shibsp::AssertionConsumerService Class Reference
Base class for handlers that create sessions by consuming SSO protocol responses. More...
#include <shibsp/handler/AssertionConsumerService.h>
Inheritance diagram for shibsp::AssertionConsumerService:
Public Member Functions | |
| std::pair< bool, long > | run (SPRequest &request, bool isHandler=true) const |
| Executes handler functionality as an incoming request. | |
| void | receive (DDF &in, std::ostream &out) |
| Remoted classes implement this method to process incoming messages. | |
| const char * | getType () const |
| Returns the "type" of the Handler plugin. | |
Protected Member Functions | |
| AssertionConsumerService (const xercesc::DOMElement *e, const char *appId, xmltooling::logging::Category &log) | |
| Constructor. | |
| void | checkAddress (const Application &application, const xmltooling::HTTPRequest &httpRequest, const char *issuedTo) const |
| Enforce address checking requirements. | |
| void | generateMetadata (opensaml::saml2md::SPSSODescriptor &role, const char *handlerURL) const |
| Generates and/or modifies metadata reflecting the Handler. | |
| virtual void | implementProtocol (const Application &application, const xmltooling::HTTPRequest &httpRequest, xmltooling::HTTPResponse &httpResponse, opensaml::SecurityPolicy &policy, const PropertySet *settings, const xmltooling::XMLObject &xmlObject) const =0 |
| Implement protocol-specific handling of the incoming decoded message. | |
| virtual void | extractMessageDetails (const opensaml::Assertion &assertion, const XMLCh *protocol, opensaml::SecurityPolicy &policy) const |
| Extracts policy-relevant assertion details. | |
| ResolutionContext * | resolveAttributes (const Application &application, const opensaml::saml2md::RoleDescriptor *issuer=NULL, const XMLCh *protocol=NULL, const opensaml::saml1::NameIdentifier *v1nameid=NULL, const opensaml::saml2::NameID *nameid=NULL, const XMLCh *authncontext_class=NULL, const XMLCh *authncontext_decl=NULL, const std::vector< const opensaml::Assertion * > *tokens=NULL) const |
| Attempt SSO-initiated attribute resolution using the supplied information, including NameID and token extraction and filtering followed by secondary resolution. | |
Detailed Description
Base class for handlers that create sessions by consuming SSO protocol responses.Constructor & Destructor Documentation
| shibsp::AssertionConsumerService::AssertionConsumerService | ( | const xercesc::DOMElement * | e, | |
| const char * | appId, | |||
| xmltooling::logging::Category & | log | |||
| ) | [protected] |
Constructor.
- Parameters:
-
e root of DOM configuration appId ID of application that "owns" the handler log a logging object to use
Member Function Documentation
| std::pair<bool,long> shibsp::AssertionConsumerService::run | ( | SPRequest & | request, | |
| bool | isHandler = true | |||
| ) | const [virtual] |
Executes handler functionality as an incoming request.
Handlers can be run either directly by incoming web requests or indirectly/implicitly during other SP processing.
- Parameters:
-
request SP request context isHandler true iff executing in the context of a direct handler invocation
- Returns:
- a pair containing a "request completed" indicator and a server-specific response code
Implements shibsp::Handler.
| void shibsp::AssertionConsumerService::receive | ( | DDF & | in, | |
| std::ostream & | out | |||
| ) | [virtual] |
| void shibsp::AssertionConsumerService::checkAddress | ( | const Application & | application, | |
| const xmltooling::HTTPRequest & | httpRequest, | |||
| const char * | issuedTo | |||
| ) | const [protected] |
Enforce address checking requirements.
- Parameters:
-
application reference to application receiving message httpRequest client request that initiated session issuedTo address for which security assertion was issued
| void shibsp::AssertionConsumerService::generateMetadata | ( | opensaml::saml2md::SPSSODescriptor & | role, | |
| const char * | handlerURL | |||
| ) | const [protected, virtual] |
Generates and/or modifies metadata reflecting the Handler.
The default implementation does nothing.
- Parameters:
-
role metadata role to decorate handlerURL base location of handler's endpoint
Reimplemented from shibsp::Handler.
| virtual void shibsp::AssertionConsumerService::implementProtocol | ( | const Application & | application, | |
| const xmltooling::HTTPRequest & | httpRequest, | |||
| xmltooling::HTTPResponse & | httpResponse, | |||
| opensaml::SecurityPolicy & | policy, | |||
| const PropertySet * | settings, | |||
| const xmltooling::XMLObject & | xmlObject | |||
| ) | const [protected, pure virtual] |
Implement protocol-specific handling of the incoming decoded message.
The result of implementing the protocol should be an exception or modifications to the request/response objects to reflect processing of the message.
- Parameters:
-
application reference to application receiving message httpRequest client request that included message httpResponse response to client policy the SecurityPolicy in effect, after having evaluated the message settings policy configuration settings in effect xmlObject a protocol-specific message object
| virtual void shibsp::AssertionConsumerService::extractMessageDetails | ( | const opensaml::Assertion & | assertion, | |
| const XMLCh * | protocol, | |||
| opensaml::SecurityPolicy & | policy | |||
| ) | const [protected, virtual] |
Extracts policy-relevant assertion details.
- Parameters:
-
assertion the incoming assertion protocol the protocol family in use policy SecurityPolicy to provide various components and track message data
| ResolutionContext* shibsp::AssertionConsumerService::resolveAttributes | ( | const Application & | application, | |
| const opensaml::saml2md::RoleDescriptor * | issuer = NULL, |
|||
| const XMLCh * | protocol = NULL, |
|||
| const opensaml::saml1::NameIdentifier * | v1nameid = NULL, |
|||
| const opensaml::saml2::NameID * | nameid = NULL, |
|||
| const XMLCh * | authncontext_class = NULL, |
|||
| const XMLCh * | authncontext_decl = NULL, |
|||
| const std::vector< const opensaml::Assertion * > * | tokens = NULL | |||
| ) | const [protected] |
Attempt SSO-initiated attribute resolution using the supplied information, including NameID and token extraction and filtering followed by secondary resolution.
The caller must free the returned context handle.
- Parameters:
-
application reference to application receiving message issuer source of SSO tokens protocol SSO protocol used v1nameid identifier of principal in SAML 1.x form, if any nameid identifier of principal in SAML 2.0 form authncontext_class method/category of authentication event, if known authncontext_decl specifics of authentication event, if known tokens available assertions, if any
| const char* shibsp::AssertionConsumerService::getType | ( | ) | const [inline, virtual] |
Returns the "type" of the Handler plugin.
- Returns:
- a Handler type
Reimplemented from shibsp::Handler.
The documentation for this class was generated from the following file:
- shibsp/handler/AssertionConsumerService.h
