Class AuthnPolicy
- java.lang.Object
-
- org.sourceid.saml20.adapter.idp.authn.AuthnPolicy
-
- All Implemented Interfaces:
Serializable
public class AuthnPolicy extends Object implements Serializable
A wrapper object that contains restrictions on what kind of user interaction is allowed or required during authentication.
In general the values contained are derived from the IsPassive and ForceAuthn attributes of the SAML2 AuthnRequest.
The requested authentication contexts are contexts that the SP has requested for user authentication in this transaction.
To be protocol compliant, an adapter implementation should behave as dictated by the AuthnPolicy.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate)Create a new AuthnPolicy object.AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate, boolean registrationRequested)Create a new AuthnPolicy object.AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate, boolean registrationRequested, List<String> requestedAuthnContexts)Create a new AuthnPolicy object.AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate, List<String> requestedAuthnContexts)Create a new AuthnPolicy object.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanallowUserInteraction()Does policy allow direct interaction with the user (or user agent)? Generally interacting with the user means presenting them with a login page or something similar.booleanequals(Object obj)List<String>getRequestAuthnContexts()Indicates the requested authentication context of the assertioninthashCode()booleanreauthenticate()Does policy dictate that the user re-authenticate? Re-authenticating generally means that an existing security context should not be relied upon and that the user must present authentication credentials again.booleanregistrationRequested()Does policy dictate that the user desires to create a new account rather than authenticate an existing identity? User registration means the account creation experience should be shown rather than the login experience.
-
-
-
Constructor Detail
-
AuthnPolicy
public AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate)Create a new AuthnPolicy object.
-
AuthnPolicy
public AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate, List<String> requestedAuthnContexts)Create a new AuthnPolicy object.
-
AuthnPolicy
public AuthnPolicy(boolean allowUserInteraction, boolean reauthenticate, boolean registrationRequested)Create a new AuthnPolicy object.
-
-
Method Detail
-
allowUserInteraction
public boolean allowUserInteraction()
Does policy allow direct interaction with the user (or user agent)? Generally interacting with the user means presenting them with a login page or something similar.- Returns:
- true if direct user interaction is allowed, false otherwise
-
reauthenticate
public boolean reauthenticate()
Does policy dictate that the user re-authenticate? Re-authenticating generally means that an existing security context should not be relied upon and that the user must present authentication credentials again.- Returns:
- true if the user must reauthenticate, false otherwise
-
registrationRequested
public boolean registrationRequested()
Does policy dictate that the user desires to create a new account rather than authenticate an existing identity? User registration means the account creation experience should be shown rather than the login experience.- Returns:
- true if the user must register a new account, false otherwise
-
getRequestAuthnContexts
public List<String> getRequestAuthnContexts()
Indicates the requested authentication context of the assertion- Returns:
- the requested contexts of the assertion
-
-