Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.federation.plugins
Interface FederationSPAdapter

public interface FederationSPAdapter

The interface FederationSPAdapter could be implemented to perform user specific processing during federation process on the Liberty Service Provider side.

A singleton instance of this FederationSPAdapter will be used during runtime, so make sure implementation of the federation processing methods (except initialize() method) are thread safe.

Method Summary
 void initialize(java.lang.String hostedProviderID, java.util.Set initParams)
          initializes the federation adapter, this method will only be executed once after creation of the adapter instance.
 void postRegisterNameIdentifierSuccess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userDN, FSNameRegistrationRequest regRequest, FSNameRegistrationResponse regResponse, java.lang.String regProfile)
          invokes after Register Name Identifier processing is successful
 void postSingleLogoutSuccess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userDN, FSLogoutNotification logoutRequest, FSLogoutResponse logoutResponse, java.lang.String sloProfile)
          Invokes after single logout is successful completed, i.e.
 boolean postSSOFederationSuccess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, SSOToken ssoToken, FSAuthnRequest authnRequest, FSAuthnResponse authnResponse, FSResponse samlResponse)
          invokes after Single-Sign-On and Federation processing is successful.
 void postTerminationNotificationSuccess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userDN, FSFederationTerminationNotification notification, java.lang.String termProfile)
          invokes after the service provider successfully terminates federation with IDP.
 void preSingleLogoutProcess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userDN, FSLogoutNotification logoutRequest, FSLogoutResponse logoutResponse, java.lang.String sloProfile)
          Invokes before single logout process started on FM side.
 void preSSOFederationProcess(java.lang.String hostedProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, FSAuthnRequest authnRequest, FSAuthnResponse authnResponse, FSResponse samlResponse)
          invokes when the FM received the Single-Sign-On and Federation response from the IDP, this is called before any processing started on SP side.
 void preSSOFederationRequest(java.lang.String hostedProviderID, java.lang.String idpProviderID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, FSAuthnRequest authnRequest)
          invokes before federation manager sends the Single-Sing-On and Federation request to IDP.
 

Method Detail

initialize

public void initialize(java.lang.String hostedProviderID,
                       java.util.Set initParams)
initializes the federation adapter, this method will only be executed once after creation of the adapter instance.

Parameters:
hostedProviderID - provider ID for the hosted SP
initParams - initial set of parameters configured in the service provider for this adapter

preSSOFederationRequest

public void preSSOFederationRequest(java.lang.String hostedProviderID,
                                    java.lang.String idpProviderID,
                                    javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    FSAuthnRequest authnRequest)
invokes before federation manager sends the Single-Sing-On and Federation request to IDP.

Parameters:
hostedProviderID - provider ID for the hosted SP
idpProviderID - provider id for the IDP to which the request will be sent
request - servlet request
response - servlet response
authnRequest - the authentication request to be send to IDP

preSSOFederationProcess

public void preSSOFederationProcess(java.lang.String hostedProviderID,
                                    javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    FSAuthnRequest authnRequest,
                                    FSAuthnResponse authnResponse,
                                    FSResponse samlResponse)
                             throws FederationException
invokes when the FM received the Single-Sign-On and Federation response from the IDP, this is called before any processing started on SP side.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
authnRequest - the original authentication request sent from SP
authnResponse - response from IDP if Browser POST or LECP profile is used for the request, value will be null if Browser Artifact profile is used.
samlResponse - response from IDP if Browser Artifact profile is used for the request, value will be null if Browser POST or LECP profile is used.
Throws:
FederationException - if user want to fail the process.

postSSOFederationSuccess

public boolean postSSOFederationSuccess(java.lang.String hostedProviderID,
                                        javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        SSOToken ssoToken,
                                        FSAuthnRequest authnRequest,
                                        FSAuthnResponse authnResponse,
                                        FSResponse samlResponse)
invokes after Single-Sign-On and Federation processing is successful.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
authnRequest - the original authentication request sent from SP
authnResponse - response from IDP if Browser POST or LECP profile is used for the request, value will be null if Browser Artifact profile is used.
samlResponse - response from IDP if Browser Artifact profile is used for the request, value will be null if Browser POST or LECP profile is used.
Returns:
true if browser redirection happened, false otherwise.

postRegisterNameIdentifierSuccess

public void postRegisterNameIdentifierSuccess(java.lang.String hostedProviderID,
                                              javax.servlet.http.HttpServletRequest request,
                                              javax.servlet.http.HttpServletResponse response,
                                              java.lang.String userDN,
                                              FSNameRegistrationRequest regRequest,
                                              FSNameRegistrationResponse regResponse,
                                              java.lang.String regProfile)
invokes after Register Name Identifier processing is successful

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
userDN - DN of the user with whom name identifier registration performed
regRequest - register name identifier request, value will be null if the request object is not available
regResponse - register name identifier response, value will be null if the response object is not available
regProfile - register name identifier profile used, one of following IFSConstants.NAME_REGISTRATION_SP_HTTP_PROFILE IFSConstants.NAME_REGISTRATION_SP_SOAP_PROFILE IFSConstants.NAME_REGISTRATION_IDP_HTTP_PROFILE IFSConstants.NAME_REGISTRATION_IDP_SOAP_PROFILE

postTerminationNotificationSuccess

public void postTerminationNotificationSuccess(java.lang.String hostedProviderID,
                                               javax.servlet.http.HttpServletRequest request,
                                               javax.servlet.http.HttpServletResponse response,
                                               java.lang.String userDN,
                                               FSFederationTerminationNotification notification,
                                               java.lang.String termProfile)
invokes after the service provider successfully terminates federation with IDP.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
userDN - DN of the user with whom name identifier registration performed
notification - federation termination notification message
termProfile - federation termination profile used, one of following IFSConstants.TERMINATION_SP_HTTP_PROFILE IFSConstants.TERMINATION_SP_SOAP_PROFILE IFSConstants.TERMINATION_IDP_HTTP_PROFILE IFSConstants.TERMINATION_IDP_SOAP_PROFILE

preSingleLogoutProcess

public void preSingleLogoutProcess(java.lang.String hostedProviderID,
                                   javax.servlet.http.HttpServletRequest request,
                                   javax.servlet.http.HttpServletResponse response,
                                   java.lang.String userDN,
                                   FSLogoutNotification logoutRequest,
                                   FSLogoutResponse logoutResponse,
                                   java.lang.String sloProfile)
Invokes before single logout process started on FM side. This method is called before the user token is invalidated on the service provider side.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
userDN - user DN
logoutRequest - single logout request object
logoutResponse - single logout response, value will be null if the response object is not available
sloProfile - single logout profile used, one of following IFSConstants.LOGOUT_SP_REDIRECT_PROFILE IFSConstants.LOGOUT_SP_SOAP_PROFILE IFSConstants.LOGOUT_IDP_REDIRECT_PROFILE IFSConstants.LOGOUT_IDP_SOAP_PROFILE

postSingleLogoutSuccess

public void postSingleLogoutSuccess(java.lang.String hostedProviderID,
                                    javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    java.lang.String userDN,
                                    FSLogoutNotification logoutRequest,
                                    FSLogoutResponse logoutResponse,
                                    java.lang.String sloProfile)
Invokes after single logout is successful completed, i.e. user token has been invalidated.

Parameters:
hostedProviderID - provider ID for the hosted SP
request - servlet request
response - servlet response
userDN - user DN
logoutRequest - single logout request, value will be null if the request object is not available
logoutResponse - single logout response, value will be null if the response object is not available
sloProfile - single logout profile used, one of following IFSConstants.LOGOUT_SP_HTTP_PROFILE IFSConstants.LOGOUT_SP_SOAP_PROFILE IFSConstants.LOGOUT_IDP_HTTP_PROFILE IFSConstants.LOGOUT_IDP_SOAP_PROFILE
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.