...
Beans defined for general authentication configuration follow: | ||
Bean ID | Type | Function |
---|---|---|
shibboleth.AvailableAuthenticationFlows | List<AuthenticationFlowDescriptor> | List of descriptors enumerating the supported authentication flows that can be used |
shibboleth.AuthenticationPrincipalWeightMap 3.1 | Map<Principal,Integer> | Map of weights to assign to particular custom Principal objects so that flows can pick an appropriate default Principal to associate with their result (see comment in file for more detail) |
shibboleth.AuthenticationFlow | AuthenticationFlowDescriptor | Parent bean for defining new flow descriptors |
shibboleth.SAML2AuthnContextClassRef | AuthnContextClassRefPrincipal | Parent bean for attaching SAML 2.0 AuthnContextClassRef constants to flows |
shibboleth.SAML2AuthnContextDeclRef | AuthnContextDeclRefPrincipal | Parent bean for attaching SAML 2.0 AuthnContextDeclRef constants to flows |
shibboleth.SAML1AuthenticationMethod | AuthenticationMethodPrincipal | Parent bean for attaching SAML 1.1 AuthenticationMethod constants to flows |
shibboleth.DefaultPrincipalSerializers 3.3 | List<PrincipalSerializer> | Default list of principal serializer plugins needed to support storage of authentication results |
shibboleth.DefaultPrincipalSymbolics 3.3 | Map<String,Integer> | Default mappings that shrink authentication result data by storing commonly seen strings as numbers |
shibboleth.PrincipalSerializers 3.3 | List<PrincipalSerializer> | User-supplied list of values to merge into shibboleth.DefaultPrincipalSerializers bean |
shibboleth.PrincipalSymbolics 3.3 | Map<String,Integer> | User-supplied list of values to merge into shibboleth.DefaultPrincipalSymbolics bean |
shibboleth.FixedAuthenticationEventStrategy 3.4 | Function<ProfileRequestContext,String> | Function for producing a Spring WebFlow Event to signal from login flow validation actions to artifically test error or warning customizations. |
The following beans are used to configure comparison rules for custom Principals to support rules for login flow selection when requests specify particular methods, as described in AuthenticationFlowSelection. | ||
Bean ID | Type | Function |
shibboleth.AuthnComparisonRules | Map used as constructor argument to PrincipalEvalPredicateFactoryRegistry | Map of comparison rules |
shibboleth.SAMLAuthnMethodExact shibboleth.SAMLACClassRefMinimum shibboleth.SAMLACDeclRefMaximum | Pair<Class<? extends Principal>, String> | Pairs of custom Principal types and matching operators for all the SAML 1.1 and 2.0 principal and comparison types supported, used as keys for the shibboleth.AuthnComparisonRules map |
shibboleth.ExactMatchFactory shibboleth.InexactMatchFactory | PrincipalEvalPredicateFactory | Template beans for values of the shibboleth.AuthnComparisonRules map |
shibboleth.BetterClassRefMatchFactory shibboleth.BetterDeclRefMatchFactory | PrincipalEvalPredicateFactory | Beans supplying matching rules for implementing SAML 2.0 "inexact" comparisons of AuthnContextClassRef or AuthnContextDeclRef constants |
shibboleth.IgnoredContexts 3.2 | Collection<String> | A collection of SAML 2.0 AuthnContextClassRef or AuthnContextDeclRef values to ignore if found in an <AuthnRequest> message |
...