net.geant.edugain.base
Class AuthorizationRequest

java.lang.Object
  net.geant.edugain.base.Request
      net.geant.edugain.base.AuthorizationRequest

All Implemented Interfaces:

java.io.Serializable

public class AuthorizationRequest
extends Request
implements java.io.Serializable

A request for an authorisation decision. It must contain the resource identifier and the attributes collected for the requesting entity, and may include references to the policies to be applied.

This class extends Request.

Version:

1.0

Author:

Jose Manuel Macias, Jaime Perez

See Also:

Serialized Form

Field Summary

protected java.util.ArrayList<org.opensaml.SAMLAction>	actions An identifier for the action the requester is willing to perform on the resource.
private java.net.URI	attributeAuthority An optional URI of an eduGAIN instance that can help in making the authorisation decision by providing additional attributes.
private java.util.ArrayList<AttributeValues>	attributeValueList A list of the attributes (as established by the authentication procedures) provided by and/or obtained for the element requesting the authorisation.
protected java.util.ArrayList<java.lang.String>	policyReference An optional list of policy references to be applied in the decision.
protected java.lang.String	subjectHandle The identification string obtained upon the last successful authentication of the subject requesting access to the resource.

Fields inherited from class net.geant.edugain.base.Request

cacheReference, consumerId, issued, log, producerId, requestID, resource, samlObject, strictMode, validator

Constructor Summary

AuthorizationRequest()
Creates a new instance of AuthorizationRequest

AuthorizationRequest(boolean strict)
Creates a new instance of AuthorizationRequest

AuthorizationRequest(org.w3c.dom.Element element)
Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an Element.

AuthorizationRequest(org.w3c.dom.Element element, boolean strict)
Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an Element.

AuthorizationRequest(java.io.InputStream stream)
Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an InputStream.

AuthorizationRequest(java.io.InputStream stream, boolean strict)
Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an InputStream.

AuthorizationRequest(org.opensaml.saml2.core.RequestAbstractType request)
Creates a new instance of AuthorizationRequest, filling the fields with the SAML 2 Request data received.

AuthorizationRequest(org.opensaml.SAMLRequest request)
Creates a new instance of AuthorizationRequest, filling the fields with the SAMLRequest data received.

AuthorizationRequest(org.opensaml.SAMLRequest request, boolean strict)
Creates a new instance of AuthorizationRequest, filling the fields with the SAMLRequest data received

Method Summary

void	addAction(org.opensaml.SAMLAction action) Adds the specified action to the current list.
void	addAction(java.lang.String namespace, java.lang.String name) Adds the specified action to the current list.
void	addAttributeValue(AttributeValues attribute) Add the specified attribute value to the list.
void	addPolicyReference(java.lang.String policy) Add the specified policy reference.
void	fromSAML(org.opensaml.saml2.core.RequestAbstractType request) Fill this AuthorizationRequest from a SAML 2 Request
void	fromSAML(org.opensaml.SAMLRequest request) Fill this AuthorizationRequest from a SAMLRequest.
java.util.ArrayList<org.opensaml.SAMLAction>	getActions() Gets the list of actions for this request.
java.net.URI	getAttributeAuthority() Returns the attribute authority.
java.util.ArrayList<AttributeValues>	getAttributeValueList() Gets the values for the attribute-value pair list.
java.util.ArrayList<java.lang.String>	getPolicyReference() Gets the list of policy references.
java.lang.String	getSubjectHandle() Gets the value of the SubjectHandle.
void	removeAction(java.lang.String action) Removes the specified action from the current list.
void	setAttributeAuthority(java.net.URI authority) Sets the attribute authority.
void	setAttributeValueList(java.util.ArrayList<AttributeValues> list) Sets the list of elements - each of them corresponding to one attribute that the identity is willing to deliver upon successful authentication.
void	setPolicyReference(java.util.ArrayList<java.lang.String> list) Sets the list of policy references.
void	setSubjectHandle(java.lang.String handle) Sets the subject handle.
java.lang.Object	toSAML() Converts the eduGAIN AuthorizationRequest object into a SAML request.
private org.opensaml.SAMLRequest	toSAML1(int minor) Map the current AuthorizationRequest to a SAML 1.X response.
private org.opensaml.saml2.core.RequestAbstractType	toSAML2(int minor) Map the current AuthorizationRequest to a SAML 2.X response.

Methods inherited from class net.geant.edugain.base.Request

fromSAML, generateRequestID, getCacheReference, getConsumerId, getIssued, getProducerId, getRequestID, getResource, isStrict, setCacheReference, setConsumerId, setIssued, setProducerId, setRequestID, setResource, setStrict, setValidator, toBase64, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

actions

protected java.util.ArrayList<org.opensaml.SAMLAction> actions

An identifier for the action the requester is willing to perform on the resource. A string from a controlled vocabulary (see note below) and/or a formally defined URN can be used as value.

Note: actions as described here are meaningful in the corresponding application context, and thus are transparent to the eduGAIN infrastructure itself. User applications may establish their own sets of them, by means of multi- or bi-lateral agreements, requirements in the framework of policy management authorities, or even official standards where applicable.

attributeValueList

private java.util.ArrayList<AttributeValues> attributeValueList

A list of the attributes (as established by the authentication procedures) provided by and/or obtained for the element requesting the authorisation. Each individual element consists of an attribute name-value pair.

subjectHandle

protected java.lang.String subjectHandle

The identification string obtained upon the last successful authentication of the subject requesting access to the resource.

attributeAuthority

private java.net.URI attributeAuthority

An optional URI of an eduGAIN instance that can help in making the authorisation decision by providing additional attributes.

policyReference

protected java.util.ArrayList<java.lang.String> policyReference

An optional list of policy references to be applied in the decision. As in the action, the values can be strings from a controlled vocabulary and/or formally defined URNs.

TODO: If URN-coded, enumerate all the possible values.

Constructor Detail

AuthorizationRequest

public AuthorizationRequest()
                     throws BaseException

Creates a new instance of AuthorizationRequest

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(boolean strict)
                     throws BaseException

Creates a new instance of AuthorizationRequest

Parameters:

strict - Whether to use strict mode or not.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(java.io.InputStream stream)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an InputStream.

Parameters:

stream - The InputStream.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(java.io.InputStream stream,
                            boolean strict)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an InputStream.

Parameters:

stream - The InputStream.

strict - Whether to use strict mode or not.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(org.w3c.dom.Element element)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an Element.

Parameters:

element - The Element.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(org.w3c.dom.Element element,
                            boolean strict)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAML document from an Element.

Parameters:

element - The Element.

strict - Whether to use strict mode or not.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(org.opensaml.SAMLRequest request)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAMLRequest data received.

Parameters:

request - The original SAML request.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(org.opensaml.SAMLRequest request,
                            boolean strict)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAMLRequest data received

Parameters:

request - The original SAML request.

strict - Whether to use strict mode or not.

Throws:

BaseException

AuthorizationRequest

public AuthorizationRequest(org.opensaml.saml2.core.RequestAbstractType request)
                     throws BaseException

Creates a new instance of AuthorizationRequest, filling the fields with the SAML 2 Request data received.

Parameters:

request - The original SAML request.

Throws:

BaseException

Method Detail

addAction

public void addAction(java.lang.String namespace,
                      java.lang.String name)
               throws BaseException

Adds the specified action to the current list.

Parameters:

namespace - The namespace of the action.

name - The name of the action.

Throws:

BaseException

addAction

public void addAction(org.opensaml.SAMLAction action)
               throws BaseException

Adds the specified action to the current list.

Parameters:

action - The SAML action to add.

Throws:

BaseException

getActions

public java.util.ArrayList<org.opensaml.SAMLAction> getActions()

Gets the list of actions for this request.

Returns:

The list of actions.

removeAction

public void removeAction(java.lang.String action)

Removes the specified action from the current list.

Parameters:

action - The action to remove.

getAttributeValueList

public java.util.ArrayList<AttributeValues> getAttributeValueList()

Gets the values for the attribute-value pair list.

Returns:

The attribute value list.

addAttributeValue

public void addAttributeValue(AttributeValues attribute)

Add the specified attribute value to the list.

Parameters:

attribute - The attribute to add.

setAttributeValueList

public void setAttributeValueList(java.util.ArrayList<AttributeValues> list)

Sets the list of elements - each of them corresponding to one attribute that the identity is willing to deliver upon successful authentication.

Parameters:

list - The list of attributes.

setSubjectHandle

public void setSubjectHandle(java.lang.String handle)

Sets the subject handle.

Parameters:

handle - The subject handle.

getSubjectHandle

public java.lang.String getSubjectHandle()

Gets the value of the SubjectHandle.

Returns:

The current subject handle.

getPolicyReference

public java.util.ArrayList<java.lang.String> getPolicyReference()

Gets the list of policy references.

Returns:

The list of policy references.

addPolicyReference

public void addPolicyReference(java.lang.String policy)

Add the specified policy reference.

Parameters:

policy - The policy to add.

setPolicyReference

public void setPolicyReference(java.util.ArrayList<java.lang.String> list)

Sets the list of policy references.

Parameters:

list - A list of policy references.

getAttributeAuthority

public java.net.URI getAttributeAuthority()

Returns the attribute authority.

Returns:

The current attribute authority.

setAttributeAuthority

public void setAttributeAuthority(java.net.URI authority)

Sets the attribute authority.

Parameters:

authority - The attribute authority to set.

fromSAML

public void fromSAML(org.opensaml.SAMLRequest request)
              throws BaseException

Fill this AuthorizationRequest from a SAMLRequest.

Specified by:

fromSAML in class Request

Parameters:

request - The SAMLRequest.

Throws:

BaseException

fromSAML

public void fromSAML(org.opensaml.saml2.core.RequestAbstractType request)
              throws BaseException

Fill this AuthorizationRequest from a SAML 2 Request

Specified by:

fromSAML in class Request

Parameters:

request - The SAML 2 Request

Throws:

BaseException

toSAML

public java.lang.Object toSAML()
                        throws BaseException

Converts the eduGAIN AuthorizationRequest object into a SAML request. Please consider that this method returns an OpenSAML1 or an OpenSAML2 Request object depending on the SAML version eduGAIN is configured to use.

Specified by:

toSAML in class Request

Returns:

A SAMLRequest or a RequestAbstractType, depending on the SAML version eduGAIN is configured to use.

Throws:

BaseException

toSAML1

private org.opensaml.SAMLRequest toSAML1(int minor)
                                  throws BaseException

Map the current AuthorizationRequest to a SAML 1.X response.

Parameters:

minor - The minor version number (can be 0 or 1).

Returns:

The SAMLResponse that corresponds with this AuthorizationResponse.

Throws:

BaseException

toSAML2

private org.opensaml.saml2.core.RequestAbstractType toSAML2(int minor)
                                                     throws BaseException

Map the current AuthorizationRequest to a SAML 2.X response.

Parameters:

minor - The minor version number (can be 0 or 1).

Returns:

The Request that corresponds with this AuthorizationRequest.

Throws:

BaseException