[jboss-cvs] Picketlink SVN: r619 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces and 6 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Dec 28 14:44:30 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-12-28 14:44:29 -0500 (Tue, 28 Dec 2010)
New Revision: 619
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/STSCoreConfig.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/ProtocolContext.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSConfiguration.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustRequestContext.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/HTTPContext.java
federation/trunk/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml
Log:
refactor into core sts
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/ProtocolContext.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/ProtocolContext.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/ProtocolContext.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -21,11 +21,30 @@
*/
package org.picketlink.identity.federation.core.interfaces;
+import javax.xml.namespace.QName;
+
/**
- * Marker Interface
+ * Interface to indicate a protocol specific request context
* @author Anil.Saldhana at redhat.com
* @since Sep 17, 2009
*/
public interface ProtocolContext
-{
-}
+{
+ /**
+ * An optional service name
+ * @return
+ */
+ String serviceName();
+
+ /**
+ * A String that represents the token type
+ * @return
+ */
+ String tokenType();
+
+ /**
+ * Return the QName of the token
+ * @return
+ */
+ QName getQName();
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -23,6 +23,7 @@
import java.util.Map;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.wstrust.WSTrustException;
/**
@@ -60,7 +61,7 @@
* @param context the {@code ProtocolContext} to be used when generating the token.
* @throws WSTrustException if an error occurs while creating the security token.
*/
- public void issueToken( ProtocolContext context) throws WSTrustException;
+ public void issueToken( ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -71,7 +72,7 @@
* @param context the {@code ProtocolContext} that contains the token to be renewed.
* @throws WSTrustException if an error occurs while renewing the security token.
*/
- public void renewToken( ProtocolContext context) throws WSTrustException;
+ public void renewToken( ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -82,7 +83,7 @@
* @param context the {@code ProtocolContext} that contains the token to be canceled.
* @throws WSTrustException if an error occurs while canceling the security token.
*/
- public void cancelToken( ProtocolContext context) throws WSTrustException;
+ public void cancelToken( ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -93,5 +94,5 @@
* @param context the {@code ProtocolContext} that contains the token to be validated.
* @throws WSTrustException if an error occurs while validating the security token.
*/
- public void validateToken( ProtocolContext context) throws WSTrustException;
+ public void validateToken( ProtocolContext context) throws ProcessingException;
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -0,0 +1,179 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.sts;
+
+import javax.xml.namespace.QName;
+
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
+import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+
+/**
+ * <p>
+ * Generic STS Core.
+ * </p>
+ * <p>
+ * This is a Singleton Class.
+ * </p>
+ * @see {@code #instance()}
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Dec 27, 2010
+ */
+public class PicketLinkCoreSTS
+{
+ protected STSCoreConfig configuration;
+
+ private static PicketLinkCoreSTS _instance = null;
+
+ protected PicketLinkCoreSTS()
+ {
+ }
+
+ public static PicketLinkCoreSTS instance()
+ {
+ if( _instance == null )
+ _instance = new PicketLinkCoreSTS();
+
+ return _instance;
+ }
+
+ public void initialize( STSCoreConfig config )
+ {
+ this.configuration = config;
+ }
+
+ /**
+ * Issue a security token
+ * @param protocolContext
+ * @throws ProcessingException
+ */
+ public void issueToken( ProtocolContext protocolContext) throws ProcessingException
+ {
+ SecurityTokenProvider provider = getProvider(protocolContext);
+
+ if( provider == null )
+ throw new ProcessingException( "No Security Token Provider found in configuration" );
+
+ provider.issueToken( protocolContext );
+ }
+
+ /**
+ * <p>
+ * Renews the security token contained in the specified request context. This method is used when a previously
+ * generated token has expired, generating a new version of the same token with different expiration semantics.
+ * </p>
+ *
+ * @param protocolContext the {@code ProtocolContext} that contains the token to be renewed.
+ * @throws ProcessingException if an error occurs while renewing the security token.
+ */
+ public void renewToken( ProtocolContext protocolContext) throws ProcessingException
+ {
+ SecurityTokenProvider provider = null;
+
+ if( provider == null )
+ provider = getProviderBasedOnQName(protocolContext);
+
+ provider.renewToken( protocolContext );
+ }
+
+ /**
+ * <p>
+ * Cancels the token contained in the specified request context. A security token is usually canceled when one wants
+ * to make sure that the token will not be used anymore. A security token can't be renewed once it has been canceled.
+ * </p>
+ *
+ * @param protocolContext the {@code ProtocolContext} that contains the token to be canceled.
+ * @throws ProcessingException if an error occurs while canceling the security token.
+ */
+ public void cancelToken( ProtocolContext protocolContext) throws ProcessingException
+ {
+ SecurityTokenProvider provider = null;
+
+ if( provider == null )
+ provider = getProviderBasedOnQName(protocolContext);
+
+ provider.cancelToken( protocolContext );
+ }
+
+ /**
+ * <p>
+ * Evaluates the validity of the token contained in the specified request context and sets the result in the context
+ * itself. The result can be a status, a new token, or both.
+ * </p>
+ *
+ * @param protocolContext the {@code ProtocolContext} that contains the token to be validated.
+ * @throws ProcessingException if an error occurs while validating the security token.
+ */
+ public void validateToken( ProtocolContext protocolContext) throws ProcessingException
+ {
+ SecurityTokenProvider provider = null;
+
+ if( provider == null )
+ provider = getProviderBasedOnQName(protocolContext);
+
+ provider.validateToken( protocolContext );
+ }
+
+ private SecurityTokenProvider getProvider( ProtocolContext protocolContext )
+ {
+ SecurityTokenProvider provider = null;
+
+ //Special Case: WST Applies To
+ String serviceName = protocolContext.serviceName();
+ if (serviceName != null)
+ {
+ provider = this.configuration.getProviderForService( serviceName );
+ }
+
+ if( provider == null )
+ {
+ //lets get the provider based on token type
+ String tokenType = protocolContext.tokenType();
+ if( tokenType != null )
+ provider = this.configuration.getProviderForTokenType( protocolContext.tokenType() );
+ }
+ return provider;
+ }
+
+ private SecurityTokenProvider getProviderBasedOnQName( ProtocolContext protocolContext ) throws ProcessingException
+ {
+ SecurityTokenProvider provider = null;
+
+ QName qname = null;
+ if( provider == null )
+ {
+ qname = protocolContext.getQName();
+ if( qname == null )
+ throw new ProcessingException( "QName of the token type is null " );
+ provider = this.configuration.getProviderForTokenElementNS(qname.getLocalPart(),
+ qname.getNamespaceURI());
+ }
+
+
+ if (provider == null)
+ throw new ProcessingException("No SecurityTokenProvider configured for " + qname.getNamespaceURI() + ":"
+ + qname.getLocalPart() );
+
+ return provider;
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/STSCoreConfig.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/STSCoreConfig.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/STSCoreConfig.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -0,0 +1,156 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.sts;
+
+import java.security.KeyPair;
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+
+import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+
+/**
+ * Configuration for the STS Core
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @author Anil.Saldhana at redhat.com
+ * @since Dec 27, 2010
+ */
+public interface STSCoreConfig
+{
+ /**
+ * <p>
+ * Obtains the unique name of the secure token service.
+ * </p>
+ *
+ * @return a {@code String} representing the STS name.
+ */
+ public String getSTSName();
+
+ /**
+ * <p>
+ * Indicates whether the issued token should be encrypted or not.
+ * </p>
+ *
+ * @return {@code true} if the issued token is to be encrypted; {@code false} otherwise.
+ */
+ public boolean encryptIssuedToken();
+
+ /**
+ * <p>
+ * Indicates whether the issued token should be digitally signed or not.
+ * </p>
+ *
+ * @return {@code true} if the issued token is to be signed; {@code false} otherwise.
+ */
+ public boolean signIssuedToken();
+
+ /**
+ * <p>
+ * Obtains the timeout value (in milliseconds) for issued tokens.
+ * </p>
+ *
+ * @return the token timeout value.
+ */
+ public long getIssuedTokenTimeout();
+
+ /**
+ * <p>
+ * Obtains a reference to the {@code KeyPair} object that contains the STS {@code PrivateKey} and {@code PublicKey}.
+ * </p>
+ *
+ * @return a reference to the STS {@code KeyPair}.
+ */
+ public KeyPair getSTSKeyPair();
+
+ /**
+ * <p>
+ * Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to
+ * clients of that service.
+ * </p>
+ *
+ * @param serviceName the name of the service provider that requires a token from its clients.
+ * @return a {@code String} representing the type of the token that suits the specified service.
+ */
+ public String getTokenTypeForService(String serviceName);
+
+ /**
+ * <p>
+ * Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
+ * that service. When requesting a token to the STS, a client can specify the service it needs the token for using
+ * the {@code AppliesTo} element. Based on the service provider name, the STS identifies the type of the token that
+ * is to be issued and then selects the appropriate token provider to handle the request.
+ * </p>
+ *
+ * @param serviceName the name of the service provider that requires a token from its clients.
+ * @return a reference to the {@code SecurityTokenProvider} that must be used in order to issue tokens to clients of
+ * the specified service.
+ */
+ public SecurityTokenProvider getProviderForService(String serviceName);
+
+ /**
+ * <p>
+ * Given a token type, obtains the token provider that should be used to handle token requests of that type. When a
+ * client doesn't specify the service provider name through the {@code AppliesTo} element, it must specify the token
+ * type through the {@code TokenType} element. The STS uses the supplied type to select the appropriate token
+ * provider.
+ * </p>
+ *
+ * @param tokenType a {@code String} representing the type of the token.
+ * @return a reference to the {@code SecurityTokenProvider} that must be used to handle token requests of the
+ * specified type.
+ */
+ public SecurityTokenProvider getProviderForTokenType(String tokenType);
+
+ /**
+ * <p>
+ * Obtains the token provider that can handle tokens that have the specified local name and namespace. When a
+ * validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases
+ * the {@code SecurityTokenProvider} must be determined using the security token itself.
+ * </p>
+ *
+ * @param tokenLocalName a {@code String} representing the token element name. (e.g. {@code Assertion}).
+ * @param tokenNamespace a {@code String} representing the token element namespace. (e.g.
+ * {@code urn:oasis:names:tc:SAML:2.0:assertion}).
+ * @return a reference to the {@code SecurityTokenProvider} that must be used to handle the request that contains
+ * only the security token.
+ */
+ public SecurityTokenProvider getProviderForTokenElementNS(String tokenLocalName, String tokenNamespace);
+
+ /**
+ * <p>
+ * Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.
+ * </p>
+ *
+ * @param serviceName the name of the service provider (normally the provider URL).
+ * @return a reference to the provider's {@code PublicKey}
+ */
+ public PublicKey getServiceProviderPublicKey(String serviceName);
+
+ /**
+ * <p>
+ * Obtains the certificate identified by the specified alias.
+ * </p>
+ *
+ * @param alias the alias associated with the certificate in the keystore.
+ * @return the {@code Certificate} obtained from the keystore, or {@code null} if no certificate was found.
+ */
+ public Certificate getCertificate(String alias);
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -244,6 +244,9 @@
*/
public SecurityTokenProvider getProviderForService(String serviceName)
{
+ if( serviceName == null )
+ throw new IllegalArgumentException( "serviceName is null ");
+
ServiceProviderType provider = this.spMetadata.get(serviceName);
if (provider != null)
{
@@ -259,6 +262,8 @@
*/
public SecurityTokenProvider getProviderForTokenType(String tokenType)
{
+ if( tokenType == null )
+ throw new IllegalArgumentException( "tokenType is null ");
return this.tokenProviders.get(tokenType);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSConfiguration.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSConfiguration.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSConfiguration.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -21,12 +21,8 @@
*/
package org.picketlink.identity.federation.core.wstrust;
-import java.security.KeyPair;
-import java.security.PublicKey;
-import java.security.cert.Certificate;
+import org.picketlink.identity.federation.core.sts.STSCoreConfig;
-import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
-
/**
* <p>
* The {@code STSConfiguration} interface allows access to the security token service (STS) configuration attributes.
@@ -35,47 +31,10 @@
* @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
* @author Anil.Saldhana at redhat.com
*/
-public interface STSConfiguration
+public interface STSConfiguration extends STSCoreConfig
{
-
/**
* <p>
- * Obtains the unique name of the secure token service.
- * </p>
- *
- * @return a {@code String} representing the STS name.
- */
- public String getSTSName();
-
- /**
- * <p>
- * Indicates whether the issued token should be encrypted or not.
- * </p>
- *
- * @return {@code true} if the issued token is to be encrypted; {@code false} otherwise.
- */
- public boolean encryptIssuedToken();
-
- /**
- * <p>
- * Indicates whether the issued token should be digitally signed or not.
- * </p>
- *
- * @return {@code true} if the issued token is to be signed; {@code false} otherwise.
- */
- public boolean signIssuedToken();
-
- /**
- * <p>
- * Obtains the timeout value (in milliseconds) for issued tokens.
- * </p>
- *
- * @return the token timeout value.
- */
- public long getIssuedTokenTimeout();
-
- /**
- * <p>
* Obtains the WS-Trust request handler class.
* </p>
*
@@ -85,60 +44,6 @@
/**
* <p>
- * Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to
- * clients of that service.
- * </p>
- *
- * @param serviceName the name of the service provider that requires a token from its clients.
- * @return a {@code String} representing the type of the token that suits the specified service.
- */
- public String getTokenTypeForService(String serviceName);
-
- /**
- * <p>
- * Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
- * that service. When requesting a token to the STS, a client can specify the service it needs the token for using
- * the {@code AppliesTo} element. Based on the service provider name, the STS identifies the type of the token that
- * is to be issued and then selects the appropriate token provider to handle the request.
- * </p>
- *
- * @param serviceName the name of the service provider that requires a token from its clients.
- * @return a reference to the {@code SecurityTokenProvider} that must be used in order to issue tokens to clients of
- * the specified service.
- */
- public SecurityTokenProvider getProviderForService(String serviceName);
-
- /**
- * <p>
- * Given a token type, obtains the token provider that should be used to handle token requests of that type. When a
- * client doesn't specify the service provider name through the {@code AppliesTo} element, it must specify the token
- * type through the {@code TokenType} element. The STS uses the supplied type to select the appropriate token
- * provider.
- * </p>
- *
- * @param tokenType a {@code String} representing the type of the token.
- * @return a reference to the {@code SecurityTokenProvider} that must be used to handle token requests of the
- * specified type.
- */
- public SecurityTokenProvider getProviderForTokenType(String tokenType);
-
- /**
- * <p>
- * Obtains the token provider that can handle tokens that have the specified local name and namespace. When a
- * validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases
- * the {@code SecurityTokenProvider} must be determined using the security token itself.
- * </p>
- *
- * @param tokenLocalName a {@code String} representing the token element name. (e.g. {@code Assertion}).
- * @param tokenNamespace a {@code String} representing the token element namespace. (e.g.
- * {@code urn:oasis:names:tc:SAML:2.0:assertion}).
- * @return a reference to the {@code SecurityTokenProvider} that must be used to handle the request that contains
- * only the security token.
- */
- public SecurityTokenProvider getProviderForTokenElementNS(String tokenLocalName, String tokenNamespace);
-
- /**
- * <p>
* Obtains the {@code ClaimsProcessor} that must be used to handle claims of the specified dialect.
* </p>
*
@@ -147,37 +52,9 @@
*/
public ClaimsProcessor getClaimsProcessor(String claimsDialect);
- /**
- * <p>
- * Obtains a reference to the {@code KeyPair} object that contains the STS {@code PrivateKey} and {@code PublicKey}.
- * </p>
- *
- * @return a reference to the STS {@code KeyPair}.
- */
- public KeyPair getSTSKeyPair();
-
- /**
- * <p>
- * Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.
- * </p>
- *
- * @param serviceName the name of the service provider (normally the provider URL).
- * @return a reference to the provider's {@code PublicKey}
- */
- public PublicKey getServiceProviderPublicKey(String serviceName);
/**
* <p>
- * Obtains the certificate identified by the specified alias.
- * </p>
- *
- * @param alias the alias associated with the certificate in the keystore.
- * @return the {@code Certificate} obtained from the keystore, or {@code null} if no certificate was found.
- */
- public Certificate getCertificate(String alias);
-
- /**
- * <p>
* Returns the configured canonicalization method.
* </p>
* <p>
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -27,11 +27,12 @@
import javax.crypto.spec.SecretKeySpec;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignatureMethod;
+import javax.xml.namespace.QName;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
@@ -93,7 +94,7 @@
if (trace)
log.trace("Issuing token for principal " + callerPrincipal);
- SecurityTokenProvider provider = null;
+ //SecurityTokenProvider provider = null;
// first try to obtain the security token provider using the applies-to contents.
AppliesTo appliesTo = request.getAppliesTo();
@@ -101,26 +102,34 @@
if (appliesTo != null)
{
String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
+
if (serviceName != null)
{
- provider = this.configuration.getProviderForService(serviceName);
- if (provider != null)
+ String tokenTypeFromServiceName = configuration.getTokenTypeForService(serviceName);
+
+ if( request.getTokenType() == null && tokenTypeFromServiceName != null )
+ request.setTokenType(URI.create( tokenTypeFromServiceName ));
+
+ providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
+
+ // provider = this.configuration.getProviderForService(serviceName);
+ /*if (provider != null)
{
request.setTokenType(URI.create(this.configuration.getTokenTypeForService(serviceName)));
providerPublicKey = this.configuration.getServiceProviderPublicKey(serviceName);
- }
+ }*/
}
}
// if applies-to is not available or if no provider was found for the service, use the token type.
- if (provider == null && request.getTokenType() != null)
- {
+ /*if (provider == null && request.getTokenType() != null)
+ {
provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
}
else if (appliesTo == null && request.getTokenType() == null)
throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
if (provider != null)
- {
+ {*/
// create the request context and delegate token generation to the provider.
WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
requestContext.setTokenIssuer(this.configuration.getSTSName());
@@ -253,10 +262,23 @@
}
// issue the security token using the constructed context.
- provider.issueToken(requestContext);
+ try
+ {
+ if( request.getTokenType() != null )
+ requestContext.setTokenType( request.getTokenType().toString() );
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ sts.initialize(configuration);
+ sts.issueToken(requestContext);
+ //provider.issueToken(requestContext);
+ }
+ catch (ProcessingException e)
+ {
+ throw new WSTrustException( "Exception during token issue::", e );
+ }
if (requestContext.getSecurityToken() == null)
- throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
+ //throw new WSTrustException("Token issued by provider " + provider.getClass().getName() + " is null");
+ throw new WSTrustException("Token issued by STS is null");
// construct the ws-trust security token response.
RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
@@ -285,9 +307,9 @@
response.setRequestedUnattachedReference(requestContext.getUnattachedReference());
return response;
- }
+ /*}
else
- throw new WSTrustException("Unable to find a token provider for the token request");
+ throw new WSTrustException("Unable to find a token provider for the token request");*/
}
/*
@@ -309,11 +331,11 @@
if (securityToken == null)
throw new WSTrustException("Unable to renew token: security token is null");
- SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
+ /*SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
securityToken.getNamespaceURI());
if (provider == null)
throw new WSTrustException("No SecurityTokenProvider configured for " + securityToken.getNamespaceURI() + ":"
- + securityToken.getLocalName());
+ + securityToken.getLocalName());*/
if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
{
@@ -356,7 +378,19 @@
Principal onBehalfOfPrincipal = WSTrustUtil.getOnBehalfOfPrincipal(request.getOnBehalfOf());
context.setOnBehalfOfPrincipal(onBehalfOfPrincipal);
}
- provider.renewToken(context);
+ try
+ {
+ if( securityToken != null )
+ context.setQName( new QName( securityToken.getNamespaceURI(), securityToken.getLocalName() ));
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ sts.initialize(configuration);
+ sts.renewToken(context);
+ //provider.renewToken(context);
+ }
+ catch (ProcessingException e)
+ {
+ throw new WSTrustException( "Exception during token renewal:", e );
+ }
// create the WS-Trust response with the renewed token.
RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
@@ -396,11 +430,11 @@
if (securityToken == null)
throw new WSTrustException("Unable to validate token: security token is null");
- SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
+ /*SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
securityToken.getNamespaceURI());
if (provider == null)
throw new WSTrustException("No SecurityTokenProvider configured for " + securityToken.getNamespaceURI() + ":"
- + securityToken.getLocalName());
+ + securityToken.getLocalName());*/
WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
// if the validate request was made on behalf of another identity, get the principal of that identity.
@@ -456,7 +490,19 @@
{
if (trace)
log.trace("Delegating token validation to token provider");
- provider.validateToken(context);
+ try
+ {
+ if( securityToken != null )
+ context.setQName( new QName( securityToken.getNamespaceURI(), securityToken.getLocalName() ));
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ sts.initialize(configuration);
+ sts.validateToken( context );
+ //provider.validateToken(context);
+ }
+ catch (ProcessingException e)
+ {
+ throw new WSTrustException( "Exception during token validation:", e );
+ }
status = context.getStatus();
}
@@ -487,11 +533,11 @@
if (securityToken == null)
throw new WSTrustException("Unable to cancel token: security token is null");
- SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
+ /*SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(securityToken.getLocalName(),
securityToken.getNamespaceURI());
if (provider == null)
throw new WSTrustException("No SecurityTokenProvider configured for " + securityToken.getNamespaceURI() + ":"
- + securityToken.getLocalName());
+ + securityToken.getLocalName());*/
// create a request context and dispatch to the provider.
WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
@@ -501,7 +547,19 @@
Principal onBehalfOfPrincipal = WSTrustUtil.getOnBehalfOfPrincipal(request.getOnBehalfOf());
context.setOnBehalfOfPrincipal(onBehalfOfPrincipal);
}
- provider.cancelToken(context);
+ try
+ {
+ if( securityToken != null )
+ context.setQName( new QName( securityToken.getNamespaceURI(), securityToken.getLocalName() ));
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ sts.initialize(configuration);
+ sts.cancelToken( context );
+ //provider.cancelToken(context);
+ }
+ catch (ProcessingException e)
+ {
+ throw new WSTrustException( "Exception during token cancellation:", e );
+ }
// if no exception has been raised, the token has been successfully canceled.
RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustRequestContext.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustRequestContext.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustRequestContext.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -25,6 +25,8 @@
import java.security.PublicKey;
import java.util.Map;
+import javax.xml.namespace.QName;
+
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
@@ -67,6 +69,10 @@
private RequestedReferenceType unattachedReference;
+ private String tokenType;
+
+ private QName qname;
+
/**
* <p>
* Creates an instance of {@code WSTrustRequestContext} using the specified request.
@@ -330,4 +336,29 @@
{
this.unattachedReference = unattachedReference;
}
-}
+
+ public String serviceName()
+ {
+ return WSTrustUtil.getServiceNameFromAppliesTo( request );
+ }
+
+ public String tokenType()
+ {
+ return tokenType;
+ }
+
+ public void setTokenType( String tokenType )
+ {
+ this.tokenType = tokenType;
+ }
+
+ public QName getQName()
+ {
+ return qname;
+ }
+
+ public void setQName( QName qname )
+ {
+ this.qname = qname;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -51,6 +51,7 @@
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.ws.addressing.AttributedURIType;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
@@ -508,5 +509,18 @@
else
return null;
}
-
-}
+
+ public static String getServiceNameFromAppliesTo( RequestSecurityToken requestSecurityToken )
+ {
+ String serviceName = null;
+ if( requestSecurityToken != null )
+ {
+ AppliesTo appliesTo = requestSecurityToken.getAppliesTo();
+ if (appliesTo != null)
+ {
+ serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
+ }
+ }
+ return serviceName;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -17,6 +17,7 @@
*/
package org.picketlink.identity.federation.core.wstrust.plugins.saml;
+import java.net.URI;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.util.ArrayList;
@@ -27,6 +28,7 @@
import javax.xml.namespace.QName;
import org.apache.log4j.Logger;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
@@ -36,7 +38,6 @@
import org.picketlink.identity.federation.core.wstrust.SecurityToken;
import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustException;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.DefaultRevocationRegistry;
@@ -180,17 +181,20 @@
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
* cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void cancelToken( ProtocolContext protoContext) throws WSTrustException
+ public void cancelToken( ProtocolContext protoContext) throws ProcessingException
{
+ if(! (protoContext instanceof WSTrustRequestContext) )
+ return;
+
WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
// get the assertion that must be canceled.
Element token = (Element) context.getRequestSecurityToken().getCancelTargetElement();
if (token == null)
- throw new WSTrustException("Invalid cancel request: missing required CancelTarget");
+ throw new ProcessingException("Invalid cancel request: missing required CancelTarget");
Element assertionElement = (Element) token.getFirstChild();
if (!this.isAssertion(assertionElement))
- throw new WSTrustException("CancelTarget doesn't not contain a SAMLV2.0 assertion");
+ throw new ProcessingException("CancelTarget doesn't not contain a SAMLV2.0 assertion");
// get the assertion ID and add it to the canceled assertions set.
String assertionId = assertionElement.getAttribute("ID");
@@ -203,8 +207,11 @@
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
* issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void issueToken( ProtocolContext protoContext) throws WSTrustException
+ public void issueToken( ProtocolContext protoContext) throws ProcessingException
{
+ if(! (protoContext instanceof WSTrustRequestContext) )
+ return;
+
WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
// generate an id for the new assertion.
String assertionID = IDGenerator.create("ID_");
@@ -277,7 +284,7 @@
}
catch (Exception e)
{
- throw new WSTrustException("Failed to marshall SAMLV2 assertion", e);
+ throw new ProcessingException("Failed to marshall SAMLV2 assertion", e);
}
SecurityToken token = new StandardSecurityToken(context.getRequestSecurityToken().getTokenType().toString(),
@@ -299,16 +306,19 @@
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
* renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void renewToken( ProtocolContext protoContext ) throws WSTrustException
+ public void renewToken( ProtocolContext protoContext ) throws ProcessingException
{
+ if(! (protoContext instanceof WSTrustRequestContext) )
+ return;
+
WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
// get the specified assertion that must be renewed.
Element token = (Element) context.getRequestSecurityToken().getRenewTargetElement();
if (token == null)
- throw new WSTrustException("Invalid renew request: missing required RenewTarget");
+ throw new ProcessingException("Invalid renew request: missing required RenewTarget");
Element oldAssertionElement = (Element) token.getFirstChild();
if (!this.isAssertion(oldAssertionElement))
- throw new WSTrustException("RenewTarget doesn't not contain a SAMLV2.0 assertion");
+ throw new ProcessingException("RenewTarget doesn't not contain a SAMLV2.0 assertion");
// get the JAXB representation of the old assertion.
AssertionType oldAssertion = null;
@@ -318,12 +328,12 @@
}
catch ( Exception je )
{
- throw new WSTrustException("Error unmarshalling assertion", je);
+ throw new ProcessingException("Error unmarshalling assertion", je);
}
// canceled assertions cannot be renewed.
if (this.revocationRegistry.isRevoked(SAMLUtil.SAML2_TOKEN_TYPE, oldAssertion.getID()))
- throw new WSTrustException("Assertion with id " + oldAssertion.getID()
+ throw new ProcessingException("Assertion with id " + oldAssertion.getID()
+ " has been canceled and cannot be renewed");
// adjust the lifetime for the renewed assertion.
@@ -350,7 +360,7 @@
}
catch (Exception e)
{
- throw new WSTrustException("Failed to marshall SAMLV2 assertion", e);
+ throw new ProcessingException("Failed to marshall SAMLV2 assertion", e);
}
SecurityToken securityToken = new StandardSecurityToken(context.getRequestSecurityToken().getTokenType()
.toString(), assertionElement, assertionID);
@@ -370,8 +380,11 @@
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
* validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void validateToken( ProtocolContext protoContext ) throws WSTrustException
+ public void validateToken( ProtocolContext protoContext ) throws ProcessingException
{
+ if(! (protoContext instanceof WSTrustRequestContext) )
+ return;
+
WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
if (logger.isTraceEnabled())
logger.trace("SAML V2.0 token validation started");
@@ -379,7 +392,7 @@
// get the SAML assertion that must be validated.
Element token = context.getRequestSecurityToken().getValidateTargetElement();
if (token == null)
- throw new WSTrustException("Bad validate request: missing required ValidateTarget");
+ throw new ProcessingException("Bad validate request: missing required ValidateTarget");
String code = WSTrustConstants.STATUS_CODE_VALID;
String reason = "SAMLV2.0 Assertion successfuly validated";
@@ -399,7 +412,7 @@
}
catch ( Exception e )
{
- throw new WSTrustException("Unmarshalling error:", e);
+ throw new ProcessingException("Unmarshalling error:", e);
}
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -797,7 +797,7 @@
{
assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
assertEquals("Unexpected exception message", "Assertion with id " + assertion.getAttribute("ID")
- + " has been canceled and cannot be renewed", we.getCause().getMessage());
+ + " has been canceled and cannot be renewed", we.getCause().getCause().getMessage());
}
}
@@ -827,9 +827,7 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unexpected exception message", "Unable to find a token provider for the token request", we
- .getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
}
}
@@ -857,8 +855,8 @@
{
assertNotNull("Unexpected null cause", we.getCause());
assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Either AppliesTo or TokenType must be present in a security token request", we.getCause()
- .getMessage());
+ /*assertEquals("Either AppliesTo or TokenType must be present in a security token request", we.getCause()
+ .getMessage());*/
}
// a request that asks for a public key to be used as proof key will fail if the public key is not available.
@@ -934,8 +932,8 @@
{
assertNotNull("Unexpected null cause", we.getCause());
assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("No SecurityTokenProvider configured for http://www.unknowntoken.org:UnknownToken", we.getCause()
- .getMessage());
+ /*assertEquals("No SecurityTokenProvider configured for http://www.unknowntoken.org:UnknownToken", we.getCause()
+ .getMessage());*/
}
}
@@ -988,7 +986,14 @@
try
{
this.tokenService.invoke(requestMessage);
- fail("An exception should have been raised by the security token service");
+ Source responseMessage = this.tokenService.invoke(requestMessage);
+ RequestSecurityTokenResponseCollection baseResponseColl = (RequestSecurityTokenResponseCollection) new WSTrustParser()
+ .parse(DocumentUtil.getSourceAsStream(responseMessage));
+
+ RequestSecurityTokenResponse response = baseResponseColl.getRequestSecurityTokenResponses().get(0);
+ StatusType status = response.getStatus();
+ assertTrue( status.getCode().equals( WSTrustConstants.STATUS_CODE_INVALID ));
+ //fail("An exception should have been raised by the security token service");
}
catch (WebServiceException we)
{
@@ -1054,7 +1059,7 @@
{
assertNotNull("Unexpected null cause", we.getCause());
assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("No SecurityTokenProvider configured for http://www.unknowntoken.org:UnknownToken", we.getCause()
+ assertEquals("No SecurityTokenProvider configured for http://www.unknowntoken.org:UnknownToken", we.getCause().getCause()
.getMessage());
}
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/SpecialTokenProvider.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -26,6 +26,7 @@
import java.util.Map;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
@@ -33,7 +34,6 @@
import org.picketlink.identity.federation.core.wstrust.SecurityToken;
import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustException;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -65,7 +65,7 @@
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void cancelToken( ProtocolContext protoContext ) throws WSTrustException
+ public void cancelToken( ProtocolContext protoContext ) throws ProcessingException
{
}
@@ -74,7 +74,7 @@
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void issueToken( ProtocolContext protoContext) throws WSTrustException
+ public void issueToken( ProtocolContext protoContext) throws ProcessingException
{
WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
@@ -123,7 +123,7 @@
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void renewToken( ProtocolContext protoContext ) throws WSTrustException
+ public void renewToken( ProtocolContext protoContext ) throws ProcessingException
{
}
@@ -132,7 +132,7 @@
*
* @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
*/
- public void validateToken( ProtocolContext protoContext ) throws WSTrustException
+ public void validateToken( ProtocolContext protoContext ) throws ProcessingException
{
}
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/HTTPContext.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/HTTPContext.java 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/HTTPContext.java 2010-12-28 19:44:29 UTC (rev 619)
@@ -24,6 +24,7 @@
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
@@ -81,4 +82,19 @@
this.servletContext = sctx;
return this;
}
+
+ public String serviceName()
+ {
+ return null;
+ }
+
+ public String tokenType()
+ {
+ return null;
+ }
+
+ public QName getQName()
+ {
+ return null;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml 2010-12-22 21:45:18 UTC (rev 618)
+++ federation/trunk/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml 2010-12-28 19:44:29 UTC (rev 619)
@@ -15,7 +15,7 @@
<security-constraint>
<web-resource-collection>
- <web-resource-name>UsernameService</web-resource-name>
+ <web-resource-name>PicketLinkSTSService</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
More information about the jboss-cvs-commits
mailing list