a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * opensso/legal/CDDLv1.0.txt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at opensso/legal/CDDLv1.0.txt.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FedletAdapter.java,v 1.2 2009/06/17 03:09:13 exu Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.saml2.plugins;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.common.SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.protocol.LogoutRequest;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.protocol.LogoutResponse;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport javax.servlet.http.HttpServletRequest;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport javax.servlet.http.HttpServletResponse;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.Map;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.List;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The <code>FedletAdapter</code> abstract class provides methods
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that could be extended to perform user specific logics during SAMLv2
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * protocol processing on the Service Provider side. The implementation class
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * could be configured on a per service provider basis in the extended
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * metadata configuration.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <p>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A singleton instance of this <code>FedletAdapter</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * class will be used per Service Provider during runtime, so make sure
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implementation of the methods are thread safe.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic abstract class FedletAdapter {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constants for hosted entity id parameter
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String HOSTED_ENTITY_ID = "HOSTED_ENTITY_ID";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Initializes the fedlet adapter, this method will only be executed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * once after creation of the adapter instance.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param initParams initial set of parameters configured in the fedlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * for this adapter. One of the parameters named
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>HOSTED_ENTITY_ID</code> refers to the ID of this
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * fedlet entity.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public abstract void initialize(Map initParams);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Invokes after Fedlet receives SLO request from IDP. It does the work
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of logout the user.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request servlet request
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response servlet response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param hostedEntityID entity ID for the fedlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idpEntityID entity id for the IDP to which the request is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * received from.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param siList List of SessionIndex whose session to be logged out
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param nameIDValue nameID value whose session to be logged out
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param binding Single Logout binding used,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * one of following values:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.SOAP</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_POST</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_REDIRECT</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>true</code> if user is logged out successfully;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>false</code> otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if user want to fail the process.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean doFedletSLO (
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletResponse response,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogoutRequest logoutReq,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String hostedEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String idpEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster List siList,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String nameIDValue,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String binding)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Invokes after Fedlet receives SLO response from IDP and the SLO status
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is success.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request servlet request
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response servlet response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param logoutReq SAML2 <code>LogoutRequest</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param logoutRes SAML2 <code>LogoutResponse</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param hostedEntityID entity ID for the fedlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idpEntityID entity id for the IDP to which the logout response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is received from.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param binding Single Logout binding used,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * one of following values:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.SOAP</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_POST</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_REDIRECT</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if user want to fail the process.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void onFedletSLOSuccess(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletResponse response,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogoutRequest logoutReq,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogoutResponse logoutRes,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String hostedEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String idpEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String binding)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Invokes after Fedlet receives SLO response from IDP and the SLO status
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is not success.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request servlet request
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response servlet response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param logoutReq SAML2 <code>LogoutRequest</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param logoutRes SAML2 <code>LogoutResponse</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param hostedEntityID entity ID for the fedlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idpEntityID entity id for the IDP to which the logout response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is received from.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param binding Single Logout binding used,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * one of following values:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.SOAP</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_POST</code>,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAML2Constants.HTTP_REDIRECT</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if user want to fail the process.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void onFedletSLOFailure(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster HttpServletResponse response,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogoutRequest logoutReq,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogoutResponse logoutRes,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String hostedEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String idpEntityID,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String binding)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster}