com.sun.identity.saml

Class AssertionManager

java.lang.Object

com.sun.identity.saml.AssertionManager

public final class AssertionManager
extends Object

The class AssertionManager is a final class that provides interfaces to create, get and destroy Assertions.

It is a singleton class; an instance of this class can be obtained by calling AssertionManager.getInstance().

Having obtained an instance of AssertionManager, its methods can be called to create/get Assertion, and AssertionArtifact, and to obtain decision from an Query.

This class could only be used in the same JVM as OpenAM.

Method Summary

Modifier and Type	Method and Description
Assertion	createAssertion(Object token) This method creates an Assertion that contains an AuthenticationStatement.
Assertion	createAssertion(Object token, List attributes) This method creates an Assertion that contains an AuthenticationStatement and an AttributeStatement.
AssertionArtifact	createAssertionArtifact(Assertion assertion, String destID) This method creates an AssertionArtifact for the given Assertion.
Assertion	getAssertion(AssertionIDReference idRef, Object token) Gets the Assertion referenced by an AssertionIDReference.
Assertion	getAssertion(AssertionIDReference idRef, Set destID) Gets the Assertion referenced by an AssertionIDReference.
Assertion	getAssertion(AssertionIDReference idRef, String destID) Gets the Assertion referenced by an AssertionIDReference.
Set	getAssertionArtifacts(Object token) This method gets all valid AssertionArtifacts managed by this AssertionManager.
Set	getAssertions(Object token) This method gets all valid Assertions managed by this AssertionManager.
static AssertionManager	getInstance() Gets the singleton instance of AssertionManager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getInstance

public static AssertionManager getInstance()
                                    throws SAMLException

Gets the singleton instance of AssertionManager.

Returns:

The singleton AssertionManager instance

Throws:

SAMLException - if unable to get the singleton AssertionManager instance.

createAssertion

public Assertion createAssertion(Object token)
                          throws SAMLException

This method creates an Assertion that contains an AuthenticationStatement.

Parameters:

token - user's session object that contains authentication information which is needed to create the AuthenticationStatement.

Returns:

Assertion The created Assertion.

Throws:

SAMLException - If the Assertion cannot be created.

createAssertion

public Assertion createAssertion(Object token,
                                 List attributes)
                          throws SAMLException

This method creates an Assertion that contains an AuthenticationStatement and an AttributeStatement.

Parameters:

token - User' session object that contains authentication information which is needed to create the AuthenticationStatement for the Assertion.

attributes - A list of Attribute objects which are used to create the AttributeStatement for the Assertion.

Returns:

Assertion The created Assertion.

Throws:

SAMLException - If the Assertion cannot be created.

createAssertionArtifact

public AssertionArtifact createAssertionArtifact(Assertion assertion,
                                                 String destID)
                                          throws SAMLException

This method creates an AssertionArtifact for the given Assertion.

Parameters:

assertion - The Assertion for which an Artifact needs to be created.

destID - The sourceID of the site for which the AssertionArtifact is created. It is in raw String format (not Base64 encoded, for example.) This String can be obtained from converting the 20 bytes sequence to char Array, then from the char Array to String.

Returns:

AssertionArtifact

Throws:

SAMLException - If the AssertionArtifact cannot be created.

getAssertions

public Set getAssertions(Object token)
                  throws SAMLException

This method gets all valid Assertions managed by this AssertionManager.

Parameters:

token - User's session object which is allowed to get all Assertion.

Returns:

A Set of valid Assertion IDs. Each element in the Set is a String representing an Assertion ID.

Throws:

SAMLException - If this method can not gets all valid Assertions.

getAssertionArtifacts

public Set getAssertionArtifacts(Object token)
                          throws SAMLException

This method gets all valid AssertionArtifacts managed by this AssertionManager.

Parameters:

token - User's session object which is allowed to get all AssertionArtifacts.

Returns:

A Set of valid AssertionArtifacts. Each element in the Set is an AssertionArtifacts object representing an artifact.

Throws:

SAMLException - If this method can not gets all valid AssertionArtifacts.

getAssertion

public Assertion getAssertion(AssertionIDReference idRef,
                              Object token)
                       throws SAMLException

Gets the Assertion referenced by an AssertionIDReference. This method is usually used after the call AssertionManager.getAssertions(SSOToken). The assertion is retrieved from this AssertionManager only.

Parameters:

idRef - The AssertionIDReference which references to an Assertion.

token - Use's session object that is allowed to obtain the assertion. This token must have top level administrator role.

Returns:

the Assertion referenced by the AsertionIDReference.

Throws:

SAMLException - If an error occurred during the process; the token does not have the privilege; or the assertion could not be found.

getAssertion

public Assertion getAssertion(AssertionIDReference idRef,
                              String destID)
                       throws SAMLException

Gets the Assertion referenced by an AssertionIDReference.

Parameters:

idRef - The AssertionIDReference which references to an Assertion.

destID - The destination site id requesting the assertion using the assertion id reference. This String is compared with the destID that the assertion is created for originally. This field is not used (could be null) if the assertion was created without a destID originally. This String can be obtained from converting the 20 byte site id sequence to char array, then a new String from the char array.

Returns:

the Assertion referenced by the AsertionIDReference.

Throws:

SAMLException - If an error occurred during the process; or the assertion could not be found.

getAssertion

public Assertion getAssertion(AssertionIDReference idRef,
                              Set destID)
                       throws SAMLException

Gets the Assertion referenced by an AssertionIDReference.

Parameters:

idRef - The AssertionIDReference which references to an Assertion.

destID - A Set of destination site id. The destination site id requesting the assertion using the assertion id reference. This String is compared with the destID that the assertion is created for originally. This field is not used (could be null) if the assertion was created without a destID originally. This String can be obtained from converting the 20 byte site id sequence to char array, then a new String from the char array.

Returns:

the Assertion referenced by the AsertionIDReference.

Throws:

SAMLException - If an error occurred during the process; or the assertion could not be found.