public class AddNameIdentifierToSubjects extends AbstractProfileAction
NameIdentifier
and adds it to the Subject
of all the statements
in all the assertions found via a lookup strategy, by default from the outbound message context.
No assertions or statements will be created by this action, but if no Subject
exists in
the statements found, it will be created.
The source of the NameIdentifier
is one of a set of candidate SAML1NameIdentifierGenerator
plugins injected into the action. The plugin(s) to attempt to use are derived from the Format value,
which is established by a lookup strategy.
EventIds.PROCEED_EVENT_ID
Modifier and Type | Class and Description |
---|---|
private class |
AddNameIdentifierToSubjects.AssertionStrategy
Default strategy for obtaining assertions to modify.
|
Modifier and Type | Field and Description |
---|---|
private List<Assertion> |
assertions
Assertions to modify.
|
private com.google.common.base.Function<ProfileRequestContext,List<Assertion>> |
assertionsLookupStrategy
Strategy used to locate the
Assertion s to operate on. |
private com.google.common.base.Function<ProfileRequestContext,List<String>> |
formatLookupStrategy
Strategy used to determine the formats to try.
|
private List<String> |
formats
Formats to try.
|
private SAML1NameIdentifierGenerator |
generator
Generator to use.
|
private org.slf4j.Logger |
log
Class logger.
|
private SAMLObjectBuilder<NameIdentifier> |
nameIdentifierBuilder
Builder for NameIdentifier objects.
|
private boolean |
overwriteExisting
Flag controlling whether to overwrite an existing NameIdentifier.
|
private SAMLObjectBuilder<Subject> |
subjectBuilder
Builder for Subject objects.
|
Constructor and Description |
---|
AddNameIdentifierToSubjects()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
private NameIdentifier |
cloneNameIdentifier(NameIdentifier nameIdentifier)
Create an efficient field-wise copy of a
NameIdentifier . |
protected void |
doExecute(ProfileRequestContext profileRequestContext) |
protected void |
doInitialize() |
protected boolean |
doPreExecute(ProfileRequestContext profileRequestContext) |
private NameIdentifier |
generateNameIdentifier(ProfileRequestContext profileRequestContext)
Attempt to generate a
NameIdentifier using each of the candidate Formats and plugins. |
private Subject |
getStatementSubject(SubjectStatement statement)
Get the subject to which the name identifier will be added.
|
void |
setAssertionsLookupStrategy(com.google.common.base.Function<ProfileRequestContext,List<Assertion>> strategy)
Set the strategy used to locate the
Assertion s to operate on. |
void |
setFormatLookupStrategy(com.google.common.base.Function<ProfileRequestContext,List<String>> strategy)
Set the strategy function to use to obtain the formats to try.
|
void |
setNameIdentifierGenerator(SAML1NameIdentifierGenerator theGenerator)
Set the generator to use.
|
void |
setOverwriteExisting(boolean flag)
Set whether to overwrite any existing
NameIdentifier objects found. |
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
destroy, doDestroy, initialize, isDestroyed, isInitialized
@Nonnull private final org.slf4j.Logger log
@Nonnull private final SAMLObjectBuilder<Subject> subjectBuilder
@Nonnull private final SAMLObjectBuilder<NameIdentifier> nameIdentifierBuilder
private boolean overwriteExisting
@Nonnull private com.google.common.base.Function<ProfileRequestContext,List<Assertion>> assertionsLookupStrategy
Assertion
s to operate on.@Nonnull private com.google.common.base.Function<ProfileRequestContext,List<String>> formatLookupStrategy
@NonnullAfterInit private SAML1NameIdentifierGenerator generator
public void setOverwriteExisting(boolean flag)
NameIdentifier
objects found.flag
- true iff the action should overwrite any existing objectspublic void setAssertionsLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,List<Assertion>> strategy)
Assertion
s to operate on.strategy
- lookup strategypublic void setFormatLookupStrategy(@Nonnull com.google.common.base.Function<ProfileRequestContext,List<String>> strategy)
strategy
- format lookup strategypublic void setNameIdentifierGenerator(@Nonnull SAML1NameIdentifierGenerator theGenerator)
theGenerator
- the generator to useprotected void doInitialize() throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
doInitialize
in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
net.shibboleth.utilities.java.support.component.ComponentInitializationException
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
doPreExecute
in class AbstractProfileAction
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
doExecute
in class AbstractProfileAction
@Nullable private NameIdentifier generateNameIdentifier(@Nonnull ProfileRequestContext profileRequestContext)
NameIdentifier
using each of the candidate Formats and plugins.profileRequestContext
- current profile request contextNameIdentifier
or null@Nonnull private Subject getStatementSubject(@Nonnull SubjectStatement statement)
statement
- the statement being modified@Nonnull private NameIdentifier cloneNameIdentifier(@Nonnull NameIdentifier nameIdentifier)
NameIdentifier
.nameIdentifier
- the object to cloneCopyright © 1999–2020 Shibboleth Consortium. All rights reserved.