Package se.swedenconnect.spring.saml.idp.authentication.provider

Class PrincipalSelectionSsoVoter

java.lang.Object

se.swedenconnect.spring.saml.idp.authentication.provider.PrincipalSelectionSsoVoter

All Implemented Interfaces:

SsoVoter

public class PrincipalSelectionSsoVoter
extends Object
implements SsoVoter

An SsoVoter that checks that existing PrincipalSelection values corresponds with the previous authentication.

Author:

Martin Lindström

Nested Class Summary

Nested classes/interfaces inherited from interface se.swedenconnect.spring.saml.idp.authentication.provider.SsoVoter

SsoVoter.Vote

Constructor Summary

Constructors

Constructor	Description
PrincipalSelectionSsoVoter()

Method Summary

Modifier and Type	Method	Description
SsoVoter.Vote	mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts)	Predicate that tells whether the supplied Authentication object may be used in SSO (according to the voter's logic).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PrincipalSelectionSsoVoter

public PrincipalSelectionSsoVoter()

Method Details

mayReuse

public SsoVoter.Vote mayReuse(Saml2UserAuthentication userAuthn,
 Saml2UserAuthenticationInputToken token,
 Collection<String> allowedAuthnContexts)

Predicate that tells whether the supplied Authentication object may be used in SSO (according to the voter's logic).

Specified by:

mayReuse in interface SsoVoter

Parameters:

userAuthn - the user authentication object

token - the authentication input token (for the current authentication)

allowedAuthnContexts - a collection of the allowed authentication contexts

Returns:

SsoVoter.Vote.OK if the voter is OK with re-using the authentication, SsoVoter.Vote.DENY if the voter states that the authentication may noy be re-used, and SsoVoter.Vote.DONT_KNOW if the voter doesn't know