Uses of Class
se.swedenconnect.spring.saml.idp.authentication.Saml2UserAuthentication
Packages that use Saml2UserAuthentication
Package
Description
Support for SAML
NameIDs.Support for attribute release.
Audit data definitions.
Support for user authentication including SSO.
Authentication provider support.
Support for "external user authentication", i.e., when we redirect the user outside of the Spring Security flow to
get authenticated.
Event handling.
-
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.attributes.nameid
Methods in se.swedenconnect.spring.saml.idp.attributes.nameid with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptionprotected abstract StringAbstractNameIDGenerator.getIdentifier(Saml2UserAuthentication authentication) Gets theNameIDidentifier to use.protected StringPersistentNameIDGenerator.getIdentifier(Saml2UserAuthentication authentication) Gets theNameIDidentifier to use.protected StringTransientNameIDGenerator.getIdentifier(Saml2UserAuthentication authentication) Gets theNameIDidentifier to use.AbstractNameIDGenerator.getNameID(Saml2UserAuthentication authentication) Generate aNameIDbased on the supplied authentication object.NameIDGenerator.getNameID(Saml2UserAuthentication authentication) Generate aNameIDbased on the supplied authentication object. -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.attributes.release
Methods in se.swedenconnect.spring.saml.idp.attributes.release with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptiondefault AttributeReleaseVoteAttributeReleaseVoter.apply(Saml2UserAuthentication token, Attribute attribute) AttributeProducer.releaseAttributes(Saml2UserAuthentication userAuthentication) Determines which attributes to release based on the supplied token.DefaultAttributeProducer.releaseAttributes(Saml2UserAuthentication userAuthentication) Releases all attributes that are explicitly, or implicitly, requested.DefaultAttributeReleaseManager.releaseAttributes(Saml2UserAuthentication userAuthentication) Determines which attributes to release based on the supplied token.ReleaseAllAttributeProducer.releaseAttributes(Saml2UserAuthentication userAuthentication) Releases all attributes from theSaml2UserAuthenticationtoken.SwedenConnectAttributeProducer.releaseAttributes(Saml2UserAuthentication userAuthentication) Releases all attributes that are explicitly, or implicitly, requested.AttributeReleaseVoter.vote(Saml2UserAuthentication token, Attribute attribute) Tells whether this voter thinks that the suppliedAttributeshould be released or not.IncludeAllAttributeReleaseVoter.vote(Saml2UserAuthentication token, Attribute attribute) Will always voteAttributeReleaseVote.INCLUDE.SwedenConnectAttributeReleaseVoter.vote(Saml2UserAuthentication token, Attribute attribute) Applies the following rules: If the attribute is "urn:oid:1.2.752.29.4.13" (personalIdentityNumber) and the contents is a Swedish coordination number (as opposed to the civic registration number) we require that the SP has opted in to received coordination numbers. TODO ... -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.audit.data
Methods in se.swedenconnect.spring.saml.idp.audit.data with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptionSaml2UserAuthenticationInfoAuditData.of(Saml2UserAuthentication token, boolean signServicePeer) Creates aSaml2UserAuthenticationInfoAuditDatabased on the suppliedSaml2UserAuthenticationtoken. -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.authentication
Methods in se.swedenconnect.spring.saml.idp.authentication with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptionSaml2AssertionBuilder.buildAssertion(Saml2UserAuthentication userAuthentication) Given aSaml2UserAuthenticationobject a SAMLAssertionis built.voidDelegatingPostAuthenticationProcessor.process(Saml2UserAuthentication token) Applies post-processing of aSaml2UserAuthenticationtoken.voidPostAuthenticationProcessor.process(Saml2UserAuthentication token) Applies post-processing of aSaml2UserAuthenticationtoken.voidSwedenConnectPostAuthenticationProcessor.process(Saml2UserAuthentication token) Applies the following checks: If the request is from a Signature Service and the SignMessage has been flagged with "must show" the method asserts that a sign message has been displayed during authentication. TODO: more ... -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.authentication.provider
Methods in se.swedenconnect.spring.saml.idp.authentication.provider that return Saml2UserAuthenticationModifier and TypeMethodDescriptionprotected Saml2UserAuthenticationAbstractUserAuthenticationProvider.applySso(Saml2UserAuthenticationInputToken token, List<String> authnContextUris) Applies the rules for re-using authentication, i.e., SSO.Methods in se.swedenconnect.spring.saml.idp.authentication.provider with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptionBaseSsoVoter.mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts) Predicate that tells whether the suppliedAuthenticationobject may be used in SSO (according to the voter's logic).PrincipalSelectionSsoVoter.mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts) Predicate that tells whether the suppliedAuthenticationobject may be used in SSO (according to the voter's logic).SignServiceSsoVoter.mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts) Predicate that tells whether the suppliedAuthenticationobject may be used in SSO (according to the voter's logic).SsoVoter.mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts) Predicate that tells whether the suppliedAuthenticationobject may be used in SSO (according to the voter's logic). -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.authentication.provider.external
Methods in se.swedenconnect.spring.saml.idp.authentication.provider.external that return Saml2UserAuthenticationModifier and TypeMethodDescriptionUserRedirectAuthenticationProvider.resumeAuthentication(ResumedAuthenticationToken token) Is invoked when the user has been authenticated outside the SAML IdP Spring Security flow and the user agent has been re-directed back to theUserRedirectAuthenticationProvider.getResumeAuthnPath(). -
Uses of Saml2UserAuthentication in se.swedenconnect.spring.saml.idp.events
Methods in se.swedenconnect.spring.saml.idp.events that return Saml2UserAuthenticationModifier and TypeMethodDescriptionSaml2PostUserAuthenticationEvent.getUserAuthentication()Gets theSaml2UserAuthenticationrepresenting the user authentication.Methods in se.swedenconnect.spring.saml.idp.events with parameters of type Saml2UserAuthenticationModifier and TypeMethodDescriptionvoidSaml2IdpEventPublisher.publishUserAuthenticated(Saml2UserAuthentication authn) Publishes aSaml2PostUserAuthenticationEventindicating that anUserAuthenticationProviderhas authenticated the user.Constructors in se.swedenconnect.spring.saml.idp.events with parameters of type Saml2UserAuthenticationModifierConstructorDescriptionConstructor.