com.sun.identity.saml.plugins
Interface ActionMapper


public interface ActionMapper

The class ActionMapper is an interface that is implemented to get SSO information and map partner actions to Identity Server authorization decisions.

A different implementation of the interface may be developed for different partner. The mapping between the partner source ID and the implementation class are configured at the Trusted Partner Sites field in SAML service.


Field Summary
static java.lang.String DENY
          Key to hold a list of actions that are denied.
static java.lang.String INDETERMINATE
          Key to hold a list of actions that are indeterminate.
static java.lang.String PERMIT
          Key to hold a list of actions that are permitted.
 
Method Summary
 java.util.Map getAuthorizationDecisions(AuthorizationDecisionQuery query, SSOToken token, java.lang.String sourceID)
          Returns Action Decisions for the user.
 Assertion getSSOAssertion(AuthorizationDecisionQuery query, java.lang.String sourceID)
          Returns the Assertion that contains Authentication information that can be used to obtain single sign on token.
 java.lang.String getSSOTokenID(AuthorizationDecisionQuery query)
          Returns the single sign on token id to Identity Server from the query.
 

Field Detail

PERMIT

public static final java.lang.String PERMIT
Key to hold a list of actions that are permitted.

DENY

public static final java.lang.String DENY
Key to hold a list of actions that are denied.

INDETERMINATE

public static final java.lang.String INDETERMINATE
Key to hold a list of actions that are indeterminate.
Method Detail

getSSOTokenID

public java.lang.String getSSOTokenID(AuthorizationDecisionQuery query)
Returns the single sign on token id to Identity Server from the query.
Parameters:
query - The received AuthorizationDecisionQuery.
Returns:
String which is the single sign on token ID. Return null if the Identity Server single sign on token id could not be obtained from the query.

getSSOAssertion

public Assertion getSSOAssertion(AuthorizationDecisionQuery query,
                                 java.lang.String sourceID)
Returns the Assertion that contains Authentication information that can be used to obtain single sign on token.
Parameters:
query - The received AuthorizationDecisionQuery.
sourceID - The SourceID from which this query is coming from.
Returns:
Assertion The assertion contained inside the query.

getAuthorizationDecisions

public java.util.Map getAuthorizationDecisions(AuthorizationDecisionQuery query,
                                               SSOToken token,
                                               java.lang.String sourceID)
                                        throws SAMLException
Returns Action Decisions for the user. The returned Map is subject to changes per SAML specification.
Parameters:
query - The received AuthorizationDecisionQuery.
token - The single sign on token to be used to retrieve the decisions.
sourceID - The sourceID from which the query is coming from.
Returns:
Map which contains the following possible key value pairs:
  • PERMIT List of permitted actions, or
  • DENY List of denied actions, or
  • INDETERMINATE List of indeterminate actions
Throws:
SAMLException - if an error occurs