JBoss Identity SVN: r343 - in identity-federation/trunk: identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request and 3 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-02-23 13:12:23 -0500 (Mon, 23 Feb 2009)
New Revision: 343
Added:
identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/
identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/JBossIdentityFederationConstants.java
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/SecurityActions.java
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SecurityActions.java
identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SecurityActions.java
Log:
JBID-54: disable schema validation by default
Modified: identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/SecurityActions.java
===================================================================
--- identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/SecurityActions.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/SecurityActions.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -45,4 +45,21 @@
}
});
}
+
+ /**
+ * Get the system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
}
Modified: identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
===================================================================
--- identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -31,6 +31,7 @@
import org.jboss.identity.federation.bindings.config.IDPType;
import org.jboss.identity.federation.bindings.config.SPType;
+import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
/**
@@ -79,7 +80,16 @@
throw new IllegalArgumentException("inputstream is null");
String schema = "schema/config/jboss-identity-fed.xsd";
- Unmarshaller un = JBossSAMLBaseFactory.getValidatingUnmarshaller("org.jboss.identity.federation.bindings.config", schema);
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ String pkgName = "org.jboss.identity.federation.bindings.config";
+ Unmarshaller un = null;
+ if(validate)
+ un = JBossSAMLBaseFactory.getValidatingUnmarshaller(pkgName, schema);
+ else
+ un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
+
JAXBElement<IDPType> jaxbSp = (JAXBElement<IDPType>) un.unmarshal(is);
return jaxbSp.getValue();
}
@@ -91,7 +101,16 @@
throw new IllegalArgumentException("inputstream is null");
String schema = "schema/config/jboss-identity-fed.xsd";
- Unmarshaller un = JBossSAMLBaseFactory.getValidatingUnmarshaller("org.jboss.identity.federation.bindings.config", schema);
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ String pkgName = "org.jboss.identity.federation.bindings.config";
+ Unmarshaller un = null;
+ if(validate)
+ un = JBossSAMLBaseFactory.getValidatingUnmarshaller(pkgName, schema);
+ else
+ un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
+
JAXBElement<SPType> jaxbSp = (JAXBElement<SPType>) un.unmarshal(is);
return jaxbSp.getValue();
}
Modified: identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -29,7 +29,8 @@
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-
+
+import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
@@ -95,7 +96,10 @@
{
if(is == null)
throw new IllegalStateException("InputStream is null");
- Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller();
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate);
JAXBElement<RequestAbstractType> jaxbAuthnRequestType = (JAXBElement<RequestAbstractType>) un.unmarshal(is);
return jaxbAuthnRequestType.getValue();
}
@@ -112,7 +116,10 @@
{
if(is == null)
throw new IllegalStateException("InputStream is null");
- Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller();
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ Unmarshaller un = JBossSAMLAuthnRequestFactory.getValidatingUnmarshaller(validate);
JAXBElement<AuthnRequestType> jaxbAuthnRequestType = (JAXBElement<AuthnRequestType>) un.unmarshal(is);
return jaxbAuthnRequestType.getValue();
}
@@ -188,7 +195,10 @@
*/
public void marshall(RequestAbstractType requestType, OutputStream os) throws Exception
{
- Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller();
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate);
JAXBElement<?> j = JAXBElementMappingUtil.get(requestType);
marshaller.marshal(j, os);
}
@@ -201,7 +211,10 @@
*/
public void marshall(RequestAbstractType requestType, Writer writer) throws Exception
{
- Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller();
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions.getSystemProperty(key, "false"));
+
+ Marshaller marshaller = JBossSAMLAuthnRequestFactory.getValidatingMarshaller(validate);
JAXBElement<?> j = JAXBElementMappingUtil.get(requestType);
marshaller.marshal(j, writer);
}
Modified: identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SecurityActions.java
===================================================================
--- identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SecurityActions.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SecurityActions.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -45,4 +45,21 @@
}
});
}
+
+ /**
+ * Get the system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
}
Added: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/JBossIdentityFederationConstants.java
===================================================================
--- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/JBossIdentityFederationConstants.java (rev 0)
+++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/JBossIdentityFederationConstants.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -0,0 +1,36 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.constants;
+
+/**
+ * Constants useful to the JBoss
+ * Identity Federation project
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Feb 23, 2009
+ */
+public interface JBossIdentityFederationConstants
+{
+ /**
+ * Flag to indicate whether JAXB Schema Validation is turned on
+ */
+ String JAXB_SCHEMA_VALIDATION = "org.jboss.identity.jaxb.schema.validation";
+}
\ No newline at end of file
Modified: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
===================================================================
--- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -93,21 +93,29 @@
/**
* Get the validating marshaller
+ * @param schemaValidation Whether schema validation is needed
* @return
* @throws Exception
*/
- public static Marshaller getValidatingMarshaller() throws Exception
+ public static Marshaller getValidatingMarshaller(boolean schemaValidation) throws Exception
{
- return JBossSAMLBaseFactory.getValidatingMarshaller(pkgName, schemaLocation);
+ if(schemaValidation)
+ return JBossSAMLBaseFactory.getValidatingMarshaller(pkgName, schemaLocation);
+ else
+ return JBossSAMLBaseFactory.getMarshaller(pkgName);
}
/**
* Get the validating unmarshaller
+ * @param schemaValidation whether schema validation is needed
* @return
* @throws Exception
*/
- public static Unmarshaller getValidatingUnmarshaller() throws Exception
+ public static Unmarshaller getValidatingUnmarshaller(boolean schemaValidation) throws Exception
{
- return JBossSAMLBaseFactory.getValidatingUnmarshaller(pkgName, schemaLocation);
+ if(schemaValidation)
+ return JBossSAMLBaseFactory.getValidatingUnmarshaller(pkgName, schemaLocation);
+ else
+ return JBossSAMLBaseFactory.getUnmarshaller(pkgName);
}
}
\ No newline at end of file
Modified: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
===================================================================
--- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -160,15 +160,13 @@
return nid;
}
-
/**
* Get the JAXB Marshaller
- * @param pkgName The package name for the jaxb context
- * @param schemaLocation location of the schema to validate against
+ * @param pkgName The package name for the jaxb context
* @return Marshaller
* @throws Exception
*/
- public static Marshaller getValidatingMarshaller(String pkgName, String schemaLocation)
+ public static Marshaller getMarshaller(String pkgName)
throws Exception
{
if(pkgName == null)
@@ -177,6 +175,21 @@
JAXBContext jc = JAXBContext.newInstance(pkgName);
Marshaller marshaller = jc.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
+ return marshaller;
+ }
+
+ /**
+ * Get the JAXB Marshaller
+ * @param pkgName The package name for the jaxb context
+ * @param schemaLocation location of the schema to validate against
+ * @return Marshaller
+ * @throws Exception
+ */
+ public static Marshaller getValidatingMarshaller(String pkgName, String schemaLocation)
+ throws Exception
+ {
+ Marshaller marshaller = getMarshaller(pkgName);
+ marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
//Validate against schema
ClassLoader tcl = SecurityActions.getContextClassLoader();
URL schemaURL = tcl.getResource(schemaLocation);
@@ -191,20 +204,29 @@
/**
* Get the JAXB Unmarshaller
- * @param pkgName The package name for the jaxb context
- * @param schemaLocation location of the schema to validate against
- * @param schemaValidating need a validating schema unmarshaller?
+ * @param pkgName The package name for the jaxb context
* @return unmarshaller
* @throws Exception
*/
- public static Unmarshaller getValidatingUnmarshaller(String pkgName, String schemaLocation)
- throws Exception
+ public static Unmarshaller getUnmarshaller(String pkgName) throws Exception
{
if(pkgName == null)
throw new IllegalArgumentException("pkgName is null");
-
JAXBContext jc = JAXBContext.newInstance(pkgName);
- Unmarshaller unmarshaller = jc.createUnmarshaller();
+ return jc.createUnmarshaller();
+ }
+
+ /**
+ * Get the JAXB Unmarshaller
+ * @param pkgName The package name for the jaxb context
+ * @param schemaLocation location of the schema to validate against
+ * @return unmarshaller
+ * @throws Exception
+ */
+ public static Unmarshaller getValidatingUnmarshaller(String pkgName, String schemaLocation)
+ throws Exception
+ {
+ Unmarshaller unmarshaller = getUnmarshaller(pkgName);
//Validate against schema
ClassLoader tcl = SecurityActions.getContextClassLoader();
URL schemaURL = tcl.getResource(schemaLocation);
Modified: identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SecurityActions.java
===================================================================
--- identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SecurityActions.java 2009-02-23 18:11:48 UTC (rev 342)
+++ identity-federation/trunk/identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SecurityActions.java 2009-02-23 18:12:23 UTC (rev 343)
@@ -45,4 +45,21 @@
}
});
}
+
+ /**
+ * Get the system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
}