Author: anil.saldhana(a)jboss.com Date: 2009-06-04 13:31:30 -0400 (Thu, 04 Jun 2009) New Revision: 588 Added: identity-federation/tags/1.0.0.alpha3/ identity-federation/tags/1.0.0.alpha3/assembly/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/exceptions/IssueInstantMissingException.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/util/ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/META-INF/context.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/logout.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/META-INF/context.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/logout.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml identity-federation/tags/1.0.0.alpha3/parent/pom.xml identity-federation/tags/1.0.0.alpha3/pom.xml Removed: identity-federation/tags/1.0.0.alpha3/assembly/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml identity-federation/tags/1.0.0.alpha3/parent/pom.xml identity-federation/tags/1.0.0.alpha3/pom.xml Log: [maven-release-plugin] copy for tag 1.0.0.alpha3 Copied: identity-federation/tags/1.0.0.alpha3 (from rev 568, identity-federation/trunk) Deleted: identity-federation/tags/1.0.0.alpha3/assembly/pom.xml =================================================================== --- identity-federation/trunk/assembly/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/assembly/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,63 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation- Assembly</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-assembly-plugin</artifactId> - <version>2.1</version> - <executions> - <execution> - <phase>package</phase> - <goals> - <goal>attached</goal> - </goals> - </execution> - </executions> - <configuration> - <archive> - <manifestEntries> - <Specification-Title>JBoss Identity</Specification-Title> - <Specification-Version>${project.version}</Specification-Version> - <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor> - <Implementation-Title>JBoss Identity</Implementation-Title> - <Implementation-Version>${project.version}</Implementation-Version> - <Implementation-VendorId>org.jboss.security</Implementation-VendorId> - <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor> - <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Imp... - </manifestEntries> - </archive> - <descriptors> - <descriptor>bin.xml</descriptor> - <descriptor>sources.xml</descriptor> - </descriptors> - </configuration> - <inherited>false</inherited> - </plugin> - </plugins> - </build> - -</project> Copied: identity-federation/tags/1.0.0.alpha3/assembly/pom.xml (from rev 587, identity-federation/trunk/assembly/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/assembly/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/assembly/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,63 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation- Assembly</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>2.1</version> + <executions> + <execution> + <phase>package</phase> + <goals> + <goal>attached</goal> + </goals> + </execution> + </executions> + <configuration> + <archive> + <manifestEntries> + <Specification-Title>JBoss Identity</Specification-Title> + <Specification-Version>${project.version}</Specification-Version> + <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor> + <Implementation-Title>JBoss Identity</Implementation-Title> + <Implementation-Version>${project.version}</Implementation-Version> + <Implementation-VendorId>org.jboss.security</Implementation-VendorId> + <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor> + <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Imp... + </manifestEntries> + </archive> + <descriptors> + <descriptor>bin.xml</descriptor> + <descriptor>sources.xml</descriptor> + </descriptors> + </configuration> + <inherited>false</inherited> + </plugin> + </plugins> + </build> + +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,146 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-bindings</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Server Bindings</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>catalina</artifactId> - <version>6.0.18</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>coyote</artifactId> - <version>6.0.18</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>tomcat-util</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>naming-resources</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-tomcat</groupId> - <artifactId>tomcat-http</artifactId> - <version>5.5.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - <version>1.0.3</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-modeler</groupId> - <artifactId>commons-modeler</artifactId> - <version>1.1patch</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-bindings/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,146 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-bindings</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Server Bindings</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.4</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>catalina</artifactId> + <version>6.0.18</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>coyote</artifactId> + <version>6.0.18</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>tomcat-util</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>naming-resources</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-tomcat</groupId> + <artifactId>tomcat-http</artifactId> + <version>5.5.12</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + <version>1.0.3</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-modeler</groupId> + <artifactId>commons-modeler</artifactId> + <version>1.1patch</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,517 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.idp; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.security.GeneralSecurityException; -import java.security.Principal; -import java.util.List; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBException; - -import org.apache.catalina.Context; -import org.apache.catalina.Lifecycle; -import org.apache.catalina.LifecycleException; -import org.apache.catalina.LifecycleListener; -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.util.LifecycleSupport; -import org.apache.catalina.valves.ValveBase; -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.bindings.config.IDPType; -import org.jboss.identity.federation.bindings.config.TrustType; -import org.jboss.identity.federation.bindings.interfaces.RoleGenerator; -import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator; -import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; -import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; -import org.jboss.identity.federation.bindings.util.ValveUtil; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.exceptions.ProcessingException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.xml.sax.SAXException; - -/** - * Valve at the IDP that supports the HTTP/Redirect Binding - * @author Anil.Saldhana(a)redhat.com - * @since Dec 9, 2008 - */ -public class IDPRedirectValve extends ValveBase implements Lifecycle -{ - private static Logger log = Logger.getLogger(IDPRedirectValve.class); - - protected IDPType idpConfiguration = null; - - private RoleGenerator rg = new TomcatRoleGenerator(); - - private long assertionValidity = 5000; // 5 seconds in miliseconds - - private String identityURL = null; - - public IDPRedirectValve() - { - super(); - } - - @Override - public void invoke(Request request, Response response) throws IOException, ServletException - { - boolean containsSAMLRequestMessage = this.hasSAMLRequestMessage(request); - - //Lets check if the user has been authenticated - Principal userPrincipal = request.getPrincipal(); - if(userPrincipal == null) - { - //Send it for user authentication - try - { - //Next in the invocation chain - getNext().invoke(request, response); - } - finally - { - String referer = request.getHeader("Referer"); - - if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN) - { - ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_AUTHNFAILED.get()); - try - { - send(errorResponseType, request.getParameter("RelayState"), response); - } - catch (ParsingException e) - { - log.error(e); - } - catch (ProcessingException e) - { - log.error(e); - } - return; - } - - //User is authenticated as we are on the return path - userPrincipal = request.getPrincipal(); - if(userPrincipal != null) - { - //Send valid saml response after processing the request - if(containsSAMLRequestMessage) - { - RequestAbstractType requestAbstractType = null; - try - { - requestAbstractType = getSAMLRequest(request); - this.validate(request); - - this.isTrusted(requestAbstractType.getIssuer().getValue()); - - ResponseType responseType = this.getResponse(request, userPrincipal); - send(responseType, request.getParameter("RelayState"), response); - } - catch (Exception e) - { - log.error("Exception:" ,e); - if(requestAbstractType != null) - referer = requestAbstractType.getIssuer().getValue(); - ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_RESPONDER.get()); - try - { - send(errorResponseType, request.getParameter("RelayState"), response); - } - catch (ParsingException e1) - { - log.error(e1); - } - catch (ProcessingException e1) - { - log.error(e1); - } - } - } - else - { - log.error("No SAML Request Message"); - log.trace("Referer="+referer); - throw new ServletException("No SAML Request Message"); - } - } - } - } - } - - /** - * Verify that the issuer is trusted - * @param issuer - * @throws IssuerNotTrustedException - */ - protected void isTrusted(String issuer) throws IssuerNotTrustedException - { - try - { - String issuerDomain = ValveUtil.getDomain(issuer); - TrustType idpTrust = idpConfiguration.getTrust(); - if(idpTrust != null) - { - String domainsTrusted = idpTrust.getDomains(); - if(domainsTrusted.indexOf(issuerDomain) < 0) - throw new IssuerNotTrustedException(issuer); - } - } - catch (Exception e) - { - throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); - } - } - - protected void send(ResponseType responseType, String relayState, Response response) - throws ParsingException, ProcessingException - { - try - { - SAML2Response saml2Response = new SAML2Response(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - saml2Response.marshall(responseType, baos); - - String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); - - String destination = responseType.getDestination(); - log.trace("IDP:Destination=" + destination); - - if(relayState != null && relayState.length() > 0) - relayState = RedirectBindingUtil.urlEncode(relayState); - - String finalDest = destination + this.getDestination(urlEncodedResponse, relayState); - HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } - catch (IOException e) - { - throw new ProcessingException(e); - } - } - - /** - * Generate a Destination URL for the HTTPRedirect binding - * with the saml response and relay state - * @param urlEncodedResponse - * @param urlEncodedRelayState - * @return - */ - protected String getDestination(String urlEncodedResponse, String urlEncodedRelayState) - { - StringBuilder sb = new StringBuilder(); - sb.append("?SAMLResponse=").append(urlEncodedResponse); - if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) - sb.append("&RelayState=").append(urlEncodedRelayState); - return sb.toString(); - } - - /** - * Validate the incoming Request - * @param request - * @return - */ - protected boolean validate(Request request) throws IOException,GeneralSecurityException - { - return this.hasSAMLRequestMessage(request); - } - - private boolean hasSAMLRequestMessage(Request request) - { - return request.getParameter("SAMLRequest") != null; - } - - private RequestAbstractType getSAMLRequest(Request request) throws JAXBException, SAXException - { - String samlMessage = getSAMLMessage(request); - InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage); - SAML2Request saml2Request = new SAML2Request(); - return saml2Request.getRequestType(is); - } - - - /** - * Create a response type - * @param request - * @param userPrincipal - * @return - * @throws ParsingException - * @throws ConfigurationException - * @throws ProcessingException - */ - protected ResponseType getResponse(Request request, Principal userPrincipal) - throws ParsingException, ConfigurationException, ProcessingException - { - ResponseType responseType = null; - - String samlMessage = getSAMLMessage(request); - InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage); - SAML2Request saml2Request = new SAML2Request(); - - AuthnRequestType authnRequestType = null; - try - { - authnRequestType = saml2Request.getAuthnRequestType(is); - } - catch (JAXBException e2) - { - throw new ParsingException(e2); - } - catch (SAXException e2) - { - throw new ParsingException(e2); - } - if(authnRequestType == null) - throw new IllegalStateException("AuthnRequest is null"); - - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - try - { - saml2Request.marshall(authnRequestType, sw); - } - catch (SAXException e) - { - log.trace(e); - } - catch (JAXBException e) - { - log.trace(e); - } - log.trace("IDPRedirectValve::AuthnRequest="+sw.toString()); - } - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL); - issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(userPrincipal.getName()); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL()); - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - //Add information on the roles - List<String> roles = rg.generateRoles(userPrincipal); - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); - - AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); - - //Add timed conditions - saml2Response.createTimedConditions(assertion, this.assertionValidity); - - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } - log.trace("IDPRedirectValve::Response="+sw.toString()); - } - - return responseType; - } - - private ResponseType getErrorResponse(String responseURL, String status) throws ServletException - { - try - { - ResponseType responseType = null; - - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL); - issuerHolder.setStatusCode(status); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(null); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(responseURL); - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - - log.debug("ResponseType = "); - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - saml2Response.marshall(responseType, sw); - log.trace("IDPRedirectValve::Response="+sw.toString()); - } - - return responseType; - } - catch(Exception e) - { - log.error("Exception in getErrorResponse::",e); - throw new ServletException(e.getLocalizedMessage()); - } - } - - private String getSAMLMessage(Request request) - { - return request.getParameter("SAMLRequest"); - } - - //***************Catalina Lifecyle methods - /** - * The lifecycle event support for this component. - */ - protected LifecycleSupport lifecycle = new LifecycleSupport(this); - - /** - * Has this component been started yet? - */ - private boolean started = false; - - - - /** - * Add a lifecycle event listener to this component. - * - * @param listener The listener to add - */ - public void addLifecycleListener(LifecycleListener listener) - { - lifecycle.addLifecycleListener(listener); - } - - - /** - * Get the lifecycle listeners associated with this lifecycle. If this - * Lifecycle has no listeners registered, a zero-length array is returned. - */ - public LifecycleListener[] findLifecycleListeners() - { - return lifecycle.findLifecycleListeners(); - } - - - /** - * Remove a lifecycle event listener from this component. - * - * @param listener The listener to add - */ - public void removeLifecycleListener(LifecycleListener listener) - { - lifecycle.removeLifecycleListener(listener); - } - - - /** - * Prepare for the beginning of active use of the public methods of this - * component. This method should be called after <code>configure()</code>, - * and before any of the public methods of the component are utilized. - * - * @exception LifecycleException if this component detects a fatal error - * that prevents this component from being used - */ - public void start() throws LifecycleException - { - // Validate and update our current component state - if (started) - throw new LifecycleException - ("IDPRedirectValve already Started"); - lifecycle.fireLifecycleEvent(START_EVENT, null); - started = true; - - String configFile = "/WEB-INF/jboss-idfed.xml"; - Context context = (Context) getContainer(); - InputStream is = context.getServletContext().getResourceAsStream(configFile); - if(is == null) - throw new RuntimeException(configFile + " missing"); - try - { - idpConfiguration = ValveUtil.getIDPConfiguration(is); - this.identityURL = idpConfiguration.getIdentityURL(); - log.trace("Identity Provider URL=" + this.identityURL); - this.assertionValidity = idpConfiguration.getAssertionValidity(); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - } - - - /** - * Gracefully terminate the active use of the public methods of this - * component. This method should be the last one called on a given - * instance of this component. - * - * @exception LifecycleException if this component detects a fatal error - * that needs to be reported - */ - public void stop() throws LifecycleException - { - // Validate and update our current component state - if (!started) - throw new LifecycleException - ("IDPRedirectValve NotStarted"); - lifecycle.fireLifecycleEvent(STOP_EVENT, null); - started = false; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java (from rev 569, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,525 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.idp; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.security.GeneralSecurityException; +import java.security.Principal; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBException; + +import org.apache.catalina.Context; +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleException; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; +import org.apache.catalina.util.LifecycleSupport; +import org.apache.catalina.valves.ValveBase; +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.bindings.config.IDPType; +import org.jboss.identity.federation.bindings.config.TrustType; +import org.jboss.identity.federation.bindings.interfaces.RoleGenerator; +import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator; +import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; +import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; +import org.jboss.identity.federation.bindings.util.ValveUtil; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.xml.sax.SAXException; + +/** + * Valve at the IDP that supports the HTTP/Redirect Binding + * @author Anil.Saldhana(a)redhat.com + * @since Dec 9, 2008 + */ +public class IDPRedirectValve extends ValveBase implements Lifecycle +{ + private static Logger log = Logger.getLogger(IDPRedirectValve.class); + + protected IDPType idpConfiguration = null; + + private RoleGenerator rg = new TomcatRoleGenerator(); + + private long assertionValidity = 5000; // 5 seconds in miliseconds + + private String identityURL = null; + + public IDPRedirectValve() + { + super(); + } + + @Override + public void invoke(Request request, Response response) throws IOException, ServletException + { + boolean containsSAMLRequestMessage = this.hasSAMLRequestMessage(request); + + //Lets check if the user has been authenticated + Principal userPrincipal = request.getPrincipal(); + if(userPrincipal == null) + { + //Send it for user authentication + try + { + //Next in the invocation chain + getNext().invoke(request, response); + } + finally + { + String referer = request.getHeader("Referer"); + + if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN) + { + ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_AUTHNFAILED.get()); + try + { + send(errorResponseType, request.getParameter("RelayState"), response); + } + catch (ParsingException e) + { + log.error(e); + } + catch (ProcessingException e) + { + log.error(e); + } + return; + } + + //User is authenticated as we are on the return path + userPrincipal = request.getPrincipal(); + if(userPrincipal != null) + { + //Send valid saml response after processing the request + if(containsSAMLRequestMessage) + { + RequestAbstractType requestAbstractType = null; + try + { + requestAbstractType = getSAMLRequest(request); + this.validate(request); + + this.isTrusted(requestAbstractType.getIssuer().getValue()); + + ResponseType responseType = this.getResponse(request, userPrincipal); + send(responseType, request.getParameter("RelayState"), response); + } + catch (Exception e) + { + log.error("Exception:" ,e); + if(requestAbstractType != null) + referer = requestAbstractType.getIssuer().getValue(); + ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_RESPONDER.get()); + try + { + send(errorResponseType, request.getParameter("RelayState"), response); + } + catch (ParsingException e1) + { + log.error(e1); + } + catch (ProcessingException e1) + { + log.error(e1); + } + } + } + else + { + log.error("No SAML Request Message"); + log.trace("Referer="+referer); + throw new ServletException("No SAML Request Message"); + } + } + } + } + } + + /** + * Verify that the issuer is trusted + * @param issuer + * @throws IssuerNotTrustedException + */ + protected void isTrusted(String issuer) throws IssuerNotTrustedException + { + try + { + String issuerDomain = ValveUtil.getDomain(issuer); + TrustType idpTrust = idpConfiguration.getTrust(); + if(idpTrust != null) + { + String domainsTrusted = idpTrust.getDomains(); + if(domainsTrusted.indexOf(issuerDomain) < 0) + throw new IssuerNotTrustedException(issuer); + } + } + catch (Exception e) + { + throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); + } + } + + protected void send(ResponseType responseType, String relayState, Response response) + throws ParsingException, ProcessingException + { + try + { + SAML2Response saml2Response = new SAML2Response(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + saml2Response.marshall(responseType, baos); + + String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); + + String destination = responseType.getDestination(); + log.trace("IDP:Destination=" + destination); + + if(relayState != null && relayState.length() > 0) + relayState = RedirectBindingUtil.urlEncode(relayState); + + String finalDest = destination + this.getDestination(urlEncodedResponse, relayState); + HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + catch (IOException e) + { + throw new ProcessingException(e); + } + } + + /** + * Generate a Destination URL for the HTTPRedirect binding + * with the saml response and relay state + * @param urlEncodedResponse + * @param urlEncodedRelayState + * @return + */ + protected String getDestination(String urlEncodedResponse, String urlEncodedRelayState) + { + StringBuilder sb = new StringBuilder(); + sb.append("?SAMLResponse=").append(urlEncodedResponse); + if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) + sb.append("&RelayState=").append(urlEncodedRelayState); + return sb.toString(); + } + + /** + * Validate the incoming Request + * @param request + * @return + */ + protected boolean validate(Request request) throws IOException,GeneralSecurityException + { + return this.hasSAMLRequestMessage(request); + } + + private boolean hasSAMLRequestMessage(Request request) + { + return request.getParameter("SAMLRequest") != null; + } + + private RequestAbstractType getSAMLRequest(Request request) throws JAXBException, SAXException + { + String samlMessage = getSAMLMessage(request); + InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + SAML2Request saml2Request = new SAML2Request(); + return saml2Request.getRequestType(is); + } + + + /** + * Create a response type + * @param request + * @param userPrincipal + * @return + * @throws ParsingException + * @throws ConfigurationException + * @throws ProcessingException + */ + protected ResponseType getResponse(Request request, Principal userPrincipal) + throws ParsingException, ConfigurationException, ProcessingException + { + ResponseType responseType = null; + + String samlMessage = getSAMLMessage(request); + InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + SAML2Request saml2Request = new SAML2Request(); + + AuthnRequestType authnRequestType = null; + try + { + authnRequestType = saml2Request.getAuthnRequestType(is); + } + catch (JAXBException e2) + { + throw new ParsingException(e2); + } + catch (SAXException e2) + { + throw new ParsingException(e2); + } + if(authnRequestType == null) + throw new IllegalStateException("AuthnRequest is null"); + + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Request.marshall(authnRequestType, sw); + } + catch (SAXException e) + { + log.trace(e); + } + catch (JAXBException e) + { + log.trace(e); + } + log.trace("IDPRedirectValve::AuthnRequest="+sw.toString()); + } + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL); + issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(userPrincipal.getName()); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL()); + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + //Add information on the roles + List<String> roles = rg.generateRoles(userPrincipal); + AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + + AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + + //Add timed conditions + try + { + saml2Response.createTimedConditions(assertion, this.assertionValidity); + } + catch (IssueInstantMissingException e1) + { + log.error(e1); + } + + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("IDPRedirectValve::Response="+sw.toString()); + } + + return responseType; + } + + private ResponseType getErrorResponse(String responseURL, String status) throws ServletException + { + try + { + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL); + issuerHolder.setStatusCode(status); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(null); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(responseURL); + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + + log.debug("ResponseType = "); + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + saml2Response.marshall(responseType, sw); + log.trace("IDPRedirectValve::Response="+sw.toString()); + } + + return responseType; + } + catch(Exception e) + { + log.error("Exception in getErrorResponse::",e); + throw new ServletException(e.getLocalizedMessage()); + } + } + + private String getSAMLMessage(Request request) + { + return request.getParameter("SAMLRequest"); + } + + //***************Catalina Lifecyle methods + /** + * The lifecycle event support for this component. + */ + protected LifecycleSupport lifecycle = new LifecycleSupport(this); + + /** + * Has this component been started yet? + */ + private boolean started = false; + + + + /** + * Add a lifecycle event listener to this component. + * + * @param listener The listener to add + */ + public void addLifecycleListener(LifecycleListener listener) + { + lifecycle.addLifecycleListener(listener); + } + + + /** + * Get the lifecycle listeners associated with this lifecycle. If this + * Lifecycle has no listeners registered, a zero-length array is returned. + */ + public LifecycleListener[] findLifecycleListeners() + { + return lifecycle.findLifecycleListeners(); + } + + + /** + * Remove a lifecycle event listener from this component. + * + * @param listener The listener to add + */ + public void removeLifecycleListener(LifecycleListener listener) + { + lifecycle.removeLifecycleListener(listener); + } + + + /** + * Prepare for the beginning of active use of the public methods of this + * component. This method should be called after <code>configure()</code>, + * and before any of the public methods of the component are utilized. + * + * @exception LifecycleException if this component detects a fatal error + * that prevents this component from being used + */ + public void start() throws LifecycleException + { + // Validate and update our current component state + if (started) + throw new LifecycleException + ("IDPRedirectValve already Started"); + lifecycle.fireLifecycleEvent(START_EVENT, null); + started = true; + + String configFile = "/WEB-INF/jboss-idfed.xml"; + Context context = (Context) getContainer(); + InputStream is = context.getServletContext().getResourceAsStream(configFile); + if(is == null) + throw new RuntimeException(configFile + " missing"); + try + { + idpConfiguration = ValveUtil.getIDPConfiguration(is); + this.identityURL = idpConfiguration.getIdentityURL(); + log.trace("Identity Provider URL=" + this.identityURL); + this.assertionValidity = idpConfiguration.getAssertionValidity(); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + } + + + /** + * Gracefully terminate the active use of the public methods of this + * component. This method should be the last one called on a given + * instance of this component. + * + * @exception LifecycleException if this component detects a fatal error + * that needs to be reported + */ + public void stop() throws LifecycleException + { + // Validate and update our current component state + if (!started) + throw new LifecycleException + ("IDPRedirectValve NotStarted"); + lifecycle.fireLifecycleEvent(STOP_EVENT, null); + started = false; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,59 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.idp; - -import java.io.IOException; - -import javax.servlet.ServletException; - -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.valves.ValveBase; -import org.apache.log4j.Logger; - -/** - * Debug Valve on the IDP end that will - * inform whether the SP is sending the SAMLRequest or not - * properly - * @author Anil.Saldhana(a)redhat.com - * @since May 22, 2009 - */ -public class IDPSAMLDebugValve extends ValveBase -{ - private static Logger log = Logger.getLogger(IDPSAMLDebugValve.class); - - @Override - public void invoke(Request request, Response response) - throws IOException, ServletException - { - StringBuilder builder = new StringBuilder(); - String param = request.getParameter("SAMLRequest"); - builder.append("Method = " + request.getMethod()).append("\n"); - builder.append("SAMLRequest=" + param).append("\n"); - builder.append("Parameter exists?="+ param != null).append("\n"); - String debugInfo = builder.toString(); - log.debug("SP Sent POST::"+ debugInfo); - - getNext().invoke(request, response); - } - -} Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java (from rev 573, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPSAMLDebugValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,59 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.idp; + +import java.io.IOException; + +import javax.servlet.ServletException; + +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; +import org.apache.catalina.valves.ValveBase; +import org.apache.log4j.Logger; + +/** + * Debug Valve on the IDP end that will + * inform whether the SP is sending the SAMLRequest or not + * properly + * @author Anil.Saldhana(a)redhat.com + * @since May 22, 2009 + */ +public class IDPSAMLDebugValve extends ValveBase +{ + private static Logger log = Logger.getLogger(IDPSAMLDebugValve.class); + + @Override + public void invoke(Request request, Response response) + throws IOException, ServletException + { + StringBuilder builder = new StringBuilder(); + String param = request.getParameter("SAMLRequest"); + builder.append("Method = " + request.getMethod()).append("\n"); + builder.append("SAMLRequest=" + param).append("\n"); + builder.append("Parameter exists?="+ param != null).append("\n"); + String debugInfo = builder.toString(); + log.debug("SP Sent::"+ debugInfo); + + getNext().invoke(request, response); + } + +} Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,332 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.idp; - -import java.io.IOException; -import java.io.InputStream; -import java.security.Principal; -import java.util.List; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletResponse; - -import org.apache.catalina.Context; -import org.apache.catalina.Lifecycle; -import org.apache.catalina.LifecycleException; -import org.apache.catalina.LifecycleListener; -import org.apache.catalina.Session; -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.util.LifecycleSupport; -import org.apache.catalina.valves.ValveBase; -import org.apache.log4j.Logger; -import org.jboss.identity.federation.bindings.config.IDPType; -import org.jboss.identity.federation.bindings.interfaces.RoleGenerator; -import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator; -import org.jboss.identity.federation.bindings.util.ValveUtil; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; - -/** - * Generic Web Browser SSO valve for the IDP - * @author Anil.Saldhana(a)redhat.com - * @since May 18, 2009 - */ -public class IDPWebBrowserSSOValve extends ValveBase implements Lifecycle -{ - private static Logger log = Logger.getLogger(IDPWebBrowserSSOValve.class); - - protected IDPType idpConfiguration = null; - - private RoleGenerator rg = new TomcatRoleGenerator(); - - private long assertionValidity = 5000; // 5 seconds in miliseconds - - private String identityURL = null; - - @Override - public void invoke(Request request, Response response) throws IOException, ServletException - { - String referer = request.getHeader("Referer"); - String relayState = request.getParameter("RelayState"); - String samlMessage = request.getParameter("SAMLRequest"); - boolean containsSAMLRequestMessage = samlMessage != null; - - Session session = request.getSessionInternal(); - - if(containsSAMLRequestMessage) - { - session.setNote("SAMLRequest", samlMessage); - if(relayState != null) - session.setNote("RelayState", relayState); - } - - //Lets check if the user has been authenticated - Principal userPrincipal = request.getPrincipal(); - if(userPrincipal == null) - { - try - { - //Next in the invocation chain - getNext().invoke(request, response); - } - finally - { - userPrincipal = request.getPrincipal(); - referer = request.getHeader("Referer"); - log.debug("Referer in finally block="+ referer); - } - } - - - IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration); - - //Look for unauthorized status - if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN) - { - try - { - ResponseType errorResponseType = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL); - - webRequestUtil.send(errorResponseType, relayState, response); - } - catch (ParsingException e) - { - throw new ServletException(e); - } - return; - } - - if(userPrincipal != null) - { - /** - * Since the container has finished the authentication, - * we can retrieve the original saml message as well as - * any relay state from the SP - */ - samlMessage = (String) session.getNote("SAMLRequest"); - relayState = (String) session.getNote("RelayState"); - session.removeNote("SAMLRequest"); - session.removeNote("RelayState"); - - //Send valid saml response after processing the request - if(samlMessage != null) - { - //Get the SAML Request Message - RequestAbstractType requestAbstractType = null; - ResponseType responseType = null; - - try - { - requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); - this.validate(request); - webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue()); - - List<String> roles = rg.generateRoles(userPrincipal); - - AuthnRequestType art = (AuthnRequestType) requestAbstractType; - responseType = - webRequestUtil.getResponse(art.getAssertionConsumerServiceURL(), - userPrincipal, roles, - this.identityURL, this.assertionValidity); - } - catch (IssuerNotTrustedException e) - { - responseType = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(), - this.identityURL); - } - catch (ParsingException e) - { - responseType = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL); - } - catch (ConfigurationException e) - { - responseType = - webRequestUtil.getErrorResponse(referer, - JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), - this.identityURL); - } - finally - { - try - { - webRequestUtil.send(responseType, relayState, response); - } - catch (ParsingException e) - { - log.trace(e); - } - } - return; - } - else - { - log.error("No SAML Request Message"); - log.trace("Referer="+referer); - - try - { - sendErrorResponseToSP(referer, response, relayState, webRequestUtil); - } - catch (ConfigurationException e) - { - log.trace(e); - } - } - } - } - - protected void sendErrorResponseToSP(String referrer, Response response, String relayState, - IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException - { - ResponseType errorResponseType = - webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(), - this.identityURL); - try - { - webRequestUtil.send(errorResponseType, relayState, response); - } - catch (ParsingException e1) - { - throw new ServletException(e1); - } - } - - - - //***************Lifecycle - /** - * The lifecycle event support for this component. - */ - protected LifecycleSupport lifecycle = new LifecycleSupport(this); - - /** - * Has this component been started yet? - */ - private boolean started = false; - - /** - * Add a lifecycle event listener to this component. - * - * @param listener The listener to add - */ - public void addLifecycleListener(LifecycleListener listener) - { - lifecycle.addLifecycleListener(listener); - } - - - /** - * Get the lifecycle listeners associated with this lifecycle. If this - * Lifecycle has no listeners registered, a zero-length array is returned. - */ - public LifecycleListener[] findLifecycleListeners() - { - return lifecycle.findLifecycleListeners(); - } - - - /** - * Remove a lifecycle event listener from this component. - * - * @param listener The listener to add - */ - public void removeLifecycleListener(LifecycleListener listener) - { - lifecycle.removeLifecycleListener(listener); - } - - - /** - * Prepare for the beginning of active use of the public methods of this - * component. This method should be called after <code>configure()</code>, - * and before any of the public methods of the component are utilized. - * - * @exception LifecycleException if this component detects a fatal error - * that prevents this component from being used - */ - public void start() throws LifecycleException - { - // Validate and update our current component state - if (started) - throw new LifecycleException - ("IDPRedirectValve already Started"); - lifecycle.fireLifecycleEvent(START_EVENT, null); - started = true; - - String configFile = "/WEB-INF/jboss-idfed.xml"; - Context context = (Context) getContainer(); - InputStream is = context.getServletContext().getResourceAsStream(configFile); - if(is == null) - throw new RuntimeException(configFile + " missing"); - try - { - idpConfiguration = ValveUtil.getIDPConfiguration(is); - this.identityURL = idpConfiguration.getIdentityURL(); - log.trace("Identity Provider URL=" + this.identityURL); - this.assertionValidity = idpConfiguration.getAssertionValidity(); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - } - - - /** - * Gracefully terminate the active use of the public methods of this - * component. This method should be the last one called on a given - * instance of this component. - * - * @exception LifecycleException if this component detects a fatal error - * that needs to be reported - */ - public void stop() throws LifecycleException - { - // Validate and update our current component state - if (!started) - throw new LifecycleException - ("IDPRedirectValve NotStarted"); - lifecycle.fireLifecycleEvent(STOP_EVENT, null); - started = false; - } - - protected boolean validate(Request request) - { - return request.getParameter("SAMLRequest") != null; - } - - //Private Methods -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java (from rev 573, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,347 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.idp; + +import java.io.IOException; +import java.io.InputStream; +import java.security.Principal; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletResponse; + +import org.apache.catalina.Context; +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleException; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.Session; +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; +import org.apache.catalina.util.LifecycleSupport; +import org.apache.catalina.valves.ValveBase; +import org.apache.log4j.Logger; +import org.jboss.identity.federation.bindings.config.IDPType; +import org.jboss.identity.federation.bindings.interfaces.RoleGenerator; +import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator; +import org.jboss.identity.federation.bindings.util.ValveUtil; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; + +/** + * Generic Web Browser SSO valve for the IDP + * @author Anil.Saldhana(a)redhat.com + * @since May 18, 2009 + */ +public class IDPWebBrowserSSOValve extends ValveBase implements Lifecycle +{ + private static Logger log = Logger.getLogger(IDPWebBrowserSSOValve.class); + + protected IDPType idpConfiguration = null; + + private RoleGenerator rg = new TomcatRoleGenerator(); + + private long assertionValidity = 5000; // 5 seconds in miliseconds + + private String identityURL = null; + + @Override + public void invoke(Request request, Response response) throws IOException, ServletException + { + String referer = request.getHeader("Referer"); + String relayState = request.getParameter("RelayState"); + String samlMessage = request.getParameter("SAMLRequest"); + boolean containsSAMLRequestMessage = samlMessage != null; + + Session session = request.getSessionInternal(); + + if(containsSAMLRequestMessage) + { + log.trace("Storing the SAMLRequest and RelayState in session"); + session.setNote("SAMLRequest", samlMessage); + if(relayState != null) + session.setNote("RelayState", relayState); + } + + //Lets check if the user has been authenticated + Principal userPrincipal = request.getPrincipal(); + if(userPrincipal == null) + { + try + { + //Next in the invocation chain + getNext().invoke(request, response); + } + finally + { + userPrincipal = request.getPrincipal(); + referer = request.getHeader("Referer"); + log.debug("Referer in finally block="+ referer); + } + } + + + IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration); + + //Look for unauthorized status + if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN) + { + try + { + ResponseType errorResponseType = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL); + + webRequestUtil.send(errorResponseType, relayState, response); + } + catch (ParsingException e) + { + throw new ServletException(e); + } + return; + } + + if(userPrincipal != null) + { + /** + * Since the container has finished the authentication, + * we can retrieve the original saml message as well as + * any relay state from the SP + */ + samlMessage = (String) session.getNote("SAMLRequest"); + relayState = (String) session.getNote("RelayState"); + log.trace("Retrieved saml message and relay state from session"); + log.trace("saml message=" + samlMessage + "::relay state="+ relayState); + session.removeNote("SAMLRequest"); + session.removeNote("RelayState"); + + //Send valid saml response after processing the request + if(samlMessage != null) + { + //Get the SAML Request Message + RequestAbstractType requestAbstractType = null; + ResponseType responseType = null; + + try + { + requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage); + this.validate(request); + webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue()); + + List<String> roles = rg.generateRoles(userPrincipal); + + AuthnRequestType art = (AuthnRequestType) requestAbstractType; + responseType = + webRequestUtil.getResponse(art.getAssertionConsumerServiceURL(), + userPrincipal, roles, + this.identityURL, this.assertionValidity); + } + catch (IssuerNotTrustedException e) + { + log.trace(e); + responseType = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(), + this.identityURL); + } + catch (ParsingException e) + { + log.trace(e); + responseType = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL); + } + catch (ConfigurationException e) + { + log.trace(e); + responseType = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL); + } + catch (IssueInstantMissingException e) + { + log.trace(e); + responseType = + webRequestUtil.getErrorResponse(referer, + JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), + this.identityURL); + } + finally + { + try + { + webRequestUtil.send(responseType, relayState, response); + } + catch (ParsingException e) + { + log.trace(e); + } + } + return; + } + else + { + log.error("No SAML Request Message"); + log.trace("Referer="+referer); + + try + { + sendErrorResponseToSP(referer, response, relayState, webRequestUtil); + } + catch (ConfigurationException e) + { + log.trace(e); + } + } + } + } + + protected void sendErrorResponseToSP(String referrer, Response response, String relayState, + IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException + { + ResponseType errorResponseType = + webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(), + this.identityURL); + try + { + webRequestUtil.send(errorResponseType, relayState, response); + } + catch (ParsingException e1) + { + throw new ServletException(e1); + } + } + + + + //***************Lifecycle + /** + * The lifecycle event support for this component. + */ + protected LifecycleSupport lifecycle = new LifecycleSupport(this); + + /** + * Has this component been started yet? + */ + private boolean started = false; + + /** + * Add a lifecycle event listener to this component. + * + * @param listener The listener to add + */ + public void addLifecycleListener(LifecycleListener listener) + { + lifecycle.addLifecycleListener(listener); + } + + + /** + * Get the lifecycle listeners associated with this lifecycle. If this + * Lifecycle has no listeners registered, a zero-length array is returned. + */ + public LifecycleListener[] findLifecycleListeners() + { + return lifecycle.findLifecycleListeners(); + } + + + /** + * Remove a lifecycle event listener from this component. + * + * @param listener The listener to add + */ + public void removeLifecycleListener(LifecycleListener listener) + { + lifecycle.removeLifecycleListener(listener); + } + + + /** + * Prepare for the beginning of active use of the public methods of this + * component. This method should be called after <code>configure()</code>, + * and before any of the public methods of the component are utilized. + * + * @exception LifecycleException if this component detects a fatal error + * that prevents this component from being used + */ + public void start() throws LifecycleException + { + // Validate and update our current component state + if (started) + throw new LifecycleException + ("IDPRedirectValve already Started"); + lifecycle.fireLifecycleEvent(START_EVENT, null); + started = true; + + String configFile = "/WEB-INF/jboss-idfed.xml"; + Context context = (Context) getContainer(); + InputStream is = context.getServletContext().getResourceAsStream(configFile); + if(is == null) + throw new RuntimeException(configFile + " missing"); + try + { + idpConfiguration = ValveUtil.getIDPConfiguration(is); + this.identityURL = idpConfiguration.getIdentityURL(); + log.trace("Identity Provider URL=" + this.identityURL); + this.assertionValidity = idpConfiguration.getAssertionValidity(); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + } + + + /** + * Gracefully terminate the active use of the public methods of this + * component. This method should be the last one called on a given + * instance of this component. + * + * @exception LifecycleException if this component detects a fatal error + * that needs to be reported + */ + public void stop() throws LifecycleException + { + // Validate and update our current component state + if (!started) + throw new LifecycleException + ("IDPRedirectValve NotStarted"); + lifecycle.fireLifecycleEvent(STOP_EVENT, null); + started = false; + } + + protected boolean validate(Request request) + { + return request.getParameter("SAMLRequest") != null; + } + + //Private Methods +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,356 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.idp; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.security.Principal; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.xml.bind.JAXBException; - -import org.apache.catalina.connector.Response; -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.bindings.config.IDPType; -import org.jboss.identity.federation.bindings.config.TrustType; -import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; -import org.jboss.identity.federation.bindings.util.PostBindingUtil; -import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; -import org.jboss.identity.federation.bindings.util.ValveUtil; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.xml.sax.SAXException; - -/** - * Request Util - * <b> Not thread safe</b> - * @author Anil.Saldhana(a)redhat.com - * @since May 18, 2009 - */ -public class IDPWebRequestUtil -{ - private static Logger log = Logger.getLogger(IDPWebRequestUtil.class); - - private HttpServletRequest request; - - private boolean redirectProfile = false; - private boolean postProfile = false; - - private IDPType idpConfiguration; - - public IDPWebRequestUtil(HttpServletRequest request, IDPType idp) - { - this.request = request; - this.idpConfiguration = idp; - hasSAMLRequestInRedirectProfile(); - hasSAMLRequestInPostProfile(); - } - - public boolean hasSAMLRequestInRedirectProfile() - { - if("GET".equalsIgnoreCase(request.getMethod())) - { - redirectProfile = request.getParameter("SAMLRequest") != null; - } - return redirectProfile; - } - - public boolean hasSAMLRequestInPostProfile() - { - if("POST".equalsIgnoreCase(request.getMethod())) - { - postProfile = request.getParameter("SAMLRequest") != null; - } - return postProfile; - } - - public RequestAbstractType getSAMLRequest(String samlMessage) - throws ParsingException - { - InputStream is = null; - SAML2Request saml2Request = new SAML2Request(); - if(redirectProfile) - { - is = RedirectBindingUtil.base64DeflateDecode(samlMessage); - } - else - { - byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); - log.trace("SAMLRequest=" + new String(samlBytes)); - is = new ByteArrayInputStream(samlBytes); - } - - try - { - return saml2Request.getRequestType(is); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } - } - - - public ResponseType getResponse( String assertionConsumerURL, - Principal userPrincipal, - List<String> roles, - String identityURL, - long assertionValidity) - throws ConfigurationException - { - ResponseType responseType = null; - - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); - issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(userPrincipal.getName()); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(assertionConsumerURL); - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - - - //Add information on the roles - AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); - - AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); - assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); - - //Add timed conditions - saml2Response.createTimedConditions(assertion, assertionValidity); - - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } - log.trace("Response="+sw.toString()); - } - - return responseType; - } - - - - /** - * Verify that the issuer is trusted - * @param issuer - * @throws IssuerNotTrustedException - */ - public void isTrusted(String issuer) throws IssuerNotTrustedException - { - try - { - String issuerDomain = ValveUtil.getDomain(issuer); - TrustType idpTrust = idpConfiguration.getTrust(); - if(idpTrust != null) - { - String domainsTrusted = idpTrust.getDomains(); - if(domainsTrusted.indexOf(issuerDomain) < 0) - throw new IssuerNotTrustedException(issuer); - } - } - catch (Exception e) - { - throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); - } - } - - /** - * Send a response - * @param responseType - * @param relayState - * @param response - * @throws IOException - * @throws ParsingException - */ - public void send(ResponseType responseType, String relayState, - Response response) throws IOException, ParsingException - { - - SAML2Response saml2Response = new SAML2Response(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - try - { - saml2Response.marshall(responseType, baos); - } - catch (SAXException e1) - { - throw new ParsingException(e1); - } - catch (JAXBException e1) - { - throw new ParsingException(e1); - } - - if(redirectProfile) - { - String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); - - String destination = responseType.getDestination(); - log.trace("IDP:Destination=" + destination); - - if(relayState != null && relayState.length() > 0) - relayState = RedirectBindingUtil.urlEncode(relayState); - - String finalDest = destination + getDestination(urlEncodedResponse, relayState); - HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); - } - else - { - /** - * Since the container finished authentication, it will try to locate - * index.jsp or index.html. We need to recycle whatever is in the - * response object such that we direct it to the html that is being - * created as part of the HTTP/POST binding - */ - response.recycle(); - String samlResponse = PostBindingUtil.base64Encode(baos.toString()); - PostBindingUtil.sendPost(responseType.getDestination(), - samlResponse, relayState, response, false); - } - } - - /** - * Generate a Destination URL for the HTTPRedirect binding - * with the saml response and relay state - * @param urlEncodedResponse - * @param urlEncodedRelayState - * @return - */ - public String getDestination(String urlEncodedResponse, String urlEncodedRelayState) - { - if(redirectProfile) - { - StringBuilder sb = new StringBuilder(); - sb.append("?SAMLResponse=").append(urlEncodedResponse); - if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) - sb.append("&RelayState=").append(urlEncodedRelayState); - return sb.toString(); - - } - return null; - } - - /** - * Create an Error Response - * @param responseURL - * @param status - * @param identityURL - * @return - * @throws ConfigurationException - */ - public ResponseType getErrorResponse(String responseURL, String status, - String identityURL) - { - if(redirectProfile) - { - ResponseType responseType = null; - - SAML2Response saml2Response = new SAML2Response(); - - //Create a response type - String id = IDGenerator.create("ID_"); - - IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); - issuerHolder.setStatusCode(status); - - IDPInfoHolder idp = new IDPInfoHolder(); - idp.setNameIDFormatValue(null); - idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); - - SPInfoHolder sp = new SPInfoHolder(); - sp.setResponseDestinationURI(responseURL); - try - { - responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); - } - catch (ConfigurationException e1) - { - log.trace(e1); - responseType = saml2Response.createResponseType(); - } - - log.debug("ResponseType = "); - //Lets see how the response looks like - if(log.isTraceEnabled()) - { - StringWriter sw = new StringWriter(); - try - { - saml2Response.marshall(responseType, sw); - } - catch (JAXBException e) - { - log.trace(e); - } - catch (SAXException e) - { - log.trace(e); - } - log.trace("Response="+sw.toString()); - } - - return responseType; - } - - return null; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java (from rev 573, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,375 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.idp; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.security.Principal; +import java.util.List; +import java.util.StringTokenizer; + +import javax.servlet.http.HttpServletRequest; +import javax.xml.bind.JAXBException; + +import org.apache.catalina.connector.Response; +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.bindings.config.IDPType; +import org.jboss.identity.federation.bindings.config.TrustType; +import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; +import org.jboss.identity.federation.bindings.util.PostBindingUtil; +import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; +import org.jboss.identity.federation.bindings.util.ValveUtil; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.xml.sax.SAXException; + +/** + * Request Util + * <b> Not thread safe</b> + * @author Anil.Saldhana(a)redhat.com + * @since May 18, 2009 + */ +public class IDPWebRequestUtil +{ + private static Logger log = Logger.getLogger(IDPWebRequestUtil.class); + + private HttpServletRequest request; + + private boolean redirectProfile = false; + private boolean postProfile = false; + + private IDPType idpConfiguration; + + public IDPWebRequestUtil(HttpServletRequest request, IDPType idp) + { + this.request = request; + this.idpConfiguration = idp; + hasSAMLRequestInRedirectProfile(); + hasSAMLRequestInPostProfile(); + } + + public boolean hasSAMLRequestInRedirectProfile() + { + if("GET".equalsIgnoreCase(request.getMethod())) + { + redirectProfile = request.getParameter("SAMLRequest") != null; + } + return redirectProfile; + } + + public boolean hasSAMLRequestInPostProfile() + { + if("POST".equalsIgnoreCase(request.getMethod())) + { + postProfile = request.getParameter("SAMLRequest") != null; + } + return postProfile; + } + + public RequestAbstractType getSAMLRequest(String samlMessage) + throws ParsingException + { + InputStream is = null; + SAML2Request saml2Request = new SAML2Request(); + if(redirectProfile) + { + is = RedirectBindingUtil.base64DeflateDecode(samlMessage); + } + else + { + byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage); + log.trace("SAMLRequest=" + new String(samlBytes)); + is = new ByteArrayInputStream(samlBytes); + } + + try + { + return saml2Request.getRequestType(is); + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + } + + + public ResponseType getResponse( String assertionConsumerURL, + Principal userPrincipal, + List<String> roles, + String identityURL, + long assertionValidity) + throws ConfigurationException, IssueInstantMissingException + { + log.trace("AssertionConsumerURL=" + assertionConsumerURL + + "::assertion validity=" + assertionValidity); + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); + issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get()); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(userPrincipal.getName()); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(assertionConsumerURL); + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + + + //Add information on the roles + AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0); + + AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles); + assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement); + + //Add timed conditions + saml2Response.createTimedConditions(assertion, assertionValidity); + + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("Response="+sw.toString()); + } + + return responseType; + } + + + + /** + * Verify that the issuer is trusted + * @param issuer + * @throws IssuerNotTrustedException + */ + public void isTrusted(String issuer) throws IssuerNotTrustedException + { + try + { + String issuerDomain = ValveUtil.getDomain(issuer); + TrustType idpTrust = idpConfiguration.getTrust(); + if(idpTrust != null) + { + String domainsTrusted = idpTrust.getDomains(); + log.trace("Domains that IDP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); + if(domainsTrusted.indexOf(issuerDomain) < 0) + { + //Let us do string parts checking + StringTokenizer st = new StringTokenizer(domainsTrusted, ","); + while(st != null && st.hasMoreTokens()) + { + String uriBit = st.nextToken(); + log.trace("Matching uri bit="+ uriBit); + if(issuerDomain.indexOf(uriBit) > 0) + { + log.trace("Matched " + uriBit + " trust for " + issuerDomain ); + return; + } + } + throw new IssuerNotTrustedException(issuer); + } + } + } + catch (Exception e) + { + throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); + } + } + + /** + * Send a response + * @param responseType + * @param relayState + * @param response + * @throws IOException + * @throws ParsingException + */ + public void send(ResponseType responseType, String relayState, + Response response) throws IOException, ParsingException + { + + SAML2Response saml2Response = new SAML2Response(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + saml2Response.marshall(responseType, baos); + } + catch (SAXException e1) + { + throw new ParsingException(e1); + } + catch (JAXBException e1) + { + throw new ParsingException(e1); + } + + if(redirectProfile) + { + String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); + + String destination = responseType.getDestination(); + log.trace("IDP:Destination=" + destination); + + if(relayState != null && relayState.length() > 0) + relayState = RedirectBindingUtil.urlEncode(relayState); + + String finalDest = destination + getDestination(urlEncodedResponse, relayState); + HTTPRedirectUtil.sendRedirectForResponder(finalDest, response); + } + else + { + /** + * Since the container finished authentication, it will try to locate + * index.jsp or index.html. We need to recycle whatever is in the + * response object such that we direct it to the html that is being + * created as part of the HTTP/POST binding + */ + response.recycle(); + String samlResponse = PostBindingUtil.base64Encode(baos.toString()); + PostBindingUtil.sendPost(responseType.getDestination(), + samlResponse, relayState, response, false); + } + } + + /** + * Generate a Destination URL for the HTTPRedirect binding + * with the saml response and relay state + * @param urlEncodedResponse + * @param urlEncodedRelayState + * @return + */ + public String getDestination(String urlEncodedResponse, String urlEncodedRelayState) + { + if(redirectProfile) + { + StringBuilder sb = new StringBuilder(); + sb.append("?SAMLResponse=").append(urlEncodedResponse); + if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) + sb.append("&RelayState=").append(urlEncodedRelayState); + return sb.toString(); + + } + return null; + } + + /** + * Create an Error Response + * @param responseURL + * @param status + * @param identityURL + * @return + * @throws ConfigurationException + */ + public ResponseType getErrorResponse(String responseURL, String status, + String identityURL) + { + if(redirectProfile) + { + ResponseType responseType = null; + + SAML2Response saml2Response = new SAML2Response(); + + //Create a response type + String id = IDGenerator.create("ID_"); + + IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); + issuerHolder.setStatusCode(status); + + IDPInfoHolder idp = new IDPInfoHolder(); + idp.setNameIDFormatValue(null); + idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()); + + SPInfoHolder sp = new SPInfoHolder(); + sp.setResponseDestinationURI(responseURL); + try + { + responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder); + } + catch (ConfigurationException e1) + { + log.trace(e1); + responseType = saml2Response.createResponseType(); + } + + log.debug("ResponseType = "); + //Lets see how the response looks like + if(log.isTraceEnabled()) + { + StringWriter sw = new StringWriter(); + try + { + saml2Response.marshall(responseType, sw); + } + catch (JAXBException e) + { + log.trace(e); + } + catch (SAXException e) + { + log.trace(e); + } + log.trace("Response="+sw.toString()); + } + + return responseType; + } + + return null; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,280 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.sp; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.Principal; -import java.util.Arrays; -import java.util.List; - -import javax.servlet.ServletException; -import javax.xml.bind.JAXBException; -import javax.xml.datatype.DatatypeConfigurationException; - -import org.apache.catalina.LifecycleException; -import org.apache.catalina.Session; -import org.apache.catalina.authenticator.Constants; -import org.apache.catalina.authenticator.FormAuthenticator; -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; -import org.apache.catalina.realm.GenericPrincipal; -import org.apache.log4j.Logger; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; -import org.jboss.identity.federation.api.util.Base64; -import org.jboss.identity.federation.api.util.DeflateUtil; -import org.jboss.identity.federation.bindings.config.SPType; -import org.jboss.identity.federation.bindings.config.TrustType; -import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext; -import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; -import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; -import org.jboss.identity.federation.bindings.util.ValveUtil; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.exceptions.ParsingException; -import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; -import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.xml.sax.SAXException; - -/** - * Authenticator at the Service Provider - * that handles HTTP/Redirect binding of SAML 2 - * but falls back on Form Authentication - * - * @author Anil.Saldhana(a)redhat.com - * @since Dec 12, 2008 - */ -public class SPRedirectFormAuthenticator extends FormAuthenticator -{ - private static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class); - - protected SPType spConfiguration = null; - - private String serviceURL = null; - private String identityURL = null; - - public SPRedirectFormAuthenticator() - { - super(); - } - - @Override - public void start() throws LifecycleException - { - String configFile = "/WEB-INF/jboss-idfed.xml"; - super.start(); - - InputStream is = context.getServletContext().getResourceAsStream(configFile); - if(is == null) - throw new RuntimeException(configFile + " missing"); - try - { - spConfiguration = ValveUtil.getSPConfiguration(is); - this.identityURL = spConfiguration.getIdentityURL(); - this.serviceURL = spConfiguration.getServiceURL(); - log.trace("Identity Provider URL=" + this.identityURL); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - } - - @Override - public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException - { - Principal principal = request.getUserPrincipal(); - if (principal != null) - { - log.debug("Already authenticated '" + principal.getName() + "'"); - return true; - } - - Session session = request.getSessionInternal(true); - String relayState = request.getParameter("RelayState"); - - //Try to get the username - try - { - principal = (GenericPrincipal) process(request,response); - - if(principal == null) - { - String destination = createSAMLRequestMessage( relayState, response); - HTTPRedirectUtil.sendRedirectForRequestor(destination, response); - - return false; - } - - String username = principal.getName(); - String password = ServiceProviderSAMLContext.EMPTY_PASSWORD; - - //Map to JBoss specific principal - if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS")) - { - GenericPrincipal gp = (GenericPrincipal) principal; - //Push a context - ServiceProviderSAMLContext.push(username, Arrays.asList(gp.getRoles())); - principal = context.getRealm().authenticate(username, password); - ServiceProviderSAMLContext.clear(); - } - - session.setNote(Constants.SESS_USERNAME_NOTE, username); - session.setNote(Constants.SESS_PASSWORD_NOTE, password); - request.setUserPrincipal(principal); - register(request, response, principal, Constants.FORM_METHOD, username, password); - - return true; - } - catch(AssertionExpiredException aie) - { - log.debug("Assertion has expired. Issuing a new saml2 request to the IDP"); - try - { - String destination = createSAMLRequestMessage( relayState, response); - HTTPRedirectUtil.sendRedirectForRequestor(destination, response); - } - catch (Exception e) - { - log.trace("Exception:",e); - } - return false; - } - catch(Exception e) - { - log.debug("Exception :",e); - } - - //fallback - return super.authenticate(request, response, loginConfig); - } - - protected String createSAMLRequestMessage(String relayState, Response response) - throws ServletException, ConfigurationException, SAXException, JAXBException, IOException - { - //create a saml request - if(this.serviceURL == null) - throw new ServletException("serviceURL is not configured"); - - SAML2Request saml2Request = new SAML2Request(); - - SPUtil spUtil = new SPUtil(); - AuthnRequestType authnRequest = spUtil.createSAMLRequest(serviceURL, identityURL); - - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - saml2Request.marshall(authnRequest, baos); - - String base64Request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); - String destination = authnRequest.getDestination() + getDestination(base64Request, relayState); - log.debug("Sending to destination="+destination); - - return destination; - } - - protected String getDestination(String urlEncodedRequest, String urlEncodedRelayState) - { - StringBuilder sb = new StringBuilder(); - sb.append("?SAMLRequest=").append(urlEncodedRequest); - if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) - sb.append("&RelayState=").append(urlEncodedRelayState); - return sb.toString(); - } - - protected void isTrusted(String issuer) throws IssuerNotTrustedException - { - try - { - String issuerDomain = ValveUtil.getDomain(issuer); - TrustType idpTrust = spConfiguration.getTrust(); - if(idpTrust != null) - { - String domainsTrusted = idpTrust.getDomains(); - if(domainsTrusted.indexOf(issuerDomain) < 0) - throw new IssuerNotTrustedException(issuer); - } - } - catch (Exception e) - { - throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); - } - } - - protected boolean validate(Request request) throws IOException, GeneralSecurityException - { - return request.getParameter("SAMLResponse") != null; - } - - /** - * Subclasses should provide the implementation - * @param responseType ResponseType that contains the encrypted assertion - * @return response type with the decrypted assertion - */ - protected ResponseType decryptAssertion(ResponseType responseType) - throws IOException, GeneralSecurityException, ConfigurationException, ParsingException - { - throw new RuntimeException("This authenticator does not handle encryption"); - } - - private Principal process(Request request, Response response) - throws IOException, GeneralSecurityException, - JAXBException, SAXException, ConfigurationException, - ParsingException, DatatypeConfigurationException - { - Principal userPrincipal = null; - - String samlResponse = request.getParameter("SAMLResponse"); - if(samlResponse != null && samlResponse.length() > 0 ) - { - this.validate(request); - - //deal with SAML response from IDP - byte[] base64DecodedResponse = Base64.decode(samlResponse); - InputStream is = DeflateUtil.decode(base64DecodedResponse); - - SAML2Response saml2Response = new SAML2Response(); - - ResponseType responseType = saml2Response.getResponseType(is); - - this.isTrusted(responseType.getIssuer().getValue()); - - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); - if(assertions.size() == 0) - throw new IllegalStateException("No assertions in reply from IDP"); - - Object assertion = assertions.get(0); - if(assertion instanceof EncryptedElementType) - { - responseType = this.decryptAssertion(responseType); - } - - SPUtil spUtil = new SPUtil(); - return spUtil.handleSAMLResponse(request, responseType); - } - return userPrincipal; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java (from rev 573, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,296 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.sp; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.Principal; +import java.util.Arrays; +import java.util.List; +import java.util.StringTokenizer; + +import javax.servlet.ServletException; +import javax.xml.bind.JAXBException; +import javax.xml.datatype.DatatypeConfigurationException; + +import org.apache.catalina.LifecycleException; +import org.apache.catalina.Session; +import org.apache.catalina.authenticator.Constants; +import org.apache.catalina.authenticator.FormAuthenticator; +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; +import org.apache.catalina.deploy.LoginConfig; +import org.apache.catalina.realm.GenericPrincipal; +import org.apache.log4j.Logger; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.api.util.Base64; +import org.jboss.identity.federation.api.util.DeflateUtil; +import org.jboss.identity.federation.bindings.config.SPType; +import org.jboss.identity.federation.bindings.config.TrustType; +import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext; +import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil; +import org.jboss.identity.federation.bindings.util.RedirectBindingUtil; +import org.jboss.identity.federation.bindings.util.ValveUtil; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException; +import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.xml.sax.SAXException; + +/** + * Authenticator at the Service Provider + * that handles HTTP/Redirect binding of SAML 2 + * but falls back on Form Authentication + * + * @author Anil.Saldhana(a)redhat.com + * @since Dec 12, 2008 + */ +public class SPRedirectFormAuthenticator extends FormAuthenticator +{ + private static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class); + + protected SPType spConfiguration = null; + + private String serviceURL = null; + private String identityURL = null; + + public SPRedirectFormAuthenticator() + { + super(); + } + + @Override + public void start() throws LifecycleException + { + String configFile = "/WEB-INF/jboss-idfed.xml"; + super.start(); + + InputStream is = context.getServletContext().getResourceAsStream(configFile); + if(is == null) + throw new RuntimeException(configFile + " missing"); + try + { + spConfiguration = ValveUtil.getSPConfiguration(is); + this.identityURL = spConfiguration.getIdentityURL(); + this.serviceURL = spConfiguration.getServiceURL(); + log.trace("Identity Provider URL=" + this.identityURL); + } + catch (Exception e) + { + throw new RuntimeException(e); + } + } + + @Override + public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException + { + Principal principal = request.getUserPrincipal(); + if (principal != null) + { + log.debug("Already authenticated '" + principal.getName() + "'"); + return true; + } + + Session session = request.getSessionInternal(true); + String relayState = request.getParameter("RelayState"); + + //Try to get the username + try + { + principal = (GenericPrincipal) process(request,response); + + if(principal == null) + { + String destination = createSAMLRequestMessage( relayState, response); + HTTPRedirectUtil.sendRedirectForRequestor(destination, response); + + return false; + } + + String username = principal.getName(); + String password = ServiceProviderSAMLContext.EMPTY_PASSWORD; + + //Map to JBoss specific principal + if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS")) + { + GenericPrincipal gp = (GenericPrincipal) principal; + //Push a context + ServiceProviderSAMLContext.push(username, Arrays.asList(gp.getRoles())); + principal = context.getRealm().authenticate(username, password); + ServiceProviderSAMLContext.clear(); + } + + session.setNote(Constants.SESS_USERNAME_NOTE, username); + session.setNote(Constants.SESS_PASSWORD_NOTE, password); + request.setUserPrincipal(principal); + register(request, response, principal, Constants.FORM_METHOD, username, password); + + return true; + } + catch(AssertionExpiredException aie) + { + log.debug("Assertion has expired. Issuing a new saml2 request to the IDP"); + try + { + String destination = createSAMLRequestMessage( relayState, response); + HTTPRedirectUtil.sendRedirectForRequestor(destination, response); + } + catch (Exception e) + { + log.trace("Exception:",e); + } + return false; + } + catch(Exception e) + { + log.debug("Exception :",e); + } + + //fallback + return super.authenticate(request, response, loginConfig); + } + + protected String createSAMLRequestMessage(String relayState, Response response) + throws ServletException, ConfigurationException, SAXException, JAXBException, IOException + { + //create a saml request + if(this.serviceURL == null) + throw new ServletException("serviceURL is not configured"); + + SAML2Request saml2Request = new SAML2Request(); + + SPUtil spUtil = new SPUtil(); + AuthnRequestType authnRequest = spUtil.createSAMLRequest(serviceURL, identityURL); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + saml2Request.marshall(authnRequest, baos); + + String base64Request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray()); + String destination = authnRequest.getDestination() + getDestination(base64Request, relayState); + log.debug("Sending to destination="+destination); + + return destination; + } + + protected String getDestination(String urlEncodedRequest, String urlEncodedRelayState) + { + StringBuilder sb = new StringBuilder(); + sb.append("?SAMLRequest=").append(urlEncodedRequest); + if(urlEncodedRelayState != null && urlEncodedRelayState.length() > 0) + sb.append("&RelayState=").append(urlEncodedRelayState); + return sb.toString(); + } + + protected void isTrusted(String issuer) throws IssuerNotTrustedException + { + try + { + String issuerDomain = ValveUtil.getDomain(issuer); + TrustType spTrust = spConfiguration.getTrust(); + if(spTrust != null) + { + String domainsTrusted = spTrust.getDomains(); + log.trace("Domains that SP trusts="+domainsTrusted + " and issuer domain="+issuerDomain); + if(domainsTrusted.indexOf(issuerDomain) < 0) + { + //Let us do string parts checking + StringTokenizer st = new StringTokenizer(domainsTrusted, ","); + while(st != null && st.hasMoreTokens()) + { + String uriBit = st.nextToken(); + log.trace("Matching uri bit="+ uriBit); + if(issuerDomain.indexOf(uriBit) > 0) + { + log.trace("Matched " + uriBit + " trust for " + issuerDomain ); + return; + } + } + throw new IssuerNotTrustedException(issuer); + } + } + } + catch (Exception e) + { + throw new IssuerNotTrustedException(e.getLocalizedMessage(),e); + } + } + + protected boolean validate(Request request) throws IOException, GeneralSecurityException + { + return request.getParameter("SAMLResponse") != null; + } + + /** + * Subclasses should provide the implementation + * @param responseType ResponseType that contains the encrypted assertion + * @return response type with the decrypted assertion + */ + protected ResponseType decryptAssertion(ResponseType responseType) + throws IOException, GeneralSecurityException, ConfigurationException, ParsingException + { + throw new RuntimeException("This authenticator does not handle encryption"); + } + + private Principal process(Request request, Response response) + throws IOException, GeneralSecurityException, + JAXBException, SAXException, ConfigurationException, + ParsingException, DatatypeConfigurationException + { + Principal userPrincipal = null; + + String samlResponse = request.getParameter("SAMLResponse"); + if(samlResponse != null && samlResponse.length() > 0 ) + { + this.validate(request); + + //deal with SAML response from IDP + byte[] base64DecodedResponse = Base64.decode(samlResponse); + InputStream is = DeflateUtil.decode(base64DecodedResponse); + + SAML2Response saml2Response = new SAML2Response(); + + ResponseType responseType = saml2Response.getResponseType(is); + + this.isTrusted(responseType.getIssuer().getValue()); + + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + Object assertion = assertions.get(0); + if(assertion instanceof EncryptedElementType) + { + responseType = this.decryptAssertion(responseType); + } + + SPUtil spUtil = new SPUtil(); + return spUtil.handleSAMLResponse(request, responseType); + } + return userPrincipal; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,132 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.bindings.tomcat.sp; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import javax.xml.bind.JAXBElement; - -import org.apache.catalina.Context; -import org.apache.catalina.connector.Request; -import org.apache.catalina.realm.GenericPrincipal; -import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; -import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; -import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeType; -import org.jboss.identity.federation.saml.v2.assertion.NameIDType; -import org.jboss.identity.federation.saml.v2.assertion.SubjectType; -import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.jboss.identity.federation.saml.v2.protocol.StatusType; - -/** - * Common code useful for a SP - * @author Anil.Saldhana(a)redhat.com - * @since Jan 9, 2009 - */ -public class SPUtil -{ - /** - * Create a SAML2 auth request - * @param serviceURL URL of the service - * @param identityURL URL of the identity provider - * @return - * @throws ConfigurationException - */ - public AuthnRequestType createSAMLRequest(String serviceURL, String identityURL) throws ConfigurationException - { - if(serviceURL == null) - throw new IllegalArgumentException("serviceURL is null"); - if(identityURL == null) - throw new IllegalArgumentException("identityURL is null"); - - SAML2Request saml2Request = new SAML2Request(); - String id = IDGenerator.create("ID_"); - return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL); - } - - /** - * Handle the SAMLResponse from the IDP - * @param request entire request from IDP - * @param responseType ResponseType that has been generated - * @param serverEnvironment tomcat,jboss etc - * @return - * @throws AssertionExpiredException - */ - @SuppressWarnings("unchecked") - public Principal handleSAMLResponse(Request request, ResponseType responseType) - throws ConfigurationException, AssertionExpiredException - { - if(request == null) - throw new IllegalArgumentException("request is null"); - if(responseType == null) - throw new IllegalArgumentException("response type is null"); - - StatusType statusType = responseType.getStatus(); - if(statusType == null) - throw new IllegalArgumentException("Status Type from the IDP is null"); - - String statusValue = statusType.getStatusCode().getValue(); - if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) - throw new SecurityException("IDP forbid the user"); - - List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); - if(assertions.size() == 0) - throw new IllegalStateException("No assertions in reply from IDP"); - - AssertionType assertion = (AssertionType)assertions.get(0); - //Check for validity of assertion - boolean isValidAssertion = AssertionUtil.hasExpired(assertion); - if(isValidAssertion == false) - throw new AssertionExpiredException(); - - SubjectType subject = assertion.getSubject(); - JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); - NameIDType nameID = jnameID.getValue(); - String userName = nameID.getValue(); - List<String> roles = new ArrayList<String>(); - - //Let us get the roles - AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); - List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); - for(Object obj:attList) - { - AttributeType attr = (AttributeType) obj; - String roleName = (String) attr.getAttributeValue().get(0); - roles.add(roleName); - } - return this.createGenericPrincipal(request, userName, roles); - } - - private Principal createGenericPrincipal(Request request, String username, List<String> roles) - { - Context ctx = request.getContext(); - return new GenericPrincipal(ctx.getRealm(), username, null, roles); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java (from rev 572, identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,132 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.tomcat.sp; + +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + +import javax.xml.bind.JAXBElement; + +import org.apache.catalina.Context; +import org.apache.catalina.connector.Request; +import org.apache.catalina.realm.GenericPrincipal; +import org.jboss.identity.federation.api.saml.v2.common.IDGenerator; +import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException; +import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.SubjectType; +import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.jboss.identity.federation.saml.v2.protocol.StatusType; + +/** + * Common code useful for a SP + * @author Anil.Saldhana(a)redhat.com + * @since Jan 9, 2009 + */ +public class SPUtil +{ + /** + * Create a SAML2 auth request + * @param serviceURL URL of the service + * @param identityURL URL of the identity provider + * @return + * @throws ConfigurationException + */ + public AuthnRequestType createSAMLRequest(String serviceURL, String identityURL) throws ConfigurationException + { + if(serviceURL == null) + throw new IllegalArgumentException("serviceURL is null"); + if(identityURL == null) + throw new IllegalArgumentException("identityURL is null"); + + SAML2Request saml2Request = new SAML2Request(); + String id = IDGenerator.create("ID_"); + return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL); + } + + /** + * Handle the SAMLResponse from the IDP + * @param request entire request from IDP + * @param responseType ResponseType that has been generated + * @param serverEnvironment tomcat,jboss etc + * @return + * @throws AssertionExpiredException + */ + @SuppressWarnings("unchecked") + public Principal handleSAMLResponse(Request request, ResponseType responseType) + throws ConfigurationException, AssertionExpiredException + { + if(request == null) + throw new IllegalArgumentException("request is null"); + if(responseType == null) + throw new IllegalArgumentException("response type is null"); + + StatusType statusType = responseType.getStatus(); + if(statusType == null) + throw new IllegalArgumentException("Status Type from the IDP is null"); + + String statusValue = statusType.getStatusCode().getValue(); + if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false) + throw new SecurityException("IDP forbid the user"); + + List<Object> assertions = responseType.getAssertionOrEncryptedAssertion(); + if(assertions.size() == 0) + throw new IllegalStateException("No assertions in reply from IDP"); + + AssertionType assertion = (AssertionType)assertions.get(0); + //Check for validity of assertion + boolean expiredAssertion = AssertionUtil.hasExpired(assertion); + if(expiredAssertion) + throw new AssertionExpiredException(); + + SubjectType subject = assertion.getSubject(); + JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>) subject.getContent().get(0); + NameIDType nameID = jnameID.getValue(); + String userName = nameID.getValue(); + List<String> roles = new ArrayList<String>(); + + //Let us get the roles + AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0); + List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute(); + for(Object obj:attList) + { + AttributeType attr = (AttributeType) obj; + String roleName = (String) attr.getAttributeValue().get(0); + roles.add(roleName); + } + return this.createGenericPrincipal(request, userName, roles); + } + + private Principal createGenericPrincipal(Request request, String username, List<String> roles) + { + Context ctx = request.getContext(); + return new GenericPrincipal(ctx.getRealm(), username, null, roles); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,113 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-bindings-jboss</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Server Bindings for JBoss</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-api</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-bindings</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>catalina</artifactId> - <version>6.0.18</version> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbosssx</artifactId> - <version>2.0.2.SP6</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-bindings-jboss/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,113 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-bindings-jboss</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Server Bindings for JBoss</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity OpenSAML contains the foundation for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-bindings</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.4</version> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>catalina</artifactId> + <version>6.0.18</version> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbosssx</artifactId> + <version>2.0.2.SP6</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,127 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-api</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Consolidated API</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation API contains the API to be used by the users of JBoss Identity Federation.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/repos/jbossidentity/... - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... - <url>http://viewvc.jboss.org/cgi-bin/viewvc.cgi/repos/jbossidentity/ide... - </scm> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-core</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxws</groupId> - <artifactId>jaxws-api</artifactId> - <version>2.1.1</version> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-fed-api/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,122 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-api</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Consolidated API</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation API contains the API to be used by the users of JBoss Identity Federation.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-core</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxws</groupId> + <artifactId>jaxws-api</artifactId> + <version>2.1.1</version> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,299 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.api.saml.v2.response; - -import java.io.InputStream; -import java.io.OutputStream; -import java.io.Writer; -import java.util.List; - -import javax.xml.bind.Binder; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.bind.Unmarshaller; -import javax.xml.datatype.XMLGregorianCalendar; -import javax.xml.parsers.ParserConfigurationException; - -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants; -import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; -import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; -import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; -import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; -import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; -import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; -import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; -import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; -import org.jboss.identity.federation.saml.v2.assertion.AttributeType; -import org.jboss.identity.federation.saml.v2.assertion.AuthnContextType; -import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType; -import org.jboss.identity.federation.saml.v2.assertion.ConditionsType; -import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; -import org.jboss.identity.federation.saml.v2.assertion.NameIDType; -import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; -import org.jboss.identity.federation.saml.v2.protocol.ResponseType; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; - -/** - * API for dealing with SAML2 Response objects - * @author Anil.Saldhana(a)redhat.com - * @since Jan 5, 2009 - */ -public class SAML2Response -{ - /** - * Create an assertion - * @param id - * @param issuer - * @return - */ - public AssertionType createAssertion(String id, NameIDType issuer) - { - AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType(); - assertion.setID(id); - assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); - assertion.setIssuer(issuer); - return assertion; - } - - /** - * Create an AuthnStatement - * @param authnContextDeclRef such as JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT - * @param issueInstant - * @return - */ - public AuthnStatementType createAuthnStatement(String authnContextDeclRef, - XMLGregorianCalendar issueInstant) - { - ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); - AuthnStatementType authnStatement = objectFactory.createAuthnStatementType(); - authnStatement.setAuthnInstant(issueInstant); - AuthnContextType act = objectFactory.createAuthnContextType(); - String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get(); - act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef)); - authnStatement.setAuthnContext(act); - return authnStatement; - } - /** - * Given a set of roles, create an attribute statement - * @param roles - * @return - */ - public AttributeStatementType createAttributeStatement(List<String> roles) - { - AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); - for(String role: roles) - { - AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role); - attrStatement.getAttributeOrEncryptedAttribute().add(attr); - } - return attrStatement; - } - - /** - * Create a ResponseType - * @param ID id of the response - * @param sp holder with the information about the Service Provider - * @param idp holder with the information on the Identity Provider - * @param issuerInfo holder with information on the issuer - * @return - * @throws ConfigurationException - */ - public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo) - throws ConfigurationException - { - return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp, issuerInfo); - } - - /** - * Create an empty response type - * @return - */ - public ResponseType createResponseType() - { - return JBossSAMLAuthnResponseFactory.createResponseType(); - } - - /** - * Create a ResponseType - * @param ID - * @param issuerInfo - * @param assertion - * @return - * @throws ConfigurationException - */ - public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertion) - throws ConfigurationException - { - return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo, assertion); - } - - /** - * Add validity conditions to the SAML2 Assertion - * @param assertion - * @param durationInMilis - * @throws ConfigurationException - */ - public void createTimedConditions(AssertionType assertion, long durationInMilis) - throws ConfigurationException - { - XMLGregorianCalendar issueInstant = assertion.getIssueInstant(); - if(issueInstant == null) - throw new IllegalStateException("assertion does not have issue instant"); - XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis); - ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType(); - conditionsType.setNotBefore(issueInstant); - conditionsType.setNotOnOrAfter(assertionValidityLength); - - assertion.setConditions(conditionsType); - } - - /** - * Get an encrypted assertion from the stream - * @param is - * @return - * @throws SAXException - * @throws JAXBException - */ - @SuppressWarnings("unchecked") - public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); - JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is); - return jaxb.getValue(); - } - - /** - * Read an assertion from an input stream - * @param is - * @return - * @throws JAXBException - * @throws SAXException - */ - @SuppressWarnings("unchecked") - public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); - JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is); - return jaxb.getValue(); - } - - /** - * Read a ResponseType from an input stream - * @param is - * @return - * @throws SAXException - * @throws JAXBException - */ - @SuppressWarnings("unchecked") - public ResponseType getResponseType(InputStream is) throws JAXBException, SAXException - { - if(is == null) - throw new IllegalArgumentException("inputstream is null"); - - Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); - JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(is); - return jaxbAuthnRequestType.getValue(); - } - - /** - * Convert an EncryptedElement into a Document - * @param encryptedElementType - * @return - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(EncryptedElementType encryptedElementType) - throws JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBContext.newInstance(EncryptedElementType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); - return doc; - } - - /** - * Convert a SAML2 Response into a Document - * @param responseType - * @return - * @throws JAXBException - * @throws ParserConfigurationException - */ - public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException - { - JAXBContext jaxb = JAXBContext.newInstance(ResponseType.class); - Binder<Node> binder = jaxb.createBinder(); - - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(responseType), doc); - return doc; - } - - /** - * Marshall the response type to the output stream - * <p> <b>Note:</b> JAXB marshaller by default picks up arbitrary namespace - * prefixes (ns2,ns3 etc). The NamespacePrefixMapper is a Sun RI customization - * that may be needed (this is a TODO) to get a prefix such as saml, samlp </b> - * - * @param responseType - * @param os - * @throws SAXException - * @throws JAXBException - */ - public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException - { - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(); - JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - marshaller.marshal(jaxb, os); - } - - /** - * Marshall the ResponseType into a writer - * @param responseType - * @param writer - * @throws SAXException - * @throws JAXBException - */ - public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException - { - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(); - JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - marshaller.marshal(jaxb, writer); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java (from rev 569, identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,287 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.api.saml.v2.response; + +import java.io.InputStream; +import java.io.OutputStream; +import java.io.Writer; +import java.util.List; + +import javax.xml.bind.Binder; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.datatype.XMLGregorianCalendar; +import javax.xml.parsers.ParserConfigurationException; + +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory; +import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder; +import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder; +import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; +import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType; +import org.jboss.identity.federation.saml.v2.assertion.AttributeType; +import org.jboss.identity.federation.saml.v2.assertion.AuthnContextType; +import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType; +import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; +import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory; +import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.xml.sax.SAXException; + +/** + * API for dealing with SAML2 Response objects + * @author Anil.Saldhana(a)redhat.com + * @since Jan 5, 2009 + */ +public class SAML2Response +{ + /** + * Create an assertion + * @param id + * @param issuer + * @return + */ + public AssertionType createAssertion(String id, NameIDType issuer) + { + return AssertionUtil.createAssertion(id, issuer); + } + + /** + * Create an AuthnStatement + * @param authnContextDeclRef such as JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT + * @param issueInstant + * @return + */ + public AuthnStatementType createAuthnStatement(String authnContextDeclRef, + XMLGregorianCalendar issueInstant) + { + ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory(); + AuthnStatementType authnStatement = objectFactory.createAuthnStatementType(); + authnStatement.setAuthnInstant(issueInstant); + AuthnContextType act = objectFactory.createAuthnContextType(); + String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get(); + act.getContent().add(objectFactory.createAuthnContextDeclRef(authContextDeclRef)); + authnStatement.setAuthnContext(act); + return authnStatement; + } + /** + * Given a set of roles, create an attribute statement + * @param roles + * @return + */ + public AttributeStatementType createAttributeStatement(List<String> roles) + { + AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement(); + for(String role: roles) + { + AttributeType attr = JBossSAMLBaseFactory.createAttributeForRole(role); + attrStatement.getAttributeOrEncryptedAttribute().add(attr); + } + return attrStatement; + } + + /** + * Create a ResponseType + * @param ID id of the response + * @param sp holder with the information about the Service Provider + * @param idp holder with the information on the Identity Provider + * @param issuerInfo holder with information on the issuer + * @return + * @throws ConfigurationException + */ + public ResponseType createResponseType(String ID, SPInfoHolder sp, IDPInfoHolder idp, IssuerInfoHolder issuerInfo) + throws ConfigurationException + { + return JBossSAMLAuthnResponseFactory.createResponseType(ID, sp, idp, issuerInfo); + } + + /** + * Create an empty response type + * @return + */ + public ResponseType createResponseType() + { + return JBossSAMLAuthnResponseFactory.createResponseType(); + } + + /** + * Create a ResponseType + * @param ID + * @param issuerInfo + * @param assertion + * @return + * @throws ConfigurationException + */ + public ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertion) + throws ConfigurationException + { + return JBossSAMLAuthnResponseFactory.createResponseType(ID, issuerInfo, assertion); + } + + /** + * Add validity conditions to the SAML2 Assertion + * @param assertion + * @param durationInMilis + * @throws ConfigurationException + * @throws IssueInstantMissingException + */ + public void createTimedConditions(AssertionType assertion, long durationInMilis) + throws ConfigurationException, IssueInstantMissingException + { + AssertionUtil.createTimedConditions(assertion, durationInMilis); + } + + /** + * Get an encrypted assertion from the stream + * @param is + * @return + * @throws SAXException + * @throws JAXBException + */ + @SuppressWarnings("unchecked") + public EncryptedElementType getEncryptedAssertion(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); + JAXBElement<EncryptedElementType> jaxb = (JAXBElement<EncryptedElementType>) un.unmarshal(is); + return jaxb.getValue(); + } + + /** + * Read an assertion from an input stream + * @param is + * @return + * @throws JAXBException + * @throws SAXException + */ + @SuppressWarnings("unchecked") + public AssertionType getAssertionType(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); + JAXBElement<AssertionType> jaxb = (JAXBElement<AssertionType>) un.unmarshal(is); + return jaxb.getValue(); + } + + /** + * Read a ResponseType from an input stream + * @param is + * @return + * @throws SAXException + * @throws JAXBException + */ + @SuppressWarnings("unchecked") + public ResponseType getResponseType(InputStream is) throws JAXBException, SAXException + { + if(is == null) + throw new IllegalArgumentException("inputstream is null"); + + Unmarshaller un = JBossSAMLAuthnResponseFactory.getValidatingUnmarshaller(); + JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(is); + return jaxbAuthnRequestType.getValue(); + } + + /** + * Convert an EncryptedElement into a Document + * @param encryptedElementType + * @return + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(EncryptedElementType encryptedElementType) + throws JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBContext.newInstance(EncryptedElementType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document doc = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(encryptedElementType), doc); + return doc; + } + + /** + * Convert a SAML2 Response into a Document + * @param responseType + * @return + * @throws JAXBException + * @throws ParserConfigurationException + */ + public Document convert(ResponseType responseType) throws JAXBException, ParserConfigurationException + { + JAXBContext jaxb = JAXBContext.newInstance(ResponseType.class); + Binder<Node> binder = jaxb.createBinder(); + + Document doc = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(responseType), doc); + return doc; + } + + /** + * Marshall the response type to the output stream + * <p> <b>Note:</b> JAXB marshaller by default picks up arbitrary namespace + * prefixes (ns2,ns3 etc). The NamespacePrefixMapper is a Sun RI customization + * that may be needed (this is a TODO) to get a prefix such as saml, samlp </b> + * + * @param responseType + * @param os + * @throws SAXException + * @throws JAXBException + */ + public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException + { + Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(); + JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + marshaller.marshal(jaxb, os); + } + + /** + * Marshall the ResponseType into a writer + * @param responseType + * @param writer + * @throws SAXException + * @throws JAXBException + */ + public void marshall(ResponseType responseType, Writer writer) throws JAXBException, SAXException + { + Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(); + JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); + marshaller.marshal(jaxb, writer); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,113 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-core</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Core</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation Core contains the core infrastructure code</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/repos/jbossidentity/... - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... - <url>http://viewvc.jboss.org/cgi-bin/viewvc.cgi/repos/jbossidentity/ide... - </scm> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-fed-core/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,108 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-core</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Core</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation Core contains the core infrastructure code</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/exceptions/IssueInstantMissingException.java (from rev 569, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/exceptions/IssueInstantMissingException.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/exceptions/IssueInstantMissingException.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/exceptions/IssueInstantMissingException.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,54 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.exceptions; + +import java.security.GeneralSecurityException; + +/** + * Exception indicating that the IssueInstant is missing + * @author Anil.Saldhana(a)redhat.com + * @since Jun 3, 2009 + */ +public class IssueInstantMissingException extends GeneralSecurityException +{ + private static final long serialVersionUID = 1L; + + public IssueInstantMissingException() + { + super(); + } + + public IssueInstantMissingException(String message, Throwable cause) + { + super(message, cause); + } + + public IssueInstantMissingException(String msg) + { + super(msg); + } + + public IssueInstantMissingException(Throwable cause) + { + super(cause); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,53 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.saml.v2.util; - -import org.jboss.identity.federation.core.exceptions.ConfigurationException; -import org.jboss.identity.federation.saml.v2.assertion.AssertionType; -import org.jboss.identity.federation.saml.v2.assertion.ConditionsType; - -/** - * Utility to deal with assertions - * @author Anil.Saldhana(a)redhat.com - * @since Jun 3, 2009 - */ -public class AssertionUtil -{ - /** - * Check whether the assertion has expired - * @param assertion - * @return - * @throws ConfigurationException - */ - public static boolean hasExpired(AssertionType assertion) throws ConfigurationException - { - //Check for validity of assertion - ConditionsType conditionsType = assertion.getConditions(); - if(conditionsType != null) - { - return !XMLTimeUtil.isValid(XMLTimeUtil.getIssueInstant(), - conditionsType.getNotBefore(), conditionsType.getNotOnOrAfter()); - } - //TODO: if conditions do not exist, assume the assertion to be everlasting? - return true; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java (from rev 571, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,103 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import javax.xml.datatype.XMLGregorianCalendar; + +import org.apache.log4j.Logger; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants; +import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; +import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory; +import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory; +import org.jboss.identity.federation.saml.v2.assertion.AssertionType; +import org.jboss.identity.federation.saml.v2.assertion.ConditionsType; +import org.jboss.identity.federation.saml.v2.assertion.NameIDType; + +/** + * Utility to deal with assertions + * @author Anil.Saldhana(a)redhat.com + * @since Jun 3, 2009 + */ +public class AssertionUtil +{ + private static Logger log = Logger.getLogger(AssertionUtil.class); + + /** + * Create an assertion + * @param id + * @param issuer + * @return + */ + public static AssertionType createAssertion(String id, NameIDType issuer) + { + AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType(); + assertion.setID(id); + assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get()); + assertion.setIssuer(issuer); + return assertion; + } + + /** + * Add validity conditions to the SAML2 Assertion + * @param assertion + * @param durationInMilis + * @throws ConfigurationException + * @throws IssueInstantMissingException + */ + public static void createTimedConditions(AssertionType assertion, long durationInMilis) + throws ConfigurationException, IssueInstantMissingException + { + XMLGregorianCalendar issueInstant = assertion.getIssueInstant(); + if(issueInstant == null) + throw new IssueInstantMissingException("assertion does not have issue instant"); + XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis); + ConditionsType conditionsType = JBossSAMLBaseFactory.getObjectFactory().createConditionsType(); + conditionsType.setNotBefore(issueInstant); + conditionsType.setNotOnOrAfter(assertionValidityLength); + + assertion.setConditions(conditionsType); + } + + /** + * Check whether the assertion has expired + * @param assertion + * @return + * @throws ConfigurationException + */ + public static boolean hasExpired(AssertionType assertion) throws ConfigurationException + { + //Check for validity of assertion + ConditionsType conditionsType = assertion.getConditions(); + if(conditionsType != null) + { + XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); + XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); + XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); + log.trace("Now="+now.toXMLFormat() + " ::notBefore="+notBefore.toXMLFormat() + + "::notOnOrAfter="+notOnOrAfter); + return !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); + } + //TODO: if conditions do not exist, assume the assertion to be everlasting? + return false; + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,133 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.identity.federation.core.saml.v2.util; - -import java.util.GregorianCalendar; -import java.util.TimeZone; - -import javax.xml.datatype.DatatypeConfigurationException; -import javax.xml.datatype.DatatypeConstants; -import javax.xml.datatype.DatatypeFactory; -import javax.xml.datatype.Duration; -import javax.xml.datatype.XMLGregorianCalendar; - -import org.jboss.identity.federation.core.exceptions.ConfigurationException; - -/** - * Util class dealing with xml based time - * @author Anil.Saldhana(a)redhat.com - * @since Jan 6, 2009 - */ -public class XMLTimeUtil -{ - /** - * Add additional time in miliseconds - * @param value calendar whose value needs to be updated - * @param milis - * @return calendar value with the addition - * @throws ConfigurationException - */ - public static XMLGregorianCalendar add(XMLGregorianCalendar value, long milis) throws ConfigurationException - { - XMLGregorianCalendar newVal = (XMLGregorianCalendar) value.clone(); - - Duration duration; - try - { - duration = DatatypeFactory.newInstance().newDuration(milis); - } - catch (DatatypeConfigurationException e) - { - throw new ConfigurationException(e); - } - newVal.add(duration); - return newVal; - } - - /** - * Returns a XMLGregorianCalendar in the timezone specified. - * If the timezone is not valid, then the timezone falls back - * to "GMT" - * @param timezone - * @return - * @throws ConfigurationException - */ - public static XMLGregorianCalendar getIssueInstant(String timezone) throws ConfigurationException - { - TimeZone tz = TimeZone.getTimeZone(timezone); - DatatypeFactory dtf; - try - { - dtf = DatatypeFactory.newInstance(); - } - catch (DatatypeConfigurationException e) - { - throw new ConfigurationException(e); - } - - GregorianCalendar gc = new GregorianCalendar(tz); - XMLGregorianCalendar xgc = dtf.newXMLGregorianCalendar(gc); - - return xgc; - } - - /** - * Get the current instant of time - * @return - * @throws ConfigurationException - */ - public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException - { - return getIssueInstant(TimeZone.getDefault().getID()); - } - - /** - * Convert the minutes into miliseconds - * @param valueInMins - * @return - */ - public static long inMilis(int valueInMins) - { - return valueInMins * 60 * 1000; - } - - /** - * Validate that the current time falls between the two boundaries - * @param now - * @param notbefore - * @param notOnOrAfter - * @return - */ - public static boolean isValid(XMLGregorianCalendar now, - XMLGregorianCalendar notbefore, XMLGregorianCalendar notOnOrAfter) - { - int val = notbefore.compare(now); - - if(val == DatatypeConstants.INDETERMINATE || val == DatatypeConstants.GREATER) - return false; - - val = notOnOrAfter.compare(now); - if(val != DatatypeConstants.GREATER) - return false; - return true; - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java (from rev 571, identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/XMLTimeUtil.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,152 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.core.saml.v2.util; + +import java.util.GregorianCalendar; +import java.util.TimeZone; + +import javax.xml.datatype.DatatypeConfigurationException; +import javax.xml.datatype.DatatypeConstants; +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.Duration; +import javax.xml.datatype.XMLGregorianCalendar; + +import org.jboss.identity.federation.core.exceptions.ConfigurationException; + +/** + * Util class dealing with xml based time + * @author Anil.Saldhana(a)redhat.com + * @since Jan 6, 2009 + */ +public class XMLTimeUtil +{ + /** + * Add additional time in miliseconds + * @param value calendar whose value needs to be updated + * @param milis + * @return calendar value with the addition + * @throws ConfigurationException + */ + public static XMLGregorianCalendar add(XMLGregorianCalendar value, long milis) throws ConfigurationException + { + XMLGregorianCalendar newVal = (XMLGregorianCalendar) value.clone(); + + Duration duration; + try + { + duration = DatatypeFactory.newInstance().newDuration(milis); + } + catch (DatatypeConfigurationException e) + { + throw new ConfigurationException(e); + } + newVal.add(duration); + return newVal; + } + + /** + * Subtract some miliseconds from the time value + * @param value + * @param milis miliseconds entered in a positive value + * @return + * @throws ConfigurationException + */ + public static XMLGregorianCalendar subtract(XMLGregorianCalendar value, long milis) throws ConfigurationException + { + if(milis < 0) + throw new IllegalArgumentException("milis should be a positive value"); + return add(value, -1 * milis); + } + + /** + * Returns a XMLGregorianCalendar in the timezone specified. + * If the timezone is not valid, then the timezone falls back + * to "GMT" + * @param timezone + * @return + * @throws ConfigurationException + */ + public static XMLGregorianCalendar getIssueInstant(String timezone) throws ConfigurationException + { + TimeZone tz = TimeZone.getTimeZone(timezone); + DatatypeFactory dtf; + try + { + dtf = DatatypeFactory.newInstance(); + } + catch (DatatypeConfigurationException e) + { + throw new ConfigurationException(e); + } + + GregorianCalendar gc = new GregorianCalendar(tz); + XMLGregorianCalendar xgc = dtf.newXMLGregorianCalendar(gc); + + return xgc; + } + + /** + * Get the current instant of time + * @return + * @throws ConfigurationException + */ + public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException + { + return getIssueInstant(TimeZone.getDefault().getID()); + } + + /** + * Convert the minutes into miliseconds + * @param valueInMins + * @return + */ + public static long inMilis(int valueInMins) + { + return valueInMins * 60 * 1000; + } + + /** + * Validate that the current time falls between the two boundaries + * @param now + * @param notbefore + * @param notOnOrAfter + * @return + */ + public static boolean isValid(XMLGregorianCalendar now, + XMLGregorianCalendar notbefore, XMLGregorianCalendar notOnOrAfter) + { + if(notbefore == null) + throw new IllegalArgumentException("notbefore argument is null"); + if(notOnOrAfter == null) + throw new IllegalArgumentException("notOnOrAfter argument is null"); + + int val = notbefore.compare(now); + + if(val == DatatypeConstants.INDETERMINATE || val == DatatypeConstants.GREATER) + return false; + + val = notOnOrAfter.compare(now); + if(val != DatatypeConstants.GREATER) + return false; + return true; + } +} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/util (from rev 569, identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/util) Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java 2009-06-04 17:31:30 UTC (rev 588) @@ -1,75 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.test.identity.federation.core.util; - -import java.util.Calendar; -import java.util.GregorianCalendar; - -import javax.xml.datatype.DatatypeConstants; -import javax.xml.datatype.XMLGregorianCalendar; - -import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; - -import junit.framework.TestCase; - -/** - * Unit Test the XML Time Util - * @author Anil.Saldhana(a)redhat.com - * @since Jan 6, 2009 - */ -public class XMLTimeUtilUnitTestCase extends TestCase -{ - public void testAdd() throws Exception - { - XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); - long min5 = XMLTimeUtil.inMilis(5); - - XMLGregorianCalendar after5M = XMLTimeUtil.add(now, min5); - assertTrue(now.compare(after5M) == DatatypeConstants.LESSER); - - GregorianCalendar nowG = now.toGregorianCalendar(); - GregorianCalendar now5M = after5M.toGregorianCalendar(); - - //Add 5 minutes - nowG.roll(Calendar.MINUTE, 5); - - int val = nowG.compareTo(now5M); - - System.out.println("Comparison value="+val); - - assertTrue( "Compared value is 0", val <= 0); - } - - public void testIsValid() throws Exception - { - XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); - - long milisFor5Mins = XMLTimeUtil.inMilis(5); - - XMLGregorianCalendar after5M = XMLTimeUtil.add(now, milisFor5Mins); - XMLGregorianCalendar after10M = XMLTimeUtil.add(now, milisFor5Mins * 2); - - //isValid(now, notbefore, notOnOrAfter) - assertTrue(XMLTimeUtil.isValid(after5M, now, after10M)); - assertFalse(XMLTimeUtil.isValid(now, after5M,after10M)); - } -} \ No newline at end of file Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java (from rev 571, identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/XMLTimeUtilUnitTestCase.java 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,85 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.identity.federation.core.util; + +import java.util.Calendar; +import java.util.GregorianCalendar; + +import javax.xml.datatype.DatatypeConstants; +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; + +import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil; + +import junit.framework.TestCase; + +/** + * Unit Test the XML Time Util + * @author Anil.Saldhana(a)redhat.com + * @since Jan 6, 2009 + */ +public class XMLTimeUtilUnitTestCase extends TestCase +{ + public void testCompareViaParsing() throws Exception + { + DatatypeFactory dt = DatatypeFactory.newInstance(); + XMLGregorianCalendar now = dt.newXMLGregorianCalendar("2009-06-03T17:42:09.322-04:00"); + XMLGregorianCalendar notBefore = dt.newXMLGregorianCalendar("2009-06-03T17:42:05.901-04:00"); + XMLGregorianCalendar notOnOrAfter = dt.newXMLGregorianCalendar("2009-06-03T17:47:05.901-04:00"); + assertTrue(XMLTimeUtil.isValid(now, notBefore, notOnOrAfter)); + } + + public void testAdd() throws Exception + { + XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); + long min5 = XMLTimeUtil.inMilis(5); + + XMLGregorianCalendar after5M = XMLTimeUtil.add(now, min5); + assertTrue(now.compare(after5M) == DatatypeConstants.LESSER); + + GregorianCalendar nowG = now.toGregorianCalendar(); + GregorianCalendar now5M = after5M.toGregorianCalendar(); + + //Add 5 minutes + nowG.roll(Calendar.MINUTE, 5); + + int val = nowG.compareTo(now5M); + + System.out.println("Comparison value="+val); + + assertTrue( "Compared value is 0", val <= 0); + } + + public void testIsValid() throws Exception + { + XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); + + long milisFor5Mins = XMLTimeUtil.inMilis(5); + + XMLGregorianCalendar after5M = XMLTimeUtil.add(now, milisFor5Mins); + XMLGregorianCalendar after10M = XMLTimeUtil.add(now, milisFor5Mins * 2); + + //isValid(now, notbefore, notOnOrAfter) + assertTrue(XMLTimeUtil.isValid(after5M, now, after10M)); + assertFalse(XMLTimeUtil.isValid(now, after5M,after10M)); + } +} \ No newline at end of file Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,135 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-fed-model</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation Model</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation Model contains the JAXB2 model.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/repos/jbossidentity/... - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... - <url>http://viewvc.jboss.org/cgi-bin/viewvc.cgi/repos/jbossidentity/ide... - </scm> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-xmlsec-model</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbossxacml</artifactId> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-xalan</groupId> - <artifactId>serializer</artifactId> - <version>2.7.0.patch01-brew</version> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-fed-model/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-fed-model/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,130 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-fed-model</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation Model</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation Model contains the JAXB2 model.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-xmlsec-model</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-impl</artifactId> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbossxacml</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-xalan</groupId> + <artifactId>serializer</artifactId> + <version>2.7.0.patch01-brew</version> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,35 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity.federation</groupId> - <artifactId>circleoftrust</artifactId> - <version>1.0.0-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Circle Of Trust</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>circleoftrust</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/circleoftrust/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,41 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>circleoftrust</artifactId> + <version>1.0.0.alpha3</version> + <packaging>war</packaging> + <name>JBoss Identity Federation Circle Of Trust</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>circleoftrust</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,35 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity.federation</groupId> - <artifactId>employee</artifactId> - <version>1.0.0-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Web Apps Employee</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>employee</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/employee/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,40 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>employee</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Web Apps Employee</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>employee</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + + </plugins> + </build> +</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/META-INF/context.xml (from rev 574, identity-federation/trunk/jboss-identity-webapps/employee/resources/META-INF/context.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/META-INF/context.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/META-INF/context.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,4 @@ +<Context> + <Valve className="org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator" + /> +</Context> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp =================================================================== --- identity-federation/trunk/jboss-identity-webapps/employee/resources/index.jsp 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -1,10 +0,0 @@ -<div align="center"> -<h1>EmployeeDashboard</h1> -<br/> -Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%> - -<br/> -Here is your cartoon of the day: -<br/> -<img src="careermap.jpg"/> -</div> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp (from rev 574, identity-federation/trunk/jboss-identity-webapps/employee/resources/index.jsp) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/index.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,13 @@ +<div align="center"> +<h1>EmployeeDashboard</h1> +<br/> +Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%> + +<br/> +Here is your cartoon of the day: +<br/> +<img src="careermap.jpg"/> + +<br/> +<a href="logout.jsp">Click to LogOut</a> +</div> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/logout.jsp (from rev 574, identity-federation/trunk/jboss-identity-webapps/employee/resources/logout.jsp) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/logout.jsp (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/employee/resources/logout.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,4 @@ +<% + session.invalidate(); +%> +You are logged out. Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,34 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity.federation</groupId> - <artifactId>idp</artifactId> - <version>1.0.0-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Identity Provider</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>idp</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/idp/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/idp/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>idp</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Identity Provider</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>idp</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,34 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity.federation</groupId> - <artifactId>metadata</artifactId> - <version>1.0.0-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Metadata</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>metadata</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/metadata/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>metadata</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Metadata</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>metadata</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,31 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-webapps</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation Web Applications</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Web Applications contains the web applications for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <modules> - <module>sales</module> - <module>employee</module> - <module>circleoftrust</module> - <module>idp</module> - <module>metadata</module> - </modules> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,31 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-federation-webapps</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation Web Applications</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Web Applications contains the web applications for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <modules> + <module>sales</module> + <module>employee</module> + <module>circleoftrust</module> + <module>idp</module> + <module>metadata</module> + </modules> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,34 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity.federation</groupId> - <artifactId>sales</artifactId> - <version>1.0.0-SNAPSHOT</version> - <packaging>war</packaging> - <name>JBoss Identity Federation Sales</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <warName>sales</warName> - <webappDirectory>${basedir}/resources/</webappDirectory> - <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> - </configuration> - </plugin> - </plugins> - </build> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-webapps/sales/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,39 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-federation-webapps</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>sales</artifactId> + <packaging>war</packaging> + <name>JBoss Identity Federation Sales</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Samples contains the samples for Federated Identity Needs.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <warName>sales</warName> + <webappDirectory>${basedir}/resources/</webappDirectory> + <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes> + </configuration> + </plugin> + </plugins> + </build> +</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/META-INF/context.xml (from rev 574, identity-federation/trunk/jboss-identity-webapps/sales/resources/META-INF/context.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/META-INF/context.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/META-INF/context.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,4 @@ +<Context> + <Valve className="org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator" + /> +</Context> Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales/resources/index.jsp 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -1,10 +0,0 @@ -<div align="center"> -<h1>SalesTool</h1> -<br/> -Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%> - -<br/> -Here is your sales chart: -<br/> -<img src="piechart.gif"/> -</div> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp (from rev 574, identity-federation/trunk/jboss-identity-webapps/sales/resources/index.jsp) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/index.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,13 @@ +<div align="center"> +<h1>SalesTool</h1> +<br/> +Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%> + +<br/> +Here is your sales chart: +<br/> +<img src="piechart.gif"/> + +<br/> +<a href="logout.jsp">Click to LogOut</a> +</div> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/logout.jsp (from rev 574, identity-federation/trunk/jboss-identity-webapps/sales/resources/logout.jsp) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/logout.jsp (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-webapps/sales/resources/logout.jsp 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,4 @@ +<% + session.invalidate(); +%> +You are logged out. Deleted: identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml =================================================================== --- identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,117 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>../parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>jboss-identity-xmlsec-model</artifactId> - <packaging>jar</packaging> - <name>JBoss Identity Federation XML Security Model</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation XML Security Model contains the JAXB2 model for W3C XML Signature and XML Encryption specifications.</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/repos/jbossidentity/... - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... - <url>http://viewvc.jboss.org/cgi-bin/viewvc.cgi/repos/jbossidentity/ide... - </scm> - <build> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.4.3</version> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>false</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - <version>1.4.2</version> - </dependency> - <dependency> - <groupId>sun-jaf</groupId> - <artifactId>activation</artifactId> - <version>1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>codehaus-stax</groupId> - <artifactId>stax</artifactId> - <version>1.1.1</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <doclet>org.jboss.apiviz.APIviz</doclet> - <docletArtifact> - <groupId>org.jboss.apiviz</groupId> - <artifactId>apiviz</artifactId> - <version>1.2.5.GA</version> - </docletArtifact> - <additionalparam> - -charset UTF-8 - -docencoding UTF-8 - -version - -author - -breakiterator - -windowtitle "${project.name} ${project.version} API Reference" - -doctitle "${project.name} ${project.version} API Reference" - -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." - -link http://java.sun.com/javase/6/docs/api/ - -sourceclasspath ${project.build.outputDirectory} - </additionalparam> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - </plugins> - </reporting> -</project> Copied: identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml (from rev 587, identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/jboss-identity-xmlsec-model/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,112 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-xmlsec-model</artifactId> + <packaging>jar</packaging> + <name>JBoss Identity Federation XML Security Model</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation XML Security Model contains the JAXB2 model for W3C XML Signature and XML Encryption specifications.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <build> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.4.3</version> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>false</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + </dependency> + <dependency> + <groupId>stax</groupId> + <artifactId>stax-api</artifactId> + <version>1.0</version> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + <version>1.4.2</version> + </dependency> + <dependency> + <groupId>sun-jaf</groupId> + <artifactId>activation</artifactId> + <version>1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>codehaus-stax</groupId> + <artifactId>stax</artifactId> + <version>1.1.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <doclet>org.jboss.apiviz.APIviz</doclet> + <docletArtifact> + <groupId>org.jboss.apiviz</groupId> + <artifactId>apiviz</artifactId> + <version>1.2.5.GA</version> + </docletArtifact> + <additionalparam> + -charset UTF-8 + -docencoding UTF-8 + -version + -author + -breakiterator + -windowtitle "${project.name} ${project.version} API Reference" + -doctitle "${project.name} ${project.version} API Reference" + -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved." + -link http://java.sun.com/javase/6/docs/api/ + -sourceclasspath ${project.build.outputDirectory} + </additionalparam> + <encoding>UTF-8</encoding> + </configuration> + </plugin> + </plugins> + </reporting> +</project> Deleted: identity-federation/tags/1.0.0.alpha3/parent/pom.xml =================================================================== --- identity-federation/trunk/parent/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/parent/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,142 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss</groupId> - <artifactId>jboss-parent</artifactId> - <version>4</version> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <packaging>pom</packaging> - <version>1.0.0.alpha2-SNAPSHOT</version> - <name>JBoss Identity Federation- Parent</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> - <licenses> - <license> - <name>lgpl</name> - <url>http://repository.jboss.com/licenses/lgpl.txt</url> - </license> - </licenses> - <organization> - <name>JBoss Inc.</name> - <url>http://www.jboss.org</url> - </organization> - <scm> - <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identi... - <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... - </scm> - - <build> - <plugins> - <plugin> - <artifactId>maven-release-plugin</artifactId> - <configuration> - <tagBase>https://svn.jboss.org/repos/jbossidentity/identity-federation/... - </configuration> - </plugin> - </plugins> - <pluginManagement> - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <printSummary>true</printSummary> - <disableXmlReport>false</disableXmlReport> - <testFailureIgnore>true</testFailureIgnore> - <includes> - <include>**/**TestCase.java</include> - </includes> - <forkMode>pertest</forkMode> - <argLine>${surefire.jvm.args}</argLine> - <useFile>false</useFile> - <trimStackTrace>false</trimStackTrace> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - - <repositories> - <repository> - <id>repository.jboss.org</id> - <name>JBoss Repository</name> - <layout>default</layout> - <url>http://repository.jboss.org/maven2/</url> - <snapshots> - <enabled>false</enabled> - </snapshots> - </repository> - - <repository> - <id>snapshots.jboss.org</id> - <name>JBoss Snapshots Repository</name> - <layout>default</layout> - <url>http://snapshots.jboss.org/maven2/</url> - <snapshots> - <enabled>true</enabled> - </snapshots> - <releases> - <enabled>false</enabled> - </releases> - </repository> - </repositories> - - <dependencyManagement> - <dependencies> - <dependency> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.0.2</version> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.4</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>apache-log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.14</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache</groupId> - <artifactId>xmlsec</artifactId> - <version>1.4.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>apache-logging</groupId> - <artifactId>commons-logging-api</artifactId> - <version>1.0.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.persistence</groupId> - <artifactId>persistence-api</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.1.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.1.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbossxacml</artifactId> - <version>2.0.3.CR1</version> - </dependency> - </dependencies> - </dependencyManagement> - -</project> Copied: identity-federation/tags/1.0.0.alpha3/parent/pom.xml (from rev 587, identity-federation/trunk/parent/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/parent/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/parent/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,142 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss</groupId> + <artifactId>jboss-parent</artifactId> + <version>4</version> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <packaging>pom</packaging> + <version>1.0.0.alpha3</version> + <name>JBoss Identity Federation- Parent</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + <scm> + <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identi... + <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/... + </scm> + + <build> + <plugins> + <plugin> + <artifactId>maven-release-plugin</artifactId> + <configuration> + <tagBase>https://svn.jboss.org/repos/jbossidentity/identity-federation/... + </configuration> + </plugin> + </plugins> + <pluginManagement> + <plugins> + <plugin> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <printSummary>true</printSummary> + <disableXmlReport>false</disableXmlReport> + <testFailureIgnore>true</testFailureIgnore> + <includes> + <include>**/**TestCase.java</include> + </includes> + <forkMode>pertest</forkMode> + <argLine>${surefire.jvm.args}</argLine> + <useFile>false</useFile> + <trimStackTrace>false</trimStackTrace> + </configuration> + </plugin> + </plugins> + </pluginManagement> + </build> + + <repositories> + <repository> + <id>repository.jboss.org</id> + <name>JBoss Repository</name> + <layout>default</layout> + <url>http://repository.jboss.org/maven2/</url> + <snapshots> + <enabled>false</enabled> + </snapshots> + </repository> + + <repository> + <id>snapshots.jboss.org</id> + <name>JBoss Snapshots Repository</name> + <layout>default</layout> + <url>http://snapshots.jboss.org/maven2/</url> + <snapshots> + <enabled>true</enabled> + </snapshots> + <releases> + <enabled>false</enabled> + </releases> + </repository> + </repositories> + + <dependencyManagement> + <dependencies> + <dependency> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>4.4</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>apache-log4j</groupId> + <artifactId>log4j</artifactId> + <version>1.2.14</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.apache</groupId> + <artifactId>xmlsec</artifactId> + <version>1.4.2</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>apache-logging</groupId> + <artifactId>commons-logging-api</artifactId> + <version>1.0.3</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>javax.persistence</groupId> + <artifactId>persistence-api</artifactId> + <version>1.0</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-api</artifactId> + <version>2.1.9</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>sun-jaxb</groupId> + <artifactId>jaxb-impl</artifactId> + <version>2.1.9</version> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jbossxacml</artifactId> + <version>2.0.3</version> + </dependency> + </dependencies> + </dependencyManagement> + +</project> Deleted: identity-federation/tags/1.0.0.alpha3/pom.xml =================================================================== --- identity-federation/trunk/pom.xml 2009-06-03 14:44:13 UTC (rev 568) +++ identity-federation/tags/1.0.0.alpha3/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -1,39 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-parent</artifactId> - <version>1.0.0.alpha2-SNAPSHOT</version> - <relativePath>parent</relativePath> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>org.jboss.identity</groupId> - <artifactId>jboss-identity-fed-pom</artifactId> - <packaging>pom</packaging> - <name>JBoss Identity Federation- Aggregator</name> - <url>http://labs.jboss.org/portal/jbosssecurity/</url> - <description>JBoss Identity Federation is the federated identity project for JEMS projects</description> - - <modules> - <module>parent</module> - <module>jboss-identity-xmlsec-model</module> - <module>jboss-identity-fed-model</module> - <module>jboss-identity-fed-core</module> - <module>jboss-identity-fed-api</module> - <module>jboss-identity-bindings</module> - <module>jboss-identity-bindings-jboss</module> - <module>assembly</module> - </modules> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <aggregate>true</aggregate> - </configuration> - </plugin> - </plugins> - </reporting> - -</project> Copied: identity-federation/tags/1.0.0.alpha3/pom.xml (from rev 587, identity-federation/trunk/pom.xml) =================================================================== --- identity-federation/tags/1.0.0.alpha3/pom.xml (rev 0) +++ identity-federation/tags/1.0.0.alpha3/pom.xml 2009-06-04 17:31:30 UTC (rev 588) @@ -0,0 +1,40 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-parent</artifactId> + <version>1.0.0.alpha3</version> + <relativePath>parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-fed-pom</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity Federation- Aggregator</name> + <url>http://labs.jboss.org/portal/jbosssecurity/</url> + <description>JBoss Identity Federation is the federated identity project for JEMS projects</description> + + <modules> + <module>parent</module> + <module>jboss-identity-xmlsec-model</module> + <module>jboss-identity-fed-model</module> + <module>jboss-identity-fed-core</module> + <module>jboss-identity-fed-api</module> + <module>jboss-identity-bindings</module> + <module>jboss-identity-bindings-jboss</module> + <module>jboss-identity-webapps</module> + <module>assembly</module> + </modules> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <aggregate>true</aggregate> + </configuration> + </plugin> + </plugins> + </reporting> + +</project>