001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: PartnerAccountMapper.java,v 1.4 2008/08/19 19:11:14 veiming Exp $ 026 * 027 */ 028 029 030package com.sun.identity.saml.plugins; 031 032import com.sun.identity.saml.protocol.SubjectQuery; 033 034import java.util.List; 035import java.util.Map; 036 037/** 038 * The class <code>PartnerAccountMapper</code> is an interface 039 * that is implemented to map partner account to user account 040 * in OpenSSO. 041 * <p> 042 * Different partner would need to have a different implementation 043 * of the interface. The mappings between the partner source ID and 044 * the implementation class are configured at the <code>Partner URLs</code> 045 * field in SAML service. 046 * 047 * @supported.all.api 048 */ 049 050public interface PartnerAccountMapper { 051 052 /** 053 * Key to hold user DN in returned map 054 */ 055 public static final String NAME = "name"; 056 057 /** 058 * Key to hold organization DN in returned map 059 */ 060 public static final String ORG = "org"; 061 062 /** 063 * Key to hold attributes to be set as session properties. 064 */ 065 public static final String ATTRIBUTE = "attribute"; 066 067 068 /** 069 * Returns user account in OpenSSO to which the 070 * subject in the assertion is mapped. This method will be called in POST 071 * profile, <code>ARTIFACT</code> profile, <code>AttributeQuery</code> and 072 * <code>AuthorizationDecisionQuery</code>. 073 * 074 * @param assertions a list of authentication assertions returned from 075 * partner side, this will contains user's identity in 076 * the partner side. The object in the list will be 077 * <code>com.sun.identity.saml.assertion.Assertion</code> 078 * @param sourceID source ID for the site from which the subject 079 * originated. 080 * @param targetURL value for <code>TARGET</code> query parameter when the 081 * user accessing the SAML aware servlet or post profile servlet. 082 * @return Map which contains <code>NAME</code>, <code>ORG</code> and 083 * <code>ATTRIBUTE</code> keys, value of the <code>NAME</code> 084 * key is the user DN, value of the <code>ORG</code> is the user 085 * organization DN, value of the <code>ATTRIBUTE</code> is a Map 086 * containing key/value pairs which will be set as properties 087 * on the OpenSSO SSO token, the key is the SSO 088 * property name, the value is a String value of the property. 089 * Returns empty map if the mapped user could not be obtained 090 * from the subject. 091 */ 092 public Map getUser(List assertions,String sourceID,String targetURL); 093 094 /** 095 * Returns user account in OpenSSO to which the 096 * subject in the query is mapped. This method will be called in 097 * <code>AttributeQuery</code>. 098 * 099 * @param subjectQuery subject query returned from partner side, 100 * this will contains user's identity in the partner side. 101 * @param sourceID source ID for the site from which the subject 102 * originated. 103 * @return Map which contains <code>NAME</code> and <code>ORG</code> keys, 104 * value of the <code>NAME<code> key is the user DN, value of the 105 * <code>ORG</code> is the user organization DN. Returns empty map 106 * if the mapped user could not be obtained from the subject. 107 */ 108 public Map getUser(SubjectQuery subjectQuery,String sourceID); 109}