org.sourceid.saml20.service
Interface IdpSessionRegistry

All Known Implementing Classes:
IdpSessionRegistryMapImpl, IdpSessionRegistryMulticastImpl, IdpSessionRegistryProxy

public interface IdpSessionRegistry

Defines the methods needed by PingFederate to track assertions/sessions issued to SP partners and the associated local application information (HashableAuthnBeans). This service allows PingFederate to track the state needed to perform single logout.

Note that this interface is utilized only when you have PingFederate configured as an IdP and one or more SP connections configured to do single logout.

Author:
Brian Campbell

Method Summary
 IdpHashableAuthnBean getAuthnBean(java.lang.String assertionId)
          Lookup the HashableAuthnBean that was registered against a remote session with the given asseriton id.
 java.util.List<Session> getIssuedSessions(IdpHashableAuthnBean authnBean)
          Gets all the sessions that have been issued to SP partners that are currently registered against the given HashableAuthnBean.
 java.util.Set<IdpHashableAuthnBean> getRegisteredAuthnBeans(java.lang.String pingFederateSessionIdentifier)
          Looks up all the local application sessions (HashableAuthnBeans) associated with a given PingFederate session id.
 void registerSessionIssued(IdpHashableAuthnBean authnBean, Session session)
           Registers that a remote session was issued against a local application session represented by the HashableAuthnBean.
 void unregisterAuthnBean(IdpHashableAuthnBean authnBean)
          Unregister an authentication bean.
 Session unregisterSession(java.lang.String assertionId)
          Unregister and return a session by assertion id.
 

Method Detail

registerSessionIssued

void registerSessionIssued(IdpHashableAuthnBean authnBean,
                           Session session)
                           throws SessionRegistryException

Registers that a remote session was issued against a local application session represented by the HashableAuthnBean. The HashableAuthnBean also contains a reference to the PingFederate local session identifier IdpHashableAuthnBean.getPingFederateSessionId().

Note that the assertion id and the session index on the Session object will always be the same in this context because of the way PingFederate handles session indexes.

Parameters:
authnBean - the local application session (which contains a local session identifier).
session - the remote session.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.

unregisterSession

Session unregisterSession(java.lang.String assertionId)
                          throws SessionRegistryException
Unregister and return a session by assertion id. This method is invoked by PingFederate during the SLO process. See Session.getAssertionId() and IdpHashableAuthnBean.getPingFederateSessionId().

Parameters:
assertionId - the assertion id.
Returns:
the Session object originally associated/registered with that assertion id.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.

unregisterAuthnBean

void unregisterAuthnBean(IdpHashableAuthnBean authnBean)
                         throws SessionRegistryException
Unregister an authentication bean. This method is invoked by the PingFederate server right after the logout method on the authentication adapter is invoked with the given HashableAuthnBean.

Parameters:
authnBean - the local session.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.

getIssuedSessions

java.util.List<Session> getIssuedSessions(IdpHashableAuthnBean authnBean)
                                          throws SessionRegistryException
Gets all the sessions that have been issued to SP partners that are currently registered against the given HashableAuthnBean.

Parameters:
authnBean - the local application session
Returns:
the list of Sessions.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.

getAuthnBean

IdpHashableAuthnBean getAuthnBean(java.lang.String assertionId)
                                  throws SessionRegistryException
Lookup the HashableAuthnBean that was registered against a remote session with the given asseriton id.

Parameters:
assertionId - the unique identifier of the assertion that was issued to an SP partner connection to create a remote session.
Returns:
the HashableAuthnBean that is associated with the given assertion id.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.

getRegisteredAuthnBeans

java.util.Set<IdpHashableAuthnBean> getRegisteredAuthnBeans(java.lang.String pingFederateSessionIdentifier)
                                                            throws SessionRegistryException
Looks up all the local application sessions (HashableAuthnBeans) associated with a given PingFederate session id. This method is used by the server to figure out what local application session to end and what remote sessions at SP partners to end when doing SLO.

Parameters:
pingFederateSessionIdentifier - the PingFederate session identifier. See: IdpHashableAuthnBean.getPingFederateSessionId().
Returns:
a Set of all the HashableAuthnBeans that are currently registered with the given session identifier.
Throws:
SessionRegistryException - for any unexpected runtime problem that the implementation cannot handle.


Copyright 2007 Ping Identity Corp. All rights reserved.