FMSubjectMapper.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: FMSubjectMapper.java,v 1.4 2009/09/22 22:57:43 madan_ranganath Exp $
*
*/
/**
* This class implements SubjectMapper to map between XACML context
* Subject and native subject
* This mapper recognises only the following XACML specification defined
* attributeId
* <pre>
* urn:oasis:names:tc:xacml:1.0:subject:subject-id
* </pre>
* Only following dataTypes would be understood for subject-id
* <pre>
* urn:oasis:names:tc:xacml:1.0:data-type:x500Name
* urn:sun:names:xacml:2.0:data-type:opensso-session-id
* urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
* </pre>
* Only following value would be accepted for subject-category attribute
* of Subject
* <pre>
* urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
* </pre>
* If the attribute or the value is not specified in the request, it would
* default to this value. The Subject would map to null if a different
* value has been specified
* in error condition.
*
*/
public class FMSubjectMapper implements SubjectMapper {
/**
* Initializes the mapper implementation. This would be called immediately
* after constructing an instance of the implementation.
*
* @param pdpEntityId EntityID of PDP
* @param pepEntityId EntityID of PEP
* @param properties configuration properties
* @exception XACMLException if can not initialize
*/
throws XACMLException {
}
/**
* Returns native subject, OpenSSO SSOToken
* @param xacmlContextSubjects XACML context Subject(s) from the
* xacml-context:Request
* @return native subject, OpenSSO SSOToken, returns null if
* Subject did not match
* @exception XACMLException if can not map to native subject
*/
throws XACMLException {
// Method curently supports only
// urn:sun:names:xacml:2.0:data-type:opensso-session-id
// TODO : Support for
// urn:oasis:names:tc:xacml:1.0:data-type:x500Name
// urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
if (xacmlContextSubjects == null) {
return null;
}
//for (int subCount=0;subCount<xacmlContextSubjects.length;subCount++) {
//Subject subject = xacmlContextSubjects[subCount];
continue;
}
continue;
}
if (attributes != null) {
SUBJECT_ID)) {
.get(0);
.get(0);
.get(0);
}
// TODO:Need to support non-transient nameid format
}
}
}
}
}
}
try {
} catch (SSOException ssoExp) {
"FMSubjectMapper.mapToNativeSubject()"
+ ":caught SSOException:", ssoExp);
}
}
}
//create ssoToken based on x500name (userName)
try {
} catch (SessionException se) {
"FMSubjectMapper.mapToNativeSubject()"
+ ":caught SessionException:", se);
}
}
}
return ssoToken;
}
return ssoToken;
}
}