Package se.swedenconnect.spring.saml.idp.authentication.provider

Interface SsoVoter

All Known Implementing Classes:

BaseSsoVoter, PrincipalSelectionSsoVoter, SignServiceSsoVoter

Functional Interface:

This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface
public interface SsoVoter

An interface used by AbstractUserAuthenticationProvider to check if an Authentication object from a previous authentication may be used for SSO.

Author:

Martin Lindström

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static enum	SsoVoter.Vote

Method Summary

Modifier and Type	Method	Description
SsoVoter.Vote	mayReuse(Saml2UserAuthentication userAuthn, Saml2UserAuthenticationInputToken token, Collection<String> allowedAuthnContexts)	Predicate that tells whether the supplied Authentication object may be used in SSO (according to the voter's logic).

Method Details

mayReuse

SsoVoter.Vote mayReuse(Saml2UserAuthentication userAuthn,
 Saml2UserAuthenticationInputToken token,
 Collection<String> allowedAuthnContexts)

Predicate that tells whether the supplied Authentication object may be used in SSO (according to the voter's logic).

Parameters:

userAuthn - the user authentication object

token - the authentication input token (for the current authentication)

allowedAuthnContexts - a collection of the allowed authentication contexts

Returns:

SsoVoter.Vote.OK if the voter is OK with re-using the authentication, SsoVoter.Vote.DENY if the voter states that the authentication may noy be re-used, and SsoVoter.Vote.DONT_KNOW if the voter doesn't know