[seam-commits] Seam SVN: r13773 - in modules/security/trunk: examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer and 19 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Thu Sep 23 19:01:23 EDT 2010
Author: marcelkolsteren
Date: 2010-09-23 19:01:20 -0400 (Thu, 23 Sep 2010)
New Revision: 13773
Added:
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java
Removed:
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java
Modified:
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java
modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java
modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java
modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java
modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java
modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java
modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java
modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java
modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java
modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java
modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java
Log:
Documented the API and SPI of the external authentication submodule of Seam Security (i.e. added Javadoc). On the way made some minor changes in the interfaces.
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -21,7 +21,7 @@
*/
package org.jboss.seam.security.examples.openid;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
public class AttributeVO
{
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,9 +33,9 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
@Model
@DialogueScoped
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.inject.Model;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi;
@Model
public class Configuration
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -51,7 +51,7 @@
ServletContext servletContext = (ServletContext) facesContext.getExternalContext().getContext();
if (DialogueBeanProvider.dialogueManager(servletContext).isAttached())
{
- String dialogueId = DialogueBeanProvider.dialogue(servletContext).getDialogueId();
+ String dialogueId = DialogueBeanProvider.dialogue(servletContext).getId();
ResponseHolder responseHolder = new ResponseHolderImpl((HttpServletResponse) facesContext.getExternalContext().getResponse(), dialogueId);
return responseHolder.addDialogueIdToUrl(actionUrl);
}
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,7 +27,7 @@
import org.jboss.seam.faces.event.qualifier.Before;
import org.jboss.seam.faces.event.qualifier.RestoreView;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.servlet.http.HttpParam;
public class DialoguePhaseListener
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -29,7 +29,7 @@
import javax.inject.Inject;
import javax.inject.Named;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
@SessionScoped
@Named
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -26,8 +26,8 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
@Model
public class Login
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class OpenIdProviderCustomizer
Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java
===================================================================
--- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -28,9 +28,9 @@
import javax.inject.Inject;
import javax.servlet.ServletContext;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
public class OpenIdProviderSpiImpl implements OpenIdProviderSpi
Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java
===================================================================
--- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.inject.Model;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi;
@Model
public class Configuration
Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java
===================================================================
--- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,9 +33,9 @@
import javax.inject.Named;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
@SessionScoped
@Named
@@ -61,7 +61,7 @@
if (!isLoggedIn())
{
List<OpenIdRequestedAttribute> attributes = new LinkedList<OpenIdRequestedAttribute>();
- attributes.add(new OpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null));
+ attributes.add(openIdApi.createOpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null));
openIdApi.login(openId, attributes, (HttpServletResponse) externalContext.getResponse());
}
else
Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java
===================================================================
--- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class OpenIdRelyingPartyCustomizer
Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java
===================================================================
--- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -26,8 +26,8 @@
import javax.inject.Inject;
import javax.servlet.ServletContext;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
public class OpenIdRelyingPartySpiImpl implements OpenIdRelyingPartySpi
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -35,8 +35,8 @@
import javax.faces.context.FacesContext;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi;
import org.jboss.seam.security.external.saml.SamlExternalEntity;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
@Model
public class Configuration
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -29,9 +29,8 @@
import javax.inject.Named;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
@Named
public class Identity implements Serializable
@@ -46,7 +45,7 @@
public void localLogin(String userName)
{
- samlIdp.localLogin(new SamlNameId(userName, null, null), null);
+ samlIdp.localLogin(samlIdp.createNameId(userName, null, null), null);
}
public void remoteLogin(String spEntityId)
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -26,8 +26,8 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlIdentityProviderApi;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
@Model
public class Login
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,8 +27,8 @@
import javax.servlet.ServletContext;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.api.SamlIdentityProviderApi;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
import org.slf4j.Logger;
@@ -58,7 +58,7 @@
}
}
- public void singleLogoutFailed(ResponseHolder responseHolder)
+ public void globalLogoutFailed(ResponseHolder responseHolder)
{
try
{
@@ -70,7 +70,7 @@
}
}
- public void singleLogoutSucceeded(ResponseHolder responseHolder)
+ public void globalLogoutSucceeded(ResponseHolder responseHolder)
{
try
{
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class SamlIdpCustomizer
Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java
===================================================================
--- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -29,8 +29,8 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider;
@Model
Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java
===================================================================
--- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -35,8 +35,8 @@
import javax.faces.context.FacesContext;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi;
import org.jboss.seam.security.external.saml.SamlExternalEntity;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi;
@Model
public class Configuration
Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java
===================================================================
--- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -28,9 +28,9 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlServiceProviderApi;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
@Model
public class Identity
Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java
===================================================================
--- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,8 +27,8 @@
import javax.servlet.ServletContext;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.api.SamlServiceProviderApi;
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
import org.jboss.seam.security.external.spi.SamlServiceProviderSpi;
import org.slf4j.Logger;
@@ -55,7 +55,7 @@
}
}
- public void loginFailed(ResponseHolder responseHolder)
+ public void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder)
{
try
{
@@ -67,7 +67,7 @@
}
}
- public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder)
+ public void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder)
{
try
{
Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java
===================================================================
--- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -23,7 +23,7 @@
import javax.enterprise.event.Observes;
-import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi;
import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation;
import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication;
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
+
+/**
+ * @author Marcel Kolsteren
+ */
+public class OpenIdPrincipalImpl implements OpenIdPrincipal
+{
+ private String identifier;
+
+ private URL openIdProvider;
+
+ private Map<String, List<String>> attributeValues;
+
+ public OpenIdPrincipalImpl(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues)
+ {
+ super();
+ this.identifier = identifier;
+ this.openIdProvider = openIdProvider;
+ this.attributeValues = attributeValues;
+ }
+
+ public String getIdentifier()
+ {
+ return identifier;
+ }
+
+ public URL getOpenIdProvider()
+ {
+ return openIdProvider;
+ }
+
+ public Map<String, List<String>> getAttributeValues()
+ {
+ return attributeValues;
+ }
+
+ public String getAttribute(String alias)
+ {
+ List<String> values = attributeValues.get(alias);
+ if (values.size() == 0)
+ {
+ return null;
+ }
+ else if (values.size() == 1)
+ {
+ return (String) attributeValues.get(alias).get(0);
+ }
+ else
+ {
+ throw new RuntimeException("Attribute has multiple values");
+ }
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((identifier == null) ? 0 : identifier.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ OpenIdPrincipalImpl other = (OpenIdPrincipalImpl) obj;
+ if (identifier == null)
+ {
+ if (other.identifier != null)
+ return false;
+ }
+ else if (!identifier.equals(other.identifier))
+ return false;
+ return true;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdRequestedAttributeImpl implements OpenIdRequestedAttribute
+{
+ private String alias;
+ private String typeUri;
+ private boolean required;
+ private Integer count;
+
+ public OpenIdRequestedAttributeImpl()
+ {
+ }
+
+ public OpenIdRequestedAttributeImpl(String alias, String typeUri, boolean required, Integer count)
+ {
+ super();
+ this.alias = alias;
+ this.typeUri = typeUri;
+ this.required = required;
+ this.count = count;
+ }
+
+ public String getAlias()
+ {
+ return alias;
+ }
+
+ public void setAlias(String alias)
+ {
+ this.alias = alias;
+ }
+
+ public String getTypeUri()
+ {
+ return typeUri;
+ }
+
+ public void setTypeUri(String typeUri)
+ {
+ this.typeUri = typeUri;
+ }
+
+ public boolean isRequired()
+ {
+ return required;
+ }
+
+ public void setRequired(boolean required)
+ {
+ this.required = required;
+ }
+
+ public Integer getCount()
+ {
+ return count;
+ }
+
+ public void setCount(Integer count)
+ {
+ this.count = count;
+ }
+
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -7,8 +7,8 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.saml.SamlMessage;
import org.jboss.seam.security.external.saml.SamlPostMessage;
import org.jboss.seam.security.external.saml.SamlRedirectMessage;
@@ -110,7 +110,7 @@
String dialogueId = null;
if (dialogueManager.isAttached())
{
- dialogueId = dialogue.getDialogueId();
+ dialogueId = dialogue.getId();
}
return new ResponseHolderImpl(response, dialogueId);
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -73,11 +73,14 @@
public String addDialogueIdToUrl(String url)
{
- String paramName = DialogueFilter.DIALOGUE_ID_PARAM;
- int queryStringIndex = url.indexOf("?");
- if (queryStringIndex < 0 || url.indexOf(paramName + "=", queryStringIndex) < 0)
+ if (dialogueId != null)
{
- url = new StringBuilder(url).append(queryStringIndex < 0 ? "?" : "&").append(paramName).append("=").append(dialogueId).toString();
+ String paramName = DialogueFilter.DIALOGUE_ID_PARAM;
+ int queryStringIndex = url.indexOf("?");
+ if (queryStringIndex < 0 || url.indexOf(paramName + "=", queryStringIndex) < 0)
+ {
+ url = new StringBuilder(url).append(queryStringIndex < 0 ? "?" : "&").append(paramName).append("=").append(dialogueId).toString();
+ }
}
return url;
}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import java.util.List;
+import java.util.Set;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlMultiUserIdentityProviderApi
+{
+ void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response);
+
+ void authenticationFailed(HttpServletResponse response);
+
+ Set<SamlIdpSession> getSessions();
+
+ SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes);
+
+ SamlNameId createNameId(String value, String format, String qualifier);
+
+ void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response);
+
+ void localLogout(SamlIdpSession session);
+
+ void globalLogout(SamlIdpSession session, HttpServletResponse response);
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import java.util.Set;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlMultiUserServiceProviderApi
+{
+ public void login(String idpEntityId, HttpServletResponse response);
+
+ public void localLogout(SamlSpSession session);
+
+ public void globalLogout(SamlSpSession session, HttpServletResponse response);
+
+ public Set<SamlSpSession> getSessions();
+}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,121 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+
+/**
+ *
+ * @author Marcel Kolsteren
+ */
+public class SamlNameIdImpl implements SamlNameId
+{
+ private String value;
+
+ private String format;
+
+ private String qualifier;
+
+ public SamlNameIdImpl(String value, String format, String qualifier)
+ {
+ super();
+ this.value = value;
+ this.format = format;
+ this.qualifier = qualifier;
+ }
+
+ public String getValue()
+ {
+ return value;
+ }
+
+ public void setValue(String value)
+ {
+ this.value = value;
+ }
+
+ public String getFormat()
+ {
+ return format;
+ }
+
+ public void setFormat(String format)
+ {
+ this.format = format;
+ }
+
+ public String getQualifier()
+ {
+ return qualifier;
+ }
+
+ public void setQualifier(String qualifier)
+ {
+ this.qualifier = qualifier;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((format == null) ? 0 : format.hashCode());
+ result = prime * result + ((qualifier == null) ? 0 : qualifier.hashCode());
+ result = prime * result + ((value == null) ? 0 : value.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ SamlNameIdImpl other = (SamlNameIdImpl) obj;
+ if (format == null)
+ {
+ if (other.format != null)
+ return false;
+ }
+ else if (!format.equals(other.format))
+ return false;
+ if (qualifier == null)
+ {
+ if (other.qualifier != null)
+ return false;
+ }
+ else if (!qualifier.equals(other.qualifier))
+ return false;
+ if (value == null)
+ {
+ if (other.value != null)
+ return false;
+ }
+ else if (!value.equals(other.value))
+ return false;
+ return true;
+ }
+
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,102 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import java.util.LinkedList;
+import java.util.List;
+
+import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType;
+import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class SamlPrincipalImpl implements SamlPrincipal
+{
+ private SamlNameId nameId;
+
+ private List<AttributeType> attributes = new LinkedList<AttributeType>();
+
+ private AssertionType assertion;
+
+ public SamlNameId getNameId()
+ {
+ return nameId;
+ }
+
+ public void setNameId(SamlNameId nameId)
+ {
+ this.nameId = nameId;
+ }
+
+ public List<AttributeType> getAttributes()
+ {
+ return attributes;
+ }
+
+ public void setAttributes(List<AttributeType> attributes)
+ {
+ this.attributes = attributes;
+ }
+
+ public AssertionType getAssertion()
+ {
+ return assertion;
+ }
+
+ public void setAssertion(AssertionType assertion)
+ {
+ this.assertion = assertion;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((nameId == null) ? 0 : nameId.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ SamlPrincipalImpl other = (SamlPrincipalImpl) obj;
+ if (nameId == null)
+ {
+ if (other.nameId != null)
+ return false;
+ }
+ else if (!nameId.equals(other.nameId))
+ return false;
+ return true;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,27 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+public class SamlSingleUserServiceProviderSpi
+{
+
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -21,22 +21,60 @@
*/
package org.jboss.seam.security.external.api;
-
/**
+ * API for configuration of entities that play a role in distributed security
+ * (examples of entities are SAML identity providers, SAML service providers,
+ * OpenID relying parties and OpenID providers)
+ *
* @author Marcel Kolsteren
*
*/
public interface EntityConfigurationApi
{
+ /**
+ * This property contains the protocol that is used by the entity. Either
+ * "http" or "https".
+ *
+ * @return the protocol
+ */
String getProtocol();
+ /**
+ * See {@link #getProtocol}
+ *
+ * @param protocol protocol
+ */
void setProtocol(String protocol);
+ /**
+ * The host name which is used to access this application from a web browser
+ * (by the end user).
+ *
+ * @return the host name
+ */
String getHostName();
+ /**
+ * See {@link #getHostName}
+ *
+ * @param hostName host name
+ */
void setHostName(String hostName);
+ /**
+ * The port at which this application is reachable from the browser of the
+ * end user. This might be another port then the port where the web container
+ * is listening to (in case of port forwarding). In most practical production
+ * employments, this port will be the standard HTTPS port, being 443.
+ *
+ * @return
+ */
int getPort();
+ /**
+ * See {@link #getPort}
+ *
+ * @param port port
+ */
void setPort(int port);
}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,81 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.net.URL;
-import java.util.List;
-import java.util.Map;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-// TODO: create hash code and equals method
-public class OpenIdPrincipal
-{
- private String identifier;
-
- private URL openIdProvider;
-
- private Map<String, List<String>> attributeValues;
-
- public OpenIdPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues)
- {
- super();
- this.identifier = identifier;
- this.openIdProvider = openIdProvider;
- this.attributeValues = attributeValues;
- }
-
- public String getIdentifier()
- {
- return identifier;
- }
-
- public URL getOpenIdProvider()
- {
- return openIdProvider;
- }
-
- public Map<String, List<String>> getAttributeValues()
- {
- return attributeValues;
- }
-
- public String getAttribute(String alias)
- {
- List<String> values = attributeValues.get(alias);
- if (values.size() == 0)
- {
- return null;
- }
- else if (values.size() == 1)
- {
- return (String) attributeValues.get(alias).get(0);
- }
- else
- {
- throw new RuntimeException("Attribute has multiple values");
- }
- }
-
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,42 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface OpenIdProviderApi
-{
- void authenticationSucceeded(String userName, HttpServletResponse response);
-
- void authenticationFailed(HttpServletResponse response);
-
- void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response);
-
- String getOpLocalIdentifierForUserName(String userName);
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,29 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-public interface OpenIdProviderConfigurationApi extends EntityConfigurationApi
-{
- String getXrdsURL();
-
- String getRealm();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,43 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface OpenIdRelyingPartyApi
-{
- /**
- * Start an OpenID login dialogue.
- *
- * @param identifier either a Claimed Identifier (identifying the user) or an
- * OP Identifier (identifying the OpenID Provider where the user
- * has an account)
- * @param attributes attributes that are requested
- */
- void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response);
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,29 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-public interface OpenIdRelyingPartyConfigurationApi extends EntityConfigurationApi
-{
- String getXrdsURL();
-
- String getRealm();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,89 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class OpenIdRequestedAttribute
-{
- private String alias;
- private String typeUri;
- private boolean required;
- private Integer count;
-
- public OpenIdRequestedAttribute()
- {
-
- }
-
- public OpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count)
- {
- super();
- this.alias = alias;
- this.typeUri = typeUri;
- this.required = required;
- this.count = count;
- }
-
- public String getAlias()
- {
- return alias;
- }
-
- public void setAlias(String alias)
- {
- this.alias = alias;
- }
-
- public String getTypeUri()
- {
- return typeUri;
- }
-
- public void setTypeUri(String typeUri)
- {
- this.typeUri = typeUri;
- }
-
- public boolean isRequired()
- {
- return required;
- }
-
- public void setRequired(boolean required)
- {
- this.required = required;
- }
-
- public Integer getCount()
- {
- return count;
- }
-
- public void setCount(Integer count)
- {
- this.count = count;
- }
-
-}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,16 +24,37 @@
import javax.servlet.http.HttpServletResponse;
/**
+ * This class is used in the SPI to pass the HTTP response on to the
+ * application. It also contains methods that make it easier for the application
+ * to propagate the dialogue over redirects or postbacks.
+ *
* @author Marcel Kolsteren
*
*/
public interface ResponseHolder
{
- void setResponse(HttpServletResponse response);
-
+ /**
+ * Gets the HTTP servlet response
+ *
+ * @return the response
+ */
HttpServletResponse getResponse();
+ /**
+ * Results in a redirect to the specified URL. If a dialogue is active, the
+ * id of that dialogue will be appended to the URL as a query parameter, so
+ * that the dialogue will be restored when the browser gets the redirect URL.
+ *
+ * @param url URL
+ */
void redirectWithDialoguePropagation(String url);
+ /**
+ * Adds the id of the current dialogue to the URL. If no dialogue is active,
+ * it just returns the URL unmodified.
+ *
+ * @param url URL
+ * @return URL
+ */
String addDialogueIdToUrl(String url);
}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,31 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public enum SamlBinding
-{
- HTTP_Redirect, HTTP_Post
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,67 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.io.Reader;
-import java.io.Writer;
-import java.util.List;
-
-import org.jboss.seam.security.external.saml.SamlExternalEntity;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface SamlEntityConfigurationApi
-{
- String getProtocol();
-
- void setProtocol(String protocol);
-
- void setEntityId(String entityId);
-
- String getEntityId();
-
- String getHostName();
-
- void setHostName(String hostName);
-
- int getPort();
-
- void setPort(int port);
-
- SamlBinding getPreferredBinding();
-
- void setPreferredBinding(SamlBinding preferredBinding);
-
- void setSigningKey(String keyStoreUrl, String keyStorePass, String signingKeyAlias, String signingKeyPass);
-
- SamlExternalEntity getExternalSamlEntityByEntityId(String entityId);
-
- SamlExternalEntity addExternalSamlEntity(Reader reader);
-
- List<SamlExternalEntity> getExternalSamlEntities();
-
- void writeMetaData(Writer writer);
-
- String getMetaDataURL();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,112 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
-import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-
-public interface SamlIdentityProviderApi
-{
- /**
- * Creates a local SAML session for the user with the given name and
- * attributes. This call is typically done before a remoteLogin or an
- * authenticationSucceeded call.
- *
- * @param nameId
- * @param attributes
- */
- void localLogin(SamlNameId nameId, List<AttributeType> attributes);
-
- /**
- * <p>
- * Logs the user in remotely in the application of the given service
- * provider. If the remote URL is specified, the service provider will
- * redirect the user to that URL. Otherwise, the service provider will
- * determine for itself which page is shown to the user.
- * </p>
- *
- * <p>
- * In SAML terms, this call results in an "unsolicited login" at the side of
- * the service provider.
- * </p>
- *
- * @param spEntityId the entity id of the remote service provider
- * @param remoteUrl the URL where the user agent needs to be redirected to by
- * the service provider (can be null)
- */
- void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response);
-
- /**
- * This is one of the possible responses that relate to the SPI call
- * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the
- * same dialogue context as the corresponding SPI call. It instructs the SAML
- * identity provider to send a positive authentication result back to the
- * service provider, using the local SAML session, which must have been
- * established before this call is done.
- */
- void authenticationSucceeded(HttpServletResponse response);
-
- /**
- * This is one of the possible responses that relate to the SPI call
- * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the
- * same dialogue context as the corresponding SPI call. It instructs the SAML
- * identity provider to send a positive authentication result back to the
- * service provider.
- */
- void authenticationFailed(HttpServletResponse response);
-
- /**
- * Gets the current SAML session. This contains information about the logged
- * in user, and the external service providers that take part in this
- * session.
- *
- * @return the session
- */
- SamlIdpSession getSession();
-
- /**
- * Removes the local SAML session for the current user. This use case is
- * considered out of scope by the SAML spec (see the SAMLv2 Profiles
- * document, section 4.4). External service providers that take part in the
- * session are not informed about the fact that the shared session has been
- * removed at the identity provider side.
- */
- void localLogout();
-
- /**
- * Globally logs out the current user. This leads to a "single logout" where
- * the identity provider logs out the user from all service providers that
- * participate in the current session. The result of the global logout is
- * reported asynchronously through the SPI.
- */
- void globalLogout(HttpServletResponse response);
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,47 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-
-import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface SamlIdentityProviderConfigurationApi extends SamlEntityConfigurationApi
-{
- boolean isWantAuthnRequestsSigned();
-
- void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned);
-
- boolean isSingleLogoutMessagesSigned();
-
- void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned);
-
- boolean isWantSingleLogoutMessagesSigned();
-
- void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned);
-
- List<SamlExternalServiceProvider> getServiceProviders();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,51 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface SamlMultiUserIdentityProviderApi
-{
- void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response);
-
- void authenticationFailed(HttpServletResponse response);
-
- Set<SamlIdpSession> getSessions();
-
- SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes);
-
- void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response);
-
- void localLogout(SamlIdpSession session);
-
- void globalLogout(SamlIdpSession session, HttpServletResponse response);
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,43 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.Set;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface SamlMultiUserServiceProviderApi
-{
- public void login(String idpEntityId, HttpServletResponse response);
-
- public void localLogout(SamlSpSession session);
-
- public void globalLogout(SamlSpSession session, HttpServletResponse response);
-
- public Set<SamlSpSession> getSessions();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,119 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class SamlNameId
-{
- private String value;
-
- private String format;
-
- private String qualifier;
-
- public SamlNameId(String value, String format, String qualifier)
- {
- super();
- this.value = value;
- this.format = format;
- this.qualifier = qualifier;
- }
-
- public String getValue()
- {
- return value;
- }
-
- public void setValue(String value)
- {
- this.value = value;
- }
-
- public String getFormat()
- {
- return format;
- }
-
- public void setFormat(String format)
- {
- this.format = format;
- }
-
- public String getQualifier()
- {
- return qualifier;
- }
-
- public void setQualifier(String qualifier)
- {
- this.qualifier = qualifier;
- }
-
- @Override
- public int hashCode()
- {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((format == null) ? 0 : format.hashCode());
- result = prime * result + ((qualifier == null) ? 0 : qualifier.hashCode());
- result = prime * result + ((value == null) ? 0 : value.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj)
- {
- if (this == obj)
- return true;
- if (obj == null)
- return false;
- if (getClass() != obj.getClass())
- return false;
- SamlNameId other = (SamlNameId) obj;
- if (format == null)
- {
- if (other.format != null)
- return false;
- }
- else if (!format.equals(other.format))
- return false;
- if (qualifier == null)
- {
- if (other.qualifier != null)
- return false;
- }
- else if (!qualifier.equals(other.qualifier))
- return false;
- if (value == null)
- {
- if (other.value != null)
- return false;
- }
- else if (!value.equals(other.value))
- return false;
- return true;
- }
-
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,100 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.LinkedList;
-import java.util.List;
-
-import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType;
-import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class SamlPrincipal
-{
- private SamlNameId nameId;
-
- private List<AttributeType> attributes = new LinkedList<AttributeType>();
-
- private AssertionType assertion;
-
- public SamlNameId getNameId()
- {
- return nameId;
- }
-
- public void setNameId(SamlNameId nameId)
- {
- this.nameId = nameId;
- }
-
- public List<AttributeType> getAttributes()
- {
- return attributes;
- }
-
- public void setAttributes(List<AttributeType> attributes)
- {
- this.attributes = attributes;
- }
-
- public AssertionType getAssertion()
- {
- return assertion;
- }
-
- public void setAssertion(AssertionType assertion)
- {
- this.assertion = assertion;
- }
-
- @Override
- public int hashCode()
- {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((nameId == null) ? 0 : nameId.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj)
- {
- if (this == obj)
- return true;
- if (obj == null)
- return false;
- if (getClass() != obj.getClass())
- return false;
- SamlPrincipal other = (SamlPrincipal) obj;
- if (nameId == null)
- {
- if (other.nameId != null)
- return false;
- }
- else if (!nameId.equals(other.nameId))
- return false;
- return true;
- }
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,119 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.jboss.seam.security.external.dialogues.api.Dialogued;
-import org.jboss.seam.security.external.saml.sp.SamlSpInApplicationScopeProducer;
-import org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer;
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
-import org.jboss.seam.security.external.spi.SamlServiceProviderSpi;
-import org.jboss.seam.security.external.spi.SamlSingleUserServiceProviderSpi;
-import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
-
-/**
- * API to the SAMLv2 compliant service provider. In order to use this API, one
- * of the following alternative beans need to be activated:
- *
- * <ul>
- * <li>{@link SamlSpInApplicationScopeProducer}</li>
- * <li>{@link SamlSpInVirtualApplicationScopeProducer}</li>
- * </ul>
- *
- * The former will install the service provider in application scope, the latter
- * will install it in virtual application scope. The virtual application scope
- * allows for using different service provider configurations depending on the
- * server name. See {@link VirtualApplicationScoped}
- *
- * <p>
- * This API (implemented by the framework) comes along with an SPI:
- * {@link SamlServiceProviderSpi} (implemented by the client application).
- * Dialogues are used to bridge corresponding API and SPI calls (see
- * {@link Dialogued}).
- * </p>
- *
- * <p>
- * All methods in this API, except the {@link #logout} method, require that the
- * request scoped {@link ResponseHolder} bean contains a link to the current
- * HTTP response. The implementation needs to response, in order to redirect the
- * browser to the identity provider. Beware not to touch the HTTP response after
- * one of these method returns.
- * </p>
- *
- * @author Marcel Kolsteren
- *
- */
-public interface SamlServiceProviderApi
-{
- /**
- * Sends the user agent to the site of the given identity provider, where the
- * user can be authenticated. When the call returns, a redirect on the HTTP
- * response has taken place. The response of the identity provider will be
- * sent asynchronously through the SPI methods
- * {@link SamlSingleUserServiceProviderSpi#loginSucceeded(OpenIdSession)} or
- * {@link SamlSingleUserServiceProviderSpi#loginFailed(OpenIdSession)}. If
- * the method is called within a dialogue, that same dialogue will be active
- * when the SPI method is called. Thus, the dialogue can be used to store API
- * client state that needs to survive the sign on process.
- *
- * @param idpEntityId
- */
- public void login(String idpEntityId, HttpServletResponse response);
-
- /**
- * <p>
- * Locally logs out the user. This use case is considered out of scope by the
- * SAML spec (see the SAMLv2 Profiles document, section 4.4). The local
- * logout means that the session established by the SAML SP is not used any
- * more by the application. So when the SAML SP will receive a logout request
- * for this session in the future, it won't pass that on to the application.
- * </p>
- *
- * <p>
- * This method doesn't write the HTTP response.
- * </p>
- */
- public void localLogout();
-
- /**
- * Globally logs out the user. The browser of the user is redirected to the
- * site of the identity provider, so that the identity provider can logout
- * the user from all applications that share the same session at the identity
- * provider. The result of the logout operation is reported back
- * asynchronously through the SPI methods
- * {@link SamlSingleUserServiceProviderSpi#globalLogoutSucceeded()} and
- * {@link SamlSingleUserServiceProviderSpi#singleLogoutFailed()}. If this
- * method is called with an active dialogue scope, the same dialogue will be
- * active when the SPI method is called. This allows the API client to store
- * state information in the dialogue.
- */
- public void globalLogout(HttpServletResponse response);
-
- /**
- * Gets the current session (login). If there is no active session, null is
- * returned.
- *
- * @return active session, or null
- */
- public SamlSpSession getSession();
-}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,105 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-import java.util.List;
-
-import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface SamlServiceProviderConfigurationApi extends SamlEntityConfigurationApi
-{
- /**
- * Returns a list with all identity providers that are supported (trusted).
- * This allows the API client to present the list to the user, so that the
- * user can choose the provider that needs to be used for doing the login.
- *
- * @return list of identity providers
- */
- List<SamlExternalIdentityProvider> getIdentityProviders();
-
- /**
- * If this property is enabled, all authentication requests targeted at
- * identity providers will be signed. The property is disabled by default.
- * When enabling it, be sure to add a signing key by calling
- * {@link SamlEntityConfigurationApi#setSigningKey(String, String, String, String)}
- * .
- *
- * @return true iff the authentication requests are signed
- */
- boolean isAuthnRequestsSigned();
-
- /**
- * See {@link #isAuthnRequestsSigned}.
- */
- void setAuthnRequestsSigned(boolean authnRequestsSigned);
-
- /**
- * This property, which is enabled by default, determines whether incoming
- * authentication responses from the identity provider are required to have a
- * valid signature. It is strongly discouraged to disabled signature
- * validation, because this opens possibilities for sending fake
- * authentication responses to the service provider.
- *
- * @return true iff incoming assertions need to have a valid signature
- */
- boolean isWantAssertionsSigned();
-
- /**
- * See {@link #isWantAssertionsSigned()}.
- */
- void setWantAssertionsSigned(boolean wantAssertionsSigned);
-
- /**
- * This property indicates whether outgoing single logout messages are
- * signed. True by default, and the advice is not to disable this property,
- * unless you understand the security risks of doing so.
- *
- * @return true iff the single logout requests (sent to identity providers)
- * are signed
- */
- boolean isSingleLogoutMessagesSigned();
-
- /**
- * See {@link #isSingleLogoutMessagesSigned()}.
- */
- void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned);
-
- /**
- * This property indicates whether incoming single logout requests are
- * required to have a valid signature. True by default, and the advice is not
- * to disable this property, unless you understand the security risks of
- * doing so.
- *
- * @return true iff incoming single logout requests need to have a valid
- * signature
- */
- boolean isWantSingleLogoutMessagesSigned();
-
- /**
- * See {@link #isWantSingleLogoutMessagesSigned()}.
- */
- void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned);
-}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.dialogues;
+
+import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+
+ at DialogueScoped
+public class DialogueBean implements Dialogue
+{
+ private String id;
+
+ private boolean finished;
+
+ public String getId()
+ {
+ return id;
+ }
+
+ public void setId(String id)
+ {
+ this.id = id;
+ }
+
+ public boolean isFinished()
+ {
+ return finished;
+ }
+
+ public void setFinished(boolean finished)
+ {
+ this.finished = finished;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,6 +27,7 @@
import javax.servlet.ServletContext;
import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.weld.manager.BeanManagerImpl;
/**
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,6 +33,8 @@
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletResponse;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+
@WebFilter(filterName = "DialogueFilter", urlPatterns = "/*")
public class DialogueFilter implements Filter
{
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,41 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.dialogues;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public interface DialogueManager
-{
- void beginDialogue();
-
- void endDialogue();
-
- boolean isExistingDialogue(String dialogueId);
-
- boolean isAttached();
-
- void attachDialogue(String dialogueId);
-
- void detachDialogue();
-}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,92 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.dialogues;
+
+import javax.enterprise.event.Observes;
+import javax.enterprise.inject.Instance;
+import javax.inject.Inject;
+import javax.servlet.ServletContextEvent;
+
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+import org.jboss.seam.servlet.event.qualifier.Destroyed;
+import org.jboss.seam.servlet.event.qualifier.Initialized;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class DialogueManagerBean implements DialogueManager
+{
+ @Inject
+ private DialogueContextExtension dialogueContextExtension;
+
+ @Inject
+ private Instance<DialogueBean> dialogue;
+
+ public void servletInitialized(@Observes @Initialized final ServletContextEvent e)
+ {
+ dialogueContextExtension.getDialogueContext().initialize(e.getServletContext());
+ }
+
+ public void servletDestroyed(@Observes @Destroyed final ServletContextEvent e)
+ {
+ dialogueContextExtension.getDialogueContext().destroy();
+ }
+
+ public void beginDialogue()
+ {
+ String dialogueId = dialogueContextExtension.getDialogueContext().create();
+ dialogue.get().setId(dialogueId);
+ }
+
+ public void endDialogue()
+ {
+ dialogueContextExtension.getDialogueContext().remove();
+ }
+
+ public void attachDialogue(String requestId)
+ {
+ dialogueContextExtension.getDialogueContext().attach(requestId);
+ }
+
+ public void detachDialogue()
+ {
+ if (dialogue.get().isFinished())
+ {
+ endDialogue();
+ }
+ else
+ {
+ dialogueContextExtension.getDialogueContext().detach();
+ }
+ }
+
+ public boolean isExistingDialogue(String dialogueId)
+ {
+ return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId);
+ }
+
+ public boolean isAttached()
+ {
+ return dialogueContextExtension.getDialogueContext().isAttached();
+ }
+}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,92 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.dialogues;
-
-import javax.enterprise.event.Observes;
-import javax.enterprise.inject.Instance;
-import javax.inject.Inject;
-import javax.servlet.ServletContextEvent;
-
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
-import org.jboss.seam.servlet.event.qualifier.Destroyed;
-import org.jboss.seam.servlet.event.qualifier.Initialized;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class DialogueManagerImpl implements DialogueManager
-{
- @Inject
- private DialogueContextExtension dialogueContextExtension;
-
- @Inject
- private Instance<Dialogue> dialogue;
-
- public void servletInitialized(@Observes @Initialized final ServletContextEvent e)
- {
- dialogueContextExtension.getDialogueContext().initialize(e.getServletContext());
- }
-
- public void servletDestroyed(@Observes @Destroyed final ServletContextEvent e)
- {
- dialogueContextExtension.getDialogueContext().destroy();
- }
-
- public void beginDialogue()
- {
- String dialogueId = dialogueContextExtension.getDialogueContext().create();
- dialogue.get().setDialogueId(dialogueId);
- }
-
- public void endDialogue()
- {
- dialogueContextExtension.getDialogueContext().remove();
- }
-
- public void attachDialogue(String requestId)
- {
- dialogueContextExtension.getDialogueContext().attach(requestId);
- }
-
- public void detachDialogue()
- {
- if (dialogue.get().isFinished())
- {
- endDialogue();
- }
- else
- {
- dialogueContextExtension.getDialogueContext().detach();
- }
- }
-
- public boolean isExistingDialogue(String dialogueId)
- {
- return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId);
- }
-
- public boolean isAttached()
- {
- return dialogueContextExtension.getDialogueContext().isAttached();
- }
-}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -26,6 +26,7 @@
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
/**
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -22,33 +22,14 @@
package org.jboss.seam.security.external.dialogues.api;
/**
+ * This dialogue-scoped bean is automatically created in the dialogue scope as
+ * soon as the dialogue is created. It can be used to get dialogue properties.
+ * For background about the dialogue scope, see {@link DialogueScoped}.
+ *
* @author Marcel Kolsteren
*
*/
- at DialogueScoped
-public class Dialogue
+public interface Dialogue
{
- private String dialogueId;
-
- private boolean finished;
-
- public String getDialogueId()
- {
- return dialogueId;
- }
-
- public void setDialogueId(String requestId)
- {
- this.dialogueId = requestId;
- }
-
- public boolean isFinished()
- {
- return finished;
- }
-
- public void setFinished(boolean finished)
- {
- this.finished = finished;
- }
+ public String getId();
}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,75 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.dialogues.api;
+
+/**
+ * Manager for the dialogue scope. For background about the dialogue scope, see
+ * {@link DialogueScoped}.
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface DialogueManager
+{
+ /**
+ * Starts a new dialogue. Results in a {@link RuntimeException} if
+ * {@link #isAttached} is true.
+ */
+ void beginDialogue();
+
+ /**
+ * Ends the current dialogue. Results in a {@link RuntimeException} if
+ * {@link #isAttached} is false.
+ */
+ void endDialogue();
+
+ /**
+ * Checks whether a dialogue exists with the given id.
+ *
+ * @param dialogueId the id
+ * @return true if a dialogue with that id exists
+ */
+ boolean isExistingDialogue(String dialogueId);
+
+ /**
+ * Checks whether the current thread is attached to a dialogue (i.e. whether
+ * a dialogue is currently active)
+ *
+ * @return true if the current thread is attached to a dialogue
+ */
+ boolean isAttached();
+
+ /**
+ * Attaches the current thread to the given dialogue. Results in a
+ * {@link RuntimeException} if the thread is already attached to a dialogue,
+ * i.e. if {@link #isAttached} is true.
+ *
+ * @param dialogueId
+ */
+ void attachDialogue(String dialogueId);
+
+ /**
+ * Detaches the current thread from the dialogue. Results in a
+ * {@link RuntimeException} if {@link #isAttached} is false.
+ */
+ void detachDialogue();
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,8 +33,38 @@
import javax.enterprise.context.NormalScope;
/**
+ * <p>
+ * Scope for a dialogue (flow) between the application and an external identity
+ * provider or consumer.
+ * </p>
+ *
+ * <p>
+ * The protocols for sharing identity information (e.g. SAMLv2, OpenID) have
+ * quite complex dialogues, that often rely on the user agent (browser) relaying
+ * messages between the identity consumer and the identity producer. When the
+ * application calls an API method of Seam's SAML or OpenID submodule, the
+ * application will often temporary loose control over the browser. After a
+ * number of redirects, the external authentication module uses the SPI to
+ * inform the application about the outcome. At that moment, the application
+ * re-gains control over the browser. This round trip is modeled as a
+ * "dialogue", and the dialogue CDI scope is used to manage state that is bound
+ * to the dialogue. Not only the identity sharing module uses it to maintain
+ * state, also the application: it can save stuff in dialogue scope before the
+ * API is called, and read the stuff back in when it is called back through the
+ * SPI. For example, when the user opens a page that requires authentication,
+ * the view can be stored in the dialogue scope before calling login() on the
+ * API. When the SPI reports back that the login succeeded, the same dialogue
+ * will be active, so that the application can easily inject the saved view and
+ * redirect the user to it.
+ * </p>
+ *
+ * <p>
+ * The dialogue scope is not a passivating scope, so the contextual objects that
+ * are saved in contexts of this scope do not have to be serializable. The
+ * context is stored in a servlet context attribute.
+ * </p>
+ *
* @author Marcel Kolsteren
- *
*/
@Documented
@Retention(RUNTIME)
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,10 +33,11 @@
import javax.servlet.http.HttpServletResponse;
import org.jboss.seam.security.external.InvalidRequestException;
+import org.jboss.seam.security.external.OpenIdRequestedAttributeImpl;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.DirectError;
@@ -71,7 +72,7 @@
private DialogueManager dialogueManager;
@Inject
- private Instance<Dialogue> dialogue;
+ private Instance<DialogueBean> dialogue;
@Inject
private Instance<OpenIdProviderBean> opBean;
@@ -168,7 +169,7 @@
for (Map.Entry<String, String> entry : attributes.entrySet())
{
- OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute();
+ OpenIdRequestedAttributeImpl requestedAttribute = new OpenIdRequestedAttributeImpl();
requestedAttribute.setAlias(entry.getKey());
requestedAttribute.setTypeUri(entry.getValue());
requestedAttribute.setRequired(required);
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -39,8 +39,6 @@
import org.jboss.seam.security.external.EntityBean;
import org.jboss.seam.security.external.JaxbContext;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.xrds.LocalID;
import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory;
@@ -49,6 +47,8 @@
import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern;
import org.jboss.seam.security.external.jaxb.xrds.XRD;
import org.jboss.seam.security.external.jaxb.xrds.XRDS;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi;
import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
import org.openid4java.discovery.DiscoveryInformation;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,8 +24,8 @@
import java.io.Serializable;
import java.util.List;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchRequest;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -31,11 +31,12 @@
import javax.servlet.http.HttpServletResponse;
import org.jboss.seam.security.external.InvalidRequestException;
+import org.jboss.seam.security.external.OpenIdPrincipalImpl;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerManager;
@@ -75,7 +76,7 @@
private Logger log;
@Inject
- private Instance<Dialogue> dialogue;
+ private Instance<DialogueBean> dialogue;
public void handleIncomingMessage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException
{
@@ -146,7 +147,7 @@
String openIdServiceUrl = relyingPartyBean.getServiceURL(OpenIdService.OPEN_ID_SERVICE);
String realm = relyingPartyBean.getRealm();
- String returnTo = openIdServiceUrl + "?dialogueId=" + dialogue.get().getDialogueId();
+ String returnTo = openIdServiceUrl + "?dialogueId=" + dialogue.get().getId();
AuthRequest authReq = openIdConsumerManager.authenticate(discovered, returnTo, realm);
if (attributes != null && attributes.size() > 0)
@@ -173,6 +174,6 @@
private OpenIdPrincipal createPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues)
{
- return new OpenIdPrincipal(identifier, openIdProvider, attributeValues);
+ return new OpenIdPrincipalImpl(identifier, openIdProvider, attributeValues);
}
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,9 +33,7 @@
import org.jboss.seam.security.external.EntityBean;
import org.jboss.seam.security.external.JaxbContext;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.OpenIdRequestedAttributeImpl;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory;
import org.jboss.seam.security.external.jaxb.xrds.Service;
@@ -43,6 +41,9 @@
import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern;
import org.jboss.seam.security.external.jaxb.xrds.XRD;
import org.jboss.seam.security.external.jaxb.xrds.XRDS;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.openid4java.discovery.DiscoveryInformation;
/**
@@ -116,4 +117,9 @@
throw new RuntimeException(e);
}
}
+
+ public OpenIdRequestedAttribute createOpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count)
+ {
+ return new OpenIdRequestedAttributeImpl(alias, typeUri, required, count);
+ }
}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,67 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Object respresenting a person that has been authenticated using OpenID.
+ *
+ * @author Marcel Kolsteren
+ */
+public interface OpenIdPrincipal
+{
+ /**
+ * This identifier holds the OpenID that is owned by the person.
+ *
+ * @return the verified OpenID
+ */
+ String getIdentifier();
+
+ /**
+ * The endpoint URL of the authentication service of the OpenID provider that
+ * verified that the person owns the OpenID.
+ *
+ * @return the OpenID provider authentication endpoint URL
+ */
+ URL getOpenIdProvider();
+
+ /**
+ * The attributes of the person, that have been received from the OpenID
+ * provider. It maps aliases of requested attributes to lists of attribute
+ * values.
+ *
+ * @return the attribute map
+ */
+ Map<String, List<String>> getAttributeValues();
+
+ /**
+ * Convenience method for fetching the first value of the attribute with the
+ * given alias. If the attribute doesn't exits, it returns null;
+ *
+ * @param alias attribute alias
+ * @return the first value of the attribute, or null
+ */
+ String getAttribute(String alias);
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.openid.OpenIdProviderInApplicationScopeProducer;
+import org.jboss.seam.security.external.openid.OpenIdProviderInVirtualApplicationScopeProducer;
+import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+/**
+ * API to the OpenID Provider (OP) of Seam security. In order to use this API,
+ * one of the following alternative beans needs to be activated:
+ *
+ * <ul>
+ * <li>{@link OpenIdProviderInApplicationScopeProducer}</li>
+ * <li>{@link OpenIdProviderInVirtualApplicationScopeProducer}</li>
+ * </ul>
+ *
+ * The former will install the OpenID provider in application scope, the latter
+ * will install it in virtual application scope. The virtual application scope
+ * allows for using different provider configurations depending on the server
+ * name. See {@link VirtualApplicationScoped}.
+ *
+ * <p>
+ * This API (implemented by the framework) comes along with an SPI:
+ * {@link OpenIdProviderSpi} (implemented by the client application). Dialogues
+ * are used to bridge corresponding API and SPI calls (see {@link Dialogued}).
+ * </p>
+ *
+ * <p>
+ * Most methods in this API require that the HTTP response is passed as a
+ * parameter. The implementation needs the response, in order to redirect the
+ * browser to the relying party. Beware not to touch the HTTP response after one
+ * of these method returns.
+ * </p>
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdProviderApi
+{
+ /**
+ * This is one of the possible reactions of the application after having
+ * received and processed an authentication request through the API call
+ * {@link OpenIdProviderSpi#authenticate(String, String, boolean, ResponseHolder)}
+ * . By calling this method, the application informs the OpenID provider
+ * module that authentication succeeded. The userName of the authenticated
+ * user is provided. The OpenID provider module will redirect the user back
+ * to the relying party's website.
+ *
+ * @param userName user name
+ * @param response HTTP response
+ */
+ void authenticationSucceeded(String userName, HttpServletResponse response);
+
+ /**
+ * This is one of the possible reactions of the application after having
+ * received and processed an authentication request through the API call
+ * {@link OpenIdProviderSpi#authenticate(String, String, boolean, ResponseHolder)}
+ * . By calling this method, the application informs the OpenID provider
+ * module that authentication failed. The OpenID provider module will
+ * redirect the user back to the relying party's website.
+ *
+ * @param userName user name
+ * @param response HTTP response
+ */
+ void authenticationFailed(HttpServletResponse response);
+
+ void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response);
+
+ /**
+ * This method can be used to find out the OP-Local identifier for a given
+ * user name. The OpenID authentication specification defines this identifier
+ * as follows: 'An alternate Identifier for an end user that is local to a
+ * particular OP and thus not necessarily under the end user's control'.
+ *
+ * @param userName user name
+ * @return the OP-Local Identifier
+ */
+ String getOpLocalIdentifierForUserName(String userName);
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+import org.jboss.seam.security.external.api.EntityConfigurationApi;
+
+/**
+ * API for accessing the OpenID Provider configuration
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdProviderConfigurationApi extends EntityConfigurationApi
+{
+ /**
+ * Gets the URL where the XRDS is served that can be used by relying parties
+ * for OpenID Provider discovery. The document served at this URL is
+ * described in the OpenID 2.0 Authentication specification, section
+ * 7.3.2.1.1.
+ *
+ * @return the URL
+ */
+ String getXrdsURL();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+/**
+ * API to the OpenID Relying Party (RP) of Seam security. In order to use this
+ * API, one of the following alternative beans needs to be activated:
+ *
+ * <ul>
+ * <li>{@link OpenIdRelyingPartyInApplicationScopeProducer}</li>
+ * <li>{@link OpenIdRelyingPartyInVirtualApplicationScopeProducer}</li>
+ * </ul>
+ *
+ * The former will install the OpenID relying party in application scope, the
+ * latter will install it in virtual application scope. The virtual application
+ * scope allows for using different provider configurations depending on the
+ * server name. See {@link VirtualApplicationScoped}.
+ *
+ * <p>
+ * This API (implemented by the framework) comes along with an SPI:
+ * {@link OpenIdRelyingPartySpi} (implemented by the client application).
+ * Dialogues are used to bridge corresponding API and SPI calls (see
+ * {@link Dialogued}).
+ * </p>
+ *
+ * <p>
+ * Most methods in this API require that the HTTP response is passed as a
+ * parameter. The implementation needs the response, in order to redirect the
+ * browser to the relying party. Beware not to touch the HTTP response after one
+ * of these method returns.
+ * </p>
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdRelyingPartyApi
+{
+ /**
+ * Start an OpenID login dialogue.
+ *
+ * @param identifier either a Claimed Identifier (identifying the user) or an
+ * OP Identifier (identifying the OpenID Provider where the user
+ * has an account)
+ * @param attributes attributes that are requested (they should have
+ * different aliases)
+ * @param response the HTTP servlet response
+ */
+ void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response);
+
+ /**
+ * Creates a request to fetch a certain attribute from the OpenID Provider.
+ * The resulting object can be passed to the {@link #login} method.
+ *
+ * @param alias name that identifies this requested attribute
+ * @param typeUri attribute type identifier
+ * @param required indicates whether the attribute is required
+ * @param count indicates the maximum number of values to be returned by the
+ * provider; must be at least 1
+ *
+ * @return the requested attribute
+ */
+ OpenIdRequestedAttribute createOpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count);
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+import org.jboss.seam.security.external.api.EntityConfigurationApi;
+
+/**
+ * API for accessing the OpenID Relying Party configuration
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdRelyingPartyConfigurationApi extends EntityConfigurationApi
+{
+ /**
+ * Gets the URL where the XRDS is served that can be used by OpenID providers
+ * for relying party discovery. The XRDS document served at this URL is
+ * described in the OpenID 2.0 Authentication specification, section 13.
+ * Remark that some OpenID providers (e.g. Yahoo) require that a Yadis
+ * discovery on the realm also results in this document. Meeting this
+ * requirement is beyond the responsibility and beyond the reach of the Seam
+ * OpenID module, because the realm URL is not "handled" by the web
+ * application in which the OpenID module lives. Consult the Seam Security
+ * documentation for further details about setting up the realm-based
+ * discovery.
+ *
+ * @return the URL
+ */
+ String getXrdsURL();
+
+ /**
+ * Gets the realm that is used by the relying party. A "realm" is a pattern
+ * that represents the part of URL-space for which an OpenID Authentication
+ * request is valid. See OpenID 2.0 Authentication specification, section
+ * 9.2. The OpenID provider uses the realm as the name of the the relying
+ * party site that is presented to the end user.
+ *
+ * @return the realm
+ */
+ String getRealm();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid.api;
+
+/**
+ * Attribute requested by the relying party during the authentication of a user.
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdRequestedAttribute
+{
+ /**
+ * Name that identifies this requested attribute.
+ *
+ * @return the alias
+ */
+ String getAlias();
+
+ /**
+ * Attribute type identifier.
+ *
+ * @return the type URI
+ */
+ String getTypeUri();
+
+ /**
+ * Indicates whether the attribute is required.
+ *
+ * @return true if required, false otherwise
+ */
+ boolean isRequired();
+
+ /**
+ * Indicates the maximum number of values to be returned by the provider;
+ * must be at least 1.
+ *
+ * @return maximum number of values
+ */
+ Integer getCount();
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -21,7 +21,7 @@
*/
package org.jboss.seam.security.external.saml;
-import org.jboss.seam.security.external.api.SamlBinding;
+import org.jboss.seam.security.external.saml.api.SamlBinding;
/**
* @author Marcel Kolsteren
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -38,8 +38,6 @@
import org.jboss.seam.security.external.EntityBean;
import org.jboss.seam.security.external.JaxbContext;
-import org.jboss.seam.security.external.api.SamlBinding;
-import org.jboss.seam.security.external.api.SamlEntityConfigurationApi;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntitiesDescriptorType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.IndexedEndpointType;
@@ -50,6 +48,8 @@
import org.jboss.seam.security.external.jaxb.samlv2.metadata.SSODescriptorType;
import org.jboss.seam.security.external.jaxb.xmldsig.KeyInfoType;
import org.jboss.seam.security.external.jaxb.xmldsig.X509DataType;
+import org.jboss.seam.security.external.saml.api.SamlBinding;
+import org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi;
/**
* @author Marcel Kolsteren
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,7 +27,6 @@
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.SamlNameId;
import org.jboss.seam.security.external.dialogues.api.Dialogue;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AudienceRestrictionType;
@@ -46,7 +45,9 @@
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusCodeType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusType;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+import org.jboss.seam.security.external.saml.idp.SamlIdpSessionImpl;
/**
* @author Marcel Kolsteren
@@ -132,7 +133,7 @@
AuthnStatementType authnStatement = assertionObjectFactory.createAuthnStatementType();
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(authnStatement);
authnStatement.setAuthnInstant(SamlUtils.getXMLGregorianCalendarNow());
- authnStatement.setSessionIndex(session.getSessionIndex());
+ authnStatement.setSessionIndex(((SamlIdpSessionImpl) session).getSessionIndex());
AuthnContextType authnContext = assertionObjectFactory.createAuthnContextType();
authnStatement.setAuthnContext(authnContext);
@@ -160,7 +161,7 @@
private void fillRequestAbstractTypeFields(RequestAbstractType request)
{
- request.setID(dialogue.getDialogueId());
+ request.setID(dialogue.getId());
request.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow());
NameIDType issuer = assertionObjectFactory.createNameIDType();
@@ -172,7 +173,7 @@
private void fillStatusResponseFields(StatusResponseType response, String statusCode, String statusMessage)
{
- response.setID(dialogue.getDialogueId());
+ response.setID(dialogue.getId());
response.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow());
NameIDType issuer = assertionObjectFactory.createNameIDType();
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -43,7 +43,7 @@
import org.jboss.seam.security.external.Base64;
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.JaxbContext;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.ResponseType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -45,13 +45,13 @@
import org.jboss.seam.security.external.Base64;
import org.jboss.seam.security.external.JaxbContext;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.SamlBinding;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.ObjectFactory;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.ResponseType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType;
+import org.jboss.seam.security.external.saml.api.SamlBinding;
import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider;
import org.slf4j.Logger;
import org.w3c.dom.Document;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,8 +24,8 @@
import java.util.LinkedList;
import java.util.List;
-import org.jboss.seam.security.external.api.SamlBinding;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EndpointType;
+import org.jboss.seam.security.external.saml.api.SamlBinding;
/**
* @author Marcel Kolsteren
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+/**
+ * Enumeration that contains the SAML protocol bindings that can be used by the
+ * SAML Identity Provider and the SAML Service Provider. Refer to the SAMLv2
+ * specification for details about the bindings.
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public enum SamlBinding
+{
+ /**
+ * HTTP_Redirect binding
+ */
+ HTTP_Redirect,
+
+ /**
+ * HTTP_Post binding
+ */
+ HTTP_Post
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,129 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.io.Reader;
+import java.util.List;
+
+import org.jboss.seam.security.external.api.EntityConfigurationApi;
+import org.jboss.seam.security.external.saml.SamlExternalEntity;
+
+/**
+ * API for the configuration of a SAML entity (i.e. a SAML Identity Provider or
+ * SAML Service Provider)
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlEntityConfigurationApi extends EntityConfigurationApi
+{
+ /**
+ * The unique identification of this SAML Entity. Typically, this is
+ * "https://www.your-domain.com".
+ *
+ * @return the entity ID
+ */
+ String getEntityId();
+
+ /**
+ * {@See #getEntityId()}
+ *
+ * @param entityId
+ */
+ void setEntityId(String entityId);
+
+ /**
+ * The preferred SAML protocol binding. By default, it is
+ * {@link SamlBinding#HTTP_Post}
+ *
+ * @return the preferred binding
+ */
+ SamlBinding getPreferredBinding();
+
+ /**
+ * See {@link #getPreferredBinding()}
+ *
+ * @param preferredBinding
+ */
+ void setPreferredBinding(SamlBinding preferredBinding);
+
+ /**
+ * Sets the key that is used to sign outgoing messages. Remark that in
+ * production deployments, the key store and the passwords giving access to
+ * it need to be well secured.
+ *
+ * @param keyStoreUrl URL of the key store, which must have Java Key Store
+ * (JKS) format; if it starts with "classpath://", the keystore
+ * will be read from the given location within the classpath
+ * @param keyStorePass the password giving access to the key store
+ * @param signingKeyAlias the alias under which the private key is stored
+ * that needs to be used for signing; the private key must be
+ * either a DSA or an RSA key
+ * @param signingKeyPass the password that gives access to the private key
+ */
+ void setSigningKey(String keyStoreUrl, String keyStorePass, String signingKeyAlias, String signingKeyPass);
+
+ /**
+ * This method can be used to add an external SAML entity that is trusted by
+ * the entity that is being configured. If the entity that is being
+ * configured is an identity provider, this method can be used for adding
+ * trusted service providers, and vice versa. The reader must contain a UTF-8
+ * encoded XML-file with the meta information of the entity that needs to be
+ * added. When this method returns, the configured entity trusts the added
+ * entity (has been added to the "circle of trust"). Remark that the meta
+ * data of the configured entity also needs to be loaded in the external
+ * entity. How this is done is out of scope for this API, but the needed meta
+ * information is served at the URL provided by {@link #getMetaDataURL}.
+ *
+ * @param reader reader that reads the meta information of the entry that
+ * needs to be added
+ * @return the contents of the external entity (extracted from the meta
+ * information)
+ */
+ SamlExternalEntity addExternalSamlEntity(Reader reader);
+
+ /**
+ * Gets the detailed of a trusted external entity, that has been added
+ * previously by calling {@link #addExternalSamlEntity}.
+ *
+ * @param entityId the id of the entity
+ * @return an object containing the properties of the entity
+ */
+ SamlExternalEntity getExternalSamlEntityByEntityId(String entityId);
+
+ /**
+ * Gets a list of all external entities that have been added previously by
+ * calling {@link #addExternalSamlEntity}.
+ *
+ * @return the list
+ */
+ List<SamlExternalEntity> getExternalSamlEntities();
+
+ /**
+ * Gets the URL where the meta data of this entity is served. Call this
+ * function only after configuration is complete (after you called other
+ * methods on this API that change the configuration).
+ *
+ * @return the URL
+ */
+ String getMetaDataURL();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,164 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
+import org.jboss.seam.security.external.saml.idp.SamlIdpInApplicationScopeProducer;
+import org.jboss.seam.security.external.saml.idp.SamlIdpInVirtualApplicationScopeProducer;
+import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+/**
+ *
+ * API to the SAML Identity Provider (IDP) of Seam security. In order to use
+ * this API, one of the following alternative beans needs to be activated:
+ *
+ * <ul>
+ * <li>{@link SamlIdpInApplicationScopeProducer}</li>
+ * <li>{@link SamlIdpInVirtualApplicationScopeProducer}</li>
+ * </ul>
+ *
+ * The former will install the Identity Provider in application scope, the
+ * latter will install it in virtual application scope. The virtual application
+ * scope allows for using different provider configurations depending on the
+ * server name. See {@link VirtualApplicationScoped}.
+ *
+ * <p>
+ * This API (implemented by the framework) comes along with an SPI:
+ * {@link SamlIdentityProviderSpi} (implemented by the client application).
+ * Dialogues are used to bridge corresponding API and SPI calls (see
+ * {@link Dialogued}).
+ * </p>
+ *
+ * <p>
+ * Most methods in this API require that the HTTP response is passed as a
+ * parameter. The implementation needs the response, in order to redirect the
+ * browser to the relying party. Beware not to touch the HTTP response after one
+ * of these method returns.
+ * </p>
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+
+public interface SamlIdentityProviderApi
+{
+ /**
+ * Creates a local SAML session for the user with the given name and
+ * attributes. This call is typically done before a {@link #remoteLogin} or
+ * an {@link #authenticationSucceeded} call.
+ *
+ * @param nameId
+ * @param attributes
+ */
+ void localLogin(SamlNameId nameId, List<AttributeType> attributes);
+
+ /**
+ * Creates a name identifier with the given properties. Needed for
+ * constructing the nameId parameter of a {@link #localLogin} call.
+ *
+ * @param value value (required)
+ * @param format format (optional)
+ * @param qualifier qualifier (optional)
+ * @return the name identifier
+ */
+ SamlNameId createNameId(String value, String format, String qualifier);
+
+ /**
+ * <p>
+ * Logs the user in remotely in the application of the given service
+ * provider. If the remote URL is specified, the service provider will
+ * redirect the user to that URL within the service provider's application.
+ * Otherwise, the service provider will determine for itself which page is
+ * shown to the user.
+ * </p>
+ *
+ * <p>
+ * In SAML terms, this call results in an "unsolicited login" at the side of
+ * the service provider.
+ * </p>
+ *
+ * @param spEntityId the entity id of the remote service provider
+ * @param remoteUrl the URL where the user agent needs to be redirected to by
+ * the service provider (can be null)
+ * @param response the HTTP servlet response
+ */
+ void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response);
+
+ /**
+ * This is one of the possible responses that relate to the SPI call
+ * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the
+ * same dialogue context as the corresponding SPI call. It instructs the SAML
+ * identity provider to send a positive authentication result back to the
+ * service provider, using the local SAML session, which must have been
+ * established before this call is done (by a previous call to
+ * {@link #localLogin}).
+ *
+ * @param response the HTTP servlet response
+ */
+ void authenticationSucceeded(HttpServletResponse response);
+
+ /**
+ * This is one of the possible responses that relate to the SPI call
+ * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the
+ * same dialogue context as the corresponding SPI call. It instructs the SAML
+ * identity provider to send a positive authentication result back to the
+ * service provider.
+ *
+ * @param response the HTTP servlet response
+ */
+ void authenticationFailed(HttpServletResponse response);
+
+ /**
+ * Gets the current SAML session. This contains information about the logged
+ * in user, and the external service providers that take part in this
+ * session.
+ *
+ * @return the session
+ */
+ SamlIdpSession getSession();
+
+ /**
+ * Removes the local SAML session for the current user. This use case is
+ * considered out of scope by the SAML spec (see the SAMLv2 Profiles
+ * document, section 4.4). External service providers that take part in the
+ * session are <b>not</b> informed about the fact that the shared session has
+ * been removed at the identity provider side.
+ */
+ void localLogout();
+
+ /**
+ * Globally logs out the current user. This leads to a "single logout" where
+ * the identity provider logs out the user from all service providers that
+ * participate in the current session. The result of the global logout is
+ * reported asynchronously through the SPI.
+ *
+ * @param response the HTTP servlet response
+ */
+ void globalLogout(HttpServletResponse response);
+
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,88 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.util.List;
+
+import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider;
+
+/**
+ * API for the configuration of a SAML Identity Provider
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlIdentityProviderConfigurationApi extends SamlEntityConfigurationApi
+{
+ /**
+ * This property indicates whether incoming authentication requests need to
+ * be signed. This property is disabled (false) by default.
+ *
+ * @return true iff the authentication requests need to be signed
+ */
+ boolean isWantAuthnRequestsSigned();
+
+ /**
+ * See {@link #isWantAuthnRequestsSigned()}.
+ */
+ void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned);
+
+ /**
+ * This property indicates whether outgoing single logout messages are
+ * signed. True by default, and the advice is not to disable this property,
+ * unless you understand the security risks of doing so.
+ *
+ * @return true iff the single logout requests (sent to identity providers)
+ * are signed
+ */
+ boolean isSingleLogoutMessagesSigned();
+
+ /**
+ * See {@link #isSingleLogoutMessagesSigned()}.
+ */
+ void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned);
+
+ /**
+ * This property indicates whether incoming single logout requests are
+ * required to have a valid signature. True by default, and the advice is not
+ * to disable this property, unless you understand the security risks of
+ * doing so.
+ *
+ * @return true iff incoming single logout requests need to have a valid
+ * signature
+ */
+ boolean isWantSingleLogoutMessagesSigned();
+
+ /**
+ * See {@link #isWantSingleLogoutMessagesSigned()}.
+ */
+ void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned);
+
+ /**
+ * Gets a list of all external service providers that have been added
+ * previously by calling
+ * {@link SamlEntityConfigurationApi#addExternalSamlEntity}.
+ *
+ * @return the list
+ */
+ List<SamlExternalServiceProvider> getServiceProviders();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.util.Set;
+
+import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider;
+
+/**
+ * Session managed by a SAML Identity Provider (IDP). Multiple Service Providers
+ * (SPs) can take part in the session. The session can be terminated as a whole,
+ * for all parties involved, by initiating a SAML single logout (either by the
+ * IDP or by a SP).
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlIdpSession
+{
+ /**
+ * Returns the details of the principal, i.e. the logged in person
+ *
+ * @return the principal
+ */
+ SamlPrincipal getPrincipal();
+
+ /**
+ * Returns the list of service providers that participate in the session. The
+ * list can be empty. In that case, the session is local to the identity
+ * provider.
+ *
+ * @return the list
+ */
+ Set<SamlExternalServiceProvider> getServiceProviders();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+/**
+ * Name identifying a subject (person) that has been authenticated using SAML.
+ * For details, refer to section 2.2 of the document 'Assertions and Protocols
+ * for the OASIS 3 Security Assertion Markup Language (SAML) V2.0' .
+ *
+ * @author Marcel Kolsteren
+ */
+public interface SamlNameId
+{
+ /**
+ * The actual name
+ *
+ * @return the name (not null)
+ */
+ String getValue();
+
+ /**
+ * A URI reference representing the classification of string-based identifier
+ * information.
+ *
+ * @return an URI reference, or null if the format is unspecified
+ */
+ String getFormat();
+
+ /**
+ * The security or administrative domain that qualifies the identifier. This
+ * attribute provides a means to federate identifiers from disparate user
+ * stores without collision.
+ *
+ * @return the qualifier, or null if the name is unqualified
+ */
+ String getQualifier();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.util.List;
+
+import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
+
+/**
+ * Object respresenting a person that has been authenticated using SAML.
+ *
+ * @author Marcel Kolsteren
+ */
+public interface SamlPrincipal
+{
+ /**
+ * Gets the name id of the principal.
+ *
+ * @return the name id
+ */
+ SamlNameId getNameId();
+
+ /**
+ * Gets the attributes of the principal
+ *
+ * @return the attributes
+ */
+ List<AttributeType> getAttributes();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.SamlSingleUserServiceProviderSpi;
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.saml.sp.SamlSpInApplicationScopeProducer;
+import org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer;
+import org.jboss.seam.security.external.spi.SamlServiceProviderSpi;
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+/**
+ * API to the SAMLv2 compliant service provider. In order to use this API, one
+ * of the following alternative beans needs to be activated:
+ *
+ * <ul>
+ * <li>{@link SamlSpInApplicationScopeProducer}</li>
+ * <li>{@link SamlSpInVirtualApplicationScopeProducer}</li>
+ * </ul>
+ *
+ * The former will install the service provider in application scope, the latter
+ * will install it in virtual application scope. The virtual application scope
+ * allows for using different service provider configurations depending on the
+ * server name. See {@link VirtualApplicationScoped}.
+ *
+ * <p>
+ * This API (implemented by the framework) comes along with an SPI:
+ * {@link SamlServiceProviderSpi} (implemented by the client application).
+ * Dialogues are used to bridge corresponding API and SPI calls (see
+ * {@link Dialogued}).
+ * </p>
+ *
+ * <p>
+ * Most methods in this API require that the HTTP response is passed as a
+ * parameter. The implementation needs the response, in order to redirect the
+ * browser to the relying party. Beware not to touch the HTTP response after one
+ * of these method returns.
+ * </p>
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlServiceProviderApi
+{
+ /**
+ * Sends the user agent to the site of the given identity provider, where the
+ * user can be authenticated. When the call returns, a redirect on the HTTP
+ * response has taken place. The response of the identity provider will be
+ * sent asynchronously through the SPI methods
+ * {@link SamlSingleUserServiceProviderSpi#loginSucceeded(OpenIdSession)} or
+ * {@link SamlSingleUserServiceProviderSpi#loginFailed(OpenIdSession)}. If
+ * the method is called within a dialogue, that same dialogue will be active
+ * when the SPI method is called. Thus, the dialogue can be used to store API
+ * client state that needs to survive the sign on process.
+ *
+ * @param idpEntityId
+ * @param response the HTTP servlet response
+ */
+ public void login(String idpEntityId, HttpServletResponse response);
+
+ /**
+ * <p>
+ * Locally logs out the user. This use case is considered out of scope by the
+ * SAML spec (see the SAMLv2 Profiles document, section 4.4). The local
+ * logout means that the session established by the SAML SP is not used any
+ * more by the application. So when the SAML SP will receive a logout request
+ * for this session in the future, it won't pass that on to the application.
+ * </p>
+ *
+ * <p>
+ * This method doesn't write the HTTP response.
+ * </p>
+ */
+ public void localLogout();
+
+ /**
+ * Globally logs out the user. The browser of the user is redirected to the
+ * site of the identity provider, so that the identity provider can logout
+ * the user from all applications that share the same session at the identity
+ * provider. The result of the logout operation is reported back
+ * asynchronously through the SPI methods
+ * {@link SamlSingleUserServiceProviderSpi#globalLogoutSucceeded()} and
+ * {@link SamlSingleUserServiceProviderSpi#singleLogoutFailed()}. If this
+ * method is called with an active dialogue scope, the same dialogue will be
+ * active when the SPI method is called. This allows the API client to store
+ * state information in the dialogue.
+ *
+ * @param response the HTTP servlet response
+ */
+ public void globalLogout(HttpServletResponse response);
+
+ /**
+ * Gets the current session (login). If there is no active session, null is
+ * returned.
+ *
+ * @return active session, or null
+ */
+ public SamlSpSession getSession();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import java.util.List;
+
+import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider;
+
+/**
+ * API for the configuration of a SAML Service Provider.
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public interface SamlServiceProviderConfigurationApi extends SamlEntityConfigurationApi
+{
+ /**
+ * If this property is enabled, all authentication requests targeted at
+ * identity providers will be signed. The property is disabled by default.
+ * When enabling it, be sure to add a signing key by calling
+ * {@link SamlEntityConfigurationApi#setSigningKey(String, String, String, String)}
+ * .
+ *
+ * @return true iff the authentication requests are signed
+ */
+ boolean isAuthnRequestsSigned();
+
+ /**
+ * See {@link #isAuthnRequestsSigned}.
+ */
+ void setAuthnRequestsSigned(boolean authnRequestsSigned);
+
+ /**
+ * This property, which is enabled by default, determines whether incoming
+ * authentication responses from the identity provider are required to have a
+ * valid signature. It is strongly discouraged to disabled signature
+ * validation, because this opens possibilities for sending fake
+ * authentication responses to the service provider.
+ *
+ * @return true iff incoming assertions need to have a valid signature
+ */
+ boolean isWantAssertionsSigned();
+
+ /**
+ * See {@link #isWantAssertionsSigned()}.
+ */
+ void setWantAssertionsSigned(boolean wantAssertionsSigned);
+
+ /**
+ * This property indicates whether outgoing single logout messages are
+ * signed. True by default, and the advice is not to disable this property,
+ * unless you understand the security risks of doing so.
+ *
+ * @return true iff the single logout requests (sent to identity providers)
+ * are signed
+ */
+ boolean isSingleLogoutMessagesSigned();
+
+ /**
+ * See {@link #isSingleLogoutMessagesSigned()}.
+ */
+ void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned);
+
+ /**
+ * This property indicates whether incoming single logout requests are
+ * required to have a valid signature. True by default, and the advice is not
+ * to disable this property, unless you understand the security risks of
+ * doing so.
+ *
+ * @return true iff incoming single logout requests need to have a valid
+ * signature
+ */
+ boolean isWantSingleLogoutMessagesSigned();
+
+ /**
+ * See {@link #isWantSingleLogoutMessagesSigned()}.
+ */
+ void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned);
+
+ /**
+ * Returns a list with all identity providers that are trusted (i.e. identity
+ * providers that have been added by calling
+ * {@link SamlEntityConfigurationApi#addExternalSamlEntity}). This allows the
+ * API client to present the list to the user, so that the user can choose
+ * the provider that needs to be used for doing the login.
+ *
+ * @return list of identity providers
+ */
+ List<SamlExternalIdentityProvider> getIdentityProviders();
+}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.api;
+
+import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider;
+
+/**
+ * Session at the SAML Service Provider, managed by a master session at the SAML
+ * Identity Provider. Other Service Providers can also participate in the same
+ * master session.
+ *
+ * @author Marcel Kolsteren
+ */
+public interface SamlSpSession
+{
+
+ /**
+ * Gets the details of the principal, i.e. the logged in user.
+ *
+ * @return the principal
+ */
+ SamlPrincipal getPrincipal();
+
+ /**
+ * Gets the entity provider that manages the session.
+ *
+ * @return the entity provider
+ */
+ SamlExternalIdentityProvider getIdentityProvider();
+
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,6 +24,7 @@
import java.io.Reader;
import java.io.Writer;
import java.util.Arrays;
+import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
@@ -34,10 +35,9 @@
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
-import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi;
-import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.api.SamlPrincipal;
+import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi;
+import org.jboss.seam.security.external.SamlNameIdImpl;
+import org.jboss.seam.security.external.SamlPrincipalImpl;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType;
@@ -51,6 +51,10 @@
import org.jboss.seam.security.external.saml.SamlExternalEntity;
import org.jboss.seam.security.external.saml.SamlIdpOrSp;
import org.jboss.seam.security.external.saml.SamlServiceType;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
/**
* @author Marcel Kolsteren
@@ -188,7 +192,9 @@
public Set<SamlIdpSession> getSessions()
{
- return samlIdpSessions.getSessions();
+ Set<SamlIdpSession> sessions = new HashSet<SamlIdpSession>();
+ sessions.addAll(samlIdpSessions.getSessions());
+ return sessions;
}
public SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes)
@@ -196,9 +202,14 @@
return createSession(nameId, attributes);
}
+ public SamlNameId createNameId(String value, String format, String qualifier)
+ {
+ return new SamlNameIdImpl(value, format, qualifier);
+ }
+
private SamlIdpSession createSession(SamlNameId nameId, List<AttributeType> attributes)
{
- SamlPrincipal samlPrincipal = new SamlPrincipal();
+ SamlPrincipalImpl samlPrincipal = new SamlPrincipalImpl();
samlPrincipal.setNameId(nameId);
if (attributes != null)
{
@@ -227,14 +238,14 @@
public void localLogout(SamlIdpSession session)
{
- samlIdpSessions.removeSession(session);
+ samlIdpSessions.removeSession((SamlIdpSessionImpl) session);
}
@Dialogued(join = true)
public void globalLogout(SamlIdpSession session, HttpServletResponse response)
{
SamlPrincipal principal = session.getPrincipal();
- samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Arrays.asList(session.getSessionIndex()), response);
+ samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Arrays.asList(((SamlIdpSessionImpl) session).getSessionIndex()), response);
}
@Override
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -2,8 +2,8 @@
import java.util.List;
-import org.jboss.seam.security.external.api.SamlNameId;
import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
/**
* @author Marcel Kolsteren
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,6 +1,7 @@
package org.jboss.seam.security.external.saml.idp;
import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
/**
* @author Marcel Kolsteren
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,108 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.saml.idp;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.jboss.seam.security.external.api.SamlPrincipal;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class SamlIdpSession
-{
- private SamlPrincipal principal;
-
- private String sessionIndex;
-
- private Set<SamlExternalServiceProvider> serviceProviders = new HashSet<SamlExternalServiceProvider>();
-
- public SamlPrincipal getPrincipal()
- {
- return principal;
- }
-
- public void setPrincipal(SamlPrincipal samlPrincipal)
- {
- this.principal = samlPrincipal;
- }
-
- public String getSessionIndex()
- {
- return sessionIndex;
- }
-
- public void setSessionIndex(String sessionIndex)
- {
- this.sessionIndex = sessionIndex;
- }
-
- public Set<SamlExternalServiceProvider> getServiceProviders()
- {
- return serviceProviders;
- }
-
- public void setServiceProviders(Set<SamlExternalServiceProvider> serviceProviders)
- {
- this.serviceProviders = serviceProviders;
- }
-
- @Override
- public int hashCode()
- {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((principal == null) ? 0 : principal.hashCode());
- result = prime * result + ((sessionIndex == null) ? 0 : sessionIndex.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj)
- {
- if (this == obj)
- return true;
- if (obj == null)
- return false;
- if (getClass() != obj.getClass())
- return false;
- SamlIdpSession other = (SamlIdpSession) obj;
- if (principal == null)
- {
- if (other.principal != null)
- return false;
- }
- else if (!principal.equals(other.principal))
- return false;
- if (sessionIndex == null)
- {
- if (other.sessionIndex != null)
- return false;
- }
- else if (!sessionIndex.equals(other.sessionIndex))
- return false;
- return true;
- }
-
-}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.idp;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class SamlIdpSessionImpl implements SamlIdpSession
+{
+ private SamlPrincipal principal;
+
+ private String sessionIndex;
+
+ private Set<SamlExternalServiceProvider> serviceProviders = new HashSet<SamlExternalServiceProvider>();
+
+ public SamlPrincipal getPrincipal()
+ {
+ return principal;
+ }
+
+ public void setPrincipal(SamlPrincipal samlPrincipal)
+ {
+ this.principal = samlPrincipal;
+ }
+
+ public String getSessionIndex()
+ {
+ return sessionIndex;
+ }
+
+ public void setSessionIndex(String sessionIndex)
+ {
+ this.sessionIndex = sessionIndex;
+ }
+
+ public Set<SamlExternalServiceProvider> getServiceProviders()
+ {
+ return serviceProviders;
+ }
+
+ public void setServiceProviders(Set<SamlExternalServiceProvider> serviceProviders)
+ {
+ this.serviceProviders = serviceProviders;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((principal == null) ? 0 : principal.hashCode());
+ result = prime * result + ((sessionIndex == null) ? 0 : sessionIndex.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ SamlIdpSessionImpl other = (SamlIdpSessionImpl) obj;
+ if (principal == null)
+ {
+ if (other.principal != null)
+ return false;
+ }
+ else if (!principal.equals(other.principal))
+ return false;
+ if (sessionIndex == null)
+ {
+ if (other.sessionIndex != null)
+ return false;
+ }
+ else if (!sessionIndex.equals(other.sessionIndex))
+ return false;
+ return true;
+ }
+
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,7 +27,8 @@
import javax.enterprise.context.SessionScoped;
-import org.jboss.seam.security.external.api.SamlPrincipal;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
/**
* @author Marcel Kolsteren
@@ -38,7 +39,7 @@
{
private static final long serialVersionUID = 6297278286428111620L;
- private Set<SamlIdpSession> sessions = new HashSet<SamlIdpSession>();
+ private Set<SamlIdpSessionImpl> sessions = new HashSet<SamlIdpSessionImpl>();
public SamlIdpSession addSession(SamlPrincipal principal)
{
@@ -50,7 +51,7 @@
}
while (getSession(principal, sessionIndex) != null);
- SamlIdpSession session = new SamlIdpSession();
+ SamlIdpSessionImpl session = new SamlIdpSessionImpl();
session.setPrincipal(principal);
session.setSessionIndex(sessionIndex);
sessions.add(session);
@@ -60,7 +61,7 @@
public SamlIdpSession getSession(SamlPrincipal principal, String sessionIndex)
{
- for (SamlIdpSession session : sessions)
+ for (SamlIdpSessionImpl session : sessions)
{
if (session.getPrincipal().equals(principal) && session.getSessionIndex().equals(sessionIndex))
{
@@ -70,12 +71,12 @@
return null;
}
- public void removeSession(SamlIdpSession session)
+ public void removeSession(SamlIdpSessionImpl session)
{
sessions.remove(session);
}
- public Set<SamlIdpSession> getSessions()
+ public Set<SamlIdpSessionImpl> getSessions()
{
return sessions;
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -30,10 +30,9 @@
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.api.SamlPrincipal;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.SamlNameIdImpl;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.NameIDType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
@@ -43,6 +42,9 @@
import org.jboss.seam.security.external.saml.SamlMessageFactory;
import org.jboss.seam.security.external.saml.SamlMessageSender;
import org.jboss.seam.security.external.saml.SamlProfile;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
/**
@@ -64,7 +66,7 @@
private Instance<SamlIdentityProviderSpi> samlIdentityProviderSpi;
@Inject
- private Instance<Dialogue> dialogue;
+ private Instance<DialogueBean> dialogue;
@Inject
private Instance<SamlDialogue> samlDialogue;
@@ -91,7 +93,7 @@
LogoutRequestType logoutRequest = (LogoutRequestType) request;
NameIDType nameIdJaxb = logoutRequest.getNameID();
- SamlNameId samlNameId = new SamlNameId(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());
+ SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());
samlIdpIncomingLogoutDialogue.get().setNameId(samlNameId);
samlIdpIncomingLogoutDialogue.get().setSessionIndexes(logoutRequest.getSessionIndex());
@@ -123,7 +125,7 @@
{
if (session.getPrincipal().getNameId().equals(samlNameId))
{
- if (sessionIndexes == null || sessionIndexes.size() == 0 || sessionIndexes.contains(session.getSessionIndex()))
+ if (sessionIndexes == null || sessionIndexes.size() == 0 || sessionIndexes.contains(((SamlIdpSessionImpl) session).getSessionIndex()))
{
sessionToRemove = session;
break;
@@ -147,7 +149,7 @@
// participant (if available) or to the next session.
if (sp != null && !sp.equals(samlDialogue.get().getExternalProvider()) && sp.getService(SamlProfile.SINGLE_LOGOUT) != null)
{
- String incomingDialogueId = dialogue.get().getDialogueId();
+ String incomingDialogueId = dialogue.get().getId();
dialogueManager.detachDialogue();
dialogueManager.beginDialogue();
samlIdpOutgoingLogoutDialogue.get().setIncomingDialogueId(incomingDialogueId);
@@ -160,7 +162,7 @@
{
// Session has no participating service providers (any more).
// Remove the session.
- samlIdpSessions.removeSession(sessionToRemove);
+ samlIdpSessions.removeSession((SamlIdpSessionImpl) sessionToRemove);
if (samlDialogue.get().getExternalProvider() != null)
{
samlIdentityProviderSpi.get().loggedOut(sessionToRemove);
@@ -187,11 +189,11 @@
{
if (failed)
{
- samlIdentityProviderSpi.get().singleLogoutFailed(responseHandler.createResponseHolder(response));
+ samlIdentityProviderSpi.get().globalLogoutFailed(responseHandler.createResponseHolder(response));
}
else
{
- samlIdentityProviderSpi.get().singleLogoutSucceeded(responseHandler.createResponseHolder(response));
+ samlIdentityProviderSpi.get().globalLogoutSucceeded(responseHandler.createResponseHolder(response));
}
}
dialogue.get().setFinished(true);
@@ -216,7 +218,7 @@
public void sendSingleLogoutRequestToSP(SamlIdpSession session, SamlExternalServiceProvider sp, HttpServletResponse response)
{
LogoutRequestType logoutRequest;
- logoutRequest = samlMessageFactory.createLogoutRequest(session.getPrincipal().getNameId(), session.getSessionIndex());
+ logoutRequest = samlMessageFactory.createLogoutRequest(session.getPrincipal().getNameId(), ((SamlIdpSessionImpl) session).getSessionIndex());
samlDialogue.get().setExternalProvider(sp);
samlMessageSender.sendRequest(sp, SamlProfile.SINGLE_LOGOUT, logoutRequest, response);
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -28,7 +28,7 @@
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
@@ -41,6 +41,7 @@
import org.jboss.seam.security.external.saml.SamlMessageSender;
import org.jboss.seam.security.external.saml.SamlProfile;
import org.jboss.seam.security.external.saml.SamlService;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider;
import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
@@ -60,7 +61,7 @@
private Instance<SamlIdentityProviderSpi> samlIdentityProviderSpi;
@Inject
- private Dialogue dialogue;
+ private DialogueBean dialogue;
@Inject
private SamlDialogue samlDialogue;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,10 +27,11 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlNameId;
+import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
public class SamlIdpSingleUser implements SamlIdentityProviderApi
{
@@ -93,4 +94,9 @@
}
multiUserApi.get().globalLogout(session, response);
}
+
+ public SamlNameId createNameId(String value, String format, String qualifier)
+ {
+ return multiUserApi.get().createNameId(value, format, qualifier);
+ }
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -23,6 +23,7 @@
import java.io.Reader;
import java.io.Writer;
+import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
@@ -32,8 +33,7 @@
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
-import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi;
-import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi;
+import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.IDPSSODescriptorType;
@@ -45,6 +45,8 @@
import org.jboss.seam.security.external.saml.SamlExternalEntity;
import org.jboss.seam.security.external.saml.SamlIdpOrSp;
import org.jboss.seam.security.external.saml.SamlServiceType;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
/**
* @author Marcel Kolsteren
@@ -193,19 +195,21 @@
@Dialogued(join = true)
public void localLogout(SamlSpSession session)
{
- samlSpSessions.removeSession(session);
+ samlSpSessions.removeSession((SamlSpSessionImpl) session);
}
@Dialogued(join = true)
public void globalLogout(SamlSpSession session, HttpServletResponse response)
{
localLogout(session);
- samlSpSingleLogoutService.sendSingleLogoutRequestToIDP(session, response);
+ samlSpSingleLogoutService.sendSingleLogoutRequestToIDP((SamlSpSessionImpl) session, response);
}
public Set<SamlSpSession> getSessions()
{
- return samlSpSessions.getSessions();
+ Set<SamlSpSession> sessions = new HashSet<SamlSpSession>();
+ sessions.addAll(samlSpSessions.getSessions());
+ return sessions;
}
@Override
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,6 +1,7 @@
package org.jboss.seam.security.external.saml.sp;
import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
/**
* @author Marcel Kolsteren
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,68 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.saml.sp;
-
-import org.jboss.seam.security.external.api.SamlPrincipal;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class SamlSpSession
-{
- private SamlPrincipal principal;
-
- private String sessionIndex;
-
- private SamlExternalIdentityProvider identityProvider;
-
- public SamlPrincipal getPrincipal()
- {
- return principal;
- }
-
- public void setPrincipal(SamlPrincipal samlPrincipal)
- {
- this.principal = samlPrincipal;
- }
-
- public String getSessionIndex()
- {
- return sessionIndex;
- }
-
- public void setSessionIndex(String sessionIndex)
- {
- this.sessionIndex = sessionIndex;
- }
-
- public SamlExternalIdentityProvider getIdentityProvider()
- {
- return identityProvider;
- }
-
- public void setIdentityProvider(SamlExternalIdentityProvider identityProvider)
- {
- this.identityProvider = identityProvider;
- }
-
-}
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.saml.sp;
+
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class SamlSpSessionImpl implements SamlSpSession
+{
+ private SamlPrincipal principal;
+
+ private String sessionIndex;
+
+ private SamlExternalIdentityProvider identityProvider;
+
+ public SamlPrincipal getPrincipal()
+ {
+ return principal;
+ }
+
+ public void setPrincipal(SamlPrincipal samlPrincipal)
+ {
+ this.principal = samlPrincipal;
+ }
+
+ public String getSessionIndex()
+ {
+ return sessionIndex;
+ }
+
+ public void setSessionIndex(String sessionIndex)
+ {
+ this.sessionIndex = sessionIndex;
+ }
+
+ public SamlExternalIdentityProvider getIdentityProvider()
+ {
+ return identityProvider;
+ }
+
+ public void setIdentityProvider(SamlExternalIdentityProvider identityProvider)
+ {
+ this.identityProvider = identityProvider;
+ }
+
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,7 +27,8 @@
import javax.enterprise.context.SessionScoped;
-import org.jboss.seam.security.external.api.SamlPrincipal;
+import org.jboss.seam.security.external.saml.api.SamlPrincipal;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
/**
* @author Marcel Kolsteren
@@ -38,26 +39,26 @@
{
private static final long serialVersionUID = 6297278286428111620L;
- private Set<SamlSpSession> sessions = new HashSet<SamlSpSession>();
+ private Set<SamlSpSessionImpl> sessions = new HashSet<SamlSpSessionImpl>();
- public void addSession(SamlSpSession session)
+ public void addSession(SamlSpSessionImpl session)
{
sessions.add(session);
}
- public void removeSession(SamlSpSession session)
+ public void removeSession(SamlSpSessionImpl session)
{
sessions.remove(session);
}
- public Set<SamlSpSession> getSessions()
+ public Set<SamlSpSessionImpl> getSessions()
{
return sessions;
}
public SamlSpSession getSession(SamlPrincipal samlPrincipal, String idpEntityId, String sessionIndex)
{
- for (SamlSpSession session : sessions)
+ for (SamlSpSessionImpl session : sessions)
{
if (session.getPrincipal().equals(samlPrincipal) && session.getIdentityProvider().getEntityId().equals(idpEntityId) && session.getSessionIndex().equals(sessionIndex))
{
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -30,17 +30,19 @@
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.SamlNameIdImpl;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.NameIDType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType;
+import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusType;
import org.jboss.seam.security.external.saml.SamlConstants;
import org.jboss.seam.security.external.saml.SamlDialogue;
import org.jboss.seam.security.external.saml.SamlMessageFactory;
import org.jboss.seam.security.external.saml.SamlMessageSender;
import org.jboss.seam.security.external.saml.SamlProfile;
+import org.jboss.seam.security.external.saml.api.SamlNameId;
import org.jboss.seam.security.external.spi.SamlServiceProviderSpi;
/**
@@ -65,7 +67,7 @@
private SamlSpLogoutDialogue samlSpLogoutDialogue;
@Inject
- private Dialogue dialogue;
+ private DialogueBean dialogue;
@Inject
private SamlDialogue samlDialogue;
@@ -84,7 +86,7 @@
SamlExternalIdentityProvider idp = (SamlExternalIdentityProvider) samlDialogue.getExternalProvider();
NameIDType nameIdJaxb = logoutRequest.getNameID();
- SamlNameId samlNameId = new SamlNameId(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());
+ SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier());
removeSessions(samlNameId, idp.getEntityId(), logoutRequest.getSessionIndex());
StatusResponseType statusResponse = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_SUCCESS, null);
@@ -96,13 +98,13 @@
private void removeSessions(SamlNameId nameId, String idpEntityId, List<String> sessionIndexes)
{
- for (SamlSpSession session : samlSpSessions.getSessions())
+ for (SamlSpSessionImpl session : samlSpSessions.getSessions())
{
if (session.getPrincipal().getNameId().equals(nameId) && session.getIdentityProvider().getEntityId().equals(idpEntityId))
{
if (sessionIndexes.size() == 0 || sessionIndexes.contains(session.getSessionIndex()))
{
- samlSpSessions.removeSession(session);
+ samlSpSessions.removeSession((SamlSpSessionImpl) session);
samlServiceProviderSpi.get().loggedOut(session);
}
}
@@ -111,19 +113,25 @@
public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse)
{
- if (statusResponse.getStatus() != null && statusResponse.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS))
+ StatusType status = statusResponse.getStatus();
+ if (status.getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS))
{
samlServiceProviderSpi.get().globalLogoutSucceeded(responseHandler.createResponseHolder(httpResponse));
}
else
{
- String statusCode = statusResponse.getStatus() == null ? "null" : statusResponse.getStatus().getStatusCode().getValue();
- samlServiceProviderSpi.get().globalLogoutFailed(statusCode, responseHandler.createResponseHolder(httpResponse));
+ String statusCodeLevel1 = status.getStatusCode().getValue();
+ String statusCodeLevel2 = null;
+ if (status.getStatusCode().getStatusCode() != null)
+ {
+ statusCodeLevel2 = status.getStatusCode().getStatusCode().getValue();
+ }
+ samlServiceProviderSpi.get().globalLogoutFailed(statusCodeLevel1, statusCodeLevel2, responseHandler.createResponseHolder(httpResponse));
}
dialogue.setFinished(true);
}
- public void sendSingleLogoutRequestToIDP(SamlSpSession session, HttpServletResponse httpResponse)
+ public void sendSingleLogoutRequestToIDP(SamlSpSessionImpl session, HttpServletResponse httpResponse)
{
SamlExternalIdentityProvider idp = session.getIdentityProvider();
LogoutRequestType logoutRequest;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,9 +33,9 @@
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.api.SamlPrincipal;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.SamlNameIdImpl;
+import org.jboss.seam.security.external.SamlPrincipalImpl;
+import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeStatementType;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
@@ -79,7 +79,7 @@
private Instance<SamlEntityBean> samlEntityBean;
@Inject
- private Dialogue dialogue;
+ private DialogueBean dialogue;
@Inject
private SamlMessageSender samlMessageSender;
@@ -104,9 +104,15 @@
}
String statusValue = status.getStatusCode().getValue();
- if (SamlConstants.STATUS_SUCCESS.equals(statusValue) == false)
+ if (!SamlConstants.STATUS_SUCCESS.equals(statusValue))
{
- samlServiceProviderSpi.get().loginFailed(responseHandler.createResponseHolder(httpResponse));
+ String statusCodeLevel1 = statusValue;
+ String statusCodeLevel2 = null;
+ if (status.getStatusCode().getStatusCode() != null)
+ {
+ statusCodeLevel2 = status.getStatusCode().getStatusCode().getValue();
+ }
+ samlServiceProviderSpi.get().loginFailed(statusCodeLevel1, statusCodeLevel2, responseHandler.createResponseHolder(httpResponse));
}
if (!(statusResponse instanceof ResponseType))
@@ -122,7 +128,7 @@
throw new RuntimeException("IDP response does not contain assertions");
}
- SamlSpSession session = createSession(response, idp);
+ SamlSpSessionImpl session = createSession(response, idp);
if (session == null)
{
throw new InvalidRequestException("Not possible to login based on the supplied assertions");
@@ -136,15 +142,15 @@
dialogue.setFinished(true);
}
- private SamlSpSession createSession(ResponseType responseType, SamlExternalIdentityProvider idp)
+ private SamlSpSessionImpl createSession(ResponseType responseType, SamlExternalIdentityProvider idp)
{
- SamlSpSession session = null;
+ SamlSpSessionImpl session = null;
for (Object assertion : responseType.getAssertionOrEncryptedAssertion())
{
if (assertion instanceof AssertionType)
{
- SamlSpSession sessionExtractedFromAssertion = handleAssertion((AssertionType) assertion, idp);
+ SamlSpSessionImpl sessionExtractedFromAssertion = handleAssertion((AssertionType) assertion, idp);
if (session == null)
{
session = sessionExtractedFromAssertion;
@@ -163,7 +169,7 @@
return session;
}
- private SamlSpSession handleAssertion(AssertionType assertion, SamlExternalIdentityProvider idp)
+ private SamlSpSessionImpl handleAssertion(AssertionType assertion, SamlExternalIdentityProvider idp)
{
if (SamlUtils.hasAssertionExpired(assertion))
{
@@ -185,10 +191,10 @@
return null;
}
- SamlPrincipal principal = new SamlPrincipal();
+ SamlPrincipalImpl principal = new SamlPrincipalImpl();
principal.setAssertion(assertion);
- principal.setNameId(new SamlNameId(nameId.getValue(), nameId.getFormat(), nameId.getNameQualifier()));
- SamlSpSession session = new SamlSpSession();
+ principal.setNameId(new SamlNameIdImpl(nameId.getValue(), nameId.getFormat(), nameId.getNameQualifier()));
+ SamlSpSessionImpl session = new SamlSpSessionImpl();
session.setSessionIndex(authnStatement.getSessionIndex());
session.setPrincipal(principal);
session.setIdentityProvider(idp);
@@ -253,7 +259,7 @@
boolean notTooLate = confirmationData.getNotOnOrAfter().compare(SamlUtils.getXMLGregorianCalendarNow()) == DatatypeConstants.GREATER;
- boolean validInResponseTo = confirmationData.getInResponseTo() == null || confirmationData.getInResponseTo().equals(dialogue.getDialogueId());
+ boolean validInResponseTo = confirmationData.getInResponseTo() == null || confirmationData.getInResponseTo().equals(dialogue.getId());
if (validRecipient && notTooLate && validInResponseTo)
{
@@ -277,7 +283,7 @@
}
}
- private void loginUser(HttpServletRequest httpRequest, HttpServletResponse response, SamlSpSession session, boolean unsolicited, String relayState)
+ private void loginUser(HttpServletRequest httpRequest, HttpServletResponse response, SamlSpSessionImpl session, boolean unsolicited, String relayState)
{
samlSpSessions.addSession(session);
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -25,8 +25,9 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi;
-import org.jboss.seam.security.external.api.SamlServiceProviderApi;
+import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
/**
* @author Marcel Kolsteren
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -23,14 +23,25 @@
import java.util.List;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
/**
+ * Interface that needs to be implemented by applications that want to act as an
+ * OpenID Provider. It is the counterpart of the {@link OpenIdProviderApi}.
+ *
+ * Most methods in this interface have a responseHolder parameter, which
+ * contains the HTTP response. This is a way of handing over the control over
+ * the browser to the application. The application is responsible for writing
+ * the response (either a normal HTML response, or an error, or a redirect).
+ * Typically, the application will redirect the user to a URL within the
+ * application.
+ *
* @author Marcel Kolsteren
*
*/
+
public interface OpenIdProviderSpi
{
/**
@@ -51,6 +62,7 @@
* needs to ask the use for her username
* @param immediate if this is true, there must be no interaction with the
* user (silent authentication)
+ * @param responseHolder
*/
void authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder);
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -21,16 +21,48 @@
*/
package org.jboss.seam.security.external.spi;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi;
/**
+ * Interface that needs to be implemented by applications that want to act as an
+ * OpenID Relying Party. It is the counterpart of the
+ * {@link OpenIdRelyingPartyApi}.
+ *
+ * Most methods in this interface have a responseHolder parameter, which
+ * contains the HTTP response. This is a way of handing over the control over
+ * the browser to the application. The application is responsible for writing
+ * the response (either a normal HTML response, or an error, or a redirect).
+ * Typically, the application will redirect the user to a URL within the
+ * application.
+ *
* @author Marcel Kolsteren
*
*/
public interface OpenIdRelyingPartySpi
{
- public void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder);
+ /**
+ * This method is called after successful external authentication of the
+ * user. The principal contains the details about the user. The call takes
+ * place in the same dialogue context as the corresponding API call:
+ * {@link OpenIdRelyingPartyApi#login}. The dialogue can be used, for
+ * example, to store the page that the user requested, so that the user can
+ * be redirected to this page after login took place.
+ *
+ * @param principal principal
+ * @param responseHolder object holding the HTTP servlet response
+ */
+ void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder);
- public void loginFailed(String message, ResponseHolder responseHolder);
+ /**
+ * This method is called after failed external authentication of the user.
+ * The call takes place in the same dialogue context as the corresponding API
+ * call: {@link OpenIdRelyingPartyApi#login}.
+ *
+ * @param message reason why the login failed
+ * @param responseHolder object holding the HTTP servlet response
+ *
+ */
+ void loginFailed(String message, ResponseHolder responseHolder);
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -22,19 +22,81 @@
package org.jboss.seam.security.external.spi;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
/**
+ * Interface that needs to be implemented by applications that want to act as a
+ * SAML identity provider. It is the counterpart of the
+ * {@link SamlIdentityProviderApi}.
+ *
+ * Most methods in this interface have a responseHolder parameter, which
+ * contains the HTTP response. This is a way of handing over the control over
+ * the browser to the application. The application is responsible for writing
+ * the response (either a normal HTML response, or an error, or a redirect).
+ * Typically, the application will redirect the user to a URL within the
+ * application.
+ *
* @author Marcel Kolsteren
*
*/
public interface SamlIdentityProviderSpi
{
- public void authenticate(ResponseHolder responseHolder);
+ /**
+ * This method is called after receipt of an authentication request from a
+ * service provider. Upon receipt of this call, the application should try to
+ * authenticate the user, or, if the user is already logged in, reuse an
+ * existing session of the user. The result of the authentication needs to be
+ * reported back using the API calls
+ * {@link SamlIdentityProviderApi#authenticationSucceeded} or
+ * {@link SamlIdentityProviderApi#authenticationFailed}. Those API calls
+ * should be called in the same dialogue as this SPI call. When redirecting
+ * the user to a page where she can be authenticated, it is convenient to use
+ * {@link ResponseHolder#redirectWithDialoguePropagation(String)}, so that
+ * the current dialogue is automatically propagated to the next request.
+ *
+ * @param responseHolder object holding the HTTP servlet response
+ */
+ void authenticate(ResponseHolder responseHolder);
- public void loggedOut(SamlIdpSession session);
+ /**
+ * When the service provider receives a logout request from a service
+ * provider, this method is called. The implementation of this method must
+ * take for granted that the user has been logged out.
+ *
+ * @param session that has been removed
+ */
+ void loggedOut(SamlIdpSession session);
- public void singleLogoutSucceeded(ResponseHolder responseHolder);
+ /**
+ * This method is the asynchronous callbacks related to
+ * {@link SamlIdentityProviderApi#globalLogout()}. It is called when the
+ * global logout was successful. Before this callback is called, the dialogue
+ * that was active at the time of the API call is restored. An implementation
+ * of this method will typically redirect the user to a page where a message
+ * is shown that the user has been logged out.
+ *
+ * @param responseHolder object holding the HTTP servlet response
+ */
+ void globalLogoutSucceeded(ResponseHolder responseHolder);
- public void singleLogoutFailed(ResponseHolder responseHolder);
+ /**
+ * <p>
+ * This method is one of the asynchronous callbacks related to
+ * {@link SamlIdentityProviderApi#globalLogout}. It is called when the single
+ * logout was unsuccessful. Before this callback is called, the dialogue that
+ * was active at the time of the API call is restored. An implementation of
+ * this method will typically redirect the user to a page where a message is
+ * shown that the user could not be logged out.
+ * </p>
+ *
+ * <p>
+ * The fact that the single logout failed doesn't mean that all parts of the
+ * single logout failed. Possibly only one of the session participants
+ * couldn't perform a successful logout, while the others could.
+ * </p>
+ *
+ * @param responseHolder object holding the HTTP servlet response
+ */
+ void globalLogoutFailed(ResponseHolder responseHolder);
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -22,19 +22,20 @@
package org.jboss.seam.security.external.spi;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
/**
* Interface that needs to be implemented by applications that want to act as a
* SAML service provider. It is the counterpart of the
- * {@link SamlSingleUserServiceProviderApi}.
+ * {@link SamlServiceProviderApi}.
*
- * All methods in this interface are called within an active request scope,
- * which contains a {@link ResponseHolder} bean that contains the HTTP response.
- * The implementations of the methods are responsible to fill this response.
- * Typically, this will entail a redirect to an application page. There is one
- * exception: the implementation of the loggedOut method must not write to the
- * HTTP response.
+ * Most methods in this interface have a responseHolder parameter, which
+ * contains the HTTP response. This is a way of handing over the control over
+ * the browser to the application. The application is responsible for writing
+ * the response (either a normal HTML response, or an error, or a redirect).
+ * Typically, the application will redirect the user to a URL within the
+ * application.
*
* @author Marcel Kolsteren
*
@@ -42,14 +43,15 @@
public interface SamlServiceProviderSpi
{
/**
- * This method is called after succesfull external authentication of the
+ * This method is called after successful external authentication of the
* user. The session contains the details about the user. The call takes
* place in the same dialogue context as the corresponding API call:
- * {@link SamlSingleUserServiceProviderApi#signOn(String)}. The dialogue can
- * be used, for example, to store the page that the user requested, so that
- * the user can be redirected to this page after login took place.
+ * {@link SamlServiceProviderApi#login}. The dialogue can be used, for
+ * example, to store the page that the user requested, so that the user can
+ * be redirected to this page after login took place.
*
* @param session session
+ * @param responseHolder object holding the HTTP servlet response
*/
void loginSucceeded(SamlSpSession session, ResponseHolder responseHolder);
@@ -57,8 +59,17 @@
* This method is called after failed external authentication of the user.
* The call takes place in the same dialogue context as the corresponding API
* call.
+ *
+ * @param statusCodeLevel1 string indicating the top-level reason why the
+ * logout failed (see SAMLv2 core specification, section 3.2.2.2:
+ * top-level status code); it's required (never null)
+ * @param statusCodeLevel2 string indicating the second-level reason why the
+ * logout failed (see SAMLv2 core specification, section 3.2.2.2:
+ * second-level status code); it's optional (can be null)
+ *
+ * @param responseHolder object holding the HTTP servlet response
*/
- void loginFailed(ResponseHolder responseHolder);
+ void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder);
/**
* When the service provider receives an unsolicited login from an identity
@@ -67,27 +78,30 @@
* @param session that has been created for this login
* @param url URL where the user needs to be redirected to; this URL is
* supplied by the identity provider and can be null
+ * @param responseHolder object holding the HTTP servlet response
*/
void loggedIn(SamlSpSession session, String url, ResponseHolder responseHolder);
/**
* This method is the asynchronous callbacks related to
- * {@link SamlSingleUserServiceProviderApi#singleLogout()}. It is called when
- * the single logout was successful. Before this callback is called, the
- * dialogue that was active at the time of the API call is restored. An
- * implementation of this method will typically redirect the user to a page
- * where a message is shown that the user has been logged out.
+ * {@link SamlServiceProviderApi#globalLogout}. It is called when the single
+ * logout was successful. Before this callback is called, the dialogue that
+ * was active at the time of the API call is restored. An implementation of
+ * this method will typically redirect the user to a page where a message is
+ * shown that the user has been logged out.
+ *
+ * @param responseHolder object holding the HTTP servlet response
*/
void globalLogoutSucceeded(ResponseHolder responseHolder);
/**
* <p>
* This method is one of the asynchronous callbacks related to
- * {@link SamlSingleUserServiceProviderApi#singleLogout()}. It is called when
- * the single logout was successful. Before this callback is called, the
- * dialogue that was active at the time of the API call is restored. An
- * implementation of this method will typically redirect the user to a page
- * where a message is shown that the user could not be logged out.
+ * {@link SamlServiceProviderApi#globalLogout}. It is called when the single
+ * logout was unsuccessful. Before this callback is called, the dialogue that
+ * was active at the time of the API call is restored. An implementation of
+ * this method will typically redirect the user to a page where a message is
+ * shown that the user could not be logged out.
* </p>
*
* <p>
@@ -95,15 +109,21 @@
* single logout failed. Possibly only one of the session participants
* couldn't perform a successful logout, while the others could.
* </p>
+ *
+ * @param statusCodeLevel1 string indicating the top-level reason why the
+ * logout failed (see SAMLv2 core specification, section 3.2.2.2:
+ * top-level status code); it's required (never null)
+ * @param statusCodeLevel2 string indicating the second-level reason why the
+ * logout failed (see SAMLv2 core specification, section 3.2.2.2:
+ * second-level status code); it's optional (can be null)
+ * @param responseHolder object holding the HTTP servlet response
*/
- void globalLogoutFailed(String statusCode, ResponseHolder responseHolder);
+ void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder);
/**
* When the service provider receives a logout request from an identity
* provider, this method is called. The implementation of this method must
- * take for granted that the user has been logged off. The HTTP response must
- * not be written during this call, because the service provider will use the
- * HTTP response to send a response to the identity provider.
+ * take for granted that the user has been logged out.
*
* @param session that has been removed
*/
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,27 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.spi;
-
-public class SamlSingleUserServiceProviderSpi
-{
-
-}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.virtualapplications;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationManagerCreation;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class AfterVirtualApplicationManagerCreationEvent implements AfterVirtualApplicationManagerCreation
+{
+ private Set<String> hostNames = new HashSet<String>();
+
+ public void addVirtualApplication(String hostName)
+ {
+ hostNames.add(hostName);
+ }
+
+ public Set<String> getHostNames()
+ {
+ return hostNames;
+ }
+
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.virtualapplications;
+
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication;
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+ at VirtualApplicationScoped
+public class VirtualApplicationBean implements VirtualApplication
+{
+ private String hostName;
+
+ public String getHostName()
+ {
+ return hostName;
+ }
+
+ public void setHostName(String hostName)
+ {
+ this.hostName = hostName;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -33,9 +33,6 @@
import javax.servlet.ServletRequestEvent;
import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation;
-import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationManagerCreation;
-import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationsCreation;
-import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication;
import org.jboss.seam.servlet.event.qualifier.Destroyed;
import org.jboss.seam.servlet.event.qualifier.Initialized;
import org.slf4j.Logger;
@@ -54,7 +51,7 @@
private VirtualApplicationContextExtension virtualApplicationContextExtension;
@Inject
- private Instance<VirtualApplication> virtualApplication;
+ private Instance<VirtualApplicationBean> virtualApplication;
@Inject
private BeanManager beanManager;
@@ -66,7 +63,7 @@
log.trace("Servlet initialized with event {}", e);
getVirtualApplicationContext().initialize(e.getServletContext());
- AfterVirtualApplicationManagerCreation afterVirtualApplicationManagerCreation = new AfterVirtualApplicationManagerCreation();
+ AfterVirtualApplicationManagerCreationEvent afterVirtualApplicationManagerCreation = new AfterVirtualApplicationManagerCreationEvent();
beanManager.fireEvent(afterVirtualApplicationManagerCreation);
for (String hostName : afterVirtualApplicationManagerCreation.getHostNames())
@@ -77,7 +74,6 @@
beanManager.fireEvent(new AfterVirtualApplicationCreation());
getVirtualApplicationContext().detach();
}
- beanManager.fireEvent(new AfterVirtualApplicationsCreation());
}
protected void servletDestroyed(@Observes @Destroyed final ServletContextEvent e)
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -22,6 +22,9 @@
package org.jboss.seam.security.external.virtualapplications.api;
/**
+ * Event that is fired after a virtual application has been created. For details
+ * about how to use this event, refer to {@link VirtualApplicationScoped}.
+ *
* @author Marcel Kolsteren
*
*/
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -21,30 +21,16 @@
*/
package org.jboss.seam.security.external.virtualapplications.api;
-import java.util.HashSet;
-import java.util.Set;
-
/**
+ * Event that is fired after the virtual application manager has been created.
+ * Observers to this event can add virtual applications to the environment. For
+ * details about how to use this event, refer to
+ * {@link VirtualApplicationScoped}.
+ *
* @author Marcel Kolsteren
*
*/
-public class AfterVirtualApplicationManagerCreation
+public interface AfterVirtualApplicationManagerCreation
{
- private Set<String> hostNames = new HashSet<String>();
-
- public void addVirtualApplication(String hostName)
- {
- hostNames.add(hostName);
- }
-
- public Set<String> getHostNames()
- {
- return hostNames;
- }
-
- public void setHostNames(Set<String> hostNames)
- {
- this.hostNames = hostNames;
- }
-
+ void addVirtualApplication(String hostName);
}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -1,31 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.virtualapplications.api;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class AfterVirtualApplicationsCreation
-{
-
-}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -22,21 +22,15 @@
package org.jboss.seam.security.external.virtualapplications.api;
/**
+ * This virtual application scoped bean is automatically created in the virtual
+ * application scope as soon as the virtual application is created. It can be
+ * used to get virtual application properties. For background about the virtual
+ * application scope, see {@link VirtualApplication}.
+ *
* @author Marcel Kolsteren
*
*/
- at VirtualApplicationScoped
-public class VirtualApplication
+public interface VirtualApplication
{
- private String hostName;
-
- public String getHostName()
- {
- return hostName;
- }
-
- public void setHostName(String hostName)
- {
- this.hostName = hostName;
- }
+ String getHostName();
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -30,6 +30,59 @@
import javax.enterprise.context.NormalScope;
/**
+ * <p>
+ * The virtual application scope corresponds to a part of the application that
+ * serves a certain host name. It can be used for situations where a single
+ * application is used by different companies, each accessing the application
+ * using a host name that is part of the company's internet domain name. It is
+ * comparable to virtual hosting mechanisms that can be used to share one
+ * webserver with one IP-address by multiple companies.
+ * </p>
+ *
+ * <p>
+ * In the application context, one stores the configuration or data that is
+ * specific for one company using the application. In the context of Seam
+ * security, the virtual application context can be used to store the
+ * configuration of an OpenID or SAML entity that is specific for one
+ * hostName/company.
+ * </p>
+ *
+ * <p>
+ * Virtual applications need to be configured by adding the following observer
+ * to your application:
+ *
+ * <pre>
+ * public void virtualApplicationManagerCreated(@Observes final AfterVirtualApplicationManagerCreation event)
+ * {
+ * event.addVirtualApplication("www.company1.com");
+ * event.addVirtualApplication("www.company2.com");
+ * }
+ * </pre>
+ *
+ * </p>
+ *
+ * <p>
+ * If you need to configure an application scoped bean, for example a SAML
+ * service provider bean that is scoped to the virtual application context, you
+ * should do that by reacting on the {@link VirtualApplicationCreated} event,
+ * which is fired for each configured virtual application at application startup
+ * time. For example:
+ *
+ * <pre>
+ * public void customize(@Observes AfterVirtualApplicationCreation event, SamlServiceProviderConfigurationApi sp, VirtualApplication virtualApplication)
+ * {
+ * if (virtualApplication.getHostName().equals("www.sp2.com"))
+ * {
+ * sp.setPreferredBinding(SamlBinding.HTTP_Redirect);
+ * }
+ * sp.setSingleLogoutMessagesSigned(false);
+ * sp.setProtocol("http");
+ * sp.setPort(8080);
+ * }
+ * </pre>
+ *
+ * </p>
+ *
* @author Marcel Kolsteren
*
*/
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class OpCustomizer
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -29,11 +29,11 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.OpenIdProviderApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
+import org.jboss.seam.security.external.openid.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
import com.google.common.collect.Lists;
@@ -79,7 +79,7 @@
{
writeMessageToResponse("Please provide the password for " + userName + ".", responseHolder);
}
- dialogueId = dialogue.getDialogueId();
+ dialogueId = dialogue.getId();
}
private void writeMessageToResponse(String message, ResponseHolder responseHolder)
@@ -102,6 +102,6 @@
public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder)
{
writeMessageToResponse("Please provide your " + requestedAttributes.get(0).getAlias() + ".", responseHolder);
- dialogueId = dialogue.getDialogueId();
+ dialogueId = dialogue.getId();
}
}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -26,11 +26,11 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi;
-import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.api.ResponseHolder;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
import com.google.common.collect.Lists;
@@ -45,7 +45,7 @@
{
if (fetchEmail)
{
- OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1);
+ OpenIdRequestedAttribute requestedAttribute = rpApi.createOpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1);
rpApi.login(identifier, Lists.newArrayList(requestedAttribute), response);
}
else
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class RpCustomizer
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -24,7 +24,7 @@
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
-import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
import org.jboss.seam.servlet.event.qualifier.Initialized;
public class IdpCustomizer
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -28,13 +28,12 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
+import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi;
-import org.jboss.seam.security.external.api.SamlNameId;
-import org.jboss.seam.security.external.dialogues.DialogueManager;
import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
-import org.jboss.seam.security.external.saml.idp.SamlIdpSession;
+import org.jboss.seam.security.external.saml.api.SamlIdpSession;
import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi;
import org.slf4j.Logger;
@@ -57,7 +56,7 @@
public void authenticate(ResponseHolder responseHolder)
{
- dialogueId = dialogue.getDialogueId();
+ dialogueId = dialogue.getId();
try
{
responseHolder.getResponse().getWriter().print("Please login");
@@ -70,7 +69,7 @@
public void handleLogin(String userName, HttpServletResponse response)
{
- SamlIdpSession session = idpApi.get().localLogin(new SamlNameId(userName, null, null), null);
+ SamlIdpSession session = idpApi.get().localLogin(idpApi.get().createNameId(userName, null, null), null);
dialogueManager.attachDialogue(dialogueId);
idpApi.get().authenticationSucceeded(session, response);
dialogueManager.detachDialogue();
@@ -81,7 +80,7 @@
return idpApi.get().getSessions().size();
}
- public void singleLogoutFailed(ResponseHolder responseHolder)
+ public void globalLogoutFailed(ResponseHolder responseHolder)
{
try
{
@@ -93,7 +92,7 @@
}
}
- public void singleLogoutSucceeded(ResponseHolder responseHolder)
+ public void globalLogoutSucceeded(ResponseHolder responseHolder)
{
try
{
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -27,10 +27,10 @@
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
+import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi;
import org.jboss.seam.security.external.api.ResponseHolder;
-import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
-import org.jboss.seam.security.external.saml.sp.SamlSpSession;
+import org.jboss.seam.security.external.saml.api.SamlSpSession;
import org.jboss.seam.security.external.spi.SamlServiceProviderSpi;
import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
import org.slf4j.Logger;
@@ -50,7 +50,7 @@
spApi.get().login(idpEntityId, response);
}
- public void loginFailed(ResponseHolder responseHolder)
+ public void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder)
{
writeMessageToResponse("login failed", responseHolder);
}
@@ -60,7 +60,7 @@
writeMessageToResponse("Login succeeded (" + session.getPrincipal().getNameId().getValue() + ")", responseHolder);
}
- public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder)
+ public void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder)
{
writeMessageToResponse("Single logout failed", responseHolder);
}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773)
@@ -23,8 +23,8 @@
import javax.enterprise.event.Observes;
-import org.jboss.seam.security.external.api.SamlBinding;
-import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi;
+import org.jboss.seam.security.external.saml.api.SamlBinding;
+import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi;
import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation;
import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication;
@@ -32,7 +32,7 @@
{
public void customize(@Observes AfterVirtualApplicationCreation event, SamlServiceProviderConfigurationApi sp, VirtualApplication virtualApplication)
{
- if (virtualApplication.equals("www.sp2.com"))
+ if (virtualApplication.getHostName().equals("www.sp2.com"))
{
sp.setPreferredBinding(SamlBinding.HTTP_Redirect);
}
More information about the seam-commits
mailing list