001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: IDPAuthnContextMapper.java,v 1.6 2008/06/25 05:47:51 qcheng Exp $ 026 * 027 */ 028 029 030package com.sun.identity.saml2.plugins; 031 032import java.util.List; 033 034import com.sun.identity.saml2.assertion.AuthnContext; 035import com.sun.identity.saml2.common.SAML2Exception; 036import com.sun.identity.saml2.protocol.AuthnRequest; 037 038/** 039 * The interface <code>IDPAuthnContextMapper</code> creates an 040 * <code>IDPAuthnContextInfo<code> based on the RequestAuthnContext from 041 * the AuthnRequest sent by a Service Provider and the AuthnContext 042 * configuration at the IDP entity config. 043 * The implementation of this class will be used by the IDP to find out 044 * the authentication mechaism and set the AuthnContext in the Assertion. 045 * 046 * @supported.all.api 047 */ 048 049public interface IDPAuthnContextMapper { 050 051 /** 052 * Returns an <code>IDPAuthnContextInfo</code> object. 053 * 054 * @param authnRequest the <code>AuthnRequest</code> from the Service 055 * Provider 056 * @param idpEntityID the Entity ID of the Identity Provider 057 * @param realm the realm to which the Identity Provider belongs 058 * 059 * @return an <code>IDPAuthnContextInfo</code> object 060 * @throws SAML2Exception if an error occurs. 061 */ 062 public IDPAuthnContextInfo getIDPAuthnContextInfo( 063 AuthnRequest authnRequest, 064 String idpEntityID, 065 String realm) throws SAML2Exception; 066 067 /** 068 * Returns true if the specified AuthnContextClassRef matches a list of 069 * requested AuthnContextClassRef. 070 * 071 * @param requestedACClassRefs a list of requested AuthnContextClassRef's 072 * @param acClassRef AuthnContextClassRef 073 * @param comparison the type of comparison 074 * @param realm the realm to which the Identity Provider belongs 075 * @param idpEntityID the Entity ID of the Identity Provider 076 * 077 * @return true if the specified AuthnContextClassRef matches a list of 078 * requested AuthnContextClassRef 079 */ 080 public boolean isAuthnContextMatching(List requestedACClassRefs, 081 String acClassRef, String comparison, String realm, 082 String idpEntityID); 083 084 /** 085 * Returns <code>AuthnContext</code> that matches the authenticated level. 086 * @param authLevel user authenticated level 087 * @param realm the realm to which the Identity Provider belongs 088 * @param idpEntityID the Entity ID of the Identity Provider 089 * 090 * @return <code>AuthnContext</code> object that matches authenticated 091 * level. 092 * @throws SAML2Exception if an error occurs. 093 */ 094 public AuthnContext getAuthnContextFromAuthLevel( 095 String authLevel, String realm, String idpEntityID) 096 throws SAML2Exception; 097}