PingFederate Protocol Engine Library 4.4.0.5 API

The PingFederate SDK provides the classes and interfaces necessary to integrate external applications and services with the PingFederate server as well as the ability to customize some behaviors of the system.

See:
          Description

Packages
com.pingidentity.access Provides access to various objects contained within the main PingFederate application and engine.
com.pingidentity.sources Driver classes and interfaces not limited to any protocol.
com.pingidentity.sources.gui Contains protocol independent dynamic UI classes and interfaces.
org.sourceid.saml20.adapter Adapter classes and interfaces that are common across SAML2 roles (both IdP and SP).
org.sourceid.saml20.adapter.attribute  
org.sourceid.saml20.adapter.conf Provides classes that are containers for configuration values entered by the user/administrator via the PingFederate GUI administration console.
org.sourceid.saml20.adapter.gui Provides classes that enable an adapter to describe to PingFederate the way its GUI configuration screen should look.
org.sourceid.saml20.adapter.gui.validation Provides interfaces that can be implemented to provide custom validation of data entered by administrators/users via the GUI.
org.sourceid.saml20.adapter.gui.validation.impl Provides implementations of some commonly needed field level validation.
org.sourceid.saml20.adapter.idp Identity Provider (IdP) role specific interfaces, classes, and sub-packages.
org.sourceid.saml20.adapter.idp.authn Identity Provider (IdP) role specific interfaces and classes for authentication adapters.
org.sourceid.saml20.adapter.sp Service Provider (SP) role specific interfaces, classes, and sub-packages.
org.sourceid.saml20.adapter.sp.authn Service Provider (SP) role specific interfaces and classes for authentication adapters.
org.sourceid.saml20.authncontext  
org.sourceid.saml20.service The PingFederate service interfaces with ancillary classes and exceptions.
org.sourceid.saml20.service.impl Useful implementations of some of the service interfaces.
org.sourceid.saml20.service.impl.localmemory In-memory implementations of some of the service interfaces - these implementations are suitable for use with the PingFederate server running in a stand-alone mode.
org.sourceid.saml20.service.impl.multicast Multicast implementations of some of the service interfaces - these implementations are suitable for use with the PingFederate server running in a clustered mode.
org.sourceid.saml20.service.impl.proxy 'Smart' proxy implementations of some of the service interfaces - these implementations are suitable for use with the PingFederate server running in a clustered or stand-alone mode.

 

The PingFederate SDK provides the classes and interfaces necessary to integrate external applications and services with the PingFederate server as well as the ability to customize some behaviors of the system.

Authentication Adapters

The primary integration point for PingFederate is communicating authentication and security context information between the server and an external application or service. This is accomplished via the authentication adapters. Authentication adapter interfaces to be realized as well as numerous supporting classes can be found in the org.sourceid.saml20.adapter.** packages. The adapter interface(s) that need to be implemented are dependent on the SAML role that the PingFederate server will be functioning in.

PingFederate as a Service Provider
Operating PingFederate in the role of a SAML 2 Service Provider (SP) requires that you have at least one implementation of an SpAuthenticationAdapter deployed on the server.

PingFederate as an Identity Provider
Operating PingFederate in the role of a SAML 2 Identity Provider (IdP) requires that you have at least one implementation of an IdpAuthenticationAdapter deployed on the server.

Service Interfaces

The service interfaces define the contract for a number of functional services that the PingFederate server needs to function properly. In general the services involve the storage, retrieval, and maintenance of particular pieces of data that the server needs to process protocol transactions. Some deployments of the server might require that some or all data be managed in a particular way. For example, in a clustered environment, much of the data must be replicated or accessible between each node in the cluster. The interfaces themselves and their particular details are in the org.sourceid.saml20.service package.

One or more implementations of each interface are provided out-of-the-box with the PingFederate server and the majority of deployments will not require any custom implementations. All the standard implementations can be found in the org.sourceid.saml20.service.impl.** packages. It is advisable to evaluate what has been provided there before doing custom implementations. Implementations are provided that will facilitate a standalone PingFederate deployment as well as a number of clustered deployments.

Author:
Brian Campbell, Guoping Liu


Copyright 2007 Ping Identity Corp. All rights reserved.