org.sourceid.saml20.service.impl
Class AccountLinkingServiceDBImpl

java.lang.Object
  extended by org.sourceid.saml20.service.impl.AccountLinkingServiceDBImpl
All Implemented Interfaces:
AccountLinkingService

public class AccountLinkingServiceDBImpl
extends java.lang.Object
implements AccountLinkingService

A database (JDBC) backed implementation of the AccountLinkingService.

By default this implementation points at a Hypersonic database embedded in the PingFederate server. For security reasons the Hypersonic DB is not available via socket connection. To use account linking (as an SP) in a clustered environment you need to point this service at an external (replicated/redundant) relational database.

That DB must have a table called pingfederate_account_link in it and it must have the following semantics (note these may vary slightly by DB vendor).

  CREATE TABLE pingfederate_account_link(
    idp_entityid    VARCHAR(256),
    external_userid VARCHAR(256),
    adapter_id      VARCHAR(32),
    local_userid    VARCHAR(256),
    date_created    DATE NOT NULL,
    date_updated    DATE,
    CONSTRAINT pk_account PRIMARY KEY (idp_entityid, external_userId, adapter_id));
 CREATE INDEX LOCALUSERIDIDX ON pingfederate_account_link(local_userid);
 

To point this implementation at a data source other than the default Hypersonic DB, you need to edit the org.sourceid.saml20.service.impl.AccountLinkingServiceDBImpl.xml file and change the value of configuration item named 'PingFederateDSJNDIName' to the JNDI name of the data source you want to use. The JNDI name of datasources configured using the PingFederate GUI console can be found in the pingfederate-jdbc-ds.xml file.

Author:
Guoping Liu

Constructor Summary
AccountLinkingServiceDBImpl()
           
 
Method Summary
 java.lang.String lookupLink(java.lang.String idpEntityId, java.lang.String authnAdapterId, java.lang.String externalIdentifier)
          Lookup a local user id keyed from he composite key of idpEntityId, authnaAdapterId, and externalIdentifier.
 void storeLink(java.lang.String localIdentifier, java.lang.String idpEntityId, java.lang.String authnAdapterId, java.lang.String externalIdentifier)
          Store the account link - an association of the composite key of idpEntityId, authnaAdapterId, and externalIdentifier to the localIdentifier.
 void terminateLink(java.lang.String idpEntityId, java.lang.String authnAdapterId, java.lang.String externalIdentifier)
          Terminate the account link identified by the he composite key of idpEntityId, authnaAdapterId, and externalIdentifier.
 void updateExternalId(java.lang.String newExternalIdentifier, java.lang.String idpEntityId, java.lang.String oldExternalIdentifier)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccountLinkingServiceDBImpl

public AccountLinkingServiceDBImpl()
Method Detail

terminateLink

public void terminateLink(java.lang.String idpEntityId,
                          java.lang.String authnAdapterId,
                          java.lang.String externalIdentifier)
                   throws AccountLinkingServiceException
Description copied from interface: AccountLinkingService
Terminate the account link identified by the he composite key of idpEntityId, authnaAdapterId, and externalIdentifier.

Specified by:
terminateLink in interface AccountLinkingService
Parameters:
idpEntityId - the entity id of the IdP partner connection that issued the external identifier.
authnAdapterId - the id of the SpAuthenticationAdapter instance.
externalIdentifier - the external identifier sent by the IdP.
Throws:
AccountLinkingServiceException - for any unexpected runtime problem that the implementation cannot handle.

lookupLink

public java.lang.String lookupLink(java.lang.String idpEntityId,
                                   java.lang.String authnAdapterId,
                                   java.lang.String externalIdentifier)
                            throws AccountLinkingServiceException
Description copied from interface: AccountLinkingService
Lookup a local user id keyed from he composite key of idpEntityId, authnaAdapterId, and externalIdentifier.

Specified by:
lookupLink in interface AccountLinkingService
Parameters:
idpEntityId - the entity id of the IdP partner connection that issued the external identifier.
authnAdapterId - the id of the SpAuthenticationAdapter instance.
externalIdentifier - the external identifier sent by the IdP.
Returns:
the the local user id of the principal or null if no link exists.
Throws:
AccountLinkingServiceException - for any unexpected runtime problem that the implementation cannot handle.

storeLink

public void storeLink(java.lang.String localIdentifier,
                      java.lang.String idpEntityId,
                      java.lang.String authnAdapterId,
                      java.lang.String externalIdentifier)
               throws AccountLinkingServiceException
Description copied from interface: AccountLinkingService
Store the account link - an association of the composite key of idpEntityId, authnaAdapterId, and externalIdentifier to the localIdentifier.

Specified by:
storeLink in interface AccountLinkingService
Parameters:
localIdentifier - the the local user id of the principal.
idpEntityId - the entity id of the IdP partner connection that issued the external identifier.
authnAdapterId - the id of the SpAuthenticationAdapter instance.
externalIdentifier - the external identifier sent by the IdP.
Throws:
AccountLinkingServiceException - for any unexpected runtime problem that the implementation cannot handle.

updateExternalId

public void updateExternalId(java.lang.String newExternalIdentifier,
                             java.lang.String idpEntityId,
                             java.lang.String oldExternalIdentifier)
                      throws AccountLinkingServiceException
Throws:
AccountLinkingServiceException


Copyright 2007 Ping Identity Corp. All rights reserved.