shibboleth-dev - Re: [Shib-Dev] custom data resolver
Subject: Shibboleth Developers
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [Shib-Dev] custom data resolver
- Date: Thu, 19 Aug 2010 18:50:42 -0400
It depends on what you return from the LoginHandler.
If you return a username, then the authentication engine will create a
UsernamePrincipal object, containing the user name you return, and add
it to the Subject in the session.
If you return a Principal object it just gets added to the Subject in
the session.
If you return a Subject then all of the principal names, public, and
private credentials get merged in to the Subject in the Session.
On Thu, Aug 19, 2010 at 18:03, Paul Hethmon
<>
wrote:
> On 8/19/10 5:53 PM, "Chad La Joie "
> <>
> wrote:
>
>>> I'll dig through the classes/methods again to see if I can find that link,
>>> its eluded me thus far.
>>
>> Which link? accessing the Session from the request context? Or the
>> LoginHandler javadoc?
>
> I've read the LoginHandler javadoc, so that one is ok. The part I can't find
> way to get to the session information is from the DataConnector class:
>
> public class AuthDataConnector extends BaseDataConnector {
> public Map<String, BaseAttribute> resolve(ShibbolethResolutionContext
> resolutionContext)
> throws AttributeResolutionException {
>
> try {
> SAMLProfileRequestContext ctx =
> resolutionContext.getAttributeRequestContext();
> Session s = ctx.getUserSession();
> String sid = s.getSessionID();
>
> // The principal name is the index into our storage engine
> Object o = AuthDataStorage.get(ctx.getPrincipalName());
> if (o == null) {
> LOG.debug("[{}]. Principal name not found.",
> ctx.getPrincipalName());
> attributes = new HashMap<String, BaseAttribute>(0);
> return attributes;
> }
>
> So using the info from the wiki, I created my class extending
> BaseDataConnector. During attribute resolution, I get the
> ShibbolethResolutionContext object. As in my code snippet above, I can get
> to the Session. Maybe this is where I'm missing it. I see I can do a
> Session.getSubject, so would that be where my custom login handler would
> insert the data from the authentication process? For simplicity right now, I
> just created a custom class with a static storage in it.
>
> Paul
>
>
--
Chad La Joie
www.itumi.biz
trusted identities, delivered
- [Shib-Dev] custom data resolver, Paul Hethmon, 08/16/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/16/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/17/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Paul Hethmon, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/19/2010
- Re: [Shib-Dev] custom data resolver, Chad La Joie, 08/16/2010
Archive powered by MHonArc 2.6.16.