October 2009 - jboss-identity-commits

by jboss-identity-commits＠lists.jboss.org

Author: sohil.shah(a)jboss.com Date: 2009-10-09 18:54:35 -0400 (Fri, 09 Oct 2009) New Revision: 835 Modified: authz/trunk/ Log: build stuff to get alpha ready to ship Property changes on: authz/trunk ___________________________________________________________________ Name: svn:ignore - bin + bin target

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r834 - in authz/trunk: assemble and 1 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: sohil.shah(a)jboss.com Date: 2009-10-09 18:53:18 -0400 (Fri, 09 Oct 2009) New Revision: 834 Added: authz/trunk/assemble/ authz/trunk/assemble/bin.xml authz/trunk/assemble/doc.xml Modified: authz/trunk/common/pom.xml authz/trunk/pom.xml Log: build stuff to get alpha ready to ship Added: authz/trunk/assemble/bin.xml =================================================================== --- authz/trunk/assemble/bin.xml (rev 0) +++ authz/trunk/assemble/bin.xml 2009-10-09 22:53:18 UTC (rev 834) @@ -0,0 +1,27 @@ +<assembly> + <id>bin</id> + <formats> + <format>dir</format> +  + </formats> + <includeBaseDirectory>false</includeBaseDirectory> + <moduleSets> + <moduleSet> + <includes> + <include>org.jboss.security.authz:common</include> + <include>org.jboss.security.authz:component-spec</include> + <include>org.jboss.security.authz:core-components</include> + <include>org.jboss.security.authz:agent</include> + <include>org.jboss.security.authz:policy-server</include> + </includes> + <binaries> + <outputDirectory>/lib</outputDirectory> + <unpack>false</unpack> + </binaries> + </moduleSet> + </moduleSets> +</assembly> \ No newline at end of file Added: authz/trunk/assemble/doc.xml =================================================================== --- authz/trunk/assemble/doc.xml (rev 0) +++ authz/trunk/assemble/doc.xml 2009-10-09 22:53:18 UTC (rev 834) @@ -0,0 +1,18 @@ +<assembly> + <id>doc</id> + <formats> + <format>dir</format> + </formats> + <includeBaseDirectory>false</includeBaseDirectory> + <moduleSets> + <moduleSet> + <includes> + <include>org.jboss.security.authz:reference-guide</include> + </includes> + <binaries> + <outputDirectory>/doc</outputDirectory> + <unpack>true</unpack> + </binaries> + </moduleSet> + </moduleSets> +</assembly> \ No newline at end of file Modified: authz/trunk/common/pom.xml =================================================================== --- authz/trunk/common/pom.xml 2009-10-09 20:05:11 UTC (rev 833) +++ authz/trunk/common/pom.xml 2009-10-09 22:53:18 UTC (rev 834) @@ -13,12 +13,7 @@ <url>http://www.jboss.org</url> <description>Contains components that are used by all the other modules</description> - <dependencies> -  - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-xacml</artifactId> - </dependency> + <dependencies>  <dependency> <groupId>org.jboss.microcontainer</groupId> Modified: authz/trunk/pom.xml =================================================================== --- authz/trunk/pom.xml 2009-10-09 20:05:11 UTC (rev 833) +++ authz/trunk/pom.xml 2009-10-09 22:53:18 UTC (rev 834) @@ -14,10 +14,11 @@ <module>common</module> <module>core-components</module> <module>agent</module> - <module>policy-server</module> - <module>http-profile</module> + <module>policy-server</module> <module>samples</module> + <module>documentation</module>  </modules> @@ -56,65 +57,77 @@ <dependency> <groupId>sun-jaxb</groupId> <artifactId>jaxb-api</artifactId> - <version>${version.sun.jaxb}</version> - <scope>provided</scope> + <version>${version.sun.jaxb}</version> </dependency> <dependency> <groupId>sun-jaxb</groupId> <artifactId>jaxb-impl</artifactId> - <version>${version.sun.jaxb}</version> - <scope>provided</scope> + <version>${version.sun.jaxb}</version> </dependency> <dependency> <groupId>sun-jaxb</groupId> <artifactId>jaxb-xjc</artifactId> - <version>${version.sun.jaxb}</version> - <scope>provided</scope> + <version>${version.sun.jaxb}</version> </dependency>  <dependency> <groupId>sun-jaf</groupId> <artifactId>activation</artifactId> - <version>${version.sun.jaf}</version> + <version>${version.sun.jaf}</version> </dependency>  <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> - <version>${version.jboss.xacml}</version> - <scope>provided</scope> + <version>${version.jboss.xacml}</version> + <exclusions> + <exclusion> + <groupId>apache-xerces</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + <exclusion> + <groupId>apache-xerces</groupId> + <artifactId>xercesImpl</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-sunxacml</artifactId> - <version>${version.jboss.xacml}</version> - <scope>provided</scope> + <version>${version.jboss.xacml}</version> + <exclusions> + <exclusion> + <groupId>apache-xerces</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + <exclusion> + <groupId>apache-xerces</groupId> + <artifactId>xercesImpl</artifactId> + </exclusion> + </exclusions> </dependency>  <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> - <version>${version.junit}</version> - <scope>provided</scope> + <version>${version.junit}</version> </dependency>  <dependency> <groupId>apache-log4j</groupId> <artifactId>log4j</artifactId> - <version>${version.apache.log4j}</version> - <scope>provided</scope> + <version>${version.apache.log4j}</version> </dependency>  <dependency> <groupId>org.drools</groupId> <artifactId>drools-core</artifactId> - <version>${version.org.drools}</version> - <scope>provided</scope> + <version>${version.org.drools}</version> <exclusions> <exclusion> <groupId>xerces</groupId> @@ -125,8 +138,7 @@ <dependency> <groupId>org.drools</groupId> <artifactId>drools-compiler</artifactId> - <version>${version.org.drools}</version> - <scope>provided</scope> + <version>${version.org.drools}</version> <exclusions> <exclusion> <groupId>xerces</groupId> @@ -137,14 +149,12 @@ <dependency> <groupId>org.mvel</groupId> <artifactId>mvel</artifactId> - <version>${version.org.mvel.mvel}</version> - <scope>provided</scope> + <version>${version.org.mvel.mvel}</version> </dependency> <dependency> <groupId>org.antlr</groupId> <artifactId>antlr-runtime</artifactId> - <version>${version.org.antlr}</version> - <scope>provided</scope> + <version>${version.org.antlr}</version> </dependency>  @@ -158,40 +168,34 @@ <dependency> <groupId>org.jboss.microcontainer</groupId> <artifactId>jboss-kernel</artifactId> - <version>${version.org.jboss.microcontainer}</version> - <scope>provided</scope> + <version>${version.org.jboss.microcontainer}</version> </dependency> <dependency> <groupId>org.jboss.microcontainer</groupId> <artifactId>jboss-dependency</artifactId> - <version>${version.org.jboss.microcontainer}</version> - <scope>provided</scope> + <version>${version.org.jboss.microcontainer}</version> </dependency> <dependency> <groupId>org.jboss</groupId> <artifactId>jboss-reflect</artifactId> - <version>${version.org.jboss.jboss-reflect}</version> - <scope>provided</scope> + <version>${version.org.jboss.jboss-reflect}</version> </dependency> <dependency> <groupId>org.jboss</groupId> <artifactId>jboss-common-core</artifactId> - <version>${version.org.jboss.jboss-common-core}</version> - <scope>provided</scope> + <version>${version.org.jboss.jboss-common-core}</version> </dependency> <dependency> <groupId>org.jboss</groupId> <artifactId>jboss-mdr</artifactId> - <version>${version.org.jboss.jboss-mdr}</version> - <scope>provided</scope> + <version>${version.org.jboss.jboss-mdr}</version> </dependency>  <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> - <version>${version.javax.servlet.servlet-api}</version> - <scope>provided</scope> + <version>${version.javax.servlet.servlet-api}</version> </dependency>  @@ -281,7 +285,16 @@ </goals> </execution> </executions> - </plugin> + </plugin> + <plugin> + <artifactId>maven-assembly-plugin</artifactId> + <configuration> + <descriptors> + <descriptor>assemble/bin.xml</descriptor> + <descriptor>assemble/doc.xml</descriptor> + </descriptors> + </configuration> + </plugin> </plugins> </build> @@ -296,6 +309,19 @@ </plugin> </plugins> </reporting> + +  + <profiles> + <profile> + <id>container-testsuite</id> + <properties> +  + <jboss.home>/home/soshah/projects/jboss-portal/jboss-5.0.1.GA</jboss.home> + </properties> + </profile> + </profiles> <repositories> <repository> @@ -358,18 +384,5 @@ <url>dav:https://snapshots.jboss.org/maven2</url> <uniqueVersion>true</uniqueVersion> </snapshotRepository> - </distributionManagement> - -  - <profiles> - <profile> - <id>container-testsuite</id> - <properties> -  - <jboss.home>/home/soshah/projects/jboss-portal/jboss-5.0.1.GA</jboss.home> - </properties> - </profile> - </profiles> + </distributionManagement> </project>

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r833 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust and 5 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 16:05:11 -0400 (Fri, 09 Oct 2009) New Revision: 833 Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLEncryptionUtil.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java Log: unused imports; warnings removed Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLEncryptionUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLEncryptionUtil.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/XMLEncryptionUtil.java 2009-10-09 20:05:11 UTC (rev 833) @@ -78,6 +78,7 @@ this.size = size; } + @SuppressWarnings("unused") public String jceName; public String xmlSecName; public int size; Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-10-09 20:05:11 UTC (rev 833) @@ -33,7 +33,6 @@ import org.apache.log4j.Logger; import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; import org.jboss.identity.federation.core.util.XMLSignatureUtil; -import org.jboss.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken; import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; import org.jboss.identity.federation.ws.policy.AppliesTo; Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAML20TokenProvider.java 2009-10-09 20:05:11 UTC (rev 833) @@ -67,6 +67,7 @@ private static Logger logger = Logger.getLogger(SAML20TokenProvider.class); + @SuppressWarnings("unused") private Map<String, String> properties; /* Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2009-10-09 20:05:11 UTC (rev 833) @@ -91,6 +91,7 @@ * @return a reference to the unmarshaled {@code AssertionType} instance. * @throws JAXBException if an error occurs while unmarshalling the document. */ + @SuppressWarnings("unchecked") public static AssertionType fromElement(Element assertionElement) throws JAXBException { Unmarshaller unmarshaller = JAXBUtil.getUnmarshaller("org.jboss.identity.federation.saml.v2.assertion"); Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java 2009-10-09 20:05:11 UTC (rev 833) @@ -184,6 +184,7 @@ * * @param delegate the JAXB {@code RequestSecurityTokenType} that represents a WS-Trust token request. */ + @SuppressWarnings("unchecked") public RequestSecurityToken(RequestSecurityTokenType delegate) { this.delegate = delegate; Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java 2009-10-09 20:05:11 UTC (rev 833) @@ -194,6 +194,7 @@ * * @param delegate the JAXB {@code RequestSecurityTokenResponseType} that represents a WS-Trust response. */ + @SuppressWarnings("unchecked") public RequestSecurityTokenResponse(RequestSecurityTokenResponseType delegate) { this.delegate = delegate; Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2009-10-09 20:05:11 UTC (rev 833) @@ -301,6 +301,7 @@ throw new RuntimeException("This authenticator does not handle encryption"); } + @SuppressWarnings("unchecked") private Principal handleSAMLResponse(ResponseType responseType) throws ProcessingException { Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2009-10-09 20:05:11 UTC (rev 833) @@ -224,8 +224,7 @@ LogoutRequestType logOutRequest = (LogoutRequestType) request.getSAML2Object(); String issuer = logOutRequest.getIssuer().getValue(); try - { - SAML2Response saml2Response = new SAML2Response(); + { SAML2Request saml2Request = new SAML2Request(); ServletContext servletCtx = httpContext.getServletContext(); Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-09 20:05:11 UTC (rev 833) @@ -206,6 +206,7 @@ } + @SuppressWarnings("unchecked") @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { @@ -318,8 +319,7 @@ if(samlRequestMessage != null) { //Get the SAML Request Message - RequestAbstractType requestAbstractType = null; - StatusResponseType statusResponseType = null; + RequestAbstractType requestAbstractType = null; try { Modified: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2009-10-09 19:54:41 UTC (rev 832) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2009-10-09 20:05:11 UTC (rev 833) @@ -67,8 +67,8 @@ { private String profile = "saml2/logout"; private ClassLoader tcl = Thread.currentThread().getContextClassLoader(); - private String employee = "http://localhost:8080/employee/"; - private String identity = "http://localhost:8080/idp/"; + private String employee = "http://localhost:8080/employee/"; + private String sales = "http://localhost:8080/sales/"; /** * Test that the SP web filter generates the logout request @@ -117,10 +117,7 @@ Document spHTMLResponse = DocumentUtil.getDocument(spResponse); NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT"); Element inputElement = (Element)nodes.item(0); - String logoutRequest = inputElement.getAttributeNode("VALUE").getValue(); - String relayState = null; - if(nodes.getLength() > 1) - relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + String logoutRequest = inputElement.getAttributeNode("VALUE").getValue(); byte[] b64Decoded = PostBindingUtil.base64Decode(logoutRequest); SAML2Request saml2Request = new SAML2Request(); @@ -161,9 +158,9 @@ session.setAttribute(GeneralConstants.ROLES_ID, rolesList); MockHttpServletRequest request = new MockHttpServletRequest(session, "POST"); - request.addHeader("Referer", "http://localhost:8080/sales/"); + request.addHeader("Referer", sales); - String samlMessage = Base64.encodeBytes(createLogOutRequest("http://localhost:8080/sales/").getBytes()); + String samlMessage = Base64.encodeBytes(createLogOutRequest(sales).getBytes()); session.setAttribute("SAMLRequest", samlMessage); MockHttpServletResponse response = new MockHttpServletResponse(); @@ -300,8 +297,8 @@ IdentityServer server = new IdentityServer(); server.sessionCreated(new HttpSessionEvent(session)); - server.stack().register(session.getId(), "http://localhost:8080/sales/"); - server.stack().register(session.getId(), "http://localhost:8080/employee/"); + server.stack().register(session.getId(), sales); + server.stack().register(session.getId(), employee); return server; } } \ No newline at end of file

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r832 - in identity-federation/trunk/jboss-identity-web/src: main/java/org/jboss/identity/federation/web/filters and 1 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 15:54:41 -0400 (Fri, 09 Oct 2009) New Revision: 832 Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java Log: JBID-40: SAML2 Logout Update workflow test Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-09 18:59:17 UTC (rev 831) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-09 19:54:41 UTC (rev 832) @@ -29,15 +29,23 @@ public interface GeneralConstants { String ASSERTIONS_VALIDITY = "ASSERTIONS_VALIDITY"; + String ATTRIBUTES = "ATTRIBUTES"; String ATTRIBUTE_KEYS = "ATTRIBUTE_KEYS"; + String CONFIGURATION = "CONFIGURATION"; + + String GLOBAL_LOGOUT = "GLO"; + String IGNORE_SIGNATURES = "IGNORE_SIGNATURES"; + String PRINCIPAL_ID = "jboss_identity.principal"; String ROLES = "ROLES"; String ROLES_ID = "jboss_identity.roles"; + String ROLE_GENERATOR = "ROLE_GENERATOR"; String ROLE_VALIDATOR = "ROLE_VALIDATOR"; + String SIGN_OUTGOING_MESSAGES = "SIGN_OUTGOING_MESSAGES"; String USERNAME_FIELD = "JBID_USERNAME"; Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-09 18:59:17 UTC (rev 831) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-09 19:54:41 UTC (rev 832) @@ -209,7 +209,11 @@ response.sendError(saml2HandlerResponse.getErrorCode()); break; } - saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); + String glo = request.getParameter(GeneralConstants.GLOBAL_LOGOUT); + if(isNotNull(glo) && "true".equalsIgnoreCase(glo)) + saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.LOGOUT); + else + saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse); } } Modified: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2009-10-09 18:59:17 UTC (rev 831) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2009-10-09 19:54:41 UTC (rev 832) @@ -45,6 +45,7 @@ import org.jboss.identity.federation.web.core.IdentityServer; import org.jboss.identity.federation.web.filters.SPFilter; import org.jboss.identity.federation.web.servlets.IDPServlet; +import org.jboss.identity.federation.web.util.PostBindingUtil; import org.jboss.test.identity.federation.web.mock.MockContextClassLoader; import org.jboss.test.identity.federation.web.mock.MockFilterChain; import org.jboss.test.identity.federation.web.mock.MockFilterConfig; @@ -66,10 +67,66 @@ { private String profile = "saml2/logout"; private ClassLoader tcl = Thread.currentThread().getContextClassLoader(); + private String employee = "http://localhost:8080/employee/"; + private String identity = "http://localhost:8080/idp/"; + /** + * Test that the SP web filter generates the logout request + * to the IDP when there is a parameter "GLO" set to true + * @see {@code GeneralConstants#GLOBAL_LOGOUT} + * @throws Exception + */ public void testSPFilterLogOutRequestGeneration() throws Exception - { + { + MockHttpSession session = new MockHttpSession(); + session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal() + { + public String getName() + { + return "anil"; + } + }); + List<String> rolesList = new ArrayList<String>(); + rolesList.add("manager"); + session.setAttribute(GeneralConstants.ROLES_ID, rolesList); + + ServletContext servletContext = new MockServletContext(); + + //Let us feed the LogOutRequest to the SPFilter + MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee"); + Thread.currentThread().setContextClassLoader(mclSPEmp); + SPFilter spEmpl = new SPFilter(); + MockFilterConfig filterConfig = new MockFilterConfig(servletContext); + filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true"); + + spEmpl.init(filterConfig); + + MockHttpSession filterSession = new MockHttpSession(); + MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST"); + filterRequest.addParameter(GeneralConstants.GLOBAL_LOGOUT, "true"); + + MockHttpServletResponse filterResponse = new MockHttpServletResponse(); + ByteArrayOutputStream filterbaos = new ByteArrayOutputStream(); + filterResponse.setWriter(new PrintWriter(filterbaos)); + + spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain()); + + + String spResponse = new String(filterbaos.toByteArray()); + Document spHTMLResponse = DocumentUtil.getDocument(spResponse); + NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT"); + Element inputElement = (Element)nodes.item(0); + String logoutRequest = inputElement.getAttributeNode("VALUE").getValue(); + String relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + byte[] b64Decoded = PostBindingUtil.base64Decode(logoutRequest); + SAML2Request saml2Request = new SAML2Request(); + LogoutRequestType lor = + (LogoutRequestType) saml2Request.getRequestType(new ByteArrayInputStream(b64Decoded)); + assertEquals("Match Employee URL", employee, lor.getIssuer().getValue()); } public void testSAML2LogOutFromIDPServlet() throws Exception

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r831 - in identity-federation/trunk: assembly and 27 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 14:59:17 -0400 (Fri, 09 Oct 2009) New Revision: 831 Modified: identity-federation/trunk/assembly/pom.xml identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml identity-federation/trunk/jboss-identity-bindings/pom.xml identity-federation/trunk/jboss-identity-fed-api/pom.xml identity-federation/trunk/jboss-identity-fed-core/pom.xml identity-federation/trunk/jboss-identity-fed-model/pom.xml identity-federation/trunk/jboss-identity-seam/pom.xml identity-federation/trunk/jboss-identity-web/pom.xml identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/trunk/jboss-identity-webapps/employee/pom.xml identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml identity-federation/trunk/jboss-identity-webapps/idp/pom.xml identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml identity-federation/trunk/jboss-identity-webapps/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml identity-federation/trunk/jboss-identity-webapps/sales/pom.xml identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml identity-federation/trunk/parent/pom.xml identity-federation/trunk/pom.xml Log: [maven-release-plugin] prepare for next development iteration Modified: identity-federation/trunk/assembly/pom.xml =================================================================== --- identity-federation/trunk/assembly/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/assembly/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-bindings/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-api/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-core/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-seam/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-seam/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-seam/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -3,7 +3,7 @@ <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent </artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-web/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-web/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,13 +2,13 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>circleoftrust</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <packaging>war</packaging> <name>JBoss Identity Federation Circle Of Trust</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> Modified: identity-federation/trunk/jboss-identity-webapps/employee/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -3,7 +3,7 @@ <parent> <artifactId>jboss-identity-federation-webapps</artifactId> <groupId>org.jboss.identity</groupId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> </parent> <groupId>org.jboss.identity</groupId> <artifactId>fed-example</artifactId> Modified: identity-federation/trunk/jboss-identity-webapps/idp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-webapps/sales/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../</relativePath> </parent> <modelVersion>4.0.0</modelVersion> @@ -14,19 +14,19 @@ <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-model</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-api</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-bindings</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <scope>provided</scope> </dependency> </dependencies> Modified: identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/parent/pom.xml =================================================================== --- identity-federation/trunk/parent/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/parent/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -8,7 +8,7 @@ <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> <packaging>pom</packaging> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <name>JBoss Identity Federation- Parent</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> @@ -23,8 +23,8 @@ <url>http://www.jboss.org</url> </organization> <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> + <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> </scm> <build> Modified: identity-federation/trunk/pom.xml =================================================================== --- identity-federation/trunk/pom.xml 2009-10-09 18:58:19 UTC (rev 830) +++ identity-federation/trunk/pom.xml 2009-10-09 18:59:17 UTC (rev 831) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta3.pre</version> + <version>1.0.0.beta2-SNAPSHOT</version> <relativePath>parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion>

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r830 - in identity-federation/tags: 1.0.0.beta3.pre and 50 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 14:58:19 -0400 (Fri, 09 Oct 2009) New Revision: 830 Added: identity-federation/tags/1.0.0.beta3.pre/ identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/test/resources/config/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/resources/saml2/ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml identity-federation/tags/1.0.0.beta3.pre/pom.xml Removed: identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml identity-federation/tags/1.0.0.beta3.pre/pom.xml Log: [maven-release-plugin] copy for tag 1.0.0.beta3.pre Copied: identity-federation/tags/1.0.0.beta3.pre (from rev 827, identity-federation/trunk) Deleted: identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml =================================================================== --- identity-federation/trunk/assembly/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,63 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation- Assembly</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-assembly-plugin</artifactId> - <version>2.1</version> - <executions> - <execution> - <phase>package</phase> - <goals> - <goal>attached</goal> - </goals> - </execution> - </executions> - <configuration> - <archive> - <manifestEntries> - <Specification-Title>JBoss Identity</Specification-Title> - <Specification-Version>${project.version}</Specification-Version> - <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor> - <Implementation-Title>JBoss Identity</Implementation-Title> - <Implementation-Version>${project.version}</Implementation-Version> - <Implementation-VendorId>org.jboss.security</Implementation-VendorId> - <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor> - <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Implementation-URL> - </manifestEntries> - </archive> - <descriptors> - <descriptor>bin.xml</descriptor> - <descriptor>sources.xml</descriptor> - </descriptors> - </configuration> - <inherited>false</inherited> - </plugin> - </plugins> - </build> - -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml (from rev 829, identity-federation/trunk/assembly/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/assembly/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,63 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation- Assembly</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>2.1</version> + <executions> + <execution> + <phase>package</phase> + <goals> + <goal>attached</goal> + </goals> + </execution> + </executions> + <configuration> + <archive> + <manifestEntries> + <Specification-Title>JBoss Identity</Specification-Title> + <Specification-Version>${project.version}</Specification-Version> + <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor> + <Implementation-Title>JBoss Identity</Implementation-Title> + <Implementation-Version>${project.version}</Implementation-Version> + <Implementation-VendorId>org.jboss.security</Implementation-VendorId> + <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor> + <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Implementation-URL> + </manifestEntries> + </archive> + <descriptors> + <descriptor>bin.xml</descriptor> + <descriptor>sources.xml</descriptor> + </descriptors> + </configuration> + <inherited>false</inherited> + </plugin> + </plugins> + </build> + +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,242 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-bindings</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Server Bindings</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - -  - <profiles> - <profile> - <id>exclude-long-tests</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <excludes> - <exclude>**/integration/*TestCase.java</exclude> - </excludes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - . <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - </profile> - - <profile> - <id>long-tests</id> - <activation> - <activeByDefault>false</activeByDefault> - </activation> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <childDelegation>true</childDelegation> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/integration/*TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - . <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> - - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-web</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>nekohtml</groupId> - <artifactId>nekohtml</artifactId> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>httpclient</artifactId> - <version>3.0.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-codec</artifactId> - <version>1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>catalina</artifactId> - <version>6.0.18</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>coyote</artifactId> - <version>6.0.18</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.9.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>tomcat-util</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>naming-resources</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>tomcat-http</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - <version>1.0.3</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-modeler</groupId> - <artifactId>commons-modeler</artifactId> - <version>1.1patch</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty-util</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-bindings/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,242 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-bindings</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Server Bindings</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + +  + <profiles> + <profile> + <id>exclude-long-tests</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <excludes> + <exclude>**/integration/*TestCase.java</exclude> + </excludes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + . <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + </profile> + + <profile> + <id>long-tests</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <childDelegation>true</childDelegation> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/integration/*TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + . <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> + + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-web</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.4</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>nekohtml</groupId> + <artifactId>nekohtml</artifactId> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>httpclient</artifactId> + <version>3.0.1</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-codec</artifactId> + <version>1.3</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>catalina</artifactId> + <version>6.0.18</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>coyote</artifactId> + <version>6.0.18</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.9.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>tomcat-util</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>naming-resources</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>tomcat-http</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + <version>1.0.3</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-modeler</groupId> + <artifactId>commons-modeler</artifactId> + <version>1.1patch</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty-util</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,119 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-bindings-jboss</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Server Bindings for JBoss</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-bindings</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>catalina</artifactId> - <version>6.0.18</version> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-security-spi</artifactId> - <version>2.0.4</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbosssx</artifactId> - <version>2.0.4</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,119 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-bindings-jboss</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Server Bindings for JBoss</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-bindings</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.4</version> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>catalina</artifactId> + <version>6.0.18</version> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jboss-security-spi</artifactId> + <version>2.0.4</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbosssx</artifactId> + <version>2.0.4</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,161 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-api</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Consolidated API</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation API contains the API to be used by the users of JBoss Identity Federation.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-core</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxws</groupId> - <artifactId>jaxws-api</artifactId> - <version>2.1.1</version> - </dependency> - <dependency> - <groupId>org.openid4java</groupId> - <artifactId>openid4java</artifactId> - </dependency> - <dependency> - <groupId>nekohtml</groupId> - <artifactId>nekohtml</artifactId> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.9.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.jboss.ws.native</groupId> - <artifactId>jbossws-native-client</artifactId> - <version>3.1.2.SP3</version> - <scope>test</scope> - <exclusions> - <exclusion> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.jboss</groupId> - <artifactId>jboss-common-core</artifactId> - <version>2.2.14.GA</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.jboss</groupId> - <artifactId>jbossxb</artifactId> - <version>2.0.1.GA</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-fed-api/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,161 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-api</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Consolidated API</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation API contains the API to be used by the users of JBoss Identity Federation.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-core</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxws</groupId> + <artifactId>jaxws-api</artifactId> + <version>2.1.1</version> + </dependency> + <dependency> + <groupId>org.openid4java</groupId> + <artifactId>openid4java</artifactId> + </dependency> + <dependency> + <groupId>nekohtml</groupId> + <artifactId>nekohtml</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.9.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.jboss.ws.native</groupId> + <artifactId>jbossws-native-client</artifactId> + <version>3.1.2.SP3</version> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.jboss</groupId> + <artifactId>jboss-common-core</artifactId> + <version>2.2.14.GA</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.jboss</groupId> + <artifactId>jbossxb</artifactId> + <version>2.0.1.GA</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,322 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.api.saml.v2.request; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.Writer; - -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.parsers.ParserConfigurationException; - -import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; -import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.jboss.identity.federation.core.util.JAXBUtil; -import org.jboss.identity.federation.saml.v2.assertion.NameIDType; -import org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; - -/** - * API for SAML2 Request - * @author Anil.Saldhana(a)redhat.com - * @since Jan 5, 2009 - */ -public class SAML2Request -{ - private SAMLDocumentHolder samlDocumentHolder = null; - - /** - * Create an authentication request - * @param id - * @param assertionConsumerURL - * @param destination - * @param issuerValue - * @return - * @throws ConfigurationException - */ - public AuthnRequestType createAuthnRequestType(String id, - String assertionConsumerURL, - String destination, - String issuerValue) throws ConfigurationException - { - return JBossSAMLAuthnRequestFactory.createAuthnRequestType( - id, assertionConsumerURL, destination, issuerValue); - } - - /** - * Get AuthnRequestType from a file - * @param fileName file with the serialized AuthnRequestType - * @return AuthnRequestType - * @throws SAXException - * @throws JAXBException - * @throws IllegalArgumentException if the input fileName is null - * IllegalStateException if the InputStream from the fileName is null - */ - public AuthnRequestType getAuthnRequestType(String fileName) throws JAXBException, SAXException - { - if(fileName == null) - throw new IllegalArgumentException("fileName is null"); - ClassLoader tcl = SecurityActions.getContextClassLoader(); - InputStream is = tcl.getResourceAsStream(fileName); - return getAuthnRequestType(is); - } - - /** - * Get the Binder - * @return - * @throws JAXBException - */ - public Binder<Node> getBinder() throws JAXBException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class); - return jaxb.createBinder(); - } - - /** - * Get a Request Type from Input Stream - * @param is - * @return - * @throws SAXException - * @throws JAXBException - * @throws IOException - * @throws - * @throws IllegalArgumentException inputstream is null - */ - @SuppressWarnings("unchecked") - public RequestAbstractType getRequestType(InputStream is) throws ParsingException, IOException - { - if(is == null) - throw new IllegalStateException("InputStream is null"); - - Document samlDocument = null; - //First parse the Document - try - { - samlDocument = DocumentUtil.getDocument(is); - } - catch (ParserConfigurationException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } - - try - { - Binder<Node> binder = getBinder(); - JAXBElement<RequestAbstractType> jaxbAuthnRequestType = (JAXBElement<RequestAbstractType>) binder.unmarshal(samlDocument); - RequestAbstractType requestType = jaxbAuthnRequestType.getValue(); - samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); - return requestType; - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - } - - /** - * Get the AuthnRequestType from an input stream - * @param is Inputstream containing the AuthnRequest - * @return - * @throws SAXException - * @throws JAXBException - * @throws IllegalArgumentException inputstream is null - */ - @SuppressWarnings("unchecked") - public AuthnRequestType getAuthnRequestType(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalStateException("InputStream is null"); - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - - Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate); - JAXBElement<AuthnRequestType> jaxbAuthnRequestType = (JAXBElement<AuthnRequestType>) un.unmarshal(is); - return jaxbAuthnRequestType.getValue(); - } - - - /** - * Get the parsed {@code SAMLDocumentHolder} - * @return - */ - public SAMLDocumentHolder getSamlDocumentHolder() - { - return samlDocumentHolder; - } - - /** - * Create a Logout Request - * @param issuer - * @return - * @throws ConfigurationException - */ - public LogoutRequestType createLogoutRequest(String issuer) throws ConfigurationException - { - org.jboss.identity.federation.saml.v2.protocol.ObjectFactory of - = new org.jboss.identity.federation.saml.v2.protocol.ObjectFactory(); - LogoutRequestType lrt = of.createLogoutRequestType(); - lrt.setIssueInstant(XMLTimeUtil.getIssueInstant()); - - //Create an issuer - NameIDType issuerNameID = JBossSAMLBaseFactory.createNameID(); - issuerNameID.setValue(issuer); - lrt.setIssuer(issuerNameID); - - return lrt; - } - - /** - * Parse an XACML Authorization Decision Query from an xml file - * @param resourceName - * @return - * @throws JAXBException - */ - public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(String resourceName) throws JAXBException - { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - InputStream is = tcl.getResourceAsStream(resourceName); - return this.parseXACMLDecisionQuery(is); - } - - /** - * XACMLAuthorizationDecisionQuery from an input stream - * @param is The InputStream where the xacml query exists - * @return - * @throws JAXBException - */ - @SuppressWarnings("unchecked") - public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(InputStream is) throws JAXBException - { - if(is == null) - throw new IllegalArgumentException("Inputstream is null"); - - String samlPath = "org.jboss.identity.federation.saml.v2.protocol"; - String xacmlPath = "org.jboss.security.xacml.core.model.context"; - String xsAssert = "org.jboss.identity.federation.saml.v2.profiles.xacml.assertion"; - String xsProto = "org.jboss.identity.federation.saml.v2.profiles.xacml.protocol"; - String path = samlPath + ":" + xacmlPath + ":" + xsAssert + ":" + xsProto; - - JAXBContext jaxb = JAXBUtil.getJAXBContext(path); - Unmarshaller un = jaxb.createUnmarshaller(); - - JAXBElement<RequestAbstractType> jaxbRequestType = (JAXBElement<RequestAbstractType>) un.unmarshal(is); - RequestAbstractType req = jaxbRequestType.getValue(); - if(req instanceof XACMLAuthzDecisionQueryType == false) - throw new IllegalStateException("Not of type XACMLAuthzDecisionQueryType"); - - return (XACMLAuthzDecisionQueryType) req; - } - - /** - * Return the DOM object - * @param rat - * @return - * @throws SAXException - * @throws IOException - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(RequestAbstractType rat) - throws SAXException, IOException, JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(rat), doc); - return doc; - } - - /** - * Convert a SAML2 Response into a Document - * @param responseType - * @return - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(responseType), doc); - return doc; - } - - /** - * Marshall the AuthnRequestType to an output stream - * @param requestType - * @param os - * @throws JAXBException - * @throws SAXException - */ - public void marshall(RequestAbstractType requestType, OutputStream os) throws SAXException, JAXBException - { - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - - Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); - JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); - marshaller.marshal(j, os); - } - - /** - * Marshall the AuthnRequestType to a writer - * @param requestType - * @param writer - * @throws JAXBException - * @throws SAXException - */ - public void marshall(RequestAbstractType requestType, Writer writer) throws SAXException, JAXBException - { - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - - Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); - JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); - marshaller.marshal(j, writer); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java (from rev 828, identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,365 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.api.saml.v2.request; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.Writer; + +import javax.xml.bind.Binder; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.parsers.ParserConfigurationException; + +import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; +import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.xml.sax.SAXException; + +/** + * API for SAML2 Request + * @author Anil.Saldhana(a)redhat.com + * @since Jan 5, 2009 + */ +public class SAML2Request +{ + private SAMLDocumentHolder samlDocumentHolder = null; + + /** + * Create an authentication request + * @param id + * @param assertionConsumerURL + * @param destination + * @param issuerValue + * @return + * @throws ConfigurationException + */ + public AuthnRequestType createAuthnRequestType(String id, + String assertionConsumerURL, + String destination, + String issuerValue) throws ConfigurationException + { + return JBossSAMLAuthnRequestFactory.createAuthnRequestType( + id, assertionConsumerURL, destination, issuerValue); + } + + /** + * Get AuthnRequestType from a file + * @param fileName file with the serialized AuthnRequestType + * @return AuthnRequestType + * @throws SAXException + * @throws JAXBException + * @throws IllegalArgumentException if the input fileName is null + * IllegalStateException if the InputStream from the fileName is null + */ + public AuthnRequestType getAuthnRequestType(String fileName) throws JAXBException, SAXException + { + if(fileName == null) + throw new IllegalArgumentException("fileName is null"); + ClassLoader tcl = SecurityActions.getContextClassLoader(); + InputStream is = tcl.getResourceAsStream(fileName); + return getAuthnRequestType(is); + } + + /** + * Get the Binder + * @return + * @throws JAXBException + */ + public Binder<Node> getBinder() throws JAXBException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class); + return jaxb.createBinder(); + } + + /** + * Get the Underlying SAML2Object from the input stream + * @param is + * @return + * @throws IOException + * @throws ParsingException + */ + @SuppressWarnings("unchecked") + public SAML2Object getSAML2ObjectFromStream(InputStream is) throws IOException, ParsingException + { + if(is == null) + throw new IllegalStateException("InputStream is null"); + + Document samlDocument = null; + //First parse the Document + try + { + samlDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + + try + { + Binder<Node> binder = getBinder(); + JAXBElement<SAML2Object> jaxbAuthnRequestType = (JAXBElement<SAML2Object>) binder.unmarshal(samlDocument); + SAML2Object requestType = jaxbAuthnRequestType.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); + return requestType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + /** + * Get a Request Type from Input Stream + * @param is + * @return + * @throws SAXException + * @throws JAXBException + * @throws IOException + * @throws + * @throws IllegalArgumentException inputstream is null + */ + @SuppressWarnings("unchecked") + public RequestAbstractType getRequestType(InputStream is) throws ParsingException, IOException + { + if(is == null) + throw new IllegalStateException("InputStream is null"); + + Document samlDocument = null; + //First parse the Document + try + { + samlDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + + try + { + Binder<Node> binder = getBinder(); + JAXBElement<RequestAbstractType> jaxbAuthnRequestType = (JAXBElement<RequestAbstractType>) binder.unmarshal(samlDocument); + RequestAbstractType requestType = jaxbAuthnRequestType.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); + return requestType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + /** + * Get the AuthnRequestType from an input stream + * @param is Inputstream containing the AuthnRequest + * @return + * @throws SAXException + * @throws JAXBException + * @throws IllegalArgumentException inputstream is null + */ + @SuppressWarnings("unchecked") + public AuthnRequestType getAuthnRequestType(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalStateException("InputStream is null"); + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + + Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate); + JAXBElement<AuthnRequestType> jaxbAuthnRequestType = (JAXBElement<AuthnRequestType>) un.unmarshal(is); + return jaxbAuthnRequestType.getValue(); + } + + + /** + * Get the parsed {@code SAMLDocumentHolder} + * @return + */ + public SAMLDocumentHolder getSamlDocumentHolder() + { + return samlDocumentHolder; + } + + /** + * Create a Logout Request + * @param issuer + * @return + * @throws ConfigurationException + */ + public LogoutRequestType createLogoutRequest(String issuer) throws ConfigurationException + { + org.jboss.identity.federation.saml.v2.protocol.ObjectFactory of + = new org.jboss.identity.federation.saml.v2.protocol.ObjectFactory(); + LogoutRequestType lrt = of.createLogoutRequestType(); + lrt.setIssueInstant(XMLTimeUtil.getIssueInstant()); + + //Create an issuer + NameIDType issuerNameID = JBossSAMLBaseFactory.createNameID(); + issuerNameID.setValue(issuer); + lrt.setIssuer(issuerNameID); + + return lrt; + } + + /** + * Parse an XACML Authorization Decision Query from an xml file + * @param resourceName + * @return + * @throws JAXBException + */ + public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(String resourceName) throws JAXBException + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + InputStream is = tcl.getResourceAsStream(resourceName); + return this.parseXACMLDecisionQuery(is); + } + + /** + * XACMLAuthorizationDecisionQuery from an input stream + * @param is The InputStream where the xacml query exists + * @return + * @throws JAXBException + */ + @SuppressWarnings("unchecked") + public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(InputStream is) throws JAXBException + { + if(is == null) + throw new IllegalArgumentException("Inputstream is null"); + + String samlPath = "org.jboss.identity.federation.saml.v2.protocol"; + String xacmlPath = "org.jboss.security.xacml.core.model.context"; + String xsAssert = "org.jboss.identity.federation.saml.v2.profiles.xacml.assertion"; + String xsProto = "org.jboss.identity.federation.saml.v2.profiles.xacml.protocol"; + String path = samlPath + ":" + xacmlPath + ":" + xsAssert + ":" + xsProto; + + JAXBContext jaxb = JAXBUtil.getJAXBContext(path); + Unmarshaller un = jaxb.createUnmarshaller(); + + JAXBElement<RequestAbstractType> jaxbRequestType = (JAXBElement<RequestAbstractType>) un.unmarshal(is); + RequestAbstractType req = jaxbRequestType.getValue(); + if(req instanceof XACMLAuthzDecisionQueryType == false) + throw new IllegalStateException("Not of type XACMLAuthzDecisionQueryType"); + + return (XACMLAuthzDecisionQueryType) req; + } + + /** + * Return the DOM object + * @param rat + * @return + * @throws SAXException + * @throws IOException + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(RequestAbstractType rat) + throws SAXException, IOException, JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(RequestAbstractType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document doc = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(rat), doc); + return doc; + } + + /** + * Convert a SAML2 Response into a Document + * @param responseType + * @return + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document doc = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(responseType), doc); + return doc; + } + + /** + * Marshall the AuthnRequestType to an output stream + * @param requestType + * @param os + * @throws JAXBException + * @throws SAXException + */ + public void marshall(RequestAbstractType requestType, OutputStream os) throws SAXException, JAXBException + { + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + + Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); + JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); + marshaller.marshal(j, os); + } + + /** + * Marshall the AuthnRequestType to a writer + * @param requestType + * @param writer + * @throws JAXBException + * @throws SAXException + */ + public void marshall(RequestAbstractType requestType, Writer writer) throws SAXException, JAXBException + { + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + + Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate); + JAXBElement<?> j = JAXBElementMappingUtil.get(requestType); + marshaller.marshal(j, writer); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,383 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.api.saml.v2.response; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.Writer; -import java.util.Arrays; -import java.util.List; - -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.datatype.XMLGregorianCalendar; -import javax.xml.parsers.ParserConfigurationException; - -import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; -import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; -import org.jboss.identity.federation.core.util.JAXBUtil; -import org.jboss.identity.federation.saml.v2.assertion.ActionType; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeType; -import org.jboss.identity.federation.saml.v2.assertion.AuthnContextType; -import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.jboss.identity.federation.saml.v2.assertion.AuthzDecisionStatementType; -import org.jboss.identity.federation.saml.v2.assertion.DecisionType; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.jboss.identity.federation.saml.v2.assertion.EvidenceType; -import org.jboss.identity.federation.saml.v2.assertion.NameIDType; -import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; - -/** - * API for dealing with SAML2 Response objects - * @author Anil.Saldhana(a)redhat.com - * @since Jan 5, 2009 - */ -public class SAML2Response -{ - private SAMLDocumentHolder samlDocumentHolder = null; - - /** - * Create an assertion - * @param id - * @param issuer - * @return - */ - public AssertionType createAssertion(String id, NameIDType issuer) - { - return AssertionUtil.createAssertion(id, issuer); - } - - /** - * Create an AuthnStatement - * @param authnContextDeclRef such as JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT - * @param issueInstant - * @return - */ - public AuthnStatementType createAuthnStatement(String authnContextDeclRef, - XMLGregorianCalendar issueInstant) - { - ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); - AuthnStatementType authnStatement = objectFactory.createAuthnStatementType(); - authnStatement.setAuthnInstant(issueInstant); - AuthnContextType act = objectFactory.createAuthnContextType(); - String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get(); - act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef)); - authnStatement.setAuthnContext(act); - return authnStatement; - } - - /** - * Create an Authorization Decision Statement Type - * @param resource - * @param decision - * @param evidence - * @param actions - * @return - */ - public AuthzDecisionStatementType createAuthzDecisionStatementType(String resource, - DecisionType decision, - EvidenceType evidence, - ActionType... actions) - { - ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); - AuthzDecisionStatementType authzDecST = objectFactory.createAuthzDecisionStatementType(); - authzDecST.setResource(resource); - authzDecST.setDecision(decision); - if(evidence != null) - authzDecST.setEvidence(evidence); - - if(actions != null) - { - authzDecST.getAction().addAll(Arrays.asList(actions)); - } - - return authzDecST; - } - - /** - * Given a set of roles, create an attribute statement - * @param roles - * @return - */ - public AttributeStatementType createAttributeStatement(List<String> roles) - { - AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); - for(String role: roles) - { - AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role); - attrStatement.getAttributeOrEncryptedAttribute().add(attr); - } - return attrStatement; - } - - /** - * Create a ResponseType - * @param ID id of the response - * @param sp holder with the information about the Service Provider - * @param idp holder with the information on the Identity Provider - * @param issuerInfo holder with information on the issuer - * @return - * @throws ConfigurationException - */ - public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo) - throws ConfigurationException - { - return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp, issuerInfo); - } - - /** - * Create an empty response type - * @return - */ - public ResponseType createResponseType() - { - return JBossSAMLAuthnResponseFactory.createResponseType(); - } - - /** - * Create a ResponseType - * @param ID - * @param issuerInfo - * @param assertion - * @return - * @throws ConfigurationException - */ - public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertion) - throws ConfigurationException - { - return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo, assertion); - } - - /** - * Add validity conditions to the SAML2 Assertion - * @param assertion - * @param durationInMilis - * @throws ConfigurationException - * @throws IssueInstantMissingException - */ - public void createTimedConditions(AssertionType assertion, long durationInMilis) - throws ConfigurationException, IssueInstantMissingException - { - AssertionUtil.createTimedConditions(assertion, durationInMilis); - } - - /** - * Get an encrypted assertion from the stream - * @param is - * @return - * @throws SAXException - * @throws JAXBException - */ - @SuppressWarnings("unchecked") - public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); - JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is); - return jaxb.getValue(); - } - - /** - * Read an assertion from an input stream - * @param is - * @return - * @throws JAXBException - * @throws SAXException - */ - @SuppressWarnings("unchecked") - public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); - JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is); - return jaxb.getValue(); - } - - /** - * Get the parsed {@code SAMLDocumentHolder} - * @return - */ - public SAMLDocumentHolder getSamlDocumentHolder() - { - return samlDocumentHolder; - } - - /** - * Read a ResponseType from an input stream - * @param is - * @return - * @throws ParsingException - * @throws ConfigurationException - */ - @SuppressWarnings("unchecked") - public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Document samlResponseDocument = null; - //Read the DOM - try - { - samlResponseDocument = DocumentUtil.getDocument(is); - } - catch (ParserConfigurationException e) - { - throw new ConfigurationException(e); - } - catch (IOException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } - try - { - Binder<Node> binder = getBinder(); - JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) binder.unmarshal(samlResponseDocument); - ResponseType responseType = jaxbResponseType.getValue(); - samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); - return responseType; - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - } - - - - /** - * Convert an EncryptedElement into a Document - * @param encryptedElementType - * @return - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(EncryptedElementType encryptedElementType) - throws JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); - return doc; - } - - /** - * Get the Binder - * @return - * @throws JAXBException - */ - public Binder<Node> getBinder() throws JAXBException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); - return jaxb.createBinder(); - } - - /** - * Convert a SAML2 Response into a Document - * @param responseType - * @return - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document responseDocument = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(responseType), responseDocument); - return responseDocument; - } - - /** - * Marshall the response type to the output stream - * <p> <b>Note:</b> JAXB marshaller by default picks up arbitrary namespace - * prefixes (ns2,ns3 etc). The NamespacePrefixMapper is a Sun RI customization - * that may be needed (this is a TODO) to get a prefix such as saml, samlp </b> - * - * @param responseType - * @param os - * @throws SAXException - * @throws JAXBException - */ - public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException - { - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions - .getSystemProperty(key, "false")); - - Marshaller marshaller = JBossSAMLAuthnResponseFactory - .getValidatingMarshaller(validate); - JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory() - .createResponse(responseType); - marshaller.marshal(jaxb, os); - } - - /** - * Marshall the ResponseType into a writer - * @param responseType - * @param writer - * @throws SAXException - * @throws JAXBException - */ - public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException - { - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller(); - JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - marshaller.marshal(jaxb, writer); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java (from rev 828, identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,429 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.api.saml.v2.response; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.Writer; +import java.util.Arrays; +import java.util.List; + +import javax.xml.bind.Binder; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.datatype.XMLGregorianCalendar; +import javax.xml.parsers.ParserConfigurationException; + +import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; +import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.ActionType; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeType; +import org.jboss.identity.federation.saml.v2.assertion.AuthnContextType; +import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AuthzDecisionStatementType; +import org.jboss.identity.federation.saml.v2.assertion.DecisionType; +import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; +import org.jboss.identity.federation.saml.v2.assertion.EvidenceType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.xml.sax.SAXException; + +/** + * API for dealing with SAML2 Response objects + * @author Anil.Saldhana(a)redhat.com + * @since Jan 5, 2009 + */ +public class SAML2Response +{ + private SAMLDocumentHolder samlDocumentHolder = null; + + /** + * Create an assertion + * @param id + * @param issuer + * @return + */ + public AssertionType createAssertion(String id, NameIDType issuer) + { + return AssertionUtil.createAssertion(id, issuer); + } + + /** + * Create an AuthnStatement + * @param authnContextDeclRef such as JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT + * @param issueInstant + * @return + */ + public AuthnStatementType createAuthnStatement(String authnContextDeclRef, + XMLGregorianCalendar issueInstant) + { + ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); + AuthnStatementType authnStatement = objectFactory.createAuthnStatementType(); + authnStatement.setAuthnInstant(issueInstant); + AuthnContextType act = objectFactory.createAuthnContextType(); + String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get(); + act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef)); + authnStatement.setAuthnContext(act); + return authnStatement; + } + + /** + * Create an Authorization Decision Statement Type + * @param resource + * @param decision + * @param evidence + * @param actions + * @return + */ + public AuthzDecisionStatementType createAuthzDecisionStatementType(String resource, + DecisionType decision, + EvidenceType evidence, + ActionType... actions) + { + ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); + AuthzDecisionStatementType authzDecST = objectFactory.createAuthzDecisionStatementType(); + authzDecST.setResource(resource); + authzDecST.setDecision(decision); + if(evidence != null) + authzDecST.setEvidence(evidence); + + if(actions != null) + { + authzDecST.getAction().addAll(Arrays.asList(actions)); + } + + return authzDecST; + } + + /** + * Given a set of roles, create an attribute statement + * @param roles + * @return + */ + public AttributeStatementType createAttributeStatement(List<String> roles) + { + AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); + for(String role: roles) + { + AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role); + attrStatement.getAttributeOrEncryptedAttribute().add(attr); + } + return attrStatement; + } + + /** + * Create a ResponseType + * @param ID id of the response + * @param sp holder with the information about the Service Provider + * @param idp holder with the information on the Identity Provider + * @param issuerInfo holder with information on the issuer + * @return + * @throws ConfigurationException + */ + public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo) + throws ConfigurationException + { + return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp, issuerInfo); + } + + /** + * Create an empty response type + * @return + */ + public ResponseType createResponseType() + { + return JBossSAMLAuthnResponseFactory.createResponseType(); + } + + /** + * Create a ResponseType + * @param ID + * @param issuerInfo + * @param assertion + * @return + * @throws ConfigurationException + */ + public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertion) + throws ConfigurationException + { + return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo, assertion); + } + + /** + * Add validity conditions to the SAML2 Assertion + * @param assertion + * @param durationInMilis + * @throws ConfigurationException + * @throws IssueInstantMissingException + */ + public void createTimedConditions(AssertionType assertion, long durationInMilis) + throws ConfigurationException, IssueInstantMissingException + { + AssertionUtil.createTimedConditions(assertion, durationInMilis); + } + + /** + * Get an encrypted assertion from the stream + * @param is + * @return + * @throws SAXException + * @throws JAXBException + */ + @SuppressWarnings("unchecked") + public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); + JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is); + return jaxb.getValue(); + } + + /** + * Read an assertion from an input stream + * @param is + * @return + * @throws JAXBException + * @throws SAXException + */ + @SuppressWarnings("unchecked") + public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); + JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is); + return jaxb.getValue(); + } + + /** + * Get the parsed {@code SAMLDocumentHolder} + * @return + */ + public SAMLDocumentHolder getSamlDocumentHolder() + { + return samlDocumentHolder; + } + + /** + * Read a ResponseType from an input stream + * @param is + * @return + * @throws ParsingException + * @throws ConfigurationException + */ + @SuppressWarnings("unchecked") + public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Document samlResponseDocument = null; + //Read the DOM + try + { + samlResponseDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ConfigurationException(e); + } + catch (IOException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + try + { + Binder<Node> binder = getBinder(); + JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) binder.unmarshal(samlResponseDocument); + ResponseType responseType = jaxbResponseType.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); + return responseType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + + /** + * Read a {@code SAML2Object} from an input stream + * @param is + * @return + * @throws ParsingException + * @throws ConfigurationException + */ + @SuppressWarnings("unchecked") + public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Document samlResponseDocument = null; + //Read the DOM + try + { + samlResponseDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ConfigurationException(e); + } + catch (IOException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + try + { + Binder<Node> binder = getBinder(); + JAXBElement<SAML2Object> saml2Object = (JAXBElement<SAML2Object>) binder.unmarshal(samlResponseDocument); + SAML2Object responseType = saml2Object.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); + return responseType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + /** + * Convert an EncryptedElement into a Document + * @param encryptedElementType + * @return + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(EncryptedElementType encryptedElementType) + throws JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(EncryptedElementType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document doc = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); + return doc; + } + + /** + * Get the Binder + * @return + * @throws JAXBException + */ + public Binder<Node> getBinder() throws JAXBException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); + return jaxb.createBinder(); + } + + /** + * Convert a SAML2 Response into a Document + * @param responseType + * @return + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(StatusResponseType responseType) throws JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBUtil.getJAXBContext(StatusResponseType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document responseDocument = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(responseType), responseDocument); + return responseDocument; + } + + /** + * Marshall the response type to the output stream + * <p> <b>Note:</b> JAXB marshaller by default picks up arbitrary namespace + * prefixes (ns2,ns3 etc). The NamespacePrefixMapper is a Sun RI customization + * that may be needed (this is a TODO) to get a prefix such as saml, samlp </b> + * + * @param responseType + * @param os + * @throws SAXException + * @throws JAXBException + */ + public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException + { + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions + .getSystemProperty(key, "false")); + + Marshaller marshaller = JBossSAMLAuthnResponseFactory + .getValidatingMarshaller(validate); + JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory() + .createResponse(responseType); + marshaller.marshal(jaxb, os); + } + + /** + * Marshall the ResponseType into a writer + * @param responseType + * @param writer + * @throws SAXException + * @throws JAXBException + */ + public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException + { + Marshaller marshaller = JBossSAMLAuthnResponseFactory.getMarshaller(); + JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + marshaller.marshal(jaxb, writer); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,171 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.api.saml.v2.sig; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.KeyPair; - -import javax.xml.bind.JAXBException; -import javax.xml.crypto.MarshalException; -import javax.xml.crypto.dsig.DigestMethod; -import javax.xml.crypto.dsig.SignatureMethod; -import javax.xml.crypto.dsig.XMLSignatureException; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactoryConfigurationError; -import javax.xml.xpath.XPathException; - -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.util.XMLSignatureUtil; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; - -/** - * Class that deals with SAML2 Signature - * @author Anil.Saldhana(a)redhat.com - * @since May 26, 2009 - */ -public class SAML2Signature -{ - private String signatureMethod = SignatureMethod.RSA_SHA1; - private String digestMethod = DigestMethod.SHA1; - - public String getSignatureMethod() - { - return signatureMethod; - } - - public void setSignatureMethod(String signatureMethod) - { - this.signatureMethod = signatureMethod; - } - - public String getDigestMethod() - { - return digestMethod; - } - - public void setDigestMethod(String digestMethod) - { - this.digestMethod = digestMethod; - } - - /** - * Sign an RequestType at the root - * @param request - * @param keypair Key Pair - * @param digestMethod (Example: DigestMethod.SHA1) - * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) - * @return - * @throws ParserConfigurationException - * @throws JAXBException - * @throws IOException - * @throws SAXException - * @throws XMLSignatureException - * @throws MarshalException - * @throws GeneralSecurityException - */ - public Document sign(RequestAbstractType request, KeyPair keypair) throws SAXException, IOException, JAXBException, ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException - { - SAML2Request saml2Request = new SAML2Request(); - Document doc = saml2Request.convert(request); - doc.normalize(); - - String referenceURI = "#" + request.getID(); - - return XMLSignatureUtil.sign(doc, - keypair, - digestMethod, signatureMethod, - referenceURI); - } - - /** - * Sign an ResponseType at the root - * @param response - * @param keypair Key Pair - * @param digestMethod (Example: DigestMethod.SHA1) - * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) - * @return - * @throws ParserConfigurationException - * @throws JAXBException - * @throws XMLSignatureException - * @throws MarshalException - * @throws GeneralSecurityException - */ - public Document sign(ResponseType response,KeyPair keypair) throws JAXBException, ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException - { - SAML2Response saml2Request = new SAML2Response(); - Document doc = saml2Request.convert(response); - doc.normalize(); - - String referenceURI = "#" + response.getID(); - - return XMLSignatureUtil.sign(doc, - keypair, - digestMethod, signatureMethod, - referenceURI); - } - - /** - * Sign an assertion whose id value is provided in the response type - * @param response - * @param idValueOfAssertion - * @param keypair - * @param referenceURI - * @return - * @throws ParserConfigurationException - * @throws JAXBException - * @throws TransformerException - * @throws TransformerFactoryConfigurationError - * @throws XPathException - * @throws XMLSignatureException - * @throws MarshalException - * @throws GeneralSecurityException - */ - public Document sign(ResponseType response, - String idValueOfAssertion, - KeyPair keypair, - String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException - { - SAML2Response saml2Response = new SAML2Response(); - Document doc = saml2Response.convert(response); - - - Node assertionNode = DocumentUtil.getNodeWithAttribute(doc, - JBossSAMLURIConstants.ASSERTION_NSURI.get(), - "Assertion", - "ID", - idValueOfAssertion); - - return XMLSignatureUtil.sign(doc, assertionNode, - keypair, - digestMethod, signatureMethod, - referenceURI); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java (from rev 828, identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,216 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.api.saml.v2.sig; + +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.security.KeyPair; + +import javax.xml.bind.JAXBException; +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.xpath.XPathException; + +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.util.XMLSignatureUtil; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.xml.sax.SAXException; + +/** + * Class that deals with SAML2 Signature + * @author Anil.Saldhana(a)redhat.com + * @since May 26, 2009 + */ +public class SAML2Signature +{ + private String signatureMethod = SignatureMethod.RSA_SHA1; + private String digestMethod = DigestMethod.SHA1; + + public String getSignatureMethod() + { + return signatureMethod; + } + + public void setSignatureMethod(String signatureMethod) + { + this.signatureMethod = signatureMethod; + } + + public String getDigestMethod() + { + return digestMethod; + } + + public void setDigestMethod(String digestMethod) + { + this.digestMethod = digestMethod; + } + + /** + * Sign an RequestType at the root + * @param request + * @param keypair Key Pair + * @param digestMethod (Example: DigestMethod.SHA1) + * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) + * @return + * @throws ParserConfigurationException + * @throws JAXBException + * @throws IOException + * @throws SAXException + * @throws XMLSignatureException + * @throws MarshalException + * @throws GeneralSecurityException + */ + public Document sign(RequestAbstractType request, KeyPair keypair) throws SAXException, IOException, JAXBException, ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException + { + SAML2Request saml2Request = new SAML2Request(); + Document doc = saml2Request.convert(request); + doc.normalize(); + + String referenceURI = "#" + request.getID(); + + return XMLSignatureUtil.sign(doc, + keypair, + digestMethod, signatureMethod, + referenceURI); + } + + /** + * Sign an ResponseType at the root + * @param response + * @param keypair Key Pair + * @param digestMethod (Example: DigestMethod.SHA1) + * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) + * @return + * @throws ParserConfigurationException + * @throws JAXBException + * @throws XMLSignatureException + * @throws MarshalException + * @throws GeneralSecurityException + */ + public Document sign(ResponseType response,KeyPair keypair) throws JAXBException, ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException + { + SAML2Response saml2Request = new SAML2Response(); + Document doc = saml2Request.convert(response); + doc.normalize(); + + return sign(doc, response.getID(), keypair); + } + + /** + * Sign an Document at the root + * @param response + * @param keypair Key Pair + * @param digestMethod (Example: DigestMethod.SHA1) + * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) + * @return + * @throws ParserConfigurationException + * @throws JAXBException + * @throws XMLSignatureException + * @throws MarshalException + * @throws GeneralSecurityException + */ + public Document sign(Document doc, + String referenceID, + KeyPair keypair) throws JAXBException, + ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException + { + String referenceURI = "#" + referenceID; + + return XMLSignatureUtil.sign(doc, + keypair, + digestMethod, signatureMethod, + referenceURI); + } + + /** + * Sign an assertion whose id value is provided in the response type + * @param response + * @param idValueOfAssertion + * @param keypair + * @param referenceURI + * @return + * @throws ParserConfigurationException + * @throws JAXBException + * @throws TransformerException + * @throws TransformerFactoryConfigurationError + * @throws XPathException + * @throws XMLSignatureException + * @throws MarshalException + * @throws GeneralSecurityException + */ + public Document sign(ResponseType response, + String idValueOfAssertion, + KeyPair keypair, + String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException + { + SAML2Response saml2Response = new SAML2Response(); + Document doc = saml2Response.convert(response); + + return sign(doc,idValueOfAssertion, keypair, referenceURI); + } + + /** + * Sign a document + * @param doc + * @param idValueOfAssertion + * @param keypair + * @param referenceURI + * @return + * @throws JAXBException + * @throws ParserConfigurationException + * @throws XPathException + * @throws TransformerFactoryConfigurationError + * @throws TransformerException + * @throws GeneralSecurityException + * @throws MarshalException + * @throws XMLSignatureException + */ + public Document sign(Document doc, + String idValueOfAssertion, + KeyPair keypair, + String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException + { + + Node assertionNode = DocumentUtil.getNodeWithAttribute(doc, + JBossSAMLURIConstants.ASSERTION_NSURI.get(), + "Assertion", + "ID", + idValueOfAssertion); + + return XMLSignatureUtil.sign(doc, assertionNode, + keypair, + digestMethod, signatureMethod, + referenceURI); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,148 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-core</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Core</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation Core contains the core infrastructure code</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>org.openid4java</groupId> - <artifactId>openid4java</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxws</groupId> - <artifactId>jaxws-api</artifactId> - <version>2.1.1</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>annotations-api</artifactId> - <version>6.0.18</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mockito</groupId> - <artifactId>mockito-all</artifactId> - <version>1.8.0</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.jboss.ws.native</groupId> - <artifactId>jbossws-native-client</artifactId> - <version>3.1.2.SP3</version> - <scope>test</scope> - <exclusions> - <exclusion> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.jboss</groupId> - <artifactId>jboss-common-core</artifactId> - <version>2.2.14.GA</version> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-fed-core/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,148 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-core</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Core</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation Core contains the core infrastructure code</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>org.openid4java</groupId> + <artifactId>openid4java</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxws</groupId> + <artifactId>jaxws-api</artifactId> + <version>2.1.1</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>annotations-api</artifactId> + <version>6.0.18</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-all</artifactId> + <version>1.8.0</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.jboss.ws.native</groupId> + <artifactId>jbossws-native-client</artifactId> + <version>3.1.2.SP3</version> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.jboss</groupId> + <artifactId>jboss-common-core</artifactId> + <version>2.2.14.GA</version> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,31 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.interfaces; + +/** + * Marker Interface + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public interface ProtocolContext +{ +} Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,74 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.saml.v2.common; - -import org.w3c.dom.Document; - -/** - * A Holder class that can store - * the SAML object as well as the corresponding - * DOM object. - * It is thread safe because each thread - * can have only one instance of this class - * @author Anil.Saldhana(a)redhat.com - * @since Aug 13, 2009 - */ -public class SAMLDocumentHolder -{ - private Object samlObject; - private Document samlDocument; - - public SAMLDocumentHolder(Object samlObject) - { - this.samlObject = samlObject; - } - - public SAMLDocumentHolder(Document samlDocument) - { - this.samlDocument = samlDocument; - } - - public SAMLDocumentHolder(Object samlObject, Document samlDocument) - { - this.samlObject = samlObject; - this.samlDocument = samlDocument; - } - public Object getSamlObject() - { - return samlObject; - } - - public void setSamlObject(Object samlObject) - { - this.samlObject = samlObject; - } - - public Document getSamlDocument() - { - return samlDocument; - } - - public void setSamlDocument(Document samlDocument) - { - this.samlDocument = samlDocument; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,77 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.common; + +import org.w3c.dom.Document; + +/** + * A Holder class that can store + * the SAML object as well as the corresponding + * DOM object. + * + * Users of this class need to make it threadsafe + * by having one instance per thread (ThreadLocal) + * + * @author Anil.Saldhana(a)redhat.com + * @since Aug 13, 2009 + */ +public class SAMLDocumentHolder +{ + private Object samlObject; + private Document samlDocument; + + public SAMLDocumentHolder(Object samlObject) + { + this.samlObject = samlObject; + } + + public SAMLDocumentHolder(Document samlDocument) + { + this.samlDocument = samlDocument; + } + + public SAMLDocumentHolder(Object samlObject, Document samlDocument) + { + this.samlObject = samlObject; + this.samlDocument = samlDocument; + } + + public Object getSamlObject() + { + return samlObject; + } + + public void setSamlObject(Object samlObject) + { + this.samlObject = samlObject; + } + + public Document getSamlDocument() + { + return samlDocument; + } + + public void setSamlDocument(Document samlDocument) + { + this.samlDocument = samlDocument; + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,91 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.jboss.identity.federation.core.config.KeyValueType; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.handler.config.Handler; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; + +/** + * Deals with SAML2 Handlers + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class HandlerUtil +{ + public static Set<SAML2Handler> getHandlers(Handlers handlers) throws ConfigurationException + { + if(handlers == null) + throw new IllegalArgumentException("handlers is null"); + List<Handler> handlerList = handlers.getHandler(); + + Set<SAML2Handler> handlerSet = new HashSet<SAML2Handler>(); + + for(Handler handler : handlerList) + { + String clazzName = handler.getClazz(); + + ClassLoader tcl = SecurityActions.getContextClassLoader(); + Class<?> clazz; + try + { + clazz = tcl.loadClass(clazzName); + + SAML2Handler samlhandler = (SAML2Handler) clazz.newInstance(); + List<KeyValueType> options = handler.getOption(); + + Map<String, Object> mapOptions = new HashMap<String, Object>(); + + for(KeyValueType kvtype : options) + { + mapOptions.put(kvtype.getKey(), kvtype.getValue()); + } + samlhandler.init(mapOptions); + + handlerSet.add(samlhandler); + } + catch (ClassNotFoundException e) + { + throw new ConfigurationException(e); + } + catch (InstantiationException e) + { + throw new ConfigurationException(e); + } + catch (IllegalAccessException e) + { + throw new ConfigurationException(e); + } + } + + return handlerSet; + } + +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,129 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.saml.v2.util; - -import javax.xml.bind.JAXBElement; - -import org.jboss.identity.federation.core.factories.SOAPFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; -import org.jboss.identity.federation.core.saml.v2.factories.XACMLStatementFactory; -import org.jboss.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; -import org.jboss.identity.federation.saml.v2.protocol.ArtifactResolveType; -import org.jboss.identity.federation.saml.v2.protocol.AssertionIDRequestType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; -import org.jboss.identity.federation.saml.v2.protocol.ManageNameIDRequestType; -import org.jboss.identity.federation.saml.v2.protocol.NameIDMappingRequestType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; - -/** - * Maps various saml/xacml types to their corresponding JAXBElement - * @author Anil.Saldhana(a)redhat.com - * @since Jan 22, 2009 - */ -public class JAXBElementMappingUtil -{ - /** - * Get the JAXBElement for the request type - * @param requestAbstractType - * @return - */ - public static JAXBElement<?> get(RequestAbstractType requestAbstractType) - { - if(requestAbstractType instanceof AuthnRequestType) - { - AuthnRequestType art = (AuthnRequestType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createAuthnRequest(art); - } - - if(requestAbstractType instanceof LogoutRequestType) - { - LogoutRequestType lrt = (LogoutRequestType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createLogoutRequest(lrt); - } - if(requestAbstractType instanceof AssertionIDRequestType) - { - AssertionIDRequestType airt = (AssertionIDRequestType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createAssertionIDRequest(airt); - } - if(requestAbstractType instanceof NameIDMappingRequestType) - { - NameIDMappingRequestType airt = (NameIDMappingRequestType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createNameIDMappingRequest(airt); - } - if(requestAbstractType instanceof ArtifactResolveType) - { - ArtifactResolveType airt = (ArtifactResolveType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createArtifactResolve(airt); - } - if(requestAbstractType instanceof ManageNameIDRequestType) - { - ManageNameIDRequestType airt = (ManageNameIDRequestType) requestAbstractType; - return SAMLProtocolFactory.getObjectFactory().createManageNameIDRequest(airt); - } - throw new IllegalArgumentException("Unknown Type:"+requestAbstractType); - } - - /** - * Get the JAXBElement for an encrypted assertion - * @param encryptedAssertion - * @return - */ - public static JAXBElement<?> get(EncryptedElementType encryptedAssertion) - { - return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion); - } - - /** - * Get the JAXBElement for response - * @param responseType - * @return - */ - public static JAXBElement<?> get(ResponseType responseType) - { - return SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - } - - /** - * Get the JAXBElement for a SOAP envelope - * @param envelope - * @return - */ - public static JAXBElement<?> get(Envelope envelope) - { - return SOAPFactory.getObjectFactory().createEnvelope(envelope); - } - - /** - * Get the JAXBElement for an XACML authorization statement - * @param xacmlStatement - * @return - */ - public static JAXBElement<?> get(XACMLAuthzDecisionStatementType xacmlStatement) - { - return XACMLStatementFactory.getObjectFactory().createXACMLAuthzDecisionStatement(xacmlStatement); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,149 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import javax.xml.bind.JAXBElement; + +import org.jboss.identity.federation.core.factories.SOAPFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; +import org.jboss.identity.federation.core.saml.v2.factories.XACMLStatementFactory; +import org.jboss.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope; +import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; +import org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; +import org.jboss.identity.federation.saml.v2.protocol.ArtifactResolveType; +import org.jboss.identity.federation.saml.v2.protocol.ArtifactResponseType; +import org.jboss.identity.federation.saml.v2.protocol.AssertionIDRequestType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ManageNameIDRequestType; +import org.jboss.identity.federation.saml.v2.protocol.NameIDMappingRequestType; +import org.jboss.identity.federation.saml.v2.protocol.NameIDMappingResponseType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; + +/** + * Maps various saml/xacml types to their corresponding JAXBElement + * @author Anil.Saldhana(a)redhat.com + * @since Jan 22, 2009 + */ +public class JAXBElementMappingUtil +{ + /** + * Get the JAXBElement for the request type + * @param requestAbstractType + * @return + */ + public static JAXBElement<?> get(RequestAbstractType requestAbstractType) + { + if(requestAbstractType instanceof AuthnRequestType) + { + AuthnRequestType art = (AuthnRequestType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createAuthnRequest(art); + } + + if(requestAbstractType instanceof LogoutRequestType) + { + LogoutRequestType lrt = (LogoutRequestType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createLogoutRequest(lrt); + } + if(requestAbstractType instanceof AssertionIDRequestType) + { + AssertionIDRequestType airt = (AssertionIDRequestType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createAssertionIDRequest(airt); + } + if(requestAbstractType instanceof NameIDMappingRequestType) + { + NameIDMappingRequestType airt = (NameIDMappingRequestType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createNameIDMappingRequest(airt); + } + if(requestAbstractType instanceof ArtifactResolveType) + { + ArtifactResolveType airt = (ArtifactResolveType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createArtifactResolve(airt); + } + if(requestAbstractType instanceof ManageNameIDRequestType) + { + ManageNameIDRequestType airt = (ManageNameIDRequestType) requestAbstractType; + return SAMLProtocolFactory.getObjectFactory().createManageNameIDRequest(airt); + } + throw new IllegalArgumentException("Unknown Type:"+requestAbstractType); + } + + /** + * Get the JAXBElement for an encrypted assertion + * @param encryptedAssertion + * @return + */ + public static JAXBElement<?> get(EncryptedElementType encryptedAssertion) + { + return SAMLAssertionFactory.getObjectFactory().createEncryptedAssertion(encryptedAssertion); + } + + /** + * Get the JAXBElement for response + * @param responseType + * @return + */ + public static JAXBElement<?> get(StatusResponseType statusResponseType) + { + if(statusResponseType instanceof ResponseType) + { + ResponseType responseType = (ResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + } + else if(statusResponseType instanceof NameIDMappingResponseType) + { + NameIDMappingResponseType nameIDResponseType = (NameIDMappingResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createNameIDMappingResponse(nameIDResponseType); + } + else if(statusResponseType instanceof StatusResponseType) + { + StatusResponseType srt = (StatusResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createLogoutResponse(srt); + } + + ArtifactResponseType artifactResponse = (ArtifactResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createArtifactResponse(artifactResponse); + } + + /** + * Get the JAXBElement for a SOAP envelope + * @param envelope + * @return + */ + public static JAXBElement<?> get(Envelope envelope) + { + return SOAPFactory.getObjectFactory().createEnvelope(envelope); + } + + /** + * Get the JAXBElement for an XACML authorization statement + * @param xacmlStatement + * @return + */ + public static JAXBElement<?> get(XACMLAuthzDecisionStatementType xacmlStatement) + { + return XACMLStatementFactory.getObjectFactory().createXACMLAuthzDecisionStatement(xacmlStatement); + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,83 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.security.AccessController; +import java.security.PrivilegedAction; + +/** + * Privileged Blocks + * @author Anil.Saldhana(a)redhat.com + * @since Dec 9, 2008 + */ +class SecurityActions +{ + /** + * Get the Thread Context ClassLoader + * @return + */ + static ClassLoader getContextClassLoader() + { + return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() + { + public ClassLoader run() + { + return Thread.currentThread().getContextClassLoader(); + } + }); + } + + /** + * Set the system property + * @param key + * @param defaultValue + * @return + */ + static void setSystemProperty(final String key, final String value) + { + AccessController.doPrivileged(new PrivilegedAction<Object>() + { + public Object run() + { + System.setProperty(key, value); + return null; + } + }); + } + + /** + * Get the system property + * @param key + * @param defaultValue + * @return + */ + static String getSystemProperty(final String key, final String defaultValue) + { + return AccessController.doPrivileged(new PrivilegedAction<String>() + { + public String run() + { + return System.getProperty(key, defaultValue); + } + }); + } +} Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,206 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.util; - -import java.net.URL; -import java.util.HashMap; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; - -import org.apache.log4j.Logger; -import org.xml.sax.ErrorHandler; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; - -/** - * Utility to obtain JAXB2 marshaller/unmarshaller etc - * @author Anil.Saldhana(a)redhat.com - * @since May 26, 2009 - */ -public class JAXBUtil -{ - private static Logger log = Logger.getLogger(JAXBUtil.class); - private static boolean trace = log.isTraceEnabled(); - - public static final String W3C_XML_SCHEMA_NS_URI = "http://www.w3.org/2001/XMLSchema"; - - private static HashMap<String,JAXBContext> jaxbContextHash = new HashMap<String, JAXBContext>(); - - static - { - //Useful on Sun VMs. Harmless on other VMs. - SecurityActions.setSystemProperty("com.sun.xml.bind.v2.runtime.JAXBContextImpl.fastBoot", "true"); - } - - /** - * Get the JAXB Marshaller - * @param pkgName The package name for the jaxb context - * @param schemaLocation location of the schema to validate against - * @return Marshaller - * @throws JAXBException - * @throws SAXException - */ - public static Marshaller getValidatingMarshaller(String pkgName, String schemaLocation) - throws JAXBException, SAXException - { - Marshaller marshaller = getMarshaller(pkgName); - - //Validate against schema - Schema schema = getJAXPSchemaInstance(schemaLocation); - marshaller.setSchema(schema); - - return marshaller; - } - - /** - * Get the JAXB Marshaller - * @param pkgName The package name for the jaxb context - * @return Marshaller - * @throws JAXBException - */ - public static Marshaller getMarshaller(String pkgName) throws JAXBException - { - if(pkgName == null) - throw new IllegalArgumentException("pkgName is null"); - - JAXBContext jc = getJAXBContext(pkgName); - Marshaller marshaller = jc.createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8"); - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.FALSE); //Breaks signatures - return marshaller; - } - - /** - * Get the JAXB Unmarshaller - * @param pkgName The package name for the jaxb context - * @return unmarshaller - * @throws JAXBException - */ - public static Unmarshaller getUnmarshaller(String pkgName) throws JAXBException - { - if(pkgName == null) - throw new IllegalArgumentException("pkgName is null"); - JAXBContext jc = getJAXBContext(pkgName); - return jc.createUnmarshaller(); - } - - /** - * Get the JAXB Unmarshaller - * @param pkgName The package name for the jaxb context - * @param schemaLocation location of the schema to validate against - * @return unmarshaller - * @throws JAXBException - * @throws SAXException - */ - public static Unmarshaller getValidatingUnmarshaller(String pkgName, String schemaLocation) - throws JAXBException, SAXException - { - Unmarshaller unmarshaller = getUnmarshaller(pkgName); - Schema schema = getJAXPSchemaInstance(schemaLocation); - unmarshaller.setSchema(schema); - - return unmarshaller; - } - - private static Schema getJAXPSchemaInstance(String schemaLocation) throws SAXException - { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - URL schemaURL = tcl.getResource(schemaLocation); - if(schemaURL == null) - throw new IllegalStateException("Schema URL is null:" + schemaLocation); - SchemaFactory scFact = SchemaFactory.newInstance(W3C_XML_SCHEMA_NS_URI); - - //Always install the resolver unless the system property is set - if(SecurityActions.getSystemProperty("org.jboss.identity.federation.jaxb.ls", null) == null) - scFact.setResourceResolver( new IDFedLSInputResolver()); - - scFact.setErrorHandler(new ErrorHandler() - { - public void error(SAXParseException exception) throws SAXException - { - StringBuilder builder = new StringBuilder(); - builder.append("Line Number=").append(exception.getLineNumber()); - builder.append(" Col Number=").append(exception.getColumnNumber()); - builder.append(" Public ID=").append(exception.getPublicId()); - builder.append(" System ID=").append(exception.getSystemId()); - builder.append(" exc=").append(exception.getLocalizedMessage()); - - if(trace) log.trace("SAX Error:" + builder.toString()); - } - - public void fatalError(SAXParseException exception) throws SAXException - { - StringBuilder builder = new StringBuilder(); - builder.append("Line Number=").append(exception.getLineNumber()); - builder.append(" Col Number=").append(exception.getColumnNumber()); - builder.append(" Public ID=").append(exception.getPublicId()); - builder.append(" System ID=").append(exception.getSystemId()); - builder.append(" exc=").append(exception.getLocalizedMessage()); - - log.error("SAX Fatal Error:" + builder.toString()); - } - - public void warning(SAXParseException exception) throws SAXException - { - StringBuilder builder = new StringBuilder(); - builder.append("Line Number=").append(exception.getLineNumber()); - builder.append(" Col Number=").append(exception.getColumnNumber()); - builder.append(" Public ID=").append(exception.getPublicId()); - builder.append(" System ID=").append(exception.getSystemId()); - builder.append(" exc=").append(exception.getLocalizedMessage()); - - if(trace) log.trace("SAX Warn:" + builder.toString()); - } - }); - Schema schema = scFact.newSchema(schemaURL); - return schema; - } - - public static JAXBContext getJAXBContext(String path) throws JAXBException - { - JAXBContext jx = jaxbContextHash.get(path); - if(jx == null) - { - jx = JAXBContext.newInstance(path); - jaxbContextHash.put(path, jx); - } - return jx; - } - - public static JAXBContext getJAXBContext(Class<?> clazz) throws JAXBException - { - String clazzName = clazz.getName(); - - JAXBContext jx = jaxbContextHash.get(clazzName); - if(jx == null) - { - jx = JAXBContext.newInstance(clazz); - jaxbContextHash.put(clazzName, jx); - } - return jx; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,296 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.util; + +import java.io.IOException; +import java.net.URL; +import java.util.HashMap; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Source; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; + +import org.apache.log4j.Logger; +import org.xml.sax.ErrorHandler; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +/** + * Utility to obtain JAXB2 marshaller/unmarshaller etc + * @author Anil.Saldhana(a)redhat.com + * @since May 26, 2009 + */ +public class JAXBUtil +{ + private static Logger log = Logger.getLogger(JAXBUtil.class); + private static boolean trace = log.isTraceEnabled(); + + public static final String W3C_XML_SCHEMA_NS_URI = "http://www.w3.org/2001/XMLSchema"; + + private static HashMap<String,JAXBContext> jaxbContextHash = new HashMap<String, JAXBContext>(); + + static + { + //Useful on Sun VMs. Harmless on other VMs. + SecurityActions.setSystemProperty("com.sun.xml.bind.v2.runtime.JAXBContextImpl.fastBoot", "true"); + } + + /** + * Get the JAXB Marshaller + * @param pkgName The package name for the jaxb context + * @param schemaLocation location of the schema to validate against + * @return Marshaller + * @throws JAXBException + * @throws SAXException + */ + public static Marshaller getValidatingMarshaller(String pkgName, String schemaLocation) + throws JAXBException, SAXException + { + Marshaller marshaller = getMarshaller(pkgName); + + //Validate against schema + Schema schema = getJAXPSchemaInstance(schemaLocation); + marshaller.setSchema(schema); + + return marshaller; + } + + /** + * Get the JAXB Marshaller + * @param pkgName The package name for the jaxb context + * @return Marshaller + * @throws JAXBException + */ + public static Marshaller getMarshaller(String pkgName) throws JAXBException + { + if(pkgName == null) + throw new IllegalArgumentException("pkgName is null"); + + JAXBContext jc = getJAXBContext(pkgName); + Marshaller marshaller = jc.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8"); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.FALSE); //Breaks signatures + return marshaller; + } + + /** + * Get the JAXB Unmarshaller + * @param pkgName The package name for the jaxb context + * @return unmarshaller + * @throws JAXBException + */ + public static Unmarshaller getUnmarshaller(String pkgName) throws JAXBException + { + if(pkgName == null) + throw new IllegalArgumentException("pkgName is null"); + JAXBContext jc = getJAXBContext(pkgName); + return jc.createUnmarshaller(); + } + + /** + * Get the JAXB Unmarshaller for a selected set + * of package names + * @param pkgNames + * @return + * @throws JAXBException + */ + public static Unmarshaller getUnmarshaller(String... pkgNames) throws JAXBException + { + if(pkgNames == null) + throw new IllegalArgumentException("pkgName is null"); + int len = pkgNames.length; + if(len == 0) + return getUnmarshaller(pkgNames[0]); + + JAXBContext jc = getJAXBContext(pkgNames); + return jc.createUnmarshaller(); + } + + /** + * Get the JAXB Unmarshaller + * @param pkgName The package name for the jaxb context + * @param schemaLocation location of the schema to validate against + * @return unmarshaller + * @throws JAXBException + * @throws SAXException + */ + public static Unmarshaller getValidatingUnmarshaller(String pkgName, String schemaLocation) + throws JAXBException, SAXException + { + Unmarshaller unmarshaller = getUnmarshaller(pkgName); + Schema schema = getJAXPSchemaInstance(schemaLocation); + unmarshaller.setSchema(schema); + + return unmarshaller; + } + + public static Unmarshaller getValidatingUnmarshaller(String[] pkgNames, + String[] schemaLocations) throws JAXBException,SAXException, IOException + { + StringBuilder builder = new StringBuilder(); + int len = pkgNames.length; + if(len == 0) + throw new IllegalArgumentException("Packages are empty"); + + for(String pkg:pkgNames) + { + builder.append(pkg); + builder.append(":"); + } + + Unmarshaller unmarshaller = getUnmarshaller(builder.toString()); + + SchemaFactory schemaFactory = getSchemaFactory(); + + //Get the sources + Source[] schemaSources = new Source[schemaLocations.length]; + + ClassLoader tcl = SecurityActions.getContextClassLoader(); + + int i=0; + for(String schemaLocation : schemaLocations) + { + URL schemaURL = tcl.getResource(schemaLocation); + if(schemaURL == null) + throw new IllegalStateException("Schema URL is null:" + schemaLocation); + + schemaSources[i++] = new StreamSource(schemaURL.openStream()); + } + + Schema schema = schemaFactory.newSchema(schemaSources); + unmarshaller.setSchema(schema); + + return unmarshaller; + } + + private static Schema getJAXPSchemaInstance(String schemaLocation) throws SAXException + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + URL schemaURL = tcl.getResource(schemaLocation); + if(schemaURL == null) + throw new IllegalStateException("Schema URL is null:" + schemaLocation); + SchemaFactory scFact = getSchemaFactory(); + Schema schema = scFact.newSchema(schemaURL); + return schema; + } + + private static SchemaFactory getSchemaFactory() + { + SchemaFactory scFact = SchemaFactory.newInstance(W3C_XML_SCHEMA_NS_URI); + + //Always install the resolver unless the system property is set + if(SecurityActions.getSystemProperty("org.jboss.identity.federation.jaxb.ls", null) == null) + scFact.setResourceResolver( new IDFedLSInputResolver()); + + scFact.setErrorHandler(new ErrorHandler() + { + public void error(SAXParseException exception) throws SAXException + { + StringBuilder builder = new StringBuilder(); + builder.append("Line Number=").append(exception.getLineNumber()); + builder.append(" Col Number=").append(exception.getColumnNumber()); + builder.append(" Public ID=").append(exception.getPublicId()); + builder.append(" System ID=").append(exception.getSystemId()); + builder.append(" exc=").append(exception.getLocalizedMessage()); + + if(trace) log.trace("SAX Error:" + builder.toString()); + } + + public void fatalError(SAXParseException exception) throws SAXException + { + StringBuilder builder = new StringBuilder(); + builder.append("Line Number=").append(exception.getLineNumber()); + builder.append(" Col Number=").append(exception.getColumnNumber()); + builder.append(" Public ID=").append(exception.getPublicId()); + builder.append(" System ID=").append(exception.getSystemId()); + builder.append(" exc=").append(exception.getLocalizedMessage()); + + log.error("SAX Fatal Error:" + builder.toString()); + } + + public void warning(SAXParseException exception) throws SAXException + { + StringBuilder builder = new StringBuilder(); + builder.append("Line Number=").append(exception.getLineNumber()); + builder.append(" Col Number=").append(exception.getColumnNumber()); + builder.append(" Public ID=").append(exception.getPublicId()); + builder.append(" System ID=").append(exception.getSystemId()); + builder.append(" exc=").append(exception.getLocalizedMessage()); + + if(trace) log.trace("SAX Warn:" + builder.toString()); + } + }); + return scFact; + } + + public static JAXBContext getJAXBContext(String path) throws JAXBException + { + JAXBContext jx = jaxbContextHash.get(path); + if(jx == null) + { + jx = JAXBContext.newInstance(path); + jaxbContextHash.put(path, jx); + } + return jx; + } + + public static JAXBContext getJAXBContext(String... paths) throws JAXBException + { + int len = paths.length; + if (len == 0) + return getJAXBContext(paths[0]); + + StringBuilder builder = new StringBuilder(); + for(String path: paths) + { + builder.append(path).append(":"); + } + + String finalPath = builder.toString(); + + JAXBContext jx = jaxbContextHash.get(finalPath); + if(jx == null) + { + jx = JAXBContext.newInstance(finalPath); + jaxbContextHash.put(finalPath, jx); + } + return jx; + } + + public static JAXBContext getJAXBContext(Class<?> clazz) throws JAXBException + { + String clazzName = clazz.getName(); + + JAXBContext jx = jaxbContextHash.get(clazzName); + if(jx == null) + { + jx = JAXBContext.newInstance(clazz); + jaxbContextHash.put(clazzName, jx); + } + return jx; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,376 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2009, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.wstrust; - -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.transform.Source; -import javax.xml.transform.dom.DOMSource; - -import org.apache.log4j.Logger; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.util.JAXBUtil; -import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken; -import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse; -import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken; -import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; -import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; -import org.jboss.identity.federation.ws.trust.ObjectFactory; -import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType; -import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * <p> - * This factory implements utility methods for converting between JAXB model objects and XML source. - * </p> - * - * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> - */ -public class WSTrustJAXBFactory -{ - private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class); - private boolean trace = log.isTraceEnabled(); - - private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory(); - - private Marshaller marshaller; - - private Unmarshaller unmarshaller; - - private Binder<Node> binder; - - private final ObjectFactory objectFactory; - - private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>(); - - /** - * <p> - * Creates the {@code WSTrustJAXBFactory} singleton instance. - * </p> - */ - private WSTrustJAXBFactory() - { - try - { - this.marshaller = JAXBUtil.getMarshaller(this.getPackages()); - this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages()); - this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder(); - this.objectFactory = new ObjectFactory(); - } - catch (JAXBException e) - { - throw new RuntimeException(e.getMessage(), e); - } - } - - /** - * <p> - * Gets a reference to the singleton instance. - * </p> - * - * @return a reference to the {@code WSTrustJAXBFactory} instance. - */ - public static WSTrustJAXBFactory getInstance() - { - return instance; - } - - private String getPackages() - { - StringBuilder packages = new StringBuilder(); - packages.append("org.jboss.identity.federation.ws.addressing"); - packages.append(":org.jboss.identity.federation.ws.policy"); - packages.append(":org.jboss.identity.federation.ws.trust"); - packages.append(":org.jboss.identity.federation.ws.wss.secext"); - packages.append(":org.jboss.identity.federation.ws.wss.utility"); - return packages.toString(); - } - - /** - * <p> - * Creates a {@code BaseRequestSecurityToken} from the specified XML source. - * </p> - * - * @param request - * the XML source containing the security token request message. - * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code - * RequestSecurityToken} the message contains a single token request, and an instance of {@code - * RequestSecurityTokenCollection} if multiples requests are being made in the same message. - * @throws ParsingException - */ - @SuppressWarnings("unchecked") - public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws ParsingException - { - // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling. - Node documentNode = ((DOMSource) request).getNode(); - Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); - - JAXBElement<RequestSecurityTokenType> jaxbRST; - try - { - Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE); - if(rst == null) - throw new RuntimeException("Request Security Token node not found"); - - jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst); - - RequestSecurityTokenType rstt = jaxbRST.getValue(); - holders.set(new SAMLDocumentHolder(rstt, document)); - return new RequestSecurityToken(rstt); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - } - - /** - * <p> - * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source. - * </p> - * - * @param response - * the XML source containing the security token response message. - * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust - * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}. - */ - public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) - { - // if the response contains an issued token, we must preserve it from the JAXB unmarshalling. - Element tokenElement = null; - Node documentNode = ((DOMSource) response).getNode(); - Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); - Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken", - WSTrustConstants.BASE_NAMESPACE); - if (requestedTokenNode != null) - tokenElement = (Element) requestedTokenNode.getFirstChild(); - - try - { - Object object = this.unmarshaller.unmarshal(response); - if (object instanceof JAXBElement) - { - JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response); - if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class)) - { - RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection( - (RequestSecurityTokenResponseCollectionType) element.getValue()); - // insert the security token in the parsed response. - if (tokenElement != null) - { - RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0); - parsedResponse.getRequestedSecurityToken().setAny(tokenElement); - } - return collection; - } - else - throw new RuntimeException("Invalid response type: " + element.getDeclaredType()); - } - else - throw new RuntimeException("Invalid response type: " + object.getClass().getName()); - } - catch (Exception e) - { - throw new RuntimeException("Failed to unmarshall security token response", e); - } - } - - /** - * <p> - * Creates a {@code javax.xml.transform.Source} from the specified request object. - * </p> - * - * @param request - * a {@code RequestSecurityToken} representing the object model of the security token request. - * @return the constructed {@code Source} instance. - */ - public Source marshallRequestSecurityToken(RequestSecurityToken request) - { - Element targetElement = null; - // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling. - String requestType = request.getRequestType().toString(); - if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) - { - targetElement = (Element) request.getValidateTarget().getAny(); - request.getValidateTarget().setAny(null); - } - else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) - { - targetElement = (Element) request.getRenewTarget().getAny(); - request.getRenewTarget().setAny(null); - } - else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) - { - targetElement = (Element) request.getCancelTarget().getAny(); - request.getCancelTarget().setAny(null); - } - - Document result = null; - try - { - result = DocumentUtil.createDocument(); - this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result); - - // insert the original target in the appropriate element. - if (targetElement != null) - { - Node node = null; - if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) - node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE); - else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) - node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE); - else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) - node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE); - if(node == null) - throw new RuntimeException("Unsupported request type:" + requestType); - node.appendChild(result.importNode(targetElement, true)); - } - } - catch (Exception e) - { - throw new RuntimeException("Failed to marshall security token request", e); - } - - return DocumentUtil.getXMLSource(result); - } - - /** - * <p> - * Creates a {@code javax.xml.transform.Source} from the specified response object. - * </p> - * - * @param collection - * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token - * response. - * @return the constructed {@code Source} instance. - */ - public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection) - { - if (collection.getRequestSecurityTokenResponses().size() == 0) - throw new IllegalArgumentException("The response collection must contain at least one response"); - - // if the response contains an issued token, we must preserve it from the JAXB marshaling. - Element tokenElement = null; - RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0); - if (response.getRequestedSecurityToken() != null) - { - tokenElement = (Element) response.getRequestedSecurityToken().getAny(); - // we don't want to marshall any token - it will be inserted in the DOM document later. - response.getRequestedSecurityToken().setAny(null); - } - - Document result = null; - try - { - // marshall the response to a document and insert the issued token directly on the document. - result = DocumentUtil.createDocument(); - this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection - .getDelegate()), result); - - // the document is a ws-trust template - we need to insert the token in the appropriate element. - if (tokenElement != null) - { - Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE); - node.appendChild(result.importNode(tokenElement, true)); - } - if(trace) - { - try - { - log.trace("Final RSTR doc:" + DocumentUtil.getDocumentAsString(result)); - - }catch(Exception ignore){} - } - - } - catch (Exception e) - { - throw new RuntimeException("Failed to marshall security token response", e); - } - return DocumentUtil.getXMLSource(result); - } - - /** - * Return the {@code SAMLDocumentHolder} for the thread - * @return - */ - public SAMLDocumentHolder getSAMLDocumentHolderOnThread() - { - return holders.get(); - } - - /** - * <p> - * Finds in the specified document a node that matches the specified name and namespace. - * </p> - * - * @param document - * the {@code Document} instance upon which the search is made. - * @param localName - * a {@code String} containing the local name of the searched node. - * @param namespace - * a {@code String} containing the namespace of the searched node. - * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first - * one will be returned. If no nodes were found according to the search parameters, then {@code null} is - * returned. - */ - private Node findNodeByNameNS(Document document, String localName, String namespace) - { - NodeList list = document.getElementsByTagNameNS(namespace, localName); - if (list == null || list.getLength() == 0) - // log("Unable to locate element " + localName + " with namespace " + namespace); - return null; - return list.item(0); - } - - /** - * <p> - * Searches the specified document for an element that represents a validate, renew, or cancel target. - * </p> - * - * @param document - * the {@code Document} upon which the search is to be made. - * @return an {@code Element} representing the validate, renew, or cancel target. - */ - /*private Element getValidateOrRenewOrCancelTarget(Document document) - { - Node target = this.findNodeByNameNS(document, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE); - if (target != null) - return (Element) target.getFirstChild(); - target = this.findNodeByNameNS(document, "RenewTarget", WSTrustConstants.BASE_NAMESPACE); - if (target != null) - return (Element) target.getFirstChild(); - target = this.findNodeByNameNS(document, "CancelTarget", WSTrustConstants.BASE_NAMESPACE); - if (target != null) - return (Element) target.getFirstChild(); - return null; - }*/ -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,377 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2009, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.wstrust; + +import javax.xml.bind.Binder; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMSource; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken; +import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse; +import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken; +import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse; +import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection; +import org.jboss.identity.federation.ws.trust.ObjectFactory; +import org.jboss.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType; +import org.jboss.identity.federation.ws.trust.RequestSecurityTokenType; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +/** + * <p> + * This factory implements utility methods for converting between JAXB model objects and XML source. + * </p> + * + * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a> + */ +public class WSTrustJAXBFactory +{ + private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class); + private boolean trace = log.isTraceEnabled(); + + private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory(); + + private Marshaller marshaller; + + private Unmarshaller unmarshaller; + + private Binder<Node> binder; + + private final ObjectFactory objectFactory; + + private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<SAMLDocumentHolder>(); + + /** + * <p> + * Creates the {@code WSTrustJAXBFactory} singleton instance. + * </p> + */ + private WSTrustJAXBFactory() + { + try + { + this.marshaller = JAXBUtil.getMarshaller(this.getPackages()); + this.unmarshaller = JAXBUtil.getUnmarshaller(this.getPackages()); + this.binder = JAXBUtil.getJAXBContext(this.getPackages()).createBinder(); + this.objectFactory = new ObjectFactory(); + } + catch (JAXBException e) + { + throw new RuntimeException(e.getMessage(), e); + } + } + + /** + * <p> + * Gets a reference to the singleton instance. + * </p> + * + * @return a reference to the {@code WSTrustJAXBFactory} instance. + */ + public static WSTrustJAXBFactory getInstance() + { + return instance; + } + + private String getPackages() + { + StringBuilder packages = new StringBuilder(); + packages.append("org.jboss.identity.federation.ws.addressing"); + packages.append(":org.jboss.identity.federation.ws.policy"); + packages.append(":org.jboss.identity.federation.ws.trust"); + packages.append(":org.jboss.identity.federation.ws.wss.secext"); + packages.append(":org.jboss.identity.federation.ws.wss.utility"); + return packages.toString(); + } + + /** + * <p> + * Creates a {@code BaseRequestSecurityToken} from the specified XML source. + * </p> + * + * @param request + * the XML source containing the security token request message. + * @return the constructed {@code BaseRequestSecurityToken} instance. It will be an instance of {@code + * RequestSecurityToken} the message contains a single token request, and an instance of {@code + * RequestSecurityTokenCollection} if multiples requests are being made in the same message. + * @throws ParsingException + */ + @SuppressWarnings("unchecked") + public BaseRequestSecurityToken parseRequestSecurityToken(Source request) throws ParsingException + { + // if the request contains a validate, cancel, or renew target, we must preserve it from JAXB unmarshalling. + Node documentNode = ((DOMSource) request).getNode(); + Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); + + JAXBElement<RequestSecurityTokenType> jaxbRST; + try + { + Node rst = this.findNodeByNameNS(document, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE); + if(rst == null) + throw new RuntimeException("Request Security Token node not found"); + + jaxbRST = (JAXBElement<RequestSecurityTokenType>) binder.unmarshal(rst); + + RequestSecurityTokenType rstt = jaxbRST.getValue(); + holders.set(new SAMLDocumentHolder(rstt, document)); + return new RequestSecurityToken(rstt); + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + /** + * <p> + * Creates a {@code BaseRequestSecurityTokenResponse} from the specified XML source. + * </p> + * + * @param response + * the XML source containing the security token response message. + * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust + * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}. + */ + @SuppressWarnings("unchecked") + public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) + { + // if the response contains an issued token, we must preserve it from the JAXB unmarshalling. + Element tokenElement = null; + Node documentNode = ((DOMSource) response).getNode(); + Document document = documentNode instanceof Document ? (Document) documentNode : documentNode.getOwnerDocument(); + Node requestedTokenNode = this.findNodeByNameNS(document, "RequestedSecurityToken", + WSTrustConstants.BASE_NAMESPACE); + if (requestedTokenNode != null) + tokenElement = (Element) requestedTokenNode.getFirstChild(); + + try + { + Object object = this.unmarshaller.unmarshal(response); + if (object instanceof JAXBElement) + { + JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response); + if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class)) + { + RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection( + (RequestSecurityTokenResponseCollectionType) element.getValue()); + // insert the security token in the parsed response. + if (tokenElement != null) + { + RequestSecurityTokenResponse parsedResponse = collection.getRequestSecurityTokenResponses().get(0); + parsedResponse.getRequestedSecurityToken().setAny(tokenElement); + } + return collection; + } + else + throw new RuntimeException("Invalid response type: " + element.getDeclaredType()); + } + else + throw new RuntimeException("Invalid response type: " + object.getClass().getName()); + } + catch (Exception e) + { + throw new RuntimeException("Failed to unmarshall security token response", e); + } + } + + /** + * <p> + * Creates a {@code javax.xml.transform.Source} from the specified request object. + * </p> + * + * @param request + * a {@code RequestSecurityToken} representing the object model of the security token request. + * @return the constructed {@code Source} instance. + */ + public Source marshallRequestSecurityToken(RequestSecurityToken request) + { + Element targetElement = null; + // if the request has a validate, cancel, or renew target, we must preserve it from JAXB marshaling. + String requestType = request.getRequestType().toString(); + if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) + { + targetElement = (Element) request.getValidateTarget().getAny(); + request.getValidateTarget().setAny(null); + } + else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) + { + targetElement = (Element) request.getRenewTarget().getAny(); + request.getRenewTarget().setAny(null); + } + else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) + { + targetElement = (Element) request.getCancelTarget().getAny(); + request.getCancelTarget().setAny(null); + } + + Document result = null; + try + { + result = DocumentUtil.createDocument(); + this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(request.getDelegate()), result); + + // insert the original target in the appropriate element. + if (targetElement != null) + { + Node node = null; + if (requestType.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) + node = this.findNodeByNameNS(result, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE); + else if (requestType.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) + node = this.findNodeByNameNS(result, "RenewTarget", WSTrustConstants.BASE_NAMESPACE); + else if (requestType.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) + node = this.findNodeByNameNS(result, "CancelTarget", WSTrustConstants.BASE_NAMESPACE); + if(node == null) + throw new RuntimeException("Unsupported request type:" + requestType); + node.appendChild(result.importNode(targetElement, true)); + } + } + catch (Exception e) + { + throw new RuntimeException("Failed to marshall security token request", e); + } + + return DocumentUtil.getXMLSource(result); + } + + /** + * <p> + * Creates a {@code javax.xml.transform.Source} from the specified response object. + * </p> + * + * @param collection + * a {@code RequestSecurityTokenResponseCollection} representing the object model of the security token + * response. + * @return the constructed {@code Source} instance. + */ + public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection collection) + { + if (collection.getRequestSecurityTokenResponses().size() == 0) + throw new IllegalArgumentException("The response collection must contain at least one response"); + + // if the response contains an issued token, we must preserve it from the JAXB marshaling. + Element tokenElement = null; + RequestSecurityTokenResponse response = collection.getRequestSecurityTokenResponses().get(0); + if (response.getRequestedSecurityToken() != null) + { + tokenElement = (Element) response.getRequestedSecurityToken().getAny(); + // we don't want to marshall any token - it will be inserted in the DOM document later. + response.getRequestedSecurityToken().setAny(null); + } + + Document result = null; + try + { + // marshall the response to a document and insert the issued token directly on the document. + result = DocumentUtil.createDocument(); + this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(collection + .getDelegate()), result); + + // the document is a ws-trust template - we need to insert the token in the appropriate element. + if (tokenElement != null) + { + Node node = this.findNodeByNameNS(result, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE); + node.appendChild(result.importNode(tokenElement, true)); + } + if(trace) + { + try + { + log.trace("Final RSTR doc:" + DocumentUtil.getDocumentAsString(result)); + + }catch(Exception ignore){} + } + + } + catch (Exception e) + { + throw new RuntimeException("Failed to marshall security token response", e); + } + return DocumentUtil.getXMLSource(result); + } + + /** + * Return the {@code SAMLDocumentHolder} for the thread + * @return + */ + public SAMLDocumentHolder getSAMLDocumentHolderOnThread() + { + return holders.get(); + } + + /** + * <p> + * Finds in the specified document a node that matches the specified name and namespace. + * </p> + * + * @param document + * the {@code Document} instance upon which the search is made. + * @param localName + * a {@code String} containing the local name of the searched node. + * @param namespace + * a {@code String} containing the namespace of the searched node. + * @return a {@code Node} representing the searched node. If more than one node is found in the document, the first + * one will be returned. If no nodes were found according to the search parameters, then {@code null} is + * returned. + */ + private Node findNodeByNameNS(Document document, String localName, String namespace) + { + NodeList list = document.getElementsByTagNameNS(namespace, localName); + if (list == null || list.getLength() == 0) + // log("Unable to locate element " + localName + " with namespace " + namespace); + return null; + return list.item(0); + } + + /** + * <p> + * Searches the specified document for an element that represents a validate, renew, or cancel target. + * </p> + * + * @param document + * the {@code Document} upon which the search is to be made. + * @return an {@code Element} representing the validate, renew, or cancel target. + */ + /*private Element getValidateOrRenewOrCancelTarget(Document document) + { + Node target = this.findNodeByNameNS(document, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE); + if (target != null) + return (Element) target.getFirstChild(); + target = this.findNodeByNameNS(document, "RenewTarget", WSTrustConstants.BASE_NAMESPACE); + if (target != null) + return (Element) target.getFirstChild(); + target = this.findNodeByNameNS(document, "CancelTarget", WSTrustConstants.BASE_NAMESPACE); + if (target != null) + return (Element) target.getFirstChild(); + return null; + }*/ +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,259 +0,0 @@ -/* - * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware - * LLC, and individual contributors by the @authors tag. See the copyright.txt - * in the distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it under the - * terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - * - * This software is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this software; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF - * site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.wstrust.handlers; - -import java.util.Collections; -import java.util.Iterator; -import java.util.Set; - -import javax.annotation.PostConstruct; -import javax.annotation.Resource; -import javax.xml.namespace.QName; -import javax.xml.soap.SOAPException; -import javax.xml.soap.SOAPHeader; -import javax.xml.soap.SOAPHeaderElement; -import javax.xml.ws.WebServiceException; -import javax.xml.ws.handler.MessageContext; -import javax.xml.ws.handler.soap.SOAPHandler; -import javax.xml.ws.handler.soap.SOAPMessageContext; - -import org.jboss.identity.federation.core.wstrust.STSClient; -import org.jboss.identity.federation.core.wstrust.STSClientConfig; -import org.jboss.identity.federation.core.wstrust.STSClientFactory; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.wstrust.WSTrustException; -import org.w3c.dom.Element; - -/** - * STSSecurityHandler is a server-side JAX-WS SOAP Protocol handler that will extract a - * Security Token from the SOAP Security Header and validate the token with the configured - * Security Token Service (STS). - * <p/> - * - * This class is abstract to simpify is usage as the intention is for a handler to be specified - * in a server side handler chain. Here different Security Header specifications and security token - * specifications can be specified using class names instead of using properties which would force - * users to finding and setting the correct namespaces. Hopefully this will be easier and less - * error prone. - * - * <h3>Concrete implementations</h3> - * Subclasses a required to implement two methods: - * <ul> - * <li> {@link #getSecurityElementQName()} - * This should return the qualified name of the security header. This lets us support - * different versions. </li> - * - * <li>{@link #getTokenElementQName()} - * This should return the qualified name of the security token element that should exist - * in the security header. This lets us support different tokens that can be validated - * with the configured STS.</li> - * </ul> - * - * <h3>Configuration</h3> - * handlerchain.xml example: - * <pre>{@code - * <?xml version="1.0" encoding="UTF-8"?> - * <jws:handler-config xmlns:jws="http://java.sun.com/xml/ns/javaee"> - * <jws:handler-chains> - * <jws:handler-chain> - * <jws:handler> - * <jws:handler-class>org.jboss.identity.federation.core.wstrust.handlers.STSSaml20Handler</jws:handler-class> - * </jws:handler> - * </jws:handler-chain> - * </jws:handler-chains> - * </jws:handler-config> - * }</pre> - * <p/> - * - * This class uses {@link STSClient} to interact with an STS. By default the configuration - * properties are set in a file named {@link STSClientConfig#DEFAULT_CONFIG_FILE}. - * This can be overridden by specifying environment entries in a deployment descriptor. - * - * For example in web.xml: - * <pre>{@code - * <env-entry> - * <env-entry-name>STSClientConfig</env-entry-name> - * <env-entry-type>java.lang.String</env-entry-type> - * <env-entry-value>/sts-client.properties</env-entry-value> - * </env-entry> - * }</pre> - * - * @author <a href="mailto:dbevenius@jboss.com">Daniel Bevenius</a> - */ -public abstract class STSSecurityHandler implements SOAPHandler<SOAPMessageContext> -{ - /** - * The path to the jboss-sts-client.properties file. - */ - private String configFile = STSClientConfig.DEFAULT_CONFIG_FILE; - - /** - * The {@link STSClient client} that will call the STS. - */ - private STSClient wsTrustClient; - - /** - * Subclasses can return the QName of the Security header element in usage. - * - * @return QName - */ - public abstract QName getSecurityElementQName(); - - /** - * Subclasses can return the QName of the Security Element that should be used - * as the token for validation. - * - * @return QName - */ - public abstract QName getTokenElementQName(); - - /** - * Post constuct will be called when the handler is deployed. - * - * @throws WebServiceException - */ - @PostConstruct - public void createWSTrustClient() - { - if (wsTrustClient == null) - { - try - { - final STSClientConfig config = new STSClientConfig.Builder().build(configFile); - wsTrustClient = STSClientFactory.getInstance().create(config); - } - catch (final ParsingException e) - { - throw new IllegalStateException(e.getMessage(), e); - } - } - } - - /** - * Will process in-bound messages and extract a security token from the SOAP Header. This token - * will then be validated using by calling the STS.. - * - * @param messageContext The {@link SOAPMessageContext messageContext}. - * @return true If the security token was correctly validated or if this call was an outbound message. - * @throws WebServiceException If the security token could not be validated. - */ - public boolean handleMessage(final SOAPMessageContext messageContext) - { - if (isOutBound(messageContext)) - { - return true; - } - - try - { - final Element securityToken = extractSecurityToken(messageContext, getSecurityElementQName(), getTokenElementQName()); - - if (wsTrustClient.validateToken(securityToken)) - { - return true; - } - else - { - throw new WebServiceException("Could not validate security token "+ securityToken); - } - } - catch (final SOAPException e) - { - throw new WebServiceException(e.getMessage(), e); - } - catch (final WSTrustException e) - { - throw new WebServiceException(e.getMessage(), e); - } - } - - /** - * Allows the {@link STSClient} to be injected if required. - * - * @param client The WSTrustClient to be used by this handler. - */ - public void setWSTrustClient(final STSClient client) - { - wsTrustClient = client; - } - - public Set<QName> getHeaders() - { - return Collections.singleton(getSecurityElementQName()); - } - - public boolean handleFault(final SOAPMessageContext messageContext) - { - return true; - } - - public void close(final MessageContext messageContext) - { - // NoOp. - } - - - /** - * This setter enables the injection of the jboss-sts-client.properties file - * path. - * - * @param configFile - */ - @Resource (name = "STSClientConfig") - public void setConfigFile(final String configFile) - { - if (configFile != null) - { - this.configFile = configFile; - } - } - - private boolean isOutBound(final SOAPMessageContext messageContext) - { - return ((Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)).booleanValue(); - } - - @SuppressWarnings("unchecked") - private Element extractSecurityToken(final SOAPMessageContext messageContext, final QName securityQName, final QName tokenQName) throws SOAPException - { - if (securityQName == null) - throw new IllegalStateException("securityQName from subclass cannot be null!"); - if (tokenQName == null) - throw new IllegalStateException("tokenQName from subclass cannot be null!"); - - final SOAPHeader soapHeader = messageContext.getMessage().getSOAPHeader(); - final Iterator securityHeaders = soapHeader.getChildElements(securityQName); - while (securityHeaders.hasNext()) - { - final SOAPHeaderElement elem = (SOAPHeaderElement) securityHeaders.next(); - // Check if the header is equal to the one this Handler is configured for. - if (elem.getElementQName().equals(securityQName)) - { - final Iterator childElements = elem.getChildElements(tokenQName); - while (childElements.hasNext()) - { - return (Element) childElements.next(); - } - } - } - return null; - } -} Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,259 @@ +/* + * JBoss, Home of Professional Open Source Copyright 2009, Red Hat Middleware + * LLC, and individual contributors by the @authors tag. See the copyright.txt + * in the distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it under the + * terms of the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 2.1 of the License, or (at your option) + * any later version. + * + * This software is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more + * details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this software; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF + * site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.wstrust.handlers; + +import java.util.Collections; +import java.util.Iterator; +import java.util.Set; + +import javax.annotation.PostConstruct; +import javax.annotation.Resource; +import javax.xml.namespace.QName; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPHeader; +import javax.xml.soap.SOAPHeaderElement; +import javax.xml.ws.WebServiceException; +import javax.xml.ws.handler.MessageContext; +import javax.xml.ws.handler.soap.SOAPHandler; +import javax.xml.ws.handler.soap.SOAPMessageContext; + +import org.jboss.identity.federation.core.wstrust.STSClient; +import org.jboss.identity.federation.core.wstrust.STSClientConfig; +import org.jboss.identity.federation.core.wstrust.STSClientFactory; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.wstrust.WSTrustException; +import org.w3c.dom.Element; + +/** + * STSSecurityHandler is a server-side JAX-WS SOAP Protocol handler that will extract a + * Security Token from the SOAP Security Header and validate the token with the configured + * Security Token Service (STS). + * <p/> + * + * This class is abstract to simpify is usage as the intention is for a handler to be specified + * in a server side handler chain. Here different Security Header specifications and security token + * specifications can be specified using class names instead of using properties which would force + * users to finding and setting the correct namespaces. Hopefully this will be easier and less + * error prone. + * + * <h3>Concrete implementations</h3> + * Subclasses a required to implement two methods: + * <ul> + * <li> {@link #getSecurityElementQName()} + * This should return the qualified name of the security header. This lets us support + * different versions. </li> + * + * <li>{@link #getTokenElementQName()} + * This should return the qualified name of the security token element that should exist + * in the security header. This lets us support different tokens that can be validated + * with the configured STS.</li> + * </ul> + * + * <h3>Configuration</h3> + * handlerchain.xml example: + * <pre>{@code + * <?xml version="1.0" encoding="UTF-8"?> + * <jws:handler-config xmlns:jws="http://java.sun.com/xml/ns/javaee"> + * <jws:handler-chains> + * <jws:handler-chain> + * <jws:handler> + * <jws:handler-class>org.jboss.identity.federation.core.wstrust.handlers.STSSaml20Handler</jws:handler-class> + * </jws:handler> + * </jws:handler-chain> + * </jws:handler-chains> + * </jws:handler-config> + * }</pre> + * <p/> + * + * This class uses {@link STSClient} to interact with an STS. By default the configuration + * properties are set in a file named {@link STSClientConfig#DEFAULT_CONFIG_FILE}. + * This can be overridden by specifying environment entries in a deployment descriptor. + * + * For example in web.xml: + * <pre>{@code + * <env-entry> + * <env-entry-name>STSClientConfig</env-entry-name> + * <env-entry-type>java.lang.String</env-entry-type> + * <env-entry-value>/sts-client.properties</env-entry-value> + * </env-entry> + * }</pre> + * + * @author <a href="mailto:dbevenius@jboss.com">Daniel Bevenius</a> + */ +public abstract class STSSecurityHandler implements SOAPHandler<SOAPMessageContext> +{ + /** + * The path to the jboss-sts-client.properties file. + */ + private String configFile = STSClientConfig.DEFAULT_CONFIG_FILE; + + /** + * The {@link STSClient client} that will call the STS. + */ + private STSClient wsTrustClient; + + /** + * Subclasses can return the QName of the Security header element in usage. + * + * @return QName + */ + public abstract QName getSecurityElementQName(); + + /** + * Subclasses can return the QName of the Security Element that should be used + * as the token for validation. + * + * @return QName + */ + public abstract QName getTokenElementQName(); + + /** + * Post construct will be called when the handler is deployed. + * + * @throws WebServiceException + */ + @PostConstruct + public void createWSTrustClient() + { + if (wsTrustClient == null) + { + try + { + final STSClientConfig config = new STSClientConfig.Builder().build(configFile); + wsTrustClient = STSClientFactory.getInstance().create(config); + } + catch (final ParsingException e) + { + throw new IllegalStateException(e.getMessage(), e); + } + } + } + + /** + * Will process in-bound messages and extract a security token from the SOAP Header. This token + * will then be validated using by calling the STS.. + * + * @param messageContext The {@link SOAPMessageContext messageContext}. + * @return true If the security token was correctly validated or if this call was an outbound message. + * @throws WebServiceException If the security token could not be validated. + */ + public boolean handleMessage(final SOAPMessageContext messageContext) + { + if (isOutBound(messageContext)) + { + return true; + } + + try + { + final Element securityToken = extractSecurityToken(messageContext, getSecurityElementQName(), getTokenElementQName()); + + if (wsTrustClient.validateToken(securityToken)) + { + return true; + } + else + { + throw new WebServiceException("Could not validate security token "+ securityToken); + } + } + catch (final SOAPException e) + { + throw new WebServiceException(e.getMessage(), e); + } + catch (final WSTrustException e) + { + throw new WebServiceException(e.getMessage(), e); + } + } + + /** + * Allows the {@link STSClient} to be injected if required. + * + * @param client The WSTrustClient to be used by this handler. + */ + public void setWSTrustClient(final STSClient client) + { + wsTrustClient = client; + } + + public Set<QName> getHeaders() + { + return Collections.singleton(getSecurityElementQName()); + } + + public boolean handleFault(final SOAPMessageContext messageContext) + { + return true; + } + + public void close(final MessageContext messageContext) + { + // NoOp. + } + + + /** + * This setter enables the injection of the jboss-sts-client.properties file + * path. + * + * @param configFile + */ + @Resource (name = "STSClientConfig") + public void setConfigFile(final String configFile) + { + if (configFile != null) + { + this.configFile = configFile; + } + } + + private boolean isOutBound(final SOAPMessageContext messageContext) + { + return ((Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)).booleanValue(); + } + + @SuppressWarnings("unchecked") + private Element extractSecurityToken(final SOAPMessageContext messageContext, final QName securityQName, final QName tokenQName) throws SOAPException + { + if (securityQName == null) + throw new IllegalStateException("securityQName from subclass cannot be null!"); + if (tokenQName == null) + throw new IllegalStateException("tokenQName from subclass cannot be null!"); + + final SOAPHeader soapHeader = messageContext.getMessage().getSOAPHeader(); + final Iterator securityHeaders = soapHeader.getChildElements(securityQName); + while (securityHeaders.hasNext()) + { + final SOAPHeaderElement elem = (SOAPHeaderElement) securityHeaders.next(); + // Check if the header is equal to the one this Handler is configured for. + if (elem.getElementQName().equals(securityQName)) + { + final Iterator childElements = elem.getChildElements(tokenQName); + while (childElements.hasNext()) + { + return (Element) childElements.next(); + } + } + } + return null; + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,32 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema xmlns="http://www.w3.org/2001/XMLSchema" + targetNamespace="urn:jboss:identity-federation:handler:config:1.0" + xmlns:tns="urn:jboss:identity-federation:handler:config:1.0" + xmlns:idfed="urn:jboss:identity-federation:config:1.0" + elementFormDefault="qualified"> + +  + <import schemaLocation="jboss-identity-fed.xsd" + namespace="urn:jboss:identity-federation:config:1.0"> + </import> + + + <complexType name="Handler"> + <sequence> + <element name="Option" type="idfed:KeyValueType" maxOccurs="unbounded" + minOccurs="0"> + </element> + </sequence> + <attribute name="name" type="string"></attribute> + <attribute name="class" type="string"></attribute> + </complexType> + + + <complexType name="Handlers"> + <sequence> + <element name="Handler" type="tns:Handler" maxOccurs="unbounded" minOccurs="1"></element> + </sequence> + </complexType> + + <element name="Handlers" type="tns:Handlers"/> +</schema> \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-10-09 18:58:19 UTC (rev 830) @@ -1,258 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:jboss:identity-federation:config:1.0" - xmlns:tns="urn:jboss:identity-federation:config:1.0" - elementFormDefault="qualified" version="1.0"> - <complexType name="IDPType"> - <annotation> - <documentation> - IDP Type defines the configuration for an Identity - Provider. - </documentation> - </annotation> - <complexContent> - <extension base="tns:ProviderType"> - <sequence> - <element name="Encryption" type="tns:EncryptionType" - maxOccurs="1" minOccurs="0"> - </element> - </sequence> - <attribute name="AssertionValidity" type="long" - use="optional" default="300000">  - </attribute> - <attribute name="RoleGenerator" type="string" - use="optional" - default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator"> - </attribute> - <attribute name="AttributeManager" type="string" - use="optional" - default="org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager"> - </attribute> - <attribute name="Encrypt" type="boolean" use="optional" - default="false"> - </attribute> - </extension> - </complexContent> - </complexType> - - <element name="JBossIDP" type="tns:IDPType"> - <annotation> - <documentation>The root configuration for an Identity Provider(IDP) using JBoss Identity.</documentation> - </annotation> - </element> - - - <complexType name="TrustType"> - <annotation> - <documentation>Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.</documentation> - </annotation> - <sequence> - <element name="Domains" type="string"> - <annotation> - <documentation>Comma Separated domain names such as localhost,jboss.com,jboss.org</documentation> - </annotation> - </element> - </sequence> - </complexType> - - <complexType name="KeyProviderType"> - <annotation> - <documentation> - Source of the Signing and Validating Key - </documentation> - </annotation> - <sequence> - <element name="Auth" type="tns:AuthPropertyType" - maxOccurs="unbounded" minOccurs="0"> - <annotation> - <documentation> - Key Value Pairs Needed to authenticate into the - provider. - </documentation> - </annotation> - </element> - <element name="ValidatingAlias" type="tns:KeyValueType" - maxOccurs="unbounded" minOccurs="0"> - <annotation> - <documentation> - Key Value pairs identifying domains against the - alias for validating key - </documentation> - </annotation> - </element> - <element name="SigningAlias" type="string" maxOccurs="1" - minOccurs="0"> - <annotation> - <documentation> - An alias that identifies the signing key - </documentation> - </annotation> - </element> - </sequence> - <attribute name="ClassName" type="string"></attribute> - </complexType> - - <complexType name="KeyValueType"> - <attribute name="Key" type="string"></attribute> - <attribute name="Value" type="string"></attribute> - </complexType> - - <complexType name="ProviderType"> - <annotation> - <documentation>Base Type for IDP and SP</documentation> - </annotation> - <sequence> - <element name="IdentityURL" type="string" maxOccurs="1" - minOccurs="1"> - </element> - <element name="Trust" type="tns:TrustType" maxOccurs="1" - minOccurs="0"> - </element> - <element name="KeyProvider" type="tns:KeyProviderType" - maxOccurs="1" minOccurs="0"> - </element> - <element name="MetaDataProvider" type="tns:MetadataProviderType" maxOccurs="1" minOccurs="0"></element> - </sequence> -  - <attribute name="ServerEnvironment" use="optional" default="JBOSS"> - <simpleType> - <restriction base="string"> - <enumeration value="JBOSS"></enumeration> - <enumeration value="TOMCAT"></enumeration> - </restriction> - </simpleType> - </attribute> - </complexType> - - <complexType name="SPType"> - <annotation> - <documentation>Service Provider Type</documentation> - </annotation> - <complexContent> - <extension base="tns:ProviderType"> - <sequence> - <element name="ServiceURL" type="string"></element> - </sequence> - </extension> - </complexContent> - </complexType> - - <complexType name="AuthPropertyType"> - <complexContent> - <extension base="tns:KeyValueType"></extension> - </complexContent> - </complexType> - - <element name="JBossSP" type="tns:SPType"></element> - - <simpleType name="EncAlgoType"> - <restriction base="string"> - <enumeration value="AES"></enumeration> - <enumeration value="DES"></enumeration> - <enumeration value="DESede"></enumeration> - </restriction> - </simpleType> - - <complexType name="EncryptionType"> - <sequence> - <element name="EncAlgo" type="tns:EncAlgoType"></element> - <element name="KeySize" type="int"></element> - </sequence> - </complexType> - -  - - <complexType name="STSType"> - <sequence> - <element name="KeyProvider" type="tns:KeyProviderType" minOccurs="0"/> - <element name="RequestHandler" type="string" minOccurs="0"/> - <element name="ClaimProviders" type="tns:ClaimProvidersType" minOccurs="0"/> - <element name="TokenProviders" type="tns:TokenProvidersType" minOccurs="0"/> - <element name="ServiceProviders" type="tns:ServiceProvidersType" minOccurs="0"/> - </sequence> - <attribute name="STSName" default="JBossSTS" type="string" use="optional"/> - <attribute name="TokenTimeout" default="3600" type="int" use="optional"/> - <attribute name="SignToken" default="true" type="boolean" use="optional"/> - <attribute name="EncryptToken" default="false" type="boolean" use="optional"/> - </complexType> - - <complexType name="ClaimProvidersType"> - <annotation> - <documentation> - The claim providers specify the classes that are capable of handling specific claims dialects. - </documentation> - </annotation> - <sequence> - <element name="ClaimProvider" type="tns:ClaimProviderType" minOccurs="1" maxOccurs="unbounded"/> - </sequence> - </complexType> - - <complexType name="ClaimProviderType"> - <sequence> - <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="ProviderClass" type="string" use="required"/> - <attribute name="Dialect" type="string" use="required"/> - </complexType> - - <complexType name="TokenProvidersType"> - <annotation> - <documentation> - The token providers specify the classes that handle the requests for each type of security Token. - For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider - may be used to generate X.509 tokens (certificates). - </documentation> - </annotation> - <sequence> - <element name="TokenProvider" type="tns:TokenProviderType" minOccurs="1" maxOccurs="unbounded"/> - </sequence> - </complexType> - - <complexType name="TokenProviderType"> - <sequence> - <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="ProviderClass" type="string" use="required"/> - <attribute name="TokenType" type="string" use="required"/> - <attribute name="TokenElement" type="string" use="required"/> - <attribute name="TokenElementNS" type="string" use="required"/> - </complexType> - - <complexType name="ServiceProvidersType"> - <annotation> - <documentation> - The service providers specify the token type expected by each service provider. - </documentation> - </annotation> - <sequence> - <element name="ServiceProvider" type="tns:ServiceProviderType" minOccurs="1" maxOccurs="unbounded"/> - </sequence> - </complexType> - - <complexType name="ServiceProviderType"> - <annotation> - <documentation> - The service provider type contains information about a specific service provider. In particular, - it specifies the type of the token that must be issued for the provider and the alias of the - provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the - generated token. - </documentation> - </annotation> - <attribute name="Endpoint" type="string" use="required"/> - <attribute name="TokenType" type="string" use="required"/> - <attribute name="TruststoreAlias" type="string" use="optional"/> - </complexType> - - <element name="JBossSTS" type="tns:STSType"/> - - <complexType name="PropertyType"> - <attribute name="Name" type="string" use="required"/> - <attribute name="Value" type="string" use="required"/> - </complexType> - - <complexType name="MetadataProviderType"> - <sequence> - <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element> - </sequence> - <attribute name="ClassName" type="string"></attribute> - </complexType> -</schema> \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,258 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:jboss:identity-federation:config:1.0" + xmlns:tns="urn:jboss:identity-federation:config:1.0" + elementFormDefault="qualified" version="1.0"> + <complexType name="IDPType"> + <annotation> + <documentation> + IDP Type defines the configuration for an Identity + Provider. + </documentation> + </annotation> + <complexContent> + <extension base="tns:ProviderType"> + <sequence> + <element name="Encryption" type="tns:EncryptionType" + maxOccurs="1" minOccurs="0"> + </element> + </sequence> + <attribute name="AssertionValidity" type="long" + use="optional" default="300000">  + </attribute> + <attribute name="RoleGenerator" type="string" + use="optional" + default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator"> + </attribute> + <attribute name="AttributeManager" type="string" + use="optional" + default="org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager"> + </attribute> + <attribute name="Encrypt" type="boolean" use="optional" + default="false"> + </attribute> + </extension> + </complexContent> + </complexType> + + <element name="JBossIDP" type="tns:IDPType"> + <annotation> + <documentation>The root configuration for an Identity Provider(IDP) using JBoss Identity.</documentation> + </annotation> + </element> + + + <complexType name="TrustType"> + <annotation> + <documentation>Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts.</documentation> + </annotation> + <sequence> + <element name="Domains" type="string"> + <annotation> + <documentation>Comma Separated domain names such as localhost,jboss.com,jboss.org</documentation> + </annotation> + </element> + </sequence> + </complexType> + + <complexType name="KeyProviderType"> + <annotation> + <documentation> + Source of the Signing and Validating Key + </documentation> + </annotation> + <sequence> + <element name="Auth" type="tns:AuthPropertyType" + maxOccurs="unbounded" minOccurs="0"> + <annotation> + <documentation> + Key Value Pairs Needed to authenticate into the + provider. + </documentation> + </annotation> + </element> + <element name="ValidatingAlias" type="tns:KeyValueType" + maxOccurs="unbounded" minOccurs="0"> + <annotation> + <documentation> + Key Value pairs identifying domains against the + alias for validating key + </documentation> + </annotation> + </element> + <element name="SigningAlias" type="string" maxOccurs="1" + minOccurs="0"> + <annotation> + <documentation> + An alias that identifies the signing key + </documentation> + </annotation> + </element> + </sequence> + <attribute name="ClassName" type="string"></attribute> + </complexType> + + <complexType name="KeyValueType"> + <attribute name="Key" type="string"></attribute> + <attribute name="Value" type="string"></attribute> + </complexType> + + <complexType name="ProviderType"> + <annotation> + <documentation>Base Type for IDP and SP</documentation> + </annotation> + <sequence> + <element name="IdentityURL" type="string" maxOccurs="1" + minOccurs="1"> + </element> + <element name="Trust" type="tns:TrustType" maxOccurs="1" + minOccurs="0"> + </element> + <element name="KeyProvider" type="tns:KeyProviderType" + maxOccurs="1" minOccurs="0"> + </element> + <element name="MetaDataProvider" type="tns:MetadataProviderType" maxOccurs="1" minOccurs="0"></element> + </sequence> +  + <attribute name="ServerEnvironment" use="optional" default="JBOSS"> + <simpleType> + <restriction base="string"> + <enumeration value="JBOSS"></enumeration> + <enumeration value="TOMCAT"></enumeration> + </restriction> + </simpleType> + </attribute> + </complexType> + + <complexType name="SPType"> + <annotation> + <documentation>Service Provider Type</documentation> + </annotation> + <complexContent> + <extension base="tns:ProviderType"> + <sequence> + <element name="ServiceURL" type="string"></element> + </sequence> + </extension> + </complexContent> + </complexType> + + <complexType name="AuthPropertyType"> + <complexContent> + <extension base="tns:KeyValueType"></extension> + </complexContent> + </complexType> + + <element name="JBossSP" type="tns:SPType"></element> + + <simpleType name="EncAlgoType"> + <restriction base="string"> + <enumeration value="AES"></enumeration> + <enumeration value="DES"></enumeration> + <enumeration value="DESede"></enumeration> + </restriction> + </simpleType> + + <complexType name="EncryptionType"> + <sequence> + <element name="EncAlgo" type="tns:EncAlgoType"></element> + <element name="KeySize" type="int"></element> + </sequence> + </complexType> + + <complexType name="MetadataProviderType"> + <sequence> + <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element> + </sequence> + <attribute name="ClassName" type="string"></attribute> + </complexType> + +  + + <complexType name="STSType"> + <sequence> + <element name="KeyProvider" type="tns:KeyProviderType" minOccurs="0"/> + <element name="RequestHandler" type="string" minOccurs="0"/> + <element name="ClaimProviders" type="tns:ClaimProvidersType" minOccurs="0"/> + <element name="TokenProviders" type="tns:TokenProvidersType" minOccurs="0"/> + <element name="ServiceProviders" type="tns:ServiceProvidersType" minOccurs="0"/> + </sequence> + <attribute name="STSName" default="JBossSTS" type="string" use="optional"/> + <attribute name="TokenTimeout" default="3600" type="int" use="optional"/> + <attribute name="SignToken" default="true" type="boolean" use="optional"/> + <attribute name="EncryptToken" default="false" type="boolean" use="optional"/> + </complexType> + + <complexType name="ClaimProvidersType"> + <annotation> + <documentation> + The claim providers specify the classes that are capable of handling specific claims dialects. + </documentation> + </annotation> + <sequence> + <element name="ClaimProvider" type="tns:ClaimProviderType" minOccurs="1" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <complexType name="ClaimProviderType"> + <sequence> + <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ProviderClass" type="string" use="required"/> + <attribute name="Dialect" type="string" use="required"/> + </complexType> + + <complexType name="TokenProvidersType"> + <annotation> + <documentation> + The token providers specify the classes that handle the requests for each type of security Token. + For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider + may be used to generate X.509 tokens (certificates). + </documentation> + </annotation> + <sequence> + <element name="TokenProvider" type="tns:TokenProviderType" minOccurs="1" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <complexType name="TokenProviderType"> + <sequence> + <element name="Property" type="tns:PropertyType" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ProviderClass" type="string" use="required"/> + <attribute name="TokenType" type="string" use="required"/> + <attribute name="TokenElement" type="string" use="required"/> + <attribute name="TokenElementNS" type="string" use="required"/> + </complexType> + + <complexType name="ServiceProvidersType"> + <annotation> + <documentation> + The service providers specify the token type expected by each service provider. + </documentation> + </annotation> + <sequence> + <element name="ServiceProvider" type="tns:ServiceProviderType" minOccurs="1" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <complexType name="ServiceProviderType"> + <annotation> + <documentation> + The service provider type contains information about a specific service provider. In particular, + it specifies the type of the token that must be issued for the provider and the alias of the + provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the + generated token. + </documentation> + </annotation> + <attribute name="Endpoint" type="string" use="required"/> + <attribute name="TokenType" type="string" use="required"/> + <attribute name="TruststoreAlias" type="string" use="optional"/> + </complexType> + + <element name="JBossSTS" type="tns:STSType"/> + + <complexType name="PropertyType"> + <attribute name="Name" type="string" use="required"/> + <attribute name="Value" type="string" use="required"/> + </complexType> +</schema> \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-core/src/test/resources/config (from rev 828, identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config) Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,130 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-model</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Model</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation Model contains the JAXB2 model.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-xmlsec-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbossxacml</artifactId> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-xalan</groupId> - <artifactId>serializer</artifactId> - <version>2.7.0.patch01-brew</version> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-fed-model/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-fed-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,130 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-model</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Model</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation Model contains the JAXB2 model.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-xmlsec-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-impl</artifactId> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbossxacml</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-xalan</groupId> + <artifactId>serializer</artifactId> + <version>2.7.0.patch01-brew</version> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-seam/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,129 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent - </artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-seam</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Bindings for Seam</name> - <url>http://labs.jboss.org/portal/jbossidentity/ - </url> - <description>JBoss Identity Seam bindings contain the default - bindings needed for Seam web applications.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt - </url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine> - -Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed - </argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model - </artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-web</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.5</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.jboss.seam</groupId> - <artifactId>jboss-seam</artifactId> - <version>2.1.2.GA</version> - <type>ejb</type> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>javax.faces</groupId> - <artifactId>jsf-api</artifactId> - <version>1.2</version> - <scope>provided</scope> - </dependency> - </dependencies> - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> -charset UTF-8 -docencoding UTF-8 -version - -author -breakiterator -windowtitle "${project.name} - ${project.version} API Reference" -doctitle "${project.name} - ${project.version} API Reference" -bottom "Copyright © - ${project.inceptionYear}-Present ${project.organization.name}. All - Rights Reserved." -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-seam/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-seam/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,129 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent + </artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-seam</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Bindings for Seam</name> + <url>http://labs.jboss.org/portal/jbossidentity/ + </url> + <description>JBoss Identity Seam bindings contain the default + bindings needed for Seam web applications.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt + </url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine> + -Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed + </argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model + </artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-web</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.5</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.jboss.seam</groupId> + <artifactId>jboss-seam</artifactId> + <version>2.1.2.GA</version> + <type>ejb</type> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <version>1.2</version> + <scope>provided</scope> + </dependency> + </dependencies> + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> -charset UTF-8 -docencoding UTF-8 -version + -author -breakiterator -windowtitle "${project.name} + ${project.version} API Reference" -doctitle "${project.name} + ${project.version} API Reference" -bottom "Copyright © + ${project.inceptionYear}-Present ${project.organization.name}. All + Rights Reserved." -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,201 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-web</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Web</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Web contains code that will run in any web container.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - -  - <profiles> - <profile> - <id>exclude-long-tests</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <excludes> - <exclude>**/integration/*TestCase.java</exclude> - </excludes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - . <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - </profile> - - <profile> - <id>long-tests</id> - <activation> - <activeByDefault>false</activeByDefault> - </activation> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <childDelegation>true</childDelegation> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/integration/*TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - . <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> - - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.5</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>nekohtml</groupId> - <artifactId>nekohtml</artifactId> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>httpclient</artifactId> - <version>3.0.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-codec</artifactId> - <version>1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>apache-xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.9.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - <version>1.0.3</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty-util</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-web/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,201 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-web</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Web</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Web contains code that will run in any web container.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + +  + <profiles> + <profile> + <id>exclude-long-tests</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <excludes> + <exclude>**/integration/*TestCase.java</exclude> + </excludes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + . <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + </profile> + + <profile> + <id>long-tests</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <childDelegation>true</childDelegation> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/integration/*TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + . <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> + + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.5</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>nekohtml</groupId> + <artifactId>nekohtml</artifactId> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>httpclient</artifactId> + <version>3.0.1</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-codec</artifactId> + <version>1.3</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>apache-xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.9.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + <version>1.0.3</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty-util</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core) Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,480 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.filters; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.MalformedURLException; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.Principal; -import java.security.PublicKey; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.crypto.MarshalException; -import javax.xml.crypto.dsig.XMLSignatureException; - -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.core.config.KeyProviderType; -import org.jboss.identity.federation.core.config.SPType; -import org.jboss.identity.federation.core.config.TrustType; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; -import org.jboss.identity.federation.core.interfaces.TrustKeyManager; -import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; -import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; -import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; -import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; -import org.jboss.identity.federation.core.util.XMLSignatureUtil; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeType; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.jboss.identity.federation.saml.v2.assertion.NameIDType; -import org.jboss.identity.federation.saml.v2.assertion.SubjectType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.jboss.identity.federation.saml.v2.protocol.StatusType; -import org.jboss.identity.federation.web.interfaces.IRoleValidator; -import org.jboss.identity.federation.web.roles.DefaultRoleValidator; -import org.jboss.identity.federation.web.util.ConfigurationUtil; -import org.jboss.identity.federation.web.util.PostBindingUtil; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -/** - * @author Anil.Saldhana(a)redhat.com - * @since Aug 21, 2009 - */ -public class SPFilter implements Filter -{ - private static Logger log = Logger.getLogger(SPFilter.class); - private boolean trace = log.isTraceEnabled(); - - public static final String PRINCIPAL_ID = "jboss_identity.principal"; - public static final String ROLES_ID = "jboss_identity.roles"; - - protected SPType spConfiguration = null; - protected String configFile = "/WEB-INF/jboss-idfed.xml"; - - protected String serviceURL = null; - protected String identityURL = null; - - private TrustKeyManager keyManager; - - private ServletContext context = null; - - private IRoleValidator roleValidator = new DefaultRoleValidator(); - - public void destroy() - { - } - - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, - FilterChain filterChain) - throws IOException, ServletException - { - HttpServletRequest request = (HttpServletRequest) servletRequest; - HttpServletResponse response = (HttpServletResponse) servletResponse; - - boolean postMethod = "POST".equalsIgnoreCase(request.getMethod()); - Principal userPrincipal = null; - - HttpSession session = request.getSession(); - if(!postMethod) - { - //Check if we are already authenticated - userPrincipal = (Principal) session.getAttribute(PRINCIPAL_ID); - if(userPrincipal != null) - { - filterChain.doFilter(servletRequest, servletResponse); - return; - } - - //We need to send request to IDP - if(userPrincipal == null) - { - String relayState = null; - try - { - AuthnRequestType authnRequest = createSAMLRequest(serviceURL, identityURL); - sendRequestToIDP(authnRequest, relayState, response); - } - catch (Exception e) - { - throw new ServletException(e); - } - return; - } - } - else - { - //See if we got a response from IDP - String samlResponse = request.getParameter("SAMLResponse"); - if(samlResponse != null && samlResponse.length() > 0 ) - { - boolean isValid = false; - try - { - isValid = this.validate(request); - } - catch (Exception e) - { - throw new ServletException(e); - } - if(!isValid) - throw new ServletException("Validity check failed"); - - //deal with SAML response from IDP - byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse); - InputStream is = new ByteArrayInputStream(base64DecodedResponse); - - try - { - SAML2Response saml2Response = new SAML2Response(); - - ResponseType responseType = saml2Response.getResponseType(is); - - SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder(); - - boolean validSignature = this.verifySignature(samlDocumentHolder); - - if(validSignature == false) - throw new IssuerNotTrustedException("Signature in saml document is invalid"); - - this.isTrusted(responseType.getIssuer().getValue()); - - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); - if(assertions.size() == 0) - throw new IllegalStateException("No assertions in reply from IDP"); - - Object assertion = assertions.get(0); - if(assertion instanceof EncryptedElementType) - { - responseType = this.decryptAssertion(responseType); - } - - userPrincipal = handleSAMLResponse(request, responseType); - if(userPrincipal == null) - response.sendError(HttpServletResponse.SC_FORBIDDEN); - - filterChain.doFilter(request, servletResponse); - } - catch (ParsingException e) - { - if(trace) - log.trace("Parsing Exception:", e); - throw new ServletException("Parsing Exception"); - } - catch (ConfigurationException e) - { - if(trace) - log.trace("ConfigurationException:", e); - throw new ServletException("Config Exception"); - } - catch (IssuerNotTrustedException e) - { - if(trace) - log.trace("IssuerNotTrustedException:", e); - throw new ServletException("Issuer Not Trusted Exception"); - } - catch (AssertionExpiredException e) - { - if(trace) - log.trace("AssertionExpiredException:", e); - throw new ServletException("Assertion expired Exception"); - } - } - - } - - } - - public void init(FilterConfig filterConfig) throws ServletException - { - this.context = filterConfig.getServletContext(); - InputStream is = context.getResourceAsStream(configFile); - if(is == null) - throw new RuntimeException(configFile + " missing"); - try - { - spConfiguration = ConfigurationUtil.getSPConfiguration(is); - this.identityURL = spConfiguration.getIdentityURL(); - this.serviceURL = spConfiguration.getServiceURL(); - log.trace("Identity Provider URL=" + this.identityURL); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - KeyProviderType keyProvider = this.spConfiguration.getKeyProvider(); - if(keyProvider == null) - throw new RuntimeException("KeyProvider is null"); - try - { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - String keyManagerClassName = keyProvider.getClassName(); - if(keyManagerClassName == null) - throw new RuntimeException("KeyManager class name is null"); - - Class<?> clazz = tcl.loadClass(keyManagerClassName); - this.keyManager = (TrustKeyManager) clazz.newInstance(); - keyManager.setAuthProperties(keyProvider.getAuth()); - keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); - } - catch(Exception e) - { - log.error("Exception reading configuration:",e); - throw new RuntimeException(e.getLocalizedMessage()); - } - log.trace("Key Provider=" + keyProvider.getClassName()); - - //Get the Role Validator if configured - String roleValidatorName = filterConfig.getInitParameter("ROLE_VALIDATOR"); - if(roleValidatorName != null && !"".equals(roleValidatorName)) - { - try - { - Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(roleValidatorName); - this.roleValidator = (IRoleValidator) clazz.newInstance(); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - } - - Map<String,String> options = new HashMap<String, String>(); - String roles = filterConfig.getInitParameter("ROLES"); - if(trace) - log.trace("Found Roles in SPFilter config="+roles); - if(roles != null) - { - options.put("ROLES", roles); - } - this.roleValidator.intialize(options); - } - - /** - * Create a SAML2 auth request - * @param serviceURL URL of the service - * @param identityURL URL of the identity provider - * @return - * @throws ConfigurationException - */ - private AuthnRequestType createSAMLRequest(String serviceURL, String identityURL) throws ConfigurationException - { - if(serviceURL == null) - throw new IllegalArgumentException("serviceURL is null"); - if(identityURL == null) - throw new IllegalArgumentException("identityURL is null"); - - SAML2Request saml2Request = new SAML2Request(); - String id = IDGenerator.create("ID_"); - return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL); - } - - protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, - HttpServletResponse response) - throws IOException, SAXException, JAXBException,GeneralSecurityException - { - SAML2Request saml2Request = new SAML2Request(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - saml2Request.marshall(authnRequest, baos); - - String samlMessage = PostBindingUtil.base64Encode(baos.toString()); - String destination = authnRequest.getDestination(); - PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), - response, true); - } - - protected boolean validate(HttpServletRequest request) throws IOException, GeneralSecurityException - { - return request.getParameter("SAMLResponse") != null; - } - - protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException - { - Document samlResponse = samlDocumentHolder.getSamlDocument(); - ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject(); - - String issuerID = response.getIssuer().getValue(); - - if(issuerID == null) - throw new IssuerNotTrustedException("Issue missing"); - - URL issuerURL; - try - { - issuerURL = new URL(issuerID); - } - catch (MalformedURLException e1) - { - throw new IssuerNotTrustedException(e1); - } - - try - { - PublicKey publicKey = keyManager.getValidatingKey(issuerURL.getHost()); - log.trace("Going to verify signature in the saml response from IDP"); - boolean sigResult = XMLSignatureUtil.validate(samlResponse, publicKey); - log.trace("Signature verification="+sigResult); - return sigResult; - } - catch (TrustKeyConfigurationException e) - { - log.error("Unable to verify signature",e); - } - catch (TrustKeyProcessingException e) - { - log.error("Unable to verify signature",e); - } - catch (MarshalException e) - { - log.error("Unable to verify signature",e); - } - catch (XMLSignatureException e) - { - log.error("Unable to verify signature",e); - } - return false; - } - - protected void isTrusted(String issuer) throws IssuerNotTrustedException - { - try - { - URL url = new URL(issuer); - String issuerDomain = url.getHost(); - TrustType idpTrust = spConfiguration.getTrust(); - if(idpTrust != null) - { - String domainsTrusted = idpTrust.getDomains(); - if(domainsTrusted.indexOf(issuerDomain) < 0) - throw new IssuerNotTrustedException(issuer); - } - } - catch (Exception e) - { - throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); - } - } - - protected ResponseType decryptAssertion(ResponseType responseType) - { - throw new RuntimeException("This authenticator does not handle encryption"); - } - - /** - * Handle the SAMLResponse from the IDP - * @param request entire request from IDP - * @param responseType ResponseType that has been generated - * @param serverEnvironment tomcat,jboss etc - * @return - * @throws AssertionExpiredException - */ - @SuppressWarnings("unchecked") - public Principal handleSAMLResponse(HttpServletRequest request, ResponseType responseType) - throws ConfigurationException, AssertionExpiredException - { - if(request == null) - throw new IllegalArgumentException("request is null"); - if(responseType == null) - throw new IllegalArgumentException("response type is null"); - - StatusType statusType = responseType.getStatus(); - if(statusType == null) - throw new IllegalArgumentException("Status Type from the IDP is null"); - - String statusValue = statusType.getStatusCode().getValue(); - if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) - throw new SecurityException("IDP forbid the user"); - - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); - if(assertions.size() == 0) - throw new IllegalStateException("No assertions in reply from IDP"); - - AssertionType assertion = (AssertionType)assertions.get(0); - //Check for validity of assertion - boolean expiredAssertion = AssertionUtil.hasExpired(assertion); - if(expiredAssertion) - throw new AssertionExpiredException(); - - SubjectType subject = assertion.getSubject(); - JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); - NameIDType nameID = jnameID.getValue(); - final String userName = nameID.getValue(); - List<String> roles = new ArrayList<String>(); - - //Let us get the roles - AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); - List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); - for(Object obj:attList) - { - AttributeType attr = (AttributeType) obj; - String roleName = (String) attr.getAttributeValue().get(0); - roles.add(roleName); - } - - Principal principal = new Principal() - { - public String getName() - { - return userName; - } - }; - - //Validate the roles - boolean validRole = roleValidator.userInRole(principal, roles); - if(!validRole) - { - if(trace) - log.trace("Invalid role:" + roles); - principal = null; - } - return principal; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,658 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.filters; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.Principal; +import java.security.PublicKey; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.core.config.KeyProviderType; +import org.jboss.identity.federation.core.config.SPType; +import org.jboss.identity.federation.core.config.TrustType; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.interfaces.ProtocolContext; +import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; +import org.jboss.identity.federation.core.interfaces.TrustKeyManager; +import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; +import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE; +import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil; +import org.jboss.identity.federation.core.util.XMLSignatureUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.SubjectType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; +import org.jboss.identity.federation.web.interfaces.IRoleValidator; +import org.jboss.identity.federation.web.roles.DefaultRoleValidator; +import org.jboss.identity.federation.web.util.ConfigurationUtil; +import org.jboss.identity.federation.web.util.PostBindingUtil; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +/** + * A service provider filter for web container agnostic + * providers + * @author Anil.Saldhana(a)redhat.com + * @since Aug 21, 2009 + */ +public class SPFilter implements Filter +{ + private static Logger log = Logger.getLogger(SPFilter.class); + private boolean trace = log.isTraceEnabled(); + + protected SPType spConfiguration = null; + protected String configFile = "/WEB-INF/jboss-idfed.xml"; + + protected String serviceURL = null; + protected String identityURL = null; + + private TrustKeyManager keyManager; + + private ServletContext context = null; + private transient SAML2HandlerChain chain = null; + + protected boolean ignoreSignatures = false; + + private IRoleValidator roleValidator = new DefaultRoleValidator(); + + public void destroy() + { + } + + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, + FilterChain filterChain) + throws IOException, ServletException + { + HttpServletRequest request = (HttpServletRequest) servletRequest; + HttpServletResponse response = (HttpServletResponse) servletResponse; + + boolean postMethod = "POST".equalsIgnoreCase(request.getMethod()); + + HttpSession session = request.getSession(); + + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID);; + + String samlRequest = request.getParameter("SAMLRequest"); + String samlResponse = request.getParameter("SAMLResponse"); + + if(!postMethod) + { + //Check if we are already authenticated + if(userPrincipal != null) + { + filterChain.doFilter(servletRequest, servletResponse); + return; + } + + //We need to send request to IDP + if(userPrincipal == null) + { + String relayState = null; + try + { + //TODO: use the handlers to generate the request + AuthnRequestType authnRequest = createSAMLRequest(serviceURL, identityURL); + sendRequestToIDP(authnRequest, relayState, response); + } + catch (Exception e) + { + throw new ServletException(e); + } + return; + } + } + else + { + if(!isNotNull(samlRequest) && !isNotNull(samlResponse)) + { + //Neither saml request nor response from IDP + //So this is a user request + + //Ask the handler chain to generate the saml request + Set<SAML2Handler> handlers = chain.handlers(); + + IssuerInfoHolder holder = new IssuerInfoHolder(this.serviceURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + holder.getIssuer(), null, + HANDLER_TYPE.SP); + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + saml2HandlerResponse.setDestination(identityURL); + + //Reset the state + try + { + for(SAML2Handler handler: handlers) + { + handler.reset(); + if(saml2HandlerResponse.isInError()) + { + response.sendError(saml2HandlerResponse.getErrorCode()); + break; + } + saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); + handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse); + } + } + catch(ProcessingException pe) + { + throw new RuntimeException(pe); + } + Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); + String relayState = saml2HandlerResponse.getRelayState(); + + String destination = saml2HandlerResponse.getDestination(); + + + if(destination != null && + samlResponseDocument != null) + { + try + { + this.sendToDestination(samlResponseDocument, relayState, destination, response); + } + catch (Exception e) + { + if(trace) + log.trace("Exception:",e); + throw new ServletException("Server Error"); + } + return; + } + } + + //See if we got a response from IDP + if(samlResponse != null && samlResponse.length() > 0 ) + { + boolean isValid = false; + try + { + isValid = this.validate(request); + } + catch (Exception e) + { + throw new ServletException(e); + } + if(!isValid) + throw new ServletException("Validity check failed"); + + //deal with SAML response from IDP + byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse); + InputStream is = new ByteArrayInputStream(base64DecodedResponse); + + try + { + SAML2Response saml2Response = new SAML2Response(); + + SAML2Object samlObject = saml2Response.getSAML2ObjectFromStream(is); + + Set<SAML2Handler> handlers = chain.handlers(); + IssuerInfoHolder holder = new IssuerInfoHolder(this.serviceURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + holder.getIssuer(), samlObject, + HANDLER_TYPE.SP); + + Map<String,Object> requestOptions = new HashMap<String,Object>(); + requestOptions.put(GeneralConstants.CONFIGURATION, this.spConfiguration); + saml2HandlerRequest.setOptions(requestOptions); + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + //Deal with handler chains + for(SAML2Handler handler : handlers) + { + if(saml2HandlerResponse.isInError()) + { + response.sendError(saml2HandlerResponse.getErrorCode()); + break; + } + if(samlObject instanceof RequestAbstractType) + { + handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse); + } + else + { + handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse); + } + } + + Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); + String relayState = saml2HandlerResponse.getRelayState(); + + String destination = saml2HandlerResponse.getDestination(); + + + if(destination != null && + samlResponseDocument != null) + { + this.sendToDestination(samlResponseDocument, relayState, destination, response); + return; + } + /*ResponseType responseType = saml2Response.getResponseType(is); + + SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder(); + + boolean validSignature = this.verifySignature(samlDocumentHolder); + + if(validSignature == false) + throw new IssuerNotTrustedException("Signature in saml document is invalid"); + + this.isTrusted(responseType.getIssuer().getValue()); + + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + Object assertion = assertions.get(0); + if(assertion instanceof EncryptedElementType) + { + responseType = this.decryptAssertion(responseType); + } + + userPrincipal = handleSAMLResponse(request, responseType); + if(userPrincipal == null) + response.sendError(HttpServletResponse.SC_FORBIDDEN);*/ + + filterChain.doFilter(request, servletResponse); + } + catch (Exception e) + { + if(trace) + log.trace("Server Exception:", e); + throw new ServletException("Server Exception"); + } + /*catch (IssuerNotTrustedException e) + { + if(trace) + log.trace("IssuerNotTrustedException:", e); + throw new ServletException("Issuer Not Trusted Exception"); + } + catch (AssertionExpiredException e) + { + if(trace) + log.trace("AssertionExpiredException:", e); + throw new ServletException("Assertion expired Exception"); + } */ + } + + } + + } + + public void init(FilterConfig filterConfig) throws ServletException + { + this.context = filterConfig.getServletContext(); + InputStream is = context.getResourceAsStream(configFile); + if(is == null) + throw new RuntimeException(configFile + " missing"); + try + { + spConfiguration = ConfigurationUtil.getSPConfiguration(is); + this.identityURL = spConfiguration.getIdentityURL(); + this.serviceURL = spConfiguration.getServiceURL(); + log.trace("Identity Provider URL=" + this.identityURL); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + + //Get the chain from config + chain = new DefaultSAML2HandlerChain(); + try + { + //Get the handlers + Handlers handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml")); + chain.addAll(HandlerUtil.getHandlers(handlers)); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + + String ignoreSigString = filterConfig.getInitParameter(GeneralConstants.IGNORE_SIGNATURES); + if(ignoreSigString != null && !"".equals(ignoreSigString)) + { + this.ignoreSignatures = Boolean.parseBoolean(ignoreSigString); + } + + if(ignoreSignatures == false) + { + KeyProviderType keyProvider = this.spConfiguration.getKeyProvider(); + if(keyProvider == null) + throw new RuntimeException("KeyProvider is null"); + try + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + String keyManagerClassName = keyProvider.getClassName(); + if(keyManagerClassName == null) + throw new RuntimeException("KeyManager class name is null"); + + Class<?> clazz = tcl.loadClass(keyManagerClassName); + this.keyManager = (TrustKeyManager) clazz.newInstance(); + keyManager.setAuthProperties(keyProvider.getAuth()); + keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); + } + catch(Exception e) + { + log.error("Exception reading configuration:",e); + throw new RuntimeException(e.getLocalizedMessage()); + } + log.trace("Key Provider=" + keyProvider.getClassName()); + } + + //Get the Role Validator if configured + String roleValidatorName = filterConfig.getInitParameter(GeneralConstants.ROLE_VALIDATOR); + if(roleValidatorName != null && !"".equals(roleValidatorName)) + { + try + { + Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(roleValidatorName); + this.roleValidator = (IRoleValidator) clazz.newInstance(); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + } + + Map<String,String> options = new HashMap<String, String>(); + String roles = filterConfig.getInitParameter(GeneralConstants.ROLES); + if(trace) + log.trace("Found Roles in SPFilter config="+roles); + if(roles != null) + { + options.put("ROLES", roles); + } + this.roleValidator.intialize(options); + } + + /** + * Create a SAML2 auth request + * @param serviceURL URL of the service + * @param identityURL URL of the identity provider + * @return + * @throws ConfigurationException + */ + private AuthnRequestType createSAMLRequest(String serviceURL, String identityURL) throws ConfigurationException + { + if(serviceURL == null) + throw new IllegalArgumentException("serviceURL is null"); + if(identityURL == null) + throw new IllegalArgumentException("identityURL is null"); + + SAML2Request saml2Request = new SAML2Request(); + String id = IDGenerator.create("ID_"); + return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL); + } + + protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, + HttpServletResponse response) + throws IOException, SAXException, JAXBException,GeneralSecurityException + { + SAML2Request saml2Request = new SAML2Request(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + saml2Request.marshall(authnRequest, baos); + + String samlMessage = PostBindingUtil.base64Encode(baos.toString()); + String destination = authnRequest.getDestination(); + PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), + response, true); + } + + protected void sendToDestination(Document samlDocument, String relayState, + String destination, + HttpServletResponse response) + throws IOException, SAXException, JAXBException,GeneralSecurityException + { + String samlMessage; + try + { + samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument)); + } + catch (TransformerFactoryConfigurationError e) + { + throw new ProcessingException(e); + } + catch (TransformerException e) + { + throw new ProcessingException(e); + } + PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), + response, true); + } + + protected boolean validate(HttpServletRequest request) throws IOException, GeneralSecurityException + { + return request.getParameter("SAMLResponse") != null; + } + + protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException + { + Document samlResponse = samlDocumentHolder.getSamlDocument(); + ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject(); + + String issuerID = response.getIssuer().getValue(); + + if(issuerID == null) + throw new IssuerNotTrustedException("Issue missing"); + + URL issuerURL; + try + { + issuerURL = new URL(issuerID); + } + catch (MalformedURLException e1) + { + throw new IssuerNotTrustedException(e1); + } + + try + { + PublicKey publicKey = keyManager.getValidatingKey(issuerURL.getHost()); + log.trace("Going to verify signature in the saml response from IDP"); + boolean sigResult = XMLSignatureUtil.validate(samlResponse, publicKey); + log.trace("Signature verification="+sigResult); + return sigResult; + } + catch (TrustKeyConfigurationException e) + { + log.error("Unable to verify signature",e); + } + catch (TrustKeyProcessingException e) + { + log.error("Unable to verify signature",e); + } + catch (MarshalException e) + { + log.error("Unable to verify signature",e); + } + catch (XMLSignatureException e) + { + log.error("Unable to verify signature",e); + } + return false; + } + + protected void isTrusted(String issuer) throws IssuerNotTrustedException + { + try + { + URL url = new URL(issuer); + String issuerDomain = url.getHost(); + TrustType idpTrust = spConfiguration.getTrust(); + if(idpTrust != null) + { + String domainsTrusted = idpTrust.getDomains(); + if(domainsTrusted.indexOf(issuerDomain) < 0) + throw new IssuerNotTrustedException(issuer); + } + } + catch (Exception e) + { + throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); + } + } + + protected ResponseType decryptAssertion(ResponseType responseType) + { + throw new RuntimeException("This authenticator does not handle encryption"); + } + + /** + * Handle the SAMLResponse from the IDP + * @param request entire request from IDP + * @param responseType ResponseType that has been generated + * @param serverEnvironment tomcat,jboss etc + * @return + * @throws AssertionExpiredException + */ + @SuppressWarnings("unchecked") + public Principal handleSAMLResponse(HttpServletRequest request, ResponseType responseType) + throws ConfigurationException, AssertionExpiredException + { + if(request == null) + throw new IllegalArgumentException("request is null"); + if(responseType == null) + throw new IllegalArgumentException("response type is null"); + + StatusType statusType = responseType.getStatus(); + if(statusType == null) + throw new IllegalArgumentException("Status Type from the IDP is null"); + + String statusValue = statusType.getStatusCode().getValue(); + if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) + throw new SecurityException("IDP forbid the user"); + + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + AssertionType assertion = (AssertionType)assertions.get(0); + //Check for validity of assertion + boolean expiredAssertion = AssertionUtil.hasExpired(assertion); + if(expiredAssertion) + throw new AssertionExpiredException(); + + SubjectType subject = assertion.getSubject(); + JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + NameIDType nameID = jnameID.getValue(); + final String userName = nameID.getValue(); + List<String> roles = new ArrayList<String>(); + + //Let us get the roles + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); + List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); + for(Object obj:attList) + { + AttributeType attr = (AttributeType) obj; + String roleName = (String) attr.getAttributeValue().get(0); + roles.add(roleName); + } + + Principal principal = new Principal() + { + public String getName() + { + return userName; + } + }; + + //Validate the roles + boolean validRole = roleValidator.userInRole(principal, roles); + if(!validRole) + { + if(trace) + log.trace("Invalid role:" + roles); + principal = null; + } + return principal; + } + + private boolean isNotNull(String str) + { + return str != null && !"".equals(str); + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2 (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2) Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,100 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.openid; - -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * HTTP Context for OpenID - * @author Anil.Saldhana(a)redhat.com - * @since Jul 6, 2009 - */ -public class HTTPOpenIDContext -{ - private HttpServletRequest request; - private HttpServletResponse response; - - private String returnURL; - private ServletContext servletContext; - - public HTTPOpenIDContext() - { - } - - public HTTPOpenIDContext(HttpServletRequest httpReq, HttpServletResponse httpResp, - ServletContext sctx) - { - this.request = httpReq; - this.response = httpResp; - this.servletContext = sctx; - } - - - public HttpServletRequest getRequest() - { - return request; - } - - public HttpServletResponse getResponse() - { - return response; - } - - public String getReturnURL() - { - return returnURL; - } - - - public ServletContext getServletContext() - { - return servletContext; - } - - //Setters - - public HTTPOpenIDContext setRequest(HttpServletRequest req) - { - this.request = req; - return this; - } - - public HTTPOpenIDContext setResponse(HttpServletResponse resp) - { - this.response = resp; - return this; - } - - public HTTPOpenIDContext setReturnURL(String url) - { - this.returnURL = url; - return this; - } - - public HTTPOpenIDContext setServletContext(ServletContext sctx) - { - this.servletContext = sctx; - return this; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,57 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.openid; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.identity.federation.web.core.HTTPContext; + +/** + * HTTP Context for OpenID + * @author Anil.Saldhana(a)redhat.com + * @since Jul 6, 2009 + */ +public class HTTPOpenIDContext extends HTTPContext +{ + private String returnURL; + + public HTTPOpenIDContext(HttpServletRequest httpReq, HttpServletResponse httpResp, + ServletContext sctx) + { + super(httpReq, httpResp, sctx); + } + + public String getReturnURL() + { + return returnURL; + } + + //Setters + + public HTTPOpenIDContext setReturnURL(String url) + { + this.returnURL = url; + return this; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,179 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.servlets; - -import java.io.IOException; -import java.security.Principal; - -import javax.security.auth.login.LoginException; -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.jboss.identity.federation.web.handlers.DefaultLoginHandler; -import org.jboss.identity.federation.web.interfaces.ILoginHandler; - -/** - * Handles login at the IDP - * @author Anil.Saldhana(a)redhat.com - * @since Aug 21, 2009 - */ -public class IDPLoginServlet extends HttpServlet -{ - private static final long serialVersionUID = 1L; - private transient ServletContext context; - private String USERNAME_FIELD = "JBID_USERNAME"; - private String PASS_FIELD = "JBID_PASSWORD"; - private transient ILoginHandler loginHandler = null; - - @Override - protected void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException - { - HttpSession session = request.getSession(); - - //Check if we are already authenticated - Principal principal = (Principal) session.getAttribute(IDPServlet.PRINCIPAL_ID); - if(principal != null) - { - this.saveRequest(request, session); - redirectToIDP(request,response); - return; - } - - final String username = request.getParameter(USERNAME_FIELD); - String passwd = request.getParameter(PASS_FIELD); - - if(username == null || passwd == null) - { - String samlMessage = request.getParameter("SAMLRequest"); - - if(samlMessage == null || "".equals(samlMessage)) - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - - log("No username or password found. Redirecting to login page"); - this.saveRequest(request, session); - - if(response.isCommitted()) - throw new RuntimeException("Response is committed. Cannot forward to login page."); - - this.redirectToLoginPage(request, response); - } - else - { - //we have the username and password - try - { - boolean isValid = loginHandler.authenticate(username, passwd); - if(!isValid) - { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; - } - - session.setAttribute(IDPServlet.PRINCIPAL_ID, new Principal() - { - public String getName() - { - return username; - } - }); - - - this.redirectToIDP(request, response); - return; - } - catch (LoginException e) - { - log("Exception logging in :", e); - //TODO: Send back invalid user SAML - response.sendError(HttpServletResponse.SC_FORBIDDEN); - } - } - } - - @Override - public void init(ServletConfig config) throws ServletException - { - super.init(config); - this.context = config.getServletContext(); - //Users can customize the username and password fields of their html forms here - String userNameField = config.getInitParameter("USERNAME_FIELD"); - if(userNameField != null && userNameField.length() > 0) - USERNAME_FIELD = userNameField; - - String pwdField = config.getInitParameter("PASSWORD_FIELD"); - if(pwdField != null && pwdField.length() > 0) - PASS_FIELD = pwdField; - - String loginClass = config.getInitParameter("loginClass"); - if(loginClass == null || loginClass.length() == 0) - loginClass = DefaultLoginHandler.class.getName(); - //Lets set up the login class - try - { - Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(loginClass); - loginHandler = (ILoginHandler) clazz.newInstance(); - } - catch (Exception e) - { - throw new ServletException(e); - } - } - - private void saveRequest(HttpServletRequest request, HttpSession session) - { - //Save the SAMLRequest and relayState - session.setAttribute("SAMLRequest", request.getParameter("SAMLRequest")); - String relayState = request.getParameter("RelayState"); - if(relayState != null && !"".equals(relayState)) - session.setAttribute("RelayState", relayState ); - session.setAttribute("Referer", request.getHeader("Referer")); - } - - private void redirectToIDP(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException - { - RequestDispatcher dispatch = context.getRequestDispatcher("/IDPServlet"); - if(dispatch == null) - log("Cannot dispatch to the IDP Servlet"); - else - dispatch.forward(request, response); - return; - } - - private void redirectToLoginPage(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException - { - RequestDispatcher dispatch = context.getRequestDispatcher("/jsp/login.jsp"); - if(dispatch == null) - log("Cannot find the login page"); - else - dispatch.forward(request, response); - return; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,176 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.servlets; + +import java.io.IOException; +import java.security.Principal; + +import javax.security.auth.login.LoginException; +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.handlers.DefaultLoginHandler; +import org.jboss.identity.federation.web.interfaces.ILoginHandler; + +/** + * Handles login at the IDP + * @author Anil.Saldhana(a)redhat.com + * @since Aug 21, 2009 + */ +public class IDPLoginServlet extends HttpServlet +{ + private static final long serialVersionUID = 1L; + private transient ServletContext context; + private transient ILoginHandler loginHandler = null; + + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException + { + HttpSession session = request.getSession(); + + //Check if we are already authenticated + Principal principal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); + if(principal != null) + { + this.saveRequest(request, session); + redirectToIDP(request,response); + return; + } + + final String username = request.getParameter(GeneralConstants.USERNAME_FIELD); + String passwd = request.getParameter(GeneralConstants.PASS_FIELD); + + if(username == null || passwd == null) + { + String samlMessage = request.getParameter("SAMLRequest"); + + if(samlMessage == null || "".equals(samlMessage)) + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + + log("No username or password found. Redirecting to login page"); + this.saveRequest(request, session); + + if(response.isCommitted()) + throw new RuntimeException("Response is committed. Cannot forward to login page."); + + this.redirectToLoginPage(request, response); + } + else + { + //we have the username and password + try + { + boolean isValid = loginHandler.authenticate(username, passwd); + if(!isValid) + { + response.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + + session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal() + { + public String getName() + { + return username; + } + }); + + + this.redirectToIDP(request, response); + return; + } + catch (LoginException e) + { + log("Exception logging in :", e); + //TODO: Send back invalid user SAML + response.sendError(HttpServletResponse.SC_FORBIDDEN); + } + } + } + + @Override + public void init(ServletConfig config) throws ServletException + { + super.init(config); + this.context = config.getServletContext(); + + String loginClass = config.getInitParameter("loginClass"); + if(loginClass == null || loginClass.length() == 0) + loginClass = DefaultLoginHandler.class.getName(); + //Lets set up the login class + try + { + Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(loginClass); + loginHandler = (ILoginHandler) clazz.newInstance(); + } + catch (Exception e) + { + throw new ServletException(e); + } + } + + public void testPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException + { + this.doPost(request, response); + } + + private void saveRequest(HttpServletRequest request, HttpSession session) + { + //Save the SAMLRequest and relayState + session.setAttribute("SAMLRequest", request.getParameter("SAMLRequest")); + String relayState = request.getParameter("RelayState"); + if(relayState != null && !"".equals(relayState)) + session.setAttribute("RelayState", relayState ); + session.setAttribute("Referer", request.getHeader("Referer")); + } + + private void redirectToIDP(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException + { + RequestDispatcher dispatch = context.getRequestDispatcher("/IDPServlet"); + if(dispatch == null) + log("Cannot dispatch to the IDP Servlet"); + else + dispatch.forward(request, response); + return; + } + + private void redirectToLoginPage(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException + { + RequestDispatcher dispatch = context.getRequestDispatcher("/jsp/login.jsp"); + if(dispatch == null) + log("Cannot find the login page"); + else + dispatch.forward(request, response); + return; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,445 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.servlets; - -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.Principal; -import java.security.PublicKey; -import java.util.ArrayList; -import java.util.List; -import java.util.StringTokenizer; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.jboss.identity.federation.core.config.IDPType; -import org.jboss.identity.federation.core.config.KeyProviderType; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.impl.DelegatedAttributeManager; -import org.jboss.identity.federation.core.interfaces.AttributeManager; -import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; -import org.jboss.identity.federation.core.interfaces.TrustKeyManager; -import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.web.interfaces.RoleGenerator; -import org.jboss.identity.federation.web.roles.DefaultRoleGenerator; -import org.jboss.identity.federation.web.util.ConfigurationUtil; -import org.jboss.identity.federation.web.util.IDPWebRequestUtil; -import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil; -import org.w3c.dom.Document; - -/** - * SAML Web Browser SSO - POST binding - * @author Anil.Saldhana(a)redhat.com - * @since Aug 13, 2009 - */ -public class IDPServlet extends HttpServlet -{ - private static final long serialVersionUID = 1L; - private static Logger log = Logger.getLogger(IDPServlet.class); - private boolean trace = log.isTraceEnabled(); - - public static final String PRINCIPAL_ID = "jboss_identity.principal"; - public static final String ROLES_ID = "jboss_identity.roles"; - - protected transient IDPType idpConfiguration = null; - - private transient RoleGenerator rg = new DefaultRoleGenerator(); - - private transient DelegatedAttributeManager attribManager = new DelegatedAttributeManager(); - - private List<String> attributeKeys = new ArrayList<String>(); - - private long assertionValidity = 5000; // 5 seconds in miliseconds - - private String identityURL = null; - - private transient TrustKeyManager keyManager; - - private Boolean ignoreIncomingSignatures = true; - - private Boolean signOutgoingMessages = true; - - private transient ServletContext context = null; - - public Boolean getIgnoreIncomingSignatures() - { - return ignoreIncomingSignatures; - } - - @Override - public void init(ServletConfig config) throws ServletException - { - super.init(config); - String configFile = "/WEB-INF/jboss-idfed.xml"; - context = config.getServletContext(); - InputStream is = context.getResourceAsStream(configFile); - if(is == null) - throw new RuntimeException(configFile + " missing"); - try - { - idpConfiguration = ConfigurationUtil.getIDPConfiguration(is); - this.identityURL = idpConfiguration.getIdentityURL(); - log.trace("Identity Provider URL=" + this.identityURL); - this.assertionValidity = idpConfiguration.getAssertionValidity(); - - //Get the attribute manager - String attributeManager = idpConfiguration.getAttributeManager(); - if(attributeManager != null && !"".equals(attributeManager)) - { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - AttributeManager delegate = (AttributeManager) tcl.loadClass(attributeManager).newInstance(); - this.attribManager.setDelegate(delegate); - } - } - catch (Exception e) - { - throw new RuntimeException(e); - } - if(this.signOutgoingMessages) - { - KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider(); - if(keyProvider == null) - throw new RuntimeException("Key Provider is null for context=" + context.getContextPath()); - - try - { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - String keyManagerClassName = keyProvider.getClassName(); - if(keyManagerClassName == null) - throw new RuntimeException("KeyManager class name is null"); - - Class<?> clazz = tcl.loadClass(keyManagerClassName); - this.keyManager = (TrustKeyManager) clazz.newInstance(); - keyManager.setAuthProperties(keyProvider.getAuth()); - keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); - } - catch(Exception e) - { - log.error("Exception reading configuration:",e); - throw new RuntimeException(e.getLocalizedMessage()); - } - if(trace) - log.trace("Key Provider=" + keyProvider.getClassName()); - } - - //handle the role generator - String rgString = config.getInitParameter("ROLE_GENERATOR"); - if(rgString != null && !"".equals(rgString)) - this.setRoleGenerator(rgString); - - //Get a list of attributes we are interested in - String attribList = config.getInitParameter("ATTRIBUTE_KEYS"); - if(attribList != null && !"".equals(attribList)) - { - StringTokenizer st = new StringTokenizer(attribList,","); - while(st != null && st.hasMoreTokens()) - { - this.attributeKeys.add(st.nextToken()); - } - } - } - - @SuppressWarnings("unchecked") - @Override - protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - //Some issue with filters and servlets - HttpSession session = request.getSession(false); - - String samlMessage = (String) session.getAttribute("SAMLRequest"); - String relayState = (String) session.getAttribute("RelayState"); - - String referer = request.getHeader("Referer"); - - //See if the user has already been authenticated - Principal userPrincipal = (Principal) session.getAttribute(PRINCIPAL_ID); - - if(userPrincipal == null) - { - //The sys admin has not set up the login servlet filters for the IDP - if(trace) - log.trace("Login Filters have not been configured"); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } - - - IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, - idpConfiguration, keyManager); - webRequestUtil.setAttributeManager(this.attribManager); - webRequestUtil.setAttributeKeys(attributeKeys); - - if(userPrincipal != null) - { - if(trace) - { - log.trace("Retrieved saml message and relay state from session"); - log.trace("saml message=" + samlMessage + "::relay state="+ relayState); - } - session.removeAttribute("SAMLRequest"); - - if(relayState != null && relayState.length() > 0) - session.removeAttribute("RelayState"); - - //Send valid saml response after processing the request - if(samlMessage != null) - { - //Get the SAML Request Message - RequestAbstractType requestAbstractType = null; - Document samlResponse = null; - String destination = null; - try - { - requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); - boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile(); - boolean isValid = validate(request.getRemoteAddr(), - request.getQueryString(), - new SessionHolder(samlMessage, null), isPost); - - if(!isValid) - throw new GeneralSecurityException("Validation check failed"); - - webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue()); - - - List<String> roles = (List<String>) session.getAttribute(ROLES_ID); - if(roles == null) - { - roles = rg.generateRoles(userPrincipal); - session.setAttribute(ROLES_ID, roles); - } - - - if(trace) - log.trace("Roles have been determined:Creating response"); - - AuthnRequestType art = (AuthnRequestType) requestAbstractType; - destination = art.getAssertionConsumerServiceURL(); - - samlResponse = - webRequestUtil.getResponse(destination, - userPrincipal, roles, - this.identityURL, this.assertionValidity, this.signOutgoingMessages); - } - catch (IssuerNotTrustedException e) - { - if(trace) log.trace(e); - - samlResponse = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(), - this.identityURL, this.signOutgoingMessages); - } - catch (ParsingException e) - { - if(trace) log.trace(e); - - samlResponse = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL, this.signOutgoingMessages); - } - catch (ConfigurationException e) - { - if(trace) log.trace(e); - - samlResponse = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL, this.signOutgoingMessages); - } - catch (IssueInstantMissingException e) - { - if(trace) log.trace(e); - - samlResponse = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL, this.signOutgoingMessages); - } - catch(GeneralSecurityException e) - { - if(trace) log.trace(e); - - samlResponse = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL, this.signOutgoingMessages); - } - finally - { - try - { - if(samlResponse == null) - throw new ServletException("SAML Response has not been generated"); - - if(this.signOutgoingMessages) - webRequestUtil.send(samlResponse, destination,relayState, response, true, - this.keyManager.getSigningKey()); - else - webRequestUtil.send(samlResponse, destination, relayState, response, false,null); - } - catch (ParsingException e) - { - if(trace) log.trace(e); - } - catch (GeneralSecurityException e) - { - if(trace) log.trace(e); - } - } - return; - } - else - { - log.error("No SAML Request Message"); - if(trace) log.trace("Referer="+referer); - - try - { - sendErrorResponseToSP(referer, response, relayState, webRequestUtil); - } - catch (ConfigurationException e) - { - if(trace) log.trace(e); - } - } - } - } - - protected void sendErrorResponseToSP(String referrer, HttpServletResponse response, String relayState, - IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException - { - if(trace) log.trace("About to send error response to SP:" + referrer); - - Document samlResponse = - webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(), - this.identityURL, this.signOutgoingMessages); - try - { - if(this.signOutgoingMessages) - webRequestUtil.send(samlResponse, referrer, relayState, response, true, - this.keyManager.getSigningKey()); - else - webRequestUtil.send(samlResponse, referrer, relayState, response, false,null); - } - catch (ParsingException e1) - { - throw new ServletException(e1); - } - catch (GeneralSecurityException e) - { - throw new ServletException(e); - } - } - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException - { - resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED); - } - - - protected static class SessionHolder - { - String samlRequest; - String signature; - - public SessionHolder(String req, String sig) - { - this.samlRequest = req; - this.signature = sig; - } - } - - protected boolean validate(String remoteAddress, - String queryString, - SessionHolder holder, boolean isPost) throws IOException, GeneralSecurityException - { - if (holder.samlRequest == null || holder.samlRequest.length() == 0) - { - return false; - } - - if (!this.ignoreIncomingSignatures && !isPost) - { - String sig = holder.signature; - if (sig == null || sig.length() == 0) - { - log.error("Signature received from SP is null:" + remoteAddress); - return false; - } - - //Check if there is a signature - byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); - if(sigValue == null) - return false; - - PublicKey validatingKey; - try - { - validatingKey = keyManager.getValidatingKey(remoteAddress); - } - catch (TrustKeyConfigurationException e) - { - throw new GeneralSecurityException(e.getCause()); - } - catch (TrustKeyProcessingException e) - { - throw new GeneralSecurityException(e.getCause()); - } - - return RedirectBindingSignatureUtil.validateSignature(queryString, validatingKey, sigValue); - } - else - { - //Post binding no signature verification. The SAML message signature is verified - return true; - } - } - - private void setRoleGenerator(String rgName) - { - try - { - Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(rgName); - rg = (RoleGenerator) clazz.newInstance(); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,619 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.servlets; + +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.Principal; +import java.security.PublicKey; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.StringTokenizer; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.core.config.IDPType; +import org.jboss.identity.federation.core.config.KeyProviderType; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.impl.DelegatedAttributeManager; +import org.jboss.identity.federation.core.interfaces.AttributeManager; +import org.jboss.identity.federation.core.interfaces.ProtocolContext; +import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; +import org.jboss.identity.federation.core.interfaces.TrustKeyManager; +import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE; +import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; +import org.jboss.identity.federation.web.interfaces.RoleGenerator; +import org.jboss.identity.federation.web.roles.DefaultRoleGenerator; +import org.jboss.identity.federation.web.util.ConfigurationUtil; +import org.jboss.identity.federation.web.util.IDPWebRequestUtil; +import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil; +import org.w3c.dom.Document; + +/** + * SAML Web Browser SSO - POST binding + * @author Anil.Saldhana(a)redhat.com + * @since Aug 13, 2009 + */ +public class IDPServlet extends HttpServlet +{ + private static final long serialVersionUID = 1L; + private static Logger log = Logger.getLogger(IDPServlet.class); + private boolean trace = log.isTraceEnabled(); + + protected transient IDPType idpConfiguration = null; + + private transient RoleGenerator rg = new DefaultRoleGenerator(); + + private transient DelegatedAttributeManager attribManager = new DelegatedAttributeManager(); + + private List<String> attributeKeys = new ArrayList<String>(); + + private long assertionValidity = 5000; // 5 seconds in miliseconds + + private String identityURL = null; + + private transient TrustKeyManager keyManager; + + private Boolean ignoreIncomingSignatures = true; + + private Boolean signOutgoingMessages = true; + + private transient ServletContext context = null; + + private transient SAML2HandlerChain chain = null; + + public Boolean getIgnoreIncomingSignatures() + { + return ignoreIncomingSignatures; + } + + @Override + public void init(ServletConfig config) throws ServletException + { + Handlers handlers = null; + super.init(config); + String configFile = "/WEB-INF/jboss-idfed.xml"; + context = config.getServletContext(); + InputStream is = context.getResourceAsStream(configFile); + if(is == null) + throw new RuntimeException(configFile + " missing"); + + //Get the chain from config + chain = new DefaultSAML2HandlerChain(); + + try + { + idpConfiguration = ConfigurationUtil.getIDPConfiguration(is); + this.identityURL = idpConfiguration.getIdentityURL(); + log.trace("Identity Provider URL=" + this.identityURL); + this.assertionValidity = idpConfiguration.getAssertionValidity(); + + //Get the attribute manager + String attributeManager = idpConfiguration.getAttributeManager(); + if(attributeManager != null && !"".equals(attributeManager)) + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + AttributeManager delegate = (AttributeManager) tcl.loadClass(attributeManager).newInstance(); + this.attribManager.setDelegate(delegate); + } + + //Get the handlers + handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml")); + chain.addAll(HandlerUtil.getHandlers(handlers)); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + + //Handle the sign outgoing messages + String signOutgoingString = config.getInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES); + if(signOutgoingString != null && !"".equals(signOutgoingString)) + this.signOutgoingMessages = Boolean.parseBoolean(signOutgoingString); + + + if(this.signOutgoingMessages) + { + KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider(); + if(keyProvider == null) + throw new RuntimeException("Key Provider is null for context=" + context.getContextPath()); + + try + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + String keyManagerClassName = keyProvider.getClassName(); + if(keyManagerClassName == null) + throw new RuntimeException("KeyManager class name is null"); + + Class<?> clazz = tcl.loadClass(keyManagerClassName); + this.keyManager = (TrustKeyManager) clazz.newInstance(); + keyManager.setAuthProperties(keyProvider.getAuth()); + keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); + } + catch(Exception e) + { + log.error("Exception reading configuration:",e); + throw new RuntimeException(e.getLocalizedMessage()); + } + if(trace) + log.trace("Key Provider=" + keyProvider.getClassName()); + } + + //handle the role generator + String rgString = config.getInitParameter(GeneralConstants.ROLE_GENERATOR); + if(rgString != null && !"".equals(rgString)) + this.setRoleGenerator(rgString); + + //Get a list of attributes we are interested in + String attribList = config.getInitParameter(GeneralConstants.ATTRIBUTE_KEYS); + if(attribList != null && !"".equals(attribList)) + { + StringTokenizer st = new StringTokenizer(attribList,","); + while(st != null && st.hasMoreTokens()) + { + this.attributeKeys.add(st.nextToken()); + } + } + } + + + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + //Some issue with filters and servlets + HttpSession session = request.getSession(false); + + String samlRequestMessage = (String) session.getAttribute("SAMLRequest"); + String samlResponseMessage = (String) session.getAttribute("SAMLResponse"); + String relayState = (String) session.getAttribute("RelayState"); + + String referer = request.getHeader("Referer"); + + //See if the user has already been authenticated + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); + + if(userPrincipal == null) + { + //The sys admin has not set up the login servlet filters for the IDP + if(trace) + log.trace("Login Filters have not been configured"); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + + IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, + idpConfiguration, keyManager); + webRequestUtil.setAttributeManager(this.attribManager); + webRequestUtil.setAttributeKeys(attributeKeys); + + if(userPrincipal != null) + { + if(trace) + { + log.trace("Retrieved saml message and relay state from session"); + log.trace("saml Request message=" + samlRequestMessage + "::relay state="+ relayState); + log.trace("saml Response message=" + samlResponseMessage + "::relay state="+ relayState); + } + session.removeAttribute("SAMLRequest"); + session.removeAttribute("SAMLResponse"); + + if(relayState != null && relayState.length() > 0) + session.removeAttribute("RelayState"); + + SAML2Object samlObject = null; + String destination = null; + Document samlResponse = null; + + if(samlResponseMessage != null) + { + StatusResponseType statusResponseType = null; + try + { + samlObject = webRequestUtil.getSAMLObject(samlResponseMessage); + + boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile(); + boolean isValid = validate(request.getRemoteAddr(), + request.getQueryString(), + new SessionHolder(samlResponseMessage, null), isPost); + + if(!isValid) + throw new GeneralSecurityException("Validation check failed"); + + String issuer = null; + IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + idpIssuer.getIssuer(), samlObject, + HANDLER_TYPE.IDP); + saml2HandlerRequest.setRelayState(relayState); + + Map<String, Object> requestOptions = new HashMap<String, Object>(); + requestOptions.put("ROLE_GENERATOR", rg); + saml2HandlerRequest.setOptions(requestOptions); + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + Set<SAML2Handler> handlers = chain.handlers(); + + if(samlObject instanceof StatusResponseType) + { + statusResponseType = (StatusResponseType) samlObject; + issuer = statusResponseType.getIssuer().getValue(); + webRequestUtil.isTrusted(issuer); + + if(handlers != null) + { + for(SAML2Handler handler: handlers) + { + handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse); + } + } + } + else + throw new RuntimeException("Unknown type:" + samlObject.getClass().getName()); + + samlResponse = saml2HandlerResponse.getResultingDocument(); + relayState = saml2HandlerResponse.getRelayState(); + + destination = saml2HandlerResponse.getDestination(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + + } + else + //Send valid saml response after processing the request + if(samlRequestMessage != null) + { + //Get the SAML Request Message + RequestAbstractType requestAbstractType = null; + StatusResponseType statusResponseType = null; + + try + { + samlObject = webRequestUtil.getSAMLObject(samlRequestMessage); + + boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile(); + boolean isValid = validate(request.getRemoteAddr(), + request.getQueryString(), + new SessionHolder(samlRequestMessage, null), isPost); + + if(!isValid) + throw new GeneralSecurityException("Validation check failed"); + + String issuer = null; + IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + idpIssuer.getIssuer(), samlObject, + HANDLER_TYPE.IDP); + saml2HandlerRequest.setRelayState(relayState); + + Map<String, Object> requestOptions = new HashMap<String, Object>(); + requestOptions.put(GeneralConstants.ROLE_GENERATOR, rg); + requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY, this.assertionValidity); + requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration); + Map<String,Object> attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys); + requestOptions.put(GeneralConstants.ATTRIBUTES, attribs); + + saml2HandlerRequest.setOptions(requestOptions); + + List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); + if(roles == null) + { + roles = rg.generateRoles(userPrincipal); + session.setAttribute(GeneralConstants.ROLES_ID, roles); + } + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + Set<SAML2Handler> handlers = chain.handlers(); + + if(samlObject instanceof RequestAbstractType) + { + requestAbstractType = (RequestAbstractType) samlObject; + issuer = requestAbstractType.getIssuer().getValue(); + webRequestUtil.isTrusted(issuer); + + if(handlers != null) + { + for(SAML2Handler handler: handlers) + { + handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse); + } + } + } + else + throw new RuntimeException("Unknown type:" + samlObject.getClass().getName()); + + samlResponse = saml2HandlerResponse.getResultingDocument(); + relayState = saml2HandlerResponse.getRelayState(); + + destination = saml2HandlerResponse.getDestination(); + + + //requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); + + + /*//RequestAbstractType + if(requestAbstractType != null) + { + List<String> roles = (List<String>) session.getAttribute(ROLES_ID); + if(roles == null) + { + roles = rg.generateRoles(userPrincipal); + session.setAttribute(ROLES_ID, roles); + } + + if(trace) + log.trace("Roles have been determined:Creating response"); + + if(requestAbstractType instanceof LogoutRequestType) + { + LogoutRequestType lot = (LogoutRequestType) requestAbstractType; + + } + + AuthnRequestType art = (AuthnRequestType) requestAbstractType; + destination = art.getAssertionConsumerServiceURL(); + + samlResponse = + webRequestUtil.getResponse(destination, + userPrincipal, roles, + this.identityURL, this.assertionValidity, this.signOutgoingMessages); + } + else + { + //status response type + }*/ + } + catch (IssuerNotTrustedException e) + { + if(trace) log.trace(e); + + samlResponse = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(), + this.identityURL, this.signOutgoingMessages); + } + catch (ParsingException e) + { + if(trace) log.trace(e); + + samlResponse = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL, this.signOutgoingMessages); + } + catch (ConfigurationException e) + { + if(trace) log.trace(e); + + samlResponse = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL, this.signOutgoingMessages); + } + catch (IssueInstantMissingException e) + { + if(trace) log.trace(e); + + samlResponse = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL, this.signOutgoingMessages); + } + catch(GeneralSecurityException e) + { + if(trace) log.trace(e); + + samlResponse = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL, this.signOutgoingMessages); + } + + } + else + { + log.error("No SAML Request Message"); + if(trace) log.trace("Referer="+referer); + + try + { + sendErrorResponseToSP(referer, response, relayState, webRequestUtil); + return; + } + catch (ConfigurationException e) + { + if(trace) log.trace(e); + } + } + + try + { + if(samlResponse == null) + throw new ServletException("SAML Response has not been generated"); + + if(this.signOutgoingMessages) + webRequestUtil.send(samlResponse, destination,relayState, response, true, + this.keyManager.getSigningKey()); + else + webRequestUtil.send(samlResponse, destination, relayState, response, false,null); + } + catch (ParsingException e) + { + if(trace) log.trace(e); + } + catch (GeneralSecurityException e) + { + if(trace) log.trace(e); + } + + return; + } + } + + protected void sendErrorResponseToSP(String referrer, HttpServletResponse response, String relayState, + IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException + { + if(trace) log.trace("About to send error response to SP:" + referrer); + + Document samlResponse = + webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(), + this.identityURL, this.signOutgoingMessages); + try + { + if(this.signOutgoingMessages) + webRequestUtil.send(samlResponse, referrer, relayState, response, true, + this.keyManager.getSigningKey()); + else + webRequestUtil.send(samlResponse, referrer, relayState, response, false,null); + } + catch (ParsingException e1) + { + throw new ServletException(e1); + } + catch (GeneralSecurityException e) + { + throw new ServletException(e); + } + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException + { + resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED); + } + + + protected static class SessionHolder + { + String samlRequest; + String signature; + + public SessionHolder(String req, String sig) + { + this.samlRequest = req; + this.signature = sig; + } + } + + protected boolean validate(String remoteAddress, + String queryString, + SessionHolder holder, boolean isPost) throws IOException, GeneralSecurityException + { + if (holder.samlRequest == null || holder.samlRequest.length() == 0) + { + return false; + } + + if (!this.ignoreIncomingSignatures && !isPost) + { + String sig = holder.signature; + if (sig == null || sig.length() == 0) + { + log.error("Signature received from SP is null:" + remoteAddress); + return false; + } + + //Check if there is a signature + byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); + if(sigValue == null) + return false; + + PublicKey validatingKey; + try + { + validatingKey = keyManager.getValidatingKey(remoteAddress); + } + catch (TrustKeyConfigurationException e) + { + throw new GeneralSecurityException(e.getCause()); + } + catch (TrustKeyProcessingException e) + { + throw new GeneralSecurityException(e.getCause()); + } + + return RedirectBindingSignatureUtil.validateSignature(queryString, validatingKey, sigValue); + } + else + { + //Post binding no signature verification. The SAML message signature is verified + return true; + } + } + + public void testPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + this.doPost(request, response); + } + + private void setRoleGenerator(String rgName) + { + try + { + Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(rgName); + rg = (RoleGenerator) clazz.newInstance(); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,83 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.util; - -import java.io.InputStream; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Unmarshaller; - -import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; -import org.jboss.identity.federation.core.util.JAXBUtil; -import org.jboss.identity.federation.core.config.IDPType; -import org.jboss.identity.federation.core.config.SPType; -import org.xml.sax.SAXException; - -/** - * @author Anil.Saldhana(a)redhat.com - * @since Aug 21, 2009 - */ -public class ConfigurationUtil -{ - @SuppressWarnings("unchecked") - public static IDPType getIDPConfiguration(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - String schema = "schema/config/jboss-identity-fed.xsd"; - - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - - String pkgName = "org.jboss.identity.federation.core.config"; - Unmarshaller un = null; - if(validate) - un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema); - else - un = JAXBUtil.getUnmarshaller(pkgName); - - JAXBElement<IDPType> jaxbSp = (JAXBElement<IDPType>) un.unmarshal(is); - return jaxbSp.getValue(); - } - - @SuppressWarnings("unchecked") - public static SPType getSPConfiguration(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - String schema = "schema/config/jboss-identity-fed.xsd"; - - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - - String pkgName = "org.jboss.identity.federation.core.config"; - Unmarshaller un = null; - if(validate) - un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema); - else - un = JAXBUtil.getUnmarshaller(pkgName); - - JAXBElement<SPType> jaxbSp = (JAXBElement<SPType>) un.unmarshal(is); - return jaxbSp.getValue(); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,128 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.util; + +import java.io.IOException; +import java.io.InputStream; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; +import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.core.config.IDPType; +import org.jboss.identity.federation.core.config.SPType; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.xml.sax.SAXException; + +/** + * Deals with Configuration + * @author Anil.Saldhana(a)redhat.com + * @since Aug 21, 2009 + */ +public class ConfigurationUtil +{ + /** + * Get the IDP Configuration + * from the passed configuration + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ + @SuppressWarnings("unchecked") + public static IDPType getIDPConfiguration(InputStream is) throws JAXBException, SAXException, IOException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + String schema = "schema/config/jboss-identity-fed.xsd"; + + Unmarshaller un = getUnmarshaller(schema); + + JAXBElement<IDPType> jaxbSp = (JAXBElement<IDPType>) un.unmarshal(is); + return jaxbSp.getValue(); + } + + + /** + * Get the SP Configuration from the + * passed inputstream + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ + @SuppressWarnings("unchecked") + public static SPType getSPConfiguration(InputStream is) throws JAXBException, SAXException, IOException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + String schema = "schema/config/jboss-identity-fed.xsd"; + + Unmarshaller un = getUnmarshaller(schema); + + JAXBElement<SPType> jaxbSp = (JAXBElement<SPType>) un.unmarshal(is); + return jaxbSp.getValue(); + } + + /** + * Get the Handlers from the configuration + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ + @SuppressWarnings("unchecked") + public static Handlers getHandlers(InputStream is) throws JAXBException, SAXException, IOException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + String[] schemas = new String[] { "schema/config/jboss-identity-fed.xsd", + "schema/config/jboss-identity-fed-handler.xsd"}; + + Unmarshaller un = getUnmarshaller(schemas); + JAXBElement<Handlers> handlers = (JAXBElement<Handlers>) un.unmarshal(is); + return handlers.getValue(); + } + + + private static Unmarshaller getUnmarshaller(String... schema) throws JAXBException, SAXException, IOException + { + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + + String[] pkgName = new String[] { IDPType.class.getPackage().getName(), + Handlers.class.getPackage().getName() + } ; + + Unmarshaller un = null; + if(validate) + un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema); + else + un = JAXBUtil.getUnmarshaller(pkgName); + return un; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,465 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.util; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.Principal; -import java.security.PrivateKey; -import java.util.List; -import java.util.Map; -import java.util.StringTokenizer; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactoryConfigurationError; - -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature; -import org.jboss.identity.federation.core.config.IDPType; -import org.jboss.identity.federation.core.config.TrustType; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.interfaces.AttributeManager; -import org.jboss.identity.federation.core.interfaces.TrustKeyManager; -import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.saml.v2.util.StatementUtil; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -/** - * Request Util - * <b> Not thread safe</b> - * @author Anil.Saldhana(a)redhat.com - * @since May 18, 2009 - */ -public class IDPWebRequestUtil -{ - private static Logger log = Logger.getLogger(IDPWebRequestUtil.class); - private boolean trace = log.isTraceEnabled(); - - private boolean redirectProfile = false; - private boolean postProfile = false; - - private IDPType idpConfiguration; - private TrustKeyManager keyManager; - private AttributeManager attributeManager; - private List<String> attribKeys; - - public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym) - { - this.idpConfiguration = idp; - this.keyManager = keym; - this.redirectProfile = "GET".equals(request.getMethod()); - this.postProfile = "POST".equals(request.getMethod()); - } - - public void setAttributeKeys(List<String> attribKeys) - { - this.attribKeys = attribKeys; - } - - public void setAttributeManager(AttributeManager attributeManager) - { - this.attributeManager = attributeManager; - } - - public boolean hasSAMLRequestInRedirectProfile() - { - return redirectProfile; - } - - public boolean hasSAMLRequestInPostProfile() - { - return postProfile; - } - - public RequestAbstractType getSAMLRequest(String samlMessage) - throws ParsingException, IOException - { - InputStream is = null; - SAML2Request saml2Request = new SAML2Request(); - if(redirectProfile) - { - is = RedirectBindingUtil.base64DeflateDecode(samlMessage); - } - else - { - byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); - if(trace) log.trace("SAMLRequest=" + new String(samlBytes)); - is = new ByteArrayInputStream(samlBytes); - } - return saml2Request.getRequestType(is); - } - - - public Document getResponse( String assertionConsumerURL, - Principal userPrincipal, - List<String> roles, - String identityURL, - long assertionValidity, - boolean supportSignature) - throws ConfigurationException, IssueInstantMissingException - { - Document samlResponseDocument = null; - - if(trace) - log.trace("AssertionConsumerURL=" + assertionConsumerURL + - "::assertion validity=" + assertionValidity); - ResponseType responseType = null; - - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); - issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(userPrincipal.getName()); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(assertionConsumerURL); - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - - //Add information on the roles - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); - - AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); - - //Add timed conditions - saml2Response.createTimedConditions(assertion, assertionValidity); - - //Add in the attributes information - if(this.attributeManager != null) - { - try - { - Map<String, Object> attribs = - attributeManager.getAttributes(userPrincipal, this.attribKeys); - AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement); - } - catch(Exception e) - { - log.error("Exception in generating attributes:",e); - } - } - - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } - log.trace("Response="+sw.toString()); - } - - if(trace) - log.trace("Support Sig=" + supportSignature + " ::Post Profile?=" + hasSAMLRequestInPostProfile()); - if(supportSignature && hasSAMLRequestInPostProfile()) - { - try - { - SAML2Signature saml2Signature = new SAML2Signature(); - samlResponseDocument = saml2Signature.sign(responseType, keyManager.getSigningKeyPair()); - } - catch (Exception e) - { - if(trace) log.trace(e); - } - } - else - try - { - samlResponseDocument = saml2Response.convert(responseType); - } - catch (Exception e) - { - log.trace(e); - } - - return samlResponseDocument; - } - - - - /** - * Verify that the issuer is trusted - * @param issuer - * @throws IssuerNotTrustedException - */ - public void isTrusted(String issuer) throws IssuerNotTrustedException - { - if(idpConfiguration == null) - throw new IllegalStateException("IDP Configuration is null"); - try - { - String issuerDomain = getDomain(issuer); - TrustType idpTrust = idpConfiguration.getTrust(); - if(idpTrust != null) - { - String domainsTrusted = idpTrust.getDomains(); - if(trace) - log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); - if(domainsTrusted.indexOf(issuerDomain) < 0) - { - //Let us do string parts checking - StringTokenizer st = new StringTokenizer(domainsTrusted, ","); - while(st != null && st.hasMoreTokens()) - { - String uriBit = st.nextToken(); - if(trace) - log.trace("Matching uri bit="+ uriBit); - if(issuerDomain.indexOf(uriBit) > 0) - { - if(trace) - log.trace("Matched " + uriBit + " trust for " + issuerDomain ); - return; - } - } - throw new IssuerNotTrustedException(issuer); - } - } - } - catch (Exception e) - { - throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); - } - } - - /** - * Send a response - * @param responseDoc - * @param relayState - * @param response - * @throws IOException - * @throws GeneralSecurityException - */ - public void send(Document responseDoc, String destination, - String relayState, - HttpServletResponse response, - boolean supportSignature, - PrivateKey signingKey) throws IOException, GeneralSecurityException - { - if(responseDoc == null) - throw new IllegalArgumentException("responseType is null"); - - byte[] responseBytes = null; - try - { - responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8"); - } - catch (TransformerFactoryConfigurationError e) - { - if(trace) log.trace(e); - } - catch (TransformerException e) - { - if(trace) log.trace(e); - } - - if(redirectProfile) - { - String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseBytes); - - if(trace) log.trace("IDP:Destination=" + destination); - - if(relayState != null && relayState.length() > 0) - relayState = RedirectBindingUtil.urlEncode(relayState); - - String finalDest = destination + getDestination(urlEncodedResponse, relayState, - supportSignature); - if(trace) log.trace("Redirecting to="+ finalDest); - HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); - } - else - { - String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes)); - - PostBindingUtil.sendPost(new DestinationInfoHolder(destination, - samlResponse, relayState), response, false); - } - } - - /** - * Generate a Destination URL for the HTTPRedirect binding - * with the saml response and relay state - * @param urlEncodedResponse - * @param urlEncodedRelayState - * @return - */ - public String getDestination(String urlEncodedResponse, String urlEncodedRelayState, - boolean supportSignature) - { - StringBuilder sb = new StringBuilder(); - - if (supportSignature) - { - try - { - sb.append(RedirectBindingSignatureUtil.getSAMLResponseURLWithSignature(urlEncodedResponse, - urlEncodedRelayState, keyManager.getSigningKey())); - } - catch (Exception e) - { - if(trace) log.trace(e); - } - } - else - { - sb.append("?SAMLResponse=").append(urlEncodedResponse); - if (urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) - sb.append("&RelayState=").append(urlEncodedRelayState); - } - return sb.toString(); - } - - /** - * Create an Error Response - * @param responseURL - * @param status - * @param identityURL - * @param supportSignature - * @return - * @throws ConfigurationException - */ - public Document getErrorResponse(String responseURL, String status, - String identityURL, boolean supportSignature) - { - Document samlResponse = null; - ResponseType responseType = null; - - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); - issuerHolder.setStatusCode(status); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(null); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(responseURL); - try - { - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - } - catch (ConfigurationException e1) - { - if(trace) log.trace(e1); - responseType = saml2Response.createResponseType(); - } - - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - log.trace("Error_ResponseType = "); - StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } - log.trace("Response="+sw.toString()); - } - - if(supportSignature) - { - try - { - SAML2Signature ss = new SAML2Signature(); - samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair()); - } - catch (Exception e) - { - if(trace) log.trace(e); - } - } - else - try - { - samlResponse = saml2Response.convert(responseType); - } - catch (Exception e) - { - if(trace) log.trace(e); - } - - return samlResponse; - } - - /** - * Given a SP or IDP issuer from the assertion, return the host - * @param domainURL - * @return - * @throws IOException - */ - private static String getDomain(String domainURL) throws IOException - { - URL url = new URL(domainURL); - return url.getHost(); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,493 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.util; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.Principal; +import java.security.PrivateKey; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature; +import org.jboss.identity.federation.core.config.IDPType; +import org.jboss.identity.federation.core.config.TrustType; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.interfaces.AttributeManager; +import org.jboss.identity.federation.core.interfaces.TrustKeyManager; +import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.StatementUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +/** + * Request Util + * <b> Not thread safe</b> + * @author Anil.Saldhana(a)redhat.com + * @since May 18, 2009 + */ +public class IDPWebRequestUtil +{ + private static Logger log = Logger.getLogger(IDPWebRequestUtil.class); + private boolean trace = log.isTraceEnabled(); + + private boolean redirectProfile = false; + private boolean postProfile = false; + + private IDPType idpConfiguration; + private TrustKeyManager keyManager; + private AttributeManager attributeManager; + private List<String> attribKeys; + + public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym) + { + this.idpConfiguration = idp; + this.keyManager = keym; + this.redirectProfile = "GET".equals(request.getMethod()); + this.postProfile = "POST".equals(request.getMethod()); + } + + public void setAttributeKeys(List<String> attribKeys) + { + this.attribKeys = attribKeys; + } + + public void setAttributeManager(AttributeManager attributeManager) + { + this.attributeManager = attributeManager; + } + + public boolean hasSAMLRequestInRedirectProfile() + { + return redirectProfile; + } + + public boolean hasSAMLRequestInPostProfile() + { + return postProfile; + } + + public SAML2Object getSAMLObject(String samlMessage) + throws ParsingException, IOException + { + InputStream is = null; + SAML2Request saml2Request = new SAML2Request(); + if(redirectProfile) + { + is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + } + else + { + try + { + byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); + if(trace) log.trace("SAMLRequest=" + new String(samlBytes)); + is = new ByteArrayInputStream(samlBytes); + } + catch(Exception rte) + { + if(trace) + log.trace("Error in base64 decoding saml message: "+rte); + throw new ParsingException(rte); + } + } + return saml2Request.getSAML2ObjectFromStream(is); + } + + public RequestAbstractType getSAMLRequest(String samlMessage) + throws ParsingException, IOException + { + InputStream is = null; + SAML2Request saml2Request = new SAML2Request(); + if(redirectProfile) + { + is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + } + else + { + byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); + if(trace) log.trace("SAMLRequest=" + new String(samlBytes)); + is = new ByteArrayInputStream(samlBytes); + } + return saml2Request.getRequestType(is); + } + + + public Document getResponse( String assertionConsumerURL, + Principal userPrincipal, + List<String> roles, + String identityURL, + long assertionValidity, + boolean supportSignature) + throws ConfigurationException, IssueInstantMissingException + { + Document samlResponseDocument = null; + + if(trace) + log.trace("AssertionConsumerURL=" + assertionConsumerURL + + "::assertion validity=" + assertionValidity); + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); + issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(userPrincipal.getName()); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(assertionConsumerURL); + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + + //Add information on the roles + AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + + AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + + //Add timed conditions + saml2Response.createTimedConditions(assertion, assertionValidity); + + //Add in the attributes information + if(this.attributeManager != null) + { + try + { + Map<String, Object> attribs = + attributeManager.getAttributes(userPrincipal, this.attribKeys); + AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement); + } + catch(Exception e) + { + log.error("Exception in generating attributes:",e); + } + } + + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("Response="+sw.toString()); + } + + if(trace) + log.trace("Support Sig=" + supportSignature + " ::Post Profile?=" + hasSAMLRequestInPostProfile()); + if(supportSignature && hasSAMLRequestInPostProfile()) + { + try + { + SAML2Signature saml2Signature = new SAML2Signature(); + samlResponseDocument = saml2Signature.sign(responseType, keyManager.getSigningKeyPair()); + } + catch (Exception e) + { + if(trace) log.trace(e); + } + } + else + try + { + samlResponseDocument = saml2Response.convert(responseType); + } + catch (Exception e) + { + log.trace(e); + } + + return samlResponseDocument; + } + + + + /** + * Verify that the issuer is trusted + * @param issuer + * @throws IssuerNotTrustedException + */ + public void isTrusted(String issuer) throws IssuerNotTrustedException + { + if(idpConfiguration == null) + throw new IllegalStateException("IDP Configuration is null"); + try + { + String issuerDomain = getDomain(issuer); + TrustType idpTrust = idpConfiguration.getTrust(); + if(idpTrust != null) + { + String domainsTrusted = idpTrust.getDomains(); + if(trace) + log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); + if(domainsTrusted.indexOf(issuerDomain) < 0) + { + //Let us do string parts checking + StringTokenizer st = new StringTokenizer(domainsTrusted, ","); + while(st != null && st.hasMoreTokens()) + { + String uriBit = st.nextToken(); + if(trace) + log.trace("Matching uri bit="+ uriBit); + if(issuerDomain.indexOf(uriBit) > 0) + { + if(trace) + log.trace("Matched " + uriBit + " trust for " + issuerDomain ); + return; + } + } + throw new IssuerNotTrustedException(issuer); + } + } + } + catch (Exception e) + { + throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); + } + } + + /** + * Send a response + * @param responseDoc + * @param relayState + * @param response + * @throws IOException + * @throws GeneralSecurityException + */ + public void send(Document responseDoc, String destination, + String relayState, + HttpServletResponse response, + boolean supportSignature, + PrivateKey signingKey) throws IOException, GeneralSecurityException + { + if(responseDoc == null) + throw new IllegalArgumentException("responseType is null"); + + byte[] responseBytes = null; + try + { + responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8"); + } + catch (TransformerFactoryConfigurationError e) + { + if(trace) log.trace(e); + } + catch (TransformerException e) + { + if(trace) log.trace(e); + } + + if(redirectProfile) + { + String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseBytes); + + if(trace) log.trace("IDP:Destination=" + destination); + + if(relayState != null && relayState.length() > 0) + relayState = RedirectBindingUtil.urlEncode(relayState); + + String finalDest = destination + getDestination(urlEncodedResponse, relayState, + supportSignature); + if(trace) log.trace("Redirecting to="+ finalDest); + HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); + } + else + { + String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes)); + + PostBindingUtil.sendPost(new DestinationInfoHolder(destination, + samlResponse, relayState), response, false); + } + } + + /** + * Generate a Destination URL for the HTTPRedirect binding + * with the saml response and relay state + * @param urlEncodedResponse + * @param urlEncodedRelayState + * @return + */ + public String getDestination(String urlEncodedResponse, String urlEncodedRelayState, + boolean supportSignature) + { + StringBuilder sb = new StringBuilder(); + + if (supportSignature) + { + try + { + sb.append(RedirectBindingSignatureUtil.getSAMLResponseURLWithSignature(urlEncodedResponse, + urlEncodedRelayState, keyManager.getSigningKey())); + } + catch (Exception e) + { + if(trace) log.trace(e); + } + } + else + { + sb.append("?SAMLResponse=").append(urlEncodedResponse); + if (urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) + sb.append("&RelayState=").append(urlEncodedRelayState); + } + return sb.toString(); + } + + /** + * Create an Error Response + * @param responseURL + * @param status + * @param identityURL + * @param supportSignature + * @return + * @throws ConfigurationException + */ + public Document getErrorResponse(String responseURL, String status, + String identityURL, boolean supportSignature) + { + Document samlResponse = null; + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); + issuerHolder.setStatusCode(status); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(null); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(responseURL); + try + { + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + } + catch (ConfigurationException e1) + { + if(trace) log.trace(e1); + responseType = saml2Response.createResponseType(); + } + + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + log.trace("Error_ResponseType = "); + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("Response="+sw.toString()); + } + + if(supportSignature) + { + try + { + SAML2Signature ss = new SAML2Signature(); + samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair()); + } + catch (Exception e) + { + if(trace) log.trace(e); + } + } + else + try + { + samlResponse = saml2Response.convert(responseType); + } + catch (Exception e) + { + if(trace) log.trace(e); + } + + return samlResponse; + } + + /** + * Given a SP or IDP issuer from the assertion, return the host + * @param domainURL + * @return + * @throws IOException + */ + private static String getDomain(String domainURL) throws IOException + { + URL url = new URL(domainURL); + return url.getHost(); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -1,110 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.web.util; - -import java.io.IOException; -import java.io.PrintWriter; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.util.Base64; -import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; - -/** - * Utility for the HTTP/Post binding - * @author Anil.Saldhana(a)redhat.com - * @since May 22, 2009 - */ -public class PostBindingUtil -{ - private static Logger log = Logger.getLogger(PostBindingUtil.class); - private static boolean trace = log.isTraceEnabled(); - - public static String base64Encode(String stringToEncode) throws IOException - { - return Base64.encodeBytes(stringToEncode.getBytes("UTF-8"), Base64.DONT_BREAK_LINES); - } - - public static byte[] base64Decode(String encodedString) - { - return Base64.decode(encodedString); - } - - /** - * Send the response to the redirected destination while - * adding the character encoding of "UTF-8" as well as - * adding headers for cache-control and Pragma - * @param destination Destination URI where the response needs to redirect - * @param response HttpServletResponse - * @throws IOException - */ - public static void sendPost(DestinationInfoHolder holder, - HttpServletResponse response, - boolean sendToIDP) - throws IOException - { - String key = sendToIDP ? "SAMLRequest" : "SAMLResponse"; - - String relayState = holder.getRelayState(); - String destination = holder.getDestination(); - String samlMessage = holder.getSamlMessage(); - - response.setContentType("text/html"); - PrintWriter out = response.getWriter(); - common(holder.getDestination(), response); - StringBuilder builder = new StringBuilder(); - - builder.append("<HTML>"); - builder.append("<HEAD>"); - if(sendToIDP) - builder.append("<TITLE>HTTP Post Binding To Identity Provider</TITLE>"); - else - builder.append("<TITLE>HTTP Post Binding Response To Service Provider</TITLE>"); - - builder.append("</HEAD>"); - builder.append("<BODY Onload=\"document.forms[0].submit()\">"); - - builder.append("<FORM METHOD=\"POST\" ACTION=\"" + destination + "\">"); - builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\""+ key +"\"" + " VALUE=\"" + samlMessage - + "\"/>"); - if (relayState != null && relayState.length() > 0) - { - builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\"RelayState\" " + - "VALUE=\"" + relayState + "\"/>"); - } - builder.append("</FORM></BODY></HTML>"); - - String str = builder.toString(); - if(trace) - log.trace(str); - out.println(str); - out.close(); - } - - private static void common(String destination, HttpServletResponse response) - { - response.setCharacterEncoding("UTF-8"); - response.setHeader("Pragma", "no-cache"); - response.setHeader("Cache-Control", "no-cache, no-store"); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java (from rev 828, identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,113 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.util; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.util.Base64; +import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; + +/** + * Utility for the HTTP/Post binding + * @author Anil.Saldhana(a)redhat.com + * @since May 22, 2009 + */ +public class PostBindingUtil +{ + private static Logger log = Logger.getLogger(PostBindingUtil.class); + private static boolean trace = log.isTraceEnabled(); + + public static String base64Encode(String stringToEncode) throws IOException + { + return Base64.encodeBytes(stringToEncode.getBytes("UTF-8"), Base64.DONT_BREAK_LINES); + } + + public static byte[] base64Decode(String encodedString) + { + return Base64.decode(encodedString); + } + + /** + * Send the response to the redirected destination while + * adding the character encoding of "UTF-8" as well as + * adding headers for cache-control and Pragma + * @param destination Destination URI where the response needs to redirect + * @param response HttpServletResponse + * @throws IOException + */ + public static void sendPost(DestinationInfoHolder holder, + HttpServletResponse response, + boolean sendToIDP) + throws IOException + { + String key = sendToIDP ? "SAMLRequest" : "SAMLResponse"; + + String relayState = holder.getRelayState(); + String destination = holder.getDestination(); + String samlMessage = holder.getSamlMessage(); + + if(destination == null) + throw new IllegalStateException("Destination is null"); + + response.setContentType("text/html"); + PrintWriter out = response.getWriter(); + common(holder.getDestination(), response); + StringBuilder builder = new StringBuilder(); + + builder.append("<HTML>"); + builder.append("<HEAD>"); + if(sendToIDP) + builder.append("<TITLE>HTTP Post Binding To Identity Provider</TITLE>"); + else + builder.append("<TITLE>HTTP Post Binding Response To Service Provider</TITLE>"); + + builder.append("</HEAD>"); + builder.append("<BODY Onload=\"document.forms[0].submit()\">"); + + builder.append("<FORM METHOD=\"POST\" ACTION=\"" + destination + "\">"); + builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\""+ key +"\"" + " VALUE=\"" + samlMessage + + "\"/>"); + if (relayState != null && relayState.length() > 0) + { + builder.append("<INPUT TYPE=\"HIDDEN\" NAME=\"RelayState\" " + + "VALUE=\"" + relayState + "\"/>"); + } + builder.append("</FORM></BODY></HTML>"); + + String str = builder.toString(); + if(trace) + log.trace(str); + out.println(str); + out.close(); + } + + private static void common(String destination, HttpServletResponse response) + { + response.setCharacterEncoding("UTF-8"); + response.setHeader("Pragma", "no-cache"); + response.setHeader("Cache-Control", "no-cache, no-store"); + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock (from rev 828, identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow (from rev 828, identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow) Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-web/src/test/resources/saml2 (from rev 828, identity-federation/trunk/jboss-identity-web/src/test/resources/saml2) Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,41 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>circleoftrust</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Circle Of Trust</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>circleoftrust</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,41 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>circleoftrust</artifactId> + <version>1.0.0.beta3.pre</version> + <packaging>war</packaging> + <name>JBoss Identity Federation Circle Of Trust</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>circleoftrust</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>employee</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Web Apps Employee</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>employee</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/employee/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>employee</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Web Apps Employee</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>employee</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,49 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <parent> - <artifactId>jboss-identity-federation-webapps</artifactId> - <groupId>org.jboss.identity</groupId> - <version>1.0.0.beta2-SNAPSHOT</version> - </parent> - <groupId>org.jboss.identity</groupId> - <artifactId>fed-example</artifactId> - <packaging>ear</packaging> - <name>fed-example JEE5 Assembly</name> - <url>http://maven.apache.org</url> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <source>1.5</source> - <target>1.5</target> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-ear-plugin</artifactId> - <version>2.3.2</version> - <configuration> - <version>5</version> - </configuration> - </plugin> - </plugins> - <finalName>fed-example</finalName> - </build> - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>idp-sig-no-val</artifactId> - <version>${project.version}</version> - <type>war</type> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>seam-sp</artifactId> - <version>${project.version}</version> - <type>war</type> - </dependency> - </dependencies> -</project> \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,49 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <artifactId>jboss-identity-federation-webapps</artifactId> + <groupId>org.jboss.identity</groupId> + <version>1.0.0.beta3.pre</version> + </parent> + <groupId>org.jboss.identity</groupId> + <artifactId>fed-example</artifactId> + <packaging>ear</packaging> + <name>fed-example JEE5 Assembly</name> + <url>http://maven.apache.org</url> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <source>1.5</source> + <target>1.5</target> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-ear-plugin</artifactId> + <version>2.3.2</version> + <configuration> + <version>5</version> + </configuration> + </plugin> + </plugins> + <finalName>fed-example</finalName> + </build> + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>idp-sig-no-val</artifactId> + <version>${project.version}</version> + <type>war</type> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>seam-sp</artifactId> + <version>${project.version}</version> + <type>war</type> + </dependency> + </dependencies> +</project> \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,38 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>idp</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Identity Provider</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>idp</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/idp/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>idp</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Identity Provider</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>idp</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>idp-sig</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Identity Provider that supports signature</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>idp-sig</warName> - <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>idp-sig</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Identity Provider that supports signature</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>idp-sig</warName> + <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>idp-sig-no-val</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Identity Provider that supports signature</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>idp-sig-no-val</warName> - <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>idp-sig-no-val</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Identity Provider that supports signature</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>idp-sig-no-val</warName> + <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>idp-standalone</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Identity Provider that supports signature and that is a simple web application that can hosted on any web container</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>idp-standalone</warName> - <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>idp-standalone</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Identity Provider that supports signature and that is a simple web application that can hosted on any web container</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>idp-standalone</warName> + <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-sts</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Security Token Service</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>jboss-sts</warName> -  - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-sts</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Security Token Service</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>jboss-sts</warName> +  + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>metadata</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Metadata</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>metadata</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>metadata</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Metadata</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>metadata</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>openid-consumer</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation OpenID Consumer</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>openid-consumer</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>openid-consumer</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation OpenID Consumer</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>openid-consumer</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>openid-provider</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation OpenID Provider</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>openid-provider</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>openid-provider</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation OpenID Provider</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>openid-provider</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,38 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>pdp</artifactId> - <packaging>war</packaging> - <name>JBoss Identity XACML PDP</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>XACML PDP Web Application for the JBoss Identity Project</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>pdp</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>pdp</artifactId> + <packaging>war</packaging> + <name>JBoss Identity XACML PDP</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>XACML PDP Web Application for the JBoss Identity Project</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>pdp</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,44 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-federation-webapps</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation Web Applications</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Web Applications contains the web - applications for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <modules> - <module>sales</module> - <module>sales-sig</module> - <module>sales-post-sig</module> - <module>sales-standalone</module> - <module>employee</module> - <module>circleoftrust</module> - <module>idp</module> - <module>idp-sig</module> - <module>idp-sig-no-val</module> - <module>idp-standalone</module> - <module>metadata</module> - <module>openid-provider</module> - <module>openid-consumer</module> - <module>jboss-sts</module> - <module>pdp</module> - <module>seam-sp</module> - <module>fed-example</module> - </modules> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,44 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-federation-webapps</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation Web Applications</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Web Applications contains the web + applications for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <modules> + <module>sales</module> + <module>sales-sig</module> + <module>sales-post-sig</module> + <module>sales-standalone</module> + <module>employee</module> + <module>circleoftrust</module> + <module>idp</module> + <module>idp-sig</module> + <module>idp-sig-no-val</module> + <module>idp-standalone</module> + <module>metadata</module> + <module>openid-provider</module> + <module>openid-consumer</module> + <module>jboss-sts</module> + <module>pdp</module> + <module>seam-sp</module> + <module>fed-example</module> + </modules> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,38 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>sales</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Sales</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>sales</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/sales/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>sales</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Sales</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>sales</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,38 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>sales-post-sig</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Sales App with http post signature</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>sales-post-sig</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>sales-post-sig</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Sales App with http post signature</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>sales-post-sig</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,38 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>sales-sig</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Sales with HTTP-Redirect and Signature</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>sales-sig</warName> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>sales-sig</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Sales with HTTP-Redirect and Signature</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>sales-sig</warName> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>sales-standalone</artifactId> - <packaging>war</packaging> - <name>JBoss Identity Federation Sales Application that supports signature and that is a simple web application that can be hosted on any web container</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>sales-standalone</warName> - <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>sales-standalone</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Sales Application that supports signature and that is a simple web application that can be hosted on any web container</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>sales-standalone</warName> + <webappDirectory>${basedir}/src/main/webapp/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,87 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>seam-sp</artifactId> - <packaging>war</packaging> - <name>Seam Service Provider</name> - <dependencyManagement> - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-bindings</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <scope>provided</scope> - </dependency> - </dependencies> - </dependencyManagement> - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-seam</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.seam</groupId> - <artifactId>jboss-seam</artifactId> - <version>2.1.2</version> - <type>ejb</type> - </dependency> - <dependency> - <groupId>org.jboss.seam</groupId> - <artifactId>jboss-seam-ui</artifactId> - <version>2.1.2</version> - </dependency> - <dependency> - <groupId>org.jboss.seam</groupId> - <artifactId>jboss-seam-debug</artifactId> - <version>2.1.2</version> - </dependency> - <dependency> - <groupId>javax.faces</groupId> - <artifactId>jsf-api</artifactId> - <version>1.2</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.jboss.javaee</groupId> - <artifactId>jboss-javaee</artifactId> - <version>5.0.0.CR1</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>javax.el</groupId> - <artifactId>el-api</artifactId> - <version>1.0</version> - <scope>provided</scope> - </dependency> - </dependencies> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>seam-sp</warName> - </configuration> - </plugin> - </plugins> - </build> -</project> \ No newline at end of file Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,87 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>seam-sp</artifactId> + <packaging>war</packaging> + <name>Seam Service Provider</name> + <dependencyManagement> + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>1.0.0.beta3.pre</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>1.0.0.beta3.pre</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-bindings</artifactId> + <version>1.0.0.beta3.pre</version> + <scope>provided</scope> + </dependency> + </dependencies> + </dependencyManagement> + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-seam</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.seam</groupId> + <artifactId>jboss-seam</artifactId> + <version>2.1.2</version> + <type>ejb</type> + </dependency> + <dependency> + <groupId>org.jboss.seam</groupId> + <artifactId>jboss-seam-ui</artifactId> + <version>2.1.2</version> + </dependency> + <dependency> + <groupId>org.jboss.seam</groupId> + <artifactId>jboss-seam-debug</artifactId> + <version>2.1.2</version> + </dependency> + <dependency> + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <version>1.2</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.jboss.javaee</groupId> + <artifactId>jboss-javaee</artifactId> + <version>5.0.0.CR1</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>javax.el</groupId> + <artifactId>el-api</artifactId> + <version>1.0</version> + <scope>provided</scope> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>seam-sp</warName> + </configuration> + </plugin> + </plugins> + </build> +</project> \ No newline at end of file Deleted: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,112 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-xmlsec-model</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation XML Security Model</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation XML Security Model contains the JAXB2 model for W3C XML Signature and XML Encryption specifications.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - <version>1.4.2</version> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml (from rev 829, identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,112 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-xmlsec-model</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation XML Security Model</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation XML Security Model contains the JAXB2 model for W3C XML Signature and XML Encryption specifications.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + <version>1.4.2</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml =================================================================== --- identity-federation/trunk/parent/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,165 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss</groupId> - <artifactId>jboss-parent</artifactId> - <version>4</version> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <packaging>pom</packaging> - <version>1.0.0.beta2-SNAPSHOT</version> - <name>JBoss Identity Federation- Parent</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> - </scm> - - <build> - <plugins> - <plugin> - <artifactId>maven-release-plugin</artifactId> - <configuration> - <tagBase>https://svn.jboss.org/repos/jbossidentity/identity-federation/tags</tagBase> - </configuration> - </plugin> - </plugins> - <pluginManagement> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>true</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - - <repositories> - <repository> - <id>repository.jboss.org</id> - <name>JBoss Repository</name> - <layout>default</layout> - <url>http://repository.jboss.org/maven2/</url> - <snapshots> - <enabled>false</enabled> - </snapshots> - </repository> - - <repository> - <id>snapshots.jboss.org</id> - <name>JBoss Snapshots Repository</name> - <layout>default</layout> - <url>http://snapshots.jboss.org/maven2/</url> - <snapshots> - <enabled>true</enabled> - </snapshots> - <releases> - <enabled>false</enabled> - </releases> - </repository> - </repositories> - - <dependencyManagement> - <dependencies> - <dependency> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.4</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.14</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - <version>1.4.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - <version>1.0.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.persistence</groupId> - <artifactId>persistence-api</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.1.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.1.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbossxacml</artifactId> - <version>2.0.3.SP2</version> - </dependency> - <dependency> - <groupId>org.openid4java</groupId> - <artifactId>openid4java</artifactId> - <version>0.9.5</version> - </dependency> - <dependency> - <groupId>nekohtml</groupId> - <artifactId>nekohtml</artifactId> - <version>1.9.12</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty</artifactId> - <version>6.1.18</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty-util</artifactId> - <version>6.1.18</version> - <scope>test</scope> - </dependency> - </dependencies> - </dependencyManagement> - -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml (from rev 829, identity-federation/trunk/parent/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/parent/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,165 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss</groupId> + <artifactId>jboss-parent</artifactId> + <version>4</version> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <packaging>pom</packaging> + <version>1.0.0.beta3.pre</version> + <name>JBoss Identity Federation- Parent</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <scm> + <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> + </scm> + + <build> + <plugins> + <plugin> + <artifactId>maven-release-plugin</artifactId> + <configuration> + <tagBase>https://svn.jboss.org/repos/jbossidentity/identity-federation/tags</tagBase> + </configuration> + </plugin> + </plugins> + <pluginManagement> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>true</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </pluginManagement> + </build> + + <repositories> + <repository> + <id>repository.jboss.org</id> + <name>JBoss Repository</name> + <layout>default</layout> + <url>http://repository.jboss.org/maven2/</url> + <snapshots> + <enabled>false</enabled> + </snapshots> + </repository> + + <repository> + <id>snapshots.jboss.org</id> + <name>JBoss Snapshots Repository</name> + <layout>default</layout> + <url>http://snapshots.jboss.org/maven2/</url> + <snapshots> + <enabled>true</enabled> + </snapshots> + <releases> + <enabled>false</enabled> + </releases> + </repository> + </repositories> + + <dependencyManagement> + <dependencies> + <dependency> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>4.4</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + <version>1.2.14</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + <version>1.4.2</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + <version>1.0.3</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>javax.persistence</groupId> + <artifactId>persistence-api</artifactId> + <version>1.0</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + <version>2.1.9</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-impl</artifactId> + <version>2.1.9</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbossxacml</artifactId> + <version>2.0.3.SP2</version> + </dependency> + <dependency> + <groupId>org.openid4java</groupId> + <artifactId>openid4java</artifactId> + <version>0.9.5</version> + </dependency> + <dependency> + <groupId>nekohtml</groupId> + <artifactId>nekohtml</artifactId> + <version>1.9.12</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty</artifactId> + <version>6.1.18</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mortbay.jetty</groupId> + <artifactId>jetty-util</artifactId> + <version>6.1.18</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + +</project> Deleted: identity-federation/tags/1.0.0.beta3.pre/pom.xml =================================================================== --- identity-federation/trunk/pom.xml 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/tags/1.0.0.beta3.pre/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -1,42 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> - <relativePath>parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-pom</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation- Aggregator</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation is the federated identity project for JEMS projects</description> - - <modules> - <module>parent</module> - <module>jboss-identity-xmlsec-model</module> - <module>jboss-identity-fed-model</module> - <module>jboss-identity-fed-core</module> - <module>jboss-identity-fed-api</module> - <module>jboss-identity-web</module> - <module>jboss-identity-bindings</module> - <module>jboss-identity-bindings-jboss</module> - <module>jboss-identity-webapps</module> - <module>jboss-identity-seam</module> - <module>assembly</module> - </modules> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <aggregate>true</aggregate> - </configuration> - </plugin> - </plugins> - </reporting> - -</project> Copied: identity-federation/tags/1.0.0.beta3.pre/pom.xml (from rev 829, identity-federation/trunk/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.beta3.pre/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.beta3.pre/pom.xml 2009-10-09 18:58:19 UTC (rev 830) @@ -0,0 +1,42 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.beta3.pre</version> + <relativePath>parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-pom</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation- Aggregator</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation is the federated identity project for JEMS projects</description> + + <modules> + <module>parent</module> + <module>jboss-identity-xmlsec-model</module> + <module>jboss-identity-fed-model</module> + <module>jboss-identity-fed-core</module> + <module>jboss-identity-fed-api</module> + <module>jboss-identity-web</module> + <module>jboss-identity-bindings</module> + <module>jboss-identity-bindings-jboss</module> + <module>jboss-identity-webapps</module> + <module>jboss-identity-seam</module> + <module>assembly</module> + </modules> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <aggregate>true</aggregate> + </configuration> + </plugin> + </plugins> + </reporting> + +</project>

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r829 - in identity-federation/trunk: assembly and 27 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 14:56:43 -0400 (Fri, 09 Oct 2009) New Revision: 829 Modified: identity-federation/trunk/assembly/pom.xml identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml identity-federation/trunk/jboss-identity-bindings/pom.xml identity-federation/trunk/jboss-identity-fed-api/pom.xml identity-federation/trunk/jboss-identity-fed-core/pom.xml identity-federation/trunk/jboss-identity-fed-model/pom.xml identity-federation/trunk/jboss-identity-seam/pom.xml identity-federation/trunk/jboss-identity-web/pom.xml identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/trunk/jboss-identity-webapps/employee/pom.xml identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml identity-federation/trunk/jboss-identity-webapps/idp/pom.xml identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml identity-federation/trunk/jboss-identity-webapps/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml identity-federation/trunk/jboss-identity-webapps/sales/pom.xml identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml identity-federation/trunk/parent/pom.xml identity-federation/trunk/pom.xml Log: [maven-release-plugin] prepare release 1.0.0.beta3.pre Modified: identity-federation/trunk/assembly/pom.xml =================================================================== --- identity-federation/trunk/assembly/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/assembly/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-bindings/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-api/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-core/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-fed-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-seam/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-seam/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-seam/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -3,7 +3,7 @@ <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent </artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-web/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-web/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,13 +2,13 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>circleoftrust</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <packaging>war</packaging> <name>JBoss Identity Federation Circle Of Trust</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> Modified: identity-federation/trunk/jboss-identity-webapps/employee/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -3,7 +3,7 @@ <parent> <artifactId>jboss-identity-federation-webapps</artifactId> <groupId>org.jboss.identity</groupId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> </parent> <groupId>org.jboss.identity</groupId> <artifactId>fed-example</artifactId> Modified: identity-federation/trunk/jboss-identity-webapps/idp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/jboss-identity-webapps/sales/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> Modified: identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-federation-webapps</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../</relativePath> </parent> <modelVersion>4.0.0</modelVersion> @@ -14,19 +14,19 @@ <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-model</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-api</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-bindings</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <scope>provided</scope> </dependency> </dependencies> Modified: identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: identity-federation/trunk/parent/pom.xml =================================================================== --- identity-federation/trunk/parent/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/parent/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -8,7 +8,7 @@ <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> <packaging>pom</packaging> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <name>JBoss Identity Federation- Parent</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> @@ -23,8 +23,8 @@ <url>http://www.jboss.org</url> </organization> <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> + <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection> + <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection> </scm> <build> Modified: identity-federation/trunk/pom.xml =================================================================== --- identity-federation/trunk/pom.xml 2009-10-09 18:44:57 UTC (rev 828) +++ identity-federation/trunk/pom.xml 2009-10-09 18:56:43 UTC (rev 829) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity</groupId> <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.beta2-SNAPSHOT</version> + <version>1.0.0.beta3.pre</version> <relativePath>parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion>

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r828 - in identity-federation/trunk: jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response and 47 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-10-09 14:44:57 -0400 (Fri, 09 Oct 2009) New Revision: 828 Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handler.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handlers.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/ObjectFactory.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/package-info.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChain.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerResponse.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerChain.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerResponse.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ConfigUnitTestCase.java identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-1.xml identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-2.xml identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-3.xml identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-4.xml identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-5.xml identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-metadata-config-1.xml identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/HTTPContext.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/IdentityServer.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SecurityActions.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockContextClassLoader.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterChain.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterConfig.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletRequest.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletResponse.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpSession.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletConfig.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletContext.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/roles.properties identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jbid-handlers.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jboss-idfed.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/roles.properties identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jbid-handlers.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jboss-idfed.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/roles.properties identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jbid-handlers.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/roles.properties identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/users.properties identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jbid-handlers.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jboss-idfed.xml identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/roles.properties Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java Log: JBID-40: SAML2 Logout JBID-198: SAML2 Handler Architecture Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-10-09 18:44:57 UTC (rev 828) @@ -44,6 +44,7 @@ import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; import org.jboss.identity.federation.saml.v2.assertion.NameIDType; import org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; @@ -111,6 +112,48 @@ } /** + * Get the Underlying SAML2Object from the input stream + * @param is + * @return + * @throws IOException + * @throws ParsingException + */ + @SuppressWarnings("unchecked") + public SAML2Object getSAML2ObjectFromStream(InputStream is) throws IOException, ParsingException + { + if(is == null) + throw new IllegalStateException("InputStream is null"); + + Document samlDocument = null; + //First parse the Document + try + { + samlDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + + try + { + Binder<Node> binder = getBinder(); + JAXBElement<SAML2Object> jaxbAuthnRequestType = (JAXBElement<SAML2Object>) binder.unmarshal(samlDocument); + SAML2Object requestType = jaxbAuthnRequestType.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument); + return requestType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } + + /** * Get a Request Type from Input Stream * @param is * @return Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-10-09 18:44:57 UTC (rev 828) @@ -54,6 +54,7 @@ import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; import org.jboss.identity.federation.core.util.JAXBUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; import org.jboss.identity.federation.saml.v2.assertion.ActionType; import org.jboss.identity.federation.saml.v2.assertion.AssertionType; import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; @@ -67,6 +68,7 @@ import org.jboss.identity.federation.saml.v2.assertion.NameIDType; import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; import org.w3c.dom.Document; import org.w3c.dom.Node; import org.xml.sax.SAXException; @@ -296,6 +298,50 @@ } + /** + * Read a {@code SAML2Object} from an input stream + * @param is + * @return + * @throws ParsingException + * @throws ConfigurationException + */ + @SuppressWarnings("unchecked") + public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Document samlResponseDocument = null; + //Read the DOM + try + { + samlResponseDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ConfigurationException(e); + } + catch (IOException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + try + { + Binder<Node> binder = getBinder(); + JAXBElement<SAML2Object> saml2Object = (JAXBElement<SAML2Object>) binder.unmarshal(samlResponseDocument); + SAML2Object responseType = saml2Object.getValue(); + samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); + return responseType; + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + } /** * Convert an EncryptedElement into a Document @@ -333,9 +379,9 @@ * @throws JAXBException * @throws ParserConfigurationException */ - public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException + public Document convert(StatusResponseType responseType) throws JAXBException, ParserConfigurationException { - JAXBContext jaxb = JAXBUtil.getJAXBContext(ResponseType.class); + JAXBContext jaxb = JAXBUtil.getJAXBContext(StatusResponseType.class); Binder<Node> binder = jaxb.createBinder(); Document responseDocument = DocumentUtil.createDocument(); Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-10-09 18:44:57 UTC (rev 828) @@ -124,7 +124,28 @@ Document doc = saml2Request.convert(response); doc.normalize(); - String referenceURI = "#" + response.getID(); + return sign(doc, response.getID(), keypair); + } + + /** + * Sign an Document at the root + * @param response + * @param keypair Key Pair + * @param digestMethod (Example: DigestMethod.SHA1) + * @param signatureMethod (Example: SignatureMethod.DSA_SHA1) + * @return + * @throws ParserConfigurationException + * @throws JAXBException + * @throws XMLSignatureException + * @throws MarshalException + * @throws GeneralSecurityException + */ + public Document sign(Document doc, + String referenceID, + KeyPair keypair) throws JAXBException, + ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException + { + String referenceURI = "#" + referenceID; return XMLSignatureUtil.sign(doc, keypair, @@ -156,7 +177,31 @@ SAML2Response saml2Response = new SAML2Response(); Document doc = saml2Response.convert(response); - + return sign(doc,idValueOfAssertion, keypair, referenceURI); + } + + /** + * Sign a document + * @param doc + * @param idValueOfAssertion + * @param keypair + * @param referenceURI + * @return + * @throws JAXBException + * @throws ParserConfigurationException + * @throws XPathException + * @throws TransformerFactoryConfigurationError + * @throws TransformerException + * @throws GeneralSecurityException + * @throws MarshalException + * @throws XMLSignatureException + */ + public Document sign(Document doc, + String idValueOfAssertion, + KeyPair keypair, + String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException + { + Node assertionNode = DocumentUtil.getNodeWithAttribute(doc, JBossSAMLURIConstants.ASSERTION_NSURI.get(), "Assertion", @@ -166,6 +211,6 @@ return XMLSignatureUtil.sign(doc, assertionNode, keypair, digestMethod, signatureMethod, - referenceURI); + referenceURI); } } \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handler.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handler.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,131 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661 +// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.10.06 at 01:13:30 PM CDT +// + + +package org.jboss.identity.federation.core.handler.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlType; + +import org.jboss.identity.federation.core.config.KeyValueType; + + +/** + * <p>Java class for Handler complex type. + * + * <p>The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="Handler"> + * <complexContent> + * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> + * <sequence> + * <element name="Option" type="{urn:jboss:identity-federation:config:1.0}KeyValueType" maxOccurs="unbounded" minOccurs="0"/> + * </sequence> + * <attribute name="name" type="{http://www.w3.org/2001/XMLSchema}string" /> + * <attribute name="class" type="{http://www.w3.org/2001/XMLSchema}string" /> + * </restriction> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "Handler", propOrder = { + "Option" +}) +public class Handler { + + protected List<KeyValueType> Option; + @XmlAttribute + protected String name; + @XmlAttribute(name = "class") + protected String clazz; + + /** + * Gets the value of the option property. + * + * <p> + * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a <CODE>set</CODE> method for the option property. + * + * <p> + * For example, to add a new item, do as follows: + * <pre> + * getOption().add(newItem); + * </pre> + * + * + * <p> + * Objects of the following type(s) are allowed in the list + * {@link KeyValueType } + * + * + */ + public List<KeyValueType> getOption() { + if (Option == null) { + Option = new ArrayList<KeyValueType>(); + } + return this.Option; + } + + /** + * Gets the value of the name property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getName() { + return name; + } + + /** + * Sets the value of the name property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setName(String value) { + this.name = value; + } + + /** + * Gets the value of the clazz property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getClazz() { + return clazz; + } + + /** + * Sets the value of the clazz property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setClazz(String value) { + this.clazz = value; + } + +} Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handlers.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handlers.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/Handlers.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,76 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661 +// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.10.06 at 01:13:30 PM CDT +// + + +package org.jboss.identity.federation.core.handler.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + + +/** + * <p>Java class for Handlers complex type. + * + * <p>The following schema fragment specifies the expected content contained within this class. + * + * <pre> + * <complexType name="Handlers"> + * <complexContent> + * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> + * <sequence> + * <element name="Handler" type="{urn:jboss:identity-federation:handler:config:1.0}Handler" maxOccurs="unbounded"/> + * </sequence> + * </restriction> + * </complexContent> + * </complexType> + * </pre> + * + * + */ +(a)XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "Handlers", propOrder = { + "handler" +}) +public class Handlers { + + @XmlElement(name = "Handler", required = true) + protected List<Handler> handler; + + /** + * Gets the value of the handler property. + * + * <p> + * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a <CODE>set</CODE> method for the handler property. + * + * <p> + * For example, to add a new item, do as follows: + * <pre> + * getHandler().add(newItem); + * </pre> + * + * + * <p> + * Objects of the following type(s) are allowed in the list + * {@link Handler } + * + * + */ + public List<Handler> getHandler() { + if (handler == null) { + handler = new ArrayList<Handler>(); + } + return this.handler; + } + +} Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/ObjectFactory.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/ObjectFactory.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/ObjectFactory.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,68 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661 +// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.10.06 at 02:14:55 PM CDT +// + + +package org.jboss.identity.federation.core.handler.config; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.annotation.XmlElementDecl; +import javax.xml.bind.annotation.XmlRegistry; +import javax.xml.namespace.QName; + + +/** + * This object contains factory methods for each + * Java content interface and Java element interface + * generated in the jboss.identity_federation.handler.config._1 package. + * <p>An ObjectFactory allows you to programatically + * construct new instances of the Java representation + * for XML content. The Java representation of XML + * content can consist of schema derived interfaces + * and classes representing the binding of schema + * type definitions, element declarations and model + * groups. Factory methods for each of these are + * provided in this class. + * + */ +@XmlRegistry +public class ObjectFactory { + + private final static QName _Handlers_QNAME = new QName("urn:jboss:identity-federation:handler:config:1.0", "Handlers"); + + /** + * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: jboss.identity_federation.handler.config._1 + * + */ + public ObjectFactory() { + } + + /** + * Create an instance of {@link Handler } + * + */ + public Handler createHandler() { + return new Handler(); + } + + /** + * Create an instance of {@link Handlers } + * + */ + public Handlers createHandlers() { + return new Handlers(); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Handlers }{@code >}} + * + */ + @XmlElementDecl(namespace = "urn:jboss:identity-federation:handler:config:1.0", name = "Handlers") + public JAXBElement<Handlers> createHandlers(Handlers value) { + return new JAXBElement<Handlers>(_Handlers_QNAME, Handlers.class, null, value); + } + +} Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/package-info.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/package-info.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/handler/config/package-info.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,9 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-661 +// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.10.06 at 01:13:30 PM CDT +// + +(a)javax.xml.bind.annotation.XmlSchema(namespace = "urn:jboss:identity-federation:handler:config:1.0", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) +package org.jboss.identity.federation.core.handler.config; Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/ProtocolContext.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,31 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.interfaces; + +/** + * Marker Interface + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public interface ProtocolContext +{ +} Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/SAMLDocumentHolder.java 2009-10-09 18:44:57 UTC (rev 828) @@ -27,8 +27,10 @@ * A Holder class that can store * the SAML object as well as the corresponding * DOM object. - * It is thread safe because each thread - * can have only one instance of this class + * + * Users of this class need to make it threadsafe + * by having one instance per thread (ThreadLocal) + * * @author Anil.Saldhana(a)redhat.com * @since Aug 13, 2009 */ @@ -52,6 +54,7 @@ this.samlObject = samlObject; this.samlDocument = samlDocument; } + public Object getSamlObject() { return samlObject; Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChain.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChain.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerChain.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,88 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.impl; + +import java.util.Collection; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain; + +/** + * Default implementation of the SAML2 handler chain + * @author Anil.Saldhana(a)redhat.com + * @since Oct 1, 2009 + */ +public class DefaultSAML2HandlerChain implements SAML2HandlerChain +{ + private Set<SAML2Handler> handlers = new HashSet<SAML2Handler>(); + + /** + * @see SAML2HandlerChain#add(SAML2Handler) + */ + public boolean add(SAML2Handler handler) + { + return handlers.add(handler); + } + + /** + * @see SAML2HandlerChain#add(SAML2Handler) + */ + public boolean addAll(Collection<SAML2Handler> handlers) + { + return this.handlers.addAll(handlers); + } + + /** + * @see SAML2HandlerChain#handlers() + */ + public Set<SAML2Handler> handlers() + { + return Collections.unmodifiableSet(handlers); + } + + /** + * @see SAML2HandlerChain#remove(SAML2Handler) + */ + public boolean remove(SAML2Handler handler) + { + return handlers.remove(handler); + } + + /** + * @see SAML2HandlerChain#size() + */ + public int size() + { + return handlers.size(); + } + + /** + * @see SAML2HandlerChain#removeAll(Collection) + */ + public boolean removeAll(Collection<SAML2Handler> handlers) + { + return handlers.removeAll(handlers); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerRequest.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,130 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.impl; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +import org.jboss.identity.federation.core.interfaces.ProtocolContext; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; + +/** + * Default SAML2HandlerRequest + * @author Anil.Saldhana(a)redhat.com + * @since Oct 1, 2009 + */ +public class DefaultSAML2HandlerRequest implements SAML2HandlerRequest +{ + private ProtocolContext protocolContext = null; + private NameIDType issuer; + private SAML2Object saml2Object; + private HANDLER_TYPE handlerType; + private Map<String,Object> options = new HashMap<String,Object>(); + private GENERATE_REQUEST_TYPE generateRequestType; + private String relayState; + + public DefaultSAML2HandlerRequest(ProtocolContext protocolContext, + NameIDType issuer, SAML2Object saml2Object, + HANDLER_TYPE handlerType) + { + this.protocolContext = protocolContext; + this.issuer = issuer; + this.saml2Object = saml2Object; + this.handlerType = handlerType; + } + + public void setOptions(Map<String,Object> options) + { + this.options = options; + } + + /** + * @see SAML2HandlerRequest#getContext() + */ + public ProtocolContext getContext() + { + return this.protocolContext; + } + /** + * @see SAML2HandlerRequest#getIssuer() + */ + public NameIDType getIssuer() + { + return this.issuer; + } + /** + * @see SAML2HandlerRequest#getSAML2Object() + */ + public SAML2Object getSAML2Object() + { + return this.saml2Object; + } + /** + * @see SAML2HandlerRequest#getType() + */ + public HANDLER_TYPE getType() + { + return handlerType; + } + + /** + * @see SAML2HandlerRequest#getOptions() + */ + public Map<String, Object> getOptions() + { + return Collections.unmodifiableMap(this.options); + } + + /** + * Set the type of saml2 request that need to be generated + * by the handler + * @param grt + */ + public void setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE grt) + { + this.generateRequestType = grt; + } + + /** + * @see SAML2HandlerRequest#getTypeOfRequestToBeGenerated() + */ + public GENERATE_REQUEST_TYPE getTypeOfRequestToBeGenerated() + { + return this.generateRequestType; + } + + /** + * @see SAML2HandlerRequest#getRelayState() + */ + public String getRelayState() + { + return this.relayState; + } + + public void setRelayState(String relay) + { + this.relayState = relay; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerResponse.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerResponse.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/impl/DefaultSAML2HandlerResponse.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,143 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.impl; + +import java.util.ArrayList; +import java.util.List; + +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.w3c.dom.Document; + +/** + * Default implementation of the SAML2 Handler response + * @author Anil.Saldhana(a)redhat.com + * @since Oct 1, 2009 + */ +public class DefaultSAML2HandlerResponse implements SAML2HandlerResponse +{ + private Document document; + private String relayState; + private List<String> roles = new ArrayList<String>(); + private String destination; + private int errorCode; + private String errorMessage; + private boolean errorMode; + + /** + * @see SAML2HandlerResponse#getRelayState() + */ + public String getRelayState() + { + return this.relayState; + } + + /** + * @see SAML2HandlerResponse#getResultingDocument() + */ + public Document getResultingDocument() + { + return this.document; + } + + /** + * @see SAML2HandlerResponse#setRelayState(String) + */ + public void setRelayState(String relayState) + { + this.relayState= relayState; + } + + /** + * @see SAML2HandlerResponse#setResultingDocument(Document) + */ + public void setResultingDocument(Document doc) + { + this.document = doc; + } + + /** + * @see SAML2HandlerResponse#getRoles() + */ + public List<String> getRoles() + { + return this.roles ; + } + + /** + * @see SAML2HandlerResponse#setRoles(List) + */ + public void setRoles(List<String> roles) + { + this.roles.addAll(roles); + } + + /** + * @see SAML2HandlerResponse#getDestination() + */ + public String getDestination() + { + return this.destination; + } + + /** + * @see SAML2HandlerResponse#setDestination(String) + */ + public void setDestination(String destination) + { + this.destination = destination; + } + + /** + * @see SAML2HandlerResponse#getErrorCode() + */ + public int getErrorCode() + { + return this.errorCode; + } + + /** + * @see SAML2HandlerResponse#getErrorMessage() + */ + public String getErrorMessage() + { + return this.errorMessage; + } + + /** + * @see SAML2HandlerResponse#setError(int, String) + */ + public void setError(int errorCode, String errorMessage) + { + this.errorCode = errorCode; + this.errorMessage = errorMessage; + + this.errorMode = true; + } + + /** + * @see SAML2HandlerResponse#isInError() + */ + public boolean isInError() + { + return this.errorMode; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,73 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.interfaces; + +import java.util.Map; + +import org.jboss.identity.federation.core.exceptions.ProcessingException; + +/** + * Handle SAML2 Request types and status response types + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public interface SAML2Handler +{ + /** + * Initialize the handler + * @param options + */ + void init(Map<String,Object> options); + + /** + * Generate a SAML Request to be sent to the IDP + * if the handler is invoked at the SP and vice-versa + * @param request + * @param response + * @throws ProcessingException + */ + void generateSAMLRequest(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException; + /** + * Handle a SAML2 RequestAbstractType + * @param requestAbstractType + * @param resultingDocument + * @return + */ + void handleRequestType(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException; + + /** + * Handle a SAML2 Status Response Type + * @param statusResponseType + * @param resultingDocument + * @return + */ + void handleStatusResponseType(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException; + + /** + * Shed all state + * @throws ProcessingException + */ + void reset() throws ProcessingException; +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerChain.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerChain.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerChain.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,73 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.interfaces; + +import java.util.Collection; +import java.util.Set; + +/** + * A SAML2 chain of handlers + * @author Anil.Saldhana(a)redhat.com + * @since Oct 1, 2009 + */ +public interface SAML2HandlerChain +{ + /** + * Number of handlers + * @return + */ + int size(); + + /** + * Get a read-only set of handlers + * @return + */ + Set<SAML2Handler> handlers(); + + /** + * Add an handler + * @param handler + * @return whether add was successful + */ + boolean add(SAML2Handler handler); + + /** + * Add a collection of handlers + * @param handlers + * @return + */ + boolean addAll(Collection<SAML2Handler> handlers); + + /** + * Remove an handler + * @param handler + * @return whether remove was successful + */ + boolean remove(SAML2Handler handler); + + /** + * Remove a collection of handlers + * @param handlers + * @return + */ + boolean removeAll(Collection<SAML2Handler> handlers); +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerRequest.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,115 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.interfaces; + +import java.util.Map; + +import org.jboss.identity.federation.core.interfaces.ProtocolContext; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; + +/** + * Request for {@code SAML2Handler} + * @author Anil.Saldhana(a)redhat.com + * @since Sep 25, 2009 + */ +public interface SAML2HandlerRequest +{ + /** + * Processing Point - idp side + * or service side + */ + public enum HANDLER_TYPE + { + IDP,SP; + }; + + public enum GENERATE_REQUEST_TYPE + { + AUTH,LOGOUT; + }; + + /** + * Holder of transport context such + * as HTTP + * @return + */ + ProtocolContext getContext(); + + /** + * The SAML2 Request + * @return + */ + SAML2Object getSAML2Object(); + + /** + * Get the type of handler + * - handler at IDP or SP + * @return + */ + HANDLER_TYPE getType(); + + /** + * Return the type of SAML request + * that needs to be generated at the handler + * @return + */ + GENERATE_REQUEST_TYPE getTypeOfRequestToBeGenerated(); + + /** + * set the type of SAML request + * that needs to be generated at the handler + * @return + */ + void setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE grt); + + /** + * Get the Issuer (SP or IDP) where + * the handler chain is currently processing + * @return + */ + NameIDType getIssuer(); + + /** + * Set the relay state that was part of the interaction + * @param relayState + */ + void setRelayState(String relayState); + + /** + * Get the RelayState that was part of the interaction + * @return + */ + String getRelayState(); + + /** + * Configure options + * @param options + */ + void setOptions(Map<String, Object> options); + + /** + * Get the configured options + * @return + */ + Map<String, Object> getOptions(); +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerResponse.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerResponse.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/interfaces/SAML2HandlerResponse.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,111 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.interfaces; + +import java.util.List; + +import org.w3c.dom.Document; + +/** + * A response object sent to the + * {@code SAML2Handler} as part of a chain + * @author Anil.Saldhana(a)redhat.com + * @since Sep 25, 2009 + */ +public interface SAML2HandlerResponse +{ + /** + * Set the destination where the response + * from the current processing node is sent + * @param destination + */ + void setDestination(String destination); + + /** + * Get the destination + * @return + */ + String getDestination(); + + /** + * Set the resulting document from the handler + * @param doc + */ + void setResultingDocument(Document doc); + + /** + * Set any relay state that needs to be used + * in the workflow + * @param relayState + */ + void setRelayState(String relayState); + + /** + * Get the resulting document from the handler invocation + * @return + */ + Document getResultingDocument(); + + /** + * Get the relay state + * @return + */ + String getRelayState(); + + /** + * Set an roles that are generated by handlers + * @param roles + */ + void setRoles(List<String> roles); + + /** + * Get the roles generated by handlers + * @return + */ + List<String> getRoles(); + + /** + * Specifies whether the handler chain processing + * resulted in an error + * @return + */ + boolean isInError(); + + /** + * Handler can set an error + * @param errorCode + * @param errorMessage + */ + void setError(int errorCode, String errorMessage); + + /** + * Get the error code set in the handler chain + * @return + */ + int getErrorCode(); + + /** + * Get the error message set in the handler chain + * @return + */ + String getErrorMessage(); +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/HandlerUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,91 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.jboss.identity.federation.core.config.KeyValueType; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.handler.config.Handler; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; + +/** + * Deals with SAML2 Handlers + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class HandlerUtil +{ + public static Set<SAML2Handler> getHandlers(Handlers handlers) throws ConfigurationException + { + if(handlers == null) + throw new IllegalArgumentException("handlers is null"); + List<Handler> handlerList = handlers.getHandler(); + + Set<SAML2Handler> handlerSet = new HashSet<SAML2Handler>(); + + for(Handler handler : handlerList) + { + String clazzName = handler.getClazz(); + + ClassLoader tcl = SecurityActions.getContextClassLoader(); + Class<?> clazz; + try + { + clazz = tcl.loadClass(clazzName); + + SAML2Handler samlhandler = (SAML2Handler) clazz.newInstance(); + List<KeyValueType> options = handler.getOption(); + + Map<String, Object> mapOptions = new HashMap<String, Object>(); + + for(KeyValueType kvtype : options) + { + mapOptions.put(kvtype.getKey(), kvtype.getValue()); + } + samlhandler.init(mapOptions); + + handlerSet.add(samlhandler); + } + catch (ClassNotFoundException e) + { + throw new ConfigurationException(e); + } + catch (InstantiationException e) + { + throw new ConfigurationException(e); + } + catch (IllegalAccessException e) + { + throw new ConfigurationException(e); + } + } + + return handlerSet; + } + +} \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/JAXBElementMappingUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -31,13 +31,16 @@ import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; import org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType; import org.jboss.identity.federation.saml.v2.protocol.ArtifactResolveType; +import org.jboss.identity.federation.saml.v2.protocol.ArtifactResponseType; import org.jboss.identity.federation.saml.v2.protocol.AssertionIDRequestType; import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; import org.jboss.identity.federation.saml.v2.protocol.ManageNameIDRequestType; import org.jboss.identity.federation.saml.v2.protocol.NameIDMappingRequestType; +import org.jboss.identity.federation.saml.v2.protocol.NameIDMappingResponseType; import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; /** * Maps various saml/xacml types to their corresponding JAXBElement @@ -102,9 +105,26 @@ * @param responseType * @return */ - public static JAXBElement<?> get(ResponseType responseType) - { - return SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + public static JAXBElement<?> get(StatusResponseType statusResponseType) + { + if(statusResponseType instanceof ResponseType) + { + ResponseType responseType = (ResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + } + else if(statusResponseType instanceof NameIDMappingResponseType) + { + NameIDMappingResponseType nameIDResponseType = (NameIDMappingResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createNameIDMappingResponse(nameIDResponseType); + } + else if(statusResponseType instanceof StatusResponseType) + { + StatusResponseType srt = (StatusResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createLogoutResponse(srt); + } + + ArtifactResponseType artifactResponse = (ArtifactResponseType) statusResponseType; + return SAMLProtocolFactory.getObjectFactory().createArtifactResponse(artifactResponse); } /** Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SecurityActions.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,83 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.security.AccessController; +import java.security.PrivilegedAction; + +/** + * Privileged Blocks + * @author Anil.Saldhana(a)redhat.com + * @since Dec 9, 2008 + */ +class SecurityActions +{ + /** + * Get the Thread Context ClassLoader + * @return + */ + static ClassLoader getContextClassLoader() + { + return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() + { + public ClassLoader run() + { + return Thread.currentThread().getContextClassLoader(); + } + }); + } + + /** + * Set the system property + * @param key + * @param defaultValue + * @return + */ + static void setSystemProperty(final String key, final String value) + { + AccessController.doPrivileged(new PrivilegedAction<Object>() + { + public Object run() + { + System.setProperty(key, value); + return null; + } + }); + } + + /** + * Get the system property + * @param key + * @param defaultValue + * @return + */ + static String getSystemProperty(final String key, final String defaultValue) + { + return AccessController.doPrivileged(new PrivilegedAction<String>() + { + public String run() + { + return System.getProperty(key, defaultValue); + } + }); + } +} Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/JAXBUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -21,6 +21,7 @@ */ package org.jboss.identity.federation.core.util; +import java.io.IOException; import java.net.URL; import java.util.HashMap; @@ -28,6 +29,8 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Source; +import javax.xml.transform.stream.StreamSource; import javax.xml.validation.Schema; import javax.xml.validation.SchemaFactory; @@ -107,6 +110,25 @@ JAXBContext jc = getJAXBContext(pkgName); return jc.createUnmarshaller(); } + + /** + * Get the JAXB Unmarshaller for a selected set + * of package names + * @param pkgNames + * @return + * @throws JAXBException + */ + public static Unmarshaller getUnmarshaller(String... pkgNames) throws JAXBException + { + if(pkgNames == null) + throw new IllegalArgumentException("pkgName is null"); + int len = pkgNames.length; + if(len == 0) + return getUnmarshaller(pkgNames[0]); + + JAXBContext jc = getJAXBContext(pkgNames); + return jc.createUnmarshaller(); + } /** * Get the JAXB Unmarshaller @@ -125,13 +147,59 @@ return unmarshaller; } + + public static Unmarshaller getValidatingUnmarshaller(String[] pkgNames, + String[] schemaLocations) throws JAXBException,SAXException, IOException + { + StringBuilder builder = new StringBuilder(); + int len = pkgNames.length; + if(len == 0) + throw new IllegalArgumentException("Packages are empty"); + + for(String pkg:pkgNames) + { + builder.append(pkg); + builder.append(":"); + } + + Unmarshaller unmarshaller = getUnmarshaller(builder.toString()); + + SchemaFactory schemaFactory = getSchemaFactory(); + + //Get the sources + Source[] schemaSources = new Source[schemaLocations.length]; + + ClassLoader tcl = SecurityActions.getContextClassLoader(); + + int i=0; + for(String schemaLocation : schemaLocations) + { + URL schemaURL = tcl.getResource(schemaLocation); + if(schemaURL == null) + throw new IllegalStateException("Schema URL is null:" + schemaLocation); + schemaSources[i++] = new StreamSource(schemaURL.openStream()); + } + + Schema schema = schemaFactory.newSchema(schemaSources); + unmarshaller.setSchema(schema); + + return unmarshaller; + } + private static Schema getJAXPSchemaInstance(String schemaLocation) throws SAXException { ClassLoader tcl = SecurityActions.getContextClassLoader(); URL schemaURL = tcl.getResource(schemaLocation); if(schemaURL == null) throw new IllegalStateException("Schema URL is null:" + schemaLocation); + SchemaFactory scFact = getSchemaFactory(); + Schema schema = scFact.newSchema(schemaURL); + return schema; + } + + private static SchemaFactory getSchemaFactory() + { SchemaFactory scFact = SchemaFactory.newInstance(W3C_XML_SCHEMA_NS_URI); //Always install the resolver unless the system property is set @@ -176,8 +244,7 @@ if(trace) log.trace("SAX Warn:" + builder.toString()); } }); - Schema schema = scFact.newSchema(schemaURL); - return schema; + return scFact; } public static JAXBContext getJAXBContext(String path) throws JAXBException @@ -191,6 +258,29 @@ return jx; } + public static JAXBContext getJAXBContext(String... paths) throws JAXBException + { + int len = paths.length; + if (len == 0) + return getJAXBContext(paths[0]); + + StringBuilder builder = new StringBuilder(); + for(String path: paths) + { + builder.append(path).append(":"); + } + + String finalPath = builder.toString(); + + JAXBContext jx = jaxbContextHash.get(finalPath); + if(jx == null) + { + jx = JAXBContext.newInstance(finalPath); + jaxbContextHash.put(finalPath, jx); + } + return jx; + } + public static JAXBContext getJAXBContext(Class<?> clazz) throws JAXBException { String clazzName = clazz.getName(); Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2009-10-09 18:44:57 UTC (rev 828) @@ -162,6 +162,7 @@ * @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust * specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}. */ + @SuppressWarnings("unchecked") public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) { // if the response contains an issued token, we must preserve it from the JAXB unmarshalling. Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -126,7 +126,7 @@ public abstract QName getTokenElementQName(); /** - * Post constuct will be called when the handler is deployed. + * Post construct will be called when the handler is deployed. * * @throws WebServiceException */ @@ -256,4 +256,4 @@ } return null; } -} +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed-handler.xsd 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,32 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema xmlns="http://www.w3.org/2001/XMLSchema" + targetNamespace="urn:jboss:identity-federation:handler:config:1.0" + xmlns:tns="urn:jboss:identity-federation:handler:config:1.0" + xmlns:idfed="urn:jboss:identity-federation:config:1.0" + elementFormDefault="qualified"> + +  + <import schemaLocation="jboss-identity-fed.xsd" + namespace="urn:jboss:identity-federation:config:1.0"> + </import> + + + <complexType name="Handler"> + <sequence> + <element name="Option" type="idfed:KeyValueType" maxOccurs="unbounded" + minOccurs="0"> + </element> + </sequence> + <attribute name="name" type="string"></attribute> + <attribute name="class" type="string"></attribute> + </complexType> + + + <complexType name="Handlers"> + <sequence> + <element name="Handler" type="tns:Handler" maxOccurs="unbounded" minOccurs="1"></element> + </sequence> + </complexType> + + <element name="Handlers" type="tns:Handlers"/> +</schema> \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-10-09 18:44:57 UTC (rev 828) @@ -159,6 +159,13 @@ </sequence> </complexType> + <complexType name="MetadataProviderType"> + <sequence> + <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element> + </sequence> + <attribute name="ClassName" type="string"></attribute> + </complexType> +  <complexType name="STSType"> @@ -248,11 +255,4 @@ <attribute name="Name" type="string" use="required"/> <attribute name="Value" type="string" use="required"/> </complexType> - - <complexType name="MetadataProviderType"> - <sequence> - <element name="Option" type="tns:KeyValueType" maxOccurs="unbounded" minOccurs="0"></element> - </sequence> - <attribute name="ClassName" type="string"></attribute> - </complexType> </schema> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ConfigUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ConfigUnitTestCase.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/config/ConfigUnitTestCase.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,213 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.core.config; + +import java.io.InputStream; +import java.util.List; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.Unmarshaller; + +import junit.framework.TestCase; + +import org.jboss.identity.federation.core.config.AuthPropertyType; +import org.jboss.identity.federation.core.config.IDPType; +import org.jboss.identity.federation.core.config.KeyProviderType; +import org.jboss.identity.federation.core.config.KeyValueType; +import org.jboss.identity.federation.core.config.PropertyType; +import org.jboss.identity.federation.core.config.SPType; +import org.jboss.identity.federation.core.config.STSType; +import org.jboss.identity.federation.core.config.ServiceProviderType; +import org.jboss.identity.federation.core.config.ServiceProvidersType; +import org.jboss.identity.federation.core.config.TokenProviderType; +import org.jboss.identity.federation.core.config.TokenProvidersType; +import org.jboss.identity.federation.core.config.TrustType; +import org.jboss.identity.federation.core.handler.config.Handler; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.util.JAXBUtil; + +/** + * Unit Test the various config + * + * @author Anil.Saldhana(a)redhat.com + * @since Jan 21, 2009 + */ +public class ConfigUnitTestCase extends TestCase +{ + String config = "config/test-config-"; + + @SuppressWarnings("unchecked") + public void test01() throws Exception + { + Object object = this.unmarshall(config + "1.xml"); + assertNotNull("IDP is not null", object); + assertTrue(object instanceof JAXBElement); + + IDPType idp = ((JAXBElement<IDPType>) object).getValue(); + assertEquals("300000", 300000L, idp.getAssertionValidity()); + assertEquals("org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator", idp.getRoleGenerator()); + + TrustType trust = idp.getTrust(); + assertNotNull("Trust is not null", trust); + String domains = trust.getDomains(); + assertTrue("localhost trusted", domains.indexOf("localhost") > -1); + assertTrue("jboss.com trusted", domains.indexOf("jboss.com") > -1); + } + + @SuppressWarnings("unchecked") + public void test02() throws Exception + { + Object object = this.unmarshall(config + "2.xml"); + assertNotNull("IDP is not null", object); + assertTrue(object instanceof JAXBElement); + + IDPType idp = ((JAXBElement<IDPType>) object).getValue(); + assertEquals("20000", 20000L, idp.getAssertionValidity()); + assertEquals("somefqn", idp.getRoleGenerator()); + assertTrue(idp.isEncrypt()); + KeyProviderType kp = idp.getKeyProvider(); + assertNotNull("KeyProvider is not null", kp); + assertEquals("SomeClass", "SomeClass", kp.getClassName()); + List<AuthPropertyType> authProps = kp.getAuth(); + AuthPropertyType authProp = authProps.get(0); + assertEquals("SomeKey", "SomeKey", authProp.getKey()); + assertEquals("SomeValue", "SomeValue", authProp.getValue()); + + authProp = authProps.get(1); + assertEquals("DBURL", "DBURL", authProp.getKey()); + assertEquals("SomeDBURL", "SomeDBURL", authProp.getValue()); + + List<KeyValueType> validatingAliases = kp.getValidatingAlias(); + assertEquals("Validating Alias length is 2", 2, validatingAliases.size()); + + KeyValueType kv = validatingAliases.get(0); + assertEquals("localhost", kv.getKey()); + assertEquals("localhostalias", kv.getValue()); + + kv = validatingAliases.get(1); + assertEquals("jboss.com", kv.getKey()); + assertEquals("jbossalias", kv.getValue()); + + TrustType trust = idp.getTrust(); + assertNotNull("Trust is not null", trust); + String domains = trust.getDomains(); + assertTrue("localhost trusted", domains.indexOf("localhost") > -1); + assertTrue("jboss.com trusted", domains.indexOf("jboss.com") > -1); + } + + @SuppressWarnings("unchecked") + public void test03() throws Exception + { + Object object = this.unmarshall(config + "3.xml"); + assertNotNull("SP is null", object); + assertTrue(object instanceof JAXBElement); + + SPType sp = ((JAXBElement<SPType>) object).getValue(); + assertEquals("http://localhost:8080/idp", sp.getIdentityURL()); + assertEquals("http://localhost:8080/sales", sp.getServiceURL()); + } + + /** + * <p> + * Tests the parsing of a Security Token Service configuration. + * </p> + * + * @throws Exception if an error occurs while running the test. + */ + @SuppressWarnings("unchecked") + public void test04() throws Exception + { + Object object = this.unmarshall(this.config + "4.xml"); + assertNotNull("Found a null STS configuration", object); + assertTrue("Unexpected configuration type", object instanceof JAXBElement); + + STSType stsType = ((JAXBElement<STSType>) object).getValue(); + // general STS configurations. + assertEquals("Unexpected STS name", "Test STS", stsType.getSTSName()); + assertEquals("Unexpected token timeout value", 7200, stsType.getTokenTimeout()); + assertTrue("Encryption of tokens should have been enabled", stsType.isEncryptToken()); + // we don't verify all values of the key provider config as it has been done in the other test scenarios. + assertNotNull("Unexpected null key provider", stsType.getKeyProvider()); + // request handler and configurations based on the token type. + assertEquals("Unexpected request handler class", "org.jboss.identity.federation.wstrust.Handler", stsType + .getRequestHandler()); + // configuration of the token providers. + TokenProvidersType tokenProviders = stsType.getTokenProviders(); + assertNotNull("Unexpected null list of token providers", tokenProviders); + assertEquals("Unexpected number of token providers", 1, tokenProviders.getTokenProvider().size()); + TokenProviderType tokenProvider = tokenProviders.getTokenProvider().get(0); + assertNotNull("Unexpected null token provider", tokenProvider); + assertEquals("Unexpected provider class name", "org.jboss.SpecialTokenProvider", tokenProvider.getProviderClass()); + assertEquals("Unexpected token type", "specialToken", tokenProvider.getTokenType()); + assertEquals("Unexpected token element name", "SpecialToken", tokenProvider.getTokenElement()); + assertEquals("Unexpected token namespace", "http://www.tokens.org", tokenProvider.getTokenElementNS()); + List<PropertyType> properties = tokenProvider.getProperty(); + assertEquals("Invalid number of properties", 2, properties.size()); + // configuration of the service providers. + ServiceProvidersType serviceProviders = stsType.getServiceProviders(); + assertNotNull("Unexpected null list of service providers", serviceProviders); + assertEquals("Unexpected number of service providers", 1, serviceProviders.getServiceProvider().size()); + ServiceProviderType serviceProvider = serviceProviders.getServiceProvider().get(0); + assertNotNull("Unexpected null service provider", serviceProvider); + assertEquals("Unexpected provider endpoint", "http://provider.endpoint/provider", serviceProvider.getEndpoint()); + assertEquals("Unexpected truststore alias", "providerAlias", serviceProvider.getTruststoreAlias()); + assertEquals("Unexpected token type", "specialToken", serviceProvider.getTokenType()); + } + + @SuppressWarnings("unchecked") + public void test05() throws Exception + { + JAXBElement<Handlers> handlersJaxb = (JAXBElement<Handlers>) this.unmarshall(config + "5.xml"); + assertNotNull("Handlers not null", handlersJaxb); + + Handlers handlers = handlersJaxb.getValue(); + List<Handler> handlerList = handlers.getHandler(); + assertEquals("1 handler",1, handlerList.size()); + + Handler handler = handlerList.get(0); + assertEquals("Class Name","a", handler.getClazz()); + List<KeyValueType> options = handler.getOption(); + assertEquals("2 options", 2, options.size()); + KeyValueType k1 = options.get(0); + assertEquals("1", "1", k1.getKey()); + assertEquals("1.1", "1.1", k1.getValue()); + KeyValueType k2 = options.get(1); + assertEquals("2", "2", k2.getKey()); + assertEquals("2.2", "2.2", k2.getValue()); + } + + private Object unmarshall(String configFile) throws Exception + { + String[] schemas = new String[] { "schema/config/jboss-identity-fed.xsd", + "schema/config/jboss-identity-fed-handler.xsd"}; + + ClassLoader tcl = Thread.currentThread().getContextClassLoader(); + InputStream is = tcl.getResourceAsStream(configFile); + assertNotNull("Inputstream not null for config file:" + configFile, is); + + String[] pkgNames = new String[] {"org.jboss.identity.federation.core.config", + "org.jboss.identity.federation.core.handler.config"}; + Unmarshaller un = JAXBUtil.getValidatingUnmarshaller(pkgNames, + schemas); + return un.unmarshal(is); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-1.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-1.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-1.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,6 @@ +<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0"> +<IdentityURL>http://localhost:8080/idp</IdentityURL> +<Trust> + <Domains>localhost,jboss.com,jboss.org</Domains> +</Trust> +</JBossIDP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-2.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-2.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-2.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,15 @@ +<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0" + AssertionValidity="20000" + RoleGenerator="somefqn" + Encrypt="true"> +<IdentityURL>http://localhost:8080/idp</IdentityURL> +<Trust> + <Domains>localhost,jboss.com,jboss.org</Domains> +</Trust> +<KeyProvider ClassName="SomeClass"> + <Auth Key="SomeKey" Value="SomeValue" /> + <Auth Key="DBURL" Value="SomeDBURL" /> + <ValidatingAlias Key="localhost" Value="localhostalias"/> + <ValidatingAlias Key="jboss.com" Value="jbossalias"/> +</KeyProvider> +</JBossIDP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-3.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-3.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-3.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,14 @@ +<JBossSP xmlns="urn:jboss:identity-federation:config:1.0"> +<IdentityURL>http://localhost:8080/idp</IdentityURL> +<Trust> + <Domains>localhost,jboss.com,jboss.org</Domains> +</Trust> +<KeyProvider ClassName="SomeClass"> + <Auth Key="SomeKey" Value="SomeValue" /> + <Auth Key="DBURL" Value="SomeDBURL" /> + <ValidatingAlias Key="localhost" Value="localhostalias"/> + <ValidatingAlias Key="jboss.com" Value="jbossalias"/> +</KeyProvider> + +<ServiceURL>http://localhost:8080/sales</ServiceURL> +</JBossSP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-4.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-4.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-4.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,24 @@ +<JBossSTS xmlns="urn:jboss:identity-federation:config:1.0" + STSName="Test STS" TokenTimeout="7200" EncryptToken="true"> + <KeyProvider ClassName="SomeClass"> + <ValidatingAlias Key="localhost" Value="localhostalias"/> + <ValidatingAlias Key="jboss.com" Value="jbossalias"/> + <SigningAlias>issueralias</SigningAlias> + </KeyProvider> + <RequestHandler>org.jboss.identity.federation.wstrust.Handler</RequestHandler> + <TokenProviders> + <TokenProvider + ProviderClass="org.jboss.SpecialTokenProvider" + TokenType="specialToken" + TokenElement="SpecialToken" + TokenElementNS="http://www.tokens.org"> + <Property Name="Property1" Value="Value1"/> + <Property Name="Property2" Value="Value2"/> + </TokenProvider> + </TokenProviders> + <ServiceProviders> + <ServiceProvider Endpoint="http://provider.endpoint/provider" + TokenType="specialToken" + TruststoreAlias="providerAlias"/> + </ServiceProviders> +</JBossSTS> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-5.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-5.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-config-5.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,6 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="a"> + <Option Key="1" Value="1.1"/> + <Option Key="2" Value="2.2"/> + </Handler> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-metadata-config-1.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-metadata-config-1.xml (rev 0) +++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/config/test-metadata-config-1.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,18 @@ +<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0" + AssertionValidity="20000" + RoleGenerator="somefqn" + Encrypt="true"> +<IdentityURL>http://localhost:8080/idp</IdentityURL> +<Trust> + <Domains>localhost,jboss.com,jboss.org</Domains> +</Trust> +<KeyProvider ClassName="SomeClass"> + <Auth Key="SomeKey" Value="SomeValue" /> + <Auth Key="DBURL" Value="SomeDBURL" /> + <ValidatingAlias Key="localhost" Value="localhostalias"/> + <ValidatingAlias Key="jboss.com" Value="jbossalias"/> +</KeyProvider> +<MetaDataProvider ClassName="org.jboss.test.somefqn"> + <Option Key="FileName" Value="myfile"/> +</MetaDataProvider> +</JBossIDP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/constants/GeneralConstants.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,45 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.constants; + +/** + * Constants + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public interface GeneralConstants +{ + String ASSERTIONS_VALIDITY = "ASSERTIONS_VALIDITY"; + String ATTRIBUTES = "ATTRIBUTES"; + String ATTRIBUTE_KEYS = "ATTRIBUTE_KEYS"; + String CONFIGURATION = "CONFIGURATION"; + String IGNORE_SIGNATURES = "IGNORE_SIGNATURES"; + String PRINCIPAL_ID = "jboss_identity.principal"; + String ROLES = "ROLES"; + String ROLES_ID = "jboss_identity.roles"; + String ROLE_GENERATOR = "ROLE_GENERATOR"; + String ROLE_VALIDATOR = "ROLE_VALIDATOR"; + String SIGN_OUTGOING_MESSAGES = "SIGN_OUTGOING_MESSAGES"; + + String USERNAME_FIELD = "JBID_USERNAME"; + String PASS_FIELD = "JBID_PASSWORD"; +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/HTTPContext.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/HTTPContext.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/HTTPContext.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,84 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.core; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.identity.federation.core.interfaces.ProtocolContext; + +/** + * Protocol Context based on HTTP + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public class HTTPContext implements ProtocolContext +{ + protected HttpServletRequest request; + protected HttpServletResponse response; + + protected ServletContext servletContext; + + public HTTPContext(HttpServletRequest httpReq, HttpServletResponse httpResp, + ServletContext sctx) + { + this.request = httpReq; + this.response = httpResp; + this.servletContext = sctx; + } + + public HttpServletRequest getRequest() + { + return request; + } + + public HttpServletResponse getResponse() + { + return response; + } + + public ServletContext getServletContext() + { + return servletContext; + } + + //Setters + + public HTTPContext setRequest(HttpServletRequest req) + { + this.request = req; + return this; + } + + public HTTPContext setResponse(HttpServletResponse resp) + { + this.response = resp; + return this; + } + + public HTTPContext setServletContext(ServletContext sctx) + { + this.servletContext = sctx; + return this; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/IdentityServer.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/IdentityServer.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/core/IdentityServer.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,194 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.core; + +import java.util.HashSet; +import java.util.Set; +import java.util.Stack; +import java.util.concurrent.ConcurrentHashMap; + +import javax.servlet.http.HttpSessionEvent; +import javax.servlet.http.HttpSessionListener; + +/** + * Represents an Identity Server + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public class IdentityServer implements HttpSessionListener +{ + private STACK stack = new STACK(); + + public class STACK + { + private ConcurrentHashMap<String,Stack<String>> sessionParticipantsMap = + new ConcurrentHashMap<String, Stack<String>>(); + + private ConcurrentHashMap<String, Set<String>> inTransitMap = + new ConcurrentHashMap<String, Set<String>>(); + + /** + * Peek at the most recent participant in the session + * @param sessionID + * @return + */ + public String peek(String sessionID) + { + Stack<String> stack = sessionParticipantsMap.get(sessionID); + if(stack != null) + return stack.peek(); + return ""; + } + + /** + * Remove the most recent participant in the session + * @param sessionID + * @return + */ + public String pop(String sessionID) + { + String result = null; + Stack<String> stack = sessionParticipantsMap.get(sessionID); + if(stack != null) + { + result = stack.pop(); + } + return result; + } + + /** + * Register a participant in a session + * @param sessionID + * @param participant + */ + public void register(String sessionID, String participant) + { + Stack<String> stack = sessionParticipantsMap.get(sessionID); + if(stack.contains(participant) == false) + stack.push(participant); + } + + /** + * For a given identity session, return the number of participants + * @param sessionID + * @return + */ + public int getParticipants(String sessionID) + { + Stack<String> stack = sessionParticipantsMap.get(sessionID); + if(stack != null) + return stack.size(); + + return 0; + } + + /** + * Register a participant as in transit in a logout interaction + * @param sessionID + * @param participant + * @return + */ + public boolean registerTransitParticipant(String sessionID, String participant) + { + Set<String> transitSet = inTransitMap.get(sessionID); + if(transitSet != null) + return transitSet.add(participant); + return false; + } + + /** + * Deregister a participant as in transit in a logout interaction + * @param sessionID + * @param participant + * @return + */ + public boolean deRegisterTransitParticipant(String sessionID, String participant) + { + Set<String> transitSet = inTransitMap.get(sessionID); + if(transitSet != null) + return transitSet.remove(participant); + return false; + } + + /** + * Return the number of participants in transit + * @param sessionID + * @return + */ + public int getNumOfParticipantsInTransit(String sessionID) + { + Set<String> transitSet = inTransitMap.get(sessionID); + if(transitSet != null) + return transitSet.size(); + return 0; + } + + /** + * The total number of sessions active + * @return + */ + public int totalSessions() + { + return sessionParticipantsMap.keySet().size(); + } + + private void put(String id) + { + sessionParticipantsMap.put(id, new Stack<String>()); + inTransitMap.put(id, new HashSet<String>()); + } + + private void remove(String id) + { + sessionParticipantsMap.remove(id); + inTransitMap.remove(id); + } + } + + + /** + * Return a reference to the internal stack + * @return + */ + public STACK stack() + { + return stack; + } + + + /** + * @see HttpSessionListener#sessionCreated(HttpSessionEvent) + */ + public void sessionCreated(HttpSessionEvent sessionEvent) + { + String id = sessionEvent.getSession().getId(); + stack.put(id); + } + + /** + * @see HttpSessionListener#sessionDestroyed(HttpSessionEvent) + */ + public void sessionDestroyed(HttpSessionEvent sessionEvent) + { + stack.remove(sessionEvent.getSession().getId()); + } +} \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/filters/SPFilter.java 2009-10-09 18:44:57 UTC (rev 828) @@ -34,6 +34,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -49,6 +50,8 @@ import javax.xml.bind.JAXBException; import javax.xml.crypto.MarshalException; import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; import org.apache.log4j.Logger; import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; @@ -57,7 +60,9 @@ import org.jboss.identity.federation.core.config.SPType; import org.jboss.identity.federation.core.config.TrustType; import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.handler.config.Handlers; +import org.jboss.identity.federation.core.interfaces.ProtocolContext; import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; import org.jboss.identity.federation.core.interfaces.TrustKeyManager; import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; @@ -67,17 +72,32 @@ import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; import org.jboss.identity.federation.core.saml.v2.holders.DestinationInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE; import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil; import org.jboss.identity.federation.core.util.XMLSignatureUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; import org.jboss.identity.federation.saml.v2.assertion.AssertionType; import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; import org.jboss.identity.federation.saml.v2.assertion.AttributeType; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; import org.jboss.identity.federation.saml.v2.assertion.NameIDType; import org.jboss.identity.federation.saml.v2.assertion.SubjectType; import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; import org.jboss.identity.federation.saml.v2.protocol.ResponseType; import org.jboss.identity.federation.saml.v2.protocol.StatusType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; import org.jboss.identity.federation.web.interfaces.IRoleValidator; import org.jboss.identity.federation.web.roles.DefaultRoleValidator; import org.jboss.identity.federation.web.util.ConfigurationUtil; @@ -86,6 +106,8 @@ import org.xml.sax.SAXException; /** + * A service provider filter for web container agnostic + * providers * @author Anil.Saldhana(a)redhat.com * @since Aug 21, 2009 */ @@ -94,9 +116,6 @@ private static Logger log = Logger.getLogger(SPFilter.class); private boolean trace = log.isTraceEnabled(); - public static final String PRINCIPAL_ID = "jboss_identity.principal"; - public static final String ROLES_ID = "jboss_identity.roles"; - protected SPType spConfiguration = null; protected String configFile = "/WEB-INF/jboss-idfed.xml"; @@ -106,7 +125,10 @@ private TrustKeyManager keyManager; private ServletContext context = null; + private transient SAML2HandlerChain chain = null; + protected boolean ignoreSignatures = false; + private IRoleValidator roleValidator = new DefaultRoleValidator(); public void destroy() @@ -121,13 +143,17 @@ HttpServletResponse response = (HttpServletResponse) servletResponse; boolean postMethod = "POST".equalsIgnoreCase(request.getMethod()); - Principal userPrincipal = null; + + HttpSession session = request.getSession(); - HttpSession session = request.getSession(); + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID);; + + String samlRequest = request.getParameter("SAMLRequest"); + String samlResponse = request.getParameter("SAMLResponse"); + if(!postMethod) { - //Check if we are already authenticated - userPrincipal = (Principal) session.getAttribute(PRINCIPAL_ID); + //Check if we are already authenticated if(userPrincipal != null) { filterChain.doFilter(servletRequest, servletResponse); @@ -139,7 +165,8 @@ { String relayState = null; try - { + { + //TODO: use the handlers to generate the request AuthnRequestType authnRequest = createSAMLRequest(serviceURL, identityURL); sendRequestToIDP(authnRequest, relayState, response); } @@ -152,8 +179,68 @@ } else { + if(!isNotNull(samlRequest) && !isNotNull(samlResponse)) + { + //Neither saml request nor response from IDP + //So this is a user request + + //Ask the handler chain to generate the saml request + Set<SAML2Handler> handlers = chain.handlers(); + + IssuerInfoHolder holder = new IssuerInfoHolder(this.serviceURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + holder.getIssuer(), null, + HANDLER_TYPE.SP); + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + saml2HandlerResponse.setDestination(identityURL); + + //Reset the state + try + { + for(SAML2Handler handler: handlers) + { + handler.reset(); + if(saml2HandlerResponse.isInError()) + { + response.sendError(saml2HandlerResponse.getErrorCode()); + break; + } + saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); + handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse); + } + } + catch(ProcessingException pe) + { + throw new RuntimeException(pe); + } + Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); + String relayState = saml2HandlerResponse.getRelayState(); + + String destination = saml2HandlerResponse.getDestination(); + + + if(destination != null && + samlResponseDocument != null) + { + try + { + this.sendToDestination(samlResponseDocument, relayState, destination, response); + } + catch (Exception e) + { + if(trace) + log.trace("Exception:",e); + throw new ServletException("Server Error"); + } + return; + } + } + //See if we got a response from IDP - String samlResponse = request.getParameter("SAMLResponse"); if(samlResponse != null && samlResponse.length() > 0 ) { boolean isValid = false; @@ -176,8 +263,55 @@ { SAML2Response saml2Response = new SAML2Response(); - ResponseType responseType = saml2Response.getResponseType(is); + SAML2Object samlObject = saml2Response.getSAML2ObjectFromStream(is); + Set<SAML2Handler> handlers = chain.handlers(); + IssuerInfoHolder holder = new IssuerInfoHolder(this.serviceURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + holder.getIssuer(), samlObject, + HANDLER_TYPE.SP); + + Map<String,Object> requestOptions = new HashMap<String,Object>(); + requestOptions.put(GeneralConstants.CONFIGURATION, this.spConfiguration); + saml2HandlerRequest.setOptions(requestOptions); + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + //Deal with handler chains + for(SAML2Handler handler : handlers) + { + if(saml2HandlerResponse.isInError()) + { + response.sendError(saml2HandlerResponse.getErrorCode()); + break; + } + if(samlObject instanceof RequestAbstractType) + { + handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse); + } + else + { + handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse); + } + } + + Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); + String relayState = saml2HandlerResponse.getRelayState(); + + String destination = saml2HandlerResponse.getDestination(); + + + if(destination != null && + samlResponseDocument != null) + { + this.sendToDestination(samlResponseDocument, relayState, destination, response); + return; + } + /*ResponseType responseType = saml2Response.getResponseType(is); + SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder(); boolean validSignature = this.verifySignature(samlDocumentHolder); @@ -199,25 +333,19 @@ userPrincipal = handleSAMLResponse(request, responseType); if(userPrincipal == null) - response.sendError(HttpServletResponse.SC_FORBIDDEN); + response.sendError(HttpServletResponse.SC_FORBIDDEN);*/ filterChain.doFilter(request, servletResponse); } - catch (ParsingException e) + catch (Exception e) { if(trace) - log.trace("Parsing Exception:", e); - throw new ServletException("Parsing Exception"); - } - catch (ConfigurationException e) + log.trace("Server Exception:", e); + throw new ServletException("Server Exception"); + } + /*catch (IssuerNotTrustedException e) { if(trace) - log.trace("ConfigurationException:", e); - throw new ServletException("Config Exception"); - } - catch (IssuerNotTrustedException e) - { - if(trace) log.trace("IssuerNotTrustedException:", e); throw new ServletException("Issuer Not Trusted Exception"); } @@ -226,7 +354,7 @@ if(trace) log.trace("AssertionExpiredException:", e); throw new ServletException("Assertion expired Exception"); - } + } */ } } @@ -250,30 +378,53 @@ { throw new RuntimeException(e); } - KeyProviderType keyProvider = this.spConfiguration.getKeyProvider(); - if(keyProvider == null) - throw new RuntimeException("KeyProvider is null"); + + //Get the chain from config + chain = new DefaultSAML2HandlerChain(); try { - ClassLoader tcl = SecurityActions.getContextClassLoader(); - String keyManagerClassName = keyProvider.getClassName(); - if(keyManagerClassName == null) - throw new RuntimeException("KeyManager class name is null"); - - Class<?> clazz = tcl.loadClass(keyManagerClassName); - this.keyManager = (TrustKeyManager) clazz.newInstance(); - keyManager.setAuthProperties(keyProvider.getAuth()); - keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); + //Get the handlers + Handlers handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml")); + chain.addAll(HandlerUtil.getHandlers(handlers)); } catch(Exception e) { - log.error("Exception reading configuration:",e); - throw new RuntimeException(e.getLocalizedMessage()); + throw new RuntimeException(e); } - log.trace("Key Provider=" + keyProvider.getClassName()); + String ignoreSigString = filterConfig.getInitParameter(GeneralConstants.IGNORE_SIGNATURES); + if(ignoreSigString != null && !"".equals(ignoreSigString)) + { + this.ignoreSignatures = Boolean.parseBoolean(ignoreSigString); + } + + if(ignoreSignatures == false) + { + KeyProviderType keyProvider = this.spConfiguration.getKeyProvider(); + if(keyProvider == null) + throw new RuntimeException("KeyProvider is null"); + try + { + ClassLoader tcl = SecurityActions.getContextClassLoader(); + String keyManagerClassName = keyProvider.getClassName(); + if(keyManagerClassName == null) + throw new RuntimeException("KeyManager class name is null"); + + Class<?> clazz = tcl.loadClass(keyManagerClassName); + this.keyManager = (TrustKeyManager) clazz.newInstance(); + keyManager.setAuthProperties(keyProvider.getAuth()); + keyManager.setValidatingAlias(keyProvider.getValidatingAlias()); + } + catch(Exception e) + { + log.error("Exception reading configuration:",e); + throw new RuntimeException(e.getLocalizedMessage()); + } + log.trace("Key Provider=" + keyProvider.getClassName()); + } + //Get the Role Validator if configured - String roleValidatorName = filterConfig.getInitParameter("ROLE_VALIDATOR"); + String roleValidatorName = filterConfig.getInitParameter(GeneralConstants.ROLE_VALIDATOR); if(roleValidatorName != null && !"".equals(roleValidatorName)) { try @@ -288,7 +439,7 @@ } Map<String,String> options = new HashMap<String, String>(); - String roles = filterConfig.getInitParameter("ROLES"); + String roles = filterConfig.getInitParameter(GeneralConstants.ROLES); if(trace) log.trace("Found Roles in SPFilter config="+roles); if(roles != null) @@ -331,6 +482,28 @@ response, true); } + protected void sendToDestination(Document samlDocument, String relayState, + String destination, + HttpServletResponse response) + throws IOException, SAXException, JAXBException,GeneralSecurityException + { + String samlMessage; + try + { + samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument)); + } + catch (TransformerFactoryConfigurationError e) + { + throw new ProcessingException(e); + } + catch (TransformerException e) + { + throw new ProcessingException(e); + } + PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), + response, true); + } + protected boolean validate(HttpServletRequest request) throws IOException, GeneralSecurityException { return request.getParameter("SAMLResponse") != null; @@ -477,4 +650,9 @@ } return principal; } + + private boolean isNotNull(String str) + { + return str != null && !"".equals(str); + } } \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/BaseSAML2Handler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,63 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.web.core.HTTPContext; + +/** + * Base Class for SAML2 handlers + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public abstract class BaseSAML2Handler implements SAML2Handler +{ + protected Map<String, Object> options; + + /** + * Initialize the handler + * @param options + */ + public void init(Map<String, Object> options) + { + this.options = options; + } + + + public static HttpServletRequest getHttpRequest(SAML2HandlerRequest request) + { + HTTPContext context = (HTTPContext) request.getContext(); + return context.getRequest(); + } + + public static HttpSession getHttpSession(SAML2HandlerRequest request) + { + HTTPContext context = (HTTPContext) request.getContext(); + return context.getRequest().getSession(false); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/RolesGenerationHandler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,111 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.security.Principal; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpSession; + +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; +import org.jboss.identity.federation.web.interfaces.RoleGenerator; +import org.jboss.identity.federation.web.roles.DefaultRoleGenerator; + +/** + * Handles the generation of roles + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class RolesGenerationHandler extends BaseSAML2Handler +{ + private transient RoleGenerator rg = new DefaultRoleGenerator(); + + @Override + public void init(Map<String, Object> options) + { + super.init(options); + if(options.containsKey("ROLE_GENERATOR")) + { + String clazzName = (String) options.get(GeneralConstants.ROLE_GENERATOR); + ClassLoader tcl = SecurityActions.getContextClassLoader(); + try + { + rg = (RoleGenerator) tcl.loadClass(clazzName).newInstance(); + } + catch(Exception e) + { + throw new RuntimeException("Unable to instantiate Role Generator:",e); + } + + } + } + + @SuppressWarnings("unchecked") + public void handleRequestType(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + //Do not handle log out request interaction + if(request.getSAML2Object() instanceof LogoutRequestType) + return ; + + //only handle IDP side + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.SP) + return; + + HTTPContext httpContext = (HTTPContext) request.getContext(); + HttpSession session = httpContext.getRequest().getSession(false); + + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); + List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); + + if(roles == null) + { + RoleGenerator rg = (RoleGenerator) request.getOptions().get(GeneralConstants.ROLE_GENERATOR); + roles = rg.generateRoles(userPrincipal); + session.setAttribute(GeneralConstants.ROLES_ID, roles); + } + response.setRoles(roles); + } + + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + } + + public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + return; + } + + public void reset() throws ProcessingException + { + // TODO Auto-generated method stub + + } +} Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,380 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.io.StringWriter; +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpSession; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.core.saml.v2.util.StatementUtil; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeType; +import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.SubjectType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; +import org.jboss.identity.federation.web.interfaces.IRoleValidator; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +/** + * Handles for dealing with SAML2 Authentication + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public class SAML2AuthenticationHandler extends BaseSAML2Handler +{ + private static Logger log = Logger.getLogger(SAML2AuthenticationHandler.class); + private boolean trace = log.isTraceEnabled(); + + private IDPAuthenticationHandler idp = new IDPAuthenticationHandler(); + private SPAuthenticationHandler sp = new SPAuthenticationHandler(); + + public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException + { + if(request.getSAML2Object() instanceof AuthnRequestType == false) + return ; + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleRequestType(request, response); + } + else + { + sp.handleRequestType(request, response); + } + } + + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + if(request.getSAML2Object() instanceof ResponseType == false) + return ; + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleStatusResponseType(request, response); + } + else + { + sp.handleStatusResponseType(request, response); + } + } + + public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + if(GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated()) + return; + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.generateSAMLRequest(request, response); + } + else + { + sp.generateSAMLRequest(request, response); + } + } + + private class IDPAuthenticationHandler + { + public void generateSAMLRequest(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + + } + + + public void handleStatusResponseType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + } + + @SuppressWarnings("unchecked") + public void handleRequestType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + AuthnRequestType art = (AuthnRequestType) request.getSAML2Object(); + HttpSession session = BaseSAML2Handler.getHttpSession(request); + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); + List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); + try + { + Map<String,Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES); + long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY); + String destination = art.getAssertionConsumerServiceURL(); + Document samlResponse = this.getResponse(destination, + userPrincipal, roles, request.getIssuer().getValue(), + attribs, + assertionValidity); + + response.setDestination(destination); + response.setResultingDocument(samlResponse); + } + catch(Exception e) + { + throw new ProcessingException(e); + } + } + + public Document getResponse( String assertionConsumerURL, + Principal userPrincipal, + List<String> roles, + String identityURL, + Map<String, Object> attribs, + long assertionValidity) + throws ConfigurationException, IssueInstantMissingException + { + Document samlResponseDocument = null; + + if(trace) + log.trace("AssertionConsumerURL=" + assertionConsumerURL + + "::assertion validity=" + assertionValidity); + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); + issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(userPrincipal.getName()); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(assertionConsumerURL); + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + + //Add information on the roles + AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + + AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + + //Add timed conditions + saml2Response.createTimedConditions(assertion, assertionValidity); + + //Add in the attributes information + if(attribs != null) + { + AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement); + } + + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("Response="+sw.toString()); + } + try + { + samlResponseDocument = saml2Response.convert(responseType); + } + catch (Exception e) + { + if(trace) + log.trace(e); + } + return samlResponseDocument; + } + } + + private class SPAuthenticationHandler + { + public void generateSAMLRequest(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + String issuerValue = request.getIssuer().getValue(); + + SAML2Request samlRequest = new SAML2Request(); + String id = IDGenerator.create("ID_"); + try + { + AuthnRequestType authn = samlRequest.createAuthnRequestType(id, + issuerValue, response.getDestination(), issuerValue); + + response.setResultingDocument(samlRequest.convert(authn)); + } + catch (Exception e) + { + throw new ProcessingException(e); + } + } + + public void handleStatusResponseType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + HTTPContext httpContext = (HTTPContext) request.getContext(); + ResponseType responseType = (ResponseType) request.getSAML2Object(); + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + Object assertion = assertions.get(0); + if(assertion instanceof EncryptedElementType) + { + responseType = this.decryptAssertion(responseType); + } + + Principal userPrincipal = handleSAMLResponse(responseType); + if(userPrincipal == null) + { + response.setError(403, "User Principal not determined: Forbidden"); + } + else + { + //add it to the session + HttpSession session = httpContext.getRequest().getSession(false); + session.setAttribute(GeneralConstants.PRINCIPAL_ID, userPrincipal); + } + } + + public void handleRequestType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + } + + private ResponseType decryptAssertion(ResponseType responseType) + { + throw new RuntimeException("This authenticator does not handle encryption"); + } + + private Principal handleSAMLResponse(ResponseType responseType) + throws ProcessingException + { + if(responseType == null) + throw new IllegalArgumentException("response type is null"); + + StatusType statusType = responseType.getStatus(); + if(statusType == null) + throw new IllegalArgumentException("Status Type from the IDP is null"); + + String statusValue = statusType.getStatusCode().getValue(); + if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) + throw new SecurityException("IDP forbid the user"); + + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + AssertionType assertion = (AssertionType)assertions.get(0); + //Check for validity of assertion + boolean expiredAssertion; + try + { + expiredAssertion = AssertionUtil.hasExpired(assertion); + } + catch (ConfigurationException e) + { + throw new ProcessingException(e); + } + if(expiredAssertion) + { + throw new ProcessingException("Assertion has expired"); + } + + SubjectType subject = assertion.getSubject(); + JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + NameIDType nameID = jnameID.getValue(); + final String userName = nameID.getValue(); + List<String> roles = new ArrayList<String>(); + + //Let us get the roles + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); + List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); + for(Object obj:attList) + { + AttributeType attr = (AttributeType) obj; + String roleName = (String) attr.getAttributeValue().get(0); + roles.add(roleName); + } + + Principal principal = new Principal() + { + public String getName() + { + return userName; + } + }; + + //Validate the roles + IRoleValidator roleValidator = (IRoleValidator) options.get(GeneralConstants.ROLE_VALIDATOR); + boolean validRole = roleValidator.userInRole(principal, roles); + if(!validRole) + { + if(trace) + log.trace("Invalid role:" + roles); + principal = null; + } + return principal; + } + } + + public void reset() throws ProcessingException + { + // TODO Auto-generated method stub + + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2IssuerTrustHandler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,218 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.io.IOException; +import java.net.URL; +import java.util.StringTokenizer; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.core.config.IDPType; +import org.jboss.identity.federation.core.config.SPType; +import org.jboss.identity.federation.core.config.TrustType; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.web.constants.GeneralConstants; + +/** + * Handles Issuer trust + * <p>Trust decisions are based on the url of the issuer of the + * saml request/response sent to the handler chain</p> + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public class SAML2IssuerTrustHandler extends BaseSAML2Handler +{ + private static Logger log = Logger.getLogger(SAML2IssuerTrustHandler.class); + private boolean trace = log.isTraceEnabled(); + private IDPTrustHandler idp = new IDPTrustHandler(); + private SPTrustHandler sp = new SPTrustHandler(); + + public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + //Nothing to do here + } + + public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException + { + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleRequestType(request, response); + } + else + { + sp.handleRequestType(request, response); + } + } + + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleStatusResponseType(request, response); + } + else + { + sp.handleStatusResponseType(request, response); + } + } + + public void reset() throws ProcessingException + { + } + + private class IDPTrustHandler + { + public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException + { + IDPType idpConfiguration = (IDPType) request.getOptions().get(GeneralConstants.CONFIGURATION); + String issuer = request.getIssuer().getValue(); + + trustIssuer(idpConfiguration, issuer); + } + + + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + IDPType idpConfiguration = (IDPType) request.getOptions().get(GeneralConstants.CONFIGURATION); + String issuer = request.getIssuer().getValue(); + + trustIssuer(idpConfiguration, issuer); + } + + + private void trustIssuer(IDPType idpConfiguration, String issuer) throws ProcessingException + { + if(idpConfiguration == null) + throw new IllegalStateException("IDP Configuration is null"); + try + { + String issuerDomain = getDomain(issuer); + TrustType idpTrust = idpConfiguration.getTrust(); + if(idpTrust != null) + { + String domainsTrusted = idpTrust.getDomains(); + if(trace) + log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); + if(domainsTrusted.indexOf(issuerDomain) < 0) + { + //Let us do string parts checking + StringTokenizer st = new StringTokenizer(domainsTrusted, ","); + while(st != null && st.hasMoreTokens()) + { + String uriBit = st.nextToken(); + if(trace) + log.trace("Matching uri bit="+ uriBit); + if(issuerDomain.indexOf(uriBit) > 0) + { + if(trace) + log.trace("Matched " + uriBit + " trust for " + issuerDomain ); + return; + } + } + throw new IssuerNotTrustedException(issuer); + } + } + } + catch (Exception e) + { + throw new ProcessingException(new IssuerNotTrustedException(e.getLocalizedMessage(),e)); + } + } + } + + private class SPTrustHandler + { + public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException + { + SPType spConfiguration = (SPType) request.getOptions().get(GeneralConstants.CONFIGURATION); + String issuer = request.getIssuer().getValue(); + + trustIssuer(spConfiguration, issuer); + } + + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + SPType spConfiguration = (SPType) request.getOptions().get(GeneralConstants.CONFIGURATION); + String issuer = request.getIssuer().getValue(); + + trustIssuer(spConfiguration, issuer); + } + + private void trustIssuer(SPType spConfiguration, String issuer) throws ProcessingException + { + if(spConfiguration == null) + throw new IllegalStateException("SP Configuration is null"); + try + { + String issuerDomain = getDomain(issuer); + TrustType spTrust = spConfiguration.getTrust(); + if(spTrust != null) + { + String domainsTrusted = spTrust.getDomains(); + if(trace) + log.trace("Domains that SP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); + if(domainsTrusted.indexOf(issuerDomain) < 0) + { + //Let us do string parts checking + StringTokenizer st = new StringTokenizer(domainsTrusted, ","); + while(st != null && st.hasMoreTokens()) + { + String uriBit = st.nextToken(); + if(trace) + log.trace("Matching uri bit="+ uriBit); + if(issuerDomain.indexOf(uriBit) > 0) + { + if(trace) + log.trace("Matched " + uriBit + " trust for " + issuerDomain ); + return; + } + } + throw new IssuerNotTrustedException(issuer); + } + } + } + catch (Exception e) + { + throw new ProcessingException(new IssuerNotTrustedException(e.getLocalizedMessage(),e)); + } + } + } + + /** + * Given a SP or IDP issuer from the assertion, return the host + * @param domainURL + * @return + * @throws IOException + */ + private static String getDomain(String domainURL) throws IOException + { + URL url = new URL(domainURL); + return url.getHost(); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SAML2LogOutHandler.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,462 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.io.IOException; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE; +import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ObjectFactory; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusCodeType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusType; +import org.jboss.identity.federation.web.core.HTTPContext; +import org.jboss.identity.federation.web.core.IdentityServer; +import org.xml.sax.SAXException; + +/** + * SAML2 LogOut Profile + * @author Anil.Saldhana(a)redhat.com + * @since Sep 17, 2009 + */ +public class SAML2LogOutHandler extends BaseSAML2Handler +{ + private static Logger log = Logger.getLogger(SAML2LogOutHandler.class); + private boolean trace = log.isTraceEnabled(); + + private IDPLogOutHandler idp = new IDPLogOutHandler(); + private SPLogOutHandler sp = new SPLogOutHandler(); + + private ObjectFactory objectFactory = new ObjectFactory(); + + /** + * @see SAML2Handler#generateSAMLRequest(SAML2HandlerRequest, SAML2HandlerResponse) + */ + public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { + if(request.getTypeOfRequestToBeGenerated() == null) + { + if(trace) + { + log.trace("Request type to be generated=null"); + } + return; + } + if(GENERATE_REQUEST_TYPE.LOGOUT != request.getTypeOfRequestToBeGenerated()) + return; + + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.generateSAMLRequest(request, response); + } + else + { + sp.generateSAMLRequest(request, response); + } + } + + /** + * @see SAML2Handler#handleRequestType(RequestAbstractType) + */ + public void handleRequestType(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + if(request.getSAML2Object() instanceof LogoutRequestType == false) + return ; + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleRequestType(request, response); + } + else + { + sp.handleRequestType(request, response); + } + } + + /** + * @see SAML2Handler#handleStatusResponseType(StatusResponseType, + Document resultingDocument) + */ + public void handleStatusResponseType(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + //we do not handle any ResponseType (authentication etc) + if(request.getSAML2Object() instanceof ResponseType) + return; + + if(request.getSAML2Object() instanceof StatusResponseType == false) + return ; + + if(request.getType() == SAML2HandlerRequest.HANDLER_TYPE.IDP) + { + idp.handleStatusResponseType(request, response); + } + else + { + sp.handleStatusResponseType(request, response); + } + } + + private class IDPLogOutHandler + { + public void generateSAMLRequest(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + + } + + + public void handleStatusResponseType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + //we got a logout response from a SP + SAML2Object samlObject = request.getSAML2Object(); + StatusResponseType statusResponseType = (StatusResponseType) samlObject; + + HTTPContext httpContext = (HTTPContext) request.getContext(); + HttpServletRequest httpRequest = httpContext.getRequest(); + HttpSession httpSession = httpRequest.getSession(false); + + String relayState = request.getRelayState(); + + ServletContext servletCtx = httpContext.getServletContext(); + IdentityServer server = (IdentityServer)servletCtx.getAttribute("IDENTITY_SERVER"); + + if(server == null) + throw new ProcessingException("Identity Server not found"); + + String sessionID = httpSession.getId(); + + String statusIssuer = statusResponseType.getIssuer().getValue(); + server.stack().deRegisterTransitParticipant(sessionID, statusIssuer); + + String nextParticipant = this.getParticipant(server, sessionID, relayState); + if(nextParticipant == null || nextParticipant.equals(relayState)) + { + //we are done with logout + + //TODO: check the in transit map for partial logouts + + try + { + generateSuccessStatusResponseType(statusResponseType.getInResponseTo(), + request, response, relayState); + } + catch (Exception e) + { + throw new ProcessingException(e); + } + } + else + { + //Put the participant in transit mode + server.stack().registerTransitParticipant(sessionID, nextParticipant); + + //send logout request to participant with relaystate to orig + response.setRelayState(relayState); + + response.setDestination(nextParticipant); + + SAML2Request saml2Request = new SAML2Request(); + try + { + LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue()); + response.setResultingDocument(saml2Request.convert(lort)); + } + catch(Exception e) + { + throw new ProcessingException(e); + } + } + } + + public void handleRequestType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + HTTPContext httpContext = (HTTPContext) request.getContext(); + HttpSession session = httpContext.getRequest().getSession(false); + String sessionID = session.getId(); + + String relayState = httpContext.getRequest().getParameter("RelayState"); + + LogoutRequestType logOutRequest = (LogoutRequestType) request.getSAML2Object(); + String issuer = logOutRequest.getIssuer().getValue(); + try + { + SAML2Response saml2Response = new SAML2Response(); + SAML2Request saml2Request = new SAML2Request(); + + ServletContext servletCtx = httpContext.getServletContext(); + IdentityServer server = (IdentityServer)servletCtx.getAttribute("IDENTITY_SERVER"); + + if(server == null) + throw new ProcessingException("Identity Server not found"); + + String originalIssuer = (relayState == null) ? issuer : relayState; + + String participant = this.getParticipant(server, sessionID, originalIssuer); + + if(participant == null || participant.equals(originalIssuer)) + { + //All log out is done + session.invalidate(); + server.stack().pop(sessionID); + + generateSuccessStatusResponseType(logOutRequest.getID(), + request, response, originalIssuer); + } + else + { + //Put the participant in transit mode + server.stack().registerTransitParticipant(sessionID, participant); + + if(relayState == null) + relayState = originalIssuer; + + //send logout request to participant with relaystate to orig + response.setRelayState(originalIssuer); + + response.setDestination(participant); + + + LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue()); + response.setResultingDocument(saml2Request.convert(lort)); + } + } + catch(ParserConfigurationException pe) + { + throw new ProcessingException(pe); + } + catch(ConfigurationException pe) + { + throw new ProcessingException(pe); + } + catch(JAXBException pe) + { + throw new ProcessingException(pe); + } + catch(IOException pe) + { + throw new ProcessingException(pe); + } + catch(SAXException pe) + { + throw new ProcessingException(pe); + } + return; + } + + + private void generateSuccessStatusResponseType( + String logOutRequestID, + SAML2HandlerRequest request, + SAML2HandlerResponse response, + String originalIssuer) + throws ConfigurationException, ParserConfigurationException, ProcessingException + { + StatusResponseType statusResponse = objectFactory.createStatusResponseType(); + + //Status + StatusType statusType = objectFactory.createStatusType(); + StatusCodeType statusCodeType = objectFactory.createStatusCodeType(); + statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get()); + + //2nd level status code + StatusCodeType status2ndLevel = objectFactory.createStatusCodeType(); + status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + statusCodeType.setStatusCode(status2ndLevel); + + statusType.setStatusCode(statusCodeType); + + statusResponse.setStatus(statusType); + + statusResponse.setIssueInstant(XMLTimeUtil.getIssueInstant()); + statusResponse.setInResponseTo(logOutRequestID); + statusResponse.setID(IDGenerator.create("ID_")); + + statusResponse.setIssuer(request.getIssuer()); + + try + { + SAML2Response saml2Response = new SAML2Response(); + response.setResultingDocument(saml2Response.convert(statusResponse)); + } + catch(JAXBException je) + { + throw new ProcessingException(je); + } + + response.setDestination(originalIssuer); + } + + private String getParticipant(IdentityServer server, String sessionID, + String originalRequestor) + { + int participants = server.stack().getParticipants(sessionID); + + String participant = originalRequestor; + //Get a participant who is not equal to the original issuer of the logout request + if(participants > 0) + { + do + { + participant = server.stack().pop(sessionID); + --participants; + } + while(participants > 0 && participant.equals(originalRequestor)); + } + + return participant; + } + } + + private class SPLogOutHandler + { + public void generateSAMLRequest(SAML2HandlerRequest request, + SAML2HandlerResponse response) throws ProcessingException + { + //Generate the LogOut Request + SAML2Request samlRequest = new SAML2Request(); + try + { + LogoutRequestType lot = + samlRequest.createLogoutRequest(request.getIssuer().getValue()); + response.setResultingDocument(samlRequest.convert(lot)); + } + catch (Exception e) + { + throw new ProcessingException(e); + } + } + + public void handleStatusResponseType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + //Handler a log out response from IDP + StatusResponseType statusResponseType = (StatusResponseType) request.getSAML2Object(); + + HTTPContext httpContext = (HTTPContext) request.getContext(); + HttpServletRequest servletRequest = httpContext.getRequest(); + HttpSession session = servletRequest.getSession(false); + + //TODO: Deal with partial logout report + + StatusType statusType = statusResponseType.getStatus(); + StatusCodeType statusCode = statusType.getStatusCode(); + StatusCodeType secondLevelstatusCode = statusCode.getStatusCode(); + if(secondLevelstatusCode.getValue().equals(JBossSAMLURIConstants.STATUS_SUCCESS.get())) + { + //we are successfully logged out + session.invalidate(); + } + } + + public void handleRequestType( SAML2HandlerRequest request, + SAML2HandlerResponse response ) throws ProcessingException + { + SAML2Object samlObject = request.getSAML2Object(); + if(samlObject instanceof LogoutRequestType == false) + return; + + LogoutRequestType logOutRequest = (LogoutRequestType) samlObject; + HTTPContext httpContext = (HTTPContext) request.getContext(); + HttpServletRequest servletRequest = httpContext.getRequest(); + HttpSession session = servletRequest.getSession(false); + + String relayState = servletRequest.getParameter("RelayState"); + + session.invalidate(); //Invalidate the current session at the SP + + //Generate a Logout Response + StatusResponseType statusResponse = objectFactory.createStatusResponseType(); + + //Status + StatusType statusType = objectFactory.createStatusType(); + StatusCodeType statusCodeType = objectFactory.createStatusCodeType(); + statusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get()); + + //2nd level status code + StatusCodeType status2ndLevel = objectFactory.createStatusCodeType(); + status2ndLevel.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + statusCodeType.setStatusCode(status2ndLevel); + + statusType.setStatusCode(statusCodeType); + + statusResponse.setStatus(statusType); + + try + { + statusResponse.setIssueInstant(XMLTimeUtil.getIssueInstant()); + } + catch (ConfigurationException e) + { + throw new ProcessingException(e); + } + statusResponse.setInResponseTo(logOutRequest.getID()); + statusResponse.setID(IDGenerator.create("ID_")); + + statusResponse.setIssuer(request.getIssuer()); + + SAML2Response saml2Response = new SAML2Response(); + try + { + response.setResultingDocument(saml2Response.convert(statusResponse)); + } + catch(Exception je) + { + throw new ProcessingException(je); + } + + response.setRelayState(relayState); + response.setDestination(logOutRequest.getIssuer().getValue()); + } + } + + public void reset() throws ProcessingException + { + // TODO Auto-generated method stub + + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SecurityActions.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SecurityActions.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/handlers/saml2/SecurityActions.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,48 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.web.handlers.saml2; + +import java.security.AccessController; +import java.security.PrivilegedAction; + +/** + * Privileged Blocks + * @author Anil.Saldhana(a)redhat.com + * @since Dec 9, 2008 + */ +class SecurityActions +{ + /** + * Get the Thread Context ClassLoader + * @return + */ + static ClassLoader getContextClassLoader() + { + return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() + { + public ClassLoader run() + { + return Thread.currentThread().getContextClassLoader(); + } + }); + } +} Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/openid/HTTPOpenIDContext.java 2009-10-09 18:44:57 UTC (rev 828) @@ -25,76 +25,33 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.jboss.identity.federation.web.core.HTTPContext; + /** * HTTP Context for OpenID * @author Anil.Saldhana(a)redhat.com * @since Jul 6, 2009 */ -public class HTTPOpenIDContext -{ - private HttpServletRequest request; - private HttpServletResponse response; - - private String returnURL; - private ServletContext servletContext; - - public HTTPOpenIDContext() - { - } - +public class HTTPOpenIDContext extends HTTPContext +{ + private String returnURL; + public HTTPOpenIDContext(HttpServletRequest httpReq, HttpServletResponse httpResp, ServletContext sctx) { - this.request = httpReq; - this.response = httpResp; - this.servletContext = sctx; - } - - - public HttpServletRequest getRequest() - { - return request; - } + super(httpReq, httpResp, sctx); + } - public HttpServletResponse getResponse() - { - return response; - } - public String getReturnURL() { return returnURL; - } + } - - public ServletContext getServletContext() - { - return servletContext; - } - //Setters - public HTTPOpenIDContext setRequest(HttpServletRequest req) - { - this.request = req; - return this; - } - - public HTTPOpenIDContext setResponse(HttpServletResponse resp) - { - this.response = resp; - return this; - } - public HTTPOpenIDContext setReturnURL(String url) { this.returnURL = url; return this; - } - - public HTTPOpenIDContext setServletContext(ServletContext sctx) - { - this.servletContext = sctx; - return this; - } + } } \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-10-09 18:44:57 UTC (rev 828) @@ -34,6 +34,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; +import org.jboss.identity.federation.web.constants.GeneralConstants; import org.jboss.identity.federation.web.handlers.DefaultLoginHandler; import org.jboss.identity.federation.web.interfaces.ILoginHandler; @@ -46,8 +47,6 @@ { private static final long serialVersionUID = 1L; private transient ServletContext context; - private String USERNAME_FIELD = "JBID_USERNAME"; - private String PASS_FIELD = "JBID_PASSWORD"; private transient ILoginHandler loginHandler = null; @Override @@ -57,7 +56,7 @@ HttpSession session = request.getSession(); //Check if we are already authenticated - Principal principal = (Principal) session.getAttribute(IDPServlet.PRINCIPAL_ID); + Principal principal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); if(principal != null) { this.saveRequest(request, session); @@ -65,8 +64,8 @@ return; } - final String username = request.getParameter(USERNAME_FIELD); - String passwd = request.getParameter(PASS_FIELD); + final String username = request.getParameter(GeneralConstants.USERNAME_FIELD); + String passwd = request.getParameter(GeneralConstants.PASS_FIELD); if(username == null || passwd == null) { @@ -95,7 +94,7 @@ return; } - session.setAttribute(IDPServlet.PRINCIPAL_ID, new Principal() + session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal() { public String getName() { @@ -121,15 +120,7 @@ { super.init(config); this.context = config.getServletContext(); - //Users can customize the username and password fields of their html forms here - String userNameField = config.getInitParameter("USERNAME_FIELD"); - if(userNameField != null && userNameField.length() > 0) - USERNAME_FIELD = userNameField; - String pwdField = config.getInitParameter("PASSWORD_FIELD"); - if(pwdField != null && pwdField.length() > 0) - PASS_FIELD = pwdField; - String loginClass = config.getInitParameter("loginClass"); if(loginClass == null || loginClass.length() == 0) loginClass = DefaultLoginHandler.class.getName(); @@ -145,6 +136,12 @@ } } + public void testPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException + { + this.doPost(request, response); + } + private void saveRequest(HttpServletRequest request, HttpSession session) { //Save the SAMLRequest and relayState Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-10-09 18:44:57 UTC (rev 828) @@ -27,7 +27,10 @@ import java.security.Principal; import java.security.PublicKey; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import java.util.Set; import java.util.StringTokenizer; import javax.servlet.ServletConfig; @@ -43,16 +46,31 @@ import org.jboss.identity.federation.core.config.KeyProviderType; import org.jboss.identity.federation.core.exceptions.ConfigurationException; import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.handler.config.Handlers; import org.jboss.identity.federation.core.impl.DelegatedAttributeManager; import org.jboss.identity.federation.core.interfaces.AttributeManager; +import org.jboss.identity.federation.core.interfaces.ProtocolContext; import org.jboss.identity.federation.core.interfaces.TrustKeyConfigurationException; import org.jboss.identity.federation.core.interfaces.TrustKeyManager; import org.jboss.identity.federation.core.interfaces.TrustKeyProcessingException; import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2Handler; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; +import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.HANDLER_TYPE; +import org.jboss.identity.federation.core.saml.v2.util.HandlerUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.StatusResponseType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.HTTPContext; import org.jboss.identity.federation.web.interfaces.RoleGenerator; import org.jboss.identity.federation.web.roles.DefaultRoleGenerator; import org.jboss.identity.federation.web.util.ConfigurationUtil; @@ -70,10 +88,7 @@ private static final long serialVersionUID = 1L; private static Logger log = Logger.getLogger(IDPServlet.class); private boolean trace = log.isTraceEnabled(); - - public static final String PRINCIPAL_ID = "jboss_identity.principal"; - public static final String ROLES_ID = "jboss_identity.roles"; - + protected transient IDPType idpConfiguration = null; private transient RoleGenerator rg = new DefaultRoleGenerator(); @@ -93,6 +108,8 @@ private Boolean signOutgoingMessages = true; private transient ServletContext context = null; + + private transient SAML2HandlerChain chain = null; public Boolean getIgnoreIncomingSignatures() { @@ -102,12 +119,17 @@ @Override public void init(ServletConfig config) throws ServletException { + Handlers handlers = null; super.init(config); String configFile = "/WEB-INF/jboss-idfed.xml"; context = config.getServletContext(); InputStream is = context.getResourceAsStream(configFile); if(is == null) throw new RuntimeException(configFile + " missing"); + + //Get the chain from config + chain = new DefaultSAML2HandlerChain(); + try { idpConfiguration = ConfigurationUtil.getIDPConfiguration(is); @@ -123,11 +145,22 @@ AttributeManager delegate = (AttributeManager) tcl.loadClass(attributeManager).newInstance(); this.attribManager.setDelegate(delegate); } + + //Get the handlers + handlers = ConfigurationUtil.getHandlers(context.getResourceAsStream("/WEB-INF/jbid-handlers.xml")); + chain.addAll(HandlerUtil.getHandlers(handlers)); } catch (Exception e) { throw new RuntimeException(e); } + + //Handle the sign outgoing messages + String signOutgoingString = config.getInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES); + if(signOutgoingString != null && !"".equals(signOutgoingString)) + this.signOutgoingMessages = Boolean.parseBoolean(signOutgoingString); + + if(this.signOutgoingMessages) { KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider(); @@ -156,12 +189,12 @@ } //handle the role generator - String rgString = config.getInitParameter("ROLE_GENERATOR"); + String rgString = config.getInitParameter(GeneralConstants.ROLE_GENERATOR); if(rgString != null && !"".equals(rgString)) this.setRoleGenerator(rgString); //Get a list of attributes we are interested in - String attribList = config.getInitParameter("ATTRIBUTE_KEYS"); + String attribList = config.getInitParameter(GeneralConstants.ATTRIBUTE_KEYS); if(attribList != null && !"".equals(attribList)) { StringTokenizer st = new StringTokenizer(attribList,","); @@ -169,23 +202,24 @@ { this.attributeKeys.add(st.nextToken()); } - } + } } - - @SuppressWarnings("unchecked") + + @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //Some issue with filters and servlets HttpSession session = request.getSession(false); - String samlMessage = (String) session.getAttribute("SAMLRequest"); + String samlRequestMessage = (String) session.getAttribute("SAMLRequest"); + String samlResponseMessage = (String) session.getAttribute("SAMLResponse"); String relayState = (String) session.getAttribute("RelayState"); String referer = request.getHeader("Referer"); //See if the user has already been authenticated - Principal userPrincipal = (Principal) session.getAttribute(PRINCIPAL_ID); + Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); if(userPrincipal == null) { @@ -193,9 +227,8 @@ if(trace) log.trace("Login Filters have not been configured"); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } + } - IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration, keyManager); webRequestUtil.setAttributeManager(this.attribManager); @@ -206,52 +239,187 @@ if(trace) { log.trace("Retrieved saml message and relay state from session"); - log.trace("saml message=" + samlMessage + "::relay state="+ relayState); + log.trace("saml Request message=" + samlRequestMessage + "::relay state="+ relayState); + log.trace("saml Response message=" + samlResponseMessage + "::relay state="+ relayState); } session.removeAttribute("SAMLRequest"); + session.removeAttribute("SAMLResponse"); if(relayState != null && relayState.length() > 0) session.removeAttribute("RelayState"); + + SAML2Object samlObject = null; + String destination = null; + Document samlResponse = null; + + if(samlResponseMessage != null) + { + StatusResponseType statusResponseType = null; + try + { + samlObject = webRequestUtil.getSAMLObject(samlResponseMessage); + + boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile(); + boolean isValid = validate(request.getRemoteAddr(), + request.getQueryString(), + new SessionHolder(samlResponseMessage, null), isPost); + + if(!isValid) + throw new GeneralSecurityException("Validation check failed"); + String issuer = null; + IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + idpIssuer.getIssuer(), samlObject, + HANDLER_TYPE.IDP); + saml2HandlerRequest.setRelayState(relayState); + + Map<String, Object> requestOptions = new HashMap<String, Object>(); + requestOptions.put("ROLE_GENERATOR", rg); + saml2HandlerRequest.setOptions(requestOptions); + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + Set<SAML2Handler> handlers = chain.handlers(); + + if(samlObject instanceof StatusResponseType) + { + statusResponseType = (StatusResponseType) samlObject; + issuer = statusResponseType.getIssuer().getValue(); + webRequestUtil.isTrusted(issuer); + + if(handlers != null) + { + for(SAML2Handler handler: handlers) + { + handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse); + } + } + } + else + throw new RuntimeException("Unknown type:" + samlObject.getClass().getName()); + + samlResponse = saml2HandlerResponse.getResultingDocument(); + relayState = saml2HandlerResponse.getRelayState(); + + destination = saml2HandlerResponse.getDestination(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + + } + else //Send valid saml response after processing the request - if(samlMessage != null) + if(samlRequestMessage != null) { //Get the SAML Request Message - RequestAbstractType requestAbstractType = null; - Document samlResponse = null; - String destination = null; + RequestAbstractType requestAbstractType = null; + StatusResponseType statusResponseType = null; + try { - requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); + samlObject = webRequestUtil.getSAMLObject(samlRequestMessage); + boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile(); boolean isValid = validate(request.getRemoteAddr(), request.getQueryString(), - new SessionHolder(samlMessage, null), isPost); + new SessionHolder(samlRequestMessage, null), isPost); if(!isValid) throw new GeneralSecurityException("Validation check failed"); - webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue()); - + String issuer = null; + IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL); + ProtocolContext protocolContext = new HTTPContext(request,response, context); + //Create the request/response + SAML2HandlerRequest saml2HandlerRequest = + new DefaultSAML2HandlerRequest(protocolContext, + idpIssuer.getIssuer(), samlObject, + HANDLER_TYPE.IDP); + saml2HandlerRequest.setRelayState(relayState); - List<String> roles = (List<String>) session.getAttribute(ROLES_ID); + Map<String, Object> requestOptions = new HashMap<String, Object>(); + requestOptions.put(GeneralConstants.ROLE_GENERATOR, rg); + requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY, this.assertionValidity); + requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration); + Map<String,Object> attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys); + requestOptions.put(GeneralConstants.ATTRIBUTES, attribs); + + saml2HandlerRequest.setOptions(requestOptions); + + List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); if(roles == null) { roles = rg.generateRoles(userPrincipal); - session.setAttribute(ROLES_ID, roles); + session.setAttribute(GeneralConstants.ROLES_ID, roles); } + + SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); + + Set<SAML2Handler> handlers = chain.handlers(); + + if(samlObject instanceof RequestAbstractType) + { + requestAbstractType = (RequestAbstractType) samlObject; + issuer = requestAbstractType.getIssuer().getValue(); + webRequestUtil.isTrusted(issuer); + if(handlers != null) + { + for(SAML2Handler handler: handlers) + { + handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse); + } + } + } + else + throw new RuntimeException("Unknown type:" + samlObject.getClass().getName()); - if(trace) - log.trace("Roles have been determined:Creating response"); + samlResponse = saml2HandlerResponse.getResultingDocument(); + relayState = saml2HandlerResponse.getRelayState(); + + destination = saml2HandlerResponse.getDestination(); + + + //requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); + + + /*//RequestAbstractType + if(requestAbstractType != null) + { + List<String> roles = (List<String>) session.getAttribute(ROLES_ID); + if(roles == null) + { + roles = rg.generateRoles(userPrincipal); + session.setAttribute(ROLES_ID, roles); + } + + if(trace) + log.trace("Roles have been determined:Creating response"); + + if(requestAbstractType instanceof LogoutRequestType) + { + LogoutRequestType lot = (LogoutRequestType) requestAbstractType; + + } - AuthnRequestType art = (AuthnRequestType) requestAbstractType; - destination = art.getAssertionConsumerServiceURL(); + AuthnRequestType art = (AuthnRequestType) requestAbstractType; + destination = art.getAssertionConsumerServiceURL(); - samlResponse = - webRequestUtil.getResponse(destination, - userPrincipal, roles, - this.identityURL, this.assertionValidity, this.signOutgoingMessages); + samlResponse = + webRequestUtil.getResponse(destination, + userPrincipal, roles, + this.identityURL, this.assertionValidity, this.signOutgoingMessages); + } + else + { + //status response type + }*/ } catch (IssuerNotTrustedException e) { @@ -298,29 +466,7 @@ JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), this.identityURL, this.signOutgoingMessages); } - finally - { - try - { - if(samlResponse == null) - throw new ServletException("SAML Response has not been generated"); - - if(this.signOutgoingMessages) - webRequestUtil.send(samlResponse, destination,relayState, response, true, - this.keyManager.getSigningKey()); - else - webRequestUtil.send(samlResponse, destination, relayState, response, false,null); - } - catch (ParsingException e) - { - if(trace) log.trace(e); - } - catch (GeneralSecurityException e) - { - if(trace) log.trace(e); - } - } - return; + } else { @@ -330,13 +476,36 @@ try { sendErrorResponseToSP(referer, response, relayState, webRequestUtil); + return; } catch (ConfigurationException e) { if(trace) log.trace(e); } } - } + + try + { + if(samlResponse == null) + throw new ServletException("SAML Response has not been generated"); + + if(this.signOutgoingMessages) + webRequestUtil.send(samlResponse, destination,relayState, response, true, + this.keyManager.getSigningKey()); + else + webRequestUtil.send(samlResponse, destination, relayState, response, false,null); + } + catch (ParsingException e) + { + if(trace) log.trace(e); + } + catch (GeneralSecurityException e) + { + if(trace) log.trace(e); + } + + return; + } } protected void sendErrorResponseToSP(String referrer, HttpServletResponse response, String relayState, @@ -430,6 +599,11 @@ } } + public void testPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException + { + this.doPost(request, response); + } + private void setRoleGenerator(String rgName) { try Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ConfigurationUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -21,6 +21,7 @@ */ package org.jboss.identity.federation.web.util; +import java.io.IOException; import java.io.InputStream; import javax.xml.bind.JAXBElement; @@ -31,53 +32,97 @@ import org.jboss.identity.federation.core.util.JAXBUtil; import org.jboss.identity.federation.core.config.IDPType; import org.jboss.identity.federation.core.config.SPType; +import org.jboss.identity.federation.core.handler.config.Handlers; import org.xml.sax.SAXException; /** + * Deals with Configuration * @author Anil.Saldhana(a)redhat.com * @since Aug 21, 2009 */ public class ConfigurationUtil { + /** + * Get the IDP Configuration + * from the passed configuration + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ @SuppressWarnings("unchecked") - public static IDPType getIDPConfiguration(InputStream is) throws JAXBException, SAXException + public static IDPType getIDPConfiguration(InputStream is) throws JAXBException, SAXException, IOException { if(is == null) throw new IllegalArgumentException("inputstream is null"); String schema = "schema/config/jboss-identity-fed.xsd"; - String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; - boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); + Unmarshaller un = getUnmarshaller(schema); - String pkgName = "org.jboss.identity.federation.core.config"; - Unmarshaller un = null; - if(validate) - un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema); - else - un = JAXBUtil.getUnmarshaller(pkgName); - JAXBElement<IDPType> jaxbSp = (JAXBElement<IDPType>) un.unmarshal(is); return jaxbSp.getValue(); } + + /** + * Get the SP Configuration from the + * passed inputstream + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ @SuppressWarnings("unchecked") - public static SPType getSPConfiguration(InputStream is) throws JAXBException, SAXException + public static SPType getSPConfiguration(InputStream is) throws JAXBException, SAXException, IOException { if(is == null) throw new IllegalArgumentException("inputstream is null"); String schema = "schema/config/jboss-identity-fed.xsd"; + Unmarshaller un = getUnmarshaller(schema); + + JAXBElement<SPType> jaxbSp = (JAXBElement<SPType>) un.unmarshal(is); + return jaxbSp.getValue(); + } + + /** + * Get the Handlers from the configuration + * @param is + * @return + * @throws JAXBException + * @throws SAXException + * @throws IOException + */ + @SuppressWarnings("unchecked") + public static Handlers getHandlers(InputStream is) throws JAXBException, SAXException, IOException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + String[] schemas = new String[] { "schema/config/jboss-identity-fed.xsd", + "schema/config/jboss-identity-fed-handler.xsd"}; + + Unmarshaller un = getUnmarshaller(schemas); + JAXBElement<Handlers> handlers = (JAXBElement<Handlers>) un.unmarshal(is); + return handlers.getValue(); + } + + + private static Unmarshaller getUnmarshaller(String... schema) throws JAXBException, SAXException, IOException + { String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false")); - String pkgName = "org.jboss.identity.federation.core.config"; + String[] pkgName = new String[] { IDPType.class.getPackage().getName(), + Handlers.class.getPackage().getName() + } ; + Unmarshaller un = null; if(validate) un = JAXBUtil.getValidatingUnmarshaller(pkgName, schema); else un = JAXBUtil.getUnmarshaller(pkgName); - - JAXBElement<SPType> jaxbSp = (JAXBElement<SPType>) un.unmarshal(is); - return jaxbSp.getValue(); + return un; } } \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -59,6 +59,7 @@ import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; import org.jboss.identity.federation.core.saml.v2.util.StatementUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; import org.jboss.identity.federation.saml.v2.assertion.AssertionType; import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; @@ -113,6 +114,33 @@ return postProfile; } + public SAML2Object getSAMLObject(String samlMessage) + throws ParsingException, IOException + { + InputStream is = null; + SAML2Request saml2Request = new SAML2Request(); + if(redirectProfile) + { + is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + } + else + { + try + { + byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); + if(trace) log.trace("SAMLRequest=" + new String(samlBytes)); + is = new ByteArrayInputStream(samlBytes); + } + catch(Exception rte) + { + if(trace) + log.trace("Error in base64 decoding saml message: "+rte); + throw new ParsingException(rte); + } + } + return saml2Request.getSAML2ObjectFromStream(is); + } + public RequestAbstractType getSAMLRequest(String samlMessage) throws ParsingException, IOException { Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-10-08 11:39:28 UTC (rev 827) +++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/PostBindingUtil.java 2009-10-09 18:44:57 UTC (rev 828) @@ -69,6 +69,9 @@ String destination = holder.getDestination(); String samlMessage = holder.getSamlMessage(); + if(destination == null) + throw new IllegalStateException("Destination is null"); + response.setContentType("text/html"); PrintWriter out = response.getWriter(); common(holder.getDestination(), response); Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockContextClassLoader.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockContextClassLoader.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockContextClassLoader.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,61 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.io.InputStream; +import java.net.URL; +import java.net.URLClassLoader; + +/** + * Mock TCL + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class MockContextClassLoader extends URLClassLoader +{ + private String profile; + + private ClassLoader delegate; + + public MockContextClassLoader(URL[] urls) + { + super(urls); + } + + public void setDelegate(ClassLoader tcl) + { + this.delegate = tcl; + } + + public void setProfile(String profile) + { + this.profile = profile; + } + + @Override + public InputStream getResourceAsStream(String name) + { + if(profile == null) + throw new RuntimeException("null profile"); + return delegate.getResourceAsStream(profile + "/" + name); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterChain.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterChain.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterChain.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,41 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.io.IOException; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +/** + * Mock Filter Chain + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public class MockFilterChain implements FilterChain +{ + public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException + { + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterConfig.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterConfig.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockFilterConfig.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,70 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.FilterConfig; +import javax.servlet.ServletContext; + +/** + * Mock Filter Config + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public class MockFilterConfig implements FilterConfig +{ + private Map<String,String> params = new HashMap<String,String>(); + private ServletContext context = null; + + public MockFilterConfig(ServletContext ctx) + { + this.context = ctx; + } + + public void addInitParameter(String key, String val) + { + params.put(key, val); + } + + public String getFilterName() + { + throw new RuntimeException("NYI"); + } + + public String getInitParameter(String arg0) + { + return params.get(arg0); + } + + public Enumeration getInitParameterNames() + { + throw new RuntimeException("NYI"); + } + + public ServletContext getServletContext() + { + return context; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletRequest.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletRequest.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletRequest.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,395 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.Principal; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; +import java.util.Map.Entry; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletInputStream; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +/** + * Mock Http Servlet Request + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +@SuppressWarnings("unchecked") +public class MockHttpServletRequest implements HttpServletRequest +{ + private HttpSession session = null; + protected Map headers = new HashMap(); + protected Map parameters = new HashMap(); + protected Map attribs = new HashMap(); + + private String methodType; + + public MockHttpServletRequest(HttpSession session, String methodType) + { + this.session = session; + this.methodType = methodType; + } + + public void addHeader(String key, String value) + { + headers.put(key, value); + } + public void addParameter(String key, String value) + { + parameters.put(key, value); + } + + public String getAuthType() + { + + throw new RuntimeException("NYI"); + } + + public String getContextPath() + { + throw new RuntimeException("NYI"); + } + + public Cookie[] getCookies() + { + + throw new RuntimeException("NYI"); + } + + public long getDateHeader(String arg0) + { + return 0; + } + + public String getHeader(String arg0) + { + return (String) headers.get(arg0); + } + + public Enumeration getHeaderNames() + { + return new Enumeration() + { + private Iterator iter = headers.entrySet().iterator(); + + public boolean hasMoreElements() + { + return iter.hasNext(); + } + + public Object nextElement() + { + Entry<String,String> entry = (Entry<String, String>) iter.next(); + return entry.getValue(); + } + }; + } + + public Enumeration getHeaders(String arg0) + { + throw new RuntimeException("NYI"); + } + + public int getIntHeader(String arg0) + { + return 0; + } + + public String getMethod() + { + return this.methodType; + } + + public String getPathInfo() + { + + throw new RuntimeException("NYI"); + } + + public String getPathTranslated() + { + + throw new RuntimeException("NYI"); + } + + public String getQueryString() + { + if("POST".equalsIgnoreCase(this.methodType)) + return null; + + throw new RuntimeException("NYI"); + } + + public String getRemoteUser() + { + + throw new RuntimeException("NYI"); + } + + public String getRequestURI() + { + + throw new RuntimeException("NYI"); + } + + public StringBuffer getRequestURL() + { + + throw new RuntimeException("NYI"); + } + + public String getRequestedSessionId() + { + + throw new RuntimeException("NYI"); + } + + public String getServletPath() + { + + throw new RuntimeException("NYI"); + } + + public HttpSession getSession() + { + return session; + } + + public HttpSession getSession(boolean arg0) + { + return getSession(); + } + + public Principal getUserPrincipal() + { + + throw new RuntimeException("NYI"); + } + + public boolean isRequestedSessionIdFromCookie() + { + + return false; + } + + public boolean isRequestedSessionIdFromURL() + { + + return false; + } + + public boolean isRequestedSessionIdFromUrl() + { + + return false; + } + + public boolean isRequestedSessionIdValid() + { + + return false; + } + + public boolean isUserInRole(String arg0) + { + + return false; + } + + public Object getAttribute(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public Enumeration getAttributeNames() + { + + throw new RuntimeException("NYI"); + } + + public String getCharacterEncoding() + { + + throw new RuntimeException("NYI"); + } + + public int getContentLength() + { + + return 0; + } + + public String getContentType() + { + + throw new RuntimeException("NYI"); + } + + public ServletInputStream getInputStream() throws IOException + { + + throw new RuntimeException("NYI"); + } + + public String getLocalAddr() + { + + throw new RuntimeException("NYI"); + } + + public String getLocalName() + { + + throw new RuntimeException("NYI"); + } + + public int getLocalPort() + { + + return 0; + } + + public Locale getLocale() + { + + throw new RuntimeException("NYI"); + } + + public Enumeration getLocales() + { + + throw new RuntimeException("NYI"); + } + + public String getParameter(String arg0) + { + return (String) this.parameters.get(arg0); + } + + public Map getParameterMap() + { + return this.parameters; + } + + public Enumeration getParameterNames() + { + + throw new RuntimeException("NYI"); + } + + public String[] getParameterValues(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String getProtocol() + { + + throw new RuntimeException("NYI"); + } + + public BufferedReader getReader() throws IOException + { + + throw new RuntimeException("NYI"); + } + + public String getRealPath(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String getRemoteAddr() + { + return (String) headers.get("Referer"); + } + + public String getRemoteHost() + { + + throw new RuntimeException("NYI"); + } + + public int getRemotePort() + { + + return 0; + } + + public RequestDispatcher getRequestDispatcher(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String getScheme() + { + + throw new RuntimeException("NYI"); + } + + public String getServerName() + { + + throw new RuntimeException("NYI"); + } + + public int getServerPort() + { + + return 0; + } + + public boolean isSecure() + { + + return false; + } + + public void removeAttribute(String arg0) + { + + + } + + public void setAttribute(String arg0, Object arg1) + { + this.attribs.put(arg0, arg1); + } + + public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException + { + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletResponse.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletResponse.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpServletResponse.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,246 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.util.Locale; + +import javax.servlet.ServletOutputStream; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletResponse; + +/** + * Mock Servlet Response + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class MockHttpServletResponse implements HttpServletResponse +{ + private PrintWriter printWriter; + + public void setOutputStream(final OutputStream os) + { + this.outputStream = new ServletOutputStream() + { + @Override + public void write(int b) throws IOException + { + os.write(b); + } + }; + } + + public void setWriter(PrintWriter pw) + { + this.printWriter = pw; + } + + private int errorCode; + private ServletOutputStream outputStream; + + public void addCookie(Cookie arg0) + { + } + + public void addDateHeader(String arg0, long arg1) + { + } + + public void addHeader(String arg0, String arg1) + { + } + + public void addIntHeader(String arg0, int arg1) + { + } + + public boolean containsHeader(String arg0) + { + return false; + } + + public String encodeRedirectURL(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String encodeRedirectUrl(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String encodeURL(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public String encodeUrl(String arg0) + { + + throw new RuntimeException("NYI"); + } + + public int getError() + { + return this.errorCode; + } + + public void sendError(int arg0) throws IOException + { + this.errorCode = arg0; + } + + public void sendError(int arg0, String arg1) throws IOException + { + sendError(arg0); + } + + public void sendRedirect(String arg0) throws IOException + { + + + } + + public void setDateHeader(String arg0, long arg1) + { + + + } + + public void setHeader(String arg0, String arg1) + { + + + } + + public void setIntHeader(String arg0, int arg1) + { + + + } + + public void setStatus(int arg0) + { + + + } + + public void setStatus(int arg0, String arg1) + { + + + } + + public void flushBuffer() throws IOException + { + + + } + + public int getBufferSize() + { + + return 0; + } + + public String getCharacterEncoding() + { + + throw new RuntimeException("NYI"); + } + + public String getContentType() + { + + throw new RuntimeException("NYI"); + } + + public Locale getLocale() + { + + throw new RuntimeException("NYI"); + } + + public ServletOutputStream getOutputStream() throws IOException + { + return this.outputStream; + } + + public PrintWriter getWriter() throws IOException + { + return this.printWriter; + } + + public boolean isCommitted() + { + + return false; + } + + public void reset() + { + + + } + + public void resetBuffer() + { + + + } + + public void setBufferSize(int arg0) + { + + + } + + public void setCharacterEncoding(String arg0) + { + + + } + + public void setContentLength(int arg0) + { + + + } + + public void setContentType(String arg0) + { + + + } + + public void setLocale(Locale arg0) + { + + + } + +} Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpSession.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpSession.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockHttpSession.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,153 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.UUID; +import java.util.Map.Entry; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionContext; + +/** + * Mock HttpSession + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class MockHttpSession implements HttpSession +{ + private boolean valid = true; + + private Map<String,Object> attribs = new HashMap<String,Object>(); + + private String id = UUID.randomUUID().toString(); + + public boolean isInvalidated() + { + return valid == false; + } + + public Object getAttribute(String arg0) + { + return attribs.get(arg0); + } + + public Enumeration getAttributeNames() + { + return new Enumeration() + { + private Iterator iter = attribs.entrySet().iterator(); + + public boolean hasMoreElements() + { + return iter.hasNext(); + } + + public Object nextElement() + { + Entry<String,Object> entry = (Entry<String, Object>) iter.next(); + return entry.getValue(); + } + }; + } + + public long getCreationTime() + { + + return 0; + } + + public String getId() + { + return id; + } + + public long getLastAccessedTime() + { + + return 0; + } + + public int getMaxInactiveInterval() + { + + return 0; + } + + public ServletContext getServletContext() + { + + throw new RuntimeException("NYI"); + } + + public HttpSessionContext getSessionContext() + { + + throw new RuntimeException("NYI"); + } + + public Object getValue(String arg0) + { + throw new RuntimeException("NYI"); + } + + public String[] getValueNames() + { + throw new RuntimeException("NYI"); + } + + public void invalidate() + { + this.valid = false; + } + + public boolean isNew() + { + return false; + } + + public void putValue(String arg0, Object arg1) + { + } + + public void removeAttribute(String arg0) + { + this.attribs.remove(arg0); + } + + public void removeValue(String arg0) + { + } + + public void setAttribute(String arg0, Object arg1) + { + this.attribs.put(arg0, arg1); + } + + public void setMaxInactiveInterval(int arg0) + { + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletConfig.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletConfig.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletConfig.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,90 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; + +/** + * Mock Servlet Config + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +@SuppressWarnings("unchecked") +public class MockServletConfig implements ServletConfig +{ + private ServletContext context; + + private Map<String,String> params = new HashMap<String,String>(); + + public MockServletConfig(ServletContext context) + { + this.context = context; + } + + public void addInitParameter(String key, String value) + { + params.put(key, value); + } + + public String getInitParameter(String arg0) + { + return params.get(arg0); + } + + public Enumeration getInitParameterNames() + { + return new Enumeration() + { + private Iterator iter = params.entrySet().iterator(); + + public boolean hasMoreElements() + { + return iter.hasNext(); + } + + public Object nextElement() + { + Entry<String,String> entry = (Entry<String, String>) iter.next(); + return entry.getValue(); + } + }; + } + + public ServletContext getServletContext() + { + return this.context; + } + + public String getServletName() + { + + throw new RuntimeException("NYI"); + } + +} Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletContext.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletContext.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/mock/MockServletContext.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,212 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.mock; + +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.Set; +import java.util.Map.Entry; + +import javax.servlet.RequestDispatcher; +import javax.servlet.Servlet; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +/** + * Mock Servlet Context + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +@SuppressWarnings("unchecked") +public class MockServletContext implements ServletContext +{ + private Map params = new HashMap(); + private Map attribs = new HashMap(); + + public Object getAttribute(String arg0) + { + return attribs.get(arg0); + } + + public Enumeration getAttributeNames() + { + return new Enumeration() + { + private Iterator iter = attribs.entrySet().iterator(); + + public boolean hasMoreElements() + { + return iter.hasNext(); + } + + public Object nextElement() + { + Entry<String,Object> entry = (Entry<String, Object>) iter.next(); + return entry.getValue(); + } + }; + } + + public ServletContext getContext(String arg0) + { + throw new RuntimeException("NYI"); + } + + public String getContextPath() + { + throw new RuntimeException("NYI"); + } + + public String getInitParameter(String arg0) + { + return (String) params.get(arg0); + } + + public Enumeration getInitParameterNames() + { + return new Enumeration() + { + private Iterator iter = params.entrySet().iterator(); + + public boolean hasMoreElements() + { + return iter.hasNext(); + } + + public Object nextElement() + { + Entry<String,Object> entry = (Entry<String, Object>) iter.next(); + return entry.getKey(); + } + }; + } + + public int getMajorVersion() + { + return 0; + } + + public String getMimeType(String arg0) + { + throw new RuntimeException("NYI"); + } + + public int getMinorVersion() + { + return 0; + } + + public RequestDispatcher getNamedDispatcher(String arg0) + { + throw new RuntimeException("NYI"); + } + + public String getRealPath(String arg0) + { + throw new RuntimeException("NYI"); + } + + public RequestDispatcher getRequestDispatcher(String arg0) + { + return new RequestDispatcher() + { + + public void include(ServletRequest arg0, ServletResponse arg1) throws ServletException, IOException + { + } + + public void forward(ServletRequest arg0, ServletResponse arg1) throws ServletException, IOException + { + } + }; + } + + public URL getResource(String arg0) throws MalformedURLException + { + throw new RuntimeException("NYI"); + } + + public InputStream getResourceAsStream(String arg0) + { + return Thread.currentThread().getContextClassLoader().getResourceAsStream(arg0); + } + + public Set getResourcePaths(String arg0) + { + throw new RuntimeException("NYI"); + } + + public String getServerInfo() + { + throw new RuntimeException("NYI"); + } + + public Servlet getServlet(String arg0) throws ServletException + { + throw new RuntimeException("NYI"); + } + + public String getServletContextName() + { + throw new RuntimeException("NYI"); + } + + public Enumeration getServletNames() + { + throw new RuntimeException("NYI"); + } + + public Enumeration getServlets() + { + throw new RuntimeException("NYI"); + } + + public void log(String arg0) + { + } + + public void log(Exception arg0, String arg1) + { + } + + public void log(String arg0, Throwable arg1) + { + } + + public void removeAttribute(String arg0) + { + this.attribs.remove(arg0); + } + + public void setAttribute(String arg0, Object arg1) + { + this.attribs.put(arg0, arg1); + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,250 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.workflow.saml2; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.net.URL; +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionEvent; + +import junit.framework.TestCase; + +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.util.Base64; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.saml.v2.SAML2Object; +import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.IdentityServer; +import org.jboss.identity.federation.web.filters.SPFilter; +import org.jboss.identity.federation.web.servlets.IDPServlet; +import org.jboss.test.identity.federation.web.mock.MockContextClassLoader; +import org.jboss.test.identity.federation.web.mock.MockFilterChain; +import org.jboss.test.identity.federation.web.mock.MockFilterConfig; +import org.jboss.test.identity.federation.web.mock.MockHttpServletRequest; +import org.jboss.test.identity.federation.web.mock.MockHttpServletResponse; +import org.jboss.test.identity.federation.web.mock.MockHttpSession; +import org.jboss.test.identity.federation.web.mock.MockServletConfig; +import org.jboss.test.identity.federation.web.mock.MockServletContext; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +/** + * Unit test the SAML2 Logout workflow + * @author Anil.Saldhana(a)redhat.com + * @since Oct 7, 2009 + */ +public class SAML2LogoutWorkflowUnitTestCase extends TestCase +{ + private String profile = "saml2/logout"; + private ClassLoader tcl = Thread.currentThread().getContextClassLoader(); + + public void testSPFilterLogOutRequestGeneration() throws Exception + { + + } + + public void testSAML2LogOutFromIDPServlet() throws Exception + { + MockHttpSession session = new MockHttpSession(); + + MockContextClassLoader mclIDP = setupTCL(profile + "/idp"); + Thread.currentThread().setContextClassLoader(mclIDP); + + ServletContext servletContext = new MockServletContext(); + IdentityServer server = this.getIdentityServer(session); + servletContext.setAttribute("IDENTITY_SERVER", server); + MockServletConfig servletConfig = new MockServletConfig(servletContext); + + IDPServlet idp = new IDPServlet(); + //No signing outgoing messages + servletConfig.addInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES, "false"); + + //Initialize the servlet + idp.init(servletConfig); + + //Assume that we already have the principal and roles set in the session + session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal() + { + public String getName() + { + return "anil"; + } + }); + List<String> rolesList = new ArrayList<String>(); + rolesList.add("manager"); + session.setAttribute(GeneralConstants.ROLES_ID, rolesList); + + MockHttpServletRequest request = new MockHttpServletRequest(session, "POST"); + request.addHeader("Referer", "http://localhost:8080/sales/"); + + String samlMessage = Base64.encodeBytes(createLogOutRequest("http://localhost:8080/sales/").getBytes()); + session.setAttribute("SAMLRequest", samlMessage); + + MockHttpServletResponse response = new MockHttpServletResponse(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + response.setWriter(new PrintWriter(baos)); + + // The IDP is preloaded with 2 participants : "http://localhost:8080/sales/" + // and "http://localhost:8080/employee" + + //Lets start the workflow with post + idp.testPost(request, response); + + String idpResponse = new String(baos.toByteArray()); + assertNotNull(idpResponse); + + Document htmlResponse = DocumentUtil.getDocument(idpResponse); + assertNotNull(htmlResponse); + NodeList nodes = htmlResponse.getElementsByTagName("INPUT"); + Element inputElement = (Element)nodes.item(0); + String logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue(); + + String relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + String logoutResponse = new String(Base64.decode(logoutOrigResponse)); + System.out.println(logoutResponse); + + SAML2Request samlRequest = new SAML2Request(); + ByteArrayInputStream bis = new ByteArrayInputStream(logoutResponse.getBytes()); + SAML2Object samlObject = samlRequest.getSAML2ObjectFromStream(bis); + assertTrue(samlObject instanceof LogoutRequestType); + + //Let us feed the LogOutRequest to the SPFilter + MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee"); + Thread.currentThread().setContextClassLoader(mclSPEmp); + SPFilter spEmpl = new SPFilter(); + MockFilterConfig filterConfig = new MockFilterConfig(servletContext); + filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true"); + + spEmpl.init(filterConfig); + + MockHttpSession filterSession = new MockHttpSession(); + MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST"); + filterRequest.addParameter("SAMLResponse", logoutOrigResponse); + filterRequest.addParameter("RelayState", relayState); + + MockHttpServletResponse filterResponse = new MockHttpServletResponse(); + ByteArrayOutputStream filterbaos = new ByteArrayOutputStream(); + filterResponse.setWriter(new PrintWriter(filterbaos)); + + spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain()); + String spResponse = new String(filterbaos.toByteArray()); + Document spHTMLResponse = DocumentUtil.getDocument(spResponse); + nodes = spHTMLResponse.getElementsByTagName("INPUT"); + inputElement = (Element)nodes.item(0); + logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue(); + relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + //Now the SP (employee app) has logged out and sending a status response to IDP + Thread.currentThread().setContextClassLoader(mclIDP); + session.setAttribute("SAMLResponse", logoutOrigResponse); + session.setAttribute("RelayState", relayState); + + idp.testPost(request, response); + + idpResponse = new String(filterbaos.toByteArray()); + assertNotNull(idpResponse); + + htmlResponse = DocumentUtil.getDocument(idpResponse); + assertNotNull(htmlResponse); + nodes = htmlResponse.getElementsByTagName("INPUT"); + inputElement = (Element)nodes.item(0); + logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue(); + + relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + //Now we should have got a full success report from IDP + MockContextClassLoader mclSPSales = setupTCL(profile + "/sp/employee"); + Thread.currentThread().setContextClassLoader(mclSPSales); + SPFilter spSales = new SPFilter(); + + spSales.init(filterConfig); + + filterRequest.addParameter("SAMLResponse", logoutOrigResponse); + filterRequest.addParameter("RelayState", relayState); + + spSales.doFilter(filterRequest, filterResponse, new MockFilterChain()); + + spResponse = new String(filterbaos.toByteArray()); + + assertEquals(0, server.stack().getParticipants(session.getId())); + assertEquals(0, server.stack().getNumOfParticipantsInTransit(session.getId())); + + spHTMLResponse = DocumentUtil.getDocument(spResponse); + nodes = spHTMLResponse.getElementsByTagName("INPUT"); + inputElement = (Element)nodes.item(0); + logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue(); + relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + //Finally the session should be invalidated + assertTrue(filterSession.isInvalidated()); + } + + private MockContextClassLoader setupTCL(String resource) + { + URL[] urls = new URL[] {tcl.getResource(resource)}; + + MockContextClassLoader mcl = new MockContextClassLoader(urls); + mcl.setDelegate(tcl); + mcl.setProfile(resource); + return mcl; + } + + private String createLogOutRequest(String url) throws Exception + { + SAML2Request samlRequest = new SAML2Request(); + LogoutRequestType lot = + samlRequest.createLogoutRequest(url); + StringWriter sw = new StringWriter(); + samlRequest.marshall(lot, sw); + return sw.toString(); + } + + //Get the Identity server with 2 participants + private IdentityServer getIdentityServer(HttpSession session) + { + IdentityServer server = new IdentityServer(); + server.sessionCreated(new HttpSessionEvent(session)); + + server.stack().register(session.getId(), "http://localhost:8080/sales/"); + server.stack().register(session.getId(), "http://localhost:8080/employee/"); + return server; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/java/org/jboss/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,186 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.web.workflow.saml2; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.PrintWriter; +import java.net.URL; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionEvent; + +import junit.framework.TestCase; + +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.api.util.Base64; +import org.jboss.identity.federation.core.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.web.constants.GeneralConstants; +import org.jboss.identity.federation.web.core.IdentityServer; +import org.jboss.identity.federation.web.filters.SPFilter; +import org.jboss.identity.federation.web.servlets.IDPLoginServlet; +import org.jboss.identity.federation.web.servlets.IDPServlet; +import org.jboss.identity.federation.web.util.PostBindingUtil; +import org.jboss.test.identity.federation.web.mock.MockContextClassLoader; +import org.jboss.test.identity.federation.web.mock.MockFilterChain; +import org.jboss.test.identity.federation.web.mock.MockFilterConfig; +import org.jboss.test.identity.federation.web.mock.MockHttpServletRequest; +import org.jboss.test.identity.federation.web.mock.MockHttpServletResponse; +import org.jboss.test.identity.federation.web.mock.MockHttpSession; +import org.jboss.test.identity.federation.web.mock.MockServletConfig; +import org.jboss.test.identity.federation.web.mock.MockServletContext; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +/** + * Unit test the workflow for SAML2 Post Binding + * @author Anil.Saldhana(a)redhat.com + * @since Oct 8, 2009 + */ +public class SAML2PostWorkflowUnitTestCase extends TestCase +{ + private String profile = "saml2/post"; + private ClassLoader tcl = Thread.currentThread().getContextClassLoader(); + + private String employee = "http://localhost:8080/employee/"; + private String identity = "http://localhost:8080/idp/"; + + public void testAuthForIDPServletAndSPFilter() throws Exception + { + String id = IDGenerator.create("ID_"); + SAML2Request saml2Request = new SAML2Request(); + AuthnRequestType art = saml2Request.createAuthnRequestType(id, + employee, identity, employee); + + ServletContext servletContext = new MockServletContext(); + + //First we go to the employee application + MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee"); + Thread.currentThread().setContextClassLoader(mclSPEmp); + SPFilter spEmpl = new SPFilter(); + MockFilterConfig filterConfig = new MockFilterConfig(servletContext); + filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true"); + + spEmpl.init(filterConfig); + + MockHttpSession filterSession = new MockHttpSession(); + MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST"); + + MockHttpServletResponse filterResponse = new MockHttpServletResponse(); + ByteArrayOutputStream filterbaos = new ByteArrayOutputStream(); + filterResponse.setWriter(new PrintWriter(filterbaos)); + + spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain()); + String spResponse = new String(filterbaos.toByteArray()); + Document spHTMLResponse = DocumentUtil.getDocument(spResponse); + NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT"); + Element inputElement = (Element)nodes.item(0); + String idpResponse = inputElement.getAttributeNode("VALUE").getValue(); + @SuppressWarnings("unused") + String relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + //Lets call the IDPServlet + + MockHttpSession session = new MockHttpSession(); + servletContext = new MockServletContext(); + IdentityServer server = this.getIdentityServer(session); + servletContext.setAttribute("IDENTITY_SERVER", server); + MockServletConfig servletConfig = new MockServletConfig(servletContext); + + MockContextClassLoader mclIDP = setupTCL(profile + "/idp"); + Thread.currentThread().setContextClassLoader(mclIDP); + + MockHttpServletRequest request = new MockHttpServletRequest(session, "POST"); + request.addHeader("Referer", "http://localhost:8080/employee/"); + + request.addParameter(GeneralConstants.USERNAME_FIELD, "anil"); + request.addParameter(GeneralConstants.PASS_FIELD, "anil"); + + + MockHttpServletResponse response = new MockHttpServletResponse(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + response.setWriter(new PrintWriter(baos)); + + IDPLoginServlet login = new IDPLoginServlet(); + login.init(servletConfig); + + String samlAuth = DocumentUtil.getDocumentAsString(saml2Request.convert(art)); + + String samlMessage = Base64.encodeBytes(samlAuth.getBytes()); + session.setAttribute("SAMLRequest", samlMessage); + + login.testPost(request, response); + + IDPServlet idp = new IDPServlet(); + //No signing outgoing messages + servletConfig.addInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES, "false"); + + //Initialize the servlet + idp.init(servletConfig); + + //Lets start the workflow with post + idp.testPost(request, response); + + String idpResponseString = new String(baos.toByteArray()); + Document idpHTMLResponse = DocumentUtil.getDocument(idpResponseString); + nodes = idpHTMLResponse.getElementsByTagName("INPUT"); + inputElement = (Element)nodes.item(0); + idpResponse = inputElement.getAttributeNode("VALUE").getValue(); + relayState = null; + if(nodes.getLength() > 1) + relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue(); + + byte[] samlIDPResponse = PostBindingUtil.base64Decode(idpResponse); + + SAML2Response saml2Response = new SAML2Response(); + ResponseType rt = saml2Response.getResponseType(new ByteArrayInputStream(samlIDPResponse)); + + assertEquals("Match Identity URL:" , this.identity, rt.getIssuer().getValue()); + } + + private MockContextClassLoader setupTCL(String resource) + { + URL[] urls = new URL[] {tcl.getResource(resource)}; + + MockContextClassLoader mcl = new MockContextClassLoader(urls); + mcl.setDelegate(tcl); + mcl.setProfile(resource); + return mcl; + } + + + //Get the Identity server + private IdentityServer getIdentityServer(HttpSession session) + { + IdentityServer server = new IdentityServer(); + server.sessionCreated(new HttpSessionEvent(session)); + return server; + } +} \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jbid-handlers.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,4 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.RolesGenerationHandler"/> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/WEB-INF/jboss-idfed.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,5 @@ +<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0" + AttributeManager=""> +<IdentityURL>http://localhost:8080/idp/</IdentityURL> + +</JBossIDP> Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/roles.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/roles.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/idp/roles.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1 @@ +manager=manager \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jbid-handlers.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jbid-handlers.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jbid-handlers.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,3 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jboss-idfed.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jboss-idfed.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/WEB-INF/jboss-idfed.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,6 @@ +<JBossSP xmlns="urn:jboss:identity-federation:config:1.0" + AttributeManager=""> +<IdentityURL>http://localhost:8080/idp/</IdentityURL> +<ServiceURL>http://localhost:8080/employee/</ServiceURL> + +</JBossSP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/roles.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/roles.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/employee/roles.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1 @@ +manager=manager \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jbid-handlers.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jbid-handlers.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jbid-handlers.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,3 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jboss-idfed.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jboss-idfed.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/WEB-INF/jboss-idfed.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,6 @@ +<JBossSP xmlns="urn:jboss:identity-federation:config:1.0" + AttributeManager=""> +<IdentityURL>http://localhost:8080/idp/</IdentityURL> +<ServiceURL>http://localhost:8080/sales/</ServiceURL> + +</JBossSP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/roles.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/roles.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/logout/sp/sales/roles.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1 @@ +manager=manager \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jbid-handlers.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jbid-handlers.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jbid-handlers.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,5 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/WEB-INF/jboss-idfed.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,5 @@ +<JBossIDP xmlns="urn:jboss:identity-federation:config:1.0" + AttributeManager=""> +<IdentityURL>http://localhost:8080/idp/</IdentityURL> + +</JBossIDP> Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/roles.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/roles.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/roles.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,2 @@ +manager=manager +anil=manager,sales,employee \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/users.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/users.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/idp/users.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1 @@ +anil=anil \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jbid-handlers.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jbid-handlers.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jbid-handlers.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,5 @@ +<Handlers xmlns="urn:jboss:identity-federation:handler:config:1.0"> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> + <Handler class="org.jboss.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/> +</Handlers> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jboss-idfed.xml =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jboss-idfed.xml (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/WEB-INF/jboss-idfed.xml 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1,6 @@ +<JBossSP xmlns="urn:jboss:identity-federation:config:1.0" + AttributeManager=""> +<IdentityURL>http://localhost:8080/idp/</IdentityURL> +<ServiceURL>http://localhost:8080/employee/</ServiceURL> + +</JBossSP> \ No newline at end of file Added: identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/roles.properties =================================================================== --- identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/roles.properties (rev 0) +++ identity-federation/trunk/jboss-identity-web/src/test/resources/saml2/post/sp/employee/roles.properties 2009-10-09 18:44:57 UTC (rev 828) @@ -0,0 +1 @@ +manager=manager \ No newline at end of file

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r827 - in idm/trunk: assembly and 16 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: bdaw Date: 2009-10-08 07:39:28 -0400 (Thu, 08 Oct 2009) New Revision: 827 Modified: idm/trunk/assembly/pom.xml idm/trunk/example/auth-simple/pom.xml idm/trunk/example/auth/pom.xml idm/trunk/example/simple/pom.xml idm/trunk/idm-api/pom.xml idm/trunk/idm-auth/pom.xml idm/trunk/idm-cache/pom.xml idm/trunk/idm-common/pom.xml idm/trunk/idm-core/pom.xml idm/trunk/idm-hibernate/pom.xml idm/trunk/idm-ldap/pom.xml idm/trunk/idm-spi/pom.xml idm/trunk/idm-testsuite/pom.xml idm/trunk/integration/deployer/pom.xml idm/trunk/integration/jboss5/pom.xml idm/trunk/integration/pom.xml idm/trunk/parent/pom.xml idm/trunk/pom.xml Log: - back to snapshot Modified: idm/trunk/assembly/pom.xml =================================================================== --- idm/trunk/assembly/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/assembly/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -4,14 +4,14 @@ <modelVersion>4.0.0</modelVersion> <groupId>org.jboss.identity.idm</groupId> <artifactId>jbossidm</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <packaging>pom</packaging> <name>JBoss Identity IDM Assembly </name> <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> Modified: idm/trunk/example/auth/pom.xml =================================================================== --- idm/trunk/example/auth/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/example/auth/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.jboss.identity.idm.example</groupId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <artifactId>example-auth</artifactId> <packaging>jar</packaging> <name>Example - JEE authentication</name> Modified: idm/trunk/example/auth-simple/pom.xml =================================================================== --- idm/trunk/example/auth-simple/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/example/auth-simple/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.jboss.identity.idm.example</groupId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <artifactId>example-auth-simple</artifactId> <packaging>jar</packaging> <name>Example - JEE authentication (using deployer)</name> Modified: idm/trunk/example/simple/pom.xml =================================================================== --- idm/trunk/example/simple/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/example/simple/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -1,7 +1,7 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.jboss.identity.idm.example</groupId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <artifactId>example-simple</artifactId> <packaging>jar</packaging> <name>Example - Simple JBoss Identity IDM Maven2 project</name> Modified: idm/trunk/idm-api/pom.xml =================================================================== --- idm/trunk/idm-api/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-api/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-auth/pom.xml =================================================================== --- idm/trunk/idm-auth/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-auth/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-cache/pom.xml =================================================================== --- idm/trunk/idm-cache/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-cache/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-common/pom.xml =================================================================== --- idm/trunk/idm-common/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-common/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-core/pom.xml =================================================================== --- idm/trunk/idm-core/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-core/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-hibernate/pom.xml =================================================================== --- idm/trunk/idm-hibernate/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-hibernate/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-ldap/pom.xml =================================================================== --- idm/trunk/idm-ldap/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-ldap/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-spi/pom.xml =================================================================== --- idm/trunk/idm-spi/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-spi/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/idm-testsuite/pom.xml =================================================================== --- idm/trunk/idm-testsuite/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/idm-testsuite/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -2,7 +2,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion> Modified: idm/trunk/integration/deployer/pom.xml =================================================================== --- idm/trunk/integration/deployer/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/integration/deployer/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -8,12 +8,12 @@ <groupId>org.jboss.identity.idm.integration</groupId> <artifactId>idm-jboss5-deployer</artifactId> <packaging>jar</packaging> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-integration</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> </parent> <properties> Modified: idm/trunk/integration/jboss5/pom.xml =================================================================== --- idm/trunk/integration/jboss5/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/integration/jboss5/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -8,12 +8,12 @@ <groupId>org.jboss.identity.idm.integration</groupId> <artifactId>idm-jboss5</artifactId> <packaging>jar</packaging> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-integration</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> </parent> <dependencies> Modified: idm/trunk/integration/pom.xml =================================================================== --- idm/trunk/integration/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/integration/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -13,7 +13,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>../parent/pom.xml</relativePath> </parent> Modified: idm/trunk/parent/pom.xml =================================================================== --- idm/trunk/parent/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/parent/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -8,7 +8,7 @@ <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> <packaging>pom</packaging> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <name>JBoss Identity IDM- Parent</name> <url>http://labs.jboss.org/portal/jbosssecurity/</url> <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> Modified: idm/trunk/pom.xml =================================================================== --- idm/trunk/pom.xml 2009-10-08 11:37:38 UTC (rev 826) +++ idm/trunk/pom.xml 2009-10-08 11:39:28 UTC (rev 827) @@ -3,7 +3,7 @@ <parent> <groupId>org.jboss.identity.idm</groupId> <artifactId>idm-parent</artifactId> - <version>1.0.0.Beta3</version> + <version>1.0.0-Beta4-SNAPSHOT</version> <relativePath>parent</relativePath> </parent> <modelVersion>4.0.0</modelVersion>

14 years, 6 months

1
0
0 / 0

JBoss Identity SVN: r826 - idm/branches.

by jboss-identity-commits＠lists.jboss.org

Author: bdaw Date: 2009-10-08 07:37:38 -0400 (Thu, 08 Oct 2009) New Revision: 826 Added: idm/branches/1.0.0.Beta3/ Log: 1.0.0.Beta3 tag Copied: idm/branches/1.0.0.Beta3 (from rev 825, idm/trunk)

14 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

jboss-identity-commits October 2009