[picketlink-commits] Picketlink SVN: r1024 - in federation/trunk: picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request and 6 other directories.
picketlink-commits at lists.jboss.org
picketlink-commits at lists.jboss.org
Wed Jun 22 21:06:53 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-06-22 21:06:53 -0400 (Wed, 22 Jun 2011)
New Revision: 1024
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java
Modified:
federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
Log:
PLFED-189: saml 1.1
Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/STSMappingProviderUnitTestCase.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -33,16 +33,15 @@
import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider;
import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSGroupMappingProvider;
import org.picketlink.identity.federation.bindings.jboss.auth.mapping.STSPrincipalMappingProvider;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType.STSubType;
import org.w3c.dom.Element;
@@ -74,20 +73,20 @@
String roleAttributeName = "roleAttributeName";
String role1 = "userRole1";
String role2 = "userRole2";
-
- AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get());
+
+ AssertionType assertion = new AssertionType("ID_SOME", XMLTimeUtil.getIssueInstant());
AttributeStatementType attributeStatementType = new AttributeStatementType();
- assertion.addStatement( attributeStatementType );
- AttributeType attributeType = new AttributeType( roleAttributeName );
- attributeStatementType.addAttribute( new ASTChoiceType(attributeType));
- attributeType.addAttributeValue( role1 );
- attributeType.addAttributeValue( role2 );
-
+ assertion.addStatement(attributeStatementType);
+ AttributeType attributeType = new AttributeType(roleAttributeName);
+ attributeStatementType.addAttribute(new ASTChoiceType(attributeType));
+ attributeType.addAttributeValue(role1);
+ attributeType.addAttributeValue(role2);
+
MappingResult<RoleGroup> mappingResult = new MappingResult<RoleGroup>();
Map<String, Object> contextMap = new HashMap<String, Object>();
contextMap.put("token-role-attribute-name", roleAttributeName);
contextMap.put(AbstractSTSLoginModule.SHARED_TOKEN, SAMLUtil.toElement(assertion));
-
+
MappingProvider<RoleGroup> mappingProvider = new STSGroupMappingProvider();
mappingProvider.init(contextMap);
mappingProvider.setMappingResult(mappingResult);
@@ -95,7 +94,8 @@
RoleGroup roleGroup = mappingResult.getMappedObject();
assertNotNull("Unexpected null mapped role", roleGroup);
- assertEquals("RoleGroup name has unexpected value", SAML20TokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME, roleGroup.getRoleName());
+ assertEquals("RoleGroup name has unexpected value", SAML20TokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME,
+ roleGroup.getRoleName());
assertEquals("RoleGroup has unexpected first role", role1, roleGroup.getRoles().get(0).getRoleName());
assertEquals("RoleGroup has unexpected second role", role2, roleGroup.getRoles().get(1).getRoleName());
}
@@ -110,25 +110,25 @@
public void testSTSPrincipalMappingProvider() throws Exception
{
String userId = "babak";
-
- AssertionType assertion = new AssertionType( "ID_SOME", XMLTimeUtil.getIssueInstant(), JBossSAMLConstants.VERSION_2_0.get() );
+
+ AssertionType assertion = new AssertionType("ID_SOME", XMLTimeUtil.getIssueInstant());
SubjectType subjectType = new SubjectType();
assertion.setSubject(subjectType);
//QName name = new QName(WSTrustConstants.SAML2_ASSERTION_NS, "NameID");
NameIDType nameIDType = new NameIDType();
nameIDType.setValue(userId);
STSubType subType = new STSubType();
- subType.addBaseID( nameIDType );
-
- subjectType.setSubType( subType );
+ subType.addBaseID(nameIDType);
+
+ subjectType.setSubType(subType);
/*JAXBElement<NameIDType> jaxbElement = new JAXBElement<NameIDType>(name, declaredType, JAXBElement.GlobalScope.class, nameIDType);
subjectType.getContent().add(jaxbElement);*/
-
+
MappingResult<Principal> mappingResult = new MappingResult<Principal>();
Map<String, Object> contextMap = new HashMap<String, Object>();
Element assertionElement = SAMLUtil.toElement(assertion);
contextMap.put(AbstractSTSLoginModule.SHARED_TOKEN, assertionElement);
-
+
MappingProvider<Principal> mappingProvider = new STSPrincipalMappingProvider();
mappingProvider.init(contextMap);
mappingProvider.setMappingResult(mappingResult);
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -89,8 +89,7 @@
{
XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
- String version = JBossSAMLConstants.VERSION_2_0.get();
- AuthnRequestType authnRequest = new AuthnRequestType(id, version, issueInstant);
+ AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant);
authnRequest.setAssertionConsumerServiceURL(URI.create(assertionConsumerURL));
authnRequest.setProtocolBinding(URI.create(JBossSAMLConstants.HTTP_POST_BINDING.get()));
if (destination != null)
@@ -221,8 +220,7 @@
*/
public LogoutRequestType createLogoutRequest(String issuer) throws ConfigurationException
{
- LogoutRequestType lrt = new LogoutRequestType(IDGenerator.create("ID_"), JBossSAMLConstants.VERSION_2_0.get(),
- XMLTimeUtil.getIssueInstant());
+ LogoutRequestType lrt = new LogoutRequestType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
//Create an issuer
NameIDType issuerNameID = new NameIDType();
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -218,9 +218,16 @@
* Create an empty response type
* @return
*/
- public ResponseType createResponseType()
+ public ResponseType createResponseType(String ID)
{
- return JBossSAMLAuthnResponseFactory.createResponseType();
+ try
+ {
+ return new ResponseType(ID, XMLTimeUtil.getIssueInstant());
+ }
+ catch (ConfigurationException e)
+ {
+ throw new RuntimeException(e);
+ }
}
/**
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -87,8 +87,7 @@
{
String id = IDGenerator.create("ID_");
- XACMLAuthzDecisionQueryType queryType = new XACMLAuthzDecisionQueryType(id,
- JBossSAMLConstants.VERSION_2_0.get(), XMLTimeUtil.getIssueInstant());
+ XACMLAuthzDecisionQueryType queryType = new XACMLAuthzDecisionQueryType(id, XMLTimeUtil.getIssueInstant());
queryType.setRequest(xacmlRequest);
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11AssertionParser.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -0,0 +1,311 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.w3c.dom.Element;
+
+/**
+ * Parse the saml assertion
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 12, 2010
+ */
+public class SAML11AssertionParser implements ParserNamespaceSupport
+{
+ private final String ASSERTION = JBossSAMLConstants.ASSERTION.get();
+
+ public SAML11AssertionType fromElement(Element element) throws ConfigurationException, ProcessingException,
+ ParsingException
+ {
+ XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader(DocumentUtil.getNodeAsStream(element));
+ return (SAML11AssertionType) parse(xmlEventReader);
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ //Special case: Encrypted Assertion
+ StaxParserUtil.validate(startElement, ASSERTION);
+ SAML11AssertionType assertion = parseBaseAttributes(startElement);
+
+ Attribute issuerAttribute = startElement.getAttributeByName(new QName(SAML11Constants.ISSUER));
+ String issuer = StaxParserUtil.getAttributeValue(issuerAttribute);
+ assertion.setIssuer(issuer);
+
+ //Peek at the next event
+ while (xmlEventReader.hasNext())
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if (xmlEvent == null)
+ break;
+
+ if (xmlEvent instanceof EndElement)
+ {
+ xmlEvent = StaxParserUtil.getNextEvent(xmlEventReader);
+ EndElement endElement = (EndElement) xmlEvent;
+ String endElementTag = StaxParserUtil.getEndElementName(endElement);
+ if (endElementTag.equals(JBossSAMLConstants.ASSERTION.get()))
+ break;
+ else
+ throw new RuntimeException("Unknown End Element:" + endElementTag);
+ }
+
+ StartElement peekedElement = null;
+
+ if (xmlEvent instanceof StartElement)
+ {
+ peekedElement = (StartElement) xmlEvent;
+ }
+ else
+ {
+ peekedElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ }
+ if (peekedElement == null)
+ break;
+
+ String tag = StaxParserUtil.getStartElementName(peekedElement);
+
+ if (tag.equals(JBossSAMLConstants.SIGNATURE.get()))
+ {
+ assertion.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
+ continue;
+ }
+
+ if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(tag))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ issuer = StaxParserUtil.getElementText(xmlEventReader);
+
+ assertion.setIssuer(issuer);
+ }
+ else if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(tag))
+ {
+ SAML11SubjectParser subjectParser = new SAML11SubjectParser();
+ SAML11SubjectType subject = (SAML11SubjectType) subjectParser.parse(xmlEventReader);
+ SAML11SubjectStatementType subStat = new SAML11SubjectStatementType();
+ subStat.setSubject(subject);
+ }
+ else if (JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase(tag))
+ {
+ startElement = (StartElement) xmlEvent;
+ SAML11ConditionsType conditions = new SAML11ConditionsType();
+ assertion.setConditions(conditions);
+
+ StartElement conditionsElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(conditionsElement, JBossSAMLConstants.CONDITIONS.get());
+
+ String assertionNS = SAML11Constants.ASSERTION_11_NSURI;
+
+ QName notBeforeQName = new QName("", JBossSAMLConstants.NOT_BEFORE.get());
+ QName notBeforeQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_BEFORE.get());
+
+ QName notAfterQName = new QName("", JBossSAMLConstants.NOT_ON_OR_AFTER.get());
+ QName notAfterQNameWithNS = new QName(assertionNS, JBossSAMLConstants.NOT_ON_OR_AFTER.get());
+
+ Attribute notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQName);
+ if (notBeforeAttribute == null)
+ notBeforeAttribute = conditionsElement.getAttributeByName(notBeforeQNameWithNS);
+
+ Attribute notAfterAttribute = conditionsElement.getAttributeByName(notAfterQName);
+ if (notAfterAttribute == null)
+ notAfterAttribute = conditionsElement.getAttributeByName(notAfterQNameWithNS);
+
+ if (notBeforeAttribute != null)
+ {
+ String notBeforeValue = StaxParserUtil.getAttributeValue(notBeforeAttribute);
+ conditions.setNotBefore(XMLTimeUtil.parse(notBeforeValue));
+ }
+
+ if (notAfterAttribute != null)
+ {
+ String notAfterValue = StaxParserUtil.getAttributeValue(notAfterAttribute);
+ conditions.setNotOnOrAfter(XMLTimeUtil.parse(notAfterValue));
+ }
+
+ assertion.setConditions(conditions);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.CONDITIONS.get());
+ }
+ else if (SAML11Constants.AUTHENTICATION_STATEMENT.equals(tag))
+ {
+ startElement = (StartElement) xmlEvent;
+ SAML11AuthenticationStatementType authStat = SAMLParserUtil.parseAuthenticationStatement(xmlEventReader);
+ assertion.add(authStat);
+ }
+ /*else if (JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase(tag))
+ {
+ AuthnStatementType authnStatementType = SAMLParserUtil.parseAuthnStatement(xmlEventReader);
+ assertion.addStatement(authnStatementType);
+ }
+ else if (JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase(tag))
+ {
+ AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement(xmlEventReader);
+ assertion.addStatement(attributeStatementType);
+ }
+ else if (JBossSAMLConstants.STATEMENT.get().equalsIgnoreCase(tag))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
+ if (xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_STATEMENT_TYPE.get()))
+ {
+ XACMLAuthzDecisionStatementType authZStat = new XACMLAuthzDecisionStatementType();
+
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ tag = StaxParserUtil.getStartElementName(startElement);
+
+ if (tag.contains(JBossSAMLConstants.RESPONSE.get()))
+ {
+ authZStat.setResponse(getXACMLResponse(xmlEventReader));
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ //There may be request also
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if (tag.contains(JBossSAMLConstants.REQUEST.get()))
+ {
+ authZStat.setRequest(getXACMLRequest(xmlEventReader));
+ }
+ }
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATEMENT.get());
+ assertion.addStatement(authZStat);
+ }
+ else
+ throw new RuntimeException("Unknown xsi:type=" + xsiTypeValue);
+ }*/
+ else
+ throw new RuntimeException("SAMLAssertionParser:: unknown: " + tag + "::location="
+ + peekedElement.getLocation());
+ }
+ return assertion;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ String nsURI = qname.getNamespaceURI();
+ String localPart = qname.getLocalPart();
+
+ return nsURI.equals(JBossSAMLURIConstants.ASSERTION_NSURI.get())
+ && localPart.equals(JBossSAMLConstants.ASSERTION.get());
+ }
+
+ private SAML11AssertionType parseBaseAttributes(StartElement nextElement) throws ParsingException
+ {
+ Attribute idAttribute = nextElement.getAttributeByName(new QName(SAML11Constants.ASSERTIONID));
+ String id = StaxParserUtil.getAttributeValue(idAttribute);
+
+ Attribute majVersionAttribute = nextElement.getAttributeByName(new QName(SAML11Constants.MAJOR_VERSION));
+ String majVersion = StaxParserUtil.getAttributeValue(majVersionAttribute);
+ StringUtil.match("1", majVersion);
+
+ Attribute minVersionAttribute = nextElement.getAttributeByName(new QName(SAML11Constants.MAJOR_VERSION));
+ String minVersion = StaxParserUtil.getAttributeValue(minVersionAttribute);
+ StringUtil.match("1", minVersion);
+
+ Attribute issueInstantAttribute = nextElement
+ .getAttributeByName(new QName(JBossSAMLConstants.ISSUE_INSTANT.get()));
+ XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstantAttribute));
+
+ return new SAML11AssertionType(id, issueInstant);
+ }
+
+ @SuppressWarnings("unchecked")
+ private ResponseType getXACMLResponse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ Element xacmlResponse = StaxParserUtil.getDOMElement(xmlEventReader);
+ //xacml request
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ try
+ {
+ JAXBContext jaxb = JAXBContext.newInstance(xacmlPath);
+ Unmarshaller un = jaxb.createUnmarshaller();
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+ JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) un.unmarshal(DocumentUtil
+ .getNodeAsStream(xacmlResponse));
+ return jaxbResponseType.getValue();
+ }
+ catch (Exception e)
+ {
+ throw new ParsingException(e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ private RequestType getXACMLRequest(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ Element xacmlRequest = StaxParserUtil.getDOMElement(xmlEventReader);
+ //xacml request
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ try
+ {
+ JAXBContext jaxb = JAXBContext.newInstance(xacmlPath);
+ Unmarshaller un = jaxb.createUnmarshaller();
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+ JAXBElement<RequestType> jaxbRequestType = (JAXBElement<RequestType>) un.unmarshal(DocumentUtil
+ .getNodeAsStream(xacmlRequest));
+ return jaxbRequestType.getValue();
+ }
+ catch (Exception e)
+ {
+ throw new ParsingException(e);
+ }
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -36,17 +36,17 @@
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
-import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
@@ -61,32 +61,33 @@
* @since Sep 17, 2009
*/
public class SAML2LogOutHandler extends BaseSAML2Handler
-{
+{
private static Logger log = Logger.getLogger(SAML2LogOutHandler.class);
- private boolean trace = log.isTraceEnabled();
-
- private IDPLogOutHandler idp = new IDPLogOutHandler();
- private SPLogOutHandler sp = new SPLogOutHandler();
-
+
+ private final boolean trace = log.isTraceEnabled();
+
+ private final IDPLogOutHandler idp = new IDPLogOutHandler();
+
+ private final SPLogOutHandler sp = new SPLogOutHandler();
+
/**
* @see SAML2Handler#generateSAMLRequest(SAML2HandlerRequest, SAML2HandlerResponse)
*/
public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
throws ProcessingException
{
- if(request.getTypeOfRequestToBeGenerated() == null)
+ if (request.getTypeOfRequestToBeGenerated() == null)
{
- if(trace)
+ if (trace)
{
log.trace("Request type to be generated=null");
}
return;
}
- if(GENERATE_REQUEST_TYPE.LOGOUT != request.getTypeOfRequestToBeGenerated())
+ if (GENERATE_REQUEST_TYPE.LOGOUT != request.getTypeOfRequestToBeGenerated())
return;
-
-
- if(getType() == HANDLER_TYPE.IDP)
+
+ if (getType() == HANDLER_TYPE.IDP)
{
idp.generateSAMLRequest(request, response);
}
@@ -95,398 +96,383 @@
sp.generateSAMLRequest(request, response);
}
}
-
+
/**
* @see SAML2Handler#handleRequestType(RequestAbstractType)
*/
- public void handleRequestType(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException
- {
- if(request.getSAML2Object() instanceof LogoutRequestType == false)
- return ;
-
- if(getType() == HANDLER_TYPE.IDP)
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
+ {
+ if (request.getSAML2Object() instanceof LogoutRequestType == false)
+ return;
+
+ if (getType() == HANDLER_TYPE.IDP)
{
idp.handleRequestType(request, response);
}
else
{
sp.handleRequestType(request, response);
- }
+ }
}
/**
* @see SAML2Handler#handleStatusResponseType(StatusResponseType,
Document resultingDocument)
*/
- public void handleStatusResponseType(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
{
//we do not handle any ResponseType (authentication etc)
- if(request.getSAML2Object() instanceof ResponseType)
+ if (request.getSAML2Object() instanceof ResponseType)
return;
-
- if(request.getSAML2Object() instanceof StatusResponseType == false)
- return ;
-
- if(getType() == HANDLER_TYPE.IDP)
+
+ if (request.getSAML2Object() instanceof StatusResponseType == false)
+ return;
+
+ if (getType() == HANDLER_TYPE.IDP)
{
idp.handleStatusResponseType(request, response);
}
else
{
sp.handleStatusResponseType(request, response);
- }
+ }
}
-
+
private class IDPLogOutHandler
{
- public void generateSAMLRequest(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException
+ public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
{
-
+
}
-
-
- public void handleStatusResponseType( SAML2HandlerRequest request,
- SAML2HandlerResponse response ) throws ProcessingException
- {
+
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
//we got a logout response from a SP
SAML2Object samlObject = request.getSAML2Object();
StatusResponseType statusResponseType = (StatusResponseType) samlObject;
-
+
HTTPContext httpContext = (HTTPContext) request.getContext();
HttpServletRequest httpRequest = httpContext.getRequest();
HttpSession httpSession = httpRequest.getSession(false);
-
+
String relayState = request.getRelayState();
-
+
ServletContext servletCtx = httpContext.getServletContext();
- IdentityServer server = (IdentityServer)servletCtx.getAttribute("IDENTITY_SERVER");
-
- if(server == null)
+ IdentityServer server = (IdentityServer) servletCtx.getAttribute("IDENTITY_SERVER");
+
+ if (server == null)
throw new ProcessingException("Identity Server not found");
-
+
String sessionID = httpSession.getId();
-
+
String statusIssuer = statusResponseType.getIssuer().getValue();
server.stack().deRegisterTransitParticipant(sessionID, statusIssuer);
-
+
String nextParticipant = this.getParticipant(server, sessionID, relayState);
- if(nextParticipant == null || nextParticipant.equals(relayState))
+ if (nextParticipant == null || nextParticipant.equals(relayState))
{
//we are done with logout - First ask STS to cancel the token
- AssertionType assertion = (AssertionType) httpSession.getAttribute( GeneralConstants.ASSERTION );
- if( assertion != null )
+ AssertionType assertion = (AssertionType) httpSession.getAttribute(GeneralConstants.ASSERTION);
+ if (assertion != null)
{
PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
- SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext();
- samlProtocolContext.setIssuedAssertion( assertion );
- sts.cancelToken(samlProtocolContext);
- httpSession.removeAttribute( GeneralConstants.ASSERTION );
+ SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext();
+ samlProtocolContext.setIssuedAssertion(assertion);
+ sts.cancelToken(samlProtocolContext);
+ httpSession.removeAttribute(GeneralConstants.ASSERTION);
}
-
+
//TODO: check the in transit map for partial logouts
try
{
- generateSuccessStatusResponseType(statusResponseType.getInResponseTo(),
- request, response, relayState);
- Boolean isPost = server.stack().getBinding( relayState );
- if( isPost == null )
+ generateSuccessStatusResponseType(statusResponseType.getInResponseTo(), request, response, relayState);
+ Boolean isPost = server.stack().getBinding(relayState);
+ if (isPost == null)
isPost = Boolean.TRUE;
- response.setPostBindingForResponse( isPost.booleanValue() );
+ response.setPostBindingForResponse(isPost.booleanValue());
}
catch (Exception e)
{
throw new ProcessingException(e);
}
-
+
httpSession.invalidate(); //We are done with the logout interaction
}
else
{
//Put the participant in transit mode
server.stack().registerTransitParticipant(sessionID, nextParticipant);
- Boolean isPost = server.stack().getBinding( nextParticipant );
- if( isPost == null )
+ Boolean isPost = server.stack().getBinding(nextParticipant);
+ if (isPost == null)
isPost = Boolean.TRUE;
- response.setPostBindingForResponse( isPost.booleanValue() );
-
+ response.setPostBindingForResponse(isPost.booleanValue());
+
//send logout request to participant with relaystate to orig
response.setRelayState(relayState);
-
+
response.setDestination(nextParticipant);
-
+
SAML2Request saml2Request = new SAML2Request();
try
{
LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());
- response.setResultingDocument(saml2Request.convert(lort));
+ response.setResultingDocument(saml2Request.convert(lort));
response.setSendRequest(true);
}
- catch(Exception e)
+ catch (Exception e)
{
throw new ProcessingException(e);
}
}
}
-
- public void handleRequestType( SAML2HandlerRequest request,
- SAML2HandlerResponse response ) throws ProcessingException
+
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
{
HTTPContext httpContext = (HTTPContext) request.getContext();
HttpSession session = httpContext.getRequest().getSession(false);
String sessionID = session.getId();
-
+
String relayState = httpContext.getRequest().getParameter(GeneralConstants.RELAY_STATE);
-
+
LogoutRequestType logOutRequest = (LogoutRequestType) request.getSAML2Object();
String issuer = logOutRequest.getIssuer().getValue();
try
- {
+ {
SAML2Request saml2Request = new SAML2Request();
-
+
ServletContext servletCtx = httpContext.getServletContext();
- IdentityServer server = (IdentityServer)servletCtx.getAttribute(GeneralConstants.IDENTITY_SERVER);
-
- if(server == null)
+ IdentityServer server = (IdentityServer) servletCtx.getAttribute(GeneralConstants.IDENTITY_SERVER);
+
+ if (server == null)
throw new ProcessingException("Identity Server not found");
-
+
String originalIssuer = (relayState == null) ? issuer : relayState;
-
+
String participant = this.getParticipant(server, sessionID, originalIssuer);
-
- if(participant == null || participant.equals(originalIssuer))
+
+ if (participant == null || participant.equals(originalIssuer))
{
//All log out is done
session.invalidate();
server.stack().pop(sessionID);
-
- Boolean isPost = server.stack().getBinding( participant );
- if( isPost == null )
+
+ Boolean isPost = server.stack().getBinding(participant);
+ if (isPost == null)
isPost = Boolean.TRUE;
-
- generateSuccessStatusResponseType(logOutRequest.getID(),
- request, response, originalIssuer);
- response.setPostBindingForResponse( isPost.booleanValue() );
+
+ generateSuccessStatusResponseType(logOutRequest.getID(), request, response, originalIssuer);
+ response.setPostBindingForResponse(isPost.booleanValue());
response.setSendRequest(false);
}
else
{
//Put the participant in transit mode
server.stack().registerTransitParticipant(sessionID, participant);
-
- if(relayState == null)
+
+ if (relayState == null)
relayState = originalIssuer;
-
+
//send logout request to participant with relaystate to orig
response.setRelayState(originalIssuer);
-
+
response.setDestination(participant);
-
+
Boolean isPost = server.stack().getBinding(participant);
- if( isPost == null )
+ if (isPost == null)
isPost = Boolean.TRUE;
-
- response.setPostBindingForResponse( isPost );
-
-
+
+ response.setPostBindingForResponse(isPost);
+
LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());
long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY);
-
+
lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity));
- lort.setDestination( URI.create( participant ));
-
+ lort.setDestination(URI.create(participant));
+
response.setResultingDocument(saml2Request.convert(lort));
response.setSendRequest(true);
}
}
- catch(ParserConfigurationException pe)
+ catch (ParserConfigurationException pe)
{
throw new ProcessingException(pe);
}
- catch(ConfigurationException pe)
+ catch (ConfigurationException pe)
{
throw new ProcessingException(pe);
}
catch (ParsingException e)
{
- throw new ProcessingException( e );
+ throw new ProcessingException(e);
}
return;
}
+ private void generateSuccessStatusResponseType(String logOutRequestID, SAML2HandlerRequest request,
+ SAML2HandlerResponse response, String originalIssuer) throws ConfigurationException,
+ ParserConfigurationException, ProcessingException
+ {
+ StatusResponseType statusResponse = new StatusResponseType(IDGenerator.create("ID_"),
+ XMLTimeUtil.getIssueInstant());
- private void generateSuccessStatusResponseType(
- String logOutRequestID,
- SAML2HandlerRequest request,
- SAML2HandlerResponse response,
- String originalIssuer)
- throws ConfigurationException, ParserConfigurationException, ProcessingException
- {
- StatusResponseType statusResponse = new StatusResponseType();
-
//Status
StatusType statusType = new StatusType();
StatusCodeType statusCodeType = new StatusCodeType();
- statusCodeType.setValue( URI.create( JBossSAMLURIConstants.STATUS_RESPONDER.get() ));
-
+ statusCodeType.setValue(URI.create(JBossSAMLURIConstants.STATUS_RESPONDER.get()));
+
//2nd level status code
StatusCodeType status2ndLevel = new StatusCodeType();
- status2ndLevel.setValue( URI.create( JBossSAMLURIConstants.STATUS_SUCCESS.get() ));
+ status2ndLevel.setValue(URI.create(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
statusCodeType.setStatusCode(status2ndLevel);
-
+
statusType.setStatusCode(statusCodeType);
-
+
statusResponse.setStatus(statusType);
-
- statusResponse.setIssueInstant(XMLTimeUtil.getIssueInstant());
+
statusResponse.setInResponseTo(logOutRequestID);
- statusResponse.setID(IDGenerator.create("ID_"));
- statusResponse.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
-
+
statusResponse.setIssuer(request.getIssuer());
-
+
try
{
SAML2Response saml2Response = new SAML2Response();
- response.setResultingDocument(saml2Response.convert(statusResponse));
- }
- catch( ParsingException je)
+ response.setResultingDocument(saml2Response.convert(statusResponse));
+ }
+ catch (ParsingException je)
{
throw new ProcessingException(je);
}
-
+
response.setDestination(originalIssuer);
}
-
- private String getParticipant(IdentityServer server, String sessionID,
- String originalRequestor)
+
+ private String getParticipant(IdentityServer server, String sessionID, String originalRequestor)
{
int participants = server.stack().getParticipants(sessionID);
-
+
String participant = originalRequestor;
//Get a participant who is not equal to the original issuer of the logout request
- if(participants > 0)
+ if (participants > 0)
{
do
{
- participant = server.stack().pop(sessionID);
- --participants;
+ participant = server.stack().pop(sessionID);
+ --participants;
}
- while(participants > 0 && participant.equals(originalRequestor));
+ while (participants > 0 && participant.equals(originalRequestor));
}
-
- return participant;
+
+ return participant;
}
}
-
+
private class SPLogOutHandler
{
- public void generateSAMLRequest(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException
+ public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
{
//Generate the LogOut Request
SAML2Request samlRequest = new SAML2Request();
try
{
- LogoutRequestType lot =
- samlRequest.createLogoutRequest(request.getIssuer().getValue());
-
+ LogoutRequestType lot = samlRequest.createLogoutRequest(request.getIssuer().getValue());
+
response.setResultingDocument(samlRequest.convert(lot));
response.setSendRequest(true);
}
catch (Exception e)
{
throw new ProcessingException(e);
- }
+ }
}
-
- public void handleStatusResponseType( SAML2HandlerRequest request,
- SAML2HandlerResponse response ) throws ProcessingException
- {
+
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
//Handler a log out response from IDP
StatusResponseType statusResponseType = (StatusResponseType) request.getSAML2Object();
-
+
HTTPContext httpContext = (HTTPContext) request.getContext();
HttpServletRequest servletRequest = httpContext.getRequest();
HttpSession session = servletRequest.getSession(false);
-
+
//TODO: Deal with partial logout report
-
+
StatusType statusType = statusResponseType.getStatus();
StatusCodeType statusCode = statusType.getStatusCode();
StatusCodeType secondLevelstatusCode = statusCode.getStatusCode();
- if(secondLevelstatusCode.getValue().toString().equals(JBossSAMLURIConstants.STATUS_SUCCESS.get()))
+ if (secondLevelstatusCode.getValue().toString().equals(JBossSAMLURIConstants.STATUS_SUCCESS.get()))
{
//we are successfully logged out
session.invalidate();
- }
+ }
}
-
- public void handleRequestType( SAML2HandlerRequest request,
- SAML2HandlerResponse response ) throws ProcessingException
- {
+
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
SAML2Object samlObject = request.getSAML2Object();
- if(samlObject instanceof LogoutRequestType == false)
+ if (samlObject instanceof LogoutRequestType == false)
return;
-
+
LogoutRequestType logOutRequest = (LogoutRequestType) samlObject;
HTTPContext httpContext = (HTTPContext) request.getContext();
HttpServletRequest servletRequest = httpContext.getRequest();
HttpSession session = servletRequest.getSession(false);
-
+
String relayState = servletRequest.getParameter("RelayState");
-
+
session.invalidate(); //Invalidate the current session at the SP
-
+
//Generate a Logout Response
- StatusResponseType statusResponse = new StatusResponseType();
-
+ StatusResponseType statusResponse = null;
+ try
+ {
+ statusResponse = new StatusResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+
//Status
StatusType statusType = new StatusType();
StatusCodeType statusCodeType = new StatusCodeType();
- statusCodeType.setValue( URI.create( JBossSAMLURIConstants.STATUS_RESPONDER.get() ));
-
+ statusCodeType.setValue(URI.create(JBossSAMLURIConstants.STATUS_RESPONDER.get()));
+
//2nd level status code
StatusCodeType status2ndLevel = new StatusCodeType();
- status2ndLevel.setValue( URI.create( JBossSAMLURIConstants.STATUS_SUCCESS.get() ));
+ status2ndLevel.setValue(URI.create(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
statusCodeType.setStatusCode(status2ndLevel);
-
+
statusType.setStatusCode(statusCodeType);
-
+
statusResponse.setStatus(statusType);
-
- try
- {
- statusResponse.setIssueInstant(XMLTimeUtil.getIssueInstant());
- }
- catch (ConfigurationException e)
- {
- throw new ProcessingException(e);
- }
+
statusResponse.setInResponseTo(logOutRequest.getID());
- statusResponse.setID(IDGenerator.create("ID_"));
- statusResponse.setVersion( JBossSAMLConstants.VERSION_2_0.get() );
-
+
statusResponse.setIssuer(request.getIssuer());
-
+
SAML2Response saml2Response = new SAML2Response();
try
{
- response.setResultingDocument(saml2Response.convert(statusResponse));
- }
- catch(Exception je)
+ response.setResultingDocument(saml2Response.convert(statusResponse));
+ }
+ catch (Exception je)
{
throw new ProcessingException(je);
}
-
+
response.setRelayState(relayState);
response.setDestination(logOutRequest.getIssuer().getValue());
response.setSendRequest(false);
}
- }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -350,13 +350,13 @@
{
if (trace)
log.trace(e1);
- responseType = saml2Response.createResponseType();
+ responseType = saml2Response.createResponseType(id);
}
catch (ProcessingException e)
{
if (trace)
log.trace(e);
- responseType = saml2Response.createResponseType();
+ responseType = saml2Response.createResponseType(id);
}
//Lets see how the response looks like
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2011-06-23 01:05:52 UTC (rev 1023)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2011-06-23 01:06:53 UTC (rev 1024)
@@ -35,7 +35,6 @@
import org.picketlink.identity.federation.core.interfaces.AttributeManager;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
@@ -156,8 +155,7 @@
SAML2Handler.HANDLER_TYPE.IDP);
SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
- AssertionType assertion = new AssertionType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant(),
- JBossSAMLConstants.VERSION_2_0.get());
+ AssertionType assertion = new AssertionType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
Map<String, Object> myattr = new HashMap<String, Object>();
myattr.put("testKey", "hello");
More information about the picketlink-commits
mailing list