com.sun.identity.saml2.plugins.IDPAccountMapper Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of openam-federation-library Show documentation
Show all versions of openam-federation-library Show documentation
OpenAM Federation Library Components
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* https://opensso.dev.java.net/public/CDDLv1.0.html or
* opensso/legal/CDDLv1.0.txt
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: IDPAccountMapper.java,v 1.5 2008/06/25 05:47:51 qcheng Exp $
*
* Portions Copyrighted 2015-2016 ForgeRock AS.
*/
package com.sun.identity.saml2.plugins;
import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.protocol.ManageNameIDRequest;
/**
* The interface IDPAccountMapper
is used to map the local identities to the SAML
protocol
* objects and also the vice versa for some of the protocols for e.g. ManageNameIDRequest
.
*
* This mapper interface is used to map the identities only at the SAML Identity Provider
. The
* implementation of this interface will be used by the SAML
framework to retrieve the user's account
* federation information for constructing SAML protocol objects such as Assertion
and also to find out
* the corresponding user account for the given SAML requests.
*
* @see com.sun.identity.saml2.plugins.SPAccountMapper
*
*/
public interface IDPAccountMapper {
/**
* Returns the user's NameID
information that contains account federation with the corresponding remote
* and local entities.
*
* @param session Single Sign On session of the user.
* @param hostEntityID EntityID
of the hosted provider.
* @param remoteEntityID EntityID
of the remote provider.
* @param realm Realm or the organization name that may be used to find the user information.
* @param nameIDFormat NameID
format.
* @return The NameID
corresponding to the authenticated user.
* @throws SAML2Exception If there was any failure.
*/
public NameID getNameID(Object session, String hostEntityID, String remoteEntityID, String realm,
String nameIDFormat) throws SAML2Exception;
/**
* Returns the user's distinguished name or the universal ID for the corresponding
* SAML ManageNameIDRequest
.
* This method returns the universal ID or the DN based on the deployment of
* the SAMLv2 plugin base platform.
*
* @param manageNameIDRequest SAML ManageNameIDRequest
that needs to be mapped to the user.
* @param hostEntityID EntityID
of the hosted provider.
* @param realm Realm or the organization name that may be used to find the user information.
* @return User's distinguished name or the universal ID.
* @throws SAML2Exception If there was any failure.
*/
public String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm)
throws SAML2Exception;
/**
* Returns the user's distinguished name or the universal ID for the corresponding SAML NameID
.
* This method returns the universal ID or the DN based on the deployment of the SAMLv2 plugin base platform.
*
* @param nameID SAML NameID
that needs to be mapped to the user.
* @param hostEntityID EntityID
of the hosted provider.
* @param remoteEntityID EntityID
of the remote provider.
* @param realm Realm or the organization name that may be used to find the user information.
* @return User's distinguished name or the universal ID.
* @throws SAML2Exception If there was any failure.
*/
public String getIdentity(NameID nameID, String hostEntityID, String remoteEntityID, String realm)
throws SAML2Exception;
/**
* Tells whether the provided NameID-Format should be persisted in the user data store or not.
*
* @param realm The hosted IdP's realm.
* @param hostEntityID The hosted IdP's entityID.
* @param remoteEntityID The remote SP's entityID.
* @param nameIDFormat The non-transient NameID-Format in question.
* @return true
if the provided NameID-Format should be persisted in the user data store,
* false
otherwise.
*/
public boolean shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID,
String nameIDFormat);
}