JBoss Identity SVN: r781 - in identity-federation/trunk: jboss-identity-web/src/main/resources and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-10 14:42:17 -0400 (Thu, 10 Sep 2009)
New Revision: 781
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema/
Removed:
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/
Log:
JBID-187: move the config schema from the web module to the core.
Copied: identity-federation/trunk/jboss-identity-fed-core/src/main/resources/schema (from rev 780, identity-federation/trunk/jboss-identity-web/src/main/resources/schema)
14 years, 7 months
JBoss Identity SVN: r780 - in identity-federation/trunk: jboss-identity-bindings/src/test/resources/config and 16 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-10 14:37:01 -0400 (Thu, 10 Sep 2009)
New Revision: 780
Added:
identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/
identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatAttributeManager.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/AttributeConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/DelegatedAttributeManager.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/AttributeManager.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/managers/
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/managers/WebAttributeManager.java
Modified:
identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml
identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
identity-federation/trunk/jboss-identity-fed-core/pom.xml
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/jsp/login.jsp
Log:
JBID-152: phase1 commits
Added: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatAttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/TomcatAttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,46 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.bindings.tomcat;
+
+import java.security.Principal;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+
+/**
+ * An implementation of attribute manager to get
+ * attributes of an identity
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 31, 2009
+ */
+public class TomcatAttributeManager implements AttributeManager
+{
+ /**
+ * @see AttributeManager#getAttributes(Principal, List)
+ */
+ public Map<String, Object> getAttributes(Principal userPrincipal,
+ List<String> attributeKeys)
+ {
+ throw new RuntimeException("Not Implemented");
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-bindings/src/test/resources/config/test-config-4.xml 2009-09-10 18:37:01 UTC (rev 780)
@@ -7,14 +7,18 @@
</KeyProvider>
<RequestHandler>org.jboss.identity.federation.wstrust.Handler</RequestHandler>
<TokenProviders>
- <TokenProvider ProviderClass="org.jboss.SpecialTokenProvider" TokenType="specialToken"
- TokenElement="SpecialToken" TokenElementNS="http://www.tokens.org">
+ <TokenProvider
+ ProviderClass="org.jboss.SpecialTokenProvider"
+ TokenType="specialToken"
+ TokenElement="SpecialToken"
+ TokenElementNS="http://www.tokens.org">
<Property Name="Property1" Value="Value1"/>
<Property Name="Property2" Value="Value2"/>
</TokenProvider>
</TokenProviders>
<ServiceProviders>
- <ServiceProvider Endpoint="http://provider.endpoint/provider" TokenType="specialToken"
- TruststoreAlias="providerAlias"/>
+ <ServiceProvider Endpoint="http://provider.endpoint/provider"
+ TokenType="specialToken"
+ TruststoreAlias="providerAlias"/>
</ServiceProviders>
</JBossSTS>
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-09-10 18:37:01 UTC (rev 780)
@@ -70,8 +70,14 @@
</dependency>
<dependency>
<groupId>org.jboss.security</groupId>
+ <artifactId>jboss-security-spi</artifactId>
+ <version>2.0.4</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
<artifactId>jbosssx</artifactId>
- <version>2.0.2.SP6</version>
+ <version>2.0.4</version>
<scope>compile</scope>
</dependency>
<dependency>
Added: identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.bindings.jboss.attribute;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.identity.Attribute;
+import org.jboss.security.mapping.MappingContext;
+import org.jboss.security.mapping.MappingManager;
+import org.jboss.security.mapping.MappingType;
+
+/**
+ * An attribute manager implementation for JBAS
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 8, 2009
+ */
+public class JBossAppServerAttributeManager implements AttributeManager
+{
+ private static Logger log = Logger.getLogger(JBossAppServerAttributeManager.class);
+ private boolean trace = log.isTraceEnabled();
+
+ /**
+ * @see AttributeManager#getAttributes(Principal, List)
+ */
+ public Map<String, Object> getAttributes(Principal userPrincipal, List<String> attributeKeys)
+ {
+ Map<String,Object> attributeMap = new HashMap<String, Object>();
+
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc != null)
+ {
+ String mappingType = MappingType.ATTRIBUTE.name();
+ MappingManager mm = sc.getMappingManager();
+ MappingContext<List<Attribute<Object>>> mc = mm.getMappingContext(mappingType) ;
+
+ if(mc == null)
+ {
+ log.error("Mapping Context returned is null");
+ return attributeMap;
+ }
+
+ Map<String, Object> contextMap = new HashMap<String, Object>();
+ contextMap.put(SecurityConstants.PRINCIPAL_IDENTIFIER, userPrincipal);
+
+
+ List<Attribute<Object>> attList = new ArrayList<Attribute<Object>>();
+
+ try
+ {
+ mc.performMapping(contextMap, attList);
+ }
+ catch(Exception e)
+ {
+ log.error("Exception in attribute mapping:", e);
+ }
+ attList = (List<Attribute<Object>>) mc.getMappingResult().getMappedObject();
+
+ if(attList != null)
+ {
+ for(Attribute<Object> attribute: attList)
+ {
+ attributeMap.put(attribute.getName(),attribute.getValue());
+ }
+ }
+ }
+ else
+ {
+ if(trace)
+ {
+ log.trace("Could not obtain security context.");
+ }
+ }
+
+ return attributeMap;
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-09-10 18:37:01 UTC (rev 780)
@@ -57,6 +57,12 @@
<artifactId>openid4java</artifactId>
</dependency>
<dependency>
+ <groupId>sun-jaxws</groupId>
+ <artifactId>jaxws-api</artifactId>
+ <version>2.1.1</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
<groupId>stax</groupId>
<artifactId>stax-api</artifactId>
<version>1.0</version>
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/AuthPropertyType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -3,7 +3,6 @@
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2009.09.03 at 01:21:42 PM BRT
-//
package org.jboss.identity.federation.core.config;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncAlgoType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -3,9 +3,7 @@
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2009.09.03 at 01:21:42 PM BRT
-//
-
package org.jboss.identity.federation.core.config;
import javax.xml.bind.annotation.XmlEnum;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/EncryptionType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,10 +2,8 @@
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
-//
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
-
package org.jboss.identity.federation.core.config;
import javax.xml.bind.annotation.XmlAccessType;
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/IDPType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -34,6 +34,7 @@
* </sequence>
* <attribute name="AssertionValidity" type="{http://www.w3.org/2001/XMLSchema}long" default="300000" />
* <attribute name="RoleGenerator" type="{http://www.w3.org/2001/XMLSchema}string" default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator" />
+ * <attribute name="AttributeManager" type="{http://www.w3.org/2001/XMLSchema}string" default="org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager" />
* <attribute name="Encrypt" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" />
* </extension>
* </complexContent>
@@ -56,6 +57,8 @@
protected Long assertionValidity;
@XmlAttribute(name = "RoleGenerator")
protected String roleGenerator;
+ @XmlAttribute(name = "AttributeManager")
+ protected String attributeManager;
@XmlAttribute(name = "Encrypt")
protected Boolean encrypt;
@@ -140,6 +143,34 @@
}
/**
+ * Gets the value of the attributeManager property.
+ *
+ * @return
+ * possible object is
+ * {@link String }
+ *
+ */
+ public String getAttributeManager() {
+ if (attributeManager == null) {
+ return "org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager";
+ } else {
+ return attributeManager;
+ }
+ }
+
+ /**
+ * Sets the value of the attributeManager property.
+ *
+ * @param value
+ * allowed object is
+ * {@link String }
+ *
+ */
+ public void setAttributeManager(String value) {
+ this.attributeManager = value;
+ }
+
+ /**
* Gets the value of the encrypt property.
*
* @return
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyProviderType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,7 +2,7 @@
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/KeyValueType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,7 +2,7 @@
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/MetadataProviderType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,7 +2,7 @@
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ObjectFactory.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -41,32 +41,34 @@
*/
public ObjectFactory() {
}
+
/**
- * Create an instance of {@link KeyProviderType }
+ * Create an instance of {@link TokenProviderType }
*
- */
- public KeyProviderType createKeyProviderType() {
- return new KeyProviderType();
- }
-
- /**
- * Create an instance of {@link TokenProviderType }
- *
- */
+ */
public TokenProviderType createTokenProviderType() {
- return new TokenProviderType();
+ return new TokenProviderType();
}
-
- /**
- * Create an instance of {@link SPType }
- *
- */
+
+
+ /**
+ * Create an instance of {@link SPType }
+ *
+ */
public SPType createSPType() {
return new SPType();
}
/**
+ * Create an instance of {@link ProviderType }
+ *
+ */
+ public ProviderType createProviderType() {
+ return new ProviderType();
+ }
+
+ /**
* Create an instance of {@link ServiceProvidersType }
*
*/
@@ -98,23 +100,48 @@
return new ClaimProviderType();
}
- /**
- * Create an instance of {@link STSType }
+ /**
+ * Create an instance of {@link TrustType }
*
- */
+ */
+ public TrustType createTrustType() {
+ return new TrustType();
+ }
+
+ /**
+ * Create an instance of {@link STSType }
+ *
+ */
public STSType createSTSType() {
- return new STSType();
+ return new STSType();
}
/**
+ * Create an instance of {@link KeyProviderType }
+ *
+ */
+ public KeyProviderType createKeyProviderType() {
+ return new KeyProviderType();
+ }
+
+ /**
* Create an instance of {@link PropertyType }
*
- */
+ */
+
public PropertyType createPropertyType() {
return new PropertyType();
}
/**
+ * Create an instance of {@link KeyValueType }
+ *
+ */
+ public KeyValueType createKeyValueType() {
+ return new KeyValueType();
+ }
+
+ /**
* Create an instance of {@link EncryptionType }
*
*/
@@ -122,45 +149,23 @@
return new EncryptionType();
}
- /**
- * Create an instance of {@link TrustType }
+ /**
+ * Create an instance of {@link MetadataProviderType }
*
*/
- public TrustType createTrustType() {
- return new TrustType();
- }
-
- /**
- * Create an instance of {@link MetadataProviderType }
- *
- */
public MetadataProviderType createMetadataProviderType() {
return new MetadataProviderType();
- }
+ }
+
/**
- * Create an instance of {@link KeyValueType }
+ * Create an instance of {@link IDPType }
*
- */
- public KeyValueType createKeyValueType() {
- return new KeyValueType();
- }
-
- /**
- * Create an instance of {@link IDPType }
- *
- */
+ */
public IDPType createIDPType() {
- return new IDPType();
+ return new IDPType();
}
- /**
- * Create an instance of {@link ProviderType }
- *
- */
- public ProviderType createProviderType() {
- return new ProviderType();
- }
/**
* Create an instance of {@link ServiceProviderType }
@@ -186,7 +191,6 @@
public JAXBElement<IDPType> createJBossIDP(IDPType value) {
return new JAXBElement<IDPType>(_JBossIDP_QNAME, IDPType.class, null, value);
}
-
/**
* Create an instance of {@link JAXBElement }{@code <}{@link STSType }{@code >}}
*
@@ -205,4 +209,4 @@
return new JAXBElement<SPType>(_JBossSP_QNAME, SPType.class, null, value);
}
-}
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ProviderType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/SPType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,7 +2,7 @@
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/STSType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProviderType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@@ -30,7 +30,12 @@
* <complexType name="ServiceProviderType">
* <complexContent>
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+<<<<<<< .mine
* <attribute name="Endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ * <attribute name="TruststoreAlias" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+=======
+ * <attribute name="Endpoint" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+>>>>>>> .r772
* <attribute name="TokenType" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
* <attribute name="TruststoreAlias" type="{http://www.w3.org/2001/XMLSchema}string" />
* </restriction>
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/ServiceProvidersType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProviderType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TokenProvidersType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/TrustType.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/config/package-info.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -1,8 +1,8 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2009.09.03 at 01:21:42 PM BRT
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2009.09.03 at 01:21:42 PM BRT
//
@javax.xml.bind.annotation.XmlSchema(namespace = "urn:jboss:identity-federation:config:1.0", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED)
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/AttributeConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/AttributeConstants.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/constants/AttributeConstants.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.constants;
+
+/**
+ * Constants for attributes
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 31, 2009
+ */
+public interface AttributeConstants
+{
+ String COUNTRY = "country";
+ String EMAIL_ADDRESS = "email";
+ String EMPLOYEE_TYPE = "employeeType";
+ String EMPLOYEE_NUMBER = "employeeNumber";
+ String GIVEN_NAME = "givenName";
+ String PREFERRED_LANGUAGE = "preferredLanguage";
+ String PO_BOX = "postOfficeBox";
+ String POSTAL_CODE = "postalCode";
+ String POSTAL_ADDRESS ="postalAddress";
+ String SURNAME = "surname";
+ String STREET = "street";
+ String TITLE = "title";
+ String TELEPHONE = "telephoneNumber";
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/DelegatedAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/DelegatedAttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/DelegatedAttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.impl;
+
+import java.security.Principal;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+
+/**
+ * An attribute manager that delegates to
+ * another manager for attributes
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 31, 2009
+ */
+public class DelegatedAttributeManager implements AttributeManager
+{
+ private AttributeManager delegate = new EmptyAttributeManager();
+
+ public DelegatedAttributeManager()
+ {
+ }
+
+ /**
+ * Set the delegate
+ * @param manager
+ */
+ public void setDelegate(AttributeManager manager)
+ {
+ this.delegate = manager;
+ }
+
+ /**
+ * Is the delegate set?
+ * @return
+ */
+ public boolean isDelegateSet()
+ {
+ return this.delegate != null;
+ }
+
+ /**
+ * @see AttributeManager#getAttributes(Principal, List)
+ */
+ public Map<String, Object> getAttributes(Principal userPrincipal, List<String> attributeKeys)
+ {
+ if(delegate == null)
+ throw new RuntimeException("Delegate is not set");
+ return delegate.getAttributes(userPrincipal, attributeKeys);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/impl/EmptyAttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.impl;
+
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+
+/**
+ * An attribute manager implementation that just returns
+ * an empty attribute map
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 10, 2009
+ */
+public class EmptyAttributeManager implements AttributeManager
+{
+ /**
+ * @see AttributeManager#getAttributes(Principal, List)
+ */
+ public Map<String, Object> getAttributes(Principal userPrincipal,
+ List<String> attributeKeys)
+ {
+ return new HashMap<String, Object>();
+ }
+}
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/AttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/AttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/interfaces/AttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.interfaces;
+
+import java.security.Principal;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Manages the attributes for an identity
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 31, 2009
+ */
+public interface AttributeManager
+{
+ /**
+ * Given a set of keys, get back attributes
+ * @param userPrincipal Principal for whom attributes need to be retrieved
+ * @param attributeKeys
+ * @return
+ */
+ Map<String, Object> getAttributes(Principal userPrincipal,
+ List<String> attributeKeys);
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.util;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.jboss.identity.federation.core.constants.AttributeConstants;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
+import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory;
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
+
+/**
+ * Deals with SAML2 Statements
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 31, 2009
+ */
+public class StatementUtil
+{
+ private static ObjectFactory factory = new ObjectFactory();
+
+ public static List<StatementAbstractType> createStatements(Map<String,Object> attributes)
+ {
+ List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+
+ Set<String> keys = attributes.keySet();
+ for(String key: keys)
+ {
+ Object value = attributes.get(key);
+
+ if(AttributeConstants.EMAIL_ADDRESS.equals(key))
+ {
+ AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ AttributeType att = factory.createAttributeType();
+ att.setNameFormat(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get());
+
+ //rolename
+ att.getAttributeValue().add(value);
+ attrStatement.getAttributeOrEncryptedAttribute().add(att);
+ statements.add(attrStatement);
+ }
+ }
+ return statements;
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/managers/WebAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/managers/WebAttributeManager.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/managers/WebAttributeManager.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -0,0 +1,45 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.managers;
+
+import java.security.Principal;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+
+/**
+ * A default attribute manager for web applications
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 10, 2009
+ */
+public class WebAttributeManager implements AttributeManager
+{
+ /**
+ * @see AttributeManager#getAttributes(Principal, List)
+ */
+ public Map<String, Object> getAttributes(Principal userPrincipal,
+ List<String> attributeKeys)
+ {
+ throw new RuntimeException("Not implemented");
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPLoginServlet.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -78,6 +78,9 @@
log("No username or password found. Redirecting to login page");
this.saveRequest(request, session);
+ if(response.isCommitted())
+ throw new RuntimeException("Response is committed. Cannot forward to login page.");
+
this.redirectToLoginPage(request, response);
}
else
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/servlets/IDPServlet.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -26,7 +26,9 @@
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PublicKey;
+import java.util.ArrayList;
import java.util.List;
+import java.util.StringTokenizer;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
@@ -41,6 +43,8 @@
import org.jboss.identity.federation.core.config.KeyProviderType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.impl.DelegatedAttributeManager;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -73,7 +77,11 @@
protected transient IDPType idpConfiguration = null;
private transient RoleGenerator rg = new DefaultRoleGenerator();
+
+ private transient DelegatedAttributeManager attribManager = new DelegatedAttributeManager();
+ private List<String> attributeKeys = new ArrayList<String>();
+
private long assertionValidity = 5000; // 5 seconds in miliseconds
private String identityURL = null;
@@ -106,6 +114,15 @@
this.identityURL = idpConfiguration.getIdentityURL();
log.trace("Identity Provider URL=" + this.identityURL);
this.assertionValidity = idpConfiguration.getAssertionValidity();
+
+ //Get the attribute manager
+ String attributeManager = idpConfiguration.getAttributeManager();
+ if(attributeManager != null && !"".equals(attributeManager))
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ AttributeManager delegate = (AttributeManager) tcl.loadClass(attributeManager).newInstance();
+ this.attribManager.setDelegate(delegate);
+ }
}
catch (Exception e)
{
@@ -142,6 +159,17 @@
String rgString = config.getInitParameter("ROLE_GENERATOR");
if(rgString != null && !"".equals(rgString))
this.setRoleGenerator(rgString);
+
+ //Get a list of attributes we are interested in
+ String attribList = config.getInitParameter("ATTRIBUTE_KEYS");
+ if(attribList != null && !"".equals(attribList))
+ {
+ StringTokenizer st = new StringTokenizer(attribList,",");
+ while(st != null && st.hasMoreTokens())
+ {
+ this.attributeKeys.add(st.nextToken());
+ }
+ }
}
@SuppressWarnings("unchecked")
@@ -170,6 +198,8 @@
IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request,
idpConfiguration, keyManager);
+ webRequestUtil.setAttributeManager(this.attribManager);
+ webRequestUtil.setAttributeKeys(attributeKeys);
if(userPrincipal != null)
{
@@ -272,6 +302,9 @@
{
try
{
+ if(samlResponse == null)
+ throw new ServletException("SAML Response has not been generated");
+
if(this.signOutgoingMessages)
webRequestUtil.send(samlResponse, destination,relayState, response, true,
this.keyManager.getSigningKey());
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-10 18:37:01 UTC (rev 780)
@@ -30,6 +30,7 @@
import java.security.Principal;
import java.security.PrivateKey;
import java.util.List;
+import java.util.Map;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
@@ -45,8 +46,9 @@
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-import org.jboss.identity.federation.core.exceptions.ParsingException;
-import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -54,11 +56,13 @@
import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
@@ -79,6 +83,8 @@
private IDPType idpConfiguration;
private TrustKeyManager keyManager;
+ private AttributeManager attributeManager;
+ private List<String> attribKeys;
public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym)
{
@@ -88,6 +94,16 @@
this.postProfile = "POST".equals(request.getMethod());
}
+ public void setAttributeKeys(List<String> attribKeys)
+ {
+ this.attribKeys = attribKeys;
+ }
+
+ public void setAttributeManager(AttributeManager attributeManager)
+ {
+ this.attributeManager = attributeManager;
+ }
+
public boolean hasSAMLRequestInRedirectProfile()
{
return redirectProfile;
@@ -148,7 +164,6 @@
sp.setResponseDestinationURI(assertionConsumerURL);
responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
-
//Add information on the roles
AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
@@ -157,6 +172,15 @@
//Add timed conditions
saml2Response.createTimedConditions(assertion, assertionValidity);
+
+ //Add in the attributes information
+ if(this.attributeManager != null)
+ {
+ Map<String, Object> attribs =
+ attributeManager.getAttributes(userPrincipal, this.attribKeys);
+ List<StatementAbstractType> stats = StatementUtil.createStatements(attribs);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(stats);
+ }
//Lets see how the response looks like
if(log.isTraceEnabled())
Modified: identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-web/src/main/resources/schema/config/jboss-identity-fed.xsd 2009-09-10 18:37:01 UTC (rev 780)
@@ -23,6 +23,10 @@
use="optional"
default="org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator">
</attribute>
+ <attribute name="AttributeManager" type="string"
+ use="optional"
+ default="org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager">
+ </attribute>
<attribute name="Encrypt" type="boolean" use="optional"
default="false">
</attribute>
Modified: identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/jsp/login.jsp
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/jsp/login.jsp 2009-09-10 17:44:51 UTC (rev 779)
+++ identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/jsp/login.jsp 2009-09-10 18:37:01 UTC (rev 780)
@@ -2,12 +2,12 @@
<body>
<font size='5' color='blue'>Please Login</font><hr>
-<form action='j_security_check' method='post'>
+<form action='<%=application.getContextPath()%>/' method='post'>
<table>
<tr><td>Name:</td>
- <td><input type='text' name='j_username'></td></tr>
+ <td><input type='text' name='JBID_USERNAME'></td></tr>
<tr><td>Password:</td>
- <td><input type='password' name='j_password' size='8'></td>
+ <td><input type='password' name='JBID_PASSWORD' size='8'></td>
</tr>
</table>
<br>
14 years, 7 months
JBoss Identity SVN: r779 - in identity-federation/trunk/jboss-identity-webapps: sales-standalone/src/main/webapp/WEB-INF and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-10 13:44:51 -0400 (Thu, 10 Sep 2009)
New Revision: 779
Modified:
identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/WEB-INF/web.xml
identity-federation/trunk/jboss-identity-webapps/sales-standalone/src/main/webapp/WEB-INF/web.xml
Log:
fix the order of web.xml elements
Modified: identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/WEB-INF/web.xml 2009-09-10 15:02:44 UTC (rev 778)
+++ identity-federation/trunk/jboss-identity-webapps/idp-standalone/src/main/webapp/WEB-INF/web.xml 2009-09-10 17:44:51 UTC (rev 779)
@@ -9,23 +9,6 @@
IDP Standalone Application
</description>
- <!-- Define the login filter -->
-<!--
- <filter>
- <filter-name>LoginFilter</filter-name>
- <filter-class>org.jboss.identity.federation.web.filters.LoginFilter</filter-class>
- <description>
- The Login Filter will do the login for the IDP.
- </description>
- </filter>
-
- <filter-mapping>
- <filter-name>LoginFilter</filter-name>
- <url-pattern>/*</url-pattern>
- <dispatcher>REQUEST</dispatcher>
- </filter-mapping>
- -->
-
<!-- Create the servlet -->
<servlet>
<servlet-name>IDPLoginServlet</servlet-name>
@@ -37,13 +20,13 @@
</servlet>
<servlet-mapping>
- <url-pattern>/</url-pattern>
<servlet-name>IDPLoginServlet</servlet-name>
+ <url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
- <url-pattern>/IDPServlet</url-pattern>
<servlet-name>IDPServlet</servlet-name>
+ <url-pattern>/IDPServlet</url-pattern>
</servlet-mapping>
</web-app>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-standalone/src/main/webapp/WEB-INF/web.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-standalone/src/main/webapp/WEB-INF/web.xml 2009-09-10 15:02:44 UTC (rev 778)
+++ identity-federation/trunk/jboss-identity-webapps/sales-standalone/src/main/webapp/WEB-INF/web.xml 2009-09-10 17:44:51 UTC (rev 779)
@@ -7,15 +7,15 @@
<description>Sales Standalone Application</description>
<filter>
+ <description>
+ The SP Filter intersects all requests at the SP and sees if there is a need to contact the IDP.
+ </description>
<filter-name>SPFilter</filter-name>
<filter-class>org.jboss.identity.federation.web.filters.SPFilter</filter-class>
<init-param>
<param-name>ROLES</param-name>
<param-value>sales,manager</param-value>
</init-param>
- <description>
- The SP Filter intersects all requests at the SP and sees if there is a need to contact the IDP.
- </description>
</filter>
<filter-mapping>
14 years, 7 months
JBoss Identity SVN: r778 - identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-10 11:02:44 -0400 (Thu, 10 Sep 2009)
New Revision: 778
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
Log:
JBID-189: add check
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-09-10 15:00:53 UTC (rev 777)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/wstrust/StandardRequestHandler.java 2009-09-10 15:02:44 UTC (rev 778)
@@ -285,6 +285,10 @@
Node securityToken = request.getValidateTargetElement().getFirstChild();
SecurityTokenProvider provider = this.configuration.getProviderForTokenElementNS(
securityToken.getLocalName(), securityToken.getNamespaceURI());
+ if (provider == null)
+ throw new WSTrustException("No SecurityTokenProvider configured for "
+ + securityToken.getNamespaceURI() + ":" + securityToken.getLocalName());
+
WSTrustRequestContext context = new WSTrustRequestContext(request, callerPrincipal);
StatusType status = null;
14 years, 7 months
JBoss Identity SVN: r776 - identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-10 10:57:07 -0400 (Thu, 10 Sep 2009)
New Revision: 776
Modified:
identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources/jboss-sts.xml
Log:
JBID-188: fix the package name
Modified: identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources/jboss-sts.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources/jboss-sts.xml 2009-09-08 22:34:24 UTC (rev 775)
+++ identity-federation/trunk/jboss-identity-webapps/jboss-sts/src/main/resources/jboss-sts.xml 2009-09-10 14:57:07 UTC (rev 776)
@@ -8,7 +8,7 @@
<ValidatingAlias Key="http://services.testcorp.org/provider1" Value="service1"/>
</KeyProvider>
<TokenProviders>
- <TokenProvider ProviderClass="org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider"
+ <TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
</TokenProviders>
<ServiceProviders>
14 years, 7 months
JBoss Identity SVN: r775 - in authz/trunk: component-spec and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-08 18:34:24 -0400 (Tue, 08 Sep 2009)
New Revision: 775
Added:
authz/trunk/component-spec/
Removed:
authz/trunk/public-api/
Modified:
authz/trunk/.classpath
authz/trunk/component-spec/pom.xml
authz/trunk/core-components/pom.xml
authz/trunk/pom.xml
Log:
refactoring. renaming public-api to component-spec
Modified: authz/trunk/.classpath
===================================================================
--- authz/trunk/.classpath 2009-09-08 22:17:14 UTC (rev 774)
+++ authz/trunk/.classpath 2009-09-08 22:34:24 UTC (rev 775)
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry kind="src" path="public-api/src/main/java"/>
+ <classpathentry kind="src" path="component-spec/src/main/java"/>
<classpathentry kind="src" path="common/src/main/java"/>
<classpathentry kind="src" path="common/src/main/resources"/>
<classpathentry kind="src" path="common/src/test/java"/>
Copied: authz/trunk/component-spec (from rev 774, authz/trunk/public-api)
Modified: authz/trunk/component-spec/pom.xml
===================================================================
--- authz/trunk/public-api/pom.xml 2009-09-08 22:17:14 UTC (rev 774)
+++ authz/trunk/component-spec/pom.xml 2009-09-08 22:34:24 UTC (rev 775)
@@ -7,11 +7,11 @@
</parent>
<modelVersion>4.0.0</modelVersion>
- <artifactId>public-api</artifactId>
+ <artifactId>component-spec</artifactId>
<packaging>jar</packaging>
- <name>Public Developer API</name>
+ <name>Authz Component Spec</name>
<url>http://www.jboss.org</url>
- <description>The Public API For Developers using the Framework. API is based on the "Authorization Component" Spec</description>
+ <description>"Authorization Component" Spec. A Specification to be adhered to by security components processed by the framework</description>
<dependencies>
<!-- jboss xacml -->
Modified: authz/trunk/core-components/pom.xml
===================================================================
--- authz/trunk/core-components/pom.xml 2009-09-08 22:17:14 UTC (rev 774)
+++ authz/trunk/core-components/pom.xml 2009-09-08 22:34:24 UTC (rev 775)
@@ -16,7 +16,7 @@
<dependencies>
<dependency>
<groupId>org.jboss.security.authz</groupId>
- <artifactId>public-api</artifactId>
+ <artifactId>component-spec</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
Modified: authz/trunk/pom.xml
===================================================================
--- authz/trunk/pom.xml 2009-09-08 22:17:14 UTC (rev 774)
+++ authz/trunk/pom.xml 2009-09-08 22:34:24 UTC (rev 775)
@@ -10,7 +10,7 @@
<description>JBoss Authorization</description>
<modules>
- <module>public-api</module>
+ <module>component-spec</module>
<module>common</module>
<module>core-components</module>
<module>agent</module>
14 years, 8 months
JBoss Identity SVN: r774 - in authz/trunk: core-components/src/main/java/org/jboss/security/authz/components/subject and 2 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-08 18:17:14 -0400 (Tue, 08 Sep 2009)
New Revision: 774
Added:
authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/BooleanExpression.java
Removed:
authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicExpression.java
Modified:
authz/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java
authz/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Roles.java
authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml
Log:
some refactoring/documentation
Modified: authz/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java
===================================================================
--- authz/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java 2009-09-08 18:05:46 UTC (rev 773)
+++ authz/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/AnnotationProcessor.java 2009-09-08 22:17:14 UTC (rev 774)
@@ -30,7 +30,7 @@
import org.jboss.security.authz.component.Component;
import org.jboss.security.authz.component.ComponentCategory;
import org.jboss.security.authz.component.SecurityContextData;
-import org.jboss.security.authz.component.LogicExpression;
+import org.jboss.security.authz.component.BooleanExpression;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -82,7 +82,7 @@
{
for(Method declaredMethod: declaredMethods)
{
- Annotation logicExpression = declaredMethod.getAnnotation(LogicExpression.class);
+ Annotation logicExpression = declaredMethod.getAnnotation(BooleanExpression.class);
if(logicExpression != null)
{
if(declaredMethod.getName().equals(expressionName))
Modified: authz/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Roles.java
===================================================================
--- authz/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-09-08 18:05:46 UTC (rev 773)
+++ authz/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-09-08 22:17:14 UTC (rev 774)
@@ -32,7 +32,7 @@
import org.jboss.security.authz.component.ComponentType;
import org.jboss.security.authz.component.ComponentCategory;
import org.jboss.security.authz.component.SecurityContextData;
-import org.jboss.security.authz.component.LogicExpression;
+import org.jboss.security.authz.component.BooleanExpression;
/**
* The Role Policy Component represents the "Roles" that are assigned to users of a System
@@ -143,7 +143,7 @@
*
* @return the rule
*/
- @LogicExpression
+ @BooleanExpression
public String[] allowExpression()
{
String ruleReference = "roles://allowRule/"+GeneralTool.generateUniqueId();
@@ -174,7 +174,7 @@
*
* @return the rule
*/
- @LogicExpression
+ @BooleanExpression
public String[] denyExpression()
{
String ruleReference = "roles://denyRule/"+GeneralTool.generateUniqueId();
Modified: authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml 2009-09-08 18:05:46 UTC (rev 773)
+++ authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml 2009-09-08 22:17:14 UTC (rev 774)
@@ -129,10 +129,30 @@
that the application state of the annotated field should be used during both, Enforcement Phase as well as Provisioning Phase of the framework.
</para>
</sect2>
- <sect2 id="LogicExpression">
- <title>LogicExpression</title>
+ <sect2 id="BooleanExpression">
+ <title>BooleanExpression</title>
<para>
+ <emphasis role="bold">BooleanExpression</emphasis> is a <emphasis>Method-level</emphasis> annotation that indicates component methods that generate the
+ <emphasis>boolean expression</emphasis> that can be optionally associated with one or more <link linkend="concepts.rule">Rule</link> associated with a
+ policy
</para>
+ <para>
+ The framework supports the following expression formats:
+ <itemizedlist>
+ <listitem>
+ <emphasis role="bold">Native XACML format:</emphasis> The system supports expressions constructed in XACML spec based XML. However, experience has shown that
+ using XML as an expression language is tedious and error prone. So other expression formats are supported as extensions to the rule engine.
+ </listitem>
+ <listitem>
+ <emphasis role="bold">Drools DRL format:</emphasis> The <ulink url="http://jboss.org/drools/">Drools Rule Engine</ulink> is integrated
+ as an extension to the core XACML rule engine, to allow <emphasis>boolean expressions</emphasis> specified in the DRL format
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> Supporting <emphasis>boolean expressions</emphasis> in the most natural way using <emphasis>Pure Java code</emphasis>
+ via the <ulink url="http://www.beanshell.org/">BeanShell</ulink> light-weight scripting environment is in the works.
+ </para>
</sect2>
</sect1>
</chapter>
Copied: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/BooleanExpression.java (from rev 773, authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicExpression.java)
===================================================================
--- authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/BooleanExpression.java (rev 0)
+++ authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/BooleanExpression.java 2009-09-08 22:17:14 UTC (rev 774)
@@ -0,0 +1,37 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.component;
+
+import java.lang.annotation.Target;
+import java.lang.annotation.Retention;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.RetentionPolicy;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+(a)Target(ElementType.METHOD)
+(a)Retention(RetentionPolicy.RUNTIME)
+public @interface BooleanExpression
+{
+
+}
Property changes on: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/BooleanExpression.java
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicExpression.java
===================================================================
--- authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicExpression.java 2009-09-08 18:05:46 UTC (rev 773)
+++ authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicExpression.java 2009-09-08 22:17:14 UTC (rev 774)
@@ -1,37 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.component;
-
-import java.lang.annotation.Target;
-import java.lang.annotation.Retention;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.RetentionPolicy;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-(a)Target(ElementType.METHOD)
-(a)Retention(RetentionPolicy.RUNTIME)
-public @interface LogicExpression
-{
-
-}
14 years, 8 months
JBoss Identity SVN: r773 - in authz/trunk: documentation/reference-guide/en/modules and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-08 14:05:46 -0400 (Tue, 08 Sep 2009)
New Revision: 773
Added:
authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml
Removed:
authz/trunk/documentation/reference-guide/en/modules/examples.xml
authz/trunk/documentation/reference-guide/en/modules/spi.xml
authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicData.java
authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/TargetUri.java
Modified:
authz/trunk/documentation/reference-guide/en/master.xml
authz/trunk/documentation/reference-guide/en/modules/concepts.xml
authz/trunk/documentation/reference-guide/en/modules/framework.xml
authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java
Log:
backing up some documentation
Modified: authz/trunk/documentation/reference-guide/en/master.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/master.xml 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/documentation/reference-guide/en/master.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -3,9 +3,9 @@
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<book lang="en">
<bookinfo>
- <title>JBoss Authorization Server</title>
+ <title>JBoss Authorization Service</title>
<subtitle>Reference Guide</subtitle>
- <releaseinfo>Preview Release</releaseinfo>
+ <releaseinfo>Alpha Release</releaseinfo>
<author>
<firstname>Sohil</firstname>
<surname>Shah</surname>
@@ -13,11 +13,16 @@
</author>
</bookinfo>
<toc/>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/introduction.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/concepts.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/architecture.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/framework.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/profiles.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/spi.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/examples.xml" />
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/introduction.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/concepts.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/architecture.xml"/>
+
+ <!--
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/samples.xml"/>
+ -->
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/framework.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/authz-component-spec.xml"/>
+ <!--
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/core-components.xml"/>
+ -->
</book>
\ No newline at end of file
Added: authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml (rev 0)
+++ authz/trunk/documentation/reference-guide/en/modules/authz-component-spec.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter id="authz-component-spec">
+ <chapterinfo>
+ <author>
+ <firstname>Sohil</firstname>
+ <surname>Shah</surname>
+ <email>sshah(a)redhat.com</email>
+ </author>
+ </chapterinfo>
+ <title>Authz Component Specification</title>
+ <sect1>
+ <title>Authz Component Specification</title>
+ <para>
+ <emphasis role="bold">Authz Component Specification</emphasis> represents the <emphasis>"contract"</emphasis> between the various
+ <emphasis>domain-oriented security components</emphasis> and the security framework. The framework
+ processes these components during both the <emphasis>Authorization phases</emphasis>.
+ During the <emphasis>Enforcement Phase</emphasis>, these components are translated into <emphasis>"facts"</emphasis> that
+ the rule engine bases its access decision upon.
+ During the <emphasis>Provisioning Phase</emphasis>, the framework processes these components to produce the "facts" and "expressions"
+ that will make up the new <emphasis>system (in our case, xacml) policy</emphasis>.
+ </para>
+ <para>
+ This specification is typically targeted towards low level Infrastructure Developers who <emphasis role="bold">may</emphasis> need
+ to extend the framework using <emphasis>custom components</emphasis>. The <emphasis>core set</emphasis> of components included with the framework should satisfy 90-95% of security requirements.
+ As far as the <emphasis>core set</emphasis> of components is concerned, the goal of the framework is to supply functionality that can easily satisfy usecases and goals targeted by the <ulink url="http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml">XACML specification</ulink>.
+ With this in mind, an Application Developer will most likely consume these components instead of writing their own components from scratch.
+ </para>
+ <sect2>
+ <title>Specification Rules</title>
+ <para>
+ An "Authz Component" must meet the following rules in order to be processed properly by the framework
+ <itemizedlist>
+ <listitem>
+ The component is a simple <emphasis>POJO (Plain Old Java Object)</emphasis>
+ </listitem>
+ <listitem>
+ It must have an <emphasis>empty public Constructor</emphasis>
+ </listitem>
+ <listitem>
+ The fields that represent the policy <emphasis>"facts"</emphasis> must have corresponding <emphasis>public accessors (getters and setters)</emphasis>
+ </listitem>
+ <listitem>
+ The various members of the component must be appropriately <emphasis>annotated</emphasis> to provide <emphasis>metadata</emphasis> information
+ for the framework.
+ The <link linkend="annotations">Annotations</link> are covered in greater detail a little later in this chapter
+ </listitem>
+ </itemizedlist>
+ </para>
+ </sect2>
+ </sect1>
+ <sect1 id="annotations">
+ <title>Annotations</title>
+ <sect2 id="component">
+ <title>Component</title>
+ <para>
+ <emphasis role="bold">Component</emphasis> is a <emphasis>Type-level</emphasis> annotation used to indicate that instances of the annotated class must be treated
+ by the framework as an <emphasis role="bold">Authz Component</emphasis>. This annotation has the following elements:
+ <itemizedlist>
+ <listitem>
+ <emphasis role="bold">name :</emphasis> used to represent the <emphasis>unique name</emphasis> of the component
+ </listitem>
+ <listitem>
+ <emphasis role="bold">type: </emphasis> used to represent whether the component represents the <link linkend="componentTypeTarget">Target</link> aspect or
+ the <link linkend="componentTypeLogic">Logic</link> aspect of the policy
+ </listitem>
+ <listitem>
+ <emphasis role="bold">category: </emphasis> used to represent the kind of data from an authorization perspective.
+ See <link linkend="componentCategory">ComponentCategory</link> for more details.
+ </listitem>
+ </itemizedlist>
+ </para>
+ </sect2>
+ <sect2 id="componentType">
+ <title>ComponentType</title>
+ <para>
+ <emphasis role="bold">ComponentType</emphasis> indicates <emphasis role="bold">what aspect of the security policy</emphasis> is being represented by the application state
+ of the component during the Provisioning Phase.
+ </para>
+ <para>
+ It is an enumeration type with the following values:
+ <itemizedlist>
+ <listitem id="componentTypeTarget">
+ <emphasis role="bold">Target: </emphasis> used to indicate that a component represents the <link linkend="concepts.target">Target</link> aspect of a policy
+ </listitem>
+ <listitem id="componentTypeLogic">
+ <emphasis role="bold">Logic: </emphasis> used to indicate that a component represents the <link linkend="concepts.rule">Rule</link> aspect of a policy
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> The <emphasis role="bold">ComponentType</emphasis> meta-data information is used during the <emphasis>Provisioning Phase</emphasis>.
+ As far as the application developer is concerned, they only need to populate the application state of the component. The low-level details of policy composition/generation, propagation, dynamic deployment, etc is handled
+ by the framework itself.
+ </para>
+ </sect2>
+ <sect2 id="componentCategory">
+ <title>ComponentCategory</title>
+ <para>
+ <emphasis role="bold">ComponentCategory</emphasis> indicates <emphasis role="bold">what type of security information</emphasis> is being represented by the application state of the component.
+ In fancy terms, it represents the semantic information associated with the component during the Enforcement Phase.
+ </para>
+ <para>
+ It is an enumeration type with the following values:
+ <itemizedlist>
+ <listitem id="componentCategorySubject">
+ <emphasis role="bold">Subject: </emphasis> used to indicate that the component indicates the <link linkend="concepts.subject">Subject</link> who is accessing the system
+ </listitem>
+ <listitem id="componentCategoryResource">
+ <emphasis role="bold">Resource: </emphasis> used to indicate that the component indicates the <link linkend="concepts.resource">Resource</link> being accessed
+ </listitem>
+ <listitem id="componentAction">
+ <emphasis role="bold">Action: </emphasis> used to indicate that the component indicates the <link linkend="concepts.action">Action</link> being executed upon the resource
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ As the framework evolves and adds support for more components, this particular entity will evolve correspondingly to indicate the proper semantics of the enforcement request.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> The <emphasis role="bold">ComponentCategory</emphasis> meta-data information is used during the <emphasis>Enforcement Phase</emphasis>.
+ As far as the application developer is concerned, they only need to populate the application state of the component. The low-level details of
+ policy matching, policy rule evaluation, asserting 'Permit' or 'Deny' state, etc is handled by the framework.
+ </para>
+ </sect2>
+ <sect2 id="securityContextData">
+ <title>SecurityContextData</title>
+ <para>
+ <emphasis role="bold">SecurityContextData</emphasis> is a <emphasis>Field-level</emphasis> marker Annotation. It is used by a component to indicate
+ that the application state of the annotated field should be used during both, Enforcement Phase as well as Provisioning Phase of the framework.
+ </para>
+ </sect2>
+ <sect2 id="LogicExpression">
+ <title>LogicExpression</title>
+ <para>
+ </para>
+ </sect2>
+ </sect1>
+</chapter>
Modified: authz/trunk/documentation/reference-guide/en/modules/concepts.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/concepts.xml 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/documentation/reference-guide/en/modules/concepts.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -1,4 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"
+ [
+ <!ENTITY concepts SYSTEM "concepts.sgm" NDATA SGML>
+ ]
+>
<chapter id="concepts">
<chapterinfo>
<author>
@@ -8,7 +13,7 @@
</author>
</chapterinfo>
<title>Concepts</title>
- <sect1>
+ <sect1 id="concepts.resource">
<title>Resource</title>
<para>
A Data, Service, or a System component.
@@ -17,7 +22,7 @@
<emphasis role="bold">Examples</emphasis> : a HTTP URL, a Servlet, a Portlet, a POJO (Plain Old Java Object), a Java Method, a Java Field, etc
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.action">
<title>Action</title>
<para>
An operation on a resource.
@@ -26,7 +31,7 @@
<emphasis role="bold">Examples</emphasis> : CRUD (Create, Read, Update, Delete), HTTP GET, HTTP POST, PORTLET VIEW, PORTLET ACTION, etc
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.subject">
<title>Subject</title>
<para>
An actor.
@@ -35,7 +40,7 @@
<emphasis role="bold">Examples</emphasis> : Authenticated User, Anonymous User, a Machine, etc
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.environment">
<title>Environment</title>
<para>
The set of attributes that are relevant to an authorization decision and are independent of a particular subject, resource, or action.
@@ -44,7 +49,7 @@
<emphasis role="bold">Examples</emphasis> : Current Date and/or Time, Application Data in a HTTP Session, the parameters passed to a Java method call, etc
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.attribute">
<title>Attribute</title>
<para>
A characteristic of a Resource, Action, Subject or Environment which is referenced within a Policy Rule or a Policy Target. Attributes are runtime information
@@ -65,21 +70,21 @@
<emphasis role="bold">Environment Examples</emphasis> : Current Date and/or Time, etc
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.policy">
<title>Policy</title>
<para>
A security policy consisting of a target and multiple rules. An Enterprise application will have multiple policies stored in the system. Enforcement
requests are evaluated by applying the logic specified within these policies. A Policy Evaluation results in a Permit or Deny State.
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.target">
<title>Target</title>
<para>
The set of Enforcement requests identified by policy definitions of Resource, Subject, and Action that a Policy or a Rule is intended to evalute.
Simply put, Target definition consists of logic that determines whether a particular Policy or Rule should be evaluated for the incoming Enforcement request.
</para>
</sect1>
- <sect1>
+ <sect1 id="concepts.rule">
<title>Rule</title>
<para>
A Policy Component which consists of the following:
Deleted: authz/trunk/documentation/reference-guide/en/modules/examples.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/examples.xml 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/documentation/reference-guide/en/modules/examples.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<chapter id="examples">
- <chapterinfo>
- <author>
- <firstname>Sohil</firstname>
- <surname>Shah</surname>
- <email>sshah(a)redhat.com</email>
- </author>
- </chapterinfo>
- <title>Examples</title>
-</chapter>
Modified: authz/trunk/documentation/reference-guide/en/modules/framework.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/framework.xml 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/documentation/reference-guide/en/modules/framework.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -140,9 +140,67 @@
<emphasis>EnforcementContext</emphasis> answers the <emphasis role="bold">”This is what I am trying to access, and this is my current application state”</emphasis>.
It has no knowledge of the logic that will be applied to this data or cares for it.
Objects placed into an <emphasis>EnforcementContext</emphasis>
- are processed by the framework as ”Authorization Components”.
- The "Authorization Component" spec will be covered in more details in the next chapter.
+ are processed by the framework as <emphasis>”Authorization Components”</emphasis>.
+ The <emphasis>"Authorization Component"</emphasis> spec will be covered in more details in the next chapter.
</para>
+ <para>
+ The framework provides an extensive set of core <emphasis>”Authorization Components”</emphasis>. The core component set tries to cover the concepts covered by the
+ industry standard <ulink url="http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml">XACML specification</ulink>.
+ More custom components can also be created based on the <emphasis>”Authorization Component”</emphasis> specification.
+ </para>
+ <sect3>
+ <title>Enforcement Phase Life Cycle</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ An incoming application request is intercepted before invoking a protected resource. An <emphasis role="bold">EnforcementContext</emphasis> is generated.
+ It consisting of authorization components that represent the runtime state of the system.
+ An <emphasis role="bold">Enforcement Request</emphasis> is then issued to the framework
+ </listitem>
+ <listitem>
+ The framework then processes this <emphasis role="bold">Enforcement Request</emphasis> through its <emphasis>rule engine</emphasis> and
+ <emphasis>stored policies</emphasis>. It produces a <emphasis role="bold">'Permit'</emphasis>, or <emphasis role="bold">'Deny'</emphasis> decision
+ </listitem>
+ <listitem>
+ If access is granted, the application request moves forward, if not, appropriate action is taken by the application
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ TODO: Use a Diagram to illustrate this life cycle
+ </para>
+ </sect3>
</sect2>
+ <sect2>
+ <title>Provisioning Phase</title>
+ <para>
+ A <emphasis role="bold">CompositionContext</emphasis> allows the Application Developer to specify the authorization component hierarchy that a policy instance
+ is composed of. It is processed by the <emphasis>PolicyComposer</emphasis> service. The <emphasis>PolicyComposer</emphasis> generates the low-level policy instance.
+ The <emphasis>PolicyComposer</emphasis> shields the Application Developer from low-level policy processing and representation details.
+ </para>
+ <sect3>
+ <title>Provisioning Phase Life Cycle</title>
+ <para>
+ <itemizedlist>
+ <listitem>
+ The <emphasis>component hierarchy</emphasis> represented inside a <emphasis role="bold">CompositionContext</emphasis> is created by the application.
+ This <emphasis role="bold">CompositionContext</emphasis> is sent to the <emphasis>PolicyComposer</emphasis>.
+ </listitem>
+ <listitem>
+ Inside the <emphasis>PolicyComposer</emphasis>, based on the state of the authorization components, a system level policy (in this case
+ an xacml policy) is autogenerated. The composer also handles generation of all conditional logic that must be associated with the policy.
+ </listitem>
+ <listitem>
+ The generated system policy is then propagated to storage and the runtime state of other live components. This allows dynamic provisioning of
+ desired application security requirements (application/cluster restart is <emphasis>not</emphasis> needed, even when the security policies are
+ changed at runtime).
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ TODO: Use a Diagram to illustrate this life cycle
+ </para>
+ </sect3>
+ </sect2>
</sect1>
</chapter>
Deleted: authz/trunk/documentation/reference-guide/en/modules/spi.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/modules/spi.xml 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/documentation/reference-guide/en/modules/spi.xml 2009-09-08 18:05:46 UTC (rev 773)
@@ -1,16 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<chapter id="spi">
- <chapterinfo>
- <author>
- <firstname>Sohil</firstname>
- <surname>Shah</surname>
- <email>sshah(a)redhat.com</email>
- </author>
- </chapterinfo>
- <title>Policy Store SPI</title>
- <sect1>
- <title>Policy Store SPI</title>
- <para>
- </para>
- </sect1>
-</chapter>
Modified: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java
===================================================================
--- authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java 2009-09-08 18:05:46 UTC (rev 773)
@@ -31,6 +31,7 @@
*/
public enum ComponentCategory
{
+ //Resources------------------------------------------------------------------------------------------------------------------------------------------------------
RESOURCE
{
public String getAttributeCategory()
@@ -42,9 +43,8 @@
{
target.addResourceMatch(expression);
}
- },
-
-
+ },
+ //Subjects------------------------------------------------------------------------------------------------------------------------------------------------------
SUBJECT
{
public String getAttributeCategory()
@@ -58,32 +58,33 @@
}
},
-
- ACTION
+ CUSTOM_SUBJECT_ATTRIBUTE
{
public String getAttributeCategory()
{
- return XACMLConstants.ATTRIBUTEID_ACTION_ID;
+ return AttributeDesignatorUtil.ATTRIBUTEID_CUSTOM_SUBJECT_ATTRIBUTE;
}
public void setExpression(Target target, AttributeExpression expression)
{
- target.addActionMatch(expression);
+ target.addSubjectMatch(expression);
}
- },
-
- CUSTOM_SUBJECT_ATTRIBUTE
+ },
+ //---Actions---------------------------------------------------------------------------------------------------------------------------------------------------
+ ACTION
{
public String getAttributeCategory()
{
- return AttributeDesignatorUtil.ATTRIBUTEID_CUSTOM_SUBJECT_ATTRIBUTE;
+ return XACMLConstants.ATTRIBUTEID_ACTION_ID;
}
public void setExpression(Target target, AttributeExpression expression)
{
- target.addSubjectMatch(expression);
+ target.addActionMatch(expression);
}
};
+ //------Environment-------------------------------------------------------------------------------------------------------------------------------------------
+
//Define the enum behavior
public abstract String getAttributeCategory();
Deleted: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicData.java
===================================================================
--- authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicData.java 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/LogicData.java 2009-09-08 18:05:46 UTC (rev 773)
@@ -1,37 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.component;
-
-import java.lang.annotation.Target;
-import java.lang.annotation.Retention;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.RetentionPolicy;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-(a)Target(ElementType.FIELD)
-(a)Retention(RetentionPolicy.RUNTIME)
-public @interface LogicData
-{
-
-}
Deleted: authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/TargetUri.java
===================================================================
--- authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/TargetUri.java 2009-09-06 18:16:13 UTC (rev 772)
+++ authz/trunk/public-api/src/main/java/org/jboss/security/authz/component/TargetUri.java 2009-09-08 18:05:46 UTC (rev 773)
@@ -1,37 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.component;
-
-import java.lang.annotation.Target;
-import java.lang.annotation.Retention;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.RetentionPolicy;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-(a)Target(ElementType.FIELD)
-(a)Retention(RetentionPolicy.RUNTIME)
-public @interface TargetUri
-{
-
-}
14 years, 8 months
JBoss Identity SVN: r763 - authz/trunk.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-05 16:40:54 -0400 (Sat, 05 Sep 2009)
New Revision: 763
Added:
authz/trunk/pom.xml
Log:
new home
Added: authz/trunk/pom.xml
===================================================================
--- authz/trunk/pom.xml (rev 0)
+++ authz/trunk/pom.xml 2009-09-05 20:40:54 UTC (rev 763)
@@ -0,0 +1,366 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-parent</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ <packaging>pom</packaging>
+ <name>JBoss Authorization</name>
+ <url>http://www.jboss.org</url>
+ <description>JBoss Authorization</description>
+
+ <modules>
+ <module>common-api</module>
+ <module>core-components-api</module>
+ <module>agent</module>
+ <module>policy-server</module>
+ <module>http-profile</module>
+ <!--
+ <module>portal-profile</module>
+ -->
+ </modules>
+
+ <properties>
+ <version.junit>3.8.2</version.junit>
+ <version.apache.log4j>1.2.14</version.apache.log4j>
+
+ <version.sun.jaxb>2.1.4</version.sun.jaxb>
+ <version.sun.jaf>1.1</version.sun.jaf>
+ <version.jboss.xacml>2.0.3.SP2-SNAPSHOT</version.jboss.xacml>
+
+ <version.org.drools>4.0.7</version.org.drools>
+ <version.org.mvel.mvel>1.3.1-java1.4</version.org.mvel.mvel>
+ <version.org.antlr>3.0</version.org.antlr>
+
+ <!-- xstream dependency used by the agent side caching service -->
+ <version.com.thoughtworks.xstream>1.3.1</version.com.thoughtworks.xstream>
+
+ <!-- Hibernate related dependencies used by the RelationalDBPolicyStore -->
+ <version.org.hibernate>3.1.2</version.org.hibernate>
+ <version.hsqldb.hsqldb>1.8.0.7</version.hsqldb.hsqldb>
+
+ <version.org.jboss.microcontainer>2.0.2.GA</version.org.jboss.microcontainer>
+ <version.org.jboss.jboss-reflect>2.0.2.GA</version.org.jboss.jboss-reflect>
+ <version.org.jboss.jboss-common-core>2.2.9.GA</version.org.jboss.jboss-common-core>
+ <version.org.jboss.jboss-mdr>2.0.1.GA</version.org.jboss.jboss-mdr>
+
+ <version.javax.servlet.servlet-api>2.4</version.javax.servlet.servlet-api>
+ <version.commons-httpclient>3.1</version.commons-httpclient>
+ </properties>
+
+ <dependencyManagement>
+ <dependencies>
+ <!-- sun jaxb -->
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-api</artifactId>
+ <version>${version.sun.jaxb}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ <version>${version.sun.jaxb}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ <version>${version.sun.jaxb}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- sun jaf -->
+ <dependency>
+ <groupId>sun-jaf</groupId>
+ <artifactId>activation</artifactId>
+ <version>${version.sun.jaf}</version>
+ </dependency>
+
+ <!-- jboss xacml -->
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml</artifactId>
+ <version>${version.jboss.xacml}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-sunxacml</artifactId>
+ <version>${version.jboss.xacml}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- junit -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>${version.junit}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- logging -->
+ <dependency>
+ <groupId>apache-log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>${version.apache.log4j}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Drools -->
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-core</artifactId>
+ <version>${version.org.drools}</version>
+ <scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-compiler</artifactId>
+ <version>${version.org.drools}</version>
+ <scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.mvel</groupId>
+ <artifactId>mvel</artifactId>
+ <version>${version.org.mvel.mvel}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.antlr</groupId>
+ <artifactId>antlr-runtime</artifactId>
+ <version>${version.org.antlr}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- xstream dependeny -->
+ <dependency>
+ <groupId>com.thoughtworks.xstream</groupId>
+ <artifactId>xstream</artifactId>
+ <version>${version.com.thoughtworks.xstream}</version>
+ </dependency>
+
+ <!-- JBoss Microcontainer -->
+ <dependency>
+ <groupId>org.jboss.microcontainer</groupId>
+ <artifactId>jboss-kernel</artifactId>
+ <version>${version.org.jboss.microcontainer}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.microcontainer</groupId>
+ <artifactId>jboss-dependency</artifactId>
+ <version>${version.org.jboss.microcontainer}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-reflect</artifactId>
+ <version>${version.org.jboss.jboss-reflect}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-common-core</artifactId>
+ <version>${version.org.jboss.jboss-common-core}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-mdr</artifactId>
+ <version>${version.org.jboss.jboss-mdr}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Servlet -->
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>${version.javax.servlet.servlet-api}</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Commons Http Client -->
+ <dependency>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ <version>${version.commons-httpclient}</version>
+ </dependency>
+
+ <!-- Hibernate Dependency -->
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate</artifactId>
+ <version>${version.org.hibernate}</version>
+ </dependency>
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <version>${version.hsqldb.hsqldb}</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+
+ <!-- project wide dependencies -->
+ <dependencies>
+ <!-- logging -->
+ <dependency>
+ <groupId>apache-log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>sun-jaf</groupId>
+ <artifactId>activation</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+ <!-- junit -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+ <!-- http client -->
+ <dependency>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.5</source>
+ <target>1.5</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.3.1</version>
+ <configuration>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-source-plugin</artifactId>
+ <inherited>true</inherited>
+ <configuration>
+ <attach>true</attach>
+ </configuration>
+ <executions>
+ <execution>
+ <id>attach-sources</id>
+ <goals>
+ <goal>jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <reporting>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <aggregate>true</aggregate>
+ </configuration>
+ </plugin>
+ </plugins>
+ </reporting>
+
+ <repositories>
+ <repository>
+ <id>repository.jboss.org</id>
+ <name>JBoss Repository</name>
+ <layout>default</layout>
+ <url>http://repository.jboss.org/maven2/</url>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>snapshots.jboss.org</id>
+ <name>JBoss Snapshots Repository</name>
+ <layout>default</layout>
+ <url>http://snapshots.jboss.org/maven2/</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </repository>
+ </repositories>
+
+ <pluginRepositories>
+ <pluginRepository>
+ <id>java.net maven repository</id>
+ <url>http://download.java.net/maven/2/</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </pluginRepository>
+ <pluginRepository>
+ <id>codehaus snapshot repository</id>
+ <url>http://snapshots.repository.codehaus.org/</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ </pluginRepository>
+ </pluginRepositories>
+
+ <distributionManagement>
+ <repository>
+ <!--Copy the distribution jar file to a local checkout of the maven repository
+ - This variable can be set in $MAVEN_HOME/conf/settings.xml-->
+ <id>repository.jboss.org</id>
+ <url>file://${jboss.repository.root}</url>
+ </repository>
+ <snapshotRepository>
+ <id>snapshots.jboss.org</id>
+ <name>JBoss Snapshot Repository</name>
+ <url>dav:https://snapshots.jboss.org/maven2</url>
+ <uniqueVersion>true</uniqueVersion>
+ </snapshotRepository>
+ </distributionManagement>
+
+ <!-- Build Profiles -->
+ <profiles>
+ <profile>
+ <id>container-testsuite</id>
+ <properties>
+ <!--
+ <jboss.home>/home/soshah/projects/jboss-portal/jboss-4.2.3.GA</jboss.home>
+ -->
+ <jboss.home>/home/soshah/projects/jboss-portal/jboss-5.0.1.GA</jboss.home>
+ </properties>
+ </profile>
+ </profiles>
+</project>
14 years, 8 months