• Home
• org.openidentityplatform.openam
• openam-federation-library
• 14.6.3
• source code
• IDPAccountMapper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sun.identity.saml2.plugins.IDPAccountMapper Maven / Gradle / Ivy

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
 *
 * The contents of this file are subject to the terms
 * of the Common Development and Distribution License
 * (the License). You may not use this file except in
 * compliance with the License.
 *
 * You can obtain a copy of the License at
 * https://opensso.dev.java.net/public/CDDLv1.0.html or
 * opensso/legal/CDDLv1.0.txt
 * See the License for the specific language governing
 * permission and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL
 * Header Notice in each file and include the License file
 * at opensso/legal/CDDLv1.0.txt.
 * If applicable, add the following below the CDDL Header,
 * with the fields enclosed by brackets [] replaced by
 * your own identifying information:
 * "Portions Copyrighted [year] [name of copyright owner]"
 *
 * $Id: IDPAccountMapper.java,v 1.5 2008/06/25 05:47:51 qcheng Exp $
 *
 * Portions Copyrighted 2015-2016 ForgeRock AS.
 */
package com.sun.identity.saml2.plugins;

import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.protocol.ManageNameIDRequest;

/**
 * The interface IDPAccountMapper is used to map the local identities to the SAML protocol
 * objects and also the vice versa for some of the protocols for e.g. ManageNameIDRequest.
 * 

 * This mapper interface is used to map the identities only at the SAML Identity Provider. The
 * implementation of this interface will be used by the SAML framework to retrieve the user's account
 * federation information for constructing SAML protocol objects such as Assertion and also to find out
 * the corresponding user account for the given SAML requests.
 *
 * @see com.sun.identity.saml2.plugins.SPAccountMapper
 * 
 */
public interface IDPAccountMapper {

    /**
     * Returns the user's NameIDinformation that contains account federation with the corresponding remote
     * and local entities.
     *
     * @param session Single Sign On session of the user.
     * @param hostEntityID EntityID of the hosted provider.
     * @param remoteEntityID EntityID of the remote provider.
     * @param realm Realm or the organization name that may be used to find the user information.
     * @param nameIDFormat NameID format.
     * @return The NameID corresponding to the authenticated user.
     * @throws SAML2Exception If there was any failure.
     */
    public NameID getNameID(Object session, String hostEntityID, String remoteEntityID, String realm,
            String nameIDFormat) throws SAML2Exception;


    /**
     * Returns the user's distinguished name or the universal ID for the corresponding
     * SAML ManageNameIDRequest.
     * This method returns the universal ID or the DN based on the deployment of
     * the SAMLv2 plugin base platform.
     *
     * @param manageNameIDRequest SAML ManageNameIDRequest that needs to be mapped to the user.
     * @param hostEntityID EntityID of the hosted provider.
     * @param realm Realm or the organization name that may be used to find the user information.
     * @return User's distinguished name or the universal ID.
     * @throws SAML2Exception If there was any failure.
     */
    public String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm)
            throws SAML2Exception;

    /**
     * Returns the user's distinguished name or the universal ID for the corresponding SAML NameID.
     * This method returns the universal ID or the DN based on the deployment of the SAMLv2 plugin base platform.
     *
     * @param nameID SAML NameID that needs to be mapped to the user.
     * @param hostEntityID EntityID of the hosted provider.
     * @param remoteEntityID EntityID of the remote provider.
     * @param realm Realm or the organization name that may be used to find the user information.
     * @return User's distinguished name or the universal ID.
     * @throws SAML2Exception If there was any failure.
     */
    public String getIdentity(NameID nameID, String hostEntityID, String remoteEntityID, String realm)
            throws SAML2Exception;

    /**
     * Tells whether the provided NameID-Format should be persisted in the user data store or not.
     *
     * @param realm The hosted IdP's realm.
     * @param hostEntityID The hosted IdP's entityID.
     * @param remoteEntityID The remote SP's entityID.
     * @param nameIDFormat The non-transient NameID-Format in question.
     * @return true if the provided NameID-Format should be persisted in the user data store,
     * false otherwise.
     */
    public boolean shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID,
            String nameIDFormat);
}