All Classes and Interfaces
Class
Description
Base class for attribute definition resolver plugins.
Base class for a function that takes a
ProfileRequestContext and requires access to an
AttributeResolutionContext.Base class for transcoders.
A strategy function that examines SAML metadata associated with a relying party and derives List<String>-valued
configuration settings based on EntityAttribute extension tags.
Base class for
PolicyRequirementRule implementations that are compositions of other
PolicyRequirementRules.Base class for data connector resolver plugins.
Base spring bean definition parser for data connectors.
Matcher that checks, via an exact match, for an entity attribute with a given value.
Parser for EntityAttributeExactPolicyRule types.
Base class for matchers that check whether a particular entity attribute is present and contains a given value.
Matcher functor that checks entity attribute values via matching against a regular expression.
Parser for EntityAttributeRegexPolicyRule types.
Base definition for all EntityAttribute Parsers.
A matcher that evaluates to true if an entity's metadata matches the provided entity group name,
or a valid metadata-sourced affiliation of entities.
Parser for entity group policy rules.
Abstract executable search filter builder for implementations that can provide a search filter.
Basis of statement builder.
Basis of request builder.
Base class for implementing
MappingStrategy instances that includes
support for field renaming/aliasing.This is the base of all implementations of
Matcher which do some sort of comparison.Base class for filters which rely on the issuer's <shibmd:scope> extensions.
A strategy function that examines SAML metadata associated with a relying party and derives configuration
settings based on EntityAttribute extension tags.
A child context that caches derived configuration properties.
Checks if the attribute issuer supports the required NameID format.
Parser for NameIDFormat rules.
Basis of all implementations of
PolicyRequirementRule which do some sort of comparison.Base class for regex matching functors of natural type Matcher (mostly attribute value matchers).
Base class for regex matching functors of natural type PolicyRule.
General
Matcher for regexp comparison of strings in Attribute Filters.General
Matcher for regexp comparison of strings in Attribute Filters.Base class for rules operating on the RPI extension in metadata.
Spring bean definition parser that creates RegistrationAuthorityPolicyRule beans.
Base class for all
ResolverPlugins.A factory bean to collect the parameterization that goes onto a
AbstractResolverPlugin.Base class for transcoders that operate on a SAML 1
Attribute or AttributeDesignator.A function to produce a "canonical" name for a SAML 1
AttributeDesignator for transcoding rules.Base class for transcoders that operate on a SAML 2
Attribute or RequestedAttribute.A function to produce a "canonical" name for a SAML 2.0
Attribute for transcoding rules.AbstractSAMLAttributeTranscoder<AttributeType extends SAMLObject,EncodedType extends IdPAttributeValue>
Base class for transcoders that support SAML attributes.
A
DataConnector containing functionality common to data connectors that
retrieve attribute data by searching a data source.Base class for string matching functors of natural type Matcher (mostly attribute value matchers).
General
PolicyRequirementRule for String comparison of strings in Attribute Filters.Base class for string matching functors of natural type PolicyRule.
Matcher that implements the conjunction of matchers.Bean definition parser for
AndMatcher or AndPolicyRule objects.PolicyRequirementRule that implements the conjunction of Policy Rules.Bean definition parser for
PolicyRequirementRule.MATCHES_ALL objects.A
BaseContext that tracks a set of attributes.Indicates a problem during decoding into an attribute.
Definition of attribute definition resolver plugins.
Indicates a problem during the encoding of an attribute.
Base class for attribute related exceptions.
Interface that filters out attributes and values based upon loaded policies.
A context supplying input to the
AttributeFilter interface.Used to indicate the "direction" of filtering relative to the IdP.
Indicates that an error has occurred during an attribute filtering process.
Service that filters out attributes and values based upon loaded policies.
Namespace handler for the attribute filtering engine.
A policy describing if a set of attribute value filters is applicable.
Bean definition parser for <afp:AttributeFilterPolicyGroup>, top top level of the filter "stack".
Bean definition parser for an
AttributeFilterPolicy.Strategy for summoning up an
AttributeFilterImpl from a populated ApplicationContext.A context which carries and collects information through the attribute filtering process, and coordinates data
between the filter implementation and the various resolver MatchFunctor implementations.
Matcher that checks whether an attribute is enumerated in an SP's metadata as a required or optional attribute.
Bean definition parser for
AttributeInMetadataMatcher.A function that returns
AttributeResolutionContext.getAttributeIssuerID() if available from a
AttributeResolutionContext obtained via a lookup function defined on the base class.Predicate that evaluates a
ProfileRequestContext by looking for an attribute issuer
that matches one of a designated set or a generic predicate.Compare the attribute issuer's entity ID for this resolution with the provided name.
Compare the attribute issuer's entity ID for this resolution with the provided regexp.
Bean definition parser for
AttributeIssuerRegexpPolicyRule.Bean definition parser for
AttributeIssuerPolicyRule.An implementation of
MetadataNodeProcessor which extracts IdPRequestedAttributes from any
AttributeConsumingService we find and IdPAttributes from any EntityDescriptor that we find.A function that returns
AttributeResolutionContext.getPrincipal() if available from a
AttributeResolutionContext obtained via a lookup function defined on the base class.Predicate that evaluates a
ProfileRequestContext by looking for an attribute subject
that matches one of a designated set or a generic predicate.A function that returns
AttributeResolutionContext.getAttributeRecipientID() if available from a
AttributeResolutionContext obtained via a lookup function defined on the base class.Predicate that evaluates a
ProfileRequestContext by looking for an attribute recipient
that matches one of a designated set.Strategy for summoning up an
AttributeTranscoderRegistryImpl from a populated ApplicationContext.Compare the attribute requester's entity ID for this resolution with the provided name.
Compare the attribute requester's entity ID for this resolution with the provided regexp.
Bean definition parser for
AttributeRequesterRegexpPolicyRule.Bean definition parser for
AttributeRequesterPolicyRule.A context supplying input to the
AttributeResolver interface.A component that resolves the attributes for a particular subject.
A component that resolves the attributes for a particular subject.
Namespace handler for the attribute resolver.
Bean definition parser for an
AttributeResolver.Additional gauges for attribute resolver.
Strategy for summoning up an
AttributeResolverImpl from a populated ApplicationContext.A context which carries and collects information through the attribute resolution process, and coordinates data
between the resolver implementation and the various resolver plugin implementations.
Represents a value filtering rule for a particular attribute.
Spring bean definition parser to configure an
AttributeRule.Bean definition parser for
AttributeScopeStringMatchers.Class to implement a filter of scopes against <shibmd:scope>.
Bean definition parser for
AttributeScopeRegexpMatchers.Test that the scope in a
ScopedStringAttributeValue is a regexp match to configured value.Test that the scope of a
ScopedStringAttributeValue is a string match to the value configured.Container for decoded attributes.
Transcoders are objects that support both attribute encoding and decoding for bidirectional
translation between
IdPAttribute format and technology-specific formats.The transcoder registry provides access to "instructions" for converting between
the
IdPAttribute "neutral" representation within the IdP and protocol-specific
forms such as SAML Attributes or OIDC claims.Interface to a naming function that allows an object to be turned into a unique string name.
Service implementation of the
AttributeTranscoderRegistry interface.Class to implement a filter of string values against <shibmd:scope>.
Bean definition parser for
AttributeValueRegexpMatchers.Test that an
IdPAttributeValue is a regexp match to the configured string.Test that an
IdPAttributeValue is a string match to the configured string.Bean definition parser for
AttributeValueStringMatchers.Base spring bean definition parser for attribute definitions.
Base class for Spring bean definition parser for attribute encoders.
Base function for all Attribute Value matchers.
Base class for all classes which bridge between
PolicyRequirementRule and Matcher (in either
direction).Base class for Spring bean definition parsers within the filter engine configuration.
Base function for all natural policy rules.
Bean definition parser for
ResolverAttributeDefinitionDependency and
for ResolverDataConnectorDependency.Bean definition parser for a
ResolverPlugin.Base class for Spring bean definition parser for SAML 1 attribute encoders.
Base class for Spring bean definition parser for SAML 1 attribute encoders.
Basic implementation of a
AttributeTranscoderRegistry.NamingFunction.A strategy function that examines SAML metadata associated with a relying party and derives bean-based
configuration settings based on EntityAttribute extension tags.
A strategy function that examines SAML metadata associated with a relying party and derives Boolean-valued
configuration settings based on EntityAttribute extension tags.
A
byte[] value for an IdPAttribute.Utility class for parsing v2 cache configuration.
Spring bean definition parser for configuring ComputedIdDataConnector.
A
PairwiseIdStore that generates a pairwise ID by computing the hash of
a given attribute value, the entity ID of the recipient, and a provided salt.Post-digest encoding types.
Validator implementation that invokes
Connection.open() to determine if the ConnectionFactory is properly
configured.An attribute definition which returns an attribute whose values are derived from the
ProfileRequestContext associated with the request via a plugged in Function.Spring Bean Definition Parser for attribute definitions derived from the Principal.
A data connector which returns attributes whose values are derived from the
ProfileRequestContext associated with the request via a plugged in Function.Spring Bean Definition Parser for
ContextDerivedDataConnector.A Factory bean to summon up
CredentialConfig from supplied <Credential> statements.Base class for data connector resolver plugins.
Validator implementation that invokes
DataSource.getConnection() to determine if the DataSource is properly
configured.An
AttributeDefinition that creates an attribute whose values are the values
of all its dependencies, passed through or converted into a DateTimeAttributeValue.Bean definition parser for a
DateTimeAttributeDefinition.Base class for
IdPAttribute values that are date/time values.An
AttributeDefinition that creates an attribute whose values are the
decrypted values of its dependencies.Bean definition parser for a
DecryptedAttributeDefinition.General
PolicyRequirementRule for testing the filtering direction.A strategy function that examines SAML metadata associated with a relying party and derives Double-valued
configuration settings based on EntityAttribute extension tags.
Extended
PairwiseIdStore interface that supports reversal, mutation, and deactivation features
requiring durable storage.A strategy function that examines SAML metadata associated with a relying party and derives Long-valued
configuration settings that are durations, based on EntityAttribute extension tags.
An
IdPAttributeValue that is empty.Types of empty values.
A
DataConnector that returns the decoded EntityAttributes
from a peer's metadata.Bean definition Parser for a
EntityAttributesDataConnector.Should be implemented by objects used to search for attributes, that uniquely identify those search results.
Builder used to created
ExecutableSearch instances.A search filter that can be executed against an LDAP to fetch results.
A statement that can be executed against a database to fetch results.
Marker interface for an extender of filter engine scripting.
This class implements a
DataConnector
that obtains data from an HTTP service.Bean definition Parser for a
HTTPDataConnector.Utility class for parsing v2 schema configuration.
Strategy for processing an
HttpClient response into a map of
IdPAttributes.An HTTP request that returns attribute data.
Each attribute represents one piece of information about a user and has associated encoders used to turn that
information in to protocol-specific formats.
Interface for values of an
IdPAttribute.IdP representation of
RequestedAttribute.Bean definition parser for
DirectionPolicyRule using AttributeFilterContext.Direction.INBOUND.Bean definition parser for a
ResolverAttributeDefinitionDependency.Bean definition parser for a
ResolverDataConnectorDependency.A strategy function that examines SAML metadata associated with a relying party and derives Integer-valued
configuration settings based on EntityAttribute extension tags.
Matcher that checks, via an exact match, if the attribute issuer contains an entity attribute with a given value.
Parser for
IssuerEntityAttributeExactPolicyRule.Matcher that checks, via regex, if the attribute issuer contains an entity attribute with a given value.
Parser for
IssuerEntityAttributeRegexPolicyRule.A matcher that evaluates to true if attribute issuer's metadata matches the provided entity group name,
or a valid metadata-sourced affiliation of entities.
Parser for
IssuerInEntityGroupPolicyRule.Checks if the attribute issuer supports the required NameID format.
Parser for
IssuerNameIDFormatExactPolicyRule.Rule based on RPI extension in attribute issuer's metadata.
Spring bean definition parser that creates
IssuerRegistrationAuthorityPolicyRule beans.JDBC-based storage management for pairwise IDs.
A
DataConnector that queries an LDAP in order to retrieve attribute
data.Bean definition Parser for a
LDAPDataConnector.Utility class for parsing v2 schema configuration.
A strategy function that examines SAML metadata associated with a relying party and derives List<String>-valued
configuration settings based on EntityAttribute extension tags.
A strategy function that examines SAML metadata associated with a relying party and derives Long-valued
configuration settings based on EntityAttribute extension tags.
Utility class for parsing v2 managed connection configuration.
Implementation of Mapped Attributes.
Bean definition parser for a
MappedAttributeDefinition.Strategy for mapping from an arbitrary result type to a collection of
IdPAttributes.Java definition of MatchFunctorType as applied to value filtering.
Bridging class to go from a
PolicyRequirementRule to a Matcher.An attribute definition that simply returns a static value.
A data connector that just returns a static collection of attributes.
A simple, mock implementation of
Matcher.A simple, mock implementation of
Matcher.An attribute definition that simply returns a static value.
An attribute definition that simply returns a static value.
A special ResolutionException which is thrown if multiple results were resolved
by a data connector and the deployer specified "MultipleResultsAnError".
A special ResolutionException which is thrown if no results were resolved
by a data connector and the deployer specified "NoResultsAnError".
Matcher that implements the negation of a matcher.Bean definition parser for
NotMatcher or NotPolicyRule objects.PolicyRequirementRule that implements the negation of a matcher.A policy rule that checks if the given attribute has more than the minimum number of values but less than the
maximum.
Bean definition parser for
NumOfAttributeValuesPolicyRule.Matcher that implements the disjunction of matchers.Bean definition parser for
OrMatcher or OrPolicyRule objects.PolicyRequirementRule that implements the disjunction of Policy Rules.Bean definition parser for
DirectionPolicyRule using AttributeFilterContext.Direction.OUTBOUND.Object representing a pairwise/targeted identifier entry as a storage input/output.
A
DataConnector that generates pairwise IDs that depend on
a seed IdPAttribute.Spring bean definition parser for configuring
PairwiseIdDataConnector variants.Storage and retrieval interface for pairwise/targeted identifiers allowing for custom implementations.
An
ExecutableSearchBuilder that generates the search filter to
be executed by evaluating a parameterized filter string against the currently resolved attributes within a
AttributeResolutionContext.Support class for working with dependencies both
ResolverAttributeDefinitionDependency
and ResolverDataConnectorDependency.Bridging class to go from a
Matcher to a PolicyRequirementRule.Bridging class to go from a
Matcher to a PolicyRequirementRule.Java definition of PolicyRequirementRule.
Representation of the three outcomes of a PolicyRequirementRule.
Call out to an externally define predicate.
Bean definition parser for
PredicatePolicyRule.An attribute definition that creates
ScopedStringAttributeValues by taking a source attribute value splitting
it at a delimiter.Spring bean definition parser for prescoped attributes.
An attribute definition which returns an attribute with a single value - the principal.
Spring Bean Definition Parser for PrincipalName attribute definitions.
Compare the principal name for this resolution with the provided string.
Compare the principal name for this resolution with the provided regexp.
Bean definition parser for
PrincipalNameRegexpPolicyRule.Bean definition parser for
PrincipalNamePolicyRule.Compare the profile identifier for this resolution with the provided string.
Bean definition parser for
ProfilePolicyRule.Matcher that checks, via an exact match, if the proxied requester's metadata
contains an entity attribute with a given value.
Parser for
ProxiedRequesterEntityAttributeExactPolicyRule.Matcher that checks, via regex, if the proxied attribute requester's metadata
contains an entity attribute with a given value.
Parser for
ProxiedRequesterEntityAttributeRegexPolicyRule.A matcher that evaluates to true if proxied requester's metadata matches the provided entity group name,
or a valid metadata-sourced affiliation of entities.
Parser for
ProxiedRequesterInEntityGroupPolicyRule.Compare a proxied attribute requester's entity ID for this resolution with the provided name.
Compare a proxied attribute requester's entity ID for this resolution with the provided regexp.
Bean definition parser for
ProxiedRequesterRegexpPolicyRule.Rule based on RPI extension in proxied requester's metadata.
Spring bean definition parser that creates
ProxiedRequesterRegistrationAuthorityPolicyRule beans.Bean definition parser for
ProxiedRequesterPolicyRule.A
DataConnector that queries a relation database in order to retrieve
attribute data.Bean definition Parser for a
RDBMSDataConnector.Utility class for parsing v2 schema configuration.
An
AttributeDefinition that produces its attribute values by taking the
first group match of a regular expression evaluating against the values of this definition's dependencies.Spring Bean Definition Parser for Regexp split attribute definitions.
Matcher that checks, via an exact match, if the attribute requester's metadata
contains an entity attribute with a given value.
Parser for
RequesterEntityAttributeExactPolicyRule.Matcher that checks, via regex, if the attribute requester's metadata
contains an entity attribute with a given value.
Parser for
RequesterEntityAttributeRegexPolicyRule.A matcher that evaluates to true if attribute requester's metadata matches the provided entity group name,
or a valid metadata-sourced affiliation of entities.
Parser for
RequesterInEntityGroupPolicyRule.Checks if the attribute requester supports the required NameID format.
Parser for
RequesterNameIDFormatExactPolicyRule.Rule based on RPI extension in attribute requester's metadata.
Spring bean definition parser that creates
RequesterRegistrationAuthorityPolicyRule beans.An exception indicating a problem resolving attribute data.
A function that returns
AttributeResolutionContext.getResolutionLabel() if available from a
AttributeResolutionContext obtained via a lookup function defined on the base class.Predicate that evaluates a
ProfileRequestContext by looking for an attribute resolution label
that matches one of a designated set or a generic predicate.A proxy which wraps a resolved attribute definition and always returns the same attribute.
A proxy which wraps a resolved data connector and always returns the same attributes.
A Dependency that references to an Attribute Definition.
A Dependency that references to an Data Connector.
Interface defining the base work done by all plugins used within attribute resolution.
Marker interface for an extender of resolver scripting.
Support class for attribute resolvers testing.
Strategy for mapping from a
ResultSet to a collection of IdPAttributes.Marker interface for transcoders that operate on a SAML 1
Attribute or AttributeDesignator.Spring Bean Definition Parser for
SAML1ByteAttributeTranscoder.Deprecated, for removal: This API element is subject to removal in a future version.
Spring bean definition parser for SAML 1 NameIdentifier attribute definitions.
Spring Bean Definition Parser for
SAML1ScopedStringAttributeTranscoder.Spring Bean Definition Parser for
SAML1StringAttributeTranscoder.Spring Bean Definition Parser for
SAML1XMLObjectAttributeTranscoder.Marker interface for transcoders that operate on a SAML 2
Attribute or RequestedAttribute.Spring Bean Definition Parser for
SAML2ByteAttributeTranscoder.Spring Bean Definition Parser for
SAML2DateTimeAttributeTranscoder.Deprecated, for removal: This API element is subject to removal in a future version.
Spring bean definition parser for SAML 2 NameID attribute definitions.
Spring Bean Definition Parser for
SAML2ScopedStringAttributeTranscoder.Spring Bean Definition Parser for
SAML2StringAttributeTranscoder.Spring Bean Definition Parser for
SAML2XMLObjectAttributeTranscoder.Data Connector to extra attributes from a saml2
Assertion.Support class for encoding IdP Attributes and their value.
An attribute definition that creates
ScopedStringAttributeValues by taking a source attribute value and
applying a static scope to each.Spring Bean Definition Parser for scoped attribute definitions.
An attribute value with an associated scope.
Bean definition parser for
AttributeScopeMatchesShibMDScope.An
AttributeDefinition that executes a script in order to populate the
values of the generated attribute.Spring bean definition parser for scripted attribute configuration elements.
A Data Connector which populates a series of attributes from a provided
ProfileRequestContext.Bean definition Parser for a
ScriptedDataConnector.This is the API which is available to ECMAScripted attributes.
An encapsulated Attribute suitable for handing to scripts.
A
Matcher that delegates to a JSR-223 script for its actual processing.Bean definition parser for
ScriptedPolicyRule or ScriptedMatcher objects.A
PolicyRequirementRule that delegates to a JSR-223 script for its actual
processing.HTTPResponseMappingStrategy that relies on a script to map the response to the
attribute set.StorageMappingStrategy that relies on a script to map the record to the
attribute set.Strategy for mapping from a
SearchResponse to a collection of
IdPAttributes.A strategy function that examines SAML metadata associated with a relying party and derives Set<String>-valued
configuration settings based on EntityAttribute extension tags.
An
AttributeDefinition that creates an attribute whose values are the
values of all its dependencies.Bean definition parser for a
SimpleAttributeDefinition.MappingStrategy for pulling data out of StorageRecord.Represents incoming attribute values and rules used for matching them.
Bean definition parser for a
SourceValue.An attribute definition that simply returns a static value.
A
DataConnector that just returns a static collection of
attributes.Bean definition Parser for a
StaticDataConnector.Strategy for mapping from a
StorageRecord to a collection of IdPAttribute objects.This class implements a
DataConnector
that obtains data from a StorageService.Bean definition Parser for a
StorageServiceDataConnector.Utility class for parsing v2 schema configuration.
A search that can be executed against a
StorageService to fetch a result.Spring bean definition parser for StoredIDDataConnector.
Base class for
IdPAttribute values that are strings.A simple
SearchResultMappingStrategy that iterates over all result entries and includes all attribute values
as strings.A strategy function that examines SAML metadata associated with a relying party and derives String-valued
configuration settings based on EntityAttribute extension tags.
A simple
ResultMappingStrategy that assumes all columns in the result set should be mapped and that all
values are strings.Spring Bean Definition Parser for
ContextDerivedDataConnector with a predefined mapping function.Spring Bean Definition Parser for attribute definitions derived from the Principal.
An attribute definition that constructs its values based on the values of its dependencies using the Velocity
Template Language.
Spring bean definition parser for templated attribute definition elements.
An
ExecutableSearchBuilder that generates a
request by evaluating Templates against the currently resolved attributes within an
AttributeResolutionContext to produce a URL and body, via GET or POST, and a configurable
cache key.An
ExecutableSearchBuilder that generates the search filter to
be executed by evaluating a Template against the currently resolved attributes within a
AttributeResolutionContext.Escapes LDAP attribute values added to the template context.
An
ExecutableSearchBuilder that generates the SQL statement to
be executed by evaluating a Template against the currently resolved attributes within a
AttributeResolutionContext.Escapes SQL values added to the template context.
An
ExecutableSearchBuilder that generates the StorageService context and key
using Velocity templates.Record encapsulating storage context and key.
An
ExecutableSearchBuilder that generates the URL to
request by evaluating a Template against the currently resolved attributes within an
AttributeResolutionContext.Basic data sources for testing the attribute generators.
Helper class.
Helper class.
Support functions for working with
AttributeTranscoder framework.Wrapper around a
Map representing a rule for transcoding, used to
detect and load the rules at runtime from a Spring context.A mechanism for loading a set of
TranscodingRule objects from sources such as maps
or directories of property files.Exception thrown when a particular
IdPAttributeValue type was expected but a
different one was encountered.Exception thrown by
Validators when validation fails.Used to determine whether a Data Connector initialized properly and continues to be fit for use.
Performs many to one mapping of source values to a return value.
Bean definition parser for a
ValueMap.Bean definition parser for
AttributeValueMatchesShibMDScope.A
XMLObjectAttributeValue value for an IdPAttribute.