Esempio n. 1
0
 /**
  * Determines whether to release the login userid of the GuanxiPrincipal as a Subject/NameID in a
  * SAML Response. If this needs to be done, the method adds a dummy attribute called "__NAMEID__"
  * which is picked up later and converted to a Subject/NameID
  *
  * @param mapper the profile specific attribute mapper to use
  * @param relyingParty the entityID of the entity looking for attributes
  * @param attributes the attributes document that will hold the released attribute
  */
 protected void processNameID(
     AttributeMap mapper, String relyingParty, UserAttributesDocument.UserAttributes attributes) {
   if (mapper.shouldReleaseNameID(relyingParty)) {
     AttributorAttribute attribute = attributes.addNewAttribute();
     attribute.setName("__NAMEID__");
   }
 }
Esempio n. 2
0
 /**
  * Passes an attribute name and value through the ARP engine. If the name/value can be released,
  * they will be added to the attributes document.
  *
  * @param arpEngine the ARP engine to use
  * @param relyingParty the entityID of the entity looking for attributes
  * @param attributeName the name of the attribute
  * @param attributeValue the value of the attribute
  * @param attributes the attributes document that will hold the released attribute
  */
 protected void arp(
     ARPEngine arpEngine,
     String relyingParty,
     String attributeName,
     String attributeValue,
     UserAttributesDocument.UserAttributes attributes) {
   // Can we release the original attributes without mapping?
   if (arpEngine.release(relyingParty, attributeName, attributeValue)) {
     AttributorAttribute attribute = attributes.addNewAttribute();
     attribute.setName(attributeName);
     attribute.setValue(attributeValue);
     logger.debug("Released attribute " + attributeName + " to " + relyingParty);
   } else {
     logger.debug("Attribute release blocked by ARP : " + attributeName + " to " + relyingParty);
   }
 }
Esempio n. 3
0
  /**
   * Passes an attribute name and value through the Mapper and ARP engines. If the name/value can be
   * released after being mapped, they will be added to the attributes document.
   *
   * @param arpEngine the ARP engine to use
   * @param mapper the profile specific attribute mapper to use
   * @param principal the GuanxiPrincipal for the user who's attributes are being requested
   * @param relyingParty the entityID of the entity looking for attributes
   * @param attributeName the name of the attribute
   * @param attributeValue the value of the attribute
   * @param attributeSet The complete set of attributes to allow cross referencing when mapping
   * @param attributes the attributes document that will hold the released attribute
   */
  protected void map(
      ARPEngine arpEngine,
      AttributeMap mapper,
      GuanxiPrincipal principal,
      String relyingParty,
      String attributeName,
      String attributeValue,
      HashMap<String, String[]> attributeSet,
      UserAttributesDocument.UserAttributes attributes) {
    GuanxiAttribute mappedAttribute =
        mapper.map(principal, relyingParty, attributeName, attributeValue, attributeSet);
    if (mappedAttribute != null) {
      for (int mapCount = 0; mapCount < mappedAttribute.getNames().size(); mapCount++) {
        // Release the mapped attribute if appropriate
        if (arpEngine.release(
            relyingParty,
            mappedAttribute.getNameAtIndex(mapCount),
            mappedAttribute.getValueAtIndex(mapCount))) {
          String mappedValue = mappedAttribute.getValueAtIndex(mapCount);

          AttributorAttribute attribute = attributes.addNewAttribute();
          attribute.setName(mappedAttribute.getNameAtIndex(mapCount));
          attribute.setValue(mappedValue);
          if (mappedAttribute.hasFriendlyNames()) {
            attribute.setFriendlyName(mappedAttribute.getFriendlyNameAtIndex(mapCount));
          }

          logger.debug(
              "Released attribute "
                  + mappedAttribute.getNameAtIndex(mapCount)
                  + " -> "
                  + mappedValue
                  + " to "
                  + relyingParty);
        } else {
          logger.debug(
              "Attribute release blocked by ARP : "
                  + mappedAttribute.getNameAtIndex(mapCount)
                  + " to "
                  + relyingParty);
        }
      }
    }
  }