Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.federation.plugins
Interface FederationSPAdapter

public interface FederationSPAdapter

The interface FederationSPAdapter can be used to implement for application specific processing during federation process on the Liberty Service Provider side.

A singleton instance of this FederationSPAdapter will be used during runtime, so make sure implementation of the federation processing methods are thread safe.

Field Summary
static int FEDERATION_FAILED
          Account federation failed.
static int FEDERATION_FAILED_ANON_AUTH_ACCOUNT_EXPIRED
          Account federation failed because anonymous user account is expired.
static int FEDERATION_FAILED_ANON_AUTH_USER_INACTIVE
          Account federation failed because anonymous user account is inactive.
static int FEDERATION_FAILED_ANON_AUTH_USER_LOCKED
          Account federation failed because anonymous user account is locked.
static int FEDERATION_FAILED_ANON_TOKEN_GENERATION
          Account federation failed because it failed to generate anonymous token.
static int FEDERATION_FAILED_SSO_TOKEN_GENERATION
          Account federation failed because it failed to generate user token.
static int FEDERATION_FAILED_WRITING_ACCOUNT_INFO
          Account federation failed because it failed to write account federation info.
static int INVALID_AUTHN_RESPONSE
          Response from IDP with Browser POST or LECP profile contains * non-Success status code.
static int INVALID_RESPONSE
          Response from IDP with Browser Artifact profile contains non-Success status code.
static int SSO_FAILED
          Single Sign On failed.
static int SSO_FAILED_AUTH_ACCOUNT_EXPIRED
          Single Sign On failed because the user account is expired.
static int SSO_FAILED_AUTH_USER_INACTIVE
          Single Sign On failed because the user account is inactive.
static int SSO_FAILED_AUTH_USER_LOCKED
          Single Sign On failed because the user account is locked.
static int SSO_FAILED_AUTO_FED
          Single Sign On failed because it failed to find auto federation user.
static int SSO_FAILED_FEDERATION_DOESNOT_EXIST
          Single Sign On failed because federation info does not exist at SP side.
static int SSO_FAILED_TOKEN_GENERATION
          Single Sign On failed because it failed to generate user token.
static int SUCCESS
          Federation or Single Sign on process succeed at SP side.
 
Method Summary
 boolean postSSOFederationFailure(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, com.sun.identity.federation.message.FSAuthnRequest authnRequest, com.sun.identity.federation.message.FSAuthnResponse authnResponse, com.sun.identity.federation.message.FSResponse samlResponse, int failureCode)
          Invokes after Single-Sign-On or Federation processing is failed.
 boolean postSSOFederationSuccess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, SSOToken ssoToken, com.sun.identity.federation.message.FSAuthnRequest authnRequest, com.sun.identity.federation.message.FSAuthnResponse authnResponse, com.sun.identity.federation.message.FSResponse samlResponse)
          Invokes this method after the successful Single Sign-On or Federation.
 

Field Detail

SUCCESS

public static final int SUCCESS
Federation or Single Sign on process succeed at SP side.

See Also:
Constant Field Values

INVALID_AUTHN_RESPONSE

public static final int INVALID_AUTHN_RESPONSE
Response from IDP with Browser POST or LECP profile contains * non-Success status code.

See Also:
Constant Field Values

INVALID_RESPONSE

public static final int INVALID_RESPONSE
Response from IDP with Browser Artifact profile contains non-Success status code.

See Also:
Constant Field Values

FEDERATION_FAILED

public static final int FEDERATION_FAILED
Account federation failed.

See Also:
Constant Field Values

FEDERATION_FAILED_SSO_TOKEN_GENERATION

public static final int FEDERATION_FAILED_SSO_TOKEN_GENERATION
Account federation failed because it failed to generate user token.

See Also:
Constant Field Values

FEDERATION_FAILED_ANON_TOKEN_GENERATION

public static final int FEDERATION_FAILED_ANON_TOKEN_GENERATION
Account federation failed because it failed to generate anonymous token.

See Also:
Constant Field Values

FEDERATION_FAILED_ANON_AUTH_USER_INACTIVE

public static final int FEDERATION_FAILED_ANON_AUTH_USER_INACTIVE
Account federation failed because anonymous user account is inactive.

See Also:
Constant Field Values

FEDERATION_FAILED_ANON_AUTH_USER_LOCKED

public static final int FEDERATION_FAILED_ANON_AUTH_USER_LOCKED
Account federation failed because anonymous user account is locked.

See Also:
Constant Field Values

FEDERATION_FAILED_ANON_AUTH_ACCOUNT_EXPIRED

public static final int FEDERATION_FAILED_ANON_AUTH_ACCOUNT_EXPIRED
Account federation failed because anonymous user account is expired.

See Also:
Constant Field Values

FEDERATION_FAILED_WRITING_ACCOUNT_INFO

public static final int FEDERATION_FAILED_WRITING_ACCOUNT_INFO
Account federation failed because it failed to write account federation info.

See Also:
Constant Field Values

SSO_FAILED

public static final int SSO_FAILED
Single Sign On failed.

See Also:
Constant Field Values

SSO_FAILED_FEDERATION_DOESNOT_EXIST

public static final int SSO_FAILED_FEDERATION_DOESNOT_EXIST
Single Sign On failed because federation info does not exist at SP side.

See Also:
Constant Field Values

SSO_FAILED_AUTO_FED

public static final int SSO_FAILED_AUTO_FED
Single Sign On failed because it failed to find auto federation user.

See Also:
Constant Field Values

SSO_FAILED_AUTH_USER_INACTIVE

public static final int SSO_FAILED_AUTH_USER_INACTIVE
Single Sign On failed because the user account is inactive.

See Also:
Constant Field Values

SSO_FAILED_AUTH_USER_LOCKED

public static final int SSO_FAILED_AUTH_USER_LOCKED
Single Sign On failed because the user account is locked.

See Also:
Constant Field Values

SSO_FAILED_AUTH_ACCOUNT_EXPIRED

public static final int SSO_FAILED_AUTH_ACCOUNT_EXPIRED
Single Sign On failed because the user account is expired.

See Also:
Constant Field Values

SSO_FAILED_TOKEN_GENERATION

public static final int SSO_FAILED_TOKEN_GENERATION
Single Sign On failed because it failed to generate user token.

See Also:
Constant Field Values
Method Detail

postSSOFederationSuccess

public boolean postSSOFederationSuccess(java.lang.String hostedProviderID,
                                        javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        SSOToken ssoToken,
                                        com.sun.identity.federation.message.FSAuthnRequest authnRequest,
                                        com.sun.identity.federation.message.FSAuthnResponse authnResponse,
                                        com.sun.identity.federation.message.FSResponse samlResponse)
                                 throws com.sun.identity.federation.common.FederationException
Invokes this method after the successful Single Sign-On or Federation.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
authnRequest - the original authentication request sent from SP
authnResponse - response from IDP if Browser POST or LECP profile is used for the request, value will be null if Browser Artifact profile is used.
samlResponse - response from IDP if Browser Artifact profile is used for the request, value will be null if Browser POST or LECP profile is used.
Returns:
true if browser redirection happened, false otherwise.
Throws:
com.sun.identity.federation.common.FederationException - if user want to fail the process.

postSSOFederationFailure

public boolean postSSOFederationFailure(java.lang.String hostedProviderID,
                                        javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        com.sun.identity.federation.message.FSAuthnRequest authnRequest,
                                        com.sun.identity.federation.message.FSAuthnResponse authnResponse,
                                        com.sun.identity.federation.message.FSResponse samlResponse,
                                        int failureCode)
Invokes after Single-Sign-On or Federation processing is failed.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
authnRequest - the original authentication request sent from SP
authnResponse - response from IDP if Browser POST or LECP profile is used for the request, value will be null if Browser Artifact profile is used.
samlResponse - response from IDP if Browser Artifact profile is used for the request, value will be null if Browser POST or LECP profile is used.
failureCode - an integer specifies the failure code. Possible failure codes are defined in this interface.
Returns:
true if browser redirection happened, false otherwise.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.