Oracle

com.bea.security.saml2.providers.registry
Interface IdPPartner

All Superinterfaces:
Partner, Serializable
All Known Subinterfaces:
WebSSOIdPPartner, WSSIdPPartner

public interface IdPPartner
extends Partner

Abstract representation of a SAML 2.0 Identity Provider partner.


Field Summary
 
Fields inherited from interface com.bea.security.saml2.providers.registry.Partner
ASSERTION_TYPE_BEARER, ASSERTION_TYPE_HOLDER_OF_KEY, ASSERTION_TYPE_SENDER_VOUCHES
 
Method Summary
 String getIdentityProviderNameMapperClassname()
          Gets the qualified name of Java class that maps Subjects to SAML Assertion name information.
 String getIssuerURI()
          Gets this partner's Issuer URI.
 boolean isProcessAttributes()
          Gets the Process attributes flag.
 boolean isVirtualUserEnabled()
          Gets the Virtual User Enabled value.
 boolean isWantAssertionsSigned()
          Gets the want assertions signed flag.
 void setIdentityProviderNameMapperClassname(String nameMapperClassname)
          Sets the qualified name of name mapper class.
 void setIssuerURI(String issuerURI)
          Sets the Issuer URI value for this partner.
 void setProcessAttributes(boolean processAttributes)
          Sets the process attribute flag.
 void setVirtualUserEnabled(boolean virtualUserEnabled)
          Sets the Virtual User Enabled value.
 void setWantAssertionsSigned(boolean wantAssertionsSigned)
          Sets the want assertions signed flag.
 
Methods inherited from interface com.bea.security.saml2.providers.registry.Partner
getAudienceURIs, getDescription, getName, isEnabled, isNameModified, setAudienceURIs, setDescription, setEnabled, setName
 

Method Detail

getIdentityProviderNameMapperClassname

String getIdentityProviderNameMapperClassname()
Gets the qualified name of Java class that maps Subjects to SAML Assertion name information. If set, it overrides the name mapper class from SAML Identity Asserter MBean.

Returns:
the qualified name of name mapper class

setIdentityProviderNameMapperClassname

void setIdentityProviderNameMapperClassname(String nameMapperClassname)
Sets the qualified name of name mapper class.

Parameters:
nameMapperClassname - the qualified name of name mapper class to set
See Also:
IdPPartner.getIdentityProviderNameMapperClassname()

getIssuerURI

String getIssuerURI()
Gets this partner's Issuer URI. Defaults to entity ID for metadata partners.

Returns:
the Issuer URI
See Also:
MetadataPartner.getEntityID()

setIssuerURI

void setIssuerURI(String issuerURI)
Sets the Issuer URI value for this partner.

Parameters:
issuerURI - the partner's Issuer URI to set
See Also:
IdPPartner.getIssuerURI()

isVirtualUserEnabled

boolean isVirtualUserEnabled()
Gets the Virtual User Enabled value. If true, the SAML Authenticator will authenticate "virtual users" for names (user and group) obtained from this partner's assertions and returned by the SAML Identity Asserter. Otherwise, virtual users are not allowed, and the user names returned by the SAML Identity Asserter must be authenticated by another authenticator, which will (probably) require that the user be registered in a user directory or database and will create user principals based on the user's directory information.

Returns:
the Virtual User Enabled value

setVirtualUserEnabled

void setVirtualUserEnabled(boolean virtualUserEnabled)
Sets the Virtual User Enabled value.

Parameters:
virtualUserEnabled - the Virtual user Enabled value to set
See Also:
IdPPartner.isVirtualUserEnabled()

isProcessAttributes

boolean isProcessAttributes()
Gets the Process attributes flag. If true, the SAML identity asserter will process the <AttributeStatement> in the assertion. The default implementation will process the WLSGroup information in the assertion.

This value works together with the default value in the SAML Identity Asserter mbean settings. If either is true, the attribute will be processed.

Returns:
the process attributes flag

setProcessAttributes

void setProcessAttributes(boolean processAttributes)
Sets the process attribute flag.

Parameters:
processAttributes - the process attributes flag to set
See Also:
IdPPartner.isProcessAttributes()

isWantAssertionsSigned

boolean isWantAssertionsSigned()
Gets the want assertions signed flag.

At SAML2 Service Provider Site, the signature of <Assertion> from this partner will be verified if:

Unsigned <Assertion> will cause signature verification to fail if the local configuration or this partner entry indicates that signing is required.

Returns:
the want assertions signed flag

setWantAssertionsSigned

void setWantAssertionsSigned(boolean wantAssertionsSigned)
Sets the want assertions signed flag.

Parameters:
wantAssertionsSigned - the want assertions signed flag to set
See Also:
IdPPartner.isWantAssertionsSigned()

Documentation is available at
http://download.oracle.com/docs/cd/E13222_01/wls/docs103
Copyright 1996,2008, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.