jboss-identity-commits
October 2009
jboss-identity-commits@lists.jboss.org
- 1 participants
- 83 discussions
JBoss Identity SVN: r855 - in identity-federation/trunk/jboss-identity-fed-core: src/main/java/org/jboss/identity/federation/core/wstrust and 2 other directories.
by jboss-identity-commits@lists.jboss.org
Author: beve
Date: 2009-10-13 04:13:13 -0400 (Tue, 13 Oct 2009)
New Revision: 855
Modified:
identity-federation/trunk/jboss-identity-fed-core/pom.xml
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSClientConfig.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientConfigUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
Log:
Work for https://jira.jboss.org/jira/browse/JBID-202 "STSClientConfig: Add parse method to populate the builder to allow properties overrides"
Modified: identity-federation/trunk/jboss-identity-fed-core/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-13 03:32:56 UTC (rev 854)
+++ identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-13 08:13:13 UTC (rev 855)
@@ -114,6 +114,12 @@
<version>2.2.14.GA</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jbossxb</artifactId>
+ <version>2.0.1.GA</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<reporting>
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSClientConfig.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSClientConfig.java 2009-10-13 03:32:56 UTC (rev 854)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/STSClientConfig.java 2009-10-13 08:13:13 UTC (rev 855)
@@ -44,7 +44,7 @@
* <h3>Configure from file</h3>
* Example:
* <pre>{@code
- * STSClientConfig config = new STSClientConfig.Builder().build(configFile);
+ * STSClientConfig config = new STSClientConfig.Builder(configFile).build();
* }</pre>
*
* @author <a href="mailto:dbevenius@jboss.com">Daniel Bevenius</a>
@@ -112,6 +112,15 @@
private String endpointAddress;
private String username;
private String password;
+
+ public Builder()
+ {
+ }
+
+ public Builder(final String configFile)
+ {
+ populate(configFile);
+ }
public Builder serviceName(final String serviceName)
{
@@ -149,31 +158,10 @@
return new STSClientConfig(this);
}
- private void validate(Builder builder)
+ private void populate(final String configFile)
{
- checkPropertyShowValue(serviceName, SERVICE_NAME);
- checkPropertyShowValue(portName, PORT_NAME);
- checkPropertyShowValue(endpointAddress, endpointAddress);
- checkProperty(username, USERNAME);
- checkProperty(password, PASSWORD);
- }
-
- private void checkPropertyShowValue(final String propertyName, final String propertyValue)
- {
- if (propertyValue == null || propertyValue.equals(""))
- throw new IllegalArgumentException(propertyName + " property must not be null or empty was:" + propertyValue);
- }
-
- private void checkProperty(final String propertyName, final String propertyValue)
- {
- if (propertyValue == null || propertyValue.equals(""))
- throw new IllegalArgumentException(propertyName + " property must not be null");
- }
-
- public STSClientConfig build(final String configFile)
- {
InputStream in = null;
-
+
try
{
in = getResource(configFile);
@@ -206,10 +194,28 @@
ignored.printStackTrace();
}
}
+ }
- validate(this);
- return new STSClientConfig(this);
+ private void validate(Builder builder)
+ {
+ checkPropertyShowValue(serviceName, SERVICE_NAME);
+ checkPropertyShowValue(portName, PORT_NAME);
+ checkPropertyShowValue(endpointAddress, endpointAddress);
+ checkProperty(username, USERNAME);
+ checkProperty(password, PASSWORD);
}
+
+ private void checkPropertyShowValue(final String propertyName, final String propertyValue)
+ {
+ if (propertyValue == null || propertyValue.equals(""))
+ throw new IllegalArgumentException(propertyName + " property must not be null or empty was:" + propertyValue);
+ }
+
+ private void checkProperty(final String propertyName, final String propertyValue)
+ {
+ if (propertyValue == null || propertyValue.equals(""))
+ throw new IllegalArgumentException(propertyName + " property must not be null");
+ }
}
private static InputStream getResource(String resource) throws IOException
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-13 03:32:56 UTC (rev 854)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-13 08:13:13 UTC (rev 855)
@@ -137,7 +137,7 @@
{
try
{
- final STSClientConfig config = new STSClientConfig.Builder().build(configFile);
+ final STSClientConfig config = new STSClientConfig.Builder(configFile).build();
wsTrustClient = STSClientFactory.getInstance().create(config);
}
catch (final ParsingException e)
Modified: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientConfigUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientConfigUnitTestCase.java 2009-10-13 03:32:56 UTC (rev 854)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientConfigUnitTestCase.java 2009-10-13 08:13:13 UTC (rev 855)
@@ -20,12 +20,11 @@
*/
package org.jboss.test.identity.federation.core.wstrust;
+import junit.framework.TestCase;
+
import org.jboss.identity.federation.core.wstrust.STSClientConfig;
import org.jboss.identity.federation.core.wstrust.STSClientConfig.Builder;
-import org.junit.Test;
-import junit.framework.TestCase;
-
/**
* Unit test for {@link WSTrustClientConfig}.
*
@@ -40,7 +39,6 @@
final String username = "admin";
final String password = "admin";
- @Test
public void testBuild()
{
final Builder builder = new STSClientConfig.Builder();
@@ -50,11 +48,21 @@
public void testBuildFromConfigPropertiesFile()
{
- final Builder builder = new STSClientConfig.Builder();
- STSClientConfig config = builder.build("wstrust/sts-client.properties");
- assertAllProperties(config);
+ final Builder builder = new STSClientConfig.Builder("wstrust/sts-client.properties");
+ assertAllProperties(builder.build());
}
+ public void testBuildFromConfigPropertiesFileOverridePassword()
+ {
+ final Builder builder = new STSClientConfig.Builder("wstrust/sts-client.properties");
+ assertAllProperties(builder.build());
+
+ final String overriddenPassword = "newPassword";
+ builder.password(overriddenPassword);
+ final STSClientConfig config = builder.build();
+ assertEquals(overriddenPassword, config.getPassword());
+ }
+
private void assertAllProperties(final STSClientConfig config)
{
assertEquals(serviceName, config.getServiceName());
Modified: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2009-10-13 03:32:56 UTC (rev 854)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/wstrust/STSClientUnitTestCase.java 2009-10-13 08:13:13 UTC (rev 855)
@@ -223,11 +223,8 @@
System.out.println("Renewed Token=" + DocumentUtil.getNodeAsString(renewedToken));
}
- public void testIssue_Niehter_AppliesTo_Or_TokenType_Specified()
+ public void testIssue_Neither_AppliesTo_Or_TokenType_Specified()
{
- if(usetest == false)
- return;
-
Builder stsConfigBuilder = new STSClientConfig.Builder();
stsConfigBuilder.serviceName("JBossSTS");
stsConfigBuilder.portName("JBossSTSPort");
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r854 - in identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core: wstrust and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 23:32:56 -0400 (Mon, 12 Oct 2009)
New Revision: 854
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SAML2SecurityToken.java
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java
Log:
make SAMLDocumentHolder to hold SAML2Object
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-13 02:59:44 UTC (rev 853)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-13 03:32:56 UTC (rev 854)
@@ -21,6 +21,7 @@
*/
package org.jboss.identity.federation.core.saml.v2.common;
+import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.w3c.dom.Document;
/**
@@ -36,10 +37,10 @@
*/
public class SAMLDocumentHolder
{
- private Object samlObject;
+ private SAML2Object samlObject;
private Document samlDocument;
- public SAMLDocumentHolder(Object samlObject)
+ public SAMLDocumentHolder(SAML2Object samlObject)
{
this.samlObject = samlObject;
}
@@ -49,18 +50,18 @@
this.samlDocument = samlDocument;
}
- public SAMLDocumentHolder(Object samlObject, Document samlDocument)
+ public SAMLDocumentHolder(SAML2Object samlObject, Document samlDocument)
{
this.samlObject = samlObject;
this.samlDocument = samlDocument;
}
- public Object getSamlObject()
+ public SAML2Object getSamlObject()
{
return samlObject;
}
- public void setSamlObject(Object samlObject)
+ public void setSamlObject(SAML2Object samlObject)
{
this.samlObject = samlObject;
}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SAML2SecurityToken.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SAML2SecurityToken.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/SAML2SecurityToken.java 2009-10-13 03:32:56 UTC (rev 854)
@@ -0,0 +1,45 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.wstrust;
+
+import org.jboss.identity.federation.saml.v2.SAML2Object;
+import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType;
+
+/**
+ * A Security Token that is based on SAML2
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2SecurityToken implements SAML2Object
+{
+ private RequestSecurityTokenType token;
+
+ public SAML2SecurityToken(RequestSecurityTokenType token)
+ {
+ this.token = token;
+ }
+
+ public RequestSecurityTokenType getToken()
+ {
+ return token;
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-13 02:59:44 UTC (rev 853)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-13 03:32:56 UTC (rev 854)
@@ -143,7 +143,9 @@
jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst);
RequestSecurityTokenType rstt = jaxbRST.getValue();
- holders.set(new SAMLDocumentHolder(rstt, document));
+
+ SAML2SecurityToken samlSecurityToken = new SAML2SecurityToken(rstt);
+ holders.set(new SAMLDocumentHolder(samlSecurityToken, document));
return new RequestSecurityToken(rstt);
}
catch (JAXBException e)
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r853 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces and 7 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 22:59:44 -0400 (Mon, 12 Oct 2009)
New Revision: 853
Added:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2SignatureHandler.java
identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
Log:
JBID-198: SAML2 Signature Handler
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -26,10 +26,12 @@
import java.util.Map;
import org.jboss.identity.federation.core.interfaces.ProtocolContext;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
+import org.w3c.dom.Document;
/**
* Default SAML2HandlerRequest
@@ -40,19 +42,19 @@
{
private ProtocolContext protocolContext = null;
private NameIDType issuer;
- private SAML2Object saml2Object;
+ private SAMLDocumentHolder documentHolder; ;
private HANDLER_TYPE handlerType;
private Map<String,Object> options = new HashMap<String,Object>();
private GENERATE_REQUEST_TYPE generateRequestType;
private String relayState;
public DefaultSAML2HandlerRequest(ProtocolContext protocolContext,
- NameIDType issuer, SAML2Object saml2Object,
+ NameIDType issuer, SAMLDocumentHolder samlDocumentHolder,
HANDLER_TYPE handlerType)
{
this.protocolContext = protocolContext;
this.issuer = issuer;
- this.saml2Object = saml2Object;
+ this.documentHolder = samlDocumentHolder;
this.handlerType = handlerType;
}
@@ -80,7 +82,7 @@
*/
public SAML2Object getSAML2Object()
{
- return this.saml2Object;
+ return (SAML2Object) this.documentHolder.getSamlObject();
}
/**
* @see SAML2HandlerRequest#getType()
@@ -90,7 +92,16 @@
return handlerType;
}
+
/**
+ * @see {@code SAML2HandlerRequest#addOption(String, Object)}
+ */
+ public void addOption(String key, Object option)
+ {
+ this.options.put(key, option);
+ }
+
+ /**
* @see SAML2HandlerRequest#getOptions()
*/
public Map<String, Object> getOptions()
@@ -128,4 +139,10 @@
{
this.relayState = relay;
}
+
+ public Document getRequestDocument()
+ {
+ return this.documentHolder.getSamlDocument();
+ }
+
}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -26,6 +26,7 @@
import org.jboss.identity.federation.core.interfaces.ProtocolContext;
import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
+import org.w3c.dom.Document;
/**
* Request for {@code SAML2Handler}
@@ -33,8 +34,7 @@
* @since Sep 25, 2009
*/
public interface SAML2HandlerRequest
-{
-
+{
public enum GENERATE_REQUEST_TYPE
{
AUTH,LOGOUT;
@@ -54,6 +54,12 @@
SAML2Object getSAML2Object();
/**
+ * Get the request as a DOM
+ * @return
+ */
+ Document getRequestDocument();
+
+ /**
* Return the type of SAML request
* that needs to be generated at the handler
* @return
@@ -87,6 +93,13 @@
String getRelayState();
/**
+ * Add an option
+ * @param key
+ * @param option
+ */
+ void addOption(String key, Object option);
+
+ /**
* Configure options
* @param options
*/
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLSignatureUtil.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -283,6 +283,8 @@
@SuppressWarnings("unchecked")
public static boolean validate(Document signedDoc, Key publicKey) throws MarshalException, XMLSignatureException
{
+ if(signedDoc == null)
+ throw new IllegalArgumentException("Signed Document is null");
NodeList nl = signedDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl == null || nl.getLength() == 0)
{
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -40,6 +40,8 @@
String IGNORE_SIGNATURES = "IGNORE_SIGNATURES";
+ String KEYPAIR = "KEYPAIR";
+
String PRINCIPAL_ID = "jboss_identity.principal";
String ROLES = "ROLES";
String ROLES_ID = "jboss_identity.roles";
@@ -47,6 +49,7 @@
String ROLE_GENERATOR = "ROLE_GENERATOR";
String ROLE_VALIDATOR = "ROLE_VALIDATOR";
+ String SENDER_PUBLIC_KEY = "SENDER_PUBLIC_KEY";
String SIGN_OUTGOING_MESSAGES = "SIGN_OUTGOING_MESSAGES";
String USERNAME_FIELD = "JBID_USERNAME";
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -270,6 +270,7 @@
SAML2Response saml2Response = new SAML2Response();
SAML2Object samlObject = saml2Response.getSAML2ObjectFromStream(is);
+ SAMLDocumentHolder documentHolder = saml2Response.getSamlDocumentHolder();
Set<SAML2Handler> handlers = chain.handlers();
IssuerInfoHolder holder = new IssuerInfoHolder(this.serviceURL);
@@ -277,7 +278,7 @@
//Create the request/response
SAML2HandlerRequest saml2HandlerRequest =
new DefaultSAML2HandlerRequest(protocolContext,
- holder.getIssuer(), samlObject,
+ holder.getIssuer(), documentHolder,
HANDLER_TYPE.SP);
SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2SignatureHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2SignatureHandler.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2SignatureHandler.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -0,0 +1,115 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.handlers.saml2;
+
+import java.security.KeyPair;
+import java.security.PublicKey;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.core.util.XMLSignatureUtil;
+import org.jboss.identity.federation.web.constants.GeneralConstants;
+import org.w3c.dom.Document;
+
+/**
+ * Handles SAML2 Signature
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2SignatureHandler extends BaseSAML2Handler
+{
+ private static Logger log = Logger.getLogger(SAML2SignatureHandler.class);
+ private boolean trace = log.isTraceEnabled();
+
+ @Override
+ public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
+ //Generate the signature
+ Document samlDocument = response.getResultingDocument();
+
+ if(samlDocument == null && trace)
+ {
+ log.trace("No document generated in the handler chain. Cannot generate signature");
+ return;
+ }
+
+ //Get the Key Pair
+ KeyPair keypair = (KeyPair) this.handlerChainConfig.getParameter(GeneralConstants.KEYPAIR);
+
+ if(keypair == null)
+ {
+ log.error("Key Pair cannot be found");
+ throw new ProcessingException("KeyPair not found");
+ }
+
+ SAML2Signature samlSignature = new SAML2Signature();
+ //Get the ID from the root
+ String id = samlDocument.getDocumentElement().getAttribute("ID");
+
+ try
+ {
+ samlSignature.sign(samlDocument, id, keypair);
+ }
+ catch (Exception e)
+ {
+ log.error("Unable to sign:",e);
+ throw new ProcessingException("Unable to sign");
+ }
+ }
+
+ /**
+ * @see {@code SAML2Handler#handleRequestType(SAML2HandlerRequest, SAML2HandlerResponse)}
+ */
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
+ {
+ Document signedDocument = request.getRequestDocument();
+ PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY);
+ this.validateSender(signedDocument, publicKey);
+ }
+
+ @Override
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
+ Document signedDocument = request.getRequestDocument();
+ PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY);
+ this.validateSender(signedDocument, publicKey);
+ }
+
+ private void validateSender(Document signedDocument, PublicKey publicKey)
+ throws ProcessingException
+ {
+ try
+ {
+ XMLSignatureUtil.validate(signedDocument, publicKey);
+ }
+ catch (Exception e)
+ {
+ log.error("Error validating signature:" , e);
+ throw new ProcessingException("Error validating signature.");
+ }
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -54,6 +54,7 @@
import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.core.interfaces.TrustKeyManager;
import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -264,6 +265,7 @@
if(relayState != null && relayState.length() > 0)
session.removeAttribute("RelayState");
+ SAMLDocumentHolder samlDocumentHolder = null;
SAML2Object samlObject = null;
String destination = null;
Document samlResponse = null;
@@ -273,7 +275,8 @@
StatusResponseType statusResponseType = null;
try
{
- samlObject = webRequestUtil.getSAMLObject(samlResponseMessage);
+ samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
+ samlObject = (SAML2Object) samlDocumentHolder.getSamlObject();
boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
boolean isValid = validate(request.getRemoteAddr(),
@@ -289,7 +292,7 @@
//Create the request/response
SAML2HandlerRequest saml2HandlerRequest =
new DefaultSAML2HandlerRequest(protocolContext,
- idpIssuer.getIssuer(), samlObject,
+ idpIssuer.getIssuer(), samlDocumentHolder,
HANDLER_TYPE.IDP);
saml2HandlerRequest.setRelayState(relayState);
@@ -334,9 +337,11 @@
RequestAbstractType requestAbstractType = null;
try
- {
- samlObject = webRequestUtil.getSAMLObject(samlRequestMessage);
+ {
+ samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
+ samlObject = (SAML2Object) samlDocumentHolder.getSamlObject();
+
boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
boolean isValid = validate(request.getRemoteAddr(),
request.getQueryString(),
@@ -351,14 +356,16 @@
//Create the request/response
SAML2HandlerRequest saml2HandlerRequest =
new DefaultSAML2HandlerRequest(protocolContext,
- idpIssuer.getIssuer(), samlObject,
+ idpIssuer.getIssuer(), samlDocumentHolder,
HANDLER_TYPE.IDP);
saml2HandlerRequest.setRelayState(relayState);
+ //Set the options on the handler request
Map<String, Object> requestOptions = new HashMap<String, Object>();
requestOptions.put(GeneralConstants.ROLE_GENERATOR, roleGenerator);
requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY, this.assertionValidity);
requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration);
+
Map<String,Object> attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys);
requestOptions.put(GeneralConstants.ATTRIBUTES, attribs);
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -50,6 +50,7 @@
import org.jboss.identity.federation.core.interfaces.AttributeManager;
import org.jboss.identity.federation.core.interfaces.TrustKeyManager;
import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -59,7 +60,6 @@
import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
-import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
@@ -114,7 +114,7 @@
return postProfile;
}
- public SAML2Object getSAMLObject(String samlMessage)
+ public SAMLDocumentHolder getSAMLDocumentHolder(String samlMessage)
throws ParsingException, IOException
{
InputStream is = null;
@@ -138,7 +138,8 @@
throw new ParsingException(rte);
}
}
- return saml2Request.getSAML2ObjectFromStream(is);
+ saml2Request.getSAML2ObjectFromStream(is);
+ return saml2Request.getSamlDocumentHolder();
}
public RequestAbstractType getSAMLRequest(String samlMessage)
Modified: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2009-10-12 18:52:32 UTC (rev 852)
+++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -31,6 +31,7 @@
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.constants.AttributeConstants;
import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
@@ -88,9 +89,10 @@
SAML2Object saml2Object = new SAML2Object(){};
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext,
- issuerInfo.getIssuer(), saml2Object, SAML2Handler.HANDLER_TYPE.IDP);
+ issuerInfo.getIssuer(), docHolder, SAML2Handler.HANDLER_TYPE.IDP);
SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2009-10-13 02:59:44 UTC (rev 853)
@@ -0,0 +1,125 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.web.saml.handlers;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.util.HashMap;
+import java.util.Map;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
+import org.jboss.identity.federation.core.config.IDPType;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
+import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.jboss.identity.federation.web.constants.GeneralConstants;
+import org.jboss.identity.federation.web.core.HTTPContext;
+import org.jboss.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler;
+import org.jboss.identity.federation.web.handlers.saml2.SAML2SignatureHandler;
+import org.jboss.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.jboss.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.jboss.test.identity.federation.web.mock.MockHttpSession;
+import org.jboss.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+
+/**
+ * Unit test the {@code SAML2SignatureHandler}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2SignatureHandlerUnitTestCase extends TestCase
+{
+ public void testSignatures() throws Exception
+ {
+ SAML2Request saml2Request = new SAML2Request();
+ String id = IDGenerator.create("ID_");
+ String assertionConsumerURL = "http://sp";
+ String destination = "http://idp";
+ String issuerValue = "http://sp";
+ AuthnRequestType authnRequest = saml2Request.createAuthnRequestType(id, assertionConsumerURL, destination,
+ issuerValue);
+
+ Document authDoc = saml2Request.convert(authnRequest);
+
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ KeyPair keypair = kpg.genKeyPair();
+
+ SAML2SignatureHandler handler = new SAML2SignatureHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String,Object> chainOptions = new HashMap<String, Object>();
+ IDPType idpType = new IDPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, idpType);
+ chainOptions.put(GeneralConstants.KEYPAIR, keypair);
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(authnRequest, authDoc);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext,
+ issuerInfo.getIssuer(), docHolder, SAML2Handler.HANDLER_TYPE.IDP);
+ request.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
+
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ request.addOption(GeneralConstants.SENDER_PUBLIC_KEY, keypair.getPublic());
+
+ (new SAML2AuthenticationHandler()).generateSAMLRequest(request, response);
+ handler.generateSAMLRequest(request, response);
+ Document signedDoc = response.getResultingDocument();
+
+ assertNotNull("Signed Doc is not null", signedDoc);
+ SAMLDocumentHolder signedHolder = new SAMLDocumentHolder(signedDoc);
+ request = new DefaultSAML2HandlerRequest(httpContext,
+ issuerInfo.getIssuer(), signedHolder,
+ SAML2Handler.HANDLER_TYPE.SP);
+
+ request.addOption(GeneralConstants.SENDER_PUBLIC_KEY, keypair.getPublic());
+
+ handler.handleStatusResponseType(request, response);
+ }
+}
\ No newline at end of file
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r852 - in identity-federation/trunk/jboss-identity-web/src: test/resources/saml2/logout/idp/WEB-INF and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 14:52:32 -0400 (Mon, 12 Oct 2009)
New Revision: 852
Modified:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java
identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml
identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml
identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml
Log:
JBID-198: saml2 issuer trust handler
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java 2009-10-12 18:39:08 UTC (rev 851)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java 2009-10-12 18:52:32 UTC (rev 852)
@@ -29,6 +29,7 @@
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.config.SPType;
import org.jboss.identity.federation.core.config.TrustType;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
@@ -53,11 +54,13 @@
{
if(getType() == HANDLER_TYPE.IDP)
{
- idp.handleRequestType(request, response);
+ idp.handleRequestType(request, response,
+ (IDPType) this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION));
}
else
{
- sp.handleRequestType(request, response);
+ sp.handleRequestType(request, response,
+ (SPType) this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION));
}
}
@@ -66,29 +69,31 @@
{
if(getType() == HANDLER_TYPE.IDP)
{
- idp.handleStatusResponseType(request, response);
+ idp.handleStatusResponseType(request, response,
+ (IDPType) this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION));
}
else
{
- sp.handleStatusResponseType(request, response);
+ sp.handleStatusResponseType(request, response,
+ (SPType) this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION));
}
}
private class IDPTrustHandler
{
- public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
- {
- IDPType idpConfiguration = (IDPType) request.getOptions().get(GeneralConstants.CONFIGURATION);
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response,
+ IDPType idpConfiguration) throws ProcessingException
+ {
String issuer = request.getIssuer().getValue();
trustIssuer(idpConfiguration, issuer);
}
- public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response
+ ,IDPType idpConfiguration)
throws ProcessingException
{
- IDPType idpConfiguration = (IDPType) request.getOptions().get(GeneralConstants.CONFIGURATION);
String issuer = request.getIssuer().getValue();
trustIssuer(idpConfiguration, issuer);
@@ -127,6 +132,8 @@
throw new IssuerNotTrustedException(issuer);
}
}
+ else
+ throw new ConfigurationException("trust element missing");
}
catch (Exception e)
{
@@ -137,18 +144,18 @@
private class SPTrustHandler
{
- public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response,
+ SPType spConfiguration) throws ProcessingException
{
- SPType spConfiguration = (SPType) request.getOptions().get(GeneralConstants.CONFIGURATION);
String issuer = request.getIssuer().getValue();
trustIssuer(spConfiguration, issuer);
}
- public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response,
+ SPType spConfiguration)
throws ProcessingException
{
- SPType spConfiguration = (SPType) request.getOptions().get(GeneralConstants.CONFIGURATION);
String issuer = request.getIssuer().getValue();
trustIssuer(spConfiguration, issuer);
@@ -186,6 +193,8 @@
throw new IssuerNotTrustedException(issuer);
}
}
+ else
+ throw new ConfigurationException("trust element missing");
}
catch (Exception e)
{
Modified: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml 2009-10-12 18:39:08 UTC (rev 851)
+++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml 2009-10-12 18:52:32 UTC (rev 852)
@@ -1,4 +1,5 @@
<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0">
+ <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
<Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
<Handler class="org.jboss.identity.federation.web.handlers.saml2.RolesGenerationHandler"/>
</Handlers>
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml 2009-10-12 18:39:08 UTC (rev 851)
+++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml 2009-10-12 18:52:32 UTC (rev 852)
@@ -2,5 +2,8 @@
AttributeManager=""
RoleGenerator="org.jboss.identity.federation.core.impl.EmptyRoleGenerator">
<IdentityURL>http://localhost:8080/idp/</IdentityURL>
+<Trust>
+ <Domains>localhost,jboss.com,jboss.org</Domains>
+</Trust>
</JBossIDP>
Modified: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml 2009-10-12 18:39:08 UTC (rev 851)
+++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml 2009-10-12 18:52:32 UTC (rev 852)
@@ -1,5 +1,8 @@
<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0"
AttributeManager="">
<IdentityURL>http://localhost:8080/idp/</IdentityURL>
+<Trust>
+ <Domains>localhost,jboss.com,jboss.org</Domains>
+</Trust>
</JBossIDP>
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r851 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces and 7 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 14:39:08 -0400 (Mon, 12 Oct 2009)
New Revision: 851
Added:
identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/
identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/
identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChainConfig.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml
Log:
JBID-198: saml2 handler arch
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChainConfig.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChainConfig.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChainConfig.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -33,6 +33,10 @@
public class DefaultSAML2HandlerChainConfig extends BaseHandlerConfig
implements SAML2HandlerChainConfig
{
+ public DefaultSAML2HandlerChainConfig()
+ {
+ }
+
public DefaultSAML2HandlerChainConfig(Map<String,Object> map)
{
this.params = map;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -27,6 +27,7 @@
import org.jboss.identity.federation.core.interfaces.ProtocolContext;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -33,6 +33,15 @@
public interface SAML2Handler
{
/**
+ * Processing Point - idp side
+ * or service side
+ */
+ public enum HANDLER_TYPE
+ {
+ IDP,SP;
+ };
+
+ /**
* Initialize the handler
* @param handlerConfig Handler Config
*/
@@ -55,7 +64,16 @@
*/
void generateSAMLRequest(SAML2HandlerRequest request,
SAML2HandlerResponse response) throws ProcessingException;
+
+
/**
+ * Get the type of handler
+ * - handler at IDP or SP
+ * @return
+ */
+ HANDLER_TYPE getType();
+
+ /**
* Handle a SAML2 RequestAbstractType
* @param requestAbstractType
* @param resultingDocument
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -34,14 +34,6 @@
*/
public interface SAML2HandlerRequest
{
- /**
- * Processing Point - idp side
- * or service side
- */
- public enum HANDLER_TYPE
- {
- IDP,SP;
- };
public enum GENERATE_REQUEST_TYPE
{
@@ -60,13 +52,6 @@
* @return
*/
SAML2Object getSAML2Object();
-
- /**
- * Get the type of handler
- * - handler at IDP or SP
- * @return
- */
- HANDLER_TYPE getType();
/**
* Return the type of SAML request
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -82,8 +82,8 @@
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
-import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil;
@@ -389,15 +389,15 @@
Handlers handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml"));
chain.addAll(HandlerUtil.getHandlers(handlers));
- Map<String, Object> configOptions = new HashMap<String, Object>();
- configOptions.put(GeneralConstants.CONFIGURATION, spConfiguration);
+ Map<String, Object> chainConfigOptions = new HashMap<String, Object>();
+ chainConfigOptions.put(GeneralConstants.CONFIGURATION, spConfiguration);
- SAML2HandlerChainConfig handlerConfig = new DefaultSAML2HandlerChainConfig(configOptions);
+ SAML2HandlerChainConfig handlerChainConfig = new DefaultSAML2HandlerChainConfig(chainConfigOptions);
Set<SAML2Handler> samlHandlers = chain.handlers();
for(SAML2Handler handler: samlHandlers)
{
- handler.initChainConfig(handlerConfig);
+ handler.initChainConfig(handlerChainConfig);
}
}
catch(Exception e)
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -24,6 +24,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
+import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler;
@@ -31,6 +32,7 @@
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.web.constants.GeneralConstants;
import org.jboss.identity.federation.web.core.HTTPContext;
/**
@@ -42,6 +44,7 @@
{
protected SAML2HandlerConfig handlerConfig = null;
protected SAML2HandlerChainConfig handlerChainConfig = null;
+ protected HANDLER_TYPE handlerType;
/**
* Initialize the handler
@@ -57,8 +60,24 @@
throws ConfigurationException
{
this.handlerChainConfig = handlerChainConfig;
+ Object config = this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION);
+ if(config instanceof IDPType)
+ this.handlerType = HANDLER_TYPE.IDP;
+ else
+ this.handlerType = HANDLER_TYPE.SP;
}
+
+ /**
+ * Get the type of handler
+ * - handler at IDP or SP
+ * @return
+ */
+ public HANDLER_TYPE getType()
+ {
+ return this.handlerType;
+ }
+
public void reset() throws ProcessingException
{
}
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -86,7 +86,7 @@
return ;
//only handle IDP side
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.SP)
+ if(getType() == HANDLER_TYPE.SP)
return;
HTTPContext httpContext = (HTTPContext) request.getContext();
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -85,12 +85,12 @@
@SuppressWarnings("unchecked")
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
{
- //Do not handle log out request interaction
+ //Do not handle log out request interaction
if(request.getSAML2Object() instanceof LogoutRequestType)
return ;
//only handle IDP side
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.SP)
+ if(getType() == HANDLER_TYPE.SP)
return;
HTTPContext httpContext = (HTTPContext) request.getContext();
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -80,7 +80,7 @@
if(request.getSAML2Object() instanceof AuthnRequestType == false)
return ;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleRequestType(request, response);
}
@@ -96,7 +96,7 @@
if(request.getSAML2Object() instanceof ResponseType == false)
return ;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleStatusResponseType(request, response);
}
@@ -112,7 +112,7 @@
if(GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated())
return;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.generateSAMLRequest(request, response);
}
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -51,7 +51,7 @@
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
{
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleRequestType(request, response);
}
@@ -64,7 +64,7 @@
public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
throws ProcessingException
{
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleStatusResponseType(request, response);
}
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -86,7 +86,7 @@
return;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.generateSAMLRequest(request, response);
}
@@ -105,7 +105,7 @@
if(request.getSAML2Object() instanceof LogoutRequestType == false)
return ;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleRequestType(request, response);
}
@@ -129,7 +129,7 @@
if(request.getSAML2Object() instanceof StatusResponseType == false)
return ;
- if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP)
+ if(getType() == HANDLER_TYPE.IDP)
{
idp.handleStatusResponseType(request, response);
}
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -66,8 +66,8 @@
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
-import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil;
import org.jboss.identity.federation.saml.v2.SAML2Object;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
@@ -93,7 +93,7 @@
protected transient IDPType idpConfiguration = null;
- private transient RoleGenerator rg = new DefaultRoleGenerator();
+ private transient RoleGenerator roleGenerator = new DefaultRoleGenerator();
private transient DelegatedAttributeManager attribManager = new DelegatedAttributeManager();
@@ -152,15 +152,16 @@
handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml"));
chain.addAll(HandlerUtil.getHandlers(handlers));
- Map<String, Object> configOptions = new HashMap<String, Object>();
- configOptions.put(GeneralConstants.ROLE_GENERATOR, rg);
+ Map<String, Object> chainConfigOptions = new HashMap<String, Object>();
+ chainConfigOptions.put(GeneralConstants.ROLE_GENERATOR, roleGenerator);
+ chainConfigOptions.put(GeneralConstants.CONFIGURATION, idpConfiguration);
- SAML2HandlerChainConfig handlerConfig = new DefaultSAML2HandlerChainConfig(configOptions);
+ SAML2HandlerChainConfig handlerChainConfig = new DefaultSAML2HandlerChainConfig(chainConfigOptions);
Set<SAML2Handler> samlHandlers = chain.handlers();
for(SAML2Handler handler: samlHandlers)
{
- handler.initChainConfig(handlerConfig);
+ handler.initChainConfig(handlerChainConfig);
}
}
@@ -355,7 +356,7 @@
saml2HandlerRequest.setRelayState(relayState);
Map<String, Object> requestOptions = new HashMap<String, Object>();
- requestOptions.put(GeneralConstants.ROLE_GENERATOR, rg);
+ requestOptions.put(GeneralConstants.ROLE_GENERATOR, roleGenerator);
requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY, this.assertionValidity);
requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration);
Map<String,Object> attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys);
@@ -366,7 +367,7 @@
List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID);
if(roles == null)
{
- roles = rg.generateRoles(userPrincipal);
+ roles = roleGenerator.generateRoles(userPrincipal);
session.setAttribute(GeneralConstants.ROLES_ID, roles);
}
@@ -620,7 +621,7 @@
try
{
Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(rgName);
- rg = (RoleGenerator) clazz.newInstance();
+ roleGenerator = (RoleGenerator) clazz.newInstance();
}
catch (Exception e)
{
Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2009-10-12 18:39:08 UTC (rev 851)
@@ -0,0 +1,122 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.web.saml.handlers;
+
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.core.config.IDPType;
+import org.jboss.identity.federation.core.constants.AttributeConstants;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.saml.v2.SAML2Object;
+import org.jboss.identity.federation.web.constants.GeneralConstants;
+import org.jboss.identity.federation.web.core.HTTPContext;
+import org.jboss.identity.federation.web.handlers.saml2.SAML2AttributeHandler;
+import org.jboss.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.jboss.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.jboss.test.identity.federation.web.mock.MockHttpSession;
+import org.jboss.test.identity.federation.web.mock.MockServletContext;
+
+/**
+ * Unit test the {@code SAML2AttributeHandler}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2AttributeHandlerUnitTestCase extends TestCase
+{
+ private static String name = "anil";
+ private static String email = "anil@test";
+
+ @SuppressWarnings("unchecked")
+ public void testAttributes() throws Exception
+ {
+ SAML2AttributeHandler handler = new SAML2AttributeHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String,Object> chainOptions = new HashMap<String, Object>();
+ IDPType idpType = new IDPType();
+ idpType.setAttributeManager(TestAttributeManager.class.getName());
+ chainOptions.put(GeneralConstants.CONFIGURATION, idpType);
+ chainConfig.set(chainOptions);
+
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAML2Object saml2Object = new SAML2Object(){};
+
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext,
+ issuerInfo.getIssuer(), saml2Object, SAML2Handler.HANDLER_TYPE.IDP);
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return name;
+ }});
+ handler.handleRequestType(request, response);
+
+ Map<String, Object> attribs = (Map<String, Object>) session.getAttribute(GeneralConstants.ATTRIBUTES);
+ assertNotNull("Attributes are not null", attribs);
+ assertEquals(email,attribs.get(AttributeConstants.EMAIL_ADDRESS));
+ }
+
+ public static class TestAttributeManager implements AttributeManager
+ {
+ public Map<String, Object> getAttributes(Principal userPrincipal, List<String> attributeKeys)
+ {
+ Map<String,Object> attribs = new HashMap<String, Object>();
+
+ if(name.equals(userPrincipal.getName()))
+ {
+ attribs.put(AttributeConstants.EMAIL_ADDRESS, email);
+ }
+ return attribs;
+ }
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml 2009-10-12 17:45:53 UTC (rev 850)
+++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml 2009-10-12 18:39:08 UTC (rev 851)
@@ -1,5 +1,6 @@
<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0"
- AttributeManager="">
+ AttributeManager=""
+ RoleGenerator="org.jboss.identity.federation.core.impl.EmptyRoleGenerator">
<IdentityURL>http://localhost:8080/idp/</IdentityURL>
</JBossIDP>
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r850 - identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 13:45:53 -0400 (Mon, 12 Oct 2009)
New Revision: 850
Modified:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
Log:
JBID-198: saml2 handler arch
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 16:39:33 UTC (rev 849)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 17:45:53 UTC (rev 850)
@@ -71,6 +71,15 @@
{
}
+ /**
+ * @see {@code SAML2Handler#handleStatusResponseType(SAML2HandlerRequest, SAML2HandlerResponse)}
+ */
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
+ }
+
+
public static HttpServletRequest getHttpRequest(SAML2HandlerRequest request)
{
HTTPContext context = (HTTPContext) request.getContext();
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 16:39:33 UTC (rev 849)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 17:45:53 UTC (rev 850)
@@ -102,14 +102,6 @@
}
response.setRoles(roles);
}
-
- /**
- * @see {@code SAML2Handler#handleStatusResponseType(SAML2HandlerRequest, SAML2HandlerResponse)}
- */
- public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
- throws ProcessingException
- {
- }
private void insantiateRoleValidator(String attribStr)
throws ConfigurationException
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 16:39:33 UTC (rev 849)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 17:45:53 UTC (rev 850)
@@ -103,12 +103,7 @@
attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys);
session.setAttribute(GeneralConstants.ATTRIBUTES, attribs);
}
- }
-
- public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
- throws ProcessingException
- {
- }
+ }
private void insantiateAttributeManager(String attribStr)
throws ConfigurationException
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r849 - identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 12:39:33 -0400 (Mon, 12 Oct 2009)
New Revision: 849
Modified:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
Log:
JBID-198: saml2 handler arch
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 16:32:46 UTC (rev 848)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 16:39:33 UTC (rev 849)
@@ -23,7 +23,7 @@
import java.security.Principal;
import java.util.List;
-
+
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
@@ -73,6 +73,10 @@
this.insantiateRoleValidator(roleGeneratorString);
}
+
+ /**
+ * @see {@code SAML2Handler#handleRequestType(SAML2HandlerRequest, SAML2HandlerResponse)}
+ */
@SuppressWarnings("unchecked")
public void handleRequestType(SAML2HandlerRequest request,
SAML2HandlerResponse response) throws ProcessingException
@@ -99,6 +103,9 @@
response.setRoles(roles);
}
+ /**
+ * @see {@code SAML2Handler#handleStatusResponseType(SAML2HandlerRequest, SAML2HandlerResponse)}
+ */
public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
throws ProcessingException
{
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 16:32:46 UTC (rev 848)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 16:39:33 UTC (rev 849)
@@ -22,6 +22,13 @@
package org.jboss.identity.federation.web.handlers.saml2;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpSession;
+
import org.apache.log4j.Logger;
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
@@ -32,7 +39,9 @@
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType;
import org.jboss.identity.federation.web.constants.GeneralConstants;
+import org.jboss.identity.federation.web.core.HTTPContext;
/**
* Handler dealing with attributes for SAML2
@@ -45,6 +54,7 @@
private boolean trace = log.isTraceEnabled();
protected AttributeManager attribManager = new EmptyAttributeManager();
+ protected List<String> attributeKeys = new ArrayList<String>();
@Override
public void initChainConfig(SAML2HandlerChainConfig handlerChainConfig) throws ConfigurationException
@@ -56,20 +66,43 @@
IDPType idpType = (IDPType) config;
String attribStr = idpType.getAttributeManager();
insantiateAttributeManager(attribStr);
- }
+ }
}
+ @SuppressWarnings("unchecked")
@Override
public void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws ConfigurationException
{
super.initHandlerConfig(handlerConfig);
String attribStr = (String) this.handlerConfig.getParameter(GeneralConstants.ATTIBUTE_MANAGER);
- this.insantiateAttributeManager(attribStr);
+ this.insantiateAttributeManager(attribStr);
+ List<String> ak = (List<String>) this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
+ if(ak != null)
+ this.attributeKeys.addAll(ak);
}
+ @SuppressWarnings("unchecked")
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
{
+ //Do not handle log out request interaction
+ if(request.getSAML2Object() instanceof LogoutRequestType)
+ return ;
+
+ //only handle IDP side
+ if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.SP)
+ return;
+
+ HTTPContext httpContext = (HTTPContext) request.getContext();
+ HttpSession session = httpContext.getRequest().getSession(false);
+
+ Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID);
+ Map<String, Object> attribs = (Map<String, Object>) session.getAttribute(GeneralConstants.ATTRIBUTES);
+ if(attribs == null)
+ {
+ attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys);
+ session.setAttribute(GeneralConstants.ATTRIBUTES, attribs);
+ }
}
public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r848 - authz/downloads/authz-1.0.alpha1.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-10-12 12:32:46 -0400 (Mon, 12 Oct 2009)
New Revision: 848
Added:
authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.tar.gz
authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.zip
authz/downloads/authz-1.0.alpha1/reference-doc.zip
Log:
alpha1 downloadables
Added: authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.tar.gz
===================================================================
(Binary files differ)
Property changes on: authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.tar.gz
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.zip
===================================================================
(Binary files differ)
Property changes on: authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.zip
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: authz/downloads/authz-1.0.alpha1/reference-doc.zip
===================================================================
(Binary files differ)
Property changes on: authz/downloads/authz-1.0.alpha1/reference-doc.zip
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r847 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp and 9 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-10-12 12:09:28 -0400 (Mon, 12 Oct 2009)
New Revision: 847
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyRoleGenerator.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/RoleGenerator.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
Removed:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/BaseHandlerConfig.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/roles/DefaultRoleGenerator.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
Log:
JBID-198: saml2 handler arch
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatRoleGenerator.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -30,7 +30,7 @@
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.realm.GenericPrincipal;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
/**
* Generate roles from Tomcat Principal
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -51,6 +51,7 @@
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
@@ -63,7 +64,6 @@
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.web.util.ConfigurationUtil;
import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
import org.jboss.identity.federation.web.util.RedirectBindingUtil;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -51,6 +51,7 @@
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.impl.DelegatedAttributeManager;
import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.core.interfaces.TrustKeyManager;
import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException;
@@ -59,7 +60,6 @@
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.web.util.ConfigurationUtil;
import org.jboss.identity.federation.web.util.IDPWebRequestUtil;
import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -44,4 +44,10 @@
{
return new HashMap<String, Object>();
}
+
+ @Override
+ public String toString()
+ {
+ return EmptyAttributeManager.class.getName();
+ }
}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyRoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyRoleGenerator.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyRoleGenerator.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.impl;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
+
+/**
+ * A Role Generator that generates no roles
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class EmptyRoleGenerator implements RoleGenerator
+{
+ /**
+ * @see {@code RoleGenerator#generateRoles(Principal)}
+ */
+ public List<String> generateRoles(Principal principal)
+ {
+ return new ArrayList<String>();
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/RoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/RoleGenerator.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/RoleGenerator.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.interfaces;
+
+import java.security.Principal;
+import java.util.List;
+
+/**
+ * Generate roles given a principal
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jan 21, 2009
+ */
+public interface RoleGenerator
+{
+ /**
+ * Generate roles given a principal
+ * @param principal
+ * @return
+ */
+ List<String> generateRoles(Principal principal);
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/BaseHandlerConfig.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/BaseHandlerConfig.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/BaseHandlerConfig.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -35,9 +35,7 @@
protected Map<String, Object> params = new HashMap<String, Object>();
/**
- * Does the config contain the key?
- * @param key
- * @return
+ * @see SAML2HandlerChainConfig#containsKey(String)
*/
public boolean containsKey(String key)
{
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -20,7 +20,9 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.identity.federation.core.saml.v2.interfaces;
+
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
/**
@@ -34,13 +36,15 @@
* Initialize the handler
* @param handlerConfig Handler Config
*/
- void initChainConfig(SAML2HandlerChainConfig handlerChainConfig);
+ void initChainConfig(SAML2HandlerChainConfig handlerChainConfig)
+ throws ConfigurationException;
/**
* Initialize the handler from configuration
* @param options
*/
- void initHandlerConfig(SAML2HandlerConfig handlerConfig);
+ void initHandlerConfig(SAML2HandlerConfig handlerConfig)
+ throws ConfigurationException;
/**
* Generate a SAML Request to be sent to the IDP
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -32,6 +32,7 @@
String ATTRIBUTES = "ATTRIBUTES";
String ATTRIBUTE_KEYS = "ATTRIBUTE_KEYS";
+ String ATTIBUTE_MANAGER = "ATTRIBUTE_MANAGER";
String CONFIGURATION = "CONFIGURATION";
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -20,10 +20,11 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.identity.federation.web.handlers.saml2;
-
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
@@ -47,11 +48,13 @@
* @param options
*/
public void initHandlerConfig(SAML2HandlerConfig handlerConfig)
+ throws ConfigurationException
{
this.handlerConfig = handlerConfig;
}
public void initChainConfig(SAML2HandlerChainConfig handlerChainConfig)
+ throws ConfigurationException
{
this.handlerChainConfig = handlerChainConfig;
}
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -23,10 +23,15 @@
import java.security.Principal;
import java.util.List;
-
+
import javax.servlet.http.HttpSession;
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.config.IDPType;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.impl.EmptyRoleGenerator;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
@@ -34,7 +39,6 @@
import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType;
import org.jboss.identity.federation.web.constants.GeneralConstants;
import org.jboss.identity.federation.web.core.HTTPContext;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
/**
* Handles the generation of roles
@@ -43,34 +47,30 @@
*/
public class RolesGenerationHandler extends BaseSAML2Handler
{
+ private static Logger log = Logger.getLogger(RolesGenerationHandler.class);
+ private boolean trace = log.isTraceEnabled();
- @SuppressWarnings("unused")
- private transient RoleGenerator rg = null;
+ private transient RoleGenerator roleGenerator = new EmptyRoleGenerator();
- public void initChainConfig(SAML2HandlerChainConfig handlerConfig)
+ @Override
+ public void initChainConfig(SAML2HandlerChainConfig handlerChainConfig) throws ConfigurationException
{
- rg = (RoleGenerator) handlerConfig.getParameter(GeneralConstants.ROLE_GENERATOR);
- }
+ super.initChainConfig(handlerChainConfig);
+ Object config = this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION);
+ if(config instanceof IDPType)
+ {
+ IDPType idpType = (IDPType) config;
+ String roleGeneratorString = idpType.getRoleGenerator();
+ this.insantiateRoleValidator(roleGeneratorString);
+ }
+ }
@Override
- public void initHandlerConfig(SAML2HandlerConfig handlerConfig)
+ public void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws ConfigurationException
{
super.initHandlerConfig(handlerConfig);
-
- if(this.handlerConfig.containsKey(GeneralConstants.ROLE_GENERATOR))
- {
- String clazzName = (String) this.handlerConfig.getParameter(GeneralConstants.ROLE_GENERATOR);
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- try
- {
- rg = (RoleGenerator) tcl.loadClass(clazzName).newInstance();
- }
- catch(Exception e)
- {
- throw new RuntimeException("Unable to instantiate Role Generator:",e);
- }
-
- }
+ String roleGeneratorString = (String) this.handlerConfig.getParameter(GeneralConstants.ATTIBUTE_MANAGER);
+ this.insantiateRoleValidator(roleGeneratorString);
}
@SuppressWarnings("unchecked")
@@ -93,8 +93,7 @@
if(roles == null)
{
- RoleGenerator rg = (RoleGenerator) request.getOptions().get(GeneralConstants.ROLE_GENERATOR);
- roles = rg.generateRoles(userPrincipal);
+ roles = roleGenerator.generateRoles(userPrincipal);
session.setAttribute(GeneralConstants.ROLES_ID, roles);
}
response.setRoles(roles);
@@ -104,4 +103,24 @@
throws ProcessingException
{
}
+
+ private void insantiateRoleValidator(String attribStr)
+ throws ConfigurationException
+ {
+ if(attribStr != null && !"".equals(attribStr))
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ try
+ {
+ roleGenerator = (RoleGenerator) tcl.loadClass(attribStr).newInstance();
+ if(trace)
+ log.trace("RoleGenerator set to " + this.roleGenerator);
+ }
+ catch (Exception e)
+ {
+ log.error("Exception initializing role generator:",e);
+ throw new ConfigurationException();
+ }
+ }
+ }
}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -0,0 +1,99 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.handlers.saml2;
+
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.config.IDPType;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.impl.EmptyAttributeManager;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.jboss.identity.federation.web.constants.GeneralConstants;
+
+/**
+ * Handler dealing with attributes for SAML2
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2AttributeHandler extends BaseSAML2Handler
+{
+ private static Logger log = Logger.getLogger(SAML2AttributeHandler.class);
+ private boolean trace = log.isTraceEnabled();
+
+ protected AttributeManager attribManager = new EmptyAttributeManager();
+
+ @Override
+ public void initChainConfig(SAML2HandlerChainConfig handlerChainConfig) throws ConfigurationException
+ {
+ super.initChainConfig(handlerChainConfig);
+ Object config = this.handlerChainConfig.getParameter(GeneralConstants.CONFIGURATION);
+ if(config instanceof IDPType)
+ {
+ IDPType idpType = (IDPType) config;
+ String attribStr = idpType.getAttributeManager();
+ insantiateAttributeManager(attribStr);
+ }
+ }
+
+ @Override
+ public void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws ConfigurationException
+ {
+ super.initHandlerConfig(handlerConfig);
+
+ String attribStr = (String) this.handlerConfig.getParameter(GeneralConstants.ATTIBUTE_MANAGER);
+ this.insantiateAttributeManager(attribStr);
+ }
+
+ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException
+ {
+ }
+
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ throws ProcessingException
+ {
+ }
+
+ private void insantiateAttributeManager(String attribStr)
+ throws ConfigurationException
+ {
+ if(attribStr != null && !"".equals(attribStr))
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ try
+ {
+ attribManager = (AttributeManager) tcl.loadClass(attribStr).newInstance();
+ if(trace)
+ log.trace("AttributeManager set to " + this.attribManager);
+ }
+ catch (Exception e)
+ {
+ log.error("Exception initializing attribute manager:",e);
+ throw new ConfigurationException();
+ }
+ }
+ }
+}
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/interfaces/RoleGenerator.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -1,40 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.web.interfaces;
-
-import java.security.Principal;
-import java.util.List;
-
-/**
- * Generate roles given a principal
- * @author Anil.Saldhana(a)redhat.com
- * @since Jan 21, 2009
- */
-public interface RoleGenerator
-{
- /**
- * Generate roles given a principal
- * @param principal
- * @return
- */
- List<String> generateRoles(Principal principal);
-}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/roles/DefaultRoleGenerator.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/roles/DefaultRoleGenerator.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/roles/DefaultRoleGenerator.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -29,7 +29,7 @@
import java.util.Properties;
import java.util.StringTokenizer;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
/**
* Simple Role Generator that looks
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-12 15:51:31 UTC (rev 846)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-12 16:09:28 UTC (rev 847)
@@ -50,6 +50,7 @@
import org.jboss.identity.federation.core.impl.DelegatedAttributeManager;
import org.jboss.identity.federation.core.interfaces.AttributeManager;
import org.jboss.identity.federation.core.interfaces.ProtocolContext;
+import org.jboss.identity.federation.core.interfaces.RoleGenerator;
import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.core.interfaces.TrustKeyManager;
import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException;
@@ -73,7 +74,6 @@
import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType;
import org.jboss.identity.federation.web.constants.GeneralConstants;
import org.jboss.identity.federation.web.core.HTTPContext;
-import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.web.roles.DefaultRoleGenerator;
import org.jboss.identity.federation.web.util.ConfigurationUtil;
import org.jboss.identity.federation.web.util.IDPWebRequestUtil;
14 years, 6 months
- 1
- 0
JBoss Identity SVN: r846 - authz/downloads.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-10-12 11:51:31 -0400 (Mon, 12 Oct 2009)
New Revision: 846
Added:
authz/downloads/authz-1.0.alpha1/
Log:
directory for release downloads
14 years, 6 months
- 1
- 0