Skip navigation links

oracle.security.xmlsec.liberty.v12
Class AuthnRequest

java.lang.Object
oracle.security.xmlsec.util.XMLNode
oracle.security.xmlsec.util.XMLElement
oracle.security.xmlsec.saml.SAMLMessage
oracle.security.xmlsec.samlp.RequestType
oracle.security.xmlsec.liberty.v12.LibRequestMessage
oracle.security.xmlsec.liberty.v12.AuthnRequest

public class AuthnRequest

extends LibRequestMessage

This class represents the AuthnRequest element in the Liberty Single Sign-On and Federation protocol. An AuthnRequest request message is sent from a service provider to an identity provider, instructing the identity provider to provide an authentication assertion to the service provider. Optionally, the service provider may require the identity be federated.

See Also:

AuthnResponse, AuthnRequestEnvelope

Field Summary

static java.lang.String	BETTER The value "better" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context better than any specified in the RequestAuthnContext.
static java.lang.String	EXACT The value "exact" for the AuthnCotextComparison element indicating that the identity provider is asked to match at least one of context specified in the RequestAuthnContext.
static java.lang.String	MAXIMUM The value "minimum" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context that he feels is at most as good as any specified in the RequestAuthnContext.
static java.lang.String	MINIMUM The value "minimum" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context that he feels at least as good as any specified in the RequestAuthnContext.
static java.lang.String	NAME_ID_POLICY_ANY The value "any" for the NameIDPolicy element.
static java.lang.String	NAME_ID_POLICY_FEDERATED The value "federated" for the NameIDPolicy element.
static java.lang.String	NAME_ID_POLICY_NONE The value "none" for the NameIDPolicy element.
static java.lang.String	NAME_ID_POLICY_ONETIME The value "onetime" for the NameIDPolicy element.

Fields inherited from class oracle.security.xmlsec.samlp.RequestType

ATTRIBUTE_STATEMENT, AUTHENTICATION_STATEMENT, AUTHORIZATION_DECISION_STATEMENT

Fields inherited from class oracle.security.xmlsec.util.XMLNode

node, systemId

Constructor Summary

AuthnRequest(org.w3c.dom.Document owner)
Creates a new AuthnRequest instance within the specified XML Document.

AuthnRequest(org.w3c.dom.Document owner, java.lang.String requestId, java.util.Date issueInstant, java.lang.String providerId)
Creates a new AuthnRequest instance within the specified XML Document.

AuthnRequest(org.w3c.dom.Element element)
Creates a new AuthnRequest instance from the given Element node.

AuthnRequest(org.w3c.dom.Element element, java.lang.String systemId)
Creates a new AuthnRequest instance from the given Element node.

Method Summary

void	addAuthnContextClassRef(java.lang.String accrURI) Adds an AuthnContextClassRef element to the RequestAuthnContext child element in this AuthnRequest element.
void	addAuthnContextStatementRef(java.lang.String acsrURI) Adds an AuthnContextStatementRef element to the RequestAuthnContext child element in this AuthnRequest element.
java.lang.String	getAffiliationID() Returns the provider's URI based affiliation group identifier contained in the AffiliationID child element of this AuthnRequest, or null if no AffiliationID element is present.
java.lang.String	getAssertionConsumerServiceID() Returns the value of this AuthnRequest element's AssertionConsumerServiceID child element, of null if the child element is not specified.
java.util.List	getAuthnContextClassRefs() Returns a list of URI's for AuthnContextClassRef's contained in the RequestAuthnContext child element in this structure.
java.lang.String	getAuthnContextComparison() Returns the value contained in the AuthnContextComparison child element of this AuthnRequest, or the default value "exact" if the AuthnContextComparison child element is not specified.
java.util.List	getAuthnContextStatementRefs() Returns a list of URI's for AuthnContextStatementRef's contained in the RequestAuthnContext child element in this structure.
protected java.lang.String[]	getChildElementsLocalNames() Returns the orderded set of the local names of the child elements specified in the schema for the XML element represented by the concrete subclass.
protected java.lang.String[]	getChildElementsNSURIs() Returns the orderded set of the namespce URIs for the child elements specified in the schema for the XML element represented by the concrete subclass.
java.lang.String	getConsent() Returns the value of this AuthnRequest element's consent attribute, or null if the attribute is not specified.
boolean	getForceAuthn() Returns the boolean value contained in the ForceAuthn child element of this AuthnRequest, or "false" by default if the ForceAuthn child is not specified.
boolean	getIsPassive() Returns the boolean value contained in the IsPassive child element of this AuthnRequest, or "true" by default if the IsPassive child is not specified.
java.lang.String	getNameIDPolicy() Returns the value of this AuthnRequest's NameIDPolicy element, or null if the element is not specified.
java.lang.String	getProtocolProfile() Returns the URI for the protocol profile specified in the ProtocolProfile child element of this AuthnRequest, or the default "http://projectliberty.org/profiles/brws-art" if ProtocolProfile element is not specified.
java.lang.String	getRelayState() Returns the value contained in the RelayState child element of this AuthnRequest element, or null if no RelayState element is present.
Scoping	getScoping() Returns this AuthnRequest element's Scoping child element, or <coe>null if no Scoping element is present.
void	setAffiliationID(java.lang.String affiliationID) Sets the value of the AffiliationID child element in this AuthnRequest element.
void	setAssertionConsumerServiceID(java.lang.String id) Sets the value of this AuthnRequest element's AssertionConsumerServiceID child element.
void	setAuthnContextComparison(java.lang.String value) Sets the value of the AuthnContextComparison child element in this AuthnRequest element's RequestAuthnContext element.
void	setConsent(java.lang.String consent) Sets the value of this AuthnRequest element's consent attribute.
void	setForceAuthn(boolean forceAuthn) Sets the ForceAuthn child element in this AuthnRequest element.
void	setIsPassive(boolean isPassive) Sets the IsPassive child element in this AuthnRequest element.
void	setNameIDPolicy(java.lang.String nameIDPolicy) Sets a NameIDPolicy element with the given value.
void	setProtocolProfile(java.lang.String ppURI) Sets the ProtocolProfile child element in this AuthnRequest element.
void	setRelayState(java.lang.String value) Sets the value of the RelayState child element in this AuthnRequest element.
void	setScoping(Scoping scoping) Sets this AuthnRequest element's Scoping child element.
java.lang.String	toURLString(java.security.PrivateKey key, java.lang.String sigAlg) Returns this AuthnRequest as a URL-encoded query string, optionally signed using the given private key and signature algorithm.

Methods inherited from class oracle.security.xmlsec.liberty.v12.LibRequestMessage

addSignature, addSignature, getChildElementPosition, getID, getInstance, getProviderID, setProviderID

Methods inherited from class oracle.security.xmlsec.samlp.RequestType

addRespondWith, addRespondWithValue, getIssueInstant, getLocalNamesPrecedeDSig, getNSURIsPrecedeDSig, getRequestID, getRespondWiths, getRespondWithValues, setIssueInstant, setRequestID

Methods inherited from class oracle.security.xmlsec.saml.SAMLMessage

clearSignature, getInstance, getMajorVersion, getMinorVersion, getSignature, isSigned, setVersion, sign, sign, verify, verify

Methods inherited from class oracle.security.xmlsec.util.XMLElement

addNSPrefixAttr, addNSPrefixAttr, addNSPrefixAttrDefault, addNSPrefixAttrDefault, getAttribute, getAttributeNode, getAttributeNodeNS, getAttributeNS, getChildElementsByTagName, getChildElementsByTagName, getChildElementsByTagNameNS, getChildElementsByTagNameNS, getDefaultNSPrefix, getElement, getElementsByTagName, getElementsByTagNameNS, getTagName, hasAttribute, hasAttributeNS, removeAttribute, removeAttributeNode, removeAttributeNS, setAttribute, setAttributeNode, setAttributeNodeNS, setAttributeNS, setDefaultNSPrefix

Methods inherited from class oracle.security.xmlsec.util.XMLNode

appendChild, appendChild, appendTo, cloneNode, getAttributes, getChildNodes, getFirstChild, getLastChild, getLocalName, getNamespaceURI, getNextSibling, getNode, getNodeName, getNodeType, getNodeValue, getOwnerDocument, getParentNode, getPrefix, getPreviousSibling, getSystemId, hasAttributes, hasChildNodes, insertBefore, insertBefore, isSupported, normalize, removeChild, removeChild, replaceChild, replaceChild, setNodeValue, setPrefix, setSystemId, toBytesXML, toStringXML

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EXACT

public static final java.lang.String EXACT

The value "exact" for the AuthnCotextComparison element indicating that the identity provider is asked to match at least one of context specified in the RequestAuthnContext.

See Also:

Constant Field Values

MINIMUM

public static final java.lang.String MINIMUM

The value "minimum" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context that he feels at least as good as any specified in the RequestAuthnContext.

See Also:

Constant Field Values

MAXIMUM

public static final java.lang.String MAXIMUM

The value "minimum" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context that he feels is at most as good as any specified in the RequestAuthnContext.

See Also:

Constant Field Values

BETTER

public static final java.lang.String BETTER

The value "better" for the AuthnCotextComparison element indicating that the identity provider is asked to use a context better than any specified in the RequestAuthnContext.

See Also:

Constant Field Values

NAME_ID_POLICY_NONE

public static final java.lang.String NAME_ID_POLICY_NONE

The value "none" for the NameIDPolicy element.

See Also:

Constant Field Values

NAME_ID_POLICY_ONETIME

public static final java.lang.String NAME_ID_POLICY_ONETIME

The value "onetime" for the NameIDPolicy element.

See Also:

Constant Field Values

NAME_ID_POLICY_FEDERATED

public static final java.lang.String NAME_ID_POLICY_FEDERATED

The value "federated" for the NameIDPolicy element.

See Also:

Constant Field Values

NAME_ID_POLICY_ANY

public static final java.lang.String NAME_ID_POLICY_ANY

The value "any" for the NameIDPolicy element.

See Also:

Constant Field Values

Constructor Detail

AuthnRequest

public AuthnRequest(org.w3c.dom.Element element)
             throws org.w3c.dom.DOMException

Creates a new AuthnRequest instance from the given Element node.

Parameters:

element - A Liberty AuthnRequest XML element.

Throws:

org.w3c.dom.DOMException

AuthnRequest

public AuthnRequest(org.w3c.dom.Element element,
                    java.lang.String systemId)
             throws org.w3c.dom.DOMException

Creates a new AuthnRequest instance from the given Element node.

Parameters:

element - A Liberty AuthnRequest XML element.

systemId - The URI string system ID for the AuthnRequest.

Throws:

org.w3c.dom.DOMException

AuthnRequest

public AuthnRequest(org.w3c.dom.Document owner)
             throws org.w3c.dom.DOMException

Creates a new AuthnRequest instance within the specified XML Document.

Parameters:

owner - The owner document of the new Liberty AuthnRequest element.

Throws:

org.w3c.dom.DOMException

AuthnRequest

public AuthnRequest(org.w3c.dom.Document owner,
                    java.lang.String requestId,
                    java.util.Date issueInstant,
                    java.lang.String providerId)
             throws org.w3c.dom.DOMException

Creates a new AuthnRequest instance within the specified XML Document.

Parameters:

owner - The owner document of the new Liberty AuthnRequest element.

requestId - The RequestID attribute.

issueInstant - The IssueInstant attribute.

providerId - The ProviderID child element.

Throws:

org.w3c.dom.DOMException

Method Detail

setForceAuthn

public void setForceAuthn(boolean forceAuthn)
                   throws org.w3c.dom.DOMException

Sets the ForceAuthn child element in this AuthnRequest element. This child is optional. It is only specified when IsPassive is false. If not specified, "true" is presumed.

Parameters:

forceAuthn - If true, the identity provider must authenticate the Principal; if false, the identity provider must reauthenticate the Principal only if the Principal is not currently authenticated.

Throws:

org.w3c.dom.DOMException

setIsPassive

public void setIsPassive(boolean isPassive)
                  throws org.w3c.dom.DOMException

Sets the IsPassive child element in this AuthnRequest element. This child is optional. If not specified, "true" is presumed.

Parameters:

isPassive - If true, the identity provider must not interact with the Principal; if false, the identity provider may interact with the Principal.

Throws:

org.w3c.dom.DOMException

setProtocolProfile

public void setProtocolProfile(java.lang.String ppURI)
                        throws org.w3c.dom.DOMException

Sets the ProtocolProfile child element in this AuthnRequest element. This child is optional. If this element is not specified, the default protocol profile is "http://projectliberty.org/profiles/brws-art".

Parameters:

ppURI - The URI identifies the the protocol profile the service provider wishes to use in the response.

Throws:

org.w3c.dom.DOMException

addAuthnContextClassRef

public void addAuthnContextClassRef(java.lang.String accrURI)

Adds an AuthnContextClassRef element to the RequestAuthnContext child element in this AuthnRequest element. See AuthenticationContextURI for the list of supported authentication context classes identifying URIs.

Parameters:

accrURI - A URI identifying an authentication context class.

addAuthnContextStatementRef

public void addAuthnContextStatementRef(java.lang.String acsrURI)

Adds an AuthnContextStatementRef element to the RequestAuthnContext child element in this AuthnRequest element.

Parameters:

acsrURI - A URI identifying an authentication context statement.

setAuthnContextComparison

public void setAuthnContextComparison(java.lang.String value)

Sets the value of the AuthnContextComparison child element in this AuthnRequest element's RequestAuthnContext element.

The value for AuthnContextComparison can be "exact" (EXACT), "minimum" (MINIMUM) or "better" (BETTER). If this element is not specified, "exact" is assumed.

Parameters:

value - The value for this AuthnContextComparison element.

getIsPassive

public boolean getIsPassive()

Returns the boolean value contained in the IsPassive child element of this AuthnRequest, or "true" by default if the IsPassive child is not specified.

getForceAuthn

public boolean getForceAuthn()

Returns the boolean value contained in the ForceAuthn child element of this AuthnRequest, or "false" by default if the ForceAuthn child is not specified.

getProtocolProfile

public java.lang.String getProtocolProfile()

Returns the URI for the protocol profile specified in the ProtocolProfile child element of this AuthnRequest, or the default "http://projectliberty.org/profiles/brws-art" if ProtocolProfile element is not specified.

getAuthnContextClassRefs

public java.util.List getAuthnContextClassRefs()

Returns a list of URI's for AuthnContextClassRef's contained in the RequestAuthnContext child element in this structure.

Returns:

A List object containing String objects, or an empty List if no AuthnContextClassRef has been set.

getAuthnContextStatementRefs

public java.util.List getAuthnContextStatementRefs()

Returns a list of URI's for AuthnContextStatementRef's contained in the RequestAuthnContext child element in this structure.

Returns:

A List object containing String objects, or an empty List if no AuthnContextStatementRef elements have been set.

getAuthnContextComparison

public java.lang.String getAuthnContextComparison()

Returns the value contained in the AuthnContextComparison child element of this AuthnRequest, or the default value "exact" if the AuthnContextComparison child element is not specified.

setNameIDPolicy

public void setNameIDPolicy(java.lang.String nameIDPolicy)
                     throws org.w3c.dom.DOMException

Sets a NameIDPolicy element with the given value.

Parameters:

nameIDPolicy - Must be one of "none", "onetime", "federated", or "any".

Throws:

org.w3c.dom.DOMException

getNameIDPolicy

public java.lang.String getNameIDPolicy()

Returns the value of this AuthnRequest's NameIDPolicy element, or null if the element is not specified.

setAssertionConsumerServiceID

public void setAssertionConsumerServiceID(java.lang.String id)
                                   throws org.w3c.dom.DOMException

Sets the value of this AuthnRequest element's AssertionConsumerServiceID child element.

Parameters:

id - The value for the AssertionConsumerServiceID element.

Throws:

org.w3c.dom.DOMException

getAssertionConsumerServiceID

public java.lang.String getAssertionConsumerServiceID()

Returns the value of this AuthnRequest element's AssertionConsumerServiceID child element, of null if the child element is not specified.

setAffiliationID

public void setAffiliationID(java.lang.String affiliationID)
                      throws org.w3c.dom.DOMException

Sets the value of the AffiliationID child element in this AuthnRequest element. This optional child contains the ID of the provider's affiliation group.

Parameters:

affiliationID - The URI-based identifier of the provider's affiliation group.

Throws:

org.w3c.dom.DOMException

getAffiliationID

public java.lang.String getAffiliationID()

Returns the provider's URI based affiliation group identifier contained in the AffiliationID child element of this AuthnRequest, or null if no AffiliationID element is present.

getScoping

public Scoping getScoping()

Returns this AuthnRequest element's Scoping child element, or <coe>null if no Scoping element is present.

setScoping

public void setScoping(Scoping scoping)

Sets this AuthnRequest element's Scoping child element.

Parameters:

scoping - The Scoping element.

setRelayState

public void setRelayState(java.lang.String value)
                   throws org.w3c.dom.DOMException

Sets the value of the RelayState child element in this AuthnRequest element. This optional child element contains state information that may be relayed back in the response.

Parameters:

value - The value for the relay state.

Throws:

org.w3c.dom.DOMException

getRelayState

public java.lang.String getRelayState()

Returns the value contained in the RelayState child element of this AuthnRequest element, or null if no RelayState element is present.

setConsent

public void setConsent(java.lang.String consent)
                throws org.w3c.dom.DOMException

Sets the value of this AuthnRequest element's consent attribute.

Parameters:

consent - The attribute value.

Throws:

org.w3c.dom.DOMException

getConsent

public java.lang.String getConsent()

Returns the value of this AuthnRequest element's consent attribute, or null if the attribute is not specified.

toURLString

public java.lang.String toURLString(java.security.PrivateKey key,
                                    java.lang.String sigAlg)
                             throws oracle.security.xmlsec.dsig.SigningException

Returns this AuthnRequest as a URL-encoded query string, optionally signed using the given private key and signature algorithm.

Parameters:

key - The private signing key. If null, the query string will not be signed.

sigAlg - The URI identifying the signature algorithm to use. If null, the query string will not be signed.

Throws:

oracle.security.xmlsec.dsig.SigningException - If an error occurs computing the signature.

getChildElementsNSURIs

protected java.lang.String[] getChildElementsNSURIs()

Description copied from class: LibRequestMessage

Returns the orderded set of the namespce URIs for the child elements specified in the schema for the XML element represented by the concrete subclass.

Specified by:

getChildElementsNSURIs in class LibRequestMessage

getChildElementsLocalNames

protected java.lang.String[] getChildElementsLocalNames()

Description copied from class: LibRequestMessage

Returns the orderded set of the local names of the child elements specified in the schema for the XML element represented by the concrete subclass.

Specified by:

getChildElementsLocalNames in class LibRequestMessage

Skip navigation links