jboss-identity-commits
April 2009
jboss-identity-commits@lists.jboss.org
- 1 participants
- 60 discussions
JBoss Identity SVN: r471 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets and 7 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 23:37:16 -0400 (Wed, 29 Apr 2009)
New Revision: 471
Added:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/KeyUtilUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/resources/keystore/
identity-federation/trunk/jboss-identity-fed-api/src/test/resources/keystore/jbid_test_keystore.jks
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java
Log:
JBID-42: saml2 metadata profile
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-04-30 03:31:18 UTC (rev 470)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -23,6 +23,7 @@
import java.security.PrivateKey;
import java.security.PublicKey;
+import java.security.cert.Certificate;
import java.util.List;
import javax.crypto.SecretKey;
@@ -63,6 +64,20 @@
PrivateKey getSigningKey() throws Exception;
/**
+ * Get the Public Key corresponding to the signing key
+ * @return
+ * @throws Exception
+ */
+ PublicKey getPublicKeyForSignature() throws Exception;
+
+ /**
+ * Get the certificate associated with the signing key
+ * @return
+ * @throws Exception
+ */
+ Certificate getCertificateForSignature() throws Exception;
+
+ /**
* Given a domain, obtain a secret key
* @see {@code EncryptionKeyUtil}
* @param domain
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java 2009-04-30 03:31:18 UTC (rev 470)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/MetadataServlet.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -24,6 +24,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -36,15 +37,23 @@
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.JAXBElement;
+import org.apache.catalina.LifecycleException;
import org.apache.log4j.Logger;
+import org.jboss.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder;
import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
+import org.jboss.identity.federation.api.util.KeyUtil;
+import org.jboss.identity.federation.bindings.config.KeyProviderType;
import org.jboss.identity.federation.bindings.config.KeyValueType;
import org.jboss.identity.federation.bindings.config.MetadataProviderType;
import org.jboss.identity.federation.bindings.config.ProviderType;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
import org.jboss.identity.federation.bindings.providers.IMetadataProvider;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.KeyDescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.RoleDescriptorType;
+import org.jboss.identity.xmlsec.w3.xmldsig.KeyInfoType;
/**
* Metadata servlet for the IDP/SP
@@ -63,6 +72,9 @@
private EntityDescriptorType metadata;
+ private String signingAlias = null;
+ private String encryptingAlias = null;
+ private TrustKeyManager keyManager;
@SuppressWarnings("unchecked")
@Override
@@ -77,6 +89,11 @@
InputStream is = context.getResourceAsStream(configFileLocation);
if(is == null)
throw new RuntimeException(configFileLocation + " missing");
+
+ //Look for signing alias
+ signingAlias = config.getInitParameter("signingAlias");
+ encryptingAlias = config.getInitParameter("encryptingAlias");
+
try
{
ProviderType providerType = ValveUtil.getIDPConfiguration(is);
@@ -96,15 +113,45 @@
if(metadataProvider.isMultiple())
throw new RuntimeException("Multiple Entities not currently supported");
+ /**
+ * Since a metadata provider does not have access to the servlet context.
+ * It may be difficult to get to the resource from the TCL.
+ */
String fileInjectionStr = metadataProvider.requireFileInjection();
if(fileInjectionStr != null && fileInjectionStr.length() > 0)
{
metadataProvider.injectFileStream(context.getResourceAsStream(fileInjectionStr));
}
- //TODO: signing and encryption key
-
metadata = (EntityDescriptorType) metadataProvider.getMetaData();
+
+ //Get the trust manager information
+ KeyProviderType keyProvider = providerType.getKeyProvider();
+ signingAlias = keyProvider.getSigningAlias();
+ try
+ {
+ String keyManagerClassName = keyProvider.getClassName();
+ if(keyManagerClassName == null)
+ throw new RuntimeException("KeyManager class name is null");
+
+ clazz = tcl.loadClass(keyManagerClassName);
+ this.keyManager = (TrustKeyManager) clazz.newInstance();
+ keyManager.setAuthProperties(keyProvider.getAuth());
+
+ Certificate cert = keyManager.getCertificateForSignature();
+ KeyInfoType keyInfo = KeyUtil.getKeyInfo(cert);
+
+ //TODO: Assume just signing key for now
+ KeyDescriptorType keyDescriptor = KeyDescriptorMetaDataBuilder.createKeyDescriptor(keyInfo,
+ null, 0, true, false);
+
+ updateKeyDescriptor(metadata, keyDescriptor);
+ }
+ catch(Exception e)
+ {
+ log.error("Exception reading configuration:",e);
+ throw new LifecycleException(e.getLocalizedMessage());
+ }
}
catch(Exception e)
{
@@ -129,4 +176,16 @@
throw new RuntimeException(e);
}
}
+
+ private void updateKeyDescriptor(EntityDescriptorType entityD, KeyDescriptorType keyD)
+ {
+ List<RoleDescriptorType> objs = entityD.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor();
+ if(objs != null)
+ {
+ for(RoleDescriptorType roleD: objs)
+ {
+ roleD.getKeyDescriptor().add(keyD);
+ }
+ }
+ }
}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-04-30 03:31:18 UTC (rev 470)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -28,6 +28,7 @@
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -85,8 +86,32 @@
throw new IllegalStateException("KeyStore is null");
return (PrivateKey) ks.getKey(this.signingAlias, this.signingKeyPass);
}
+
/**
+ * @see TrustKeyManager#getPublicKeyForSignature()
+ */
+ public PublicKey getPublicKeyForSignature() throws Exception
+ {
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ return ks.getCertificate(signingAlias).getPublicKey();
+ }
+
+ public Certificate getCertificateForSignature() throws Exception
+ {
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ return ks.getCertificate(signingAlias);
+ }
+
+ /**
* @see TrustKeyManager#getValidatingKey(String)
*/
public PublicKey getValidatingKey(String domain) throws Exception
@@ -173,5 +198,5 @@
InputStream is = ValveUtil.getKeyStoreInputStream(this.keyStoreURL);
ks = KeyStoreUtil.getKeyStore(is, keyStorePass.toCharArray());
- }
+ }
}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-04-30 03:31:18 UTC (rev 470)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -23,6 +23,7 @@
import java.io.File;
import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.io.InputStream;
import java.net.URL;
@@ -68,7 +69,25 @@
is = SecurityActions.getContextClassLoader().getResourceAsStream(keyStore);
}
}
+
if(is == null)
+ {
+ //Try the user.home dir
+ String userHome = SecurityActions.getSystemProperty("user.home", "") + "/jbid-keystore";
+ File ksDir = new File(userHome);
+ if(ksDir.exists())
+ {
+ try
+ {
+ is = new FileInputStream(new File(userHome + "/" + keyStore));
+ }
+ catch (FileNotFoundException e)
+ {
+ is = null;
+ }
+ }
+ }
+ if(is == null)
throw new RuntimeException("Keystore not located");
return is;
}
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java 2009-04-30 03:31:18 UTC (rev 470)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -71,6 +71,11 @@
return builder.toString();
}
+ /**
+ * Information from the IDP SSO Descriptor
+ * @param idp
+ * @return
+ */
public static String toString(IDPSSODescriptorType idp)
{
StringBuilder builder = new StringBuilder();
@@ -95,6 +100,46 @@
return builder.toString();
}
+ /**
+ * Information from the SP SSO Descriptor
+ * @param sp
+ * @return
+ */
+ public static String toString(SPSSODescriptorType sp)
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append(LINE_SEPARATOR);
+
+ //Get the SSODescriptor tags
+ SSODescriptorType sdt = sp;
+ builder.append(toString(sdt));
+
+ List<IndexedEndpointType> assertionConsumerServices = sp.getAssertionConsumerService();
+ if(assertionConsumerServices != null)
+ {
+ builder.append("AssertionConsumer Services are:[");
+
+ for(IndexedEndpointType edt: assertionConsumerServices)
+ {
+ builder.append(toString(edt));
+ }
+ builder.append("]");
+ builder.append(LINE_SEPARATOR);
+ }
+
+ builder.append("AuthnRequests Signed=").append(sp.isAuthnRequestsSigned());
+ builder.append(LINE_SEPARATOR);
+ builder.append("Requires Assertions Signed=").append(sp.isWantAssertionsSigned());
+ builder.append(LINE_SEPARATOR);
+
+ return builder.toString();
+ }
+
+ /**
+ * Information from the general SSO descriptor
+ * @param sso
+ * @return
+ */
public static String toString(SSODescriptorType sso)
{
StringBuilder builder = new StringBuilder();
@@ -136,6 +181,11 @@
return builder.toString();
}
+ /**
+ * Information from an endpoint
+ * @param ept
+ * @return
+ */
public static String toString(EndpointType ept)
{
StringBuilder builder = new StringBuilder();
Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -0,0 +1,138 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.api.util;
+
+import java.io.StringReader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+
+import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.jboss.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.jboss.identity.xmlsec.w3.xmldsig.ObjectFactory;
+
+/**
+ * Utility dealing with PublicKey/Certificates and xml-dsig KeyInfoType
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 29, 2009
+ */
+public class KeyUtil
+{
+ private static String EOL = getSystemProperty("line.separator", "\n");
+
+ private static ObjectFactory of = new ObjectFactory();
+
+ /**
+ * Base64 encode the certificate
+ * @param certificate
+ * @return
+ * @throws CertificateEncodingException
+ */
+ public static String encodeAsString(Certificate certificate) throws CertificateEncodingException
+ {
+ return Base64.encodeBytes(certificate.getEncoded());
+ }
+
+ /**
+ * Given a certificate, build a keyinfo type
+ * @param certificate
+ * @return
+ * @throws Exception
+ */
+ public static KeyInfoType getKeyInfo(Certificate certificate) throws Exception
+ {
+ StringBuilder builder = new StringBuilder();
+
+ if(certificate instanceof X509Certificate)
+ {
+ X509Certificate x509 = (X509Certificate) certificate;
+
+ //Add the binary encoded x509 cert
+ String certStr = Base64.encodeBytes(x509.getEncoded(), 76);
+
+ builder.append("<KeyInfo xmlns=\'http://www.w3.org/2000/09/xmldsig#\'>").append(EOL)
+ .append("<X509Data>").append(EOL)
+ .append("<X509Certificate>").append(EOL)
+ .append(certStr).append(EOL)
+ .append("</X509Certificate>")
+ .append("</X509Data>")
+ .append("</KeyInfo>");
+ }
+ else
+ throw new RuntimeException("NYI");
+
+ JAXBElement<?> keyInfoJ = (JAXBElement<?>) getUnmarshaller().unmarshal(new StringReader(builder.toString()));
+ return (KeyInfoType) keyInfoJ.getValue();
+ }
+
+ /**
+ * Get the object factory for the w3 xml-dsig
+ * @return
+ */
+ public static ObjectFactory getObjectFactory()
+ {
+ return of;
+ }
+
+ /**
+ * Get the Unmarshaller for the W3 XMLDSIG
+ * @return
+ * @throws Exception
+ */
+ public static Unmarshaller getUnmarshaller() throws Exception
+ {
+ return JBossSAMLBaseFactory.getUnmarshaller("org.jboss.identity.xmlsec.w3.xmldsig");
+ }
+
+ /**
+ * Get the marshaller for the W3 XMLDSig
+ * @return
+ * @throws Exception
+ */
+ public static Marshaller getMarshaller() throws Exception
+ {
+ return JBossSAMLBaseFactory.getMarshaller("org.jboss.identity.xmlsec.w3.xmldsig");
+ }
+
+ /**
+ * Get the system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/KeyUtilUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/KeyUtilUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/util/KeyUtilUnitTestCase.java 2009-04-30 03:37:16 UTC (rev 471)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.util;
+
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.cert.Certificate;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.api.util.KeyUtil;
+import org.jboss.identity.xmlsec.w3.xmldsig.KeyInfoType;
+
+/**
+ * Unit test the Key Util
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 29, 2009
+ */
+public class KeyUtilUnitTestCase extends TestCase
+{
+ /**
+ * Keystore (created 15Jan2009 and valid for 200K days)
+ * The Keystore has been created with the command (all in one line)
+ keytool -genkey -alias servercert
+ -keyalg RSA
+ -keysize 1024
+ -dname "CN=jbossidentity.jboss.org,OU=RD,O=JBOSS,L=Chicago,S=Illinois,C=US"
+ -keypass test123
+ -keystore jbid_test_keystore.jks
+ -storepass store123
+ -validity 200000
+ */
+ private String keystoreLocation = "keystore/jbid_test_keystore.jks";
+ private String keystorePass = "store123";
+ private String alias = "servercert";
+
+ public void testCertificate() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream ksStream = tcl.getResourceAsStream(keystoreLocation);
+ assertNotNull("Input keystore stream is not null", ksStream);
+
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(ksStream, keystorePass.toCharArray());
+ assertNotNull("KeyStore is not null",ks);
+
+ Certificate cert = ks.getCertificate(alias);
+ assertNotNull("Cert not null", cert);
+
+ KeyInfoType keyInfo = KeyUtil.getKeyInfo(cert);
+ assertNotNull(keyInfo);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/resources/keystore/jbid_test_keystore.jks
===================================================================
(Binary files differ)
Property changes on: identity-federation/trunk/jboss-identity-fed-api/src/test/resources/keystore/jbid_test_keystore.jks
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r470 - identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 23:31:18 -0400 (Wed, 29 Apr 2009)
New Revision: 470
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java
Log:
add the keyinfo
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java 2009-04-29 17:53:03 UTC (rev 469)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java 2009-04-30 03:31:18 UTC (rev 470)
@@ -68,6 +68,8 @@
if(isEncryptionKey)
keyDescriptor.setUse(KeyTypes.ENCRYPTION);
+ keyDescriptor.setKeyInfo(keyInfo);
+
return keyDescriptor;
}
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r469 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/providers.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 13:53:03 -0400 (Wed, 29 Apr 2009)
New Revision: 469
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/providers/IMetadataProvider.java
Log:
unused import
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/providers/IMetadataProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/providers/IMetadataProvider.java 2009-04-29 17:52:30 UTC (rev 468)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/providers/IMetadataProvider.java 2009-04-29 17:53:03 UTC (rev 469)
@@ -21,7 +21,6 @@
*/
package org.jboss.identity.federation.bindings.providers;
-import java.io.File;
import java.io.InputStream;
import java.security.PublicKey;
import java.util.Map;
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r468 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 13:52:30 -0400 (Wed, 29 Apr 2009)
New Revision: 468
Added:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
Log:
JBID-82: circle of trust servlet
Added: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-04-29 17:52:30 UTC (rev 468)
@@ -0,0 +1,150 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.bindings.servlets;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+
+import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
+import org.jboss.identity.federation.core.saml.v2.metadata.store.FileBasedMetadataConfigurationStore;
+import org.jboss.identity.federation.core.saml.v2.metadata.store.IMetadataConfigurationStore;
+import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+
+/**
+ * Circle of trust establishing servlet that accesses
+ * the metadata urls of the various sites and updates
+ * the common store
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 23, 2009
+ */
+public class CircleOfTrustServlet extends HttpServlet
+{
+ private static final long serialVersionUID = 1L;
+
+ private IMetadataConfigurationStore configProvider = new FileBasedMetadataConfigurationStore();
+
+ @Override
+ public void init(ServletConfig config) throws ServletException
+ {
+ super.init(config);
+
+ String cstr = config.getInitParameter("configProvider");
+ if(cstr != null && cstr.length() > 0)
+ {
+ ClassLoader tcl;
+ try
+ {
+ tcl = SecurityActions.getContextClassLoader();
+ configProvider = (IMetadataConfigurationStore) tcl.loadClass(cstr).newInstance();
+ }
+ catch (Exception e)
+ {
+ throw new ServletException(e);
+ }
+ }
+ }
+
+
+ @Override
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
+ {
+ //Handle listing of providers for either idp or sp
+ //Handle adding an IDP
+ //Handle adding a SP
+ String action = req.getParameter("action");
+ String type = req.getParameter("type");
+ if(action == null)
+ throw new ServletException("action is null");
+ if(type == null)
+ throw new ServletException("type is null");
+
+ //SP
+ if("sp".equalsIgnoreCase(type))
+ {
+ if("add".equalsIgnoreCase(action))
+ {
+ try
+ {
+ addIDP(req,resp);
+ req.getRequestDispatcher("/addedIDP.jsp").forward(req, resp);
+ }
+ catch (Exception e)
+ {
+ throw new ServletException(e);
+ }
+ }
+ }
+ }
+
+ private void addIDP(HttpServletRequest request, HttpServletResponse response) throws Exception
+ {
+ String spName = request.getParameter("spname");
+ String idpName = request.getParameter("idpname");
+ String metadataURL = request.getParameter("metadataURL");
+ InputStream is = null;
+
+ URL md = new URL(metadataURL);
+ HttpURLConnection http = (HttpURLConnection) md.openConnection();
+ http.setInstanceFollowRedirects(true);
+ is = http.getInputStream();
+
+ Unmarshaller un = MetaDataBuilder.getUnmarshaller();
+ JAXBElement<?> j = (JAXBElement<?>) un.unmarshal(is);
+ Object obj = j.getValue();
+ if(obj instanceof EntityDescriptorType == false)
+ throw new RuntimeException("Unsupported type:"+ obj.getClass());
+ EntityDescriptorType edt = (EntityDescriptorType) obj;
+ configProvider.persist(edt, idpName);
+
+ HttpSession httpSession = request.getSession();
+ httpSession.setAttribute("idp", edt);
+
+ //Let us add the trusted providers
+ Map<String,String> trustedProviders = new HashMap<String, String>();
+ try
+ {
+ configProvider.loadTrustedProviders(spName);
+ }
+ catch(Exception e)
+ {
+ log("Error obtaining the trusted providers for "+spName);
+ }
+ finally
+ {
+ trustedProviders.put(idpName, metadataURL);
+ configProvider.persistTrustedProviders(spName, trustedProviders);
+ }
+ }
+}
\ No newline at end of file
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r467 - in identity-federation/trunk/jboss-identity-fed-core/src: main/java/org/jboss/identity/federation/core/saml/v2/metadata/store and 7 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 13:51:24 -0400 (Wed, 29 Apr 2009)
New Revision: 467
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/metadata/
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/metadata/FileBasedMetadataConfigurationStoreUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/metadata/
identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/metadata/idp-entitydescriptor.xml
Log:
JBID-90: config store for circle of trust
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java 2009-04-29 17:51:24 UTC (rev 467)
@@ -0,0 +1,165 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.metadata.store;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.ObjectFactory;
+
+/**
+ * File based metadata store that uses
+ * the ${user.home}/jbid-store location to
+ * persist the data
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 27, 2009
+ */
+public class FileBasedMetadataConfigurationStore implements IMetadataConfigurationStore
+{
+ private static Logger log = Logger.getLogger(FileBasedMetadataConfigurationStore.class);
+
+ private static String EXTENSION = ".xml";
+
+ private String userHome = null;
+
+ private String pkgName = "org.jboss.identity.federation.saml.v2.metadata";
+
+ public FileBasedMetadataConfigurationStore()
+ {
+ userHome = SecurityActions.getSystemProperty("user.home");
+ if(userHome == null)
+ throw new RuntimeException("user.home system property not set");
+
+ File jbid = new File(userHome + "/jbid-store");
+ if(jbid.exists() == false)
+ {
+ log.debug(jbid.getPath() + " does not exist. Hence creating.");
+ jbid.mkdir();
+ }
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#load(String)
+ */
+ @SuppressWarnings("unchecked")
+ public EntityDescriptorType load(String id) throws Exception
+ {
+ File persistedFile = validateIdAndReturnMDFile(id);
+
+ Unmarshaller un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
+ JAXBElement<EntityDescriptorType> je =
+ (JAXBElement<EntityDescriptorType>) un.unmarshal(persistedFile);
+ return je.getValue();
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#persist(EntityDescriptorType, String)
+ */
+ public void persist(EntityDescriptorType entity, String id) throws Exception
+ {
+ File persistedFile = validateIdAndReturnMDFile(id);
+
+ ObjectFactory of = new ObjectFactory();
+
+ JAXBElement<?> jentity = of.createEntityDescriptor(entity);
+
+ Marshaller m = JBossSAMLBaseFactory.getMarshaller(pkgName);
+ m.marshal(jentity, persistedFile);
+ log.trace("Persisted into " + persistedFile.getPath());
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#delete(String)
+ */
+ public void delete(String id) throws Exception
+ {
+ File persistedFile = validateIdAndReturnMDFile(id);
+
+ if(persistedFile.exists())
+ persistedFile.delete();
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#loadTrustedProviders(String)
+ */
+ @SuppressWarnings("unchecked")
+ public Map<String, String> loadTrustedProviders(String id) throws Exception
+ {
+ File trustedFile = validateIdAndReturnTrustedProvidersFile(id);
+ ObjectInputStream ois = new ObjectInputStream(new FileInputStream(trustedFile));
+ Map<String, String> trustedMap = (Map<String, String>) ois.readObject();
+ return trustedMap;
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#persistTrustedProviders(Map)
+ */
+ public void persistTrustedProviders(String id, Map<String, String> trusted) throws Exception
+ {
+ File trustedFile = validateIdAndReturnTrustedProvidersFile(id);
+ ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(trustedFile));
+ oos.writeObject(trusted);
+ oos.close();
+ log.trace("Persisted trusted map into "+ trustedFile.getPath());
+ }
+
+ /**
+ * @see IMetadataConfigurationStore#deleteTrustedProviders(String)
+ */
+ public void deleteTrustedProviders(String id) throws Exception
+ {
+ File persistedFile = validateIdAndReturnTrustedProvidersFile(id);
+
+ if(persistedFile.exists())
+ persistedFile.delete();
+ }
+
+ private File validateIdAndReturnMDFile(String id)
+ {
+ if(id == null)
+ throw new IllegalArgumentException("id is null");
+ if(!id.endsWith(EXTENSION))
+ id += EXTENSION;
+ return new File(userHome + "/jbid-store/" + id);
+ }
+
+ private File validateIdAndReturnTrustedProvidersFile(String id)
+ {
+ if(id == null)
+ throw new IllegalArgumentException("id is null");
+
+ id += "-trusted" + EXTENSION;
+
+ return new File(userHome + "/jbid-store/" + id);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java 2009-04-29 17:51:24 UTC (rev 467)
@@ -0,0 +1,80 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.metadata.store;
+
+import java.util.Map;
+
+import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+
+/**
+ * Configuration Store for the metadata
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 27, 2009
+ */
+public interface IMetadataConfigurationStore
+{
+ /**
+ * Get the Trusted Providers
+ * @param id
+ * @return a map of name of provider, metadata urls
+ * @throws Exception
+ */
+ Map<String, String> loadTrustedProviders(String id) throws Exception;
+
+ /**
+ * Persist the map of trusted providers
+ * @param id
+ * @param trusted
+ * @throws Exception
+ */
+ void persistTrustedProviders(String id, Map<String,String> trusted) throws Exception;
+
+ /**
+ * Persist into an external sink (file system, ldap, db etc)
+ * @param entity
+ * @param id An unique identifier useful for retrieval
+ * @throws Exception
+ */
+ void persist(EntityDescriptorType entity, String id) throws Exception;
+
+ /**
+ * Load the descriptor from the external data sink
+ * @param id unique identifier used during persistence
+ * @return
+ * @throws Exception
+ */
+ EntityDescriptorType load(String id) throws Exception;
+
+ /**
+ * Delete the descriptor from the external data sink
+ * @param id
+ * @throws Exception
+ */
+ void delete(String id) throws Exception;
+
+ /**
+ * Delete the trusted providers from the external data sink
+ * @param id
+ * @throws Exception
+ */
+ void deleteTrustedProviders(String id) throws Exception;
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java 2009-04-29 17:51:24 UTC (rev 467)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.metadata.store;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Mar 17, 2009
+ */
+class SecurityActions
+{
+ static String getSystemProperty(final String key)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key);
+ }
+ });
+ }
+
+ static void setSystemProperty( final String key, final String value)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty(key, value);
+ return null;
+ }
+ });
+ }
+
+ static ClassLoader getContextClassLoader() throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<ClassLoader>()
+ {
+ public ClassLoader run() throws Exception
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/metadata/FileBasedMetadataConfigurationStoreUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/metadata/FileBasedMetadataConfigurationStoreUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/metadata/FileBasedMetadataConfigurationStoreUnitTestCase.java 2009-04-29 17:51:24 UTC (rev 467)
@@ -0,0 +1,106 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.saml.v2.metadata;
+
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+
+import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.jboss.identity.federation.core.saml.v2.metadata.store.FileBasedMetadataConfigurationStore;
+import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Unit test the FileBasedMetadataConfigurationStore
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 28, 2009
+ */
+public class FileBasedMetadataConfigurationStoreUnitTestCase extends TestCase
+{
+ String pkgName = "org.jboss.identity.federation.saml.v2.metadata";
+ String id = "test";
+
+ @SuppressWarnings("unchecked")
+ public void testStore() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is =
+ tcl.getResourceAsStream("saml2/metadata/idp-entitydescriptor.xml");
+ assertNotNull("Inputstream not null", is);
+
+ Unmarshaller un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
+ JAXBElement<EntityDescriptorType> je = (JAXBElement<EntityDescriptorType>) un.unmarshal(is);
+ EntityDescriptorType edt = je.getValue();
+ assertNotNull("EntityDescriptorType not null", edt);
+
+ FileBasedMetadataConfigurationStore fbd = new FileBasedMetadataConfigurationStore();
+ fbd.persist(edt, id);
+
+ EntityDescriptorType loaded = fbd.load(id);
+ assertNotNull("loaded EntityDescriptorType not null", loaded);
+ fbd.delete(id);
+
+ try
+ {
+ fbd.load(id);
+ fail("Did not delete the metadata persistent file");
+ }
+ catch(Exception t)
+ {
+ //pass
+ }
+ }
+
+ public void testTrustedProviders() throws Exception
+ {
+ FileBasedMetadataConfigurationStore fbd = new FileBasedMetadataConfigurationStore();
+ Map<String, String> trustedProviders = new HashMap<String, String>();
+ trustedProviders.put("idp1", "http://localhost:8080/idp1/metadata");
+ trustedProviders.put("idp2", "http://localhost:8080/idp2/metadata");
+ fbd.persistTrustedProviders(id, trustedProviders);
+
+ //Lets get back
+ Map<String, String> loadTP = fbd.loadTrustedProviders(id);
+ assertNotNull("Loaded Trusted Providers not null", loadTP);
+
+ assertTrue("idp1", loadTP.containsKey("idp1"));
+ assertTrue("idp2", loadTP.containsKey("idp2"));
+ assertTrue("size 2", loadTP.size() == 2);
+
+ fbd.deleteTrustedProviders(id);
+ try
+ {
+ fbd.loadTrustedProviders(id);
+ fail("Did not delete the trusted providers file");
+ }
+ catch(Exception t)
+ {
+ //pass
+ }
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/metadata/idp-entitydescriptor.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/metadata/idp-entitydescriptor.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/resources/saml2/metadata/idp-entitydescriptor.xml 2009-04-29 17:51:24 UTC (rev 467)
@@ -0,0 +1,42 @@
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ entityID="https://IdentityProvider.com/SAML">
+ <IDPSSODescriptor WantAuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <ArtifactResolutionService isDefault="true"
+ index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://IdentityProvider.com/SAML/Artifact" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://IdentityProvider.com/SAML/SLO/SOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://IdentityProvider.com/SAML/SLO/Browser"
+ ResponseLocation="https://IdentityProvider.com/SAML/SLO/Response" />
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
+ </NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ </NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://IdentityProvider.com/SAML/SSO/Browser" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://IdentityProvider.com/SAML/SSO/Browser" />
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" FriendlyName="eduPersonPrincipalName">
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" FriendlyName="eduPersonAffiliation">
+ <saml:AttributeValue>member</saml:AttributeValue>
+ <saml:AttributeValue>student</saml:AttributeValue>
+ <saml:AttributeValue>faculty</saml:AttributeValue>
+ <saml:AttributeValue>employee</saml:AttributeValue>
+ <saml:AttributeValue>staff</saml:AttributeValue>
+ </saml:Attribute>
+ </IDPSSODescriptor>
+</EntityDescriptor>
\ No newline at end of file
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r466 - identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 13:45:33 -0400 (Wed, 29 Apr 2009)
New Revision: 466
Added:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/SecurityActions.java
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java
Log:
JBID-42: saml metadata profile
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java 2009-04-29 17:44:23 UTC (rev 465)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java 2009-04-29 17:45:33 UTC (rev 466)
@@ -172,6 +172,11 @@
return sp;
}
+ /**
+ * Get the marshaller
+ * @return
+ * @throws Exception
+ */
public static Marshaller getMarshaller() throws Exception
{
return JBossSAMLBaseFactory.getMarshaller(pkgName);
Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataExtractor.java 2009-04-29 17:45:33 UTC (rev 466)
@@ -0,0 +1,149 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.api.saml.v2.metadata;
+
+import java.util.List;
+
+import org.jboss.identity.federation.saml.v2.metadata.EndpointType;
+import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.IndexedEndpointType;
+import org.jboss.identity.federation.saml.v2.metadata.RoleDescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.SPSSODescriptorType;
+import org.jboss.identity.federation.saml.v2.metadata.SSODescriptorType;
+
+/**
+ * Extract useful information out of metadata
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 29, 2009
+ */
+public class MetaDataExtractor
+{
+ public static String LINE_SEPARATOR = SecurityActions.getSystemProperty("line.separator",
+ "\n");
+
+ /**
+ * Generate a string from the information in the metadata
+ * @param edt
+ * @return
+ */
+ public static String toString(EntityDescriptorType edt)
+ {
+ StringBuilder builder = new StringBuilder();
+ List<RoleDescriptorType> rolesD = edt.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor();
+
+ for(RoleDescriptorType rdt: rolesD)
+ {
+ builder.append("ID=").append(rdt.getID());
+ builder.append(LINE_SEPARATOR);
+
+ if(rdt instanceof IDPSSODescriptorType)
+ {
+ IDPSSODescriptorType idp = (IDPSSODescriptorType) rdt;
+ builder.append(toString(idp));
+ }
+ if(rdt instanceof SPSSODescriptorType)
+ {
+ SPSSODescriptorType sp = (SPSSODescriptorType) rdt;
+ builder.append(toString(sp));
+ }
+ }
+
+ return builder.toString();
+ }
+
+ public static String toString(IDPSSODescriptorType idp)
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append(LINE_SEPARATOR);
+
+ //Get the SSODescriptor tags
+ SSODescriptorType sdt = idp;
+ builder.append(toString(sdt));
+
+ List<EndpointType> ssoServices = idp.getSingleSignOnService();
+ if(ssoServices != null)
+ {
+ builder.append("Single Singon Services are:[");
+
+ for(EndpointType edt: ssoServices)
+ {
+ builder.append(toString(edt));
+ }
+ builder.append("]");
+ builder.append(LINE_SEPARATOR);
+ }
+ return builder.toString();
+ }
+
+ public static String toString(SSODescriptorType sso)
+ {
+ StringBuilder builder = new StringBuilder();
+ List<String> nameIDs = sso.getNameIDFormat();
+ if(nameIDs != null)
+ {
+ for(String nameID: nameIDs)
+ {
+ builder.append("NameID=").append(nameID);
+ builder.append(LINE_SEPARATOR);
+ }
+ }
+
+ List<IndexedEndpointType> attrResServices = sso.getArtifactResolutionService();
+ if(attrResServices != null)
+ {
+ builder.append("AttributeResolutionServices are:[");
+ builder.append(LINE_SEPARATOR);
+ for(IndexedEndpointType iet : attrResServices)
+ {
+ builder.append(toString(iet));
+ }
+ builder.append("]");
+ }
+
+ List<EndpointType> sloServices = sso.getSingleLogoutService();
+ if(sloServices != null)
+ {
+ builder.append("Single Logout Services are:[");
+ builder.append(LINE_SEPARATOR);
+
+ for(EndpointType edt: sloServices)
+ {
+ builder.append(toString(edt));
+ }
+ builder.append("]");
+ builder.append(LINE_SEPARATOR);
+ }
+ return builder.toString();
+ }
+
+ public static String toString(EndpointType ept)
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append("[Location=").append(ept.getLocation());
+
+ builder.append(",ResponseLocation=").append(ept.getResponseLocation());
+ builder.append("]");
+ builder.append(LINE_SEPARATOR);
+ return builder.toString();
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/SecurityActions.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/SecurityActions.java 2009-04-29 17:45:33 UTC (rev 466)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.api.saml.v2.metadata;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 9, 2008
+ */
+class SecurityActions
+{
+ /**
+ * Get the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ /**
+ * Get the system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
+}
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r465 - in identity-federation/trunk/jboss-identity-samples: circleoftrust and 2 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-04-29 13:44:23 -0400 (Wed, 29 Apr 2009)
New Revision: 465
Added:
identity-federation/trunk/jboss-identity-samples/circleoftrust/
identity-federation/trunk/jboss-identity-samples/circleoftrust/pom.xml
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/META-INF/
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/WEB-INF/
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/WEB-INF/web.xml
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/addedIDP.jsp
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/index.jsp
identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/sp.jsp
Log:
JBID-88: circle of trust web app as a start
Added: identity-federation/trunk/jboss-identity-samples/circleoftrust/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-samples/circleoftrust/pom.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-samples/circleoftrust/pom.xml 2009-04-29 17:44:23 UTC (rev 465)
@@ -0,0 +1,35 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.identity.federation</groupId>
+ <artifactId>jboss-identity-samples-employee</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <packaging>war</packaging>
+ <name>JBoss Identity Federation Circle Of Trust</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>circleoftrust</warName>
+ <webappDirectory>${basedir}/resources/</webappDirectory>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ </build>
+</project>
Added: identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/WEB-INF/web.xml (rev 0)
+++ identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/WEB-INF/web.xml 2009-04-29 17:44:23 UTC (rev 465)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app version="2.4"
+ xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
+ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
+
+ <description>Circle Of Trust</description>
+
+ <servlet>
+ <servlet-name>COTServlet</servlet-name>
+ <servlet-class>org.jboss.identity.federation.bindings.servlets.CircleOfTrustServlet</servlet-class>
+ <init-param>
+ <param-name>issuer</param-name>
+ <param-value>redhatPdpEntity</param-value>
+ </init-param>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>COTServlet</servlet-name>
+ <url-pattern>/COTServlet</url-pattern>
+ </servlet-mapping>
+
+</web-app>
Added: identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/addedIDP.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/addedIDP.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/addedIDP.jsp 2009-04-29 17:44:23 UTC (rev 465)
@@ -0,0 +1,16 @@
+<%@ page import="org.jboss.identity.federation.saml.v2.metadata.*,org.jboss.identity.federation.api.saml.v2.metadata.*" %>
+
+An IDP has been added as a trusted provider.<br/>
+
+Information on the IDP: <br/>
+
+<%
+ EntityDescriptorType edt = (EntityDescriptorType)session.getAttribute("idp");
+
+ out.println(MetaDataExtractor.toString(edt));
+
+ session.removeAttribute("idp");
+%>
+<br/>
+<br/>
+<a href="<%=request.getContextPath()%>/index.jsp">Back</a>
Added: identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/index.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/index.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/index.jsp 2009-04-29 17:44:23 UTC (rev 465)
@@ -0,0 +1,2 @@
+<a href="sp.jsp">Configure a SP</a> <br/>
+<a href="idp.jsp">Configure an IDP</a>
Added: identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/sp.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/sp.jsp (rev 0)
+++ identity-federation/trunk/jboss-identity-samples/circleoftrust/resources/sp.jsp 2009-04-29 17:44:23 UTC (rev 465)
@@ -0,0 +1,13 @@
+Configure a Service Provider <br/>
+
+<form name="add_idp" action="/circleoftrust/COTServlet" method="post">
+Name of the Service Provider:
+<input type="text" name="spname" value="ENTER SP NAME" /> <br/>
+IDPName:
+<input type="text" name="idpname" value="ENTER IDP NAME" /> <br/>
+Metadata URL:
+<input type="text" name="metadataURL" value="ENTER Metadata URL" /> <br/>
+<input type="hidden" name="type" value="sp" /> <br/>
+<input type="hidden" name="action" value="add" /> <br/>
+<input type="submit" value="Submit" /> <br/>
+</form>
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r464 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust and 11 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-04-28 10:58:51 -0400 (Tue, 28 Apr 2009)
New Revision: 464
Added:
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSUnitTestCase.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/StandardTokenProvider.java
identity-federation/trunk/jboss-identity-bindings/src/test/resources/keystore/sts_keystore.jks
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/StandardTokenProvider.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java
Removed:
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/identity/
identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSTest.java
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTS.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/SecurityActions.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd
identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java
Log:
JBID-77: Added test cases for the core classes and factories. Included the caller principal in the wstrust request context. Added missing javadocs and fixed minor problems uncovered by the test cases.
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/config/ServiceProviderType.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -44,7 +44,7 @@
@XmlType(name = "ServiceProviderType")
public class ServiceProviderType {
- @XmlAttribute(required = true)
+ @XmlAttribute(name = "Endpoint", required = true)
protected String endpoint;
@XmlAttribute(name = "TruststoreAlias", required = true)
protected String truststoreAlias;
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTS.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTS.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTS.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -40,7 +40,6 @@
import org.jboss.identity.federation.api.wstrust.WSTrustException;
import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
import org.jboss.identity.federation.api.wstrust.protocol.BaseRequestSecurityToken;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenCollection;
@@ -94,19 +93,19 @@
if(this.config == null)
this.config = this.getConfiguration();
- WSTrustRequestHandler handler = WSTrustServiceFactory.getInstance().createRequestHandler(this.config);
+ WSTrustRequestHandler handler = this.config.getRequestHandler();
String requestType = request.getRequestType().toString();
try
{
if (requestType.equals(WSTrustConstants.ISSUE_REQUEST))
- return this.marshallResponse(handler.issue(request, this.context.getMessageContext()));
+ return this.marshallResponse(handler.issue(request, this.context.getUserPrincipal()));
else if (requestType.equals(WSTrustConstants.RENEW_REQUEST))
- return this.marshallResponse(handler.renew(request, this.context.getMessageContext()));
+ return this.marshallResponse(handler.renew(request, this.context.getUserPrincipal()));
else if (requestType.equals(WSTrustConstants.CANCEL_REQUEST))
- return this.marshallResponse(handler.cancel(request, this.context.getMessageContext()));
+ return this.marshallResponse(handler.cancel(request, this.context.getUserPrincipal()));
else if (requestType.equals(WSTrustConstants.VALIDATE_REQUEST))
- return this.marshallResponse(handler.validate(request, this.context.getMessageContext()));
+ return this.marshallResponse(handler.validate(request, this.context.getUserPrincipal()));
else
throw new WSTrustException("Invalid request type: " + requestType);
}
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/SecurityActions.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/SecurityActions.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -27,8 +27,8 @@
import java.security.PrivilegedExceptionAction;
/**
- *
* <p>
+ * Utility class that executes actions such as creating a class in privileged blocks.
* </p>
*
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
@@ -37,8 +37,11 @@
{
/**
+ * <p>
+ * Gets the thread context class loader using a privileged block.
+ * </p>
*
- * @return
+ * @return a reference to the thread context {@code ClassLoader}.
*/
static ClassLoader getContextClassLoader()
{
@@ -52,10 +55,15 @@
}
/**
+ * <p>
+ * Loads a class using the thread context class loader in a privileged block.
+ * </p>
*
- * @param name
- * @return
- * @throws PrivilegedActionException
+ * @param name the fully-qualified name of the class to be loaded.
+ * @return a reference to the loaded {@code Class}.
+ * @throws PrivilegedActionException if an error occurs while loading the class. This exception wraps the real cause
+ * of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
*/
static Class<?> loadClass(final String name) throws PrivilegedActionException
{
@@ -76,10 +84,15 @@
}
/**
+ * <p>
+ * Creates an instance of the specified class in a privileged block. The class must define a default constructor.
+ * </p>
*
- * @param className
- * @return
- * @throws PrivilegedActionException
+ * @param className the fully-qualified name of the class to be instantiated.
+ * @return a reference to the instantiated {@code Object}.
+ * @throws PrivilegedActionException if an error occurs while instantiating the class. This exception wraps the real
+ * cause of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
*/
static Object instantiateClass(final String className) throws PrivilegedActionException
{
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -144,6 +144,13 @@
// Get public key
publicKey = cert.getPublicKey();
}
+ // if alias is a certificate alias, get the public key from the certificate.
+ if(publicKey == null)
+ {
+ Certificate cert = ks.getCertificate(alias);
+ if(cert != null)
+ publicKey = cert.getPublicKey();
+ }
return publicKey;
}
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-04-28 14:58:51 UTC (rev 464)
@@ -208,7 +208,7 @@
generated token.
</documentation>
</annotation>
- <attribute name="endpoint" type="string" use="required"/>
+ <attribute name="Endpoint" type="string" use="required"/>
<attribute name="TruststoreAlias" type="string" use="required"/>
<attribute name="TokenType" type="string" use="required"/>
</complexType>
Copied: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust (from rev 437, identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/identity/federation/bindings/jboss/trust)
Deleted: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSTest.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSTest.java 2009-04-15 18:30:26 UTC (rev 437)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSTest.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -1,35 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.identity.federation.bindings.jboss.trust;
-
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-
-public class JBossSTSTest
-{
-
- public static void main(String[] args)
- {
- JBossSTS sts = new JBossSTS();
- STSConfiguration config = sts.getConfiguration();
- System.out.println(config.getEncryptIssuedToken());
- }
-}
Copied: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSUnitTestCase.java (from rev 437, identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSTest.java)
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/JBossSTSUnitTestCase.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,136 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.bindings.trust;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.api.wstrust.STSConfiguration;
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.StandardRequestHandler;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.bindings.jboss.trust.JBossSTS;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the behavior of the {@code JBossSTS} service.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class JBossSTSUnitTestCase extends TestCase
+{
+
+ /**
+ * <p>
+ * This test verifies that the STS service can read and load all configuration parameters correctly. The
+ * configuration file (jboss-sts.xml) looks like the following:
+ *
+ * <pre>
+ * <JBossSTS xmlns="urn:jboss:identity-federation:config:1.0"
+ * STSName="Test STS" TokenTimeout="7200" EncryptToken="true">
+ * <KeyProvider ClassName="org.jboss.identity.federation.bindings.tomcat.KeyStoreKeyManager">
+ * <Auth Key="KeyStoreURL" Value="keystore/sts_keystore.jks"/>
+ * <Auth Key="KeyStorePass" Value="testpass"/>
+ * <Auth Key="SigningKeyAlias" Value="sts"/>
+ * <Auth Key="SigningKeyPass" Value="keypass"/>
+ * <ValidatingAlias Key="http://services.testcorp.org/provider1" Value="service1"/>
+ * <ValidatingAlias Key="http://services.testcorp.org/provider2" Value="service2"/>
+ * </KeyProvider>
+ * <RequestHandler>org.jboss.identity.federation.wstrust.Handler</RequestHandler>
+ * <ServiceProviders>
+ * <ServiceProvider endpoint="http://services.testcorp.org/provider1" TokenType="specialToken"
+ * TruststoreAlias="service1"/>
+ * <ServiceProvider endpoint="http://services.testcorp.org/provider2" TokenType="specialToken"
+ * TruststoreAlias="service2"/>
+ * </ServiceProviders>
+ * </JBossSTS>
+ * </pre>
+ *
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testSTSConfiguration() throws Exception
+ {
+ // for testing purposes we can instantiate the TestSTS as a regular POJO.
+ TestSTS sts = new TestSTS();
+
+ // make the STS read the configuration file.
+ STSConfiguration config = sts.getConfiguration();
+
+ // check the values that have been configured.
+ assertEquals("Unexpected service name", "Test STS", config.getSTSName());
+ assertEquals("Unexpected token timeout value", 7200 * 1000, config.getIssuedTokenTimeout());
+ assertTrue("Encrypt token should be true", config.getEncryptIssuedToken());
+ WSTrustRequestHandler handler = config.getRequestHandler();
+ assertNotNull("Unexpected null request handler found", handler);
+ assertTrue("Unexpected request handler type", handler instanceof StandardRequestHandler);
+
+ // check the token type -> token provider mapping.
+ SecurityTokenProvider provider = config.getProviderForTokenType("specialToken");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+ provider = config.getProviderForTokenType("standardToken");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof StandardTokenProvider);
+ assertNull(config.getProviderForTokenType("unexistentType"));
+
+ // check the service provider -> token type mapping.
+ assertEquals("Invalid token type for service provider 1", "specialToken", config
+ .getTokenTypeForService("http://services.testcorp.org/provider1"));
+ assertEquals("Invalid token type for service provider 2", "standardToken", config
+ .getTokenTypeForService("http://services.testcorp.org/provider2"));
+ assertNull(config.getTokenTypeForService("http://invalid.service/service"));
+
+ // check the service provider -> token provider mapping.
+ provider = config.getProviderForService("http://services.testcorp.org/provider1");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+ provider = config.getProviderForService("http://services.testcorp.org/provider2");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof StandardTokenProvider);
+ assertNull(config.getProviderForService("http://invalid.service/service"));
+
+ // check the keystore configuration.
+ assertNotNull("Invalid null private key", config.getSigningKey());
+ assertNotNull("Invalid null validating key for service provider 1", config
+ .getPublicKeyForService("http://services.testcorp.org/provider1"));
+ assertNotNull("Invalid null validating key for service provider 2", config
+ .getPublicKeyForService("http://services.testcorp.org/provider2"));
+ }
+
+ /**
+ * <p>
+ * Helper class that exposes the JBossSTS methods as public for the tests to work.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+ class TestSTS extends JBossSTS
+ {
+ @Override
+ public STSConfiguration getConfiguration()
+ {
+ return super.getConfiguration();
+ }
+ }
+}
Added: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/SpecialTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/SpecialTokenProvider.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.bindings.trust;
+
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustException;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
+
+/**
+ * <p>
+ * Mock {@code SecurityTokenProvider} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SpecialTokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/StandardTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/StandardTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/java/org/jboss/test/identity/federation/bindings/trust/StandardTokenProvider.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.bindings.trust;
+
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustException;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
+
+/**
+ * <p>
+ * Mock {@code SecurityTokenProvider} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class StandardTokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+}
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-04-28 14:58:51 UTC (rev 464)
@@ -10,7 +10,7 @@
<TokenProvider ProviderClass="org.jboss.SpecialTokenProvider" TokenType="specialToken"/>
</TokenProviders>
<ServiceProviders>
- <ServiceProvider endpoint="http://provider.endpoint/provider" TokenType="specialToken"
+ <ServiceProvider Endpoint="http://provider.endpoint/provider" TokenType="specialToken"
TruststoreAlias="providerAlias"/>
</ServiceProviders>
</JBossSTS>
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/jboss-sts.xml 2009-04-28 14:58:51 UTC (rev 464)
@@ -1,17 +1,24 @@
<JBossSTS xmlns="urn:jboss:identity-federation:config:1.0"
STSName="Test STS" TokenTimeout="7200" EncryptToken="true">
<KeyProvider ClassName="org.jboss.identity.federation.bindings.tomcat.KeyStoreKeyManager">
- <Auth Key="KeyStoreURL" Value="file://url/to/keystore.jks" />
- <Auth Key="KeyStorePass" Value="SomePassword" />
- <Auth Key="SigningKeyAlias" Value="SigningAlias" />
- <Auth Key="SigningKeyPass" Value="SigningPass" />
- <ValidatingAlias Key="localhost" Value="localhostalias"/>
- <ValidatingAlias Key="jboss.com" Value="jbossalias"/>
- <SigningAlias>issueralias</SigningAlias>
+ <Auth Key="KeyStoreURL" Value="keystore/sts_keystore.jks"/>
+ <Auth Key="KeyStorePass" Value="testpass"/>
+ <Auth Key="SigningKeyAlias" Value="sts"/>
+ <Auth Key="SigningKeyPass" Value="keypass"/>
+ <ValidatingAlias Key="http://services.testcorp.org/provider1" Value="service1"/>
+ <ValidatingAlias Key="http://services.testcorp.org/provider2" Value="service2"/>
</KeyProvider>
- <RequestHandler>org.jboss.identity.federation.wstrust.Handler</RequestHandler>
+ <RequestHandler>org.jboss.identity.federation.api.wstrust.StandardRequestHandler</RequestHandler>
+ <TokenProviders>
+ <TokenProvider ProviderClass="org.jboss.test.identity.federation.bindings.trust.SpecialTokenProvider"
+ TokenType="specialToken"/>
+ <TokenProvider ProviderClass="org.jboss.test.identity.federation.bindings.trust.StandardTokenProvider"
+ TokenType="standardToken"/>
+ </TokenProviders>
<ServiceProviders>
- <ServiceProvider endpoint="http://provider.endpoint/provider" TokenType="specialToken"
- TruststoreAlias="providerAlias"/>
+ <ServiceProvider Endpoint="http://services.testcorp.org/provider1" TokenType="specialToken"
+ TruststoreAlias="service1"/>
+ <ServiceProvider Endpoint="http://services.testcorp.org/provider2" TokenType="standardToken"
+ TruststoreAlias="service2"/>
</ServiceProviders>
</JBossSTS>
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-bindings/src/test/resources/keystore/sts_keystore.jks
===================================================================
(Binary files differ)
Property changes on: identity-federation/trunk/jboss-identity-bindings/src/test/resources/keystore/sts_keystore.jks
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/SecurityActions.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -27,8 +27,8 @@
import java.security.PrivilegedExceptionAction;
/**
- *
* <p>
+ * Utility class that executes actions such as creating a class in privileged blocks.
* </p>
*
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
@@ -37,8 +37,11 @@
{
/**
+ * <p>
+ * Gets the thread context class loader using a privileged block.
+ * </p>
*
- * @return
+ * @return a reference to the thread context {@code ClassLoader}.
*/
static ClassLoader getContextClassLoader()
{
@@ -52,10 +55,15 @@
}
/**
+ * <p>
+ * Loads a class using the thread context class loader in a privileged block.
+ * </p>
*
- * @param name
- * @return
- * @throws PrivilegedActionException
+ * @param name the fully-qualified name of the class to be loaded.
+ * @return a reference to the loaded {@code Class}.
+ * @throws PrivilegedActionException if an error occurs while loading the class. This exception wraps the real cause
+ * of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
*/
static Class<?> loadClass(final String name) throws PrivilegedActionException
{
@@ -76,10 +84,15 @@
}
/**
+ * <p>
+ * Creates an instance of the specified class in a privileged block. The class must define a default constructor.
+ * </p>
*
- * @param className
- * @return
- * @throws PrivilegedActionException
+ * @param className the fully-qualified name of the class to be instantiated.
+ * @return a reference to the instantiated {@code Object}.
+ * @throws PrivilegedActionException if an error occurs while instantiating the class. This exception wraps the real
+ * cause of the error, so classes using this method must perform a {@code getCause()} in order to get a
+ * reference to the root of the error.
*/
static Object instantiateClass(final String className) throws PrivilegedActionException
{
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/StandardRequestHandler.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -21,14 +21,8 @@
*/
package org.jboss.identity.federation.api.wstrust;
-import javax.xml.ws.handler.MessageContext;
+import java.security.Principal;
-import org.jboss.identity.federation.api.wstrust.STSConfiguration;
-import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
-import org.jboss.identity.federation.api.wstrust.WSTrustException;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
-import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
-import org.jboss.identity.federation.api.wstrust.WSTrustUtil;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenResponse;
import org.jboss.identity.federation.ws.policy.AppliesTo;
@@ -63,51 +57,51 @@
* (non-Javadoc)
*
* @see org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#issue(org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken,
- * javax.xml.ws.handler.MessageContext)
+ * java.security.Principal)
*/
- public RequestSecurityTokenResponse issue(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
SecurityTokenProvider provider = null;
-
+
// first try to obtain the security token provider using the applies-to contents.
AppliesTo appliesTo = request.getAppliesTo();
- if(appliesTo != null)
+ if (appliesTo != null)
{
String serviceName = WSTrustUtil.parseAppliesTo(appliesTo);
- if(serviceName != null)
+ if (serviceName != null)
provider = this.configuration.getProviderForService(serviceName);
}
// if applies-to is not available or if no provider was found for the service, use the token type.
- if(provider == null && request.getTokenType() != null)
+ if (provider == null && request.getTokenType() != null)
{
provider = this.configuration.getProviderForTokenType(request.getTokenType().toString());
}
- else if(appliesTo == null && request.getTokenType() == null)
+ else if (appliesTo == null && request.getTokenType() == null)
throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
-
- if(provider != null)
+
+ if (provider != null)
{
// create the request context and delegate token generation to the provider.
- WSTrustRequestContext requestContext = new WSTrustRequestContext(request);
- if(request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
+ WSTrustRequestContext requestContext = new WSTrustRequestContext(request, callerPrincipal);
+ if (request.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0)
{
// if no lifetime has been specified, use the configured timeout value.
LifetimeType lifetime = WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout());
request.setLifetime(lifetime);
}
provider.issueToken(requestContext);
-
+
// construct the ws-trust security token response.
RequestedSecurityTokenType requestedSecurityToken = new RequestedSecurityTokenType();
requestedSecurityToken.setAny(requestContext.getSecurityToken());
-
+
// TODO: create proof token and encrypt the token if needed
-
+
RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
- if(request.getContext() != null)
+ if (request.getContext() != null)
response.setContext(request.getContext());
-
+
response.setTokenType(request.getTokenType());
response.setLifetime(request.getLifetime());
response.setAppliesTo(appliesTo);
@@ -122,9 +116,9 @@
* (non-Javadoc)
*
* @see org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#renew(org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken,
- * javax.xml.ws.handler.MessageContext)
+ * java.security.Principal)
*/
- public RequestSecurityTokenResponse renew(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
// TODO: implement renew logic.
@@ -135,9 +129,9 @@
* (non-Javadoc)
*
* @see org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#validate(org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken,
- * javax.xml.ws.handler.MessageContext)
+ * java.security.Principal)
*/
- public RequestSecurityTokenResponse validate(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
// TODO: implement validate logic.
@@ -148,9 +142,9 @@
* (non-Javadoc)
*
* @see org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler#cancel(org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken,
- * javax.xml.ws.handler.MessageContext)
+ * java.security.Principal)
*/
- public RequestSecurityTokenResponse cancel(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
// TODO: implement cancel logic.
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -108,6 +108,7 @@
{
Unmarshaller unmarshaller = this.context.createUnmarshaller();
Object object = unmarshaller.unmarshal(request);
+
// check the type of the unmarshalled object.
if (object instanceof RequestSecurityTokenType)
return new RequestSecurityToken((RequestSecurityTokenType) object);
@@ -148,15 +149,26 @@
try
{
Unmarshaller unmarshaller = this.context.createUnmarshaller();
- JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response);
- // is this a single token response or a collection of token responses
- if (element.getDeclaredType().equals(RequestSecurityTokenResponseType.class))
- return new RequestSecurityTokenResponse((RequestSecurityTokenResponseType) element.getValue());
- else if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
- return new RequestSecurityTokenResponseCollection((RequestSecurityTokenResponseCollectionType) element
- .getValue());
+ Object object = unmarshaller.unmarshal(response);
+ // check the type of the response object.
+ if (object instanceof RequestSecurityTokenResponseType)
+ return new RequestSecurityTokenResponse((RequestSecurityTokenResponseType) object);
+ else if (object instanceof RequestSecurityTokenResponseCollectionType)
+ return new RequestSecurityTokenResponseCollection((RequestSecurityTokenResponseCollectionType) object);
+ else if (object instanceof JAXBElement)
+ {
+ JAXBElement<?> element = (JAXBElement<?>) unmarshaller.unmarshal(response);
+ // is this a single token response or a collection of token responses
+ if (element.getDeclaredType().equals(RequestSecurityTokenResponseType.class))
+ return new RequestSecurityTokenResponse((RequestSecurityTokenResponseType) element.getValue());
+ else if (element.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class))
+ return new RequestSecurityTokenResponseCollection((RequestSecurityTokenResponseCollectionType) element
+ .getValue());
+ else
+ throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
+ }
else
- throw new RuntimeException("Invalid response type: " + element.getDeclaredType());
+ throw new RuntimeException("Invalid response type: " + object.getClass().getName());
}
catch (Exception e)
{
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestContext.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -21,6 +21,8 @@
*/
package org.jboss.identity.federation.api.wstrust;
+import java.security.Principal;
+
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
/**
@@ -36,6 +38,8 @@
private final RequestSecurityToken request;
+ private final Principal callerPrincipal;
+
private SecurityToken securityToken;
/**
@@ -46,9 +50,10 @@
* @param request a {@code RequestSecurityToken} object that contains the information about the security token
* request.
*/
- public WSTrustRequestContext(RequestSecurityToken request)
+ public WSTrustRequestContext(RequestSecurityToken request, Principal callerPrincipal)
{
this.request = request;
+ this.callerPrincipal = callerPrincipal;
}
/**
@@ -65,6 +70,18 @@
/**
* <p>
+ * Obtains the principal of the ws-trust token requester.
+ * </p>
+ *
+ * @return a reference to the caller {@code Principal} object.
+ */
+ public Principal getCallerPrincipal()
+ {
+ return this.callerPrincipal;
+ }
+
+ /**
+ * <p>
* Obtains the security token contained in this context.
* </p>
*
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustRequestHandler.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -21,7 +21,7 @@
*/
package org.jboss.identity.federation.api.wstrust;
-import javax.xml.ws.handler.MessageContext;
+import java.security.Principal;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenResponse;
@@ -53,12 +53,11 @@
* </p>
*
* @param request the security token request message.
- * @param context the context of the token request message. The context provides information that may be relevant to
- * the request processing, such as the subject of the caller.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
* @return a {@code RequestSecurityTokenResponse} containing the generated token.
* @throws WSTrustException if an error occurs while handling the request message.
*/
- public RequestSecurityTokenResponse issue(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse issue(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException;
/**
@@ -67,12 +66,11 @@
* </p>
*
* @param request the request message that contains the token to be renewed.
- * @param context the context of the token request message. The context provides information that may be relevant to
- * the request processing, such as the subject of the caller.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
* @return a {@code RequestSecurityTokenResponse} containing the renewed token.
* @throws WSTrustException if an error occurs while handling the renewal process.
*/
- public RequestSecurityTokenResponse renew(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException;
/**
@@ -81,12 +79,11 @@
* </p>
*
* @param request the request message that contains the token to be canceled.
- * @param context the context of the token request message. The context provides information that may be relevant to
- * the request processing, such as the subject of the caller.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
* @return a {@code RequestSecurityTokenResponse} indicating whether the token has been canceled or not.
* @throws WSTrustException if an error occurs while handling the cancellation process.
*/
- public RequestSecurityTokenResponse cancel(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse cancel(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException;
/**
@@ -95,11 +92,10 @@
* </p>
*
* @param request the request message that contains the token to be validated.
- * @param context the context of the token request message. The context provides information that may be relevant to
- * the request processing, such as the subject of the caller.
+ * @param callerPrincipal the {@code Principal} of the ws-trust token requester.
* @return a {@code RequestSecurityTokenResponse} containing the validation status or a new token.
* @throws WSTrustException if an error occurs while handling the validation process.
*/
- public RequestSecurityTokenResponse validate(RequestSecurityToken request, MessageContext context)
+ public RequestSecurityTokenResponse validate(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException;
}
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java 2009-04-28 14:53:13 UTC (rev 463)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustServiceFactory.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -65,9 +65,8 @@
* @param configuration a reference to the {@code STSConfiguration}.
* @return a reference to the constructed {@code WSTrustRequestHandler} object.
*/
- public WSTrustRequestHandler createRequestHandler(STSConfiguration configuration)
+ public WSTrustRequestHandler createRequestHandler(String handlerClassName, STSConfiguration configuration)
{
- String handlerClassName = configuration.getRequestHandlerClass();
try
{
WSTrustRequestHandler handler = (WSTrustRequestHandler) SecurityActions.instantiateClass(handlerClassName);
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/MockSTSConfiguration.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,130 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.wstrust;
+
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.Map;
+
+import org.jboss.identity.federation.api.wstrust.STSConfiguration;
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
+
+/**
+ * <p>
+ * Mock implementation of {@code STSConfiguration} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class MockSTSConfiguration implements STSConfiguration
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getEncryptIssuedToken()
+ */
+ public boolean getEncryptIssuedToken()
+ {
+ return false;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getIssuedTokenTimeout()
+ */
+ public long getIssuedTokenTimeout()
+ {
+ return 0;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getOptions()
+ */
+ public Map<String, Object> getOptions()
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForService(java.lang.String)
+ */
+ public SecurityTokenProvider getProviderForService(String serviceName)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getProviderForTokenType(java.lang.String)
+ */
+ public SecurityTokenProvider getProviderForTokenType(String tokenType)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getPublicKeyForService(java.lang.String)
+ */
+ public PublicKey getPublicKeyForService(String serviceName)
+ {
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandler()
+ */
+ public WSTrustRequestHandler getRequestHandler()
+ {
+ return null;
+ }
+
+ public String getSTSName()
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public PrivateKey getSigningKey()
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getTokenTypeForService(String serviceName)
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/SpecialTokenProvider.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.wstrust;
+
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustException;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
+
+/**
+ * <p>
+ * Mock {@code SecurityTokenProvider} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class SpecialTokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/StandardTokenProvider.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/StandardTokenProvider.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/StandardTokenProvider.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.wstrust;
+
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustException;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestContext;
+
+/**
+ * <p>
+ * Mock {@code SecurityTokenProvider} used in the test scenarios.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class StandardTokenProvider implements SecurityTokenProvider
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#cancelToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void cancelToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#issueToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void issueToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#renewToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void renewToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.identity.federation.api.wstrust.SecurityTokenProvider#validateToken(org.jboss.identity.federation.api.wstrust.WSTrustRequestContext)
+ */
+ public void validateToken(WSTrustRequestContext context) throws WSTrustException
+ {
+ }
+
+}
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustJAXBFactoryUnitTestCase.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,275 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.wstrust;
+
+import java.net.URI;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.util.JAXBSource;
+import javax.xml.transform.Source;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.api.wstrust.WSTrustJAXBFactory;
+import org.jboss.identity.federation.api.wstrust.protocol.BaseRequestSecurityToken;
+import org.jboss.identity.federation.api.wstrust.protocol.BaseRequestSecurityTokenResponse;
+import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityToken;
+import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenCollection;
+import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenResponse;
+import org.jboss.identity.federation.api.wstrust.protocol.RequestSecurityTokenResponseCollection;
+import org.jboss.identity.federation.ws.trust.ObjectFactory;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the methods of the {@code WSTrustJAXBFactory}.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustJAXBFactoryUnitTestCase extends TestCase
+{
+
+ private JAXBContext context;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see junit.framework.TestCase#setUp()
+ */
+ @Override
+ protected void setUp() throws Exception
+ {
+ StringBuffer packages = new StringBuffer();
+ packages.append("org.jboss.identity.federation.ws.addressing");
+ packages.append(":org.jboss.identity.federation.ws.policy");
+ packages.append(":org.jboss.identity.federation.ws.trust");
+ packages.append(":org.jboss.identity.federation.ws.wss.secext");
+ packages.append(":org.jboss.identity.federation.ws.wss.utility");
+ this.context = JAXBContext.newInstance(packages.toString());
+ }
+
+ /**
+ * <p>
+ * Tests parsing a WS-Trust request message.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testParseRequestSecurityToken() throws Exception
+ {
+ // create a sample ws-trust request.
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setContext("testcontext");
+ request.setTokenType(new URI("http://example.org/specialToken"));
+ request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
+
+ // encapsulate the request in a source object.
+ ObjectFactory objectFactory = new ObjectFactory();
+ JAXBElement<?> element = objectFactory.createRequestSecurityToken(request.getDelegate());
+ JAXBSource source = new JAXBSource(this.context, element);
+
+ // parse the request using the WSTrustJAXBFactory.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null request message", baseRequest);
+
+ // check the contents of the parsed request.
+ assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
+ RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
+ assertEquals("Unexpected context name", "testcontext", parsedRequest.getContext());
+ assertEquals("Unexpected token type", "http://example.org/specialToken", parsedRequest.getTokenType().toString());
+ assertEquals("Unexpected request type", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", parsedRequest
+ .getRequestType().toString());
+
+ // repeat the test, this time using a request collection instead of a single request.
+ RequestSecurityTokenCollection collection = new RequestSecurityTokenCollection();
+ collection.addRequestSecurityToken(request);
+ element = objectFactory.createRequestSecurityTokenCollection(collection.getDelegate());
+ source = new JAXBSource(this.context, element);
+
+ baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null request message", baseRequest);
+ assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityTokenCollection);
+ RequestSecurityTokenCollection parsedCollection = (RequestSecurityTokenCollection) baseRequest;
+ assertNotNull("Unexpected null request list", parsedCollection.getRequestSecurityTokens());
+ assertEquals("Unexpected number of requests", 1, parsedCollection.getRequestSecurityTokens().size());
+
+ // repeat the tests, this time creating a source that contains the request message directly (no JAXBElement).
+ source = new JAXBSource(this.context, request.getDelegate());
+ baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null request message", baseRequest);
+ assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityToken);
+
+ source = new JAXBSource(this.context, collection.getDelegate());
+ baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null request message", baseRequest);
+ assertTrue("Unexpected request message type", baseRequest instanceof RequestSecurityTokenCollection);
+ }
+
+ /**
+ * <p>
+ * Tests parsing a WS-Trust response message.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testParseRequestSecurityTokenResponse() throws Exception
+ {
+ // create a sample ws-trust response message.
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ response.setContext("testcontext");
+ response.setTokenType(new URI("http://example.org/specialToken"));
+ response.setForwardable(false);
+
+ // encapsulate the response in a source object.
+ ObjectFactory objectFactory = new ObjectFactory();
+ JAXBElement<?> element = objectFactory.createRequestSecurityTokenResponse(response.getDelegate());
+ JAXBSource source = new JAXBSource(this.context, element);
+
+ // parse the response using the WSTrustJAXBFactory.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null response message", baseResponse);
+
+ // check the contents of the parsed response.
+ assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponse);
+ RequestSecurityTokenResponse parsedResponse = (RequestSecurityTokenResponse) baseResponse;
+ assertEquals("Unexpected context name", "testcontext", parsedResponse.getContext());
+ assertEquals("Unexpected token type", "http://example.org/specialToken", parsedResponse.getTokenType().toString());
+ assertFalse(parsedResponse.isForwardable());
+
+ // repeat the test, this time using a response collection instead of a single response.
+ RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
+ collection.addRequestSecurityTokenResponse(response);
+ element = objectFactory.createRequestSecurityTokenResponseCollection(collection.getDelegate());
+ source = new JAXBSource(this.context, element);
+
+ baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null response message", baseResponse);
+ assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
+ RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
+ assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
+ assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
+
+ // repeat the tests, this time creating a source that contains the response message directly (no JAXBElement).
+ source = new JAXBSource(this.context, response.getDelegate());
+ baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null response message", baseResponse);
+ assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponse);
+
+ source = new JAXBSource(this.context, collection.getDelegate());
+ baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null response message", baseResponse);
+ assertTrue("Unexpected response message type", baseResponse instanceof RequestSecurityTokenResponseCollection);
+ }
+
+ /**
+ * <p>
+ * Tests the marshalling of a WS-Trust request.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testMarshallRequestSecurityToken() throws Exception
+ {
+ // create a request object.
+ RequestSecurityToken request = new RequestSecurityToken();
+ request.setContext("testcontext");
+ request.setTokenType(new URI("http://example.org/specialToken"));
+ request.setRequestType(new URI("http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"));
+
+ // use the factory to marshall the request.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ Source source = factory.marshallRequestSecurityToken(request);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof JAXBSource);
+
+ // at this point we know that the parsing works, so parse the generated source and compare to the original request.
+ BaseRequestSecurityToken baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null value for the parsed request", baseRequest);
+ assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityToken);
+ RequestSecurityToken parsedRequest = (RequestSecurityToken) baseRequest;
+ assertEquals("Unexpected context value", request.getContext(), parsedRequest.getContext());
+ assertTrue("Unexpected token type", request.getTokenType().equals(parsedRequest.getTokenType()));
+ assertTrue("Unexpected request type", request.getRequestType().equals(parsedRequest.getRequestType()));
+
+ // repeat the test, now using a collection of requests.
+ RequestSecurityTokenCollection collection = new RequestSecurityTokenCollection();
+ collection.addRequestSecurityToken(request);
+ source = factory.marshallRequestSecurityToken(collection);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof JAXBSource);
+
+ baseRequest = factory.parseRequestSecurityToken(source);
+ assertNotNull("Unexpected null value for the parsed request", baseRequest);
+ assertTrue("Unexpected parsed request type", baseRequest instanceof RequestSecurityTokenCollection);
+ RequestSecurityTokenCollection parsedCollection = (RequestSecurityTokenCollection) baseRequest;
+ assertNotNull("Unexpected null request list", parsedCollection.getRequestSecurityTokens());
+ assertEquals("Unexpected number of requests", 1, parsedCollection.getRequestSecurityTokens().size());
+ }
+
+ /**
+ * <p>
+ * Tests the marshalling of a WS-Trust response.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testMarshallRequestSecurityTokenResponse() throws Exception
+ {
+ // create a sample ws-trust response message.
+ RequestSecurityTokenResponse response = new RequestSecurityTokenResponse();
+ response.setContext("testcontext");
+ response.setTokenType(new URI("http://example.org/specialToken"));
+ response.setForwardable(false);
+
+ // use the factory to marshall the response.
+ WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
+ Source source = factory.marshallRequestSecurityTokenResponse(response);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof JAXBSource);
+
+ // at this point we know that the parsing works, so parse the generated source and compare to the original response.
+ BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null value for the parsed response", baseResponse);
+ assertTrue("Unexpected parsed response type", baseResponse instanceof RequestSecurityTokenResponse);
+ RequestSecurityTokenResponse parsedResponse = (RequestSecurityTokenResponse) baseResponse;
+ assertEquals("Unexpected context value", response.getContext(), parsedResponse.getContext());
+ assertTrue("Unexpected token type", response.getTokenType().equals(parsedResponse.getTokenType()));
+ assertFalse(parsedResponse.isForwardable());
+
+ // repeat the test, now using a collection of responses.
+ RequestSecurityTokenResponseCollection collection = new RequestSecurityTokenResponseCollection();
+ collection.addRequestSecurityTokenResponse(response);
+ source = factory.marshallRequestSecurityTokenResponse(collection);
+ assertNotNull("Unexpected null source", source);
+ assertTrue("Unexpected source type", source instanceof JAXBSource);
+
+ baseResponse = factory.parseRequestSecurityTokenResponse(source);
+ assertNotNull("Unexpected null value for the parsed response", baseResponse);
+ assertTrue("Unexpected parsed request type", baseResponse instanceof RequestSecurityTokenResponseCollection);
+ RequestSecurityTokenResponseCollection parsedCollection = (RequestSecurityTokenResponseCollection) baseResponse;
+ assertNotNull("Unexpected null response list", parsedCollection.getRequestSecurityTokenResponses());
+ assertEquals("Unexpected number of responses", 1, parsedCollection.getRequestSecurityTokenResponses().size());
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/wstrust/WSTrustServiceFactoryUnitTestCase.java 2009-04-28 14:58:51 UTC (rev 464)
@@ -0,0 +1,105 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.api.wstrust;
+
+import java.security.PrivilegedActionException;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.api.wstrust.STSConfiguration;
+import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.StandardRequestHandler;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
+import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the behavior of the {@code WSTrustServiceFactory} class.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ */
+public class WSTrustServiceFactoryUnitTestCase extends TestCase
+{
+
+ /**
+ * <p>
+ * Tests the creation of a {@code WSTrustRequestHandler} instance.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testCreateRequestHandler() throws Exception
+ {
+ STSConfiguration config = new MockSTSConfiguration();
+ WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
+
+ // tests the creation of the request handler.
+ WSTrustRequestHandler handler = factory.createRequestHandler(
+ "org.jboss.identity.federation.api.wstrust.StandardRequestHandler", config);
+ assertNotNull("Unexpected null request handler", handler);
+ assertTrue("Unexpected request handler type", handler instanceof StandardRequestHandler);
+
+ // try to create an invalid instance of request handler.
+ try
+ {
+ factory.createRequestHandler("InvalidHandler", config);
+ fail("An exception should have been raised");
+ }
+ catch (RuntimeException re)
+ {
+ assertTrue(re.getCause() instanceof PrivilegedActionException);
+ }
+ }
+
+ /**
+ * <p>
+ * Tests the creation of {@code SecurityTokenProvider}s.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testCreateTokenProvider() throws Exception
+ {
+ WSTrustServiceFactory factory = WSTrustServiceFactory.getInstance();
+ SecurityTokenProvider provider = factory
+ .createTokenProvider("org.jboss.test.identity.federation.api.wstrust.StandardTokenProvider");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof StandardTokenProvider);
+ provider = factory
+ .createTokenProvider("org.jboss.test.identity.federation.api.wstrust.SpecialTokenProvider");
+ assertNotNull("Unexpected null token provider", provider);
+ assertTrue("Unexpected token provider type", provider instanceof SpecialTokenProvider);
+
+ // try to create an invalid token provider.
+ try
+ {
+ factory.createTokenProvider("InvalidTokenProvider");
+ fail("An exception should have been raised");
+ }
+ catch(RuntimeException re)
+ {
+ assertTrue(re.getCause() instanceof PrivilegedActionException);
+ }
+
+ }
+}
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r463 - in identity-federation/trunk: jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2009-04-28 10:53:13 -0400 (Tue, 28 Apr 2009)
New Revision: 463
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSConfiguration.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
Log:
JBID-78: Added methods to allow access to the signing key and to the public keys of the service providers.
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSConfiguration.java 2009-04-27 09:32:40 UTC (rev 462)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/trust/JBossSTSConfiguration.java 2009-04-28 14:53:13 UTC (rev 463)
@@ -28,6 +28,7 @@
import org.jboss.identity.federation.api.wstrust.STSConfiguration;
import org.jboss.identity.federation.api.wstrust.SecurityTokenProvider;
+import org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler;
import org.jboss.identity.federation.api.wstrust.WSTrustServiceFactory;
import org.jboss.identity.federation.bindings.config.KeyProviderType;
import org.jboss.identity.federation.bindings.config.STSType;
@@ -58,6 +59,8 @@
private TrustKeyManager trustManager;
+ private WSTrustRequestHandler handler;
+
/**
* <p>
* Creates an instance of {@code JBossSTSConfiguration} with default configuration values.
@@ -150,7 +153,8 @@
*/
public long getIssuedTokenTimeout()
{
- return this.delegate.getTokenTimeout();
+ // return the timeout value in milliseconds.
+ return this.delegate.getTokenTimeout() * 1000;
}
/*
@@ -158,9 +162,12 @@
*
* @see org.jboss.identity.federation.api.wstrust.STSConfiguration#getRequestHandlerClass()
*/
- public String getRequestHandlerClass()
+ public WSTrustRequestHandler getRequestHandler()
{
- return this.delegate.getRequestHandler();
+ if (this.handler == null)
+ this.handler = WSTrustServiceFactory.getInstance().createRequestHandler(
+ this.delegate.getRequestHandler(), this);
+ return this.handler;
}
/*
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-04-27 09:32:40 UTC (rev 462)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/STSConfiguration.java 2009-04-28 14:53:13 UTC (rev 463)
@@ -64,12 +64,12 @@
/**
* <p>
- * Obtains the fully-qualified name of the request handler class.
+ * Obtains the WS-Trust request handler class.
* </p>
*
- * @return a {@code String} representing the request handler FQN.
+ * @return a reference to the configured {@code WSTrustRequestHandler}.
*/
- public String getRequestHandlerClass();
+ public WSTrustRequestHandler getRequestHandler();
/**
* <p>
15 years, 8 months
- 1
- 0
JBoss Identity SVN: r462 - idm/trunk/idm-api/src/main/java/org/jboss/identity/idm/api.
by jboss-identity-commits@lists.jboss.org
Author: bdaw
Date: 2009-04-27 05:32:40 -0400 (Mon, 27 Apr 2009)
New Revision: 462
Modified:
idm/trunk/idm-api/src/main/java/org/jboss/identity/idm/api/RoleManager.java
Log:
fix bad method naming
Modified: idm/trunk/idm-api/src/main/java/org/jboss/identity/idm/api/RoleManager.java
===================================================================
--- idm/trunk/idm-api/src/main/java/org/jboss/identity/idm/api/RoleManager.java 2009-04-24 11:42:10 UTC (rev 461)
+++ idm/trunk/idm-api/src/main/java/org/jboss/identity/idm/api/RoleManager.java 2009-04-27 09:32:40 UTC (rev 462)
@@ -52,7 +52,7 @@
*
* @return
*/
- IdentitySearchCriteria createIdentitySearchConstraints();
+ IdentitySearchCriteria createIdentitySearchCriteria();
// RoleType
15 years, 8 months
- 1
- 0