jboss-identity-commits
August 2009
jboss-identity-commits@lists.jboss.org
- 1 participants
- 78 discussions
JBoss Identity SVN: r704 - in identity-federation/trunk: jboss-identity-bindings and 8 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-14 01:13:52 -0400 (Fri, 14 Aug 2009)
New Revision: 704
Added:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/HTTPRedirectUtil.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
identity-federation/trunk/jboss-…
[View More]identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingSignatureUtil.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingUtil.java
Removed:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/HTTPRedirectUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/PostBindingUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java
Modified:
identity-federation/trunk/jboss-identity-bindings/pom.xml
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
identity-federation/trunk/jboss-identity-seam/pom.xml
identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java
identity-federation/trunk/pom.xml
Log:
refactor the util classes out of bindings
Modified: identity-federation/trunk/jboss-identity-bindings/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-08-14 05:13:52 UTC (rev 704)
@@ -113,6 +113,11 @@
<version>${project.version}</version>
</dependency>
<dependency>
+ <groupId>org.jboss.identity</groupId>
+ <artifactId>jboss-identity-web</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -49,8 +49,8 @@
import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
-import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
+import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -47,7 +47,7 @@
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -48,7 +48,8 @@
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.IDPWebRequestUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
@@ -229,6 +230,9 @@
AuthnRequestType art = (AuthnRequestType) requestAbstractType;
destination = art.getAssertionConsumerServiceURL();
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getResponse(destination,
userPrincipal, roles,
@@ -237,6 +241,10 @@
catch (IssuerNotTrustedException e)
{
log.trace(e);
+
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
@@ -245,6 +253,9 @@
catch (ParsingException e)
{
log.trace(e);
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
@@ -253,6 +264,9 @@
catch (ConfigurationException e)
{
log.trace(e);
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
@@ -261,6 +275,9 @@
catch (IssueInstantMissingException e)
{
log.trace(e);
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
@@ -269,6 +286,10 @@
catch(GeneralSecurityException e)
{
log.trace(e);
+
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
samlResponse =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
@@ -278,6 +299,9 @@
{
try
{
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
if(this.signOutgoingMessages)
webRequestUtil.send(samlResponse, destination,relayState, response, true,
this.keyManager.getSigningKey());
@@ -322,6 +346,9 @@
this.identityURL, this.signOutgoingMessages);
try
{
+ if(webRequestUtil.hasSAMLRequestInPostProfile())
+ recycle(response);
+
if(this.signOutgoingMessages)
webRequestUtil.send(samlResponse, referrer, relayState, response, true,
this.keyManager.getSigningKey());
@@ -521,4 +548,15 @@
this.sigAlg = alg;
}
}
+
+ private void recycle(Response response)
+ {
+ /**
+ * Since the container finished authentication, it will try to locate
+ * index.jsp or index.html. We need to recycle whatever is in the
+ * response object such that we direct it to the html that is being
+ * created as part of the HTTP/POST binding
+ */
+ response.recycle();
+ }
}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -1,442 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.tomcat.idp;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.StringWriter;
-import java.net.URLEncoder;
-import java.security.GeneralSecurityException;
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.util.List;
-import java.util.StringTokenizer;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.xml.bind.JAXBException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
-
-import org.apache.catalina.connector.Response;
-import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
-import org.jboss.identity.federation.web.config.IDPType;
-import org.jboss.identity.federation.web.config.TrustType;
-import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
-import org.jboss.identity.federation.bindings.util.PostBindingUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
-import org.jboss.identity.federation.bindings.util.ValveUtil;
-import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-import org.jboss.identity.federation.core.exceptions.ParsingException;
-import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
-import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
-import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
-import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
-import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
-import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
-
-/**
- * Request Util
- * <b> Not thread safe</b>
- * @author Anil.Saldhana(a)redhat.com
- * @since May 18, 2009
- */
-public class IDPWebRequestUtil
-{
- private static Logger log = Logger.getLogger(IDPWebRequestUtil.class);
-
- private boolean redirectProfile = false;
- private boolean postProfile = false;
-
- private IDPType idpConfiguration;
- private TrustKeyManager keyManager;
-
- public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym)
- {
- this.idpConfiguration = idp;
- this.keyManager = keym;
- this.redirectProfile = "GET".equals(request.getMethod());
- this.postProfile = "POST".equals(request.getMethod());
- }
-
- public boolean hasSAMLRequestInRedirectProfile()
- {
- return redirectProfile;
- }
-
- public boolean hasSAMLRequestInPostProfile()
- {
- return postProfile;
- }
-
- public RequestAbstractType getSAMLRequest(String samlMessage)
- throws ParsingException, IOException
- {
- InputStream is = null;
- SAML2Request saml2Request = new SAML2Request();
- if(redirectProfile)
- {
- is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
- }
- else
- {
- byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage);
- log.trace("SAMLRequest=" + new String(samlBytes));
- is = new ByteArrayInputStream(samlBytes);
- }
- return saml2Request.getRequestType(is);
- }
-
-
- public Document getResponse( String assertionConsumerURL,
- Principal userPrincipal,
- List<String> roles,
- String identityURL,
- long assertionValidity,
- boolean supportSignature)
- throws ConfigurationException, IssueInstantMissingException
- {
- Document samlResponseDocument = null;
-
- log.trace("AssertionConsumerURL=" + assertionConsumerURL +
- "::assertion validity=" + assertionValidity);
- ResponseType responseType = null;
-
- SAML2Response saml2Response = new SAML2Response();
-
- //Create a response type
- String id = IDGenerator.create("ID_");
-
- IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
- issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
-
- IDPInfoHolder idp = new IDPInfoHolder();
- idp.setNameIDFormatValue(userPrincipal.getName());
- idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
-
- SPInfoHolder sp = new SPInfoHolder();
- sp.setResponseDestinationURI(assertionConsumerURL);
- responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
-
-
- //Add information on the roles
- AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
-
- AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
-
- //Add timed conditions
- saml2Response.createTimedConditions(assertion, assertionValidity);
-
- //Lets see how the response looks like
- if(log.isTraceEnabled())
- {
- StringWriter sw = new StringWriter();
- try
- {
- saml2Response.marshall(responseType, sw);
- }
- catch (JAXBException e)
- {
- log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
- log.trace("Response="+sw.toString());
- }
-
- log.trace("Support Sig=" + supportSignature + " ::Post Profile?=" + hasSAMLRequestInPostProfile());
- if(supportSignature && hasSAMLRequestInPostProfile())
- {
- try
- {
- SAML2Signature saml2Signature = new SAML2Signature();
- samlResponseDocument = saml2Signature.sign(responseType, keyManager.getSigningKeyPair());
- }
- catch (Exception e)
- {
- log.trace(e);
- }
- }
- else
- try
- {
- samlResponseDocument = saml2Response.convert(responseType);
- }
- catch (Exception e)
- {
- log.trace(e);
- }
-
- return samlResponseDocument;
- }
-
-
-
- /**
- * Verify that the issuer is trusted
- * @param issuer
- * @throws IssuerNotTrustedException
- */
- public void isTrusted(String issuer) throws IssuerNotTrustedException
- {
- try
- {
- String issuerDomain = ValveUtil.getDomain(issuer);
- TrustType idpTrust = idpConfiguration.getTrust();
- if(idpTrust != null)
- {
- String domainsTrusted = idpTrust.getDomains();
- log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain);
- if(domainsTrusted.indexOf(issuerDomain) < 0)
- {
- //Let us do string parts checking
- StringTokenizer st = new StringTokenizer(domainsTrusted, ",");
- while(st != null && st.hasMoreTokens())
- {
- String uriBit = st.nextToken();
- log.trace("Matching uri bit="+ uriBit);
- if(issuerDomain.indexOf(uriBit) > 0)
- {
- log.trace("Matched " + uriBit + " trust for " + issuerDomain );
- return;
- }
- }
- throw new IssuerNotTrustedException(issuer);
- }
- }
- }
- catch (Exception e)
- {
- throw new IssuerNotTrustedException(e.getLocalizedMessage(),e);
- }
- }
-
- /**
- * Send a response
- * @param responseDoc
- * @param relayState
- * @param response
- * @throws IOException
- * @throws GeneralSecurityException
- */
- public void send(Document responseDoc, String destination,
- String relayState,
- Response response,
- boolean supportSignature,
- PrivateKey signingKey) throws IOException, GeneralSecurityException
- {
- if(responseDoc == null)
- throw new IllegalArgumentException("responseType is null");
-
- byte[] responseBytes = null;
- try
- {
- responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");
- }
- catch (TransformerFactoryConfigurationError e)
- {
- log.trace(e);
- }
- catch (TransformerException e)
- {
- log.trace(e);
- }
-
- if(redirectProfile)
- {
- String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseBytes);
-
- log.trace("IDP:Destination=" + destination);
-
- if(relayState != null && relayState.length() > 0)
- relayState = RedirectBindingUtil.urlEncode(relayState);
-
- String finalDest = destination + getDestination(urlEncodedResponse, relayState,
- supportSignature);
- log.trace("Redirecting to="+ finalDest);
- HTTPRedirectUtil.sendRedirectForResponder(finalDest, response);
- }
- else
- {
- /**
- * Since the container finished authentication, it will try to locate
- * index.jsp or index.html. We need to recycle whatever is in the
- * response object such that we direct it to the html that is being
- * created as part of the HTTP/POST binding
- */
- response.recycle();
-
- String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes));
-
-
- PostBindingUtil.sendPost(new DestinationInfoHolder(destination,
- samlResponse, relayState), response, false);
- }
- }
-
- /**
- * Generate a Destination URL for the HTTPRedirect binding
- * with the saml response and relay state
- * @param urlEncodedResponse
- * @param urlEncodedRelayState
- * @return
- */
- public String getDestination(String urlEncodedResponse, String urlEncodedRelayState,
- boolean supportSignature)
- {
- StringBuilder sb = new StringBuilder();
- sb.append("?");
-
- if(redirectProfile)
- {
- if(supportSignature)
- {
- try
- {
- sb.append(RedirectBindingSignatureUtil.getSAMLResponseURLWithSignature(urlEncodedResponse,
- urlEncodedRelayState, keyManager.getSigningKey()));
- }
- catch (Exception e)
- {
- log.trace(e);
- }
- }
- else
- {
- sb.append("?SAMLResponse=").append(urlEncodedResponse);
- if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
- sb.append("&RelayState=").append(urlEncodedRelayState);
- }
- return sb.toString();
-
- }
- return null;
- }
-
- /**
- * Create an Error Response
- * @param responseURL
- * @param status
- * @param identityURL
- * @param supportSignature
- * @return
- * @throws ConfigurationException
- */
- public Document getErrorResponse(String responseURL, String status,
- String identityURL, boolean supportSignature)
- {
- Document samlResponse = null;
- ResponseType responseType = null;
-
- SAML2Response saml2Response = new SAML2Response();
-
- //Create a response type
- String id = IDGenerator.create("ID_");
-
- IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
- issuerHolder.setStatusCode(status);
-
- IDPInfoHolder idp = new IDPInfoHolder();
- idp.setNameIDFormatValue(null);
- idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
-
- SPInfoHolder sp = new SPInfoHolder();
- sp.setResponseDestinationURI(responseURL);
- try
- {
- responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
- }
- catch (ConfigurationException e1)
- {
- log.trace(e1);
- responseType = saml2Response.createResponseType();
- }
-
- log.debug("Error_ResponseType = ");
- //Lets see how the response looks like
- if(log.isTraceEnabled())
- {
- StringWriter sw = new StringWriter();
- try
- {
- saml2Response.marshall(responseType, sw);
- }
- catch (JAXBException e)
- {
- log.trace(e);
- }
- catch (SAXException e)
- {
- log.trace(e);
- }
- log.trace("Response="+sw.toString());
- }
-
- if(supportSignature)
- {
- try
- {
- //SigAlg
- String algo = keyManager.getSigningKey().getAlgorithm();
- String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
-
- sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
-
- SAML2Signature ss = new SAML2Signature();
- samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair());
- }
- catch (Exception e)
- {
- log.trace(e);
- }
- }
- else
- try
- {
- samlResponse = saml2Response.convert(responseType);
- }
- catch (Exception e)
- {
- log.trace(e);
- }
-
- return samlResponse;
- }
-}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -46,7 +46,7 @@
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
-import org.jboss.identity.federation.bindings.util.PostBindingUtil;
+import org.jboss.identity.federation.web.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -42,7 +42,7 @@
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
-import org.jboss.identity.federation.bindings.util.PostBindingUtil;
+import org.jboss.identity.federation.web.util.PostBindingUtil;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -46,8 +46,8 @@
import org.jboss.identity.federation.api.util.DeflateUtil;
import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
-import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
+import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -39,7 +39,7 @@
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/HTTPRedirectUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/HTTPRedirectUtil.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/HTTPRedirectUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -1,75 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.util;
-
-import java.io.IOException;
-
-import javax.servlet.http.HttpServletResponse;
-
-
-/**
- * Utility Class for http/redirect
- * @author Anil.Saldhana(a)redhat.com
- * @since Dec 15, 2008
- */
-public class HTTPRedirectUtil
-{
- /**
- * Send the response to the redirected destination while
- * adding the character encoding of "UTF-8" as well as
- * adding headers for cache-control and Pragma
- * @param destination Destination URI where the response needs to redirect
- * @param response HttpServletResponse
- * @throws IOException
- */
- public static void sendRedirectForRequestor(String destination, HttpServletResponse response)
- throws IOException
- {
- common(destination, response);
- response.setHeader("Cache-Control", "no-cache, no-store");
- sendRedirect(response,destination);
- }
-
- /**
- * @see #sendRedirectForRequestor(String, HttpServletResponse)
- */
- public static void sendRedirectForResponder(String destination, HttpServletResponse response)
- throws IOException
- {
- common(destination, response);
- response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate,private");
- sendRedirect(response,destination);
- }
-
- private static void common(String destination, HttpServletResponse response)
- {
- response.setCharacterEncoding("UTF-8");
- response.setHeader("Location", destination);
- response.setHeader("Pragma", "no-cache");
- }
-
- private static void sendRedirect(HttpServletResponse response, String destination) throws IOException
- {
- response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
- response.sendRedirect(destination);
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/PostBindingUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/PostBindingUtil.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/PostBindingUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -1,108 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.util;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.util.Base64;
-import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
-
-/**
- * Utility for the HTTP/Post binding
- * @author Anil.Saldhana(a)redhat.com
- * @since May 22, 2009
- */
-public class PostBindingUtil
-{
- private static Logger log = Logger.getLogger(PostBindingUtil.class);
-
- public static String base64Encode(String stringToEncode) throws IOException
- {
- return Base64.encodeBytes(stringToEncode.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
- }
-
- public static byte[] base64Decode(String encodedString)
- {
- return Base64.decode(encodedString);
- }
-
- /**
- * Send the response to the redirected destination while
- * adding the character encoding of "UTF-8" as well as
- * adding headers for cache-control and Pragma
- * @param destination Destination URI where the response needs to redirect
- * @param response HttpServletResponse
- * @throws IOException
- */
- public static void sendPost(DestinationInfoHolder holder,
- HttpServletResponse response,
- boolean sendToIDP)
- throws IOException
- {
- String key = sendToIDP ? "SAMLRequest" : "SAMLResponse";
-
- String relayState = holder.getRelayState();
- String destination = holder.getDestination();
- String samlMessage = holder.getSamlMessage();
-
- response.setContentType("text/html");
- PrintWriter out = response.getWriter();
- common(holder.getDestination(), response);
- StringBuilder builder = new StringBuilder();
-
- builder.append("<HTML>");
- builder.append("<HEAD>");
- if(sendToIDP)
- builder.append("<TITLE>HTTP Post Binding To Identity Provider</TITLE>");
- else
- builder.append("<TITLE>HTTP Post Binding Response To Service Provider</TITLE>");
-
- builder.append("</HEAD>");
- builder.append("<BODY Onload=\"document.forms[0].submit()\">");
-
- builder.append("<FORM METHOD=\"POST\" ACTION=\"" + destination + "\">");
- builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\""+ key +"\"" + " VALUE=\"" + samlMessage
- + "\"/>");
- if (relayState != null && relayState.length() > 0)
- {
- builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\"RelayState\" " +
- "VALUE=\"" + relayState + "\"/>");
- }
- builder.append("</FORM></BODY></HTML>");
-
- String str = builder.toString();
- log.debug(str);
- out.println(str);
- out.close();
- }
-
- private static void common(String destination, HttpServletResponse response)
- {
- response.setCharacterEncoding("UTF-8");
- response.setHeader("Pragma", "no-cache");
- response.setHeader("Cache-Control", "no-cache, no-store");
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -1,348 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.util;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-import java.security.GeneralSecurityException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import javax.xml.bind.JAXBException;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
-
-import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-import org.jboss.identity.federation.core.exceptions.ParsingException;
-import org.jboss.identity.federation.core.exceptions.ProcessingException;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
-import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
-import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
-import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
-
-
-/**
- * Signature Support for the HTTP/Redirect binding
- * @author Anil.Saldhana(a)redhat.com
- * @since Dec 16, 2008
- */
-public class RedirectBindingSignatureUtil
-{
- /**
- * Get the URL for the SAML request that contains the signature and signature algorithm
- * @param authRequest
- * @param relayState
- * @param signingKey
- * @return
- * @throws JAXBException
- * @throws SAXException
- * @throws IOException
- * @throws GeneralSecurityException
- */
- public static String getSAMLRequestURLWithSignature(AuthnRequestType authRequest, String relayState,
- PrivateKey signingKey) throws SAXException, JAXBException, IOException, GeneralSecurityException
- {
- SAML2Request saml2Request = new SAML2Request();
-
- // Deal with the original request
- StringWriter sw = new StringWriter();
- saml2Request.marshall(authRequest, sw);
-
- //URL Encode the Request
- String urlEncodedRequest = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());
-
- String urlEncodedRelayState = null;
- if(relayState != null && relayState.length() > 0 )
- urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8");
-
- byte[] sigValue = computeSignature("SAMLRequest=" + urlEncodedRequest, urlEncodedRelayState, signingKey);
-
- //Now construct the URL
- return getRequestRedirectURLWithSignature(urlEncodedRequest, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
- }
-
- /**
- * Get the URL for the SAML request that contains the signature and signature algorithm
- * @param responseType
- * @param relayState
- * @param signingKey
- * @return
- * @throws IOException
- * @throws GeneralSecurityException
- */
- public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState,
- PrivateKey signingKey) throws IOException, GeneralSecurityException
- {
- SAML2Response saml2Response = new SAML2Response();
-
- Document responseDoc = null;
-
- try
- {
- responseDoc = saml2Response.convert(responseType);
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
- catch (ParserConfigurationException e)
- {
- throw new ParsingException(e);
- }
-
- //URL Encode the Request
- String responseString;
- try
- {
- responseString = DocumentUtil.getDocumentAsString(responseDoc);
- }
- catch (TransformerFactoryConfigurationError e)
- {
- throw new ConfigurationException(e);
- }
- catch (TransformerException e)
- {
- throw new ProcessingException(e);
- }
-
- String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString);
-
- String urlEncodedRelayState = null;
- if(relayState != null && relayState.length() > 0 )
- urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8");
-
- byte[] sigValue = computeSignature("SAMLResponse=" + urlEncodedResponse, urlEncodedRelayState, signingKey);
-
- //Now construct the URL
- return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
- }
-
- /**
- * Given an url-encoded saml request and relay state and a private key, compute the url
- * @param urlEncodedRequest
- * @param urlEncodedRelayState
- * @param signingKey
- * @return
- * @throws GeneralSecurityException
- * @throws IOException
- */
- public static String getSAMLRequestURLWithSignature(String urlEncodedRequest, String urlEncodedRelayState,
- PrivateKey signingKey) throws IOException, GeneralSecurityException
- {
- byte[] sigValue = computeSignature("SAMLRequest=" + urlEncodedRequest, urlEncodedRelayState, signingKey);
- return getRequestRedirectURLWithSignature(urlEncodedRequest, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
- }
-
- /**
- * Given an url-encoded saml response and relay state and a private key, compute the url
- * @param urlEncodedResponse
- * @param urlEncodedRelayState
- * @param signingKey
- * @return
- * @throws GeneralSecurityException
- * @throws IOException
- */
- public static String getSAMLResponseURLWithSignature(String urlEncodedResponse, String urlEncodedRelayState,
- PrivateKey signingKey) throws IOException, GeneralSecurityException
- {
- byte[] sigValue = computeSignature("SAMLResponse=" + urlEncodedResponse, urlEncodedRelayState, signingKey);
- return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
- }
-
- /**
- * From the SAML Request URL, get the Request object
- * @param signedURL
- * @return
- * @throws IOException
- * @throws SAXException
- * @throws JAXBException
- */
- public static AuthnRequestType getRequestFromSignedURL(String signedURL)
- throws JAXBException, SAXException, IOException
- {
- String samlRequestTokenValue = getTokenValue(signedURL, "SAMLRequest");
-
- SAML2Request saml2Request = new SAML2Request();
- return saml2Request.getAuthnRequestType(RedirectBindingUtil.urlBase64DeflateDecode(samlRequestTokenValue));
- }
-
- /**
- * Get the signature value from the url
- * @param signedURL
- * @return
- * @throws IOException
- */
- public static byte[] getSignatureValueFromSignedURL(String signedURL) throws IOException
- {
- String sigValueTokenValue = getTokenValue(signedURL,"Signature");
- if(sigValueTokenValue == null)
- throw new IllegalArgumentException("Signature Token is not present");
- return RedirectBindingUtil.urlBase64Decode(sigValueTokenValue);
- }
-
-
- /**
- * From the query string that contains key/value pairs, get the value of a key
- * <b>Note:</b> if the token is null, a null value is returned
- * @param queryString
- * @param token
- * @return
- */
- public static String getTokenValue(String queryString, String token)
- {
- return getTokenValue(getToken(queryString, token));
- }
-
- public static boolean validateSignature(String queryString,
- PublicKey validatingKey, byte[] sigValue ) throws UnsupportedEncodingException, GeneralSecurityException
- {
- //Construct the url again
- String reqFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "SAMLRequest");
- String relayStateFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "RelayState");
- String sigAlgFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "SigAlg");
-
- StringBuilder sb = new StringBuilder();
- sb.append("SAMLRequest=").append(reqFromURL);
-
- if(relayStateFromURL != null && relayStateFromURL.length() > 0)
- {
- sb.append("&RelayState=").append(relayStateFromURL);
- }
- sb.append("&SigAlg=").append(sigAlgFromURL);
-
-
- return SignatureUtil.validate(sb.toString().getBytes("UTF-8"), sigValue, validatingKey);
- }
-
- //***************** Private Methods **************
-
- private static byte[] computeSignature(
- String requestOrResponseKeyValuePair, String urlEncodedRelayState,
- PrivateKey signingKey) throws IOException, GeneralSecurityException
- {
- StringBuilder sb = new StringBuilder();
- sb.append(requestOrResponseKeyValuePair);
- if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
- {
- sb.append("&RelayState=").append(urlEncodedRelayState);
- }
- //SigAlg
- String algo = signingKey.getAlgorithm();
- String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
-
- sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
-
- sb.append("&SigAlg=").append(sigAlg);
-
- byte[] sigValue = SignatureUtil.sign(sb.toString(), signingKey);
-
- return sigValue;
- }
-
- private static String getRequestRedirectURLWithSignature(
- String urlEncodedRequest, String urlEncodedRelayState, byte[] signature, String sigAlgo)
- throws IOException
- {
- StringBuilder sb = new StringBuilder();
- sb.append("SAMLRequest=").append(urlEncodedRequest);
- if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
- {
- sb.append("&").append("RelayState=").append(urlEncodedRelayState);
- }
- //SigAlg
- String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(sigAlgo);
-
- sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
-
- sb.append("&").append("SigAlg=").append(sigAlg);
-
- //Encode the signature value
- String encodedSig = RedirectBindingUtil.base64URLEncode(signature);
-
- sb.append("&").append("Signature=").append(encodedSig);
-
- return sb.toString();
- }
-
- private static String getResponseRedirectURLWithSignature(
- String urlEncodedResponse, String urlEncodedRelayState, byte[] signature, String sigAlgo)
- throws IOException
- {
- StringBuilder sb = new StringBuilder();
- sb.append("SAMLResponse=").append(urlEncodedResponse);
- if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
- {
- sb.append("&").append("RelayState=").append(urlEncodedRelayState);
- }
- //SigAlg
- String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(sigAlgo);
-
- sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
-
- sb.append("&").append("SigAlg=").append(sigAlg);
-
- //Encode the signature value
- String encodedSig = RedirectBindingUtil.base64URLEncode(signature);
-
- sb.append("&").append("Signature=").append(encodedSig);
-
- return sb.toString();
- }
-
- private static String getToken(String queryString, String token)
- {
- if(queryString == null)
- throw new IllegalArgumentException("queryString is null");
-
- token += "=";
-
- int start = queryString.indexOf(token);
- if(start < 0)
- return null;
-
- int end = queryString.indexOf("&",start);
-
- if(end == -1)
- return queryString.substring(start);
-
- return queryString.substring(start,end);
- }
-
- private static String getTokenValue(String token)
- {
- if(token == null)
- return token;
-
- int eq = token.indexOf('=');
- if(eq == -1)
- return token;
- else
- return token.substring(eq + 1);
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -1,130 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.util;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URLDecoder;
-import java.net.URLEncoder;
-
-import org.jboss.identity.federation.api.util.Base64;
-import org.jboss.identity.federation.api.util.DeflateUtil;
-
-/**
- * Utility class for SAML HTTP/Redirect binding
- * @author Anil.Saldhana(a)redhat.com
- * @since Jan 14, 2009
- */
-public class RedirectBindingUtil
-{
- /**
- * URL encode the string
- * @param str
- * @return
- * @throws IOException
- */
- public static String urlEncode(String str) throws IOException
- {
- return URLEncoder.encode(str, "UTF-8");
- }
-
- /**
- * URL decode the string
- * @param str
- * @return
- * @throws IOException
- */
- public static String urlDecode(String str) throws IOException
- {
- return URLDecoder.decode(str, "UTF-8");
- }
-
- /**
- * On the byte array, apply base64 encoding following by URL encoding
- * @param stringToEncode
- * @return
- * @throws IOException
- */
- public static String base64URLEncode(byte[] stringToEncode) throws IOException
- {
- String base64Request = Base64.encodeBytes(stringToEncode, Base64.DONT_BREAK_LINES);
- return urlEncode(base64Request);
- }
-
- /**
- * On the byte array, apply URL decoding followed by base64 decoding
- * @param encodedString
- * @return
- * @throws IOException
- */
- public static byte[] urlBase64Decode(String encodedString) throws IOException
- {
- String decodedString = urlDecode(encodedString);
- return Base64.decode(decodedString);
- }
-
- /**
- * Apply deflate compression followed by base64 encoding and URL encoding
- * @param stringToEncode
- * @return
- * @throws IOException
- */
- public static String deflateBase64URLEncode(String stringToEncode) throws IOException
- {
- return deflateBase64URLEncode(stringToEncode.getBytes("UTF-8"));
- }
-
- /**
- * Apply deflate compression followed by base64 encoding and URL encoding
- * @param stringToEncode
- * @return
- * @throws IOException
- */
- public static String deflateBase64URLEncode(byte[] stringToEncode) throws IOException
- {
- byte[] deflatedMsg = DeflateUtil.encode(stringToEncode);
- return base64URLEncode(deflatedMsg);
- }
-
- /**
- * Apply URL decoding, followed by base64 decoding followed by deflate decompression
- * @param encodedString
- * @return
- * @throws IOException
- */
- public static InputStream urlBase64DeflateDecode(String encodedString) throws IOException
- {
- byte[] deflatedString = urlBase64Decode(encodedString);
- return DeflateUtil.decode(deflatedString);
- }
-
- /**
- * Base64 decode followed by Deflate decoding
- * @param encodedString
- * @return
- */
- public static InputStream base64DeflateDecode(String encodedString)
- {
- byte[] base64decodedMsg = Base64.decode(encodedString);
- return DeflateUtil.decode(base64decodedMsg);
- }
-}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingSignatureUtilTestCase.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -28,7 +28,7 @@
import junit.framework.TestCase;
import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.bindings.util.cert.KeyStoreUtil;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/util/RedirectBindingUtilTestCase.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -29,7 +29,7 @@
import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
Modified: identity-federation/trunk/jboss-identity-seam/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-seam/pom.xml 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-seam/pom.xml 2009-08-14 05:13:52 UTC (rev 704)
@@ -62,14 +62,13 @@
</dependency>
<dependency>
<groupId>org.jboss.identity</groupId>
- <artifactId>jboss-identity-bindings
- </artifactId>
+ <artifactId>jboss-identity-web</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
- <version>2.4</version>
+ <version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -128,4 +127,4 @@
</plugin>
</plugins>
</reporting>
-</project>
\ No newline at end of file
+</project>
Modified: identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java
===================================================================
--- identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/jboss-identity-seam/src/main/java/org/jboss/identity/seam/federation/SamlAuthenticationFilter.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -52,13 +52,13 @@
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
+import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
-import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.bindings.tomcat.sp.SPUtil;
-import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
-import org.jboss.identity.federation.bindings.util.PostBindingUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
-import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
+import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.web.util.PostBindingUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
@@ -462,7 +462,7 @@
String serviceProviderURL = request.getScheme() + "://" + request.getServerName() + ":"
+ request.getServerPort() + request.getContextPath() + "/SamlAuthenticationFilter.seam";
- AuthnRequestType authnRequest = new SPUtil().createSAMLRequest(serviceProviderURL, identityProviderURL);
+ AuthnRequestType authnRequest = createSAMLRequest(serviceProviderURL, identityProviderURL);
SAML2Request saml2Request = new SAML2Request();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -502,4 +502,16 @@
throw new RuntimeException(e);
}
}
+
+ private AuthnRequestType createSAMLRequest(String serviceURL, String identityURL) throws ConfigurationException
+ {
+ if(serviceURL == null)
+ throw new IllegalArgumentException("serviceURL is null");
+ if(identityURL == null)
+ throw new IllegalArgumentException("identityURL is null");
+
+ SAML2Request saml2Request = new SAML2Request();
+ String id = IDGenerator.create("ID_");
+ return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
+ }
}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/HTTPRedirectUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/HTTPRedirectUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/HTTPRedirectUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -0,0 +1,75 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletResponse;
+
+
+/**
+ * Utility Class for http/redirect
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 15, 2008
+ */
+public class HTTPRedirectUtil
+{
+ /**
+ * Send the response to the redirected destination while
+ * adding the character encoding of "UTF-8" as well as
+ * adding headers for cache-control and Pragma
+ * @param destination Destination URI where the response needs to redirect
+ * @param response HttpServletResponse
+ * @throws IOException
+ */
+ public static void sendRedirectForRequestor(String destination, HttpServletResponse response)
+ throws IOException
+ {
+ common(destination, response);
+ response.setHeader("Cache-Control", "no-cache, no-store");
+ sendRedirect(response,destination);
+ }
+
+ /**
+ * @see #sendRedirectForRequestor(String, HttpServletResponse)
+ */
+ public static void sendRedirectForResponder(String destination, HttpServletResponse response)
+ throws IOException
+ {
+ common(destination, response);
+ response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate,private");
+ sendRedirect(response,destination);
+ }
+
+ private static void common(String destination, HttpServletResponse response)
+ {
+ response.setCharacterEncoding("UTF-8");
+ response.setHeader("Location", destination);
+ response.setHeader("Pragma", "no-cache");
+ }
+
+ private static void sendRedirect(HttpServletResponse response, String destination) throws IOException
+ {
+ response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+ response.sendRedirect(destination);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -0,0 +1,445 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.security.GeneralSecurityException;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.util.List;
+import java.util.StringTokenizer;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.JAXBException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
+import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.TrustType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
+import org.jboss.identity.federation.web.util.PostBindingUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.web.util.RedirectBindingUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
+import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
+import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+import org.xml.sax.SAXException;
+
+/**
+ * Request Util
+ * <b> Not thread safe</b>
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 18, 2009
+ */
+public class IDPWebRequestUtil
+{
+ private static Logger log = Logger.getLogger(IDPWebRequestUtil.class);
+
+ private boolean redirectProfile = false;
+ private boolean postProfile = false;
+
+ private IDPType idpConfiguration;
+ private TrustKeyManager keyManager;
+
+ public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym)
+ {
+ this.idpConfiguration = idp;
+ this.keyManager = keym;
+ this.redirectProfile = "GET".equals(request.getMethod());
+ this.postProfile = "POST".equals(request.getMethod());
+ }
+
+ public boolean hasSAMLRequestInRedirectProfile()
+ {
+ return redirectProfile;
+ }
+
+ public boolean hasSAMLRequestInPostProfile()
+ {
+ return postProfile;
+ }
+
+ public RequestAbstractType getSAMLRequest(String samlMessage)
+ throws ParsingException, IOException
+ {
+ InputStream is = null;
+ SAML2Request saml2Request = new SAML2Request();
+ if(redirectProfile)
+ {
+ is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
+ }
+ else
+ {
+ byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage);
+ log.trace("SAMLRequest=" + new String(samlBytes));
+ is = new ByteArrayInputStream(samlBytes);
+ }
+ return saml2Request.getRequestType(is);
+ }
+
+
+ public Document getResponse( String assertionConsumerURL,
+ Principal userPrincipal,
+ List<String> roles,
+ String identityURL,
+ long assertionValidity,
+ boolean supportSignature)
+ throws ConfigurationException, IssueInstantMissingException
+ {
+ Document samlResponseDocument = null;
+
+ log.trace("AssertionConsumerURL=" + assertionConsumerURL +
+ "::assertion validity=" + assertionValidity);
+ ResponseType responseType = null;
+
+ SAML2Response saml2Response = new SAML2Response();
+
+ //Create a response type
+ String id = IDGenerator.create("ID_");
+
+ IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
+ issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue(userPrincipal.getName());
+ idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
+
+ SPInfoHolder sp = new SPInfoHolder();
+ sp.setResponseDestinationURI(assertionConsumerURL);
+ responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
+
+
+ //Add information on the roles
+ AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
+
+ AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
+
+ //Add timed conditions
+ saml2Response.createTimedConditions(assertion, assertionValidity);
+
+ //Lets see how the response looks like
+ if(log.isTraceEnabled())
+ {
+ StringWriter sw = new StringWriter();
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
+ log.trace("Response="+sw.toString());
+ }
+
+ log.trace("Support Sig=" + supportSignature + " ::Post Profile?=" + hasSAMLRequestInPostProfile());
+ if(supportSignature && hasSAMLRequestInPostProfile())
+ {
+ try
+ {
+ SAML2Signature saml2Signature = new SAML2Signature();
+ samlResponseDocument = saml2Signature.sign(responseType, keyManager.getSigningKeyPair());
+ }
+ catch (Exception e)
+ {
+ log.trace(e);
+ }
+ }
+ else
+ try
+ {
+ samlResponseDocument = saml2Response.convert(responseType);
+ }
+ catch (Exception e)
+ {
+ log.trace(e);
+ }
+
+ return samlResponseDocument;
+ }
+
+
+
+ /**
+ * Verify that the issuer is trusted
+ * @param issuer
+ * @throws IssuerNotTrustedException
+ */
+ public void isTrusted(String issuer) throws IssuerNotTrustedException
+ {
+ try
+ {
+ String issuerDomain = getDomain(issuer);
+ TrustType idpTrust = idpConfiguration.getTrust();
+ if(idpTrust != null)
+ {
+ String domainsTrusted = idpTrust.getDomains();
+ log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain);
+ if(domainsTrusted.indexOf(issuerDomain) < 0)
+ {
+ //Let us do string parts checking
+ StringTokenizer st = new StringTokenizer(domainsTrusted, ",");
+ while(st != null && st.hasMoreTokens())
+ {
+ String uriBit = st.nextToken();
+ log.trace("Matching uri bit="+ uriBit);
+ if(issuerDomain.indexOf(uriBit) > 0)
+ {
+ log.trace("Matched " + uriBit + " trust for " + issuerDomain );
+ return;
+ }
+ }
+ throw new IssuerNotTrustedException(issuer);
+ }
+ }
+ }
+ catch (Exception e)
+ {
+ throw new IssuerNotTrustedException(e.getLocalizedMessage(),e);
+ }
+ }
+
+ /**
+ * Send a response
+ * @param responseDoc
+ * @param relayState
+ * @param response
+ * @throws IOException
+ * @throws GeneralSecurityException
+ */
+ public void send(Document responseDoc, String destination,
+ String relayState,
+ HttpServletResponse response,
+ boolean supportSignature,
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
+ {
+ if(responseDoc == null)
+ throw new IllegalArgumentException("responseType is null");
+
+ byte[] responseBytes = null;
+ try
+ {
+ responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");
+ }
+ catch (TransformerFactoryConfigurationError e)
+ {
+ log.trace(e);
+ }
+ catch (TransformerException e)
+ {
+ log.trace(e);
+ }
+
+ if(redirectProfile)
+ {
+ String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseBytes);
+
+ log.trace("IDP:Destination=" + destination);
+
+ if(relayState != null && relayState.length() > 0)
+ relayState = RedirectBindingUtil.urlEncode(relayState);
+
+ String finalDest = destination + getDestination(urlEncodedResponse, relayState,
+ supportSignature);
+ log.trace("Redirecting to="+ finalDest);
+ HTTPRedirectUtil.sendRedirectForResponder(finalDest, response);
+ }
+ else
+ {
+ String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes));
+
+ PostBindingUtil.sendPost(new DestinationInfoHolder(destination,
+ samlResponse, relayState), response, false);
+ }
+ }
+
+ /**
+ * Generate a Destination URL for the HTTPRedirect binding
+ * with the saml response and relay state
+ * @param urlEncodedResponse
+ * @param urlEncodedRelayState
+ * @return
+ */
+ public String getDestination(String urlEncodedResponse, String urlEncodedRelayState,
+ boolean supportSignature)
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("?");
+
+ if(redirectProfile)
+ {
+ if(supportSignature)
+ {
+ try
+ {
+ sb.append(RedirectBindingSignatureUtil.getSAMLResponseURLWithSignature(urlEncodedResponse,
+ urlEncodedRelayState, keyManager.getSigningKey()));
+ }
+ catch (Exception e)
+ {
+ log.trace(e);
+ }
+ }
+ else
+ {
+ sb.append("?SAMLResponse=").append(urlEncodedResponse);
+ if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
+ sb.append("&RelayState=").append(urlEncodedRelayState);
+ }
+ return sb.toString();
+
+ }
+ return null;
+ }
+
+ /**
+ * Create an Error Response
+ * @param responseURL
+ * @param status
+ * @param identityURL
+ * @param supportSignature
+ * @return
+ * @throws ConfigurationException
+ */
+ public Document getErrorResponse(String responseURL, String status,
+ String identityURL, boolean supportSignature)
+ {
+ Document samlResponse = null;
+ ResponseType responseType = null;
+
+ SAML2Response saml2Response = new SAML2Response();
+
+ //Create a response type
+ String id = IDGenerator.create("ID_");
+
+ IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
+ issuerHolder.setStatusCode(status);
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue(null);
+ idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
+
+ SPInfoHolder sp = new SPInfoHolder();
+ sp.setResponseDestinationURI(responseURL);
+ try
+ {
+ responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
+ }
+ catch (ConfigurationException e1)
+ {
+ log.trace(e1);
+ responseType = saml2Response.createResponseType();
+ }
+
+ log.debug("Error_ResponseType = ");
+ //Lets see how the response looks like
+ if(log.isTraceEnabled())
+ {
+ StringWriter sw = new StringWriter();
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
+ log.trace("Response="+sw.toString());
+ }
+
+ if(supportSignature)
+ {
+ try
+ {
+ //SigAlg
+ String algo = keyManager.getSigningKey().getAlgorithm();
+ String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
+
+ sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
+
+ SAML2Signature ss = new SAML2Signature();
+ samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair());
+ }
+ catch (Exception e)
+ {
+ log.trace(e);
+ }
+ }
+ else
+ try
+ {
+ samlResponse = saml2Response.convert(responseType);
+ }
+ catch (Exception e)
+ {
+ log.trace(e);
+ }
+
+ return samlResponse;
+ }
+
+ /**
+ * Given a SP or IDP issuer from the assertion, return the host
+ * @param domainURL
+ * @return
+ * @throws IOException
+ */
+ private static String getDomain(String domainURL) throws IOException
+ {
+ URL url = new URL(domainURL);
+ return url.getHost();
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.api.util.Base64;
+import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
+
+/**
+ * Utility for the HTTP/Post binding
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 22, 2009
+ */
+public class PostBindingUtil
+{
+ private static Logger log = Logger.getLogger(PostBindingUtil.class);
+
+ public static String base64Encode(String stringToEncode) throws IOException
+ {
+ return Base64.encodeBytes(stringToEncode.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
+ }
+
+ public static byte[] base64Decode(String encodedString)
+ {
+ return Base64.decode(encodedString);
+ }
+
+ /**
+ * Send the response to the redirected destination while
+ * adding the character encoding of "UTF-8" as well as
+ * adding headers for cache-control and Pragma
+ * @param destination Destination URI where the response needs to redirect
+ * @param response HttpServletResponse
+ * @throws IOException
+ */
+ public static void sendPost(DestinationInfoHolder holder,
+ HttpServletResponse response,
+ boolean sendToIDP)
+ throws IOException
+ {
+ String key = sendToIDP ? "SAMLRequest" : "SAMLResponse";
+
+ String relayState = holder.getRelayState();
+ String destination = holder.getDestination();
+ String samlMessage = holder.getSamlMessage();
+
+ response.setContentType("text/html");
+ PrintWriter out = response.getWriter();
+ common(holder.getDestination(), response);
+ StringBuilder builder = new StringBuilder();
+
+ builder.append("<HTML>");
+ builder.append("<HEAD>");
+ if(sendToIDP)
+ builder.append("<TITLE>HTTP Post Binding To Identity Provider</TITLE>");
+ else
+ builder.append("<TITLE>HTTP Post Binding Response To Service Provider</TITLE>");
+
+ builder.append("</HEAD>");
+ builder.append("<BODY Onload=\"document.forms[0].submit()\">");
+
+ builder.append("<FORM METHOD=\"POST\" ACTION=\"" + destination + "\">");
+ builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\""+ key +"\"" + " VALUE=\"" + samlMessage
+ + "\"/>");
+ if (relayState != null && relayState.length() > 0)
+ {
+ builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\"RelayState\" " +
+ "VALUE=\"" + relayState + "\"/>");
+ }
+ builder.append("</FORM></BODY></HTML>");
+
+ String str = builder.toString();
+ log.debug(str);
+ out.println(str);
+ out.close();
+ }
+
+ private static void common(String destination, HttpServletResponse response)
+ {
+ response.setCharacterEncoding("UTF-8");
+ response.setHeader("Pragma", "no-cache");
+ response.setHeader("Cache-Control", "no-cache, no-store");
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingSignatureUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingSignatureUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -0,0 +1,348 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import javax.xml.bind.JAXBException;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+
+import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
+import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
+import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+import org.xml.sax.SAXException;
+
+
+/**
+ * Signature Support for the HTTP/Redirect binding
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 16, 2008
+ */
+public class RedirectBindingSignatureUtil
+{
+ /**
+ * Get the URL for the SAML request that contains the signature and signature algorithm
+ * @param authRequest
+ * @param relayState
+ * @param signingKey
+ * @return
+ * @throws JAXBException
+ * @throws SAXException
+ * @throws IOException
+ * @throws GeneralSecurityException
+ */
+ public static String getSAMLRequestURLWithSignature(AuthnRequestType authRequest, String relayState,
+ PrivateKey signingKey) throws SAXException, JAXBException, IOException, GeneralSecurityException
+ {
+ SAML2Request saml2Request = new SAML2Request();
+
+ // Deal with the original request
+ StringWriter sw = new StringWriter();
+ saml2Request.marshall(authRequest, sw);
+
+ //URL Encode the Request
+ String urlEncodedRequest = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());
+
+ String urlEncodedRelayState = null;
+ if(relayState != null && relayState.length() > 0 )
+ urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8");
+
+ byte[] sigValue = computeSignature("SAMLRequest=" + urlEncodedRequest, urlEncodedRelayState, signingKey);
+
+ //Now construct the URL
+ return getRequestRedirectURLWithSignature(urlEncodedRequest, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
+ }
+
+ /**
+ * Get the URL for the SAML request that contains the signature and signature algorithm
+ * @param responseType
+ * @param relayState
+ * @param signingKey
+ * @return
+ * @throws IOException
+ * @throws GeneralSecurityException
+ */
+ public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState,
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
+ {
+ SAML2Response saml2Response = new SAML2Response();
+
+ Document responseDoc = null;
+
+ try
+ {
+ responseDoc = saml2Response.convert(responseType);
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (ParserConfigurationException e)
+ {
+ throw new ParsingException(e);
+ }
+
+ //URL Encode the Request
+ String responseString;
+ try
+ {
+ responseString = DocumentUtil.getDocumentAsString(responseDoc);
+ }
+ catch (TransformerFactoryConfigurationError e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (TransformerException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString);
+
+ String urlEncodedRelayState = null;
+ if(relayState != null && relayState.length() > 0 )
+ urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8");
+
+ byte[] sigValue = computeSignature("SAMLResponse=" + urlEncodedResponse, urlEncodedRelayState, signingKey);
+
+ //Now construct the URL
+ return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
+ }
+
+ /**
+ * Given an url-encoded saml request and relay state and a private key, compute the url
+ * @param urlEncodedRequest
+ * @param urlEncodedRelayState
+ * @param signingKey
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
+ */
+ public static String getSAMLRequestURLWithSignature(String urlEncodedRequest, String urlEncodedRelayState,
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
+ {
+ byte[] sigValue = computeSignature("SAMLRequest=" + urlEncodedRequest, urlEncodedRelayState, signingKey);
+ return getRequestRedirectURLWithSignature(urlEncodedRequest, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
+ }
+
+ /**
+ * Given an url-encoded saml response and relay state and a private key, compute the url
+ * @param urlEncodedResponse
+ * @param urlEncodedRelayState
+ * @param signingKey
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
+ */
+ public static String getSAMLResponseURLWithSignature(String urlEncodedResponse, String urlEncodedRelayState,
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
+ {
+ byte[] sigValue = computeSignature("SAMLResponse=" + urlEncodedResponse, urlEncodedRelayState, signingKey);
+ return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
+ }
+
+ /**
+ * From the SAML Request URL, get the Request object
+ * @param signedURL
+ * @return
+ * @throws IOException
+ * @throws SAXException
+ * @throws JAXBException
+ */
+ public static AuthnRequestType getRequestFromSignedURL(String signedURL)
+ throws JAXBException, SAXException, IOException
+ {
+ String samlRequestTokenValue = getTokenValue(signedURL, "SAMLRequest");
+
+ SAML2Request saml2Request = new SAML2Request();
+ return saml2Request.getAuthnRequestType(RedirectBindingUtil.urlBase64DeflateDecode(samlRequestTokenValue));
+ }
+
+ /**
+ * Get the signature value from the url
+ * @param signedURL
+ * @return
+ * @throws IOException
+ */
+ public static byte[] getSignatureValueFromSignedURL(String signedURL) throws IOException
+ {
+ String sigValueTokenValue = getTokenValue(signedURL,"Signature");
+ if(sigValueTokenValue == null)
+ throw new IllegalArgumentException("Signature Token is not present");
+ return RedirectBindingUtil.urlBase64Decode(sigValueTokenValue);
+ }
+
+
+ /**
+ * From the query string that contains key/value pairs, get the value of a key
+ * <b>Note:</b> if the token is null, a null value is returned
+ * @param queryString
+ * @param token
+ * @return
+ */
+ public static String getTokenValue(String queryString, String token)
+ {
+ return getTokenValue(getToken(queryString, token));
+ }
+
+ public static boolean validateSignature(String queryString,
+ PublicKey validatingKey, byte[] sigValue ) throws UnsupportedEncodingException, GeneralSecurityException
+ {
+ //Construct the url again
+ String reqFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "SAMLRequest");
+ String relayStateFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "RelayState");
+ String sigAlgFromURL = RedirectBindingSignatureUtil.getTokenValue(queryString, "SigAlg");
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("SAMLRequest=").append(reqFromURL);
+
+ if(relayStateFromURL != null && relayStateFromURL.length() > 0)
+ {
+ sb.append("&RelayState=").append(relayStateFromURL);
+ }
+ sb.append("&SigAlg=").append(sigAlgFromURL);
+
+
+ return SignatureUtil.validate(sb.toString().getBytes("UTF-8"), sigValue, validatingKey);
+ }
+
+ //***************** Private Methods **************
+
+ private static byte[] computeSignature(
+ String requestOrResponseKeyValuePair, String urlEncodedRelayState,
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append(requestOrResponseKeyValuePair);
+ if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
+ {
+ sb.append("&RelayState=").append(urlEncodedRelayState);
+ }
+ //SigAlg
+ String algo = signingKey.getAlgorithm();
+ String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
+
+ sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
+
+ sb.append("&SigAlg=").append(sigAlg);
+
+ byte[] sigValue = SignatureUtil.sign(sb.toString(), signingKey);
+
+ return sigValue;
+ }
+
+ private static String getRequestRedirectURLWithSignature(
+ String urlEncodedRequest, String urlEncodedRelayState, byte[] signature, String sigAlgo)
+ throws IOException
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("SAMLRequest=").append(urlEncodedRequest);
+ if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
+ {
+ sb.append("&").append("RelayState=").append(urlEncodedRelayState);
+ }
+ //SigAlg
+ String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(sigAlgo);
+
+ sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
+
+ sb.append("&").append("SigAlg=").append(sigAlg);
+
+ //Encode the signature value
+ String encodedSig = RedirectBindingUtil.base64URLEncode(signature);
+
+ sb.append("&").append("Signature=").append(encodedSig);
+
+ return sb.toString();
+ }
+
+ private static String getResponseRedirectURLWithSignature(
+ String urlEncodedResponse, String urlEncodedRelayState, byte[] signature, String sigAlgo)
+ throws IOException
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("SAMLResponse=").append(urlEncodedResponse);
+ if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0)
+ {
+ sb.append("&").append("RelayState=").append(urlEncodedRelayState);
+ }
+ //SigAlg
+ String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(sigAlgo);
+
+ sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
+
+ sb.append("&").append("SigAlg=").append(sigAlg);
+
+ //Encode the signature value
+ String encodedSig = RedirectBindingUtil.base64URLEncode(signature);
+
+ sb.append("&").append("Signature=").append(encodedSig);
+
+ return sb.toString();
+ }
+
+ private static String getToken(String queryString, String token)
+ {
+ if(queryString == null)
+ throw new IllegalArgumentException("queryString is null");
+
+ token += "=";
+
+ int start = queryString.indexOf(token);
+ if(start < 0)
+ return null;
+
+ int end = queryString.indexOf("&",start);
+
+ if(end == -1)
+ return queryString.substring(start);
+
+ return queryString.substring(start,end);
+ }
+
+ private static String getTokenValue(String token)
+ {
+ if(token == null)
+ return token;
+
+ int eq = token.indexOf('=');
+ if(eq == -1)
+ return token;
+ else
+ return token.substring(eq + 1);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/RedirectBindingUtil.java 2009-08-14 05:13:52 UTC (rev 704)
@@ -0,0 +1,130 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+
+import org.jboss.identity.federation.api.util.Base64;
+import org.jboss.identity.federation.api.util.DeflateUtil;
+
+/**
+ * Utility class for SAML HTTP/Redirect binding
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jan 14, 2009
+ */
+public class RedirectBindingUtil
+{
+ /**
+ * URL encode the string
+ * @param str
+ * @return
+ * @throws IOException
+ */
+ public static String urlEncode(String str) throws IOException
+ {
+ return URLEncoder.encode(str, "UTF-8");
+ }
+
+ /**
+ * URL decode the string
+ * @param str
+ * @return
+ * @throws IOException
+ */
+ public static String urlDecode(String str) throws IOException
+ {
+ return URLDecoder.decode(str, "UTF-8");
+ }
+
+ /**
+ * On the byte array, apply base64 encoding following by URL encoding
+ * @param stringToEncode
+ * @return
+ * @throws IOException
+ */
+ public static String base64URLEncode(byte[] stringToEncode) throws IOException
+ {
+ String base64Request = Base64.encodeBytes(stringToEncode, Base64.DONT_BREAK_LINES);
+ return urlEncode(base64Request);
+ }
+
+ /**
+ * On the byte array, apply URL decoding followed by base64 decoding
+ * @param encodedString
+ * @return
+ * @throws IOException
+ */
+ public static byte[] urlBase64Decode(String encodedString) throws IOException
+ {
+ String decodedString = urlDecode(encodedString);
+ return Base64.decode(decodedString);
+ }
+
+ /**
+ * Apply deflate compression followed by base64 encoding and URL encoding
+ * @param stringToEncode
+ * @return
+ * @throws IOException
+ */
+ public static String deflateBase64URLEncode(String stringToEncode) throws IOException
+ {
+ return deflateBase64URLEncode(stringToEncode.getBytes("UTF-8"));
+ }
+
+ /**
+ * Apply deflate compression followed by base64 encoding and URL encoding
+ * @param stringToEncode
+ * @return
+ * @throws IOException
+ */
+ public static String deflateBase64URLEncode(byte[] stringToEncode) throws IOException
+ {
+ byte[] deflatedMsg = DeflateUtil.encode(stringToEncode);
+ return base64URLEncode(deflatedMsg);
+ }
+
+ /**
+ * Apply URL decoding, followed by base64 decoding followed by deflate decompression
+ * @param encodedString
+ * @return
+ * @throws IOException
+ */
+ public static InputStream urlBase64DeflateDecode(String encodedString) throws IOException
+ {
+ byte[] deflatedString = urlBase64Decode(encodedString);
+ return DeflateUtil.decode(deflatedString);
+ }
+
+ /**
+ * Base64 decode followed by Deflate decoding
+ * @param encodedString
+ * @return
+ */
+ public static InputStream base64DeflateDecode(String encodedString)
+ {
+ byte[] base64decodedMsg = Base64.decode(encodedString);
+ return DeflateUtil.decode(base64decodedMsg);
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/pom.xml
===================================================================
--- identity-federation/trunk/pom.xml 2009-08-14 04:47:21 UTC (rev 703)
+++ identity-federation/trunk/pom.xml 2009-08-14 05:13:52 UTC (rev 704)
@@ -19,9 +19,9 @@
<module>jboss-identity-fed-model</module>
<module>jboss-identity-fed-core</module>
<module>jboss-identity-fed-api</module>
+ <module>jboss-identity-web</module>
<module>jboss-identity-bindings</module>
<module>jboss-identity-bindings-jboss</module>
- <module>jboss-identity-web</module>
<module>jboss-identity-webapps</module>
<module>jboss-identity-seam</module>
<module>assembly</module>
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r703 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces and 14 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-14 00:47:21 -0400 (Fri, 14 Aug 2009)
New Revision: 703
Added:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/AuthPropertyType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncAlgoType.java
identity-federation/trunk/jboss-…
[View More]identity-web/src/main/java/org/jboss/identity/federation/web/config/EncryptionType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/IDPType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyProviderType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyValueType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/MetadataProviderType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ObjectFactory.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ProviderType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/SPType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/STSType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProviderType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProvidersType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProviderType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProvidersType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TrustType.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/package-info.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyConfigurationException.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyManager.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyProcessingException.java
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
Removed:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/AuthPropertyType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncAlgoType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncryptionType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/IDPType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyValueType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/MetadataProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ObjectFactory.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/SPType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/STSType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProvidersType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProvidersType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TrustType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/package-info.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/RoleGenerator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyConfigurationException.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyProcessingException.java
identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/MetadataConfigUnitTestCase.java
Log:
move the config from bindings to web
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/AuthPropertyType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/AuthPropertyType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/AuthPropertyType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,39 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for AuthPropertyType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="AuthPropertyType">
- * <complexContent>
- * <extension base="{urn:jboss:identity-federation:config:1.0}KeyValueType">
- * </extension>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "AuthPropertyType")
-public class AuthPropertyType
- extends KeyValueType
-{
-
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncAlgoType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncAlgoType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncAlgoType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,59 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlEnum;
-import javax.xml.bind.annotation.XmlEnumValue;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for EncAlgoType.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- * <p>
- * <pre>
- * <simpleType name="EncAlgoType">
- * <restriction base="{http://www.w3.org/2001/XMLSchema}string">
- * <enumeration value="AES"/>
- * <enumeration value="DES"/>
- * <enumeration value="DESede"/>
- * </restriction>
- * </simpleType>
- * </pre>
- *
- */
-@XmlType(name = "EncAlgoType")
-@XmlEnum
-public enum EncAlgoType {
-
- AES("AES"),
- DES("DES"),
- @XmlEnumValue("DESede")
- DE_SEDE("DESede");
- private final String value;
-
- EncAlgoType(String v) {
- value = v;
- }
-
- public String value() {
- return value;
- }
-
- public static EncAlgoType fromValue(String v) {
- for (EncAlgoType c: EncAlgoType.values()) {
- if (c.value.equals(v)) {
- return c;
- }
- }
- throw new IllegalArgumentException(v);
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncryptionType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncryptionType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/EncryptionType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,89 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for EncryptionType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="EncryptionType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="EncAlgo" type="{urn:jboss:identity-federation:config:1.0}EncAlgoType"/>
- * <element name="KeySize" type="{http://www.w3.org/2001/XMLSchema}int"/>
- * </sequence>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "EncryptionType", propOrder = {
- "encAlgo",
- "keySize"
-})
-public class EncryptionType {
-
- @XmlElement(name = "EncAlgo", required = true)
- protected EncAlgoType encAlgo;
- @XmlElement(name = "KeySize")
- protected int keySize;
-
- /**
- * Gets the value of the encAlgo property.
- *
- * @return
- * possible object is
- * {@link EncAlgoType }
- *
- */
- public EncAlgoType getEncAlgo() {
- return encAlgo;
- }
-
- /**
- * Sets the value of the encAlgo property.
- *
- * @param value
- * allowed object is
- * {@link EncAlgoType }
- *
- */
- public void setEncAlgo(EncAlgoType value) {
- this.encAlgo = value;
- }
-
- /**
- * Gets the value of the keySize property.
- *
- */
- public int getKeySize() {
- return keySize;
- }
-
- /**
- * Sets the value of the keySize property.
- *
- */
- public void setKeySize(int value) {
- this.keySize = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/IDPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/IDPType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/IDPType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,170 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- *
- * IDP Type defines the configuration for an Identity
- * Provider.
- *
- *
- * <p>Java class for IDPType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="IDPType">
- * <complexContent>
- * <extension base="{urn:jboss:identity-federation:config:1.0}ProviderType">
- * <sequence>
- * <element name="Encryption" type="{urn:jboss:identity-federation:config:1.0}EncryptionType" minOccurs="0"/>
- * </sequence>
- * <attribute name="AssertionValidity" type="{http://www.w3.org/2001/XMLSchema}long" default="300000" />
- * <attribute name="RoleGenerator" type="{http://www.w3.org/2001/XMLSchema}string" default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator" />
- * <attribute name="Encrypt" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
- * </extension>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "IDPType", propOrder = {
- "encryption"
-})
-public class IDPType
- extends ProviderType
-{
-
- @XmlElement(name = "Encryption")
- protected EncryptionType encryption;
- @XmlAttribute(name = "AssertionValidity")
- protected Long assertionValidity;
- @XmlAttribute(name = "RoleGenerator")
- protected String roleGenerator;
- @XmlAttribute(name = "Encrypt")
- protected Boolean encrypt;
-
- /**
- * Gets the value of the encryption property.
- *
- * @return
- * possible object is
- * {@link EncryptionType }
- *
- */
- public EncryptionType getEncryption() {
- return encryption;
- }
-
- /**
- * Sets the value of the encryption property.
- *
- * @param value
- * allowed object is
- * {@link EncryptionType }
- *
- */
- public void setEncryption(EncryptionType value) {
- this.encryption = value;
- }
-
- /**
- * Gets the value of the assertionValidity property.
- *
- * @return
- * possible object is
- * {@link Long }
- *
- */
- public long getAssertionValidity() {
- if (assertionValidity == null) {
- return 300000L;
- } else {
- return assertionValidity;
- }
- }
-
- /**
- * Sets the value of the assertionValidity property.
- *
- * @param value
- * allowed object is
- * {@link Long }
- *
- */
- public void setAssertionValidity(Long value) {
- this.assertionValidity = value;
- }
-
- /**
- * Gets the value of the roleGenerator property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getRoleGenerator() {
- if (roleGenerator == null) {
- return "org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator";
- } else {
- return roleGenerator;
- }
- }
-
- /**
- * Sets the value of the roleGenerator property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setRoleGenerator(String value) {
- this.roleGenerator = value;
- }
-
- /**
- * Gets the value of the encrypt property.
- *
- * @return
- * possible object is
- * {@link Boolean }
- *
- */
- public boolean isEncrypt() {
- if (encrypt == null) {
- return false;
- } else {
- return encrypt;
- }
- }
-
- /**
- * Sets the value of the encrypt property.
- *
- * @param value
- * allowed object is
- * {@link Boolean }
- *
- */
- public void setEncrypt(Boolean value) {
- this.encrypt = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyProviderType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,170 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- *
- * Source of the Signing and Validating Key
- *
- *
- * <p>Java class for KeyProviderType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="KeyProviderType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="Auth" type="{urn:jboss:identity-federation:config:1.0}AuthPropertyType" maxOccurs="unbounded" minOccurs="0"/>
- * <element name="ValidatingAlias" type="{urn:jboss:identity-federation:config:1.0}KeyValueType" maxOccurs="unbounded" minOccurs="0"/>
- * <element name="SigningAlias" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
- * </sequence>
- * <attribute name="ClassName" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "KeyProviderType", propOrder = {
- "auth",
- "validatingAlias",
- "signingAlias"
-})
-public class KeyProviderType {
-
- @XmlElement(name = "Auth")
- protected List<AuthPropertyType> auth;
- @XmlElement(name = "ValidatingAlias")
- protected List<KeyValueType> validatingAlias;
- @XmlElement(name = "SigningAlias")
- protected String signingAlias;
- @XmlAttribute(name = "ClassName")
- protected String className;
-
- /**
- * Gets the value of the auth property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the auth property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getAuth().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link AuthPropertyType }
- *
- *
- */
- public List<AuthPropertyType> getAuth() {
- if (auth == null) {
- auth = new ArrayList<AuthPropertyType>();
- }
- return this.auth;
- }
-
- /**
- * Gets the value of the validatingAlias property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the validatingAlias property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getValidatingAlias().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link KeyValueType }
- *
- *
- */
- public List<KeyValueType> getValidatingAlias() {
- if (validatingAlias == null) {
- validatingAlias = new ArrayList<KeyValueType>();
- }
- return this.validatingAlias;
- }
-
- /**
- * Gets the value of the signingAlias property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getSigningAlias() {
- return signingAlias;
- }
-
- /**
- * Sets the value of the signingAlias property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setSigningAlias(String value) {
- this.signingAlias = value;
- }
-
- /**
- * Gets the value of the className property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getClassName() {
- return className;
- }
-
- /**
- * Sets the value of the className property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setClassName(String value) {
- this.className = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyValueType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyValueType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/KeyValueType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,96 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlSeeAlso;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for KeyValueType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="KeyValueType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <attribute name="Key" type="{http://www.w3.org/2001/XMLSchema}string" />
- * <attribute name="Value" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "KeyValueType")
-@XmlSeeAlso({
- AuthPropertyType.class
-})
-public class KeyValueType {
-
- @XmlAttribute(name = "Key")
- protected String key;
- @XmlAttribute(name = "Value")
- protected String value;
-
- /**
- * Gets the value of the key property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getKey() {
- return key;
- }
-
- /**
- * Sets the value of the key property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setKey(String value) {
- this.key = value;
- }
-
- /**
- * Gets the value of the value property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getValue() {
- return value;
- }
-
- /**
- * Sets the value of the value property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setValue(String value) {
- this.value = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/MetadataProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/MetadataProviderType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/MetadataProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,105 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.22 at 01:16:08 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for MetadataProviderType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="MetadataProviderType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="Option" type="{urn:jboss:identity-federation:config:1.0}KeyValueType" maxOccurs="unbounded" minOccurs="0"/>
- * </sequence>
- * <attribute name="ClassName" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "MetadataProviderType", propOrder = {
- "option"
-})
-public class MetadataProviderType {
-
- @XmlElement(name = "Option")
- protected List<KeyValueType> option;
- @XmlAttribute(name = "ClassName")
- protected String className;
-
- /**
- * Gets the value of the option property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the option property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getOption().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link KeyValueType }
- *
- *
- */
- public List<KeyValueType> getOption() {
- if (option == null) {
- option = new ArrayList<KeyValueType>();
- }
- return this.option;
- }
-
- /**
- * Gets the value of the className property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getClassName() {
- return className;
- }
-
- /**
- * Sets the value of the className property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setClassName(String value) {
- this.className = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ObjectFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ObjectFactory.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ObjectFactory.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,184 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.annotation.XmlElementDecl;
-import javax.xml.bind.annotation.XmlRegistry;
-import javax.xml.namespace.QName;
-
-
-/**
- * This object contains factory methods for each
- * Java content interface and Java element interface
- * generated in the org.jboss.identity.federation.bindings.config package.
- * <p>An ObjectFactory allows you to programatically
- * construct new instances of the Java representation
- * for XML content. The Java representation of XML
- * content can consist of schema derived interfaces
- * and classes representing the binding of schema
- * type definitions, element declarations and model
- * groups. Factory methods for each of these are
- * provided in this class.
- *
- */
-@XmlRegistry
-public class ObjectFactory {
-
- private final static QName _JBossSTS_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSTS");
- private final static QName _JBossIDP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossIDP");
- private final static QName _JBossSP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSP");
-
- /**
- * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: org.jboss.identity.federation.bindings.config
- *
- */
- public ObjectFactory() {
- }
-
- /**
- * Create an instance of {@link STSType }
- *
- */
- public STSType createSTSType() {
- return new STSType();
- }
-
- /**
- * Create an instance of {@link KeyValueType }
- *
- */
- public KeyValueType createKeyValueType() {
- return new KeyValueType();
- }
-
- /**
- * Create an instance of {@link ServiceProviderType }
- *
- */
- public ServiceProviderType createServiceProviderType() {
- return new ServiceProviderType();
- }
-
- /**
- * Create an instance of {@link KeyProviderType }
- *
- */
- public KeyProviderType createKeyProviderType() {
- return new KeyProviderType();
- }
-
- /**
- * Create an instance of {@link TokenProvidersType }
- *
- */
- public TokenProvidersType createTokenProvidersType() {
- return new TokenProvidersType();
- }
-
- /**
- * Create an instance of {@link TokenProviderType }
- *
- */
- public TokenProviderType createTokenProviderType() {
- return new TokenProviderType();
- }
-
- /**
- * Create an instance of {@link IDPType }
- *
- */
- public IDPType createIDPType() {
- return new IDPType();
- }
-
- /**
- * Create an instance of {@link ServiceProvidersType }
- *
- */
- public ServiceProvidersType createServiceProvidersType() {
- return new ServiceProvidersType();
- }
-
- /**
- * Create an instance of {@link MetadataProviderType }
- *
- */
- public MetadataProviderType createMetadataProviderType() {
- return new MetadataProviderType();
- }
-
- /**
- * Create an instance of {@link ProviderType }
- *
- */
- public ProviderType createProviderType() {
- return new ProviderType();
- }
-
- /**
- * Create an instance of {@link AuthPropertyType }
- *
- */
- public AuthPropertyType createAuthPropertyType() {
- return new AuthPropertyType();
- }
-
- /**
- * Create an instance of {@link TrustType }
- *
- */
- public TrustType createTrustType() {
- return new TrustType();
- }
-
- /**
- * Create an instance of {@link SPType }
- *
- */
- public SPType createSPType() {
- return new SPType();
- }
-
- /**
- * Create an instance of {@link EncryptionType }
- *
- */
- public EncryptionType createEncryptionType() {
- return new EncryptionType();
- }
-
- /**
- * Create an instance of {@link JAXBElement }{@code <}{@link STSType }{@code >}}
- *
- */
- @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSTS")
- public JAXBElement<STSType> createJBossSTS(STSType value) {
- return new JAXBElement<STSType>(_JBossSTS_QNAME, STSType.class, null, value);
- }
-
- /**
- * Create an instance of {@link JAXBElement }{@code <}{@link IDPType }{@code >}}
- *
- */
- @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossIDP")
- public JAXBElement<IDPType> createJBossIDP(IDPType value) {
- return new JAXBElement<IDPType>(_JBossIDP_QNAME, IDPType.class, null, value);
- }
-
- /**
- * Create an instance of {@link JAXBElement }{@code <}{@link SPType }{@code >}}
- *
- */
- @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSP")
- public JAXBElement<SPType> createJBossSP(SPType value) {
- return new JAXBElement<SPType>(_JBossSP_QNAME, SPType.class, null, value);
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ProviderType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,199 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlSeeAlso;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * Base Type for IDP and SP
- *
- * <p>Java class for ProviderType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="ProviderType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="IdentityURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
- * <element name="Trust" type="{urn:jboss:identity-federation:config:1.0}TrustType" minOccurs="0"/>
- * <element name="KeyProvider" type="{urn:jboss:identity-federation:config:1.0}KeyProviderType" minOccurs="0"/>
- * <element name="MetaDataProvider" type="{urn:jboss:identity-federation:config:1.0}MetadataProviderType" minOccurs="0"/>
- * </sequence>
- * <attribute name="ServerEnvironment" default="JBOSS">
- * <simpleType>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}string">
- * <enumeration value="JBOSS"/>
- * <enumeration value="TOMCAT"/>
- * </restriction>
- * </simpleType>
- * </attribute>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "ProviderType", propOrder = {
- "identityURL",
- "trust",
- "keyProvider",
- "metaDataProvider"
-})
-@XmlSeeAlso({
- IDPType.class,
- SPType.class
-})
-public class ProviderType {
-
- @XmlElement(name = "IdentityURL", required = true)
- protected String identityURL;
- @XmlElement(name = "Trust")
- protected TrustType trust;
- @XmlElement(name = "KeyProvider")
- protected KeyProviderType keyProvider;
- @XmlElement(name = "MetaDataProvider")
- protected MetadataProviderType metaDataProvider;
- @XmlAttribute(name = "ServerEnvironment")
- protected String serverEnvironment;
-
- /**
- * Gets the value of the identityURL property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getIdentityURL() {
- return identityURL;
- }
-
- /**
- * Sets the value of the identityURL property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setIdentityURL(String value) {
- this.identityURL = value;
- }
-
- /**
- * Gets the value of the trust property.
- *
- * @return
- * possible object is
- * {@link TrustType }
- *
- */
- public TrustType getTrust() {
- return trust;
- }
-
- /**
- * Sets the value of the trust property.
- *
- * @param value
- * allowed object is
- * {@link TrustType }
- *
- */
- public void setTrust(TrustType value) {
- this.trust = value;
- }
-
- /**
- * Gets the value of the keyProvider property.
- *
- * @return
- * possible object is
- * {@link KeyProviderType }
- *
- */
- public KeyProviderType getKeyProvider() {
- return keyProvider;
- }
-
- /**
- * Sets the value of the keyProvider property.
- *
- * @param value
- * allowed object is
- * {@link KeyProviderType }
- *
- */
- public void setKeyProvider(KeyProviderType value) {
- this.keyProvider = value;
- }
-
- /**
- * Gets the value of the metaDataProvider property.
- *
- * @return
- * possible object is
- * {@link MetadataProviderType }
- *
- */
- public MetadataProviderType getMetaDataProvider() {
- return metaDataProvider;
- }
-
- /**
- * Sets the value of the metaDataProvider property.
- *
- * @param value
- * allowed object is
- * {@link MetadataProviderType }
- *
- */
- public void setMetaDataProvider(MetadataProviderType value) {
- this.metaDataProvider = value;
- }
-
- /**
- * Gets the value of the serverEnvironment property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getServerEnvironment() {
- if (serverEnvironment == null) {
- return "JBOSS";
- } else {
- return serverEnvironment;
- }
- }
-
- /**
- * Sets the value of the serverEnvironment property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setServerEnvironment(String value) {
- this.serverEnvironment = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/SPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/SPType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/SPType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,73 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * Service Provider Type
- *
- * <p>Java class for SPType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="SPType">
- * <complexContent>
- * <extension base="{urn:jboss:identity-federation:config:1.0}ProviderType">
- * <sequence>
- * <element name="ServiceURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "SPType", propOrder = {
- "serviceURL"
-})
-public class SPType
- extends ProviderType
-{
-
- @XmlElement(name = "ServiceURL", required = true)
- protected String serviceURL;
-
- /**
- * Gets the value of the serviceURL property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getServiceURL() {
- return serviceURL;
- }
-
- /**
- * Sets the value of the serviceURL property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setServiceURL(String value) {
- this.serviceURL = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/STSType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/STSType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/STSType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,247 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for STSType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="STSType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="KeyProvider" type="{urn:jboss:identity-federation:config:1.0}KeyProviderType" minOccurs="0"/>
- * <element name="RequestHandler" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
- * <element name="TokenProviders" type="{urn:jboss:identity-federation:config:1.0}TokenProvidersType" minOccurs="0"/>
- * <element name="ServiceProviders" type="{urn:jboss:identity-federation:config:1.0}ServiceProvidersType" minOccurs="0"/>
- * </sequence>
- * <attribute name="STSName" type="{http://www.w3.org/2001/XMLSchema}string" default="JBossSTS" />
- * <attribute name="TokenTimeout" type="{http://www.w3.org/2001/XMLSchema}int" default="3600" />
- * <attribute name="EncryptToken" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "STSType", propOrder = {
- "keyProvider",
- "requestHandler",
- "tokenProviders",
- "serviceProviders"
-})
-public class STSType {
-
- @XmlElement(name = "KeyProvider")
- protected KeyProviderType keyProvider;
- @XmlElement(name = "RequestHandler")
- protected String requestHandler;
- @XmlElement(name = "TokenProviders")
- protected TokenProvidersType tokenProviders;
- @XmlElement(name = "ServiceProviders")
- protected ServiceProvidersType serviceProviders;
- @XmlAttribute(name = "STSName")
- protected String stsName;
- @XmlAttribute(name = "TokenTimeout")
- protected Integer tokenTimeout;
- @XmlAttribute(name = "EncryptToken")
- protected Boolean encryptToken;
-
- /**
- * Gets the value of the keyProvider property.
- *
- * @return
- * possible object is
- * {@link KeyProviderType }
- *
- */
- public KeyProviderType getKeyProvider() {
- return keyProvider;
- }
-
- /**
- * Sets the value of the keyProvider property.
- *
- * @param value
- * allowed object is
- * {@link KeyProviderType }
- *
- */
- public void setKeyProvider(KeyProviderType value) {
- this.keyProvider = value;
- }
-
- /**
- * Gets the value of the requestHandler property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getRequestHandler() {
- return requestHandler;
- }
-
- /**
- * Sets the value of the requestHandler property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setRequestHandler(String value) {
- this.requestHandler = value;
- }
-
- /**
- * Gets the value of the tokenProviders property.
- *
- * @return
- * possible object is
- * {@link TokenProvidersType }
- *
- */
- public TokenProvidersType getTokenProviders() {
- return tokenProviders;
- }
-
- /**
- * Sets the value of the tokenProviders property.
- *
- * @param value
- * allowed object is
- * {@link TokenProvidersType }
- *
- */
- public void setTokenProviders(TokenProvidersType value) {
- this.tokenProviders = value;
- }
-
- /**
- * Gets the value of the serviceProviders property.
- *
- * @return
- * possible object is
- * {@link ServiceProvidersType }
- *
- */
- public ServiceProvidersType getServiceProviders() {
- return serviceProviders;
- }
-
- /**
- * Sets the value of the serviceProviders property.
- *
- * @param value
- * allowed object is
- * {@link ServiceProvidersType }
- *
- */
- public void setServiceProviders(ServiceProvidersType value) {
- this.serviceProviders = value;
- }
-
- /**
- * Gets the value of the stsName property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getSTSName() {
- if (stsName == null) {
- return "JBossSTS";
- } else {
- return stsName;
- }
- }
-
- /**
- * Sets the value of the stsName property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setSTSName(String value) {
- this.stsName = value;
- }
-
- /**
- * Gets the value of the tokenTimeout property.
- *
- * @return
- * possible object is
- * {@link Integer }
- *
- */
- public int getTokenTimeout() {
- if (tokenTimeout == null) {
- return 3600;
- } else {
- return tokenTimeout;
- }
- }
-
- /**
- * Sets the value of the tokenTimeout property.
- *
- * @param value
- * allowed object is
- * {@link Integer }
- *
- */
- public void setTokenTimeout(Integer value) {
- this.tokenTimeout = value;
- }
-
- /**
- * Gets the value of the encryptToken property.
- *
- * @return
- * possible object is
- * {@link Boolean }
- *
- */
- public boolean isEncryptToken() {
- if (encryptToken == null) {
- return false;
- } else {
- return encryptToken;
- }
- }
-
- /**
- * Sets the value of the encryptToken property.
- *
- * @param value
- * allowed object is
- * {@link Boolean }
- *
- */
- public void setEncryptToken(Boolean value) {
- this.encryptToken = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,126 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- *
- * The service provider type contains information about a specific service provider. In particular,
- * it specifies the type of the token that must be issued for the provider and the alias of the
- * provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the
- * generated token.
- *
- *
- * <p>Java class for ServiceProviderType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="ServiceProviderType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <attribute name="endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * <attribute name="TruststoreAlias" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "ServiceProviderType")
-public class ServiceProviderType {
-
- @XmlAttribute(name = "Endpoint", required = true)
- protected String endpoint;
- @XmlAttribute(name = "TruststoreAlias", required = true)
- protected String truststoreAlias;
- @XmlAttribute(name = "TokenType", required = true)
- protected String tokenType;
-
- /**
- * Gets the value of the endpoint property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getEndpoint() {
- return endpoint;
- }
-
- /**
- * Sets the value of the endpoint property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setEndpoint(String value) {
- this.endpoint = value;
- }
-
- /**
- * Gets the value of the truststoreAlias property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getTruststoreAlias() {
- return truststoreAlias;
- }
-
- /**
- * Sets the value of the truststoreAlias property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setTruststoreAlias(String value) {
- this.truststoreAlias = value;
- }
-
- /**
- * Gets the value of the tokenType property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getTokenType() {
- return tokenType;
- }
-
- /**
- * Sets the value of the tokenType property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setTokenType(String value) {
- this.tokenType = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProvidersType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProvidersType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,81 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- *
- * The service providers specify the token type expected by each service provider.
- *
- *
- * <p>Java class for ServiceProvidersType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="ServiceProvidersType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="ServiceProvider" type="{urn:jboss:identity-federation:config:1.0}ServiceProviderType" maxOccurs="unbounded"/>
- * </sequence>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "ServiceProvidersType", propOrder = {
- "serviceProvider"
-})
-public class ServiceProvidersType {
-
- @XmlElement(name = "ServiceProvider", required = true)
- protected List<ServiceProviderType> serviceProvider;
-
- /**
- * Gets the value of the serviceProvider property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the serviceProvider property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getServiceProvider().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link ServiceProviderType }
- *
- *
- */
- public List<ServiceProviderType> getServiceProvider() {
- if (serviceProvider == null) {
- serviceProvider = new ArrayList<ServiceProviderType>();
- }
- return this.serviceProvider;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProviderType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,92 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * <p>Java class for TokenProviderType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="TokenProviderType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <attribute name="ProviderClass" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "TokenProviderType")
-public class TokenProviderType {
-
- @XmlAttribute(name = "ProviderClass", required = true)
- protected String providerClass;
- @XmlAttribute(name = "TokenType", required = true)
- protected String tokenType;
-
- /**
- * Gets the value of the providerClass property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getProviderClass() {
- return providerClass;
- }
-
- /**
- * Sets the value of the providerClass property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setProviderClass(String value) {
- this.providerClass = value;
- }
-
- /**
- * Gets the value of the tokenType property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getTokenType() {
- return tokenType;
- }
-
- /**
- * Sets the value of the tokenType property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setTokenType(String value) {
- this.tokenType = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProvidersType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TokenProvidersType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,83 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- *
- * The token providers specify the classes that handle the requests for each type of security Token.
- * For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider
- * may be used to generate X.509 tokens (certificates).
- *
- *
- * <p>Java class for TokenProvidersType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="TokenProvidersType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="TokenProvider" type="{urn:jboss:identity-federation:config:1.0}TokenProviderType" maxOccurs="unbounded"/>
- * </sequence>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "TokenProvidersType", propOrder = {
- "tokenProvider"
-})
-public class TokenProvidersType {
-
- @XmlElement(name = "TokenProvider", required = true)
- protected List<TokenProviderType> tokenProvider;
-
- /**
- * Gets the value of the tokenProvider property.
- *
- * <p>
- * This accessor method returns a reference to the live list,
- * not a snapshot. Therefore any modification you make to the
- * returned list will be present inside the JAXB object.
- * This is why there is not a <CODE>set</CODE> method for the tokenProvider property.
- *
- * <p>
- * For example, to add a new item, do as follows:
- * <pre>
- * getTokenProvider().add(newItem);
- * </pre>
- *
- *
- * <p>
- * Objects of the following type(s) are allowed in the list
- * {@link TokenProviderType }
- *
- *
- */
- public List<TokenProviderType> getTokenProvider() {
- if (tokenProvider == null) {
- tokenProvider = new ArrayList<TokenProviderType>();
- }
- return this.tokenProvider;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TrustType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TrustType.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/TrustType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,71 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-
-package org.jboss.identity.federation.bindings.config;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-
-/**
- * Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.
- *
- * <p>Java class for TrustType complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="TrustType">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element name="Domains" type="{http://www.w3.org/2001/XMLSchema}string"/>
- * </sequence>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-(a)XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "TrustType", propOrder = {
- "domains"
-})
-public class TrustType {
-
- @XmlElement(name = "Domains", required = true)
- protected String domains;
-
- /**
- * Gets the value of the domains property.
- *
- * @return
- * possible object is
- * {@link String }
- *
- */
- public String getDomains() {
- return domains;
- }
-
- /**
- * Sets the value of the domains property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setDomains(String value) {
- this.domains = value;
- }
-
-}
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/package-info.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/package-info.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/package-info.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,9 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.04.21 at 04:51:39 PM CDT
-//
-
-(a)javax.xml.bind.annotation.XmlSchema(namespace = "urn:jboss:identity-federation:config:1.0", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED)
-package org.jboss.identity.federation.bindings.config;
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/RoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/RoleGenerator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/RoleGenerator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,40 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.interfaces;
-
-import java.security.Principal;
-import java.util.List;
-
-/**
- * Generate roles given a principal
- * @author Anil.Saldhana(a)redhat.com
- * @since Jan 21, 2009
- */
-public interface RoleGenerator
-{
- /**
- * Generate roles given a principal
- * @param principal
- * @return
- */
- List<String> generateRoles(Principal principal);
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyConfigurationException.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyConfigurationException.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyConfigurationException.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,54 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.interfaces;
-
-import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-
-/**
- * ConfigurationException in the TrustKeyManager
- * @author Anil.Saldhana(a)redhat.com
- * @since May 22, 2009
- */
-public class TrustKeyConfigurationException extends ConfigurationException
-{
- private static final long serialVersionUID = 1L;
-
- public TrustKeyConfigurationException()
- {
- super();
- }
-
- public TrustKeyConfigurationException(String message, Throwable cause)
- {
- super(message, cause);
- }
-
- public TrustKeyConfigurationException(String message)
- {
- super(message);
- }
-
- public TrustKeyConfigurationException(Throwable cause)
- {
- super(cause);
- }
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,117 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.interfaces;
-
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.Certificate;
-import java.util.List;
-
-import javax.crypto.SecretKey;
-
-import org.jboss.identity.federation.bindings.config.AuthPropertyType;
-import org.jboss.identity.federation.bindings.config.KeyValueType;
-
-
-/**
- * Key Manager interface used in trust decisions
- * @author Anil.Saldhana(a)redhat.com
- * @since Jan 22, 2009
- */
-public interface TrustKeyManager
-{
- /**
- * Provide a set of properties used for authentication
- * into the storage of keys - keystore, ldap, db, HSM etc
- * @param authList
- * @throws {@link IOException}
- */
- void setAuthProperties(List<AuthPropertyType> authList)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Set a list of (domain,alias) tuple to trust domains
- * The alias is a string that represents the validating key stored
- * for a domain
- * @param aliases
- * @throws {@link IOException}
- */
- void setValidatingAlias(List<KeyValueType> aliases)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Get the Signing Key
- * @return
- * @throws {@link CertificateException}
- */
- PrivateKey getSigningKey()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * <p>
- * Constructs a {@code KeyPair} instance containing the signing key ({@code PrivateKey}) and associated
- * {@code PublicKey}.
- * </p>
- *
- * @return the constructed {@code KeyPair} object.
- */
- KeyPair getSigningKeyPair()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Get the certificate given an alias
- * @param alias
- * @return
- * @throws {@link CertificateException}
- */
- Certificate getCertificate(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Get a Public Key given an alias
- * @param alias
- * @return
- * @throws {@link CertificateException}
- */
- PublicKey getPublicKey(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Given a domain, obtain a secret key
- * @see {@code EncryptionKeyUtil}
- * @param domain
- * @param encryptionAlgorithm Encryption Algorithm
- * @param keyLength length of keys
- * @return
- */
- SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
- /**
- * Get the Validating Public Key of the domain
- * @param domain
- * @return
- */
- PublicKey getValidatingKey(String domain)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyProcessingException.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyProcessingException.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyProcessingException.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,54 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.interfaces;
-
-import org.jboss.identity.federation.core.exceptions.ProcessingException;
-
-/**
- * Processing Exception in the trust key manager
- * @author Anil.Saldhana(a)redhat.com
- * @since May 22, 2009
- */
-public class TrustKeyProcessingException extends ProcessingException
-{
- private static final long serialVersionUID = 1L;
-
- public TrustKeyProcessingException()
- {
- super();
- }
-
- public TrustKeyProcessingException(String message, Throwable cause)
- {
- super(message, cause);
- }
-
- public TrustKeyProcessingException(String message)
- {
- super(message);
- }
-
- public TrustKeyProcessingException(Throwable cause)
- {
- super(cause);
- }
-}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTS.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -40,7 +40,7 @@
import org.jboss.identity.federation.api.wstrust.WSTrustException;
import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.bindings.config.STSType;
+import org.jboss.identity.federation.web.config.STSType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.util.JAXBUtil;
@@ -48,8 +48,7 @@
import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenCollection;
import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
-import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
-import org.w3c.dom.Document;
+import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponseCollection;
/**
* <p>
@@ -189,7 +188,7 @@
try
{
- String pkgName = "org.jboss.identity.federation.bindings.config";
+ String pkgName = "org.jboss.identity.federation.web.config";
InputStream stream = configurationFile.openStream();
JAXBElement<STSType> element = (JAXBElement<STSType>) JAXBUtil.getUnmarshaller(pkgName).unmarshal(stream);
STSType stsConfig = element.getValue();
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -30,13 +30,13 @@
import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.config.STSType;
-import org.jboss.identity.federation.bindings.config.ServiceProviderType;
-import org.jboss.identity.federation.bindings.config.ServiceProvidersType;
-import org.jboss.identity.federation.bindings.config.TokenProviderType;
-import org.jboss.identity.federation.bindings.config.TokenProvidersType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.config.STSType;
+import org.jboss.identity.federation.web.config.ServiceProviderType;
+import org.jboss.identity.federation.web.config.ServiceProvidersType;
+import org.jboss.identity.federation.web.config.TokenProviderType;
+import org.jboss.identity.federation.web.config.TokenProvidersType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
/**
* <p>
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -42,11 +42,11 @@
import org.jboss.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder;
import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
import org.jboss.identity.federation.api.util.KeyUtil;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.config.KeyValueType;
-import org.jboss.identity.federation.bindings.config.MetadataProviderType;
-import org.jboss.identity.federation.bindings.config.ProviderType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.config.KeyValueType;
+import org.jboss.identity.federation.web.config.MetadataProviderType;
+import org.jboss.identity.federation.web.config.ProviderType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.bindings.providers.IMetadataProvider;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -39,11 +39,11 @@
import javax.crypto.SecretKey;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.bindings.config.AuthPropertyType;
-import org.jboss.identity.federation.bindings.config.KeyValueType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.config.AuthPropertyType;
+import org.jboss.identity.federation.web.config.KeyValueType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.bindings.util.cert.EncryptionKeyUtil;
import org.jboss.identity.federation.bindings.util.cert.KeyStoreUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -30,7 +30,7 @@
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.realm.GenericPrincipal;
-import org.jboss.identity.federation.bindings.interfaces.RoleGenerator;
+import org.jboss.identity.federation.web.interfaces.RoleGenerator;
/**
* Generate roles from Tomcat Principal
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -45,9 +45,9 @@
import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.TrustType;
-import org.jboss.identity.federation.bindings.interfaces.RoleGenerator;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.TrustType;
+import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -42,11 +42,11 @@
import org.apache.catalina.connector.Request;
import org.apache.log4j.Logger;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.bindings.config.EncryptionType;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.config.EncryptionType;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -41,12 +41,12 @@
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.valves.ValveBase;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.interfaces.RoleGenerator;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.interfaces.RoleGenerator;
+import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -43,9 +43,9 @@
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.TrustType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.TrustType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -29,7 +29,7 @@
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.bindings.config.SPType;
+import org.jboss.identity.federation.web.config.SPType;
import org.jboss.identity.federation.bindings.util.ValveUtil;
/**
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -44,7 +44,7 @@
import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.bindings.config.TrustType;
+import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostSignatureFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -38,10 +38,10 @@
import org.jboss.identity.federation.api.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.util.XMLSignatureUtil;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -44,7 +44,7 @@
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.api.util.Base64;
import org.jboss.identity.federation.api.util.DeflateUtil;
-import org.jboss.identity.federation.bindings.config.TrustType;
+import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -35,10 +35,10 @@
import org.apache.catalina.connector.Request;
import org.apache.log4j.Logger;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -32,8 +32,8 @@
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.SPType;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.SPType;
import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.util.JAXBUtil;
import org.xml.sax.SAXException;
@@ -105,7 +105,7 @@
String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
- String pkgName = "org.jboss.identity.federation.bindings.config";
+ String pkgName = "org.jboss.identity.federation.web.config";
Unmarshaller un = null;
if(validate)
un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema);
@@ -126,7 +126,7 @@
String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
- String pkgName = "org.jboss.identity.federation.bindings.config";
+ String pkgName = "org.jboss.identity.federation.web.config";
Unmarshaller un = null;
if(validate)
un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema);
Deleted: identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-08-14 04:47:21 UTC (rev 703)
@@ -1,225 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:jboss:identity-federation:config:1.0"
- xmlns:tns="urn:jboss:identity-federation:config:1.0"
- elementFormDefault="qualified" version="1.0">
- <complexType name="IDPType">
- <annotation>
- <documentation>
- IDP Type defines the configuration for an Identity
- Provider.
- </documentation>
- </annotation>
- <complexContent>
- <extension base="tns:ProviderType">
- <sequence>
- <element name="Encryption" type="tns:EncryptionType"
- maxOccurs="1" minOccurs="0">
- </element>
- </sequence>
- <attribute name="AssertionValidity" type="long"
- use="optional" default="300000"> <!-- 5 minutes expressed in miliseconds -->
- </attribute>
- <attribute name="RoleGenerator" type="string"
- use="optional"
- default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator">
- </attribute>
- <attribute name="Encrypt" type="boolean" use="optional"
- default="false">
- </attribute>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="JBossIDP" type="tns:IDPType">
- <annotation>
- <documentation>The root configuration for an Identity Provider(IDP) using JBoss Identity.</documentation>
- </annotation>
- </element>
-
-
- <complexType name="TrustType">
- <annotation>
- <documentation>Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.</documentation>
- </annotation>
- <sequence>
- <element name="Domains" type="string">
- <annotation>
- <documentation>Comma Separated domain names such as localhost,jboss.com,jboss.org</documentation>
- </annotation>
- </element>
- </sequence>
- </complexType>
-
- <complexType name="KeyProviderType">
- <annotation>
- <documentation>
- Source of the Signing and Validating Key
- </documentation>
- </annotation>
- <sequence>
- <element name="Auth" type="tns:AuthPropertyType"
- maxOccurs="unbounded" minOccurs="0">
- <annotation>
- <documentation>
- Key Value Pairs Needed to authenticate into the
- provider.
- </documentation>
- </annotation>
- </element>
- <element name="ValidatingAlias" type="tns:KeyValueType"
- maxOccurs="unbounded" minOccurs="0">
- <annotation>
- <documentation>
- Key Value pairs identifying domains against the
- alias for validating key
- </documentation>
- </annotation>
- </element>
- <element name="SigningAlias" type="string" maxOccurs="1"
- minOccurs="0">
- <annotation>
- <documentation>
- An alias that identifies the signing key
- </documentation>
- </annotation>
- </element>
- </sequence>
- <attribute name="ClassName" type="string"></attribute>
- </complexType>
-
- <complexType name="KeyValueType">
- <attribute name="Key" type="string"></attribute>
- <attribute name="Value" type="string"></attribute>
- </complexType>
-
- <complexType name="ProviderType">
- <annotation>
- <documentation>Base Type for IDP and SP</documentation>
- </annotation>
- <sequence>
- <element name="IdentityURL" type="string" maxOccurs="1"
- minOccurs="1">
- </element>
- <element name="Trust" type="tns:TrustType" maxOccurs="1"
- minOccurs="0">
- </element>
- <element name="KeyProvider" type="tns:KeyProviderType"
- maxOccurs="1" minOccurs="0">
- </element>
- <element name="MetaDataProvider" type="tns:MetadataProviderType" maxOccurs="1" minOccurs="0"></element>
- </sequence>
- <!-- Specify what is the server environment where the IDP or SP exists -->
- <attribute name="ServerEnvironment" use="optional" default="JBOSS">
- <simpleType>
- <restriction base="string">
- <enumeration value="JBOSS"></enumeration>
- <enumeration value="TOMCAT"></enumeration>
- </restriction>
- </simpleType>
- </attribute>
- </complexType>
-
- <complexType name="SPType">
- <annotation>
- <documentation>Service Provider Type</documentation>
- </annotation>
- <complexContent>
- <extension base="tns:ProviderType">
- <sequence>
- <element name="ServiceURL" type="string"></element>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
-
- <complexType name="AuthPropertyType">
- <complexContent>
- <extension base="tns:KeyValueType"></extension>
- </complexContent>
- </complexType>
-
- <element name="JBossSP" type="tns:SPType"></element>
-
- <simpleType name="EncAlgoType">
- <restriction base="string">
- <enumeration value="AES"></enumeration>
- <enumeration value="DES"></enumeration>
- <enumeration value="DESede"></enumeration>
- </restriction>
- </simpleType>
-
- <complexType name="EncryptionType">
- <sequence>
- <element name="EncAlgo" type="tns:EncAlgoType"></element>
- <element name="KeySize" type="int"></element>
- </sequence>
- </complexType>
-
- <!-- Security Token Service Elements -->
-
- <complexType name="STSType">
- <sequence>
- <element name="KeyProvider" type="tns:KeyProviderType"
- maxOccurs="1" minOccurs="0"/>
- <element name="RequestHandler" type="string" minOccurs="0"/>
- <element name="TokenProviders" type="tns:TokenProvidersType" minOccurs="0"/>
- <element name="ServiceProviders" type="tns:ServiceProvidersType" minOccurs="0"/>
- </sequence>
- <attribute name="STSName" default="JBossSTS" type="string" use="optional"/>
- <attribute name="TokenTimeout" default="3600" type="int" use="optional"/>
- <attribute name="EncryptToken" default="false" type="boolean" use="optional"/>
- </complexType>
-
- <complexType name="TokenProvidersType">
- <annotation>
- <documentation>
- The token providers specify the classes that handle the requests for each type of security Token.
- For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider
- may be used to generate X.509 tokens (certificates).
- </documentation>
- </annotation>
- <sequence>
- <element name="TokenProvider" type="tns:TokenProviderType" minOccurs="1" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <complexType name="TokenProviderType">
- <attribute name="ProviderClass" type="string" use="required"/>
- <attribute name="TokenType" type="string" use="required"/>
- </complexType>
-
- <complexType name="ServiceProvidersType">
- <annotation>
- <documentation>
- The service providers specify the token type expected by each service provider.
- </documentation>
- </annotation>
- <sequence>
- <element name="ServiceProvider" type="tns:ServiceProviderType" minOccurs="1" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <complexType name="ServiceProviderType">
- <annotation>
- <documentation>
- The service provider type contains information about a specific service provider. In particular,
- it specifies the type of the token that must be issued for the provider and the alias of the
- provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the
- generated token.
- </documentation>
- </annotation>
- <attribute name="Endpoint" type="string" use="required"/>
- <attribute name="TruststoreAlias" type="string" use="required"/>
- <attribute name="TokenType" type="string" use="required"/>
- </complexType>
-
- <element name="JBossSTS" type="tns:STSType"/>
-
-
- <complexType name="MetadataProviderType">
- <sequence>
- <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element>
- </sequence>
- <attribute name="ClassName" type="string"></attribute>
- </complexType>
-</schema>
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/ConfigUnitTestCase.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -29,17 +29,17 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.bindings.config.AuthPropertyType;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.KeyProviderType;
-import org.jboss.identity.federation.bindings.config.KeyValueType;
-import org.jboss.identity.federation.bindings.config.SPType;
-import org.jboss.identity.federation.bindings.config.STSType;
-import org.jboss.identity.federation.bindings.config.ServiceProviderType;
-import org.jboss.identity.federation.bindings.config.ServiceProvidersType;
-import org.jboss.identity.federation.bindings.config.TokenProviderType;
-import org.jboss.identity.federation.bindings.config.TokenProvidersType;
-import org.jboss.identity.federation.bindings.config.TrustType;
+import org.jboss.identity.federation.web.config.AuthPropertyType;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.KeyProviderType;
+import org.jboss.identity.federation.web.config.KeyValueType;
+import org.jboss.identity.federation.web.config.SPType;
+import org.jboss.identity.federation.web.config.STSType;
+import org.jboss.identity.federation.web.config.ServiceProviderType;
+import org.jboss.identity.federation.web.config.ServiceProvidersType;
+import org.jboss.identity.federation.web.config.TokenProviderType;
+import org.jboss.identity.federation.web.config.TokenProvidersType;
+import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.core.util.JAXBUtil;
/**
@@ -174,7 +174,7 @@
InputStream is = tcl.getResourceAsStream(configFile);
assertNotNull("Inputstream not null", is);
- Unmarshaller un = JAXBUtil.getValidatingUnmarshaller("org.jboss.identity.federation.bindings.config",
+ Unmarshaller un = JAXBUtil.getValidatingUnmarshaller("org.jboss.identity.federation.web.config",
schema);
return un.unmarshal(is);
}
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/MetadataConfigUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/MetadataConfigUnitTestCase.java 2009-08-14 03:36:48 UTC (rev 702)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/config/MetadataConfigUnitTestCase.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -29,10 +29,10 @@
import junit.framework.TestCase;
-import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.KeyValueType;
-import org.jboss.identity.federation.bindings.config.MetadataProviderType;
-import org.jboss.identity.federation.bindings.config.TrustType;
+import org.jboss.identity.federation.web.config.IDPType;
+import org.jboss.identity.federation.web.config.KeyValueType;
+import org.jboss.identity.federation.web.config.MetadataProviderType;
+import org.jboss.identity.federation.web.config.TrustType;
import org.jboss.identity.federation.core.util.JAXBUtil;
@@ -81,7 +81,7 @@
assertNotNull("Inputstream not null", is);
Unmarshaller un =
- JAXBUtil.getValidatingUnmarshaller("org.jboss.identity.federation.bindings.config",
+ JAXBUtil.getValidatingUnmarshaller("org.jboss.identity.federation.web.config",
schema);
return un.unmarshal(is);
}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/AuthPropertyType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/AuthPropertyType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/AuthPropertyType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,39 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for AuthPropertyType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="AuthPropertyType">
+ * <complexContent>
+ * <extension base="{urn:jboss:identity-federation:config:1.0}KeyValueType">
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "AuthPropertyType")
+public class AuthPropertyType
+ extends KeyValueType
+{
+
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncAlgoType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncAlgoType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncAlgoType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,59 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlEnum;
+import javax.xml.bind.annotation.XmlEnumValue;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for EncAlgoType.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ * <p>
+ * <pre>
+ * <simpleType name="EncAlgoType">
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}string">
+ * <enumeration value="AES"/>
+ * <enumeration value="DES"/>
+ * <enumeration value="DESede"/>
+ * </restriction>
+ * </simpleType>
+ * </pre>
+ *
+ */
+@XmlType(name = "EncAlgoType")
+@XmlEnum
+public enum EncAlgoType {
+
+ AES("AES"),
+ DES("DES"),
+ @XmlEnumValue("DESede")
+ DE_SEDE("DESede");
+ private final String value;
+
+ EncAlgoType(String v) {
+ value = v;
+ }
+
+ public String value() {
+ return value;
+ }
+
+ public static EncAlgoType fromValue(String v) {
+ for (EncAlgoType c: EncAlgoType.values()) {
+ if (c.value.equals(v)) {
+ return c;
+ }
+ }
+ throw new IllegalArgumentException(v);
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncryptionType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncryptionType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/EncryptionType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,89 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for EncryptionType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="EncryptionType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="EncAlgo" type="{urn:jboss:identity-federation:config:1.0}EncAlgoType"/>
+ * <element name="KeySize" type="{http://www.w3.org/2001/XMLSchema}int"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "EncryptionType", propOrder = {
+ "encAlgo",
+ "keySize"
+})
+public class EncryptionType {
+
+ @XmlElement(name = "EncAlgo", required = true)
+ protected EncAlgoType encAlgo;
+ @XmlElement(name = "KeySize")
+ protected int keySize;
+
+ /**
+ * Gets the value of the encAlgo property.
+ *
+ * @return
+ * possible object is
+ * {@link EncAlgoType }
+ *
+ */
+ public EncAlgoType getEncAlgo() {
+ return encAlgo;
+ }
+
+ /**
+ * Sets the value of the encAlgo property.
+ *
+ * @param value
+ * allowed object is
+ * {@link EncAlgoType }
+ *
+ */
+ public void setEncAlgo(EncAlgoType value) {
+ this.encAlgo = value;
+ }
+
+ /**
+ * Gets the value of the keySize property.
+ *
+ */
+ public int getKeySize() {
+ return keySize;
+ }
+
+ /**
+ * Sets the value of the keySize property.
+ *
+ */
+ public void setKeySize(int value) {
+ this.keySize = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/IDPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/IDPType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/IDPType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,170 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * IDP Type defines the configuration for an Identity
+ * Provider.
+ *
+ *
+ * <p>Java class for IDPType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="IDPType">
+ * <complexContent>
+ * <extension base="{urn:jboss:identity-federation:config:1.0}ProviderType">
+ * <sequence>
+ * <element name="Encryption" type="{urn:jboss:identity-federation:config:1.0}EncryptionType" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="AssertionValidity" type="{http://www.w3.org/2001/XMLSchema}long" default="300000" />
+ * <attribute name="RoleGenerator" type="{http://www.w3.org/2001/XMLSchema}string" default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator" />
+ * <attribute name="Encrypt" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "IDPType", propOrder = {
+ "encryption"
+})
+public class IDPType
+ extends ProviderType
+{
+
+ @XmlElement(name = "Encryption")
+ protected EncryptionType encryption;
+ @XmlAttribute(name = "AssertionValidity")
+ protected Long assertionValidity;
+ @XmlAttribute(name = "RoleGenerator")
+ protected String roleGenerator;
+ @XmlAttribute(name = "Encrypt")
+ protected Boolean encrypt;
+
+ /**
+ * Gets the value of the encryption property.
+ *
+ * @return
+ * possible object is
+ * {@link EncryptionType }
+ *
+ */
+ public EncryptionType getEncryption() {
+ return encryption;
+ }
+
+ /**
+ * Sets the value of the encryption property.
+ *
+ * @param value
+ * allowed object is
+ * {@link EncryptionType }
+ *
+ */
+ public void setEncryption(EncryptionType value) {
+ this.encryption = value;
+ }
+
+ /**
+ * Gets the value of the assertionValidity property.
+ *
+ * @return
+ * possible object is
+ * {@link Long }
+ *
+ */
+ public long getAssertionValidity() {
+ if (assertionValidity == null) {
+ return 300000L;
+ } else {
+ return assertionValidity;
+ }
+ }
+
+ /**
+ * Sets the value of the assertionValidity property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Long }
+ *
+ */
+ public void setAssertionValidity(Long value) {
+ this.assertionValidity = value;
+ }
+
+ /**
+ * Gets the value of the roleGenerator property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getRoleGenerator() {
+ if (roleGenerator == null) {
+ return "org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator";
+ } else {
+ return roleGenerator;
+ }
+ }
+
+ /**
+ * Sets the value of the roleGenerator property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setRoleGenerator(String value) {
+ this.roleGenerator = value;
+ }
+
+ /**
+ * Gets the value of the encrypt property.
+ *
+ * @return
+ * possible object is
+ * {@link Boolean }
+ *
+ */
+ public boolean isEncrypt() {
+ if (encrypt == null) {
+ return false;
+ } else {
+ return encrypt;
+ }
+ }
+
+ /**
+ * Sets the value of the encrypt property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Boolean }
+ *
+ */
+ public void setEncrypt(Boolean value) {
+ this.encrypt = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,170 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * Source of the Signing and Validating Key
+ *
+ *
+ * <p>Java class for KeyProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="KeyProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="Auth" type="{urn:jboss:identity-federation:config:1.0}AuthPropertyType" maxOccurs="unbounded" minOccurs="0"/>
+ * <element name="ValidatingAlias" type="{urn:jboss:identity-federation:config:1.0}KeyValueType" maxOccurs="unbounded" minOccurs="0"/>
+ * <element name="SigningAlias" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="ClassName" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "KeyProviderType", propOrder = {
+ "auth",
+ "validatingAlias",
+ "signingAlias"
+})
+public class KeyProviderType {
+
+ @XmlElement(name = "Auth")
+ protected List<AuthPropertyType> auth;
+ @XmlElement(name = "ValidatingAlias")
+ protected List<KeyValueType> validatingAlias;
+ @XmlElement(name = "SigningAlias")
+ protected String signingAlias;
+ @XmlAttribute(name = "ClassName")
+ protected String className;
+
+ /**
+ * Gets the value of the auth property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the auth property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getAuth().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link AuthPropertyType }
+ *
+ *
+ */
+ public List<AuthPropertyType> getAuth() {
+ if (auth == null) {
+ auth = new ArrayList<AuthPropertyType>();
+ }
+ return this.auth;
+ }
+
+ /**
+ * Gets the value of the validatingAlias property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the validatingAlias property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getValidatingAlias().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link KeyValueType }
+ *
+ *
+ */
+ public List<KeyValueType> getValidatingAlias() {
+ if (validatingAlias == null) {
+ validatingAlias = new ArrayList<KeyValueType>();
+ }
+ return this.validatingAlias;
+ }
+
+ /**
+ * Gets the value of the signingAlias property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getSigningAlias() {
+ return signingAlias;
+ }
+
+ /**
+ * Sets the value of the signingAlias property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setSigningAlias(String value) {
+ this.signingAlias = value;
+ }
+
+ /**
+ * Gets the value of the className property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getClassName() {
+ return className;
+ }
+
+ /**
+ * Sets the value of the className property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setClassName(String value) {
+ this.className = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyValueType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyValueType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/KeyValueType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,96 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlSeeAlso;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for KeyValueType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="KeyValueType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <attribute name="Key" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="Value" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "KeyValueType")
+@XmlSeeAlso({
+ AuthPropertyType.class
+})
+public class KeyValueType {
+
+ @XmlAttribute(name = "Key")
+ protected String key;
+ @XmlAttribute(name = "Value")
+ protected String value;
+
+ /**
+ * Gets the value of the key property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getKey() {
+ return key;
+ }
+
+ /**
+ * Sets the value of the key property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setKey(String value) {
+ this.key = value;
+ }
+
+ /**
+ * Gets the value of the value property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getValue() {
+ return value;
+ }
+
+ /**
+ * Sets the value of the value property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setValue(String value) {
+ this.value = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/MetadataProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/MetadataProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/MetadataProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,105 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.22 at 01:16:08 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for MetadataProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="MetadataProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="Option" type="{urn:jboss:identity-federation:config:1.0}KeyValueType" maxOccurs="unbounded" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="ClassName" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "MetadataProviderType", propOrder = {
+ "option"
+})
+public class MetadataProviderType {
+
+ @XmlElement(name = "Option")
+ protected List<KeyValueType> option;
+ @XmlAttribute(name = "ClassName")
+ protected String className;
+
+ /**
+ * Gets the value of the option property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the option property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getOption().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link KeyValueType }
+ *
+ *
+ */
+ public List<KeyValueType> getOption() {
+ if (option == null) {
+ option = new ArrayList<KeyValueType>();
+ }
+ return this.option;
+ }
+
+ /**
+ * Gets the value of the className property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getClassName() {
+ return className;
+ }
+
+ /**
+ * Sets the value of the className property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setClassName(String value) {
+ this.className = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ObjectFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ObjectFactory.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ObjectFactory.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,184 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.annotation.XmlElementDecl;
+import javax.xml.bind.annotation.XmlRegistry;
+import javax.xml.namespace.QName;
+
+
+/**
+ * This object contains factory methods for each
+ * Java content interface and Java element interface
+ * generated in the org.jboss.identity.federation.web.config package.
+ * <p>An ObjectFactory allows you to programatically
+ * construct new instances of the Java representation
+ * for XML content. The Java representation of XML
+ * content can consist of schema derived interfaces
+ * and classes representing the binding of schema
+ * type definitions, element declarations and model
+ * groups. Factory methods for each of these are
+ * provided in this class.
+ *
+ */
+@XmlRegistry
+public class ObjectFactory {
+
+ private final static QName _JBossSTS_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSTS");
+ private final static QName _JBossIDP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossIDP");
+ private final static QName _JBossSP_QNAME = new QName("urn:jboss:identity-federation:config:1.0", "JBossSP");
+
+ /**
+ * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: org.jboss.identity.federation.web.config
+ *
+ */
+ public ObjectFactory() {
+ }
+
+ /**
+ * Create an instance of {@link STSType }
+ *
+ */
+ public STSType createSTSType() {
+ return new STSType();
+ }
+
+ /**
+ * Create an instance of {@link KeyValueType }
+ *
+ */
+ public KeyValueType createKeyValueType() {
+ return new KeyValueType();
+ }
+
+ /**
+ * Create an instance of {@link ServiceProviderType }
+ *
+ */
+ public ServiceProviderType createServiceProviderType() {
+ return new ServiceProviderType();
+ }
+
+ /**
+ * Create an instance of {@link KeyProviderType }
+ *
+ */
+ public KeyProviderType createKeyProviderType() {
+ return new KeyProviderType();
+ }
+
+ /**
+ * Create an instance of {@link TokenProvidersType }
+ *
+ */
+ public TokenProvidersType createTokenProvidersType() {
+ return new TokenProvidersType();
+ }
+
+ /**
+ * Create an instance of {@link TokenProviderType }
+ *
+ */
+ public TokenProviderType createTokenProviderType() {
+ return new TokenProviderType();
+ }
+
+ /**
+ * Create an instance of {@link IDPType }
+ *
+ */
+ public IDPType createIDPType() {
+ return new IDPType();
+ }
+
+ /**
+ * Create an instance of {@link ServiceProvidersType }
+ *
+ */
+ public ServiceProvidersType createServiceProvidersType() {
+ return new ServiceProvidersType();
+ }
+
+ /**
+ * Create an instance of {@link MetadataProviderType }
+ *
+ */
+ public MetadataProviderType createMetadataProviderType() {
+ return new MetadataProviderType();
+ }
+
+ /**
+ * Create an instance of {@link ProviderType }
+ *
+ */
+ public ProviderType createProviderType() {
+ return new ProviderType();
+ }
+
+ /**
+ * Create an instance of {@link AuthPropertyType }
+ *
+ */
+ public AuthPropertyType createAuthPropertyType() {
+ return new AuthPropertyType();
+ }
+
+ /**
+ * Create an instance of {@link TrustType }
+ *
+ */
+ public TrustType createTrustType() {
+ return new TrustType();
+ }
+
+ /**
+ * Create an instance of {@link SPType }
+ *
+ */
+ public SPType createSPType() {
+ return new SPType();
+ }
+
+ /**
+ * Create an instance of {@link EncryptionType }
+ *
+ */
+ public EncryptionType createEncryptionType() {
+ return new EncryptionType();
+ }
+
+ /**
+ * Create an instance of {@link JAXBElement }{@code <}{@link STSType }{@code >}}
+ *
+ */
+ @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSTS")
+ public JAXBElement<STSType> createJBossSTS(STSType value) {
+ return new JAXBElement<STSType>(_JBossSTS_QNAME, STSType.class, null, value);
+ }
+
+ /**
+ * Create an instance of {@link JAXBElement }{@code <}{@link IDPType }{@code >}}
+ *
+ */
+ @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossIDP")
+ public JAXBElement<IDPType> createJBossIDP(IDPType value) {
+ return new JAXBElement<IDPType>(_JBossIDP_QNAME, IDPType.class, null, value);
+ }
+
+ /**
+ * Create an instance of {@link JAXBElement }{@code <}{@link SPType }{@code >}}
+ *
+ */
+ @XmlElementDecl(namespace = "urn:jboss:identity-federation:config:1.0", name = "JBossSP")
+ public JAXBElement<SPType> createJBossSP(SPType value) {
+ return new JAXBElement<SPType>(_JBossSP_QNAME, SPType.class, null, value);
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,199 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlSeeAlso;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * Base Type for IDP and SP
+ *
+ * <p>Java class for ProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="ProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="IdentityURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ * <element name="Trust" type="{urn:jboss:identity-federation:config:1.0}TrustType" minOccurs="0"/>
+ * <element name="KeyProvider" type="{urn:jboss:identity-federation:config:1.0}KeyProviderType" minOccurs="0"/>
+ * <element name="MetaDataProvider" type="{urn:jboss:identity-federation:config:1.0}MetadataProviderType" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="ServerEnvironment" default="JBOSS">
+ * <simpleType>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}string">
+ * <enumeration value="JBOSS"/>
+ * <enumeration value="TOMCAT"/>
+ * </restriction>
+ * </simpleType>
+ * </attribute>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ProviderType", propOrder = {
+ "identityURL",
+ "trust",
+ "keyProvider",
+ "metaDataProvider"
+})
+@XmlSeeAlso({
+ IDPType.class,
+ SPType.class
+})
+public class ProviderType {
+
+ @XmlElement(name = "IdentityURL", required = true)
+ protected String identityURL;
+ @XmlElement(name = "Trust")
+ protected TrustType trust;
+ @XmlElement(name = "KeyProvider")
+ protected KeyProviderType keyProvider;
+ @XmlElement(name = "MetaDataProvider")
+ protected MetadataProviderType metaDataProvider;
+ @XmlAttribute(name = "ServerEnvironment")
+ protected String serverEnvironment;
+
+ /**
+ * Gets the value of the identityURL property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getIdentityURL() {
+ return identityURL;
+ }
+
+ /**
+ * Sets the value of the identityURL property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setIdentityURL(String value) {
+ this.identityURL = value;
+ }
+
+ /**
+ * Gets the value of the trust property.
+ *
+ * @return
+ * possible object is
+ * {@link TrustType }
+ *
+ */
+ public TrustType getTrust() {
+ return trust;
+ }
+
+ /**
+ * Sets the value of the trust property.
+ *
+ * @param value
+ * allowed object is
+ * {@link TrustType }
+ *
+ */
+ public void setTrust(TrustType value) {
+ this.trust = value;
+ }
+
+ /**
+ * Gets the value of the keyProvider property.
+ *
+ * @return
+ * possible object is
+ * {@link KeyProviderType }
+ *
+ */
+ public KeyProviderType getKeyProvider() {
+ return keyProvider;
+ }
+
+ /**
+ * Sets the value of the keyProvider property.
+ *
+ * @param value
+ * allowed object is
+ * {@link KeyProviderType }
+ *
+ */
+ public void setKeyProvider(KeyProviderType value) {
+ this.keyProvider = value;
+ }
+
+ /**
+ * Gets the value of the metaDataProvider property.
+ *
+ * @return
+ * possible object is
+ * {@link MetadataProviderType }
+ *
+ */
+ public MetadataProviderType getMetaDataProvider() {
+ return metaDataProvider;
+ }
+
+ /**
+ * Sets the value of the metaDataProvider property.
+ *
+ * @param value
+ * allowed object is
+ * {@link MetadataProviderType }
+ *
+ */
+ public void setMetaDataProvider(MetadataProviderType value) {
+ this.metaDataProvider = value;
+ }
+
+ /**
+ * Gets the value of the serverEnvironment property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getServerEnvironment() {
+ if (serverEnvironment == null) {
+ return "JBOSS";
+ } else {
+ return serverEnvironment;
+ }
+ }
+
+ /**
+ * Sets the value of the serverEnvironment property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setServerEnvironment(String value) {
+ this.serverEnvironment = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/SPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/SPType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/SPType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,73 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * Service Provider Type
+ *
+ * <p>Java class for SPType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="SPType">
+ * <complexContent>
+ * <extension base="{urn:jboss:identity-federation:config:1.0}ProviderType">
+ * <sequence>
+ * <element name="ServiceURL" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ * </sequence>
+ * </extension>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "SPType", propOrder = {
+ "serviceURL"
+})
+public class SPType
+ extends ProviderType
+{
+
+ @XmlElement(name = "ServiceURL", required = true)
+ protected String serviceURL;
+
+ /**
+ * Gets the value of the serviceURL property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getServiceURL() {
+ return serviceURL;
+ }
+
+ /**
+ * Sets the value of the serviceURL property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setServiceURL(String value) {
+ this.serviceURL = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/STSType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/STSType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/STSType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,247 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for STSType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="STSType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="KeyProvider" type="{urn:jboss:identity-federation:config:1.0}KeyProviderType" minOccurs="0"/>
+ * <element name="RequestHandler" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
+ * <element name="TokenProviders" type="{urn:jboss:identity-federation:config:1.0}TokenProvidersType" minOccurs="0"/>
+ * <element name="ServiceProviders" type="{urn:jboss:identity-federation:config:1.0}ServiceProvidersType" minOccurs="0"/>
+ * </sequence>
+ * <attribute name="STSName" type="{http://www.w3.org/2001/XMLSchema}string" default="JBossSTS" />
+ * <attribute name="TokenTimeout" type="{http://www.w3.org/2001/XMLSchema}int" default="3600" />
+ * <attribute name="EncryptToken" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "STSType", propOrder = {
+ "keyProvider",
+ "requestHandler",
+ "tokenProviders",
+ "serviceProviders"
+})
+public class STSType {
+
+ @XmlElement(name = "KeyProvider")
+ protected KeyProviderType keyProvider;
+ @XmlElement(name = "RequestHandler")
+ protected String requestHandler;
+ @XmlElement(name = "TokenProviders")
+ protected TokenProvidersType tokenProviders;
+ @XmlElement(name = "ServiceProviders")
+ protected ServiceProvidersType serviceProviders;
+ @XmlAttribute(name = "STSName")
+ protected String stsName;
+ @XmlAttribute(name = "TokenTimeout")
+ protected Integer tokenTimeout;
+ @XmlAttribute(name = "EncryptToken")
+ protected Boolean encryptToken;
+
+ /**
+ * Gets the value of the keyProvider property.
+ *
+ * @return
+ * possible object is
+ * {@link KeyProviderType }
+ *
+ */
+ public KeyProviderType getKeyProvider() {
+ return keyProvider;
+ }
+
+ /**
+ * Sets the value of the keyProvider property.
+ *
+ * @param value
+ * allowed object is
+ * {@link KeyProviderType }
+ *
+ */
+ public void setKeyProvider(KeyProviderType value) {
+ this.keyProvider = value;
+ }
+
+ /**
+ * Gets the value of the requestHandler property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getRequestHandler() {
+ return requestHandler;
+ }
+
+ /**
+ * Sets the value of the requestHandler property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setRequestHandler(String value) {
+ this.requestHandler = value;
+ }
+
+ /**
+ * Gets the value of the tokenProviders property.
+ *
+ * @return
+ * possible object is
+ * {@link TokenProvidersType }
+ *
+ */
+ public TokenProvidersType getTokenProviders() {
+ return tokenProviders;
+ }
+
+ /**
+ * Sets the value of the tokenProviders property.
+ *
+ * @param value
+ * allowed object is
+ * {@link TokenProvidersType }
+ *
+ */
+ public void setTokenProviders(TokenProvidersType value) {
+ this.tokenProviders = value;
+ }
+
+ /**
+ * Gets the value of the serviceProviders property.
+ *
+ * @return
+ * possible object is
+ * {@link ServiceProvidersType }
+ *
+ */
+ public ServiceProvidersType getServiceProviders() {
+ return serviceProviders;
+ }
+
+ /**
+ * Sets the value of the serviceProviders property.
+ *
+ * @param value
+ * allowed object is
+ * {@link ServiceProvidersType }
+ *
+ */
+ public void setServiceProviders(ServiceProvidersType value) {
+ this.serviceProviders = value;
+ }
+
+ /**
+ * Gets the value of the stsName property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getSTSName() {
+ if (stsName == null) {
+ return "JBossSTS";
+ } else {
+ return stsName;
+ }
+ }
+
+ /**
+ * Sets the value of the stsName property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setSTSName(String value) {
+ this.stsName = value;
+ }
+
+ /**
+ * Gets the value of the tokenTimeout property.
+ *
+ * @return
+ * possible object is
+ * {@link Integer }
+ *
+ */
+ public int getTokenTimeout() {
+ if (tokenTimeout == null) {
+ return 3600;
+ } else {
+ return tokenTimeout;
+ }
+ }
+
+ /**
+ * Sets the value of the tokenTimeout property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Integer }
+ *
+ */
+ public void setTokenTimeout(Integer value) {
+ this.tokenTimeout = value;
+ }
+
+ /**
+ * Gets the value of the encryptToken property.
+ *
+ * @return
+ * possible object is
+ * {@link Boolean }
+ *
+ */
+ public boolean isEncryptToken() {
+ if (encryptToken == null) {
+ return false;
+ } else {
+ return encryptToken;
+ }
+ }
+
+ /**
+ * Sets the value of the encryptToken property.
+ *
+ * @param value
+ * allowed object is
+ * {@link Boolean }
+ *
+ */
+ public void setEncryptToken(Boolean value) {
+ this.encryptToken = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,126 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * The service provider type contains information about a specific service provider. In particular,
+ * it specifies the type of the token that must be issued for the provider and the alias of the
+ * provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the
+ * generated token.
+ *
+ *
+ * <p>Java class for ServiceProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="ServiceProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <attribute name="endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TruststoreAlias" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ServiceProviderType")
+public class ServiceProviderType {
+
+ @XmlAttribute(name = "Endpoint", required = true)
+ protected String endpoint;
+ @XmlAttribute(name = "TruststoreAlias", required = true)
+ protected String truststoreAlias;
+ @XmlAttribute(name = "TokenType", required = true)
+ protected String tokenType;
+
+ /**
+ * Gets the value of the endpoint property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getEndpoint() {
+ return endpoint;
+ }
+
+ /**
+ * Sets the value of the endpoint property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setEndpoint(String value) {
+ this.endpoint = value;
+ }
+
+ /**
+ * Gets the value of the truststoreAlias property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getTruststoreAlias() {
+ return truststoreAlias;
+ }
+
+ /**
+ * Sets the value of the truststoreAlias property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setTruststoreAlias(String value) {
+ this.truststoreAlias = value;
+ }
+
+ /**
+ * Gets the value of the tokenType property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getTokenType() {
+ return tokenType;
+ }
+
+ /**
+ * Sets the value of the tokenType property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setTokenType(String value) {
+ this.tokenType = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProvidersType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/ServiceProvidersType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,81 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * The service providers specify the token type expected by each service provider.
+ *
+ *
+ * <p>Java class for ServiceProvidersType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="ServiceProvidersType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="ServiceProvider" type="{urn:jboss:identity-federation:config:1.0}ServiceProviderType" maxOccurs="unbounded"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ServiceProvidersType", propOrder = {
+ "serviceProvider"
+})
+public class ServiceProvidersType {
+
+ @XmlElement(name = "ServiceProvider", required = true)
+ protected List<ServiceProviderType> serviceProvider;
+
+ /**
+ * Gets the value of the serviceProvider property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the serviceProvider property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getServiceProvider().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link ServiceProviderType }
+ *
+ *
+ */
+ public List<ServiceProviderType> getServiceProvider() {
+ if (serviceProvider == null) {
+ serviceProvider = new ArrayList<ServiceProviderType>();
+ }
+ return this.serviceProvider;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProviderType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProviderType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,92 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * <p>Java class for TokenProviderType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="TokenProviderType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <attribute name="ProviderClass" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "TokenProviderType")
+public class TokenProviderType {
+
+ @XmlAttribute(name = "ProviderClass", required = true)
+ protected String providerClass;
+ @XmlAttribute(name = "TokenType", required = true)
+ protected String tokenType;
+
+ /**
+ * Gets the value of the providerClass property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getProviderClass() {
+ return providerClass;
+ }
+
+ /**
+ * Sets the value of the providerClass property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setProviderClass(String value) {
+ this.providerClass = value;
+ }
+
+ /**
+ * Gets the value of the tokenType property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getTokenType() {
+ return tokenType;
+ }
+
+ /**
+ * Sets the value of the tokenType property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setTokenType(String value) {
+ this.tokenType = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProvidersType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TokenProvidersType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,83 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ *
+ * The token providers specify the classes that handle the requests for each type of security Token.
+ * For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider
+ * may be used to generate X.509 tokens (certificates).
+ *
+ *
+ * <p>Java class for TokenProvidersType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="TokenProvidersType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="TokenProvider" type="{urn:jboss:identity-federation:config:1.0}TokenProviderType" maxOccurs="unbounded"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "TokenProvidersType", propOrder = {
+ "tokenProvider"
+})
+public class TokenProvidersType {
+
+ @XmlElement(name = "TokenProvider", required = true)
+ protected List<TokenProviderType> tokenProvider;
+
+ /**
+ * Gets the value of the tokenProvider property.
+ *
+ * <p>
+ * This accessor method returns a reference to the live list,
+ * not a snapshot. Therefore any modification you make to the
+ * returned list will be present inside the JAXB object.
+ * This is why there is not a <CODE>set</CODE> method for the tokenProvider property.
+ *
+ * <p>
+ * For example, to add a new item, do as follows:
+ * <pre>
+ * getTokenProvider().add(newItem);
+ * </pre>
+ *
+ *
+ * <p>
+ * Objects of the following type(s) are allowed in the list
+ * {@link TokenProviderType }
+ *
+ *
+ */
+ public List<TokenProviderType> getTokenProvider() {
+ if (tokenProvider == null) {
+ tokenProvider = new ArrayList<TokenProviderType>();
+ }
+ return this.tokenProvider;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TrustType.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TrustType.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/TrustType.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,71 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+
+package org.jboss.identity.federation.web.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.
+ *
+ * <p>Java class for TrustType complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="TrustType">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element name="Domains" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+(a)XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "TrustType", propOrder = {
+ "domains"
+})
+public class TrustType {
+
+ @XmlElement(name = "Domains", required = true)
+ protected String domains;
+
+ /**
+ * Gets the value of the domains property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getDomains() {
+ return domains;
+ }
+
+ /**
+ * Sets the value of the domains property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setDomains(String value) {
+ this.domains = value;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/package-info.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/package-info.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/config/package-info.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,9 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.04.21 at 04:51:39 PM CDT
+//
+
+(a)javax.xml.bind.annotation.XmlSchema(namespace = "urn:jboss:identity-federation:config:1.0", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED)
+package org.jboss.identity.federation.web.config;
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.interfaces;
+
+import java.security.Principal;
+import java.util.List;
+
+/**
+ * Generate roles given a principal
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jan 21, 2009
+ */
+public interface RoleGenerator
+{
+ /**
+ * Generate roles given a principal
+ * @param principal
+ * @return
+ */
+ List<String> generateRoles(Principal principal);
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyConfigurationException.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyConfigurationException.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyConfigurationException.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.interfaces;
+
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+
+/**
+ * ConfigurationException in the TrustKeyManager
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 22, 2009
+ */
+public class TrustKeyConfigurationException extends ConfigurationException
+{
+ private static final long serialVersionUID = 1L;
+
+ public TrustKeyConfigurationException()
+ {
+ super();
+ }
+
+ public TrustKeyConfigurationException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public TrustKeyConfigurationException(String message)
+ {
+ super(message);
+ }
+
+ public TrustKeyConfigurationException(Throwable cause)
+ {
+ super(cause);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyManager.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,117 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.interfaces;
+
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+import java.util.List;
+
+import javax.crypto.SecretKey;
+
+import org.jboss.identity.federation.web.config.AuthPropertyType;
+import org.jboss.identity.federation.web.config.KeyValueType;
+
+
+/**
+ * Key Manager interface used in trust decisions
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jan 22, 2009
+ */
+public interface TrustKeyManager
+{
+ /**
+ * Provide a set of properties used for authentication
+ * into the storage of keys - keystore, ldap, db, HSM etc
+ * @param authList
+ * @throws {@link IOException}
+ */
+ void setAuthProperties(List<AuthPropertyType> authList)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Set a list of (domain,alias) tuple to trust domains
+ * The alias is a string that represents the validating key stored
+ * for a domain
+ * @param aliases
+ * @throws {@link IOException}
+ */
+ void setValidatingAlias(List<KeyValueType> aliases)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Get the Signing Key
+ * @return
+ * @throws {@link CertificateException}
+ */
+ PrivateKey getSigningKey()
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * <p>
+ * Constructs a {@code KeyPair} instance containing the signing key ({@code PrivateKey}) and associated
+ * {@code PublicKey}.
+ * </p>
+ *
+ * @return the constructed {@code KeyPair} object.
+ */
+ KeyPair getSigningKeyPair()
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Get the certificate given an alias
+ * @param alias
+ * @return
+ * @throws {@link CertificateException}
+ */
+ Certificate getCertificate(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Get a Public Key given an alias
+ * @param alias
+ * @return
+ * @throws {@link CertificateException}
+ */
+ PublicKey getPublicKey(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Given a domain, obtain a secret key
+ * @see {@code EncryptionKeyUtil}
+ * @param domain
+ * @param encryptionAlgorithm Encryption Algorithm
+ * @param keyLength length of keys
+ * @return
+ */
+ SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Get the Validating Public Key of the domain
+ * @param domain
+ * @return
+ */
+ PublicKey getValidatingKey(String domain)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyProcessingException.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyProcessingException.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/TrustKeyProcessingException.java 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.interfaces;
+
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
+
+/**
+ * Processing Exception in the trust key manager
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 22, 2009
+ */
+public class TrustKeyProcessingException extends ProcessingException
+{
+ private static final long serialVersionUID = 1L;
+
+ public TrustKeyProcessingException()
+ {
+ super();
+ }
+
+ public TrustKeyProcessingException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public TrustKeyProcessingException(String message)
+ {
+ super(message);
+ }
+
+ public TrustKeyProcessingException(Throwable cause)
+ {
+ super(cause);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-08-14 04:47:21 UTC (rev 703)
@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:jboss:identity-federation:config:1.0"
+ xmlns:tns="urn:jboss:identity-federation:config:1.0"
+ elementFormDefault="qualified" version="1.0">
+ <complexType name="IDPType">
+ <annotation>
+ <documentation>
+ IDP Type defines the configuration for an Identity
+ Provider.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="tns:ProviderType">
+ <sequence>
+ <element name="Encryption" type="tns:EncryptionType"
+ maxOccurs="1" minOccurs="0">
+ </element>
+ </sequence>
+ <attribute name="AssertionValidity" type="long"
+ use="optional" default="300000"> <!-- 5 minutes expressed in miliseconds -->
+ </attribute>
+ <attribute name="RoleGenerator" type="string"
+ use="optional"
+ default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator">
+ </attribute>
+ <attribute name="Encrypt" type="boolean" use="optional"
+ default="false">
+ </attribute>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <element name="JBossIDP" type="tns:IDPType">
+ <annotation>
+ <documentation>The root configuration for an Identity Provider(IDP) using JBoss Identity.</documentation>
+ </annotation>
+ </element>
+
+
+ <complexType name="TrustType">
+ <annotation>
+ <documentation>Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.</documentation>
+ </annotation>
+ <sequence>
+ <element name="Domains" type="string">
+ <annotation>
+ <documentation>Comma Separated domain names such as localhost,jboss.com,jboss.org</documentation>
+ </annotation>
+ </element>
+ </sequence>
+ </complexType>
+
+ <complexType name="KeyProviderType">
+ <annotation>
+ <documentation>
+ Source of the Signing and Validating Key
+ </documentation>
+ </annotation>
+ <sequence>
+ <element name="Auth" type="tns:AuthPropertyType"
+ maxOccurs="unbounded" minOccurs="0">
+ <annotation>
+ <documentation>
+ Key Value Pairs Needed to authenticate into the
+ provider.
+ </documentation>
+ </annotation>
+ </element>
+ <element name="ValidatingAlias" type="tns:KeyValueType"
+ maxOccurs="unbounded" minOccurs="0">
+ <annotation>
+ <documentation>
+ Key Value pairs identifying domains against the
+ alias for validating key
+ </documentation>
+ </annotation>
+ </element>
+ <element name="SigningAlias" type="string" maxOccurs="1"
+ minOccurs="0">
+ <annotation>
+ <documentation>
+ An alias that identifies the signing key
+ </documentation>
+ </annotation>
+ </element>
+ </sequence>
+ <attribute name="ClassName" type="string"></attribute>
+ </complexType>
+
+ <complexType name="KeyValueType">
+ <attribute name="Key" type="string"></attribute>
+ <attribute name="Value" type="string"></attribute>
+ </complexType>
+
+ <complexType name="ProviderType">
+ <annotation>
+ <documentation>Base Type for IDP and SP</documentation>
+ </annotation>
+ <sequence>
+ <element name="IdentityURL" type="string" maxOccurs="1"
+ minOccurs="1">
+ </element>
+ <element name="Trust" type="tns:TrustType" maxOccurs="1"
+ minOccurs="0">
+ </element>
+ <element name="KeyProvider" type="tns:KeyProviderType"
+ maxOccurs="1" minOccurs="0">
+ </element>
+ <element name="MetaDataProvider" type="tns:MetadataProviderType" maxOccurs="1" minOccurs="0"></element>
+ </sequence>
+ <!-- Specify what is the server environment where the IDP or SP exists -->
+ <attribute name="ServerEnvironment" use="optional" default="JBOSS">
+ <simpleType>
+ <restriction base="string">
+ <enumeration value="JBOSS"></enumeration>
+ <enumeration value="TOMCAT"></enumeration>
+ </restriction>
+ </simpleType>
+ </attribute>
+ </complexType>
+
+ <complexType name="SPType">
+ <annotation>
+ <documentation>Service Provider Type</documentation>
+ </annotation>
+ <complexContent>
+ <extension base="tns:ProviderType">
+ <sequence>
+ <element name="ServiceURL" type="string"></element>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AuthPropertyType">
+ <complexContent>
+ <extension base="tns:KeyValueType"></extension>
+ </complexContent>
+ </complexType>
+
+ <element name="JBossSP" type="tns:SPType"></element>
+
+ <simpleType name="EncAlgoType">
+ <restriction base="string">
+ <enumeration value="AES"></enumeration>
+ <enumeration value="DES"></enumeration>
+ <enumeration value="DESede"></enumeration>
+ </restriction>
+ </simpleType>
+
+ <complexType name="EncryptionType">
+ <sequence>
+ <element name="EncAlgo" type="tns:EncAlgoType"></element>
+ <element name="KeySize" type="int"></element>
+ </sequence>
+ </complexType>
+
+ <!-- Security Token Service Elements -->
+
+ <complexType name="STSType">
+ <sequence>
+ <element name="KeyProvider" type="tns:KeyProviderType"
+ maxOccurs="1" minOccurs="0"/>
+ <element name="RequestHandler" type="string" minOccurs="0"/>
+ <element name="TokenProviders" type="tns:TokenProvidersType" minOccurs="0"/>
+ <element name="ServiceProviders" type="tns:ServiceProvidersType" minOccurs="0"/>
+ </sequence>
+ <attribute name="STSName" default="JBossSTS" type="string" use="optional"/>
+ <attribute name="TokenTimeout" default="3600" type="int" use="optional"/>
+ <attribute name="EncryptToken" default="false" type="boolean" use="optional"/>
+ </complexType>
+
+ <complexType name="TokenProvidersType">
+ <annotation>
+ <documentation>
+ The token providers specify the classes that handle the requests for each type of security Token.
+ For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider
+ may be used to generate X.509 tokens (certificates).
+ </documentation>
+ </annotation>
+ <sequence>
+ <element name="TokenProvider" type="tns:TokenProviderType" minOccurs="1" maxOccurs="unbounded"/>
+ </sequence>
+ </complexType>
+
+ <complexType name="TokenProviderType">
+ <attribute name="ProviderClass" type="string" use="required"/>
+ <attribute name="TokenType" type="string" use="required"/>
+ </complexType>
+
+ <complexType name="ServiceProvidersType">
+ <annotation>
+ <documentation>
+ The service providers specify the token type expected by each service provider.
+ </documentation>
+ </annotation>
+ <sequence>
+ <element name="ServiceProvider" type="tns:ServiceProviderType" minOccurs="1" maxOccurs="unbounded"/>
+ </sequence>
+ </complexType>
+
+ <complexType name="ServiceProviderType">
+ <annotation>
+ <documentation>
+ The service provider type contains information about a specific service provider. In particular,
+ it specifies the type of the token that must be issued for the provider and the alias of the
+ provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the
+ generated token.
+ </documentation>
+ </annotation>
+ <attribute name="Endpoint" type="string" use="required"/>
+ <attribute name="TruststoreAlias" type="string" use="required"/>
+ <attribute name="TokenType" type="string" use="required"/>
+ </complexType>
+
+ <element name="JBossSTS" type="tns:STSType"/>
+
+
+ <complexType name="MetadataProviderType">
+ <sequence>
+ <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element>
+ </sequence>
+ <attribute name="ClassName" type="string"></attribute>
+ </complexType>
+</schema>
\ No newline at end of file
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r702 - in identity-federation/trunk/jboss-identity-webapps: circleoftrust/resources and 51 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:36:48 -0400 (Thu, 13 Aug 2009)
New Revision: 702
Modified:
identity-federation/trunk/jboss-identity-webapps/circleoftrust/
identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources/
identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/employee/
…
[View More]identity-federation/trunk/jboss-identity-webapps/employee/resources/
identity-federation/trunk/jboss-identity-webapps/employee/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/employee/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/idp-sig/
identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/
identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/jsp/
identity-federation/trunk/jboss-identity-webapps/idp/
identity-federation/trunk/jboss-identity-webapps/idp/resources/
identity-federation/trunk/jboss-identity-webapps/idp/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/idp/resources/jsp/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF/lib/
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF/wsdl/
identity-federation/trunk/jboss-identity-webapps/metadata/
identity-federation/trunk/jboss-identity-webapps/metadata/resources/
identity-federation/trunk/jboss-identity-webapps/metadata/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/metadata/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/openid-consumer/
identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources/
identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/openid-provider/
identity-federation/trunk/jboss-identity-webapps/openid-provider/resources/
identity-federation/trunk/jboss-identity-webapps/openid-provider/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/openid-provider/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources/
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/sales/
identity-federation/trunk/jboss-identity-webapps/sales/resources/
identity-federation/trunk/jboss-identity-webapps/sales/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/sales/resources/WEB-INF/
Log:
svn ig
Property changes on: identity-federation/trunk/jboss-identity-webapps/circleoftrust
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/circleoftrust/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/employee
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/employee/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/employee/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/employee/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp/resources/jsp
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp-sig
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp-sig/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/jsp
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF/lib
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/webapp/WEB-INF/wsdl
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/metadata
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/metadata/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/metadata/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/metadata/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-consumer
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-consumer/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-provider
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-provider/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-provider/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/openid-provider/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/pdp/resources
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-post-sig
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources/META-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r701 - in identity-federation/trunk/jboss-identity-webapps: pdp and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:15:18 -0400 (Thu, 13 Aug 2009)
New Revision: 701
Modified:
identity-federation/trunk/jboss-identity-webapps/
identity-federation/trunk/jboss-identity-webapps/pdp/
identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
Log:
changes
Property changes on: identity-federation/trunk/jboss-identity-webapps
…
[View More]___________________________________________________________________
Name: svn:ignore
- .metadata
target
.settings
target-eclipse
eclipse-target
.classpath
.project
+ .metadata
.classpath
.settings
.project
Property changes on: identity-federation/trunk/jboss-identity-webapps/pdp
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
Modified: identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-08-14 03:11:25 UTC (rev 700)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-08-14 03:15:18 UTC (rev 701)
@@ -9,7 +9,7 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>pdp</artifactId>
<packaging>war</packaging>
- <name>JBoss Identity Federation Identity Provider</name>
+ <name>JBoss Identity XACML PDP</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>XACML PDP Web Application for the JBoss Identity Project</description>
<licenses>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-08-14 03:11:25 UTC (rev 700)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-08-14 03:15:18 UTC (rev 701)
@@ -9,7 +9,7 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>sales-sig</artifactId>
<packaging>war</packaging>
- <name>JBoss Identity Federation Sales</name>
+ <name>JBoss Identity Federation Sales with HTTP-Redirect and Signature</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description>
<licenses>
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r700 - in identity-federation/trunk/jboss-identity-webapps: pdp and 4 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:11:25 -0400 (Thu, 13 Aug 2009)
New Revision: 700
Added:
identity-federation/trunk/jboss-identity-webapps/pdp/
identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/
identity-federation/trunk/jboss-…
[View More]identity-webapps/pdp/resources/WEB-INF/classes/policies/
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/himss-policy.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policyConfig.xml
identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/web.xml
Modified:
identity-federation/trunk/jboss-identity-webapps/pom.xml
Log:
add a pdp web application
Added: identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,39 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.identity</groupId>
+ <artifactId>jboss-identity-federation-webapps</artifactId>
+ <version>1.0.0.alpha5-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>pdp</artifactId>
+ <packaging>war</packaging>
+ <name>JBoss Identity Federation Identity Provider</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>XACML PDP Web Application for the JBoss Identity Project</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>pdp</warName>
+ <webappDirectory>${basedir}/resources/</webappDirectory>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Top level policy set which combines the CDA and N confidentiality codes.
+ </Description>
+ <Target/>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:emergency"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target/>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:emergency</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:CDA"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >UBA</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:CDA</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:MA"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >MA</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:MA</PolicySetIdReference>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:MA:default-to-permit"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA"
+ Effect="Permit">
+ <Description>
+ If a Deny was obtained for object above then set Permit by default.
+ </Description>
+ </Rule>
+ </Policy>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:bus-rule"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:progress-note</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:N"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target/>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N</PolicySetIdReference>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N:PermCollections</PolicySetIdReference>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:CDA"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the UBA confidentiality code.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:CDA"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:CDA:1"
+ Effect="Permit">
+ <Description>
+ If the access subject is NOT one of those users which consent has
+ been removed, then permit.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:dissented-subject-id NOT EQUAL TO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <!-- True if hl7:dissented-subject-id EQUAL TO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:dissented-subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:CDA:2"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response -->
+ <!-- This obligation instructs the PEP to apply privacy constraints to -->
+ <!-- user's responsibility for the data. -->
+ <Obligation
+ ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:privacy:constraint"
+ FulfillOn="Deny"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for evaluating the subject:role attributes.
+ This implements an RBAC policy. This policy set matches
+ subject roles and refers to permission policy sets.
+ </Description>
+ <Target/>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:physician"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:role:hl7:physician</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:PermCollections"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for evaluating the subject:hl7:permission attributes.
+ This implements an RBAC policy. This policy set matches
+ subject roles and refers to permission policy sets.
+ </Description>
+ <Target/>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target/>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set-0"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target/>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set-1"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:progress-note"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the business rule for unsigned progress notes.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:progress-note"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:sig"
+ Effect="Permit">
+ <Description>
+ If the progress-note is signed allow any user to see it. If not signed
+ then only author may see it.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if resource:hl7:progress-note:signed EQUAL TO True -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >True</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note:signed"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:author"
+ Effect="Permit">
+ <Description>
+ If a Permit was not obtained then subject must be author.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:dissented-subject-id EQUAL TO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note:author-subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:deny-sig"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response -->
+ <!-- This obligation informs the PEP access denied unsigned non-author -->
+ <Obligation
+ ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:deny:unsigned:non-author"
+ FulfillOn="Deny"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:MA"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the MA confidentiality code.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:MA"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA:1"
+ Effect="Deny">
+ <Description>
+ If the access subject is NOT one of those users which consent has
+ been removed, then deny.
+ Note: there is reverse logic here because the Obligation that denies
+ access to the user for this object must be issued when the user has
+ obtained a Permit. So, the caller of this policy must know to reverse
+ sense as well.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:radiology:dissented-subject-id NOTEQUALTO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <!-- True if hl7:radiology:dissented-subject-id EQUALTO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:radiology:dissented-subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA:2"
+ Effect="Permit">
+ <Description>
+ If a Deny was not obtained above then set Permit by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response -->
+ <!-- This obligation instructs the PEP to apply privacy constraints to -->
+ <!-- user's responsibility for the data. -->
+ <Obligation
+ ObligationId=
+ "urn:va:xacml:2.0:interop:rsa8:obligation:ma:privacy:constraint:radiology"
+ FulfillOn="Permit"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:emergency"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set to allow emergency access for non-facility subjects.
+ Returns Deny if user not from supported facility AND does not have emergency perm
+ Returns Permit if not from supported facility AND not denied access
+ Returns NotApplicable if plain old user from supported facility
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:emergency"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:emergency:deny"
+ Effect="Deny">
+ <Description>
+ If the subject is not from a supported facility AND
+. if the subject does not have emergency permission THEN Deny access.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <!-- AND if hl7:pea-001 NOT EQUAL TO ANYOF subject:hl7:permission -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:oasis:names:tc:xacml:1.0:subject:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <EnvironmentAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:environment:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ <!-- True if hl7:pea-001 NOT EQUAL TO ANYOF subject:hl7:permission -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:pea-001</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:emergency:permit"
+ Effect="Permit">
+ <Description>
+ If a Deny was not obtained above AND subject not part of a supported
+ facility then subject must have emergency permission.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:oasis:names:tc:xacml:1.0:subject:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <EnvironmentAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:environment:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response -->
+ <!-- This obligation informs the PEP user granted emergency access -->
+ <Obligation
+ ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:emergency:permit"
+ FulfillOn="Permit"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId=
+ "urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set that points to the Permission PolicySet for medical record
+ resources and actions.
+ </Description>
+ <Target/>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N:PPS:PRD-004</PolicySetIdReference>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,180 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:PPS:PRD-004"
+ PolicyCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the PRD-004 permission. This permission allows
+ access to all medical records.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:N:PPS:PRD-004:1"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:demographics</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:chart</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:problemlist</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:procedures</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:laboratory</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:radiology</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:medications</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:vitals</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:patientsearch</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:policy:N:PPS:PRD-004:1:rule:1"
+ Effect="Permit">
+ <Condition>
+
+ <!-- Returns true iff the first argument is a subset of the second argument -->
+ <!-- i.e. the permissions required by the resource must be a -->
+ <!-- subset of the permissions supplied by the subject -->
+
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+
+ <!-- 1st argument: returns the values of all Attributes with -->
+ <!-- DataType="http://www.w3.org/2001/XMLSchema#string" and -->
+ <!-- AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission" -->
+ <ResourceAttributeDesignator
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"/>
+
+ <!-- 2nd argument: returns the values of all Attributes with -->
+ <!-- DataType="http://www.w3.org/2001/XMLSchema#string" and -->
+ <!-- AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission" -->
+ <SubjectAttributeDesignator
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"/>
+
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:N:PPS:PRD-004:1:rule:2"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/himss-policy.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/himss-policy.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policies/himss-policy.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,601 @@
+<?xml version="1.0" encoding="utf-8"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o..."
+ PolicySetId="urn:oasis:names:tc:xspa:1.0"
+ PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target />
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:org" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>Contains all organizational policies which are evaluated on all requests.</Description>
+ <Target />
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and is not a member of the allowed organizations.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations:deny" Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ the resource outside of the alloted time.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperation:deny" Effect="Deny">
+ <Description>Evaluates the environment time against the hours of operation start and end.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-greater-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:start" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:end" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.STRUCTURED-ROLE NOT IN ORG.REQUIRED-ROLES -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:required:roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and they are not a member of the required role(s).
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:required:roles:deny" Effect="Deny">
+ <Description>Evaluates the organization roles (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <!-- MAY NEED TO SWITCH ~~ Is this a one to many relationship? Are all roles required or does the subject just need to be included? -->
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.PERMISSIONS NOT IN ORG.RESOURCE.PERMISSIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.resource.permissions" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject does not have adequate
+ permissions to access the resource.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:resource.permissions:deny" Effect="Deny">
+ <Description>Evaluates the required permissions (if available) against the subject's permissions.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.catch-all" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Description></Description>
+ <Target />
+ <Rule RuleId="" Effect="Permit"></Rule>
+ </Policy>
+ </PolicySet>
+
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:patient" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>These policies are patient consent directives and are invoked on medical-record requests.</Description>
+ <Target />
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for problems (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for medications (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request alerts from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for alerts (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- IMMUNIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for immunizations (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for problems (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for medications (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for alerts from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for alerts (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- IMMUNIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for immunizations (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- SUBJECT.LOCALITY NOT IN PATIENT.ALLOWED-ORGANIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their locality is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations:deny" Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ROLE IN PATIENT.DISSENTING-ROLES -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting:role" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their role is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:patient:dissenting:roles:deny" Effect="Deny">
+ <Description>Evaluates the dissenting-role (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ID IN PATIENT.DISSENTING-ID -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:deny" Effect="Deny">
+ <Description>Evaluates the dissenting-subject-id (if available) against the subject's NPI.</Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- CONFIDENTIALITY -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-codes" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the confidentiality code is set to "Sensitive". This policy
+ is acting as the "Catch-All".
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code:deny" Effect="Deny">
+ <Description>Evaluates the HL7 confidentiality-code.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">S</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ </PolicySet>
+</PolicySet>
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policyConfig.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policyConfig.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/classes/policyConfig.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,11 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+ <ns:Policies>
+ <ns:PolicySet>
+ <ns:Location>policies/himss-policy.xml</ns:Location>
+ </ns:PolicySet>
+ </ns:Policies>
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicySetLocator">
+ </ns:Locator>
+ </ns:Locators>
+</ns:jbosspdp>
Added: identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/web.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/resources/WEB-INF/web.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>PDP Endpoint</display-name>
+ <description>
+ XACML PDP Web Application for the JBoss Identity project
+ </description>
+
+ <context-param>
+ <param-name>debug</param-name>
+ <param-value>false</param-value>
+ </context-param>
+ <servlet>
+ <servlet-name>SOAPServlet</servlet-name>
+ <servlet-class>org.jboss.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet</servlet-class>
+ <!-- Issuer is the string used in the issuer of saml messages/assertions/statements-->
+ <init-param>
+ <param-name>issuer</param-name>
+ <param-value>redhatPdpEntity</param-value>
+ </init-param>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>SOAPServlet</servlet-name>
+ <url-pattern>/SOAPServlet</url-pattern>
+ </servlet-mapping>
+</web-app>
Modified: identity-federation/trunk/jboss-identity-webapps/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-08-14 03:06:02 UTC (rev 699)
+++ identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-08-14 03:11:25 UTC (rev 700)
@@ -23,14 +23,16 @@
</organization>
<modules>
<module>sales</module>
+ <module>sales-sig</module>
+ <module>sales-post-sig</module>
<module>employee</module>
<module>circleoftrust</module>
<module>idp</module>
<module>idp-sig</module>
- <module>sales-post-sig</module>
<module>metadata</module>
<module>openid-provider</module>
<module>openid-consumer</module>
<module>jboss-sts</module>
+ <module>pdp</module>
</modules>
</project>
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r699 - in identity-federation/trunk/jboss-identity-webapps: idp-sig/resources/WEB-INF and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:06:02 -0400 (Thu, 13 Aug 2009)
New Revision: 699
Modified:
identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF/web.xml
identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF/web.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
Log:
updates
Modified: identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF/web.xml
=============================================…
[View More]======================
--- identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF/web.xml 2009-08-14 03:01:58 UTC (rev 698)
+++ identity-federation/trunk/jboss-identity-webapps/idp/resources/WEB-INF/web.xml 2009-08-14 03:06:02 UTC (rev 699)
@@ -4,9 +4,9 @@
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
- <display-name>Fedbridge Test IDP</display-name>
+ <display-name>IDP</display-name>
<description>
- Just a Test IDP for Fedbridge Project
+ IDP Web Application for the JBoss Identity project
</description>
<!-- Define a security constraint that gives unlimted access to images -->
@@ -20,7 +20,7 @@
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
- <web-resource-name>HTMLManger and Manager command</web-resource-name>
+ <web-resource-name>Manager command</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
@@ -31,7 +31,7 @@
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>FORM</auth-method>
- <realm-name>Tomcat Manager Application</realm-name>
+ <realm-name>JBoss Identity IDP Application</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/loginerror.jsp</form-error-page>
@@ -41,7 +41,7 @@
<!-- Security roles referenced by this web application -->
<security-role>
<description>
- The role that is required to log in to the Manager Application
+ The role that is required to log in to the IDP Application
</description>
<role-name>manager</role-name>
</security-role>
Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF/web.xml 2009-08-14 03:01:58 UTC (rev 698)
+++ identity-federation/trunk/jboss-identity-webapps/idp-sig/resources/WEB-INF/web.xml 2009-08-14 03:06:02 UTC (rev 699)
@@ -4,9 +4,9 @@
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
- <display-name>Fedbridge Test IDP</display-name>
+ <display-name>IDP</display-name>
<description>
- Just a Test IDP for Fedbridge Project
+ IDP Web Application for the JBoss Identity project
</description>
<!-- Define a security constraint that gives unlimted access to images -->
@@ -20,7 +20,7 @@
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
- <web-resource-name>HTMLManger and Manager command</web-resource-name>
+ <web-resource-name>Manager command</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
@@ -31,7 +31,7 @@
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>FORM</auth-method>
- <realm-name>Tomcat Manager Application</realm-name>
+ <realm-name>JBoss Identity IDP Application</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/loginerror.jsp</form-error-page>
@@ -41,7 +41,7 @@
<!-- Security roles referenced by this web application -->
<security-role>
<description>
- The role that is required to log in to the Manager Application
+ The role that is required to log in to the IDP Application
</description>
<role-name>manager</role-name>
</security-role>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-08-14 03:01:58 UTC (rev 698)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-08-14 03:06:02 UTC (rev 699)
@@ -7,7 +7,7 @@
</parent>
<modelVersion>4.0.0</modelVersion>
- <artifactId>sales</artifactId>
+ <artifactId>sales-sig</artifactId>
<packaging>war</packaging>
<name>JBoss Identity Federation Sales</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
@@ -29,7 +29,7 @@
<artifactId>maven-war-plugin</artifactId>
<version>2.0.2</version>
<configuration>
- <warName>sales</warName>
+ <warName>sales-sig</warName>
<webappDirectory>${basedir}/resources/</webappDirectory>
<warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
</configuration>
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r698 - identity-federation/trunk/jboss-identity-webapps/sales-sig.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:01:58 -0400 (Thu, 13 Aug 2009)
New Revision: 698
Removed:
identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath
identity-federation/trunk/jboss-identity-webapps/sales-sig/.project
identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/
Log:
remove unnece
Deleted: identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath
===================================================================
---…
[View More] identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath 2009-08-14 03:01:04 UTC (rev 697)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath 2009-08-14 03:01:58 UTC (rev 698)
@@ -1,4 +0,0 @@
-<classpath>
- <classpathentry kind="output" path="target/classes"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
-</classpath>
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-webapps/sales-sig/.project
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/.project 2009-08-14 03:01:04 UTC (rev 697)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/.project 2009-08-14 03:01:58 UTC (rev 698)
@@ -1,13 +0,0 @@
-<projectDescription>
- <name>sales</name>
- <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment>
- <projects/>
- <buildSpec>
- <buildCommand>
- <name>org.eclipse.jdt.core.javabuilder</name>
- </buildCommand>
- </buildSpec>
- <natures>
- <nature>org.eclipse.jdt.core.javanature</nature>
- </natures>
-</projectDescription>
\ No newline at end of file
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r697 - identity-federation/trunk/jboss-identity-webapps/sales-sig.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:01:04 -0400 (Thu, 13 Aug 2009)
New Revision: 697
Modified:
identity-federation/trunk/jboss-identity-webapps/sales-sig/
Log:
svn ignore
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-sig
___________________________________________________________________
Name: svn:ignore
+ .metadata
.classpath
.settings
.project
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r696 - in identity-federation/trunk/jboss-identity-webapps: sales-sig and 4 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 23:00:23 -0400 (Thu, 13 Aug 2009)
New Revision: 696
Added:
identity-federation/trunk/jboss-identity-webapps/sales-sig/
identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath
identity-federation/trunk/jboss-identity-webapps/sales-sig/.project
identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/
identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/org.eclipse.jdt.core.prefs
…
[View More]identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/context.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/context.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/jboss-idfed.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/web.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/error.jsp
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/index.jsp
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/login.jsp
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/logout.jsp
identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/piechart.gif
Log:
add a sales web app with redirect and signature support
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/.classpath 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,4 @@
+<classpath>
+ <classpathentry kind="output" path="target/classes"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+</classpath>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/.project
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/.project (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/.project 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,13 @@
+<projectDescription>
+ <name>sales</name>
+ <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment>
+ <projects/>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/org.eclipse.jdt.core.prefs
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/org.eclipse.jdt.core.prefs (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/.settings/org.eclipse.jdt.core.prefs 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,5 @@
+#Mon Jul 06 14:51:18 CDT 2009
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.source=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,39 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.identity</groupId>
+ <artifactId>jboss-identity-federation-webapps</artifactId>
+ <version>1.0.0.alpha5-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales</artifactId>
+ <packaging>war</packaging>
+ <name>JBoss Identity Federation Sales</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales</warName>
+ <webappDirectory>${basedir}/resources/</webappDirectory>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/context.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/context.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/META-INF/context.xml 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,3 @@
+<Context>
+ <Valve className="org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectSignatureFormAuthenticator" />
+</Context>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/context.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/context.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/context.xml 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,3 @@
+<Context>
+ <Valve className="org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectSignatureFormAuthenticator" />
+</Context>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/jboss-idfed.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/jboss-idfed.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/jboss-idfed.xml 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,13 @@
+<JBossSP xmlns="urn:jboss:identity-federation:config:1.0" ServerEnvironment="tomcat">
+ <IdentityURL>http://localhost:8080/idp-sig/</IdentityURL>
+ <ServiceURL>http://localhost:8080/sales-sig/</ServiceURL>
+ <KeyProvider ClassName="org.jboss.identity.federation.bindings.tomcat.KeyStoreKeyManager">
+ <Auth Key="KeyStoreURL" Value="jbid_test_keystore.jks" />
+ <Auth Key="KeyStorePass" Value="store123" />
+ <Auth Key="SigningKeyPass" Value="test123" />
+ <Auth Key="SigningKeyAlias" Value="servercert" />
+ <ValidatingAlias Key="localhost" Value="servercert"/>
+ <ValidatingAlias Key="127.0.0.1" Value="servercert"/>
+ </KeyProvider>
+
+</JBossSP>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/web.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/WEB-INF/web.xml 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app version="2.4"
+ xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
+ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
+
+ <description>Sales Application</description>
+
+ <security-constraint>
+ <display-name>Restricted</display-name>
+ <web-resource-collection>
+ <web-resource-name>Restricted Access</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>Sales</role-name>
+ </auth-constraint>
+ <user-data-constraint>
+ <transport-guarantee>NONE</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
+ <security-role>
+ <role-name>Sales</role-name>
+ </security-role>
+
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <form-login-config>
+ <form-login-page>/login.jsp</form-login-page>
+ <form-error-page>/error.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+</web-app>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/error.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/error.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/error.jsp 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp") %>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/index.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/index.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/index.jsp 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+<a href="logout.jsp">Click to LogOut</a>
+</div>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/login.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/login.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/login.jsp 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text' name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password' size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/logout.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/logout.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/logout.jsp 2009-08-14 03:00:23 UTC (rev 696)
@@ -0,0 +1,4 @@
+<%
+ session.invalidate();
+%>
+You are logged out.
Added: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/piechart.gif
===================================================================
(Binary files differ)
Property changes on: identity-federation/trunk/jboss-identity-webapps/sales-sig/resources/piechart.gif
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
[View Less]
15 years, 7 months
- 1
- 0
JBoss Identity SVN: r695 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/web.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-13 22:47:06 -0400 (Thu, 13 Aug 2009)
New Revision: 695
Removed:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/web/openid/
Log:
remove redundant classes
15 years, 7 months
- 1
- 0