001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: SPAuthnContextMapper.java,v 1.5 2008/06/25 05:47:52 qcheng Exp $ 026 * 027 */ 028 029 030package com.sun.identity.saml2.plugins; 031 032import com.sun.identity.saml2.assertion.AuthnContext; 033import com.sun.identity.saml2.protocol.RequestedAuthnContext; 034import com.sun.identity.saml2.common.SAML2Exception; 035import java.util.List; 036import java.util.Map; 037 038/** 039 * The interface <code>SPAuthnContextMapper.java</code> determines 040 * the Authentication Context to be set in the Authentication Request 041 * and the Auth Level of an Authentication Context. 042 * 043 * The implementation of this interface will be used to create 044 * <code>RequestedAuthnContext</code> to set in the <code>AuthnRequest</code> 045 * and the Authentication Level of an Authentication Context. 046 * 047 * @supported.all.api 048 */ 049 050public interface SPAuthnContextMapper { 051 052 /** 053 * Returns the <code>RequestedAuthnContext</code> Object . 054 * This method is called during Single Sign On initiation 055 * at the Service Provider for determining the 056 * <code>RequestedAuthnContext</code> to be set in the 057 * <code>AuthRequest</code> before sending the request to 058 * the Identity Provider. 059 * 060 * @param realm Organization or realm of the Service Provider. 061 * @param hostEntityID Entity Identifier of the Host. 062 * @param paramsMap Map containing key/value pairs of request parameters. 063 * @return RequestedAuthnContext Object. 064 * @throws SAML2Exception if an error occurs. 065 */ 066 public RequestedAuthnContext getRequestedAuthnContext(String realm, 067 String hostEntityID, 068 Map paramsMap) 069 throws SAML2Exception; 070 071 /** 072 * Returns the Auth Level for the <code>AuthContext</code>. 073 * 074 * This method is called by the Service Provider to determine 075 * the authLevel of Identity Provider Authentication Context 076 * which will set in the SSOToken created for the user on successful 077 * authentication. 078 * 079 * @param reqCtx the <code>RequestedAuthContext</code> object. 080 * @param authContext the <code>AuthContext</code> object. 081 * @param realm the organization or realm of the Service Provider. 082 * @param hostEntityID the Hosted Provider Entity ID. 083 * @param idpEntityID the Identity Provider Entity ID. 084 * @return authlevel of the <code>AuthContext</code>. 085 * @throws SAML2Exception if an error occurs. 086 */ 087 public int getAuthLevel(RequestedAuthnContext reqCtx, 088 AuthnContext authContext,String realm, 089 String hostEntityID, String idpEntityID) 090 throws SAML2Exception; 091 092 /** 093 * Returns true if the specified AuthnContextClassRef matches a list of 094 * requested AuthnContextClassRef. 095 * 096 * @param requestedACClassRefs a list of requested AuthnContextClassRef's 097 * @param acClassRef AuthnContextClassRef 098 * @param comparison the type of comparison 099 * @param realm Realm or Organization of the Service Provider. 100 * @param hostEntityID Entity ID of the Service Provider. 101 * 102 * @return true if the specified AuthnContextClassRef matches a list of 103 * requested AuthnContextClassRef 104 */ 105 public boolean isAuthnContextMatching(List requestedACClassRefs, 106 String acClassRef, String comparison, String realm, 107 String hostEntityID); 108}