retrieving the Credentials if the user has been authenticated through the liberty SSO. It will need to have a valid single sign on token (generated through the liberty SSO). The service provider should be under root realm.
        Parameters:
        request - HttpServletRequest associated with a user session.
        providerID - Hosted Provider's entity ID
        providerRole - Hosted Provider Role
        Returns:
        List of SecurityAssertions, null if there is any failure or if there is not one

      • getAuthnContext

        public static String getAuthnContext​(jakarta.servlet.http.HttpServletRequest request,
                                     String entityID)
        Deprecated.
        This method is deprecated.
        Returns the authentication context used in liberty single sign-on. After single sign-on with an Identity Provider, a service provider may obtain the authentication context used by the identity provider that authenticates the user. It will need to have a valid single sign on token (generated through the liberty SSO). The providers are under root realm.
        Parameters:
        request - HttpServletRequest associated with a user session.
        entityID - Hosted Provider's entity ID
        Returns:
        authentication context string; null if there is any failure, or no liberty session is found.
        See Also:
        getAuthnContext(HttpServletRequest,String,String)

      • getAuthnContext

        public static String getAuthnContext​(jakarta.servlet.http.HttpServletRequest request,
                                     String realm,
                                     String entityID)
        Returns the authentication context used in liberty single sign-on. After single sign-on with an Identity Provider, a service provider may obtain the authentication context used by the identity provider that authenticates the user. It will need to have a valid single sign on token (generated through the liberty SSO).
        Parameters:
        request - HttpServletRequest associated with a user session.
        realm - the realm in which the provider resides
        entityID - Hosted Provider's entity ID
        Returns:
        authentication context string; null if there is any failure, or no liberty session is found.

      • getAccountFedInfo

        public static FSAccountFedInfo getAccountFedInfo​(jakarta.servlet.http.HttpServletRequest request,
                                                 String entityID)
        Deprecated.
        This method is deprecated.
        Returns the federation information associated with current liberty session. It will need to have a valid single sign on token (generated through the liberty SSO). It is for a service provider in a root realm.
        Parameters:
        request - HttpServletRequest associated with a user session.
        entityID - Hosted Provider's entity ID
        Returns:
        FSAccountFedInfo associated with this session. null if there is any failure, or no liberty session is found.
        See Also:
        getAccountFedInfo(HttpServletRequest,String,String,String)

      • getAccountFedInfo

        public static FSAccountFedInfo getAccountFedInfo​(jakarta.servlet.http.HttpServletRequest request,
                                                 String realm,
                                                 String entityID,
                                                 String providerRole)
        Returns the federation information associated with current liberty session. It will need to have a valid single sign on token (generated through the liberty SSO).
        Parameters:
        request - HttpServletRequest associated with a user session.
        realm - the realm in which the provider resides
        entityID - Hosted Provider's entity ID
        providerRole - the role of the provider
        Returns:
        FSAccountFedInfo associated with this session. null if there is any failure, or no liberty session is found.

      • getProviderRole

        public static String getProviderRole​(String metaAlias)
        Returns providerRole from the ProviderAlias using meta Mgmt calls.
        Parameters:
        metaAlias - The metaAlias of the provider
        Returns:
        providerRole corresponding to the metaAlias.

      • getMappedNameIdentifier

        public static NameIdentifier getMappedNameIdentifier​(String hostedSPMetaAlias,
                                                     Object ssoToken,
                                                     String remoteSPEntityID)
        Returns NameIdentifier between the IDP and the other SP for the same principal. This method should be used by the code on the hosted SP, where the user has logged in, and has an account linking with the IDP. Futhermore, the same principal has an account linking between his/her other (remote) SP account and the IDP account.
        Parameters:
        hostedSPMetaAlias - The metaAlias of the local service provider.
        ssoToken - The session token of the logged- in user on the local service provider.
        remoteSPEntityID - The entity ID of the remote service provider. In other words, it is the targeted name space for the returned name identifier.
        Returns:
        NameIdentifier of the same principal but original established between the remote SP and the IDP