11:49 p.m.
Author: anil.saldhana(a)jboss.com
Date: 2009-05-23 00:49:33 -0400 (Sat, 23 May 2009)
New Revision: 516
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/EncryptionKeyUtil.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/xmlenc/factories/XMLEncryptionFactory.java
identity-federation/trunk/jboss-identity-xmlsec-model/src/main/java/org/jboss/identity/xmlsec/util/XMLEncryptionUtil.java
Log:
JBID-111: generic exception throwing cleaned up
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/interfaces/TrustKeyManager.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -43,41 +43,46 @@
* Provide a set of properties used for authentication
* into the storage of keys - keystore, ldap, db, HSM etc
* @param authList
- * @throws Exception
+ * @throws {@link IOException}
*/
- void setAuthProperties(List<AuthPropertyType> authList) throws Exception;
+ void setAuthProperties(List<AuthPropertyType> authList)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Set a list of (domain,alias) tuple to trust domains
* The alias is a string that represents the validating key stored
* for a domain
* @param aliases
- * @throws Exception
+ * @throws {@link IOException}
*/
- void setValidatingAlias(List<KeyValueType> aliases) throws Exception;
+ void setValidatingAlias(List<KeyValueType> aliases)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Get the Signing Key
* @return
- * @throws Exception
+ * @throws {@link CertificateException}
*/
- PrivateKey getSigningKey() throws Exception;
+ PrivateKey getSigningKey()
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Get the certificate given an alias
* @param alias
* @return
- * @throws Exception
+ * @throws {@link CertificateException}
*/
- Certificate getCertificate(String alias) throws Exception;
+ Certificate getCertificate(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Get a Public Key given an alias
* @param alias
* @return
- * @throws Exception
+ * @throws {@link CertificateException}
*/
- PublicKey getPublicKey(String alias) throws Exception;
+ PublicKey getPublicKey(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Given a domain, obtain a secret key
@@ -85,16 +90,16 @@
* @param domain
* @param encryptionAlgorithm Encryption Algorithm
* @param keyLength length of keys
- * @return
- * @throws Exception
+ * @return
*/
- SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
throws Exception;
+ SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
/**
* Get the Validating Public Key of the domain
* @param domain
- * @return
- * @throws Exception
+ * @return
*/
- PublicKey getValidatingKey(String domain) throws Exception;
+ PublicKey getValidatingKey(String domain)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -35,6 +35,7 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
@@ -149,7 +150,8 @@
}
}
- private void addIDP(HttpServletRequest request, HttpServletResponse response) throws
Exception
+ private void addIDP(HttpServletRequest request, HttpServletResponse response)
+ throws IOException, JAXBException
{
String spName = request.getParameter("spname");
String idpName = request.getParameter("idpname");
@@ -179,7 +181,8 @@
}
}
- private void addSP(HttpServletRequest request, HttpServletResponse response) throws
Exception
+ private void addSP(HttpServletRequest request, HttpServletResponse response)
+ throws JAXBException, IOException
{
String idpName = request.getParameter("idpname");
String spName = request.getParameter("spname");
@@ -209,7 +212,7 @@
}
- private EntityDescriptorType getMetaData(String metadataURL) throws Exception
+ private EntityDescriptorType getMetaData(String metadataURL) throws JAXBException,
IOException
{
InputStream is;
URL md = new URL(metadataURL);
@@ -226,7 +229,8 @@
return edt;
}
- private void displayTrustedProvidersForIDP(HttpServletRequest request,
HttpServletResponse response) throws Exception
+ private void displayTrustedProvidersForIDP(HttpServletRequest request,
HttpServletResponse response)
+ throws IOException, ClassNotFoundException
{
String idpName = request.getParameter("name");
@@ -237,7 +241,8 @@
httpSession.setAttribute("providers", trustedProviders);
}
- private void displayTrustedProvidersForSP(HttpServletRequest request,
HttpServletResponse response) throws Exception
+ private void displayTrustedProvidersForSP(HttpServletRequest request,
HttpServletResponse response)
+ throws IOException, ClassNotFoundException
{
String spName = request.getParameter("name");
@@ -247,5 +252,4 @@
httpSession.setAttribute("spName", spName);
httpSession.setAttribute("providers", trustedProviders);
}
-
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -25,6 +25,8 @@
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
@@ -37,7 +39,9 @@
import org.jboss.identity.federation.bindings.config.AuthPropertyType;
import org.jboss.identity.federation.bindings.config.KeyValueType;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.bindings.util.cert.EncryptionKeyUtil;
import org.jboss.identity.federation.bindings.util.cert.KeyStoreUtil;
@@ -77,72 +81,151 @@
/**
* @see TrustKeyManager#getSigningKey()
*/
- public PrivateKey getSigningKey() throws Exception
+ public PrivateKey getSigningKey()
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
- if(ks == null)
- this.setUpKeyStore();
-
- if(ks == null)
- throw new IllegalStateException("KeyStore is null");
- return (PrivateKey) ks.getKey(this.signingAlias, this.signingKeyPass);
+ try
+ {
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ return (PrivateKey) ks.getKey(this.signingAlias, this.signingKeyPass);
+ }
+ catch (KeyStoreException e)
+ {
+ throw new TrustKeyConfigurationException(e);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (UnrecoverableKeyException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (IOException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
}
/**
* @see TrustKeyManager#getCertificate(String)
*/
- public Certificate getCertificate(String alias) throws Exception
+ public Certificate getCertificate(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
- if(ks == null)
- this.setUpKeyStore();
-
- if(ks == null)
- throw new IllegalStateException("KeyStore is null");
- return ks.getCertificate(alias);
+ try
+ {
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ return ks.getCertificate(alias);
+ }
+ catch (KeyStoreException e)
+ {
+ throw new TrustKeyConfigurationException(e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (IOException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
}
/**
* @see TrustKeyManager#getPublicKey(String)
*/
- public PublicKey getPublicKey(String alias) throws Exception
+ public PublicKey getPublicKey(String alias)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
- if(ks == null)
- this.setUpKeyStore();
-
- if(ks == null)
- throw new IllegalStateException("KeyStore is null");
- return ks.getCertificate(alias).getPublicKey();
+ try
+ {
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ return ks.getCertificate(alias).getPublicKey();
+ }
+ catch (KeyStoreException e)
+ {
+ throw new TrustKeyConfigurationException(e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (IOException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
}
/**
+ * @throws IOException
* @see TrustKeyManager#getValidatingKey(String)
*/
- public PublicKey getValidatingKey(String domain) throws Exception
+ public PublicKey getValidatingKey(String domain)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
- if(ks == null)
- this.setUpKeyStore();
-
- if(ks == null)
- throw new IllegalStateException("KeyStore is null");
- String domainAlias = this.domainAliasMap.get(domain);
- if(domainAlias == null)
- throw new IllegalStateException("Domain Alias missing for "+ domain);
PublicKey publicKey = null;
try
{
- publicKey = KeyStoreUtil.getPublicKey(ks, domainAlias,
this.keyStorePass.toCharArray());
+ if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
+ throw new IllegalStateException("KeyStore is null");
+ String domainAlias = this.domainAliasMap.get(domain);
+ if(domainAlias == null)
+ throw new IllegalStateException("Domain Alias missing for "+
domain);
+ publicKey = null;
+ try
+ {
+ publicKey = KeyStoreUtil.getPublicKey(ks, domainAlias,
this.keyStorePass.toCharArray());
+ }
+ catch(UnrecoverableKeyException urke)
+ {
+ //Try with the signing key pass
+ publicKey = KeyStoreUtil.getPublicKey(ks, domainAlias, this.signingKeyPass);
+ }
}
- catch(UnrecoverableKeyException urke)
+ catch (KeyStoreException e)
{
- //Try with the signing key pass
- publicKey = KeyStoreUtil.getPublicKey(ks, domainAlias, this.signingKeyPass);
+ throw new TrustKeyConfigurationException(e);
}
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
+ catch (IOException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
return publicKey;
}
/**
* @see TrustKeyManager#setAuthProperties(List)
*/
- public void setAuthProperties(List<AuthPropertyType> authList) throws Exception
+ public void setAuthProperties(List<AuthPropertyType> authList)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
for(AuthPropertyType auth: authList)
{
@@ -165,6 +248,7 @@
* @see TrustKeyManager#setValidatingAlias(List)
*/
public void setValidatingAlias(List<KeyValueType> aliases)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
for(KeyValueType alias: aliases)
{
@@ -173,14 +257,23 @@
}
/**
+ * @throws GeneralSecurityException
* @see TrustKeyManager#getEncryptionKey(String)
*/
- public SecretKey getEncryptionKey(String domain,String encryptionAlgorithm, int
keyLength) throws Exception
+ public SecretKey getEncryptionKey(String domain,String encryptionAlgorithm, int
keyLength)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException
{
SecretKey key = keys.get(domain);
if(key == null)
{
- key = EncryptionKeyUtil.getSecretKey(encryptionAlgorithm, keyLength);
+ try
+ {
+ key = EncryptionKeyUtil.getSecretKey(encryptionAlgorithm, keyLength);
+ }
+ catch (GeneralSecurityException e)
+ {
+ throw new TrustKeyProcessingException(e);
+ }
keys.put(domain, key);
}
return key;
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -25,11 +25,14 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
+import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.JAXBException;
+import javax.xml.datatype.DatatypeConfigurationException;
import org.apache.catalina.Context;
import org.apache.catalina.Lifecycle;
@@ -50,6 +53,9 @@
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
@@ -60,6 +66,7 @@
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.xml.sax.SAXException;
/**
* Valve at the IDP that supports the HTTP/Redirect Binding
@@ -216,10 +223,9 @@
/**
* Validate the incoming Request
* @param request
- * @return
- * @throws Exception
+ * @return
*/
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request) throws
IOException,GeneralSecurityException
{
return this.hasSAMLRequestMessage(request);
}
@@ -229,7 +235,7 @@
return request.getParameter("SAMLRequest") != null;
}
- private RequestAbstractType getSAMLRequest(Request request) throws Exception
+ private RequestAbstractType getSAMLRequest(Request request) throws JAXBException,
SAXException
{
String samlMessage = getSAMLMessage(request);
InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
@@ -243,9 +249,12 @@
* @param request
* @param userPrincipal
* @return
- * @throws Exception
+ * @throws ParsingException
+ * @throws ConfigurationException
+ * @throws ProcessingException
*/
- protected ResponseType getResponse(Request request, Principal userPrincipal) throws
Exception
+ protected ResponseType getResponse(Request request, Principal userPrincipal)
+ throws ParsingException, ConfigurationException, ProcessingException
{
ResponseType responseType = null;
@@ -253,14 +262,37 @@
InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
SAML2Request saml2Request = new SAML2Request();
- AuthnRequestType authnRequestType = saml2Request.getAuthnRequestType(is);
+ AuthnRequestType authnRequestType = null;
+ try
+ {
+ authnRequestType = saml2Request.getAuthnRequestType(is);
+ }
+ catch (JAXBException e2)
+ {
+ throw new ParsingException(e2);
+ }
+ catch (SAXException e2)
+ {
+ throw new ParsingException(e2);
+ }
if(authnRequestType == null)
throw new IllegalStateException("AuthnRequest is null");
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- saml2Request.marshall(authnRequestType, sw);
+ try
+ {
+ saml2Request.marshall(authnRequestType, sw);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
log.trace("IDPRedirectValve::AuthnRequest="+sw.toString());
}
SAML2Response saml2Response = new SAML2Response();
@@ -286,13 +318,31 @@
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
//Add timed conditions
- saml2Response.createTimedConditions(assertion, this.assertionValidity);
+ try
+ {
+ saml2Response.createTimedConditions(assertion, this.assertionValidity);
+ }
+ catch (DatatypeConfigurationException e1)
+ {
+ throw new ConfigurationException(e1);
+ }
//Lets see how the response looks like
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
log.trace("IDPRedirectValve::Response="+sw.toString());
}
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectWithSignatureValve.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -21,24 +21,36 @@
*/
package org.jboss.identity.federation.bindings.tomcat.idp;
+import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
+import java.net.MalformedURLException;
import java.net.URL;
+import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.SecretKey;
+import javax.xml.bind.JAXBException;
import javax.xml.namespace.QName;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Request;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.bindings.config.EncryptionType;
import org.jboss.identity.federation.bindings.config.KeyProviderType;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
@@ -47,6 +59,7 @@
import org.jboss.identity.xmlsec.util.XMLEncryptionUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
/**
@@ -106,7 +119,7 @@
}
@Override
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request) throws IOException,
GeneralSecurityException
{
boolean result = super.validate(request);
if( result == false)
@@ -138,7 +151,19 @@
}
sb.append("&SigAlg=").append(sigAlgFromURL);
- PublicKey validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ PublicKey validatingKey;
+ try
+ {
+ validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ }
+ catch (TrustKeyConfigurationException e)
+ {
+ throw new GeneralSecurityException(e.getCause());
+ }
+ catch (TrustKeyProcessingException e)
+ {
+ throw new GeneralSecurityException(e.getCause());
+ }
boolean isValid = SignatureUtil.validate(sb.toString().getBytes("UTF-8"),
sigValue, validatingKey);
return isValid;
}
@@ -162,7 +187,8 @@
}
@Override
- protected ResponseType getResponse(Request request, Principal userPrincipal) throws
Exception
+ protected ResponseType getResponse(Request request, Principal userPrincipal)
+ throws ParsingException, ConfigurationException, ProcessingException
{
SAML2Response saml2Response = new SAML2Response();
@@ -175,37 +201,84 @@
String sp = responseType.getDestination();
if(sp == null)
throw new IllegalStateException("Unable to handle encryption as SP url
is null");
- URL spurl = new URL(sp);
- PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
- EncryptionType enc = idpConfiguration.getEncryption();
- if(enc == null)
- throw new IllegalStateException("EncryptionType not configured");
- String encAlgo = enc.getEncAlgo().value();
- int keyLength = enc.getKeySize();
- //Generate a key on the fly
- SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo,
keyLength);
-
- StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
-
- Document responseDoc = DocumentUtil.getDocument(new
StringReader(sw.toString()));
-
- String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
-
- QName assertionQName = new QName(assertionNS, "EncryptedAssertion",
"saml");
-
- Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
- publicKey, sk, keyLength, assertionQName, true);
-
-
- EncryptedElementType eet =
saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
- responseType.getAssertionOrEncryptedAssertion().set(0, eet);
+ try
+ {
+ URL spurl = new URL(sp);
+ PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
+ EncryptionType enc = idpConfiguration.getEncryption();
+ if(enc == null)
+ throw new IllegalStateException("EncryptionType not
configured");
+ String encAlgo = enc.getEncAlgo().value();
+ int keyLength = enc.getKeySize();
+ //Generate a key on the fly
+ SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo,
keyLength);
+
+ StringWriter sw = new StringWriter();
+ saml2Response.marshall(responseType, sw);
+
+ Document responseDoc = DocumentUtil.getDocument(new
StringReader(sw.toString()));
+
+ String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
+
+ QName assertionQName = new QName(assertionNS, "EncryptedAssertion",
"saml");
+
+ Element encAssertion =
XMLEncryptionUtil.encryptElementInDocument(responseDoc,
+ publicKey, sk, keyLength, assertionQName, true);
+
+
+ EncryptedElementType eet =
saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
+ responseType.getAssertionOrEncryptedAssertion().set(0, eet);
+ }
+ catch (MalformedURLException e)
+ {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (ParserConfigurationException e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException(e);
+ }
+ catch (TransformerFactoryConfigurationError e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (TransformerException e)
+ {
+ throw new ProcessingException(e);
+ }
+ catch (Exception e)
+ {
+ throw new ProcessingException(e);
+ }
}
//Lets see how the response looks like
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
log.trace("IDPRedirectValveWithSignature::Response="+sw.toString());
}
return responseType;
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -32,6 +32,7 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.xml.bind.JAXBException;
+import javax.xml.datatype.DatatypeConfigurationException;
import org.apache.catalina.connector.Response;
import org.apache.log4j.Logger;
@@ -44,6 +45,7 @@
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -99,7 +101,7 @@
return postProfile;
}
- public RequestAbstractType getSAMLRequest(String samlMessage) throws Exception
+ public RequestAbstractType getSAMLRequest(String samlMessage) throws JAXBException,
SAXException
{
InputStream is = null;
SAML2Request saml2Request = new SAML2Request();
@@ -122,7 +124,7 @@
Principal userPrincipal,
List<String> roles,
String identityURL,
- long assertionValidity) throws Exception
+ long assertionValidity) throws ConfigurationException,
DatatypeConfigurationException, JAXBException, SAXException
{
ResponseType responseType = null;
@@ -189,7 +191,14 @@
}
}
-
+ /**
+ * Send a response
+ * @param responseType
+ * @param relayState
+ * @param response
+ * @throws IOException
+ * @throws ParsingException
+ */
public void send(ResponseType responseType, String relayState,
Response response) throws IOException, ParsingException
{
@@ -258,6 +267,14 @@
return null;
}
+ /**
+ * Create an Error Response
+ * @param responseURL
+ * @param status
+ * @param identityURL
+ * @return
+ * @throws ServletException
+ */
public ResponseType getErrorResponse(String responseURL, String status,
String identityURL) throws ServletException
{
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -31,6 +31,7 @@
import javax.servlet.ServletException;
import javax.xml.bind.JAXBException;
+import javax.xml.datatype.DatatypeConfigurationException;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Session;
@@ -181,16 +182,15 @@
PostBindingUtil.sendPost(destination, samlMessage, relayState, response, true);
}
- protected AuthnRequestType createSAMLRequestMessage(String relayState, Response
response)
- throws Exception
+ protected AuthnRequestType createSAMLRequestMessage(String relayState, Response
response)
+ throws ServletException, DatatypeConfigurationException
{
//create a saml request
if(this.serviceURL == null)
throw new ServletException("serviceURL is not configured");
SPUtil spUtil = new SPUtil();
- return spUtil.createSAMLRequest(serviceURL, identityURL);
-
+ return spUtil.createSAMLRequest(serviceURL, identityURL);
}
protected String getDestination(String urlEncodedRequest, String
urlEncodedRelayState)
@@ -221,7 +221,7 @@
}
}
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request)
{
return request.getParameter("SAMLResponse") != null;
}
@@ -231,12 +231,14 @@
* @param responseType ResponseType that contains the encrypted assertion
* @return response type with the decrypted assertion
*/
- protected ResponseType decryptAssertion(ResponseType responseType) throws Exception
+ protected ResponseType decryptAssertion(ResponseType responseType)
{
throw new RuntimeException("This authenticator does not handle
encryption");
}
- private Principal process(Request request, Response response) throws Exception
+ private Principal process(Request request, Response response)
+ throws JAXBException, SAXException, IssuerNotTrustedException,
+ AssertionExpiredException, DatatypeConfigurationException
{
Principal userPrincipal = null;
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -24,6 +24,7 @@
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.Arrays;
import java.util.List;
@@ -49,6 +50,8 @@
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType;
@@ -218,7 +221,7 @@
}
}
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request) throws IOException,
GeneralSecurityException
{
return request.getParameter("SAMLResponse") != null;
}
@@ -228,7 +231,8 @@
* @param responseType ResponseType that contains the encrypted assertion
* @return response type with the decrypted assertion
*/
- protected ResponseType decryptAssertion(ResponseType responseType) throws Exception
+ protected ResponseType decryptAssertion(ResponseType responseType)
+ throws IOException, GeneralSecurityException, ConfigurationException,
ParsingException
{
throw new RuntimeException("This authenticator does not handle
encryption");
}
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -21,16 +21,26 @@
*/
package org.jboss.identity.federation.bindings.tomcat.sp;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
+import javax.xml.bind.JAXBException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Request;
import org.apache.log4j.Logger;
-import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.bindings.config.KeyProviderType;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.bindings.interfaces.TrustKeyManager;
+import org.jboss.identity.federation.bindings.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.bindings.util.RedirectBindingSignatureUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType;
@@ -38,6 +48,7 @@
import org.jboss.identity.xmlsec.util.XMLEncryptionUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
/**
* Tomcat Authenticator for the HTTP/Redirect binding with Signature support
@@ -45,9 +56,7 @@
* @since Jan 12, 2009
*/
public class SPRedirectSignatureFormAuthenticator extends SPRedirectFormAuthenticator
-{
-
-
+{
private static Logger log =
Logger.getLogger(SPRedirectSignatureFormAuthenticator.class);
private TrustKeyManager keyManager;
@@ -82,7 +91,7 @@
log.trace("Key Provider=" + keyProvider.getClassName());
}
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request) throws IOException,
GeneralSecurityException
{
boolean result = super.validate(request);
if( result == false)
@@ -108,7 +117,19 @@
}
sb.append("&SigAlg=").append(sigAlgFromURL);
- PublicKey validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ PublicKey validatingKey;
+ try
+ {
+ validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ }
+ catch (TrustKeyConfigurationException e)
+ {
+ throw new GeneralSecurityException(e.getCause());
+ }
+ catch (TrustKeyProcessingException e)
+ {
+ throw new GeneralSecurityException(e.getCause());
+ }
boolean isValid = SignatureUtil.validate(sb.toString().getBytes("UTF-8"),
sigValue, validatingKey);
return isValid;
}
@@ -132,17 +153,41 @@
}
@Override
- protected ResponseType decryptAssertion(ResponseType responseType) throws Exception
+ protected ResponseType decryptAssertion(ResponseType responseType)
+ throws IOException, GeneralSecurityException, ConfigurationException,
ParsingException
{
- SAML2Response saml2Response = new SAML2Response();
- PrivateKey privateKey = keyManager.getSigningKey();
-
- EncryptedElementType myEET = (EncryptedElementType)
responseType.getAssertionOrEncryptedAssertion().get(0);
- Document eetDoc = saml2Response.convert(myEET);
-
- Element decryptedDocumentElement =
XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);
-
- //Let us use the encrypted doc element to decrypt it
- return
saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
+ try
+ {
+ SAML2Response saml2Response = new SAML2Response();
+ PrivateKey privateKey = keyManager.getSigningKey();
+
+ EncryptedElementType myEET = (EncryptedElementType)
responseType.getAssertionOrEncryptedAssertion().get(0);
+ Document eetDoc = saml2Response.convert(myEET);
+
+ Element decryptedDocumentElement =
XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);
+
+ //Let us use the encrypted doc element to decrypt it
+ return
saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));
+ }
+ catch (JAXBException e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (TransformerFactoryConfigurationError e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (TransformerException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (Exception e)
+ {
+ throw new GeneralSecurityException(e);
+ }
}
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -26,6 +26,7 @@
import java.util.List;
import javax.xml.bind.JAXBElement;
+import javax.xml.datatype.DatatypeConfigurationException;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Request;
@@ -56,10 +57,10 @@
* Create a SAML2 auth request
* @param serviceURL URL of the service
* @param identityURL URL of the identity provider
- * @return
- * @throws Exception
+ * @return
+ * @throws DatatypeConfigurationException
*/
- public AuthnRequestType createSAMLRequest(String serviceURL, String identityURL)
throws Exception
+ public AuthnRequestType createSAMLRequest(String serviceURL, String identityURL)
throws DatatypeConfigurationException
{
if(serviceURL == null)
throw new IllegalArgumentException("serviceURL is null");
@@ -76,11 +77,13 @@
* @param request entire request from IDP
* @param responseType ResponseType that has been generated
* @param serverEnvironment tomcat,jboss etc
- * @return
- * @throws Exception
+ * @return
+ * @throws DatatypeConfigurationException
+ * @throws AssertionExpiredException
*/
@SuppressWarnings("unchecked")
- public Principal handleSAMLResponse(Request request, ResponseType responseType) throws
Exception
+ public Principal handleSAMLResponse(Request request, ResponseType responseType)
+ throws DatatypeConfigurationException, AssertionExpiredException
{
if(request == null)
throw new IllegalArgumentException("request is null");
@@ -89,7 +92,7 @@
StatusType statusType = responseType.getStatus();
if(statusType == null)
- throw new Exception("Status Type from the IDP is null");
+ throw new IllegalArgumentException("Status Type from the IDP is
null");
String statusValue = statusType.getStatusCode().getValue();
if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -21,15 +21,20 @@
*/
package org.jboss.identity.federation.bindings.util;
+import java.io.IOException;
import java.io.StringWriter;
import java.net.URLEncoder;
+import java.security.GeneralSecurityException;
import java.security.PrivateKey;
+import javax.xml.bind.JAXBException;
+
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.xml.sax.SAXException;
/**
@@ -45,10 +50,13 @@
* @param relayState
* @param signingKey
* @return
- * @throws Exception
+ * @throws JAXBException
+ * @throws SAXException
+ * @throws IOException
+ * @throws GeneralSecurityException
*/
public static String getSAMLRequestURLWithSignature(AuthnRequestType authRequest,
String relayState,
- PrivateKey signingKey) throws Exception
+ PrivateKey signingKey) throws SAXException, JAXBException, IOException,
GeneralSecurityException
{
SAML2Request saml2Request = new SAML2Request();
@@ -74,11 +82,14 @@
* @param responseType
* @param relayState
* @param signingKey
- * @return
- * @throws Exception
+ * @return
+ * @throws SAXException
+ * @throws JAXBException
+ * @throws IOException
+ * @throws GeneralSecurityException
*/
public static String getSAMLResponseURLWithSignature(ResponseType responseType, String
relayState,
- PrivateKey signingKey) throws Exception
+ PrivateKey signingKey) throws JAXBException, SAXException, IOException,
GeneralSecurityException
{
SAML2Response saml2Response = new SAML2Response();
@@ -103,11 +114,12 @@
* @param urlEncodedRequest
* @param urlEncodedRelayState
* @param signingKey
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
*/
public static String getSAMLRequestURLWithSignature(String urlEncodedRequest, String
urlEncodedRelayState,
- PrivateKey signingKey) throws Exception
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
{
byte[] sigValue = computeSignature(urlEncodedRequest, urlEncodedRelayState,
signingKey);
return getRequestRedirectURLWithSignature(urlEncodedRequest, urlEncodedRelayState,
sigValue, signingKey.getAlgorithm());
@@ -118,11 +130,12 @@
* @param urlEncodedResponse
* @param urlEncodedRelayState
* @param signingKey
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
+ * @throws IOException
*/
public static String getSAMLResponseURLWithSignature(String urlEncodedResponse, String
urlEncodedRelayState,
- PrivateKey signingKey) throws Exception
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
{
byte[] sigValue = computeSignature(urlEncodedResponse, urlEncodedRelayState,
signingKey);
return getResponseRedirectURLWithSignature(urlEncodedResponse,
urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
@@ -131,10 +144,13 @@
/**
* From the SAML Request URL, get the Request object
* @param signedURL
- * @return
- * @throws Exception
+ * @return
+ * @throws IOException
+ * @throws SAXException
+ * @throws JAXBException
*/
- public static AuthnRequestType getRequestFromSignedURL(String signedURL) throws
Exception
+ public static AuthnRequestType getRequestFromSignedURL(String signedURL)
+ throws JAXBException, SAXException, IOException
{
String samlRequestTokenValue = getTokenValue(signedURL, "SAMLRequest");
@@ -145,10 +161,10 @@
/**
* Get the signature value from the url
* @param signedURL
- * @return
- * @throws Exception
+ * @return
+ * @throws IOException
*/
- public static byte[] getSignatureValueFromSignedURL(String signedURL) throws
Exception
+ public static byte[] getSignatureValueFromSignedURL(String signedURL) throws
IOException
{
String sigValueTokenValue = getTokenValue(signedURL,"Signature");
if(sigValueTokenValue == null)
@@ -173,7 +189,7 @@
private static byte[] computeSignature(
String urlEncodedRequest, String urlEncodedRelayState,
- PrivateKey signingKey) throws Exception
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
{
StringBuilder sb = new StringBuilder();
sb.append("SAMLRequest=").append(urlEncodedRequest);
@@ -195,7 +211,8 @@
}
private static String getRequestRedirectURLWithSignature(
- String urlEncodedRequest, String urlEncodedRelayState, byte[] signature, String
sigAlgo) throws Exception
+ String urlEncodedRequest, String urlEncodedRelayState, byte[] signature, String
sigAlgo)
+ throws IOException
{
StringBuilder sb = new StringBuilder();
sb.append("SAMLRequest=").append(urlEncodedRequest);
@@ -219,7 +236,8 @@
}
private static String getResponseRedirectURLWithSignature(
- String urlEncodedResponse, String urlEncodedRelayState, byte[] signature, String
sigAlgo) throws Exception
+ String urlEncodedResponse, String urlEncodedRelayState, byte[] signature, String
sigAlgo)
+ throws IOException
{
StringBuilder sb = new StringBuilder();
sb.append("SAMLResponse=").append(urlEncodedResponse);
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -40,7 +40,7 @@
* URL encode the string
* @param str
* @return
- * @throws Exception
+ * @throws IOException
*/
public static String urlEncode(String str) throws IOException
{
@@ -51,7 +51,7 @@
* URL decode the string
* @param str
* @return
- * @throws Exception
+ * @throws IOException
*/
public static String urlDecode(String str) throws IOException
{
@@ -62,8 +62,7 @@
* On the byte array, apply base64 encoding following by URL encoding
* @param stringToEncode
* @return
- * @throws IOException
- * @throws Exception
+ * @throws IOException
*/
public static String base64URLEncode(byte[] stringToEncode) throws IOException
{
@@ -75,8 +74,7 @@
* On the byte array, apply URL decoding followed by base64 decoding
* @param encodedString
* @return
- * @throws IOException
- * @throws Exception
+ * @throws IOException
*/
public static byte[] urlBase64Decode(String encodedString) throws IOException
{
@@ -88,9 +86,7 @@
* Apply deflate compression followed by base64 encoding and URL encoding
* @param stringToEncode
* @return
- * @throws IOException
- * @throws IOException
- * @throws Exception
+ * @throws IOException
*/
public static String deflateBase64URLEncode(String stringToEncode) throws IOException
{
@@ -101,7 +97,7 @@
* Apply deflate compression followed by base64 encoding and URL encoding
* @param stringToEncode
* @return
- * @throws Exception
+ * @throws IOException
*/
public static String deflateBase64URLEncode(byte[] stringToEncode) throws IOException
{
@@ -113,8 +109,7 @@
* Apply URL decoding, followed by base64 decoding followed by deflate decompression
* @param encodedString
* @return
- * @throws IOException
- * @throws Exception
+ * @throws IOException
*/
public static InputStream urlBase64DeflateDecode(String encodedString) throws
IOException
{
@@ -125,8 +120,7 @@
/**
* Base64 decode followed by Deflate decoding
* @param encodedString
- * @return
- * @throws Exception
+ * @return
*/
public static InputStream base64DeflateDecode(String encodedString)
{
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/ValveUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -24,16 +24,19 @@
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
+import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.jboss.identity.federation.bindings.config.IDPType;
import org.jboss.identity.federation.bindings.config.SPType;
import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
+import org.xml.sax.SAXException;
/**
* Util for tomcat valves
@@ -93,7 +96,7 @@
}
@SuppressWarnings("unchecked")
- public static IDPType getIDPConfiguration(InputStream is) throws Exception
+ public static IDPType getIDPConfiguration(InputStream is) throws JAXBException,
SAXException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
@@ -114,7 +117,7 @@
}
@SuppressWarnings("unchecked")
- public static SPType getSPConfiguration(InputStream is) throws Exception
+ public static SPType getSPConfiguration(InputStream is) throws JAXBException,
SAXException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
@@ -138,9 +141,9 @@
* Given a SP or IDP issuer from the assertion, return the host
* @param domainURL
* @return
- * @throws Exception
+ * @throws IOException
*/
- public static String getDomain(String domainURL) throws Exception
+ public static String getDomain(String domainURL) throws IOException
{
URL url = new URL(domainURL);
return url.getHost();
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/EncryptionKeyUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/EncryptionKeyUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/EncryptionKeyUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -21,6 +21,8 @@
*/
package org.jboss.identity.federation.bindings.util.cert;
+import java.security.GeneralSecurityException;
+
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
@@ -35,10 +37,10 @@
* Generate a secret key useful for encryption/decryption
* @param encAlgo
* @param keySize Length of the key (if 0, defaults to 128 bits)
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
*/
- public static SecretKey getSecretKey(String encAlgo, int keySize) throws Exception
+ public static SecretKey getSecretKey(String encAlgo, int keySize) throws
GeneralSecurityException
{
KeyGenerator keyGenerator = KeyGenerator.getInstance(encAlgo);
if(keySize == 0)
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/cert/KeyStoreUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -32,6 +32,8 @@
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
@@ -114,9 +116,9 @@
* Generate a Key Pair
* @param algo (RSA, DSA etc)
* @return
- * @throws Exception
+ * @throws GeneralSecurityException
*/
- public static KeyPair generateKeyPair(String algo) throws Exception
+ public static KeyPair generateKeyPair(String algo) throws GeneralSecurityException
{
KeyPairGenerator kpg = KeyPairGenerator.getInstance(algo);
return kpg.genKeyPair();
@@ -127,10 +129,10 @@
* @param ks
* @param alias
* @param password
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
*/
- public static PublicKey getPublicKey(KeyStore ks, String alias, char[] password)
throws Exception
+ public static PublicKey getPublicKey(KeyStore ks, String alias, char[] password)
throws KeyStoreException, NoSuchAlgorithmException, GeneralSecurityException
{
PublicKey publicKey = null;
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/metadata/MetaDataBuilder.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -23,6 +23,7 @@
import java.util.List;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -174,20 +175,20 @@
/**
* Get the marshaller
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
*/
- public static Marshaller getMarshaller() throws Exception
+ public static Marshaller getMarshaller() throws JAXBException
{
return JBossSAMLBaseFactory.getMarshaller(pkgName);
}
/**
* Get the Unmarshaller
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
*/
- public static Unmarshaller getUnmarshaller() throws Exception
+ public static Unmarshaller getUnmarshaller() throws JAXBException
{
return JBossSAMLBaseFactory.getUnmarshaller(pkgName);
}
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/request/SAML2Request.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -31,7 +31,7 @@
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.datatype.DatatypeConfigurationException;
-
+
import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import
org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnRequestFactory;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
@@ -58,8 +58,7 @@
* @param destination
* @param issuerValue
* @return
- * @throws DatatypeConfigurationException
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
public AuthnRequestType createAuthnRequestType(String id,
String assertionConsumerURL,
@@ -76,7 +75,6 @@
* @return AuthnRequestType
* @throws SAXException
* @throws JAXBException
- * @throws Exception
* @throws IllegalArgumentException if the input fileName is null
* IllegalStateException if the InputStream from the fileName is null
*/
@@ -95,7 +93,6 @@
* @return
* @throws SAXException
* @throws JAXBException
- * @throws Exception
* @throws IllegalArgumentException inputstream is null
*/
@SuppressWarnings("unchecked")
@@ -117,7 +114,6 @@
* @return
* @throws SAXException
* @throws JAXBException
- * @throws Exception
* @throws IllegalArgumentException inputstream is null
*/
@SuppressWarnings("unchecked")
@@ -138,7 +134,6 @@
* @param issuer
* @return
* @throws DatatypeConfigurationException
- * @throws Exception
*/
public LogoutRequestType createLogoutRequest(String issuer) throws
DatatypeConfigurationException
{
@@ -160,7 +155,6 @@
* @param resourceName
* @return
* @throws JAXBException
- * @throws Exception
*/
public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(String resourceName) throws
JAXBException
{
@@ -173,8 +167,7 @@
* XACMLAuthorizationDecisionQuery from an input stream
* @param is The InputStream where the xacml query exists
* @return
- * @throws JAXBException
- * @throws Exception
+ * @throws JAXBException
*/
@SuppressWarnings("unchecked")
public XACMLAuthzDecisionQueryType parseXACMLDecisionQuery(InputStream is) throws
JAXBException
@@ -205,7 +198,6 @@
* @param os
* @throws JAXBException
* @throws SAXException
- * @throws Exception
*/
public void marshall(RequestAbstractType requestType, OutputStream os) throws
SAXException, JAXBException
{
@@ -223,7 +215,6 @@
* @param writer
* @throws JAXBException
* @throws SAXException
- * @throws Exception
*/
public void marshall(RequestAbstractType requestType, Writer writer) throws
SAXException, JAXBException
{
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -32,8 +32,11 @@
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
+import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.parsers.ParserConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import
org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
@@ -83,25 +86,50 @@
* @param idp holder with the information on the Identity Provider
* @param issuerInfo holder with information on the issuer
* @return
- * @throws Exception
+ * @throws ConfigurationException
*/
- public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp,
IssuerInfoHolder issuerInfo) throws Exception
+ public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp,
IssuerInfoHolder issuerInfo)
+ throws ConfigurationException
{
- return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp, issuerInfo);
+ try
+ {
+ return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp,
issuerInfo);
+ }
+ catch (DatatypeConfigurationException e)
+ {
+ throw new ConfigurationException(e);
+ }
}
- public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
AssertionType assertion) throws Exception
+ /**
+ * Create a ResponseType
+ * @param ID
+ * @param issuerInfo
+ * @param assertion
+ * @return
+ * @throws ConfigurationException
+ */
+ public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
AssertionType assertion)
+ throws ConfigurationException
{
- return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo,
assertion);
+ try
+ {
+ return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo,
assertion);
+ }
+ catch (DatatypeConfigurationException e)
+ {
+ throw new ConfigurationException(e);
+ }
}
/**
* Add validity conditions to the SAML2 Assertion
* @param assertion
* @param durationInMilis
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
- public void createTimedConditions(AssertionType assertion, long durationInMilis)
throws Exception
+ public void createTimedConditions(AssertionType assertion, long durationInMilis)
+ throws DatatypeConfigurationException
{
XMLGregorianCalendar issueInstant = assertion.getIssueInstant();
if(issueInstant == null)
@@ -117,11 +145,12 @@
/**
* Get an encrypted assertion from the stream
* @param is
- * @return
- * @throws Exception
+ * @return
+ * @throws SAXException
+ * @throws JAXBException
*/
@SuppressWarnings("unchecked")
- public EncryptedElementType getEncryptedAssertion(InputStream is) throws Exception
+ public EncryptedElementType getEncryptedAssertion(InputStream is) throws
JAXBException, SAXException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
@@ -131,8 +160,15 @@
return jaxb.getValue();
}
+ /**
+ * Read an assertion from an input stream
+ * @param is
+ * @return
+ * @throws JAXBException
+ * @throws SAXException
+ */
@SuppressWarnings("unchecked")
- public AssertionType getAssertionType(InputStream is) throws Exception
+ public AssertionType getAssertionType(InputStream is) throws JAXBException,
SAXException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
@@ -146,10 +182,11 @@
* Read a ResponseType from an input stream
* @param is
* @return
- * @throws Exception
+ * @throws SAXException
+ * @throws JAXBException
*/
@SuppressWarnings("unchecked")
- public ResponseType getResponseType(InputStream is) throws Exception
+ public ResponseType getResponseType(InputStream is) throws JAXBException, SAXException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
@@ -159,7 +196,15 @@
return jaxbAuthnRequestType.getValue();
}
- public Document convert(EncryptedElementType encryptedElementType) throws Exception
+ /**
+ * Convert an EncryptedElement into a Document
+ * @param encryptedElementType
+ * @return
+ * @throws JAXBException
+ * @throws ParserConfigurationException
+ */
+ public Document convert(EncryptedElementType encryptedElementType)
+ throws JAXBException, ParserConfigurationException
{
JAXBContext jaxb = JAXBContext.newInstance(EncryptedElementType.class);
Binder<Node> binder = jaxb.createBinder();
@@ -169,7 +214,14 @@
return doc;
}
- public Document convert(ResponseType responseType) throws Exception
+ /**
+ * Convert a SAML2 Response into a Document
+ * @param responseType
+ * @return
+ * @throws JAXBException
+ * @throws ParserConfigurationException
+ */
+ public Document convert(ResponseType responseType) throws JAXBException,
ParserConfigurationException
{
JAXBContext jaxb = JAXBContext.newInstance(ResponseType.class);
Binder<Node> binder = jaxb.createBinder();
@@ -186,10 +238,11 @@
* that may be needed (this is a TODO) to get a prefix such as saml, samlp </b>
*
* @param responseType
- * @param os
- * @throws Exception
+ * @param os
+ * @throws SAXException
+ * @throws JAXBException
*/
- public void marshall(ResponseType responseType, OutputStream os) throws SAXException,
JAXBException
+ public void marshall(ResponseType responseType, OutputStream os) throws JAXBException,
SAXException
{
Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller();
JAXBElement<ResponseType> jaxb =
SAMLProtocolFactory.getObjectFactory().createResponse(responseType);
@@ -200,9 +253,10 @@
* Marshall the ResponseType into a writer
* @param responseType
* @param writer
- * @throws Exception
+ * @throws SAXException
+ * @throws JAXBException
*/
- public void marshall(ResponseType responseType, Writer writer) throws Exception
+ public void marshall(ResponseType responseType, Writer writer) throws JAXBException,
SAXException
{
Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller();
JAXBElement<ResponseType> jaxb =
SAMLProtocolFactory.getObjectFactory().createResponse(responseType);
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/KeyUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -26,9 +26,11 @@
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -61,10 +63,11 @@
/**
* Given a certificate, build a keyinfo type
* @param certificate
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
+ * @throws CertificateException
*/
- public static KeyInfoType getKeyInfo(Certificate certificate) throws Exception
+ public static KeyInfoType getKeyInfo(Certificate certificate) throws JAXBException,
CertificateException
{
StringBuilder builder = new StringBuilder();
@@ -101,20 +104,20 @@
/**
* Get the Unmarshaller for the W3 XMLDSIG
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
*/
- public static Unmarshaller getUnmarshaller() throws Exception
+ public static Unmarshaller getUnmarshaller() throws JAXBException
{
return
JBossSAMLBaseFactory.getUnmarshaller("org.jboss.identity.xmlsec.w3.xmldsig");
}
/**
* Get the marshaller for the W3 XMLDSig
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
*/
- public static Marshaller getMarshaller() throws Exception
+ public static Marshaller getMarshaller() throws JAXBException
{
return
JBossSAMLBaseFactory.getMarshaller("org.jboss.identity.xmlsec.w3.xmldsig");
}
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnRequestFactory.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -60,8 +60,7 @@
* @param assertionConsumerURL URL of the requestor where the response assertion is
requested
* @param issuerValue URL of the issuer
* @return
- * @throws DatatypeConfigurationException
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
public static AuthnRequestType createAuthnRequestType(String id,
String assertionConsumerURL, String destination, String issuerValue) throws
DatatypeConfigurationException
@@ -100,8 +99,7 @@
* @param schemaValidation Whether schema validation is needed
* @return
* @throws JAXBException
- * @throws SAXException
- * @throws Exception
+ * @throws SAXException
*/
public static Marshaller getValidatingMarshaller(boolean schemaValidation) throws
SAXException, JAXBException
{
@@ -116,8 +114,7 @@
* @param schemaValidation whether schema validation is needed
* @return
* @throws SAXException
- * @throws JAXBException
- * @throws Exception
+ * @throws JAXBException
*/
public static Unmarshaller getValidatingUnmarshaller(boolean schemaValidation) throws
JAXBException, SAXException
{
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -74,9 +74,10 @@
* @param idp holder with the information on the Identity Provider
* @param issuerInfo holder with information on the issuer
* @return
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
- public static ResponseType createResponseType(String ID, SPInfoHolder sp,
IDPInfoHolder idp, IssuerInfoHolder issuerInfo) throws Exception
+ public static ResponseType createResponseType(String ID, SPInfoHolder sp,
IDPInfoHolder idp, IssuerInfoHolder issuerInfo)
+ throws DatatypeConfigurationException
{
String responseDestinationURI = sp.getResponseDestinationURI();
@@ -124,6 +125,14 @@
return responseType;
}
+ /**
+ * Create a Response Type
+ * @param ID
+ * @param issuerInfo
+ * @param assertionType
+ * @return
+ * @throws DatatypeConfigurationException
+ */
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo,
AssertionType assertionType)
throws DatatypeConfigurationException
{
@@ -157,10 +166,11 @@
/**
* Get the JAXB2 marshaller
- * @return
- * @throws Exception
+ * @return
+ * @throws JAXBException
+ * @throws SAXException
*/
- public static Marshaller getValidatingMarshaller() throws JAXBException, SAXException
+ public static Marshaller getValidatingMarshaller() throws SAXException, JAXBException
{
return JBossSAMLBaseFactory.getValidatingMarshaller(pkgName, schemaLocation);
}
@@ -169,8 +179,7 @@
* Get the JAXB2 Unmarshaller
* @return
* @throws SAXException
- * @throws JAXBException
- * @throws Exception
+ * @throws JAXBException
*/
public static Unmarshaller getValidatingUnmarshaller() throws JAXBException,
SAXException
{
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLBaseFactory.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -54,11 +54,19 @@
public static final String W3C_XML_SCHEMA_NS_URI =
"http://www.w3.org/2001/XMLSchema";
+ /**
+ * Create a plain assertion type
+ * @return
+ */
public static AssertionType createAssertion()
{
return assertionObjectFactory.createAssertionType();
}
+ /**
+ * Create an empty attribute statement
+ * @return
+ */
public static AttributeStatementType createAttributeStatement()
{
return assertionObjectFactory.createAttributeStatementType();
@@ -97,22 +105,40 @@
return attribStatement;
}
+ /**
+ * Create an empty name id
+ * @return
+ */
public static NameIDType createNameID()
{
return assertionObjectFactory.createNameIDType();
}
+ /**
+ * Create the JAXBElement type of nameid
+ * @param nameIDType
+ * @return
+ */
public static JAXBElement<NameIDType> createNameID(NameIDType nameIDType)
{
return assertionObjectFactory.createNameID(nameIDType);
}
+ /**
+ * Create an empty subject
+ * @return
+ */
public static SubjectType createSubject()
{
SubjectType subjectType = assertionObjectFactory.createSubjectType();
return subjectType;
}
+ /**
+ * Create a Subject confirmation type given the method
+ * @param method
+ * @return
+ */
public static SubjectConfirmationType createSubjectConfirmation(String method)
{
SubjectConfirmationType sct =
assertionObjectFactory.createSubjectConfirmationType();
@@ -120,11 +146,24 @@
return sct;
}
+ /**
+ * Create a JAXBElement for subject confirmtation type
+ * @param sct
+ * @return
+ */
+
public static JAXBElement<SubjectConfirmationType>
createSubjectConfirmation(SubjectConfirmationType sct)
{
return assertionObjectFactory.createSubjectConfirmation(sct);
}
+ /**
+ * Create a Subject Confirmation
+ * @param inResponseTo
+ * @param destinationURI
+ * @param issueInstant
+ * @return
+ */
public static SubjectConfirmationDataType createSubjectConfirmationData(String
inResponseTo,
String destinationURI, XMLGregorianCalendar issueInstant)
{
@@ -146,6 +185,10 @@
return java.util.UUID.randomUUID().toString();
}
+ /**
+ * Get the Object Factory
+ * @return
+ */
public static ObjectFactory getObjectFactory()
{
return assertionObjectFactory;
@@ -166,11 +209,10 @@
/**
* Get the JAXB Marshaller
* @param pkgName The package name for the jaxb context
- * @return Marshaller
- * @throws Exception
+ * @return Marshaller
+ * @throws JAXBException
*/
- public static Marshaller getMarshaller(String pkgName)
- throws JAXBException
+ public static Marshaller getMarshaller(String pkgName) throws JAXBException
{
if(pkgName == null)
throw new IllegalArgumentException("pkgName is null");
@@ -185,12 +227,12 @@
* Get the JAXB Marshaller
* @param pkgName The package name for the jaxb context
* @param schemaLocation location of the schema to validate against
- * @return Marshaller
+ * @return Marshaller
+ * @throws JAXBException
* @throws SAXException
- * @throws Exception
*/
public static Marshaller getValidatingMarshaller(String pkgName, String
schemaLocation)
- throws SAXException, JAXBException
+ throws JAXBException, SAXException
{
Marshaller marshaller = getMarshaller(pkgName);
marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
@@ -210,8 +252,7 @@
* Get the JAXB Unmarshaller
* @param pkgName The package name for the jaxb context
* @return unmarshaller
- * @throws JAXBException
- * @throws Exception
+ * @throws JAXBException
*/
public static Unmarshaller getUnmarshaller(String pkgName) throws JAXBException
{
@@ -227,8 +268,7 @@
* @param schemaLocation location of the schema to validate against
* @return unmarshaller
* @throws JAXBException
- * @throws SAXException
- * @throws Exception
+ * @throws SAXException
*/
public static Unmarshaller getValidatingUnmarshaller(String pkgName, String
schemaLocation)
throws JAXBException, SAXException
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/FileBasedMetadataConfigurationStore.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -24,11 +24,13 @@
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
+import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.Map;
import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -68,24 +70,35 @@
}
}
- /**
+ /**
* @see IMetadataConfigurationStore#load(String)
*/
@SuppressWarnings("unchecked")
- public EntityDescriptorType load(String id) throws Exception
+ public EntityDescriptorType load(String id) throws IOException
{
File persistedFile = validateIdAndReturnMDFile(id);
- Unmarshaller un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
- JAXBElement<EntityDescriptorType> je =
- (JAXBElement<EntityDescriptorType>) un.unmarshal(persistedFile);
- return je.getValue();
+ Unmarshaller un;
+ try
+ {
+ un = JBossSAMLBaseFactory.getUnmarshaller(pkgName);
+ JAXBElement<EntityDescriptorType> je =
+ (JAXBElement<EntityDescriptorType>) un.unmarshal(persistedFile);
+ return je.getValue();
+ }
+ catch (JAXBException e)
+ {
+ IOException ioe =new IOException(e.getLocalizedMessage());
+ ioe.initCause(e);
+ throw ioe;
+ }
+
}
- /**
+ /**
* @see IMetadataConfigurationStore#persist(EntityDescriptorType, String)
*/
- public void persist(EntityDescriptorType entity, String id) throws Exception
+ public void persist(EntityDescriptorType entity, String id) throws IOException
{
File persistedFile = validateIdAndReturnMDFile(id);
@@ -93,15 +106,25 @@
JAXBElement<?> jentity = of.createEntityDescriptor(entity);
- Marshaller m = JBossSAMLBaseFactory.getMarshaller(pkgName);
- m.marshal(jentity, persistedFile);
+ Marshaller m;
+ try
+ {
+ m = JBossSAMLBaseFactory.getMarshaller(pkgName);
+ m.marshal(jentity, persistedFile);
+ }
+ catch (JAXBException e)
+ {
+ IOException ioe =new IOException(e.getLocalizedMessage());
+ ioe.initCause(e);
+ throw ioe;
+ }
log.trace("Persisted into " + persistedFile.getPath());
}
/**
* @see IMetadataConfigurationStore#delete(String)
*/
- public void delete(String id) throws Exception
+ public void delete(String id)
{
File persistedFile = validateIdAndReturnMDFile(id);
@@ -110,10 +133,12 @@
}
/**
+ * @throws IOException
+ * @throws ClassNotFoundException
* @see IMetadataConfigurationStore#loadTrustedProviders(String)
*/
@SuppressWarnings("unchecked")
- public Map<String, String> loadTrustedProviders(String id) throws Exception
+ public Map<String, String> loadTrustedProviders(String id) throws IOException,
ClassNotFoundException
{
File trustedFile = validateIdAndReturnTrustedProvidersFile(id);
ObjectInputStream ois = new ObjectInputStream(new FileInputStream(trustedFile));
@@ -122,9 +147,11 @@
}
/**
+ * @throws IOException
* @see IMetadataConfigurationStore#persistTrustedProviders(Map)
*/
- public void persistTrustedProviders(String id, Map<String, String> trusted)
throws Exception
+ public void persistTrustedProviders(String id, Map<String, String> trusted)
+ throws IOException
{
File trustedFile = validateIdAndReturnTrustedProvidersFile(id);
ObjectOutputStream oos = new ObjectOutputStream(new
FileOutputStream(trustedFile));
@@ -136,7 +163,7 @@
/**
* @see IMetadataConfigurationStore#deleteTrustedProviders(String)
*/
- public void deleteTrustedProviders(String id) throws Exception
+ public void deleteTrustedProviders(String id)
{
File persistedFile = validateIdAndReturnTrustedProvidersFile(id);
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/IMetadataConfigurationStore.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -21,6 +21,7 @@
*/
package org.jboss.identity.federation.core.saml.v2.metadata.store;
+import java.io.IOException;
import java.util.Map;
import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
@@ -35,46 +36,45 @@
/**
* Get the Trusted Providers
* @param id
- * @return a map of name of provider, metadata urls
- * @throws Exception
+ * @return a map of name of provider, metadata urls
+ * @throws {@link IOException}
+ * @throws {@link ClassNotFoundException}
*/
- Map<String, String> loadTrustedProviders(String id) throws Exception;
+ Map<String, String> loadTrustedProviders(String id) throws IOException,
ClassNotFoundException ;
/**
* Persist the map of trusted providers
* @param id
* @param trusted
- * @throws Exception
+ * @throws {@link IOException}
*/
- void persistTrustedProviders(String id, Map<String,String> trusted) throws
Exception;
+ void persistTrustedProviders(String id, Map<String,String> trusted) throws
IOException;
/**
* Persist into an external sink (file system, ldap, db etc)
* @param entity
* @param id An unique identifier useful for retrieval
- * @throws Exception
+ * @throws {@link IOException}
*/
- void persist(EntityDescriptorType entity, String id) throws Exception;
+ void persist(EntityDescriptorType entity, String id) throws IOException;
/**
* Load the descriptor from the external data sink
* @param id unique identifier used during persistence
* @return
- * @throws Exception
+ * @throws {@link IOException}
*/
- EntityDescriptorType load(String id) throws Exception;
+ EntityDescriptorType load(String id) throws IOException;
/**
* Delete the descriptor from the external data sink
- * @param id
- * @throws Exception
+ * @param id
*/
- void delete(String id) throws Exception;
+ void delete(String id);
/**
* Delete the trusted providers from the external data sink
- * @param id
- * @throws Exception
+ * @param id
*/
- void deleteTrustedProviders(String id) throws Exception;
+ void deleteTrustedProviders(String id);
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/metadata/store/SecurityActions.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -23,8 +23,6 @@
import java.security.AccessController;
import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
/**
* Privileged Blocks
@@ -56,11 +54,11 @@
});
}
- static ClassLoader getContextClassLoader() throws PrivilegedActionException
+ static ClassLoader getContextClassLoader()
{
- return AccessController.doPrivileged(new
PrivilegedExceptionAction<ClassLoader>()
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
{
- public ClassLoader run() throws Exception
+ public ClassLoader run()
{
return Thread.currentThread().getContextClassLoader();
}
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -24,6 +24,7 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
+import java.io.IOException;
import java.io.InputStream;
import java.io.Reader;
import java.io.StringReader;
@@ -31,11 +32,14 @@
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Result;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
@@ -43,6 +47,7 @@
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
/**
* Utility dealing with DOM
@@ -54,9 +59,9 @@
/**
* Create a new document
* @return
- * @throws Exception
+ * @throws ParserConfigurationException
*/
- public static Document createDocument() throws Exception
+ public static Document createDocument() throws ParserConfigurationException
{
DocumentBuilderFactory factory = getDocumentBuilderFactory();
DocumentBuilder builder = factory.newDocumentBuilder();
@@ -66,10 +71,12 @@
/**
* Parse a document from the string
* @param docString
- * @return
- * @throws Exception
+ * @return
+ * @throws IOException
+ * @throws SAXException
+ * @throws ParserConfigurationException
*/
- public static Document getDocument(String docString) throws Exception
+ public static Document getDocument(String docString) throws
ParserConfigurationException, SAXException, IOException
{
return getDocument(new StringReader(docString));
}
@@ -78,9 +85,12 @@
* Parse a document from a reader
* @param reader
* @return
- * @throws Exception
+ * @throws ParserConfigurationException
+ * @throws IOException
+ * @throws SAXException
*/
- public static Document getDocument(Reader reader) throws Exception
+ public static Document getDocument(Reader reader)
+ throws ParserConfigurationException, SAXException, IOException
{
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
@@ -90,10 +100,12 @@
/**
* Get Document from a file
* @param file
- * @return
- * @throws Exception
+ * @return
+ * @throws ParserConfigurationException
+ * @throws IOException
+ * @throws SAXException
*/
- public static Document getDocument(File file) throws Exception
+ public static Document getDocument(File file) throws ParserConfigurationException,
SAXException, IOException
{
DocumentBuilderFactory factory = getDocumentBuilderFactory();
DocumentBuilder builder = factory.newDocumentBuilder();
@@ -104,9 +116,11 @@
* Get Document from an inputstream
* @param is
* @return
- * @throws Exception
+ * @throws ParserConfigurationException
+ * @throws IOException
+ * @throws SAXException
*/
- public static Document getDocument(InputStream is) throws Exception
+ public static Document getDocument(InputStream is) throws
ParserConfigurationException, SAXException, IOException
{
DocumentBuilderFactory factory = getDocumentBuilderFactory();
DocumentBuilder builder = factory.newDocumentBuilder();
@@ -118,9 +132,10 @@
* Marshall a document into a String
* @param signedDoc
* @return
- * @throws Exception
+ * @throws TransformerFactoryConfigurationError
+ * @throws TransformerException
*/
- public static String getDocumentAsString(Document signedDoc) throws Exception
+ public static String getDocumentAsString(Document signedDoc) throws
TransformerFactoryConfigurationError, TransformerException
{
Source source = new DOMSource(signedDoc);
StringWriter sw = new StringWriter();
@@ -137,9 +152,11 @@
* Marshall a DOM Element as string
* @param element
* @return
- * @throws Exception
+ * @throws TransformerFactoryConfigurationError
+ * @throws TransformerException
*/
- public static String getDOMElementAsString(Element element) throws Exception
+ public static String getDOMElementAsString(Element element)
+ throws TransformerFactoryConfigurationError, TransformerException
{
Source source = new DOMSource(element);
StringWriter sw = new StringWriter();
@@ -156,9 +173,11 @@
* Stream a DOM Node as an input stream
* @param node
* @return
- * @throws Exception
+ * @throws TransformerFactoryConfigurationError
+ * @throws TransformerException s
*/
- public static InputStream getNodeAsStream(Node node) throws Exception
+ public static InputStream getNodeAsStream(Node node)
+ throws TransformerFactoryConfigurationError, TransformerException
{
Source source = new DOMSource(node);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -28,6 +28,8 @@
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
import org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
import
org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
@@ -67,10 +69,13 @@
/**
* Parse the XACML Authorization Decision Query from the Dom Element
* @param samlRequest
- * @return
- * @throws Exception
+ * @return
+ * @throws TransformerException
+ * @throws TransformerFactoryConfigurationError
+ * @throws JAXBException
*/
- public static XACMLAuthzDecisionQueryType getXACMLQueryType(Element samlRequest)
throws Exception
+ public static XACMLAuthzDecisionQueryType getXACMLQueryType(Element samlRequest)
+ throws TransformerFactoryConfigurationError, TransformerException, JAXBException
{
//We reparse it because the document may have issues with namespaces
String elementString = DocumentUtil.getDOMElementAsString(samlRequest);
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/SignatureUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -62,11 +62,10 @@
* Sign a string using the private key
* @param stringToBeSigned
* @param signingKey
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
*/
- public static byte[] sign(String stringToBeSigned, PrivateKey signingKey)
- throws Exception
+ public static byte[] sign(String stringToBeSigned, PrivateKey signingKey) throws
GeneralSecurityException
{
if(stringToBeSigned == null)
throw new IllegalArgumentException("stringToBeSigned is null");
@@ -85,11 +84,11 @@
* @param signedContent
* @param signatureValue
* @param validatingKey
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
*/
public static boolean validate(byte[] signedContent,
- byte[] signatureValue, PublicKey validatingKey) throws Exception
+ byte[] signatureValue, PublicKey validatingKey) throws GeneralSecurityException
{
if(signedContent == null)
throw new IllegalArgumentException("signedContent is null");
@@ -114,13 +113,13 @@
* @param signatureValue
* @param signatureAlgorithm
* @param validatingCert
- * @return
- * @throws Exception
+ * @return
+ * @throws GeneralSecurityException
*/
public static boolean validate(byte[] signedContent,
byte[] signatureValue,
String signatureAlgorithm,
- X509Certificate validatingCert) throws Exception
+ X509Certificate validatingCert) throws GeneralSecurityException
{
if(signedContent == null)
throw new IllegalArgumentException("signedContent is null");
@@ -138,7 +137,7 @@
return sig.verify(signatureValue);
}
- private static Signature getSignature(String algo) throws Exception
+ private static Signature getSignature(String algo) throws GeneralSecurityException
{
Signature sig = null;
String xmlSignatureAlgo = getXMLSignatureAlgorithmURI(algo);
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -42,9 +42,10 @@
* @param value calendar whose value needs to be updated
* @param milis
* @return calendar value with the addition
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
- public static XMLGregorianCalendar add(XMLGregorianCalendar value, long milis) throws
Exception
+ public static XMLGregorianCalendar add(XMLGregorianCalendar value, long milis)
+ throws DatatypeConfigurationException
{
XMLGregorianCalendar newVal = (XMLGregorianCalendar) value.clone();
@@ -59,8 +60,7 @@
* to "GMT"
* @param timezone
* @return
- * @throws DatatypeConfigurationException
- * @throws Exception
+ * @throws DatatypeConfigurationException
*/
public static XMLGregorianCalendar getIssueInstant(String timezone) throws
DatatypeConfigurationException
{
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/xmlenc/factories/XMLEncryptionFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/xmlenc/factories/XMLEncryptionFactory.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/xmlenc/factories/XMLEncryptionFactory.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -22,6 +22,7 @@
package org.jboss.identity.federation.core.xmlenc.factories;
import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.jboss.identity.xmlsec.w3.xmlenc.ObjectFactory;
@@ -41,7 +42,7 @@
return factory;
}
- public static Marshaller getMarshaller() throws Exception
+ public static Marshaller getMarshaller() throws JAXBException
{
JAXBContext jc =
JAXBContext.newInstance("org.jboss.identity.xmlsec.w3.xmlenc");
Marshaller marshaller = jc.createMarshaller();
Modified:
identity-federation/trunk/jboss-identity-xmlsec-model/src/main/java/org/jboss/identity/xmlsec/util/XMLEncryptionUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-xmlsec-model/src/main/java/org/jboss/identity/xmlsec/util/XMLEncryptionUtil.java 2009-05-23
02:52:43 UTC (rev 515)
+++
identity-federation/trunk/jboss-identity-xmlsec-model/src/main/java/org/jboss/identity/xmlsec/util/XMLEncryptionUtil.java 2009-05-23
04:49:33 UTC (rev 516)
@@ -30,7 +30,8 @@
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
-import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.exceptions.XMLSecurityException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -76,12 +77,12 @@
* @param keyToBeEncrypted Symmetric Key (SecretKey)
* @param keyUsedToEncryptSecretKey Asymmetric Key (Public Key)
* @param keySize Length of the key
- * @return
- * @throws Exception
+ * @return
+ * @throws XMLSecurityException
*/
public static EncryptedKey encryptKey(Document document,
SecretKey keyToBeEncrypted, PublicKey keyUsedToEncryptSecretKey,
- int keySize) throws Exception
+ int keySize) throws XMLSecurityException
{
XMLCipher keyCipher = null;
String pubKeyAlg = keyUsedToEncryptSecretKey.getAlgorithm();
@@ -200,8 +201,8 @@
* the cipher data.
* @param addEncryptedKeyInKeyInfo Should the encrypted key be inside a KeyInfo
* or added as a peer of Cipher Data
- * @return An element that has the wrappingElementQName
- * @throws Exception
+ * @return An element that has the wrappingElementQName
+ * @throws Exception
*/
public static Element encryptElementInDocument(Document document,
PublicKey publicKey,
@@ -272,8 +273,8 @@
* Decrypt an encrypted element inside a document
* @param documentWithEncryptedElement
* @param privateKey key need to unwrap the encryption key
- * @return the document with the encrypted element replaced by the data element
- * @throws Exception
+ * @return the document with the encrypted element replaced by the data element
+ * @throws Exception
*/
public static Element decryptElementInDocument(Document documentWithEncryptedElement,
PrivateKey privateKey) throws Exception