Package com.sun.identity.saml2.plugins
Interface IDPAccountMapper
-
@SupportedAll public interface IDPAccountMapper
The interface
IDPAccountMapper
is used to map the local identities to theSAML
protocol objects and also the vice versa for some of the protocols for e.g.ManageNameIDRequest
.This mapper interface is used to map the identities only at the
SAML Identity Provider
. The implementation of this interface will be used by theSAML
framework to retrieve the user's account federation information for constructing SAML protocol objects such asAssertion
and also to find out the corresponding user account for the given SAML requests.- See Also:
SPAccountMapper
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description String
getIdentity(NameID nameID, String hostEntityID, String remoteEntityID, String realm)
Returns the user's distinguished name or the universal ID for the correspondingSAML NameID
.String
getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm)
Returns the user's distinguished name or the universal ID for the correspondingSAML ManageNameIDRequest
.NameID
getNameID(Object session, String hostEntityID, String remoteEntityID, String realm, String nameIDFormat)
Returns the user'sNameID
information that contains account federation with the corresponding remote and local entities.boolean
shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID, String nameIDFormat)
Tells whether the provided NameID-Format should be persisted in the user data store or not.
-
-
-
Method Detail
-
getNameID
NameID getNameID(Object session, String hostEntityID, String remoteEntityID, String realm, String nameIDFormat) throws SAML2Exception
Returns the user'sNameID
information that contains account federation with the corresponding remote and local entities.- Parameters:
session
- Single Sign On session of the user.hostEntityID
-EntityID
of the hosted provider.remoteEntityID
-EntityID
of the remote provider.realm
- Realm or the organization name that may be used to find the user information.nameIDFormat
-NameID
format.- Returns:
- The
NameID
corresponding to the authenticated user. - Throws:
SAML2Exception
- If there was any failure.
-
getIdentity
String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm) throws SAML2Exception
Returns the user's distinguished name or the universal ID for the correspondingSAML ManageNameIDRequest
. This method returns the universal ID or the DN based on the deployment of the SAMLv2 plugin base platform.- Parameters:
manageNameIDRequest
-SAML ManageNameIDRequest
that needs to be mapped to the user.hostEntityID
-EntityID
of the hosted provider.realm
- Realm or the organization name that may be used to find the user information.- Returns:
- User's distinguished name or the universal ID.
- Throws:
SAML2Exception
- If there was any failure.
-
getIdentity
String getIdentity(NameID nameID, String hostEntityID, String remoteEntityID, String realm) throws SAML2Exception
Returns the user's distinguished name or the universal ID for the correspondingSAML NameID
. This method returns the universal ID or the DN based on the deployment of the SAMLv2 plugin base platform.- Parameters:
nameID
-SAML NameID
that needs to be mapped to the user.hostEntityID
-EntityID
of the hosted provider.remoteEntityID
-EntityID
of the remote provider.realm
- Realm or the organization name that may be used to find the user information.- Returns:
- User's distinguished name or the universal ID.
- Throws:
SAML2Exception
- If there was any failure.
-
shouldPersistNameIDFormat
boolean shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID, String nameIDFormat)
Tells whether the provided NameID-Format should be persisted in the user data store or not.- Parameters:
realm
- The hosted IdP's realm.hostEntityID
- The hosted IdP's entityID.remoteEntityID
- The remote SP's entityID.nameIDFormat
- The non-transient NameID-Format in question.- Returns:
true
if the provided NameID-Format should be persisted in the user data store,false
otherwise.
-
-