[jboss-svn-commits] JBL Code SVN: r29471 - in labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta: src/org/jboss/soa/esb/services/security/auth/login and 1 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Fri Sep 25 09:35:01 EDT 2009
Author: beve
Date: 2009-09-25 09:35:01 -0400 (Fri, 25 Sep 2009)
New Revision: 29471
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/SamlCredential.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
Log:
Minor clean up.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-09-25 11:39:28 UTC (rev 29470)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-09-25 13:35:01 UTC (rev 29471)
@@ -82,7 +82,6 @@
* </pre>
*
* @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
- *
*/
public class JBossSTSAction extends AbstractActionPipelineProcessor
{
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-25 11:39:28 UTC (rev 29470)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-25 13:35:01 UTC (rev 29471)
@@ -47,9 +47,16 @@
* This LoginModule only performs validation of existing SAML
* Assertions and does not issue and such Assertions.
*
- * Configuration example:
- * <pre>
- * </pre>
+ * <h3>Configuration example</h3>
+ * <pre>{@code
+ * <application-policy name="jbossesb-saml">
+ * <authentication>
+ * <login-module code="org.jboss.soa.esb.services.security.auth.login.JBossSTSLoginModule" flag="required">
+ * <module-option name="configFile">/sts-client.properties</module-option>
+ * </login-module>
+ * </authentication>
+ * </application-policy>
+ * }</pre>
*
*
* @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
@@ -211,7 +218,7 @@
if (success)
{
logger.debug("Successfully validated Assertion. ");
-
+ removeAllSamlCredentials(subject);
// Add the SamlToken to the authenticated Subjects principals
subject.getPublicCredentials().add(new SamlCredential(samlToken));
@@ -219,7 +226,7 @@
}
else
{
- subject.getPrincipals().clear();
+ removeAllSamlCredentials(subject);
return false;
}
}
@@ -243,7 +250,13 @@
private void clearState()
{
samlToken = null;
- subject.getPublicCredentials(SamlCredential.class).clear();
+ removeAllSamlCredentials(subject);
}
+
+ private void removeAllSamlCredentials(final Subject subject)
+ {
+ final Set<SamlCredential> samlCredentials = subject.getPublicCredentials(SamlCredential.class);
+ subject.getPublicCredentials().removeAll(samlCredentials);
+ }
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/SamlCredential.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/SamlCredential.java 2009-09-25 11:39:28 UTC (rev 29470)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/SamlCredential.java 2009-09-25 13:35:01 UTC (rev 29471)
@@ -23,7 +23,6 @@
import java.io.IOException;
import java.io.Serializable;
import java.io.StringWriter;
-import java.security.Principal;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Result;
@@ -37,7 +36,6 @@
import javax.xml.transform.stream.StreamResult;
import org.jboss.internal.soa.esb.assertion.AssertArgument;
-import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.util.xml.DOMUtils;
import org.w3c.dom.Element;
@@ -64,11 +62,6 @@
this.assertion = assertion;
}
- public String getName()
- {
- return "SamlCredential";
- }
-
public String getAssertion()
{
return assertion;
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-25 11:39:28 UTC (rev 29470)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-25 13:35:01 UTC (rev 29471)
@@ -20,6 +20,7 @@
*/
package org.jboss.soa.esb.services.security.auth.login;
+import static org.junit.Assert.*;
import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
@@ -69,7 +70,8 @@
callbackHandler.setAuthenticationRequest(authRequest);
callbackHandler.setSecurityConfig(null);
- loginModule.initialize(new Subject(), callbackHandler, null, allOptions());
+ Subject subject = new Subject();
+ loginModule.initialize(subject, callbackHandler, null, allOptions());
// Simulate Phase 1
boolean login = loginModule.login();
@@ -78,6 +80,15 @@
// Simulate Phase 2
boolean commit = loginModule.commit();
assertTrue(commit);
+
+ Set<SamlCredential> samlCredentials = subject.getPublicCredentials(SamlCredential.class);
+ assertEquals(1, samlCredentials.size());
+
+ // Try to commit again to make sure the multiple SamlCredentials are not added to the
+ // Subject public credentials.
+ commit = loginModule.commit();
+ samlCredentials = subject.getPublicCredentials(SamlCredential.class);
+ assertEquals(1, samlCredentials.size());
}
@Test(expected = LoginException.class)
More information about the jboss-svn-commits
mailing list