Package com.sun.identity.saml2.plugins

Interface SPAuthnContextMapper

@SupportedAll
public interface SPAuthnContextMapper

The interface SPAuthnContextMapper.java determines the Authentication Context to be set in the Authentication Request and the Auth Level of an Authentication Context. The implementation of this interface will be used to create RequestedAuthnContext to set in the AuthnRequest and the Authentication Level of an Authentication Context.

Method Summary

Modifier and Type	Method	Description
int	getAuthLevel(RequestedAuthnContext reqCtx, AuthnContext authContext, String realm, String hostEntityID, String idpEntityID)	Returns the Auth Level for the AuthContext.
RequestedAuthnContext	getRequestedAuthnContext(String realm, String hostEntityID, Map paramsMap)	Returns the RequestedAuthnContext Object .
boolean	isAuthnContextMatching(List requestedACClassRefs, String acClassRef, String comparison, String realm, String hostEntityID)	Returns true if the specified AuthnContextClassRef matches a list of requested AuthnContextClassRef.

Method Details

getRequestedAuthnContext

RequestedAuthnContext getRequestedAuthnContext(String realm,
 String hostEntityID,
 Map paramsMap)
                                        throws com.sun.identity.saml2.common.SAML2Exception

Returns the RequestedAuthnContext Object . This method is called during Single Sign On initiation at the Service Provider for determining the RequestedAuthnContext to be set in the AuthRequest before sending the request to the Identity Provider.

Parameters:

realm - Organization or realm of the Service Provider.

hostEntityID - Entity Identifier of the Host.

paramsMap - Map containing key/value pairs of request parameters.

Returns:

RequestedAuthnContext Object.

Throws:

com.sun.identity.saml2.common.SAML2Exception - if an error occurs.

getAuthLevel

int getAuthLevel(RequestedAuthnContext reqCtx,
 AuthnContext authContext,
 String realm,
 String hostEntityID,
 String idpEntityID)
          throws com.sun.identity.saml2.common.SAML2Exception

Returns the Auth Level for the AuthContext. This method is called by the Service Provider to determine the authLevel of Identity Provider Authentication Context which will set in the SSOToken created for the user on successful authentication.

Parameters:

reqCtx - the RequestedAuthContext object.

authContext - the AuthContext object.

realm - the organization or realm of the Service Provider.

hostEntityID - the Hosted Provider Entity ID.

idpEntityID - the Identity Provider Entity ID.

Returns:

authlevel of the AuthContext.

Throws:

com.sun.identity.saml2.common.SAML2Exception - if an error occurs.

isAuthnContextMatching

boolean isAuthnContextMatching(List requestedACClassRefs,
 String acClassRef,
 String comparison,
 String realm,
 String hostEntityID)

Returns true if the specified AuthnContextClassRef matches a list of requested AuthnContextClassRef.

Parameters:

requestedACClassRefs - a list of requested AuthnContextClassRef's

acClassRef - AuthnContextClassRef

comparison - the type of comparison

realm - Realm or Organization of the Service Provider.

hostEntityID - Entity ID of the Service Provider.

Returns:

true if the specified AuthnContextClassRef matches a list of requested AuthnContextClassRef