[jboss-cvs] Picketlink SVN: r298 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jun 11 15:51:15 EDT 2010
Author: bmozaffa at redhat.com
Date: 2010-06-11 15:51:14 -0400 (Fri, 11 Jun 2010)
New Revision: 298
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
Log:
PLFED-88: Provided a pluggable interface for the SAML20TokenProvider that if configured, it calls to retrieve and include any potential attributes in the token
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenAttributeProvider.java 2010-06-11 19:51:14 UTC (rev 298)
@@ -0,0 +1,31 @@
+package org.picketlink.identity.federation.core.wstrust.plugins.saml;
+
+import java.util.Map;
+
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+
+/**
+ * <p>
+ * An interface used by {@code SAML20TokenProvider} to retrieve an environment specific attribute that will be
+ * inserted into the Assertion.
+ * </p>
+ *
+ * @author <a href="mailto:Babak at redhat.com">Babak Mozaffari</a>
+ */
+public interface SAML20TokenAttributeProvider
+{
+ /**
+ * Sets properties on the Attribute Provider that may affect its behavior
+ *
+ * @param properties A set of string properties, some or all of which might impact the provider's behavior
+ */
+ void setProperties( Map<String, String> properties );
+
+ /**
+ * Given the security context, environment or other static or non-static criteria, returns an attribute statement
+ * to be included in the SAML v2 Assertion
+ *
+ * @return An Attribute Statement to be inserted in the SAML v2 Assertion
+ */
+ AttributeStatementType getAttributeStatement();
+}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-06-11 19:40:21 UTC (rev 297)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2010-06-11 19:51:14 UTC (rev 298)
@@ -44,11 +44,12 @@
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.DefaultRevocationRegistry;
-import org.picketlink.identity.federation.core.wstrust.plugins.RevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.FileBasedRevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.plugins.JPABasedRevocationRegistry;
+import org.picketlink.identity.federation.core.wstrust.plugins.RevocationRegistry;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
@@ -79,11 +80,15 @@
private static final String REVOCATION_REGISTRY_FILE = "RevocationRegistryFile";
private static final String REVOCATION_REGISTRY_JPA_CONFIG = "RevocationRegistryJPAConfig";
-
+
+ private static final String ATTRIBUTE_PROVIDER = "AttributeProvider";
+
private RevocationRegistry revocationRegistry;
private Map<String, String> properties;
+ private SAML20TokenAttributeProvider attributeProvider;
+
/*
* (non-Javadoc)
*
@@ -145,6 +150,29 @@
}
}
}
+
+ // Check if an attribute provider has been set.
+ String attributeProviderClassName = this.properties.get(ATTRIBUTE_PROVIDER);
+ if (attributeProviderClassName == null)
+ {
+ if (logger.isDebugEnabled())
+ logger.debug("No attribute provider set");
+ }
+ else
+ {
+ try
+ {
+ @SuppressWarnings("unchecked")
+ Class<SAML20TokenAttributeProvider> attributeProviderClass = (Class<SAML20TokenAttributeProvider>) Class
+ .forName(attributeProviderClassName);
+ attributeProvider = attributeProviderClass.newInstance();
+ attributeProvider.setProperties(properties);
+ }
+ catch (Exception e)
+ {
+ throw new IllegalStateException(e);
+ }
+ }
}
/*
@@ -230,6 +258,15 @@
AssertionType assertion = SAMLAssertionFactory.createAssertion(assertionID, issuerID, lifetime.getCreated(),
conditions, subject, statements);
+ if (attributeProvider != null)
+ {
+ AttributeStatementType attributeStatement = attributeProvider.getAttributeStatement();
+ if (attributeStatement != null)
+ {
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatement);
+ }
+ }
+
// convert the constructed assertion to element.
Element assertionElement = null;
try
More information about the jboss-cvs-commits
mailing list