org.aselect.server.request.handler.saml11.websso
Class AbstractWebSSOProfile

java.lang.Object
  extended by org.aselect.server.request.handler.saml11.websso.AbstractWebSSOProfile
All Implemented Interfaces:
IWebSSOProfile
Direct Known Subclasses:
BrowserArtifact, BrowserPost

public abstract class AbstractWebSSOProfile
extends java.lang.Object
implements IWebSSOProfile

Abstract class implementing the basic functionality of a WebSSO profile handler.

Description:
Reads default configuration and contains functionality for SAMLAssertion generation.

Concurrency issues:
-

Author:
Alfa & Ariss

Field Summary
protected  ASelectConfigManager _configManager
           
protected  long _lAssertionExpireTime
           
protected  SessionManager _oSessionManager
           
protected  TGTManager _oTGTManager
           
protected  java.lang.String _sASelectServerID
           
protected  ASelectSystemLogger _systemLogger
           
protected static java.lang.String SESSION_ID_PREFIX
           
 
Constructor Summary
AbstractWebSSOProfile()
           
 
Method Summary
protected  org.opensaml.SAMLAssertion createSAMLAssertion(java.lang.String sUid, java.lang.String sProviderId, java.util.Hashtable htInfo, java.lang.String sIP, java.lang.String sHost, java.lang.String sConfirmationMethod, java.lang.String sIdp)
          Creates a SAMLAssertion object.
abstract  void destroy()
          Removes class variables from memory.
 java.lang.String getID()
          Returns the configured profile id

 void init(java.lang.Object oConfig, long lAssertionExpireTime, java.lang.String sAttributeNamespace, boolean bSendAttributeStatement)
          Initializes the default functionality for a WebSSO profile Handler.
abstract  void process(java.util.Hashtable htInfo, javax.servlet.http.HttpServletResponse response, java.lang.String sIP, java.lang.String sHost)
          processes a request and sends a websso response.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SESSION_ID_PREFIX

protected static final java.lang.String SESSION_ID_PREFIX
See Also:
Constant Field Values

_systemLogger

protected ASelectSystemLogger _systemLogger

_configManager

protected ASelectConfigManager _configManager

_lAssertionExpireTime

protected long _lAssertionExpireTime

_oSessionManager

protected SessionManager _oSessionManager

_oTGTManager

protected TGTManager _oTGTManager

_sASelectServerID

protected java.lang.String _sASelectServerID
Constructor Detail

AbstractWebSSOProfile

public AbstractWebSSOProfile()
Method Detail

init

public void init(java.lang.Object oConfig,
                 long lAssertionExpireTime,
                 java.lang.String sAttributeNamespace,
                 boolean bSendAttributeStatement)
          throws ASelectException
Initializes the default functionality for a WebSSO profile Handler.

Description:
  • Sets class variables with a protective scope
  • Reads the A-Select Server id from A-Select Server basic configuration
  • Reads the 'id' config item from the 'profile' config section of the WebSSO Profile handler config


  • Specified by:
    init in interface IWebSSOProfile
    Parameters:
    oConfig - object containing the configuration used by the A-Select ConfigManager
    lAssertionExpireTime - the configured assertion expire time
    sAttributeNamespace - the configured attribute namespace that will be used for creating attributes
    bSendAttributeStatement - TRUE if the Attribute Statement must be send direclty
    Throws:
    ASelectException - if initialization fails
    See Also:
    IWebSSOProfile.init(java.lang.Object, long, java.lang.String, boolean)

    getID

    public java.lang.String getID()
    Returns the configured profile id

    Specified by:
    getID in interface IWebSSOProfile
    Returns:
    String containing the profile class id
    See Also:
    IWebSSOProfile.getID()

    process

    public abstract void process(java.util.Hashtable htInfo,
                                 javax.servlet.http.HttpServletResponse response,
                                 java.lang.String sIP,
                                 java.lang.String sHost)
                          throws ASelectException
    Description copied from interface: IWebSSOProfile
    processes a request and sends a websso response.

    Description:
    Sends a SAML 1.1 WebSSO response

    Concurrency issues:
    -

    Preconditions:
    -

    Postconditions:
    -

    Specified by:
    process in interface IWebSSOProfile
    Parameters:
    htInfo - containing the A-Select verify_credentials response items
    response - the HttpServletResponse were to the SAML response will be sent
    sIP - the client IP address
    sHost - the host representation of the clients IP address
    Throws:
    ASelectException - if processing fails
    See Also:
    IWebSSOProfile.process(java.util.Hashtable, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)

    destroy

    public abstract void destroy()
    Description copied from interface: IWebSSOProfile
    Removes class variables from memory.

    Specified by:
    destroy in interface IWebSSOProfile
    See Also:
    IWebSSOProfile.destroy()

    createSAMLAssertion

    protected org.opensaml.SAMLAssertion createSAMLAssertion(java.lang.String sUid,
                                                             java.lang.String sProviderId,
                                                             java.util.Hashtable htInfo,
                                                             java.lang.String sIP,
                                                             java.lang.String sHost,
                                                             java.lang.String sConfirmationMethod,
                                                             java.lang.String sIdp)
                                                      throws ASelectException
    Creates a SAMLAssertion object.

    Description:
    Reads the following configuration:
    <profile id='[id]' class='[class]'>
     ...
    </profile>
  • id - the unique id of the web sso handler
  • class - the physical web sso handler class


  • Creates a SAMLAssertion object containing the authentication statement and (if available) attribute statement
  • Creates SAMLAuthenticationStatement
  • Creates SAMLAttributeStatement if attributes are available
  • Stores SAML information needed for queries in the A-Select TGT Manager


  • Concurrency issues:
    -

    Preconditions:
  • sUid != null
  • sProviderId != null
  • htInfo != null
  • sConfirmationMethod != null


  • htInfo must contain the following items:
  • authsp
  • app_id
  • attributes


  • Postconditions:
    -

    Parameters:
    sUid - the A-Select user id of the requestor
    sProviderId - the providerId that is requested
    htInfo - Hashtable containing user information
    sIP - the client IP address
    sHost - the Host representation of the client IP address
    sConfirmationMethod - the SAML Confirmation Method that must be used when creating a SAML Authentication statement
    Returns:
    the requested SAMLAssertion object
    Throws:
    ASelectException - if creation fails


    Copyright © 2008 SURFnet BV. All Rights Reserved.