Package com.sun.identity.saml2.plugins
Interface SPAccountMapper
-
@SupportedAll public interface SPAccountMapper
The interfaceSPAccountMapper
is used to identify the local identities that maps theSAML
protocol objects such asAssertion
,ManageNameIDRequest
etc. This mapper interface is used to map the identities only at theSAML Service Provider
. The implementation of this interface will be used by theSAML
framework to retrieve the user identity information for the consumption of generating a user session, or manage the user account information while handling theSAML
protocols and it is pluggable through local configuration in theSAML2
plugin.- See Also:
IDPAccountMapper
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description String
getIdentity(Assertion assertion, String hostEntityID, String realm)
Returns the user's distinguished name or the universal ID for the correspondingSAML Assertion
.String
getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm)
Returns the user's distinguished name or the universal ID for the correspondingSAML ManageNameIDRequest
.boolean
shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID, String nameIDFormat)
Tells whether the provided NameID-Format should be persisted in the user data store or not.
-
-
-
Method Detail
-
getIdentity
String getIdentity(Assertion assertion, String hostEntityID, String realm) throws SAML2Exception
Returns the user's distinguished name or the universal ID for the correspondingSAML Assertion
. This method will be invoked by theSAML
framework while processing theAssertion
and retrieves the identity information.- Parameters:
assertion
-SAML Assertion
that needs to be mapped to the user.hostEntityID
-EntityID
of the hosted provider.realm
- Realm or the organization name that may be used to find the user information.- Returns:
- User's distinguished name or the universal ID.
- Throws:
SAML2Exception
- If there was any failure.
-
getIdentity
String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm) throws SAML2Exception
Returns the user's distinguished name or the universal ID for the correspondingSAML ManageNameIDRequest
. This method will be invoked by theSAML
framework for retrieving the user identity while processing theManageIDRequest
.- Parameters:
manageNameIDRequest
-SAML ManageNameIDRequest
that needs to be mapped to the user.hostEntityID
-EntityID
of the hosted provider.realm
- Realm or the organization name that may be used to find the user information.- Returns:
- User's distinguished name or the universal ID.
- Throws:
SAML2Exception
- If there was any failure.
-
shouldPersistNameIDFormat
boolean shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID, String nameIDFormat)
Tells whether the provided NameID-Format should be persisted in the user data store or not.- Parameters:
realm
- The hosted SP's realm.hostEntityID
- The hosted SP's entityID.remoteEntityID
- The remote IdP's entityID.nameIDFormat
- The non-transient NameID-Format in question.- Returns:
true
if the provided NameID-Format should be persisted in the user data store,false
otherwise.
-
-