Author: anil.saldhana(a)jboss.com
Date: 2009-08-26 00:11:02 -0400 (Wed, 26 Aug 2009)
New Revision: 744
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/factories/XACMLContextFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java
Log:
JBID-177: api work
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java 2009-08-25
20:22:41 UTC (rev 743)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/SOAPSAMLXACMLServlet.java 2009-08-26
04:11:02 UTC (rev 744)
@@ -25,6 +25,8 @@
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivilegedActionException;
+import java.util.ArrayList;
+import java.util.List;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -41,17 +43,19 @@
import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.core.factories.SOAPFactory;
-import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.jboss.identity.federation.core.factories.XACMLContextFactory;
import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.jboss.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
+import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.jboss.identity.federation.core.util.JAXBUtil;
import org.jboss.identity.federation.org.xmlsoap.schemas.soap.envelope.Body;
import org.jboss.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
import org.jboss.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
import
org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import
org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
@@ -200,9 +204,8 @@
ResultType resultType = responseContext.getResult();
responseType.getResult().add(resultType);
- XACMLAuthzDecisionStatementType xacmlStatement =
SOAPSAMLXACMLUtil.createXACMLAuthzDecisionStatementType();
- xacmlStatement.setRequest(requestType);
- xacmlStatement.setResponse(responseType);
+ XACMLAuthzDecisionStatementType xacmlStatement =
+ XACMLContextFactory.createXACMLAuthzDecisionStatementType(requestType,
responseType);
//Place the xacml statement in an assertion
//Then the assertion goes inside a SAML Response
@@ -211,12 +214,16 @@
SAML2Response saml2Response = new SAML2Response();
IssuerInfoHolder issuerInfo = new IssuerInfoHolder(this.issuer);
- AssertionType assertion =
SAMLAssertionFactory.getObjectFactory().createAssertionType();
-
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(xacmlStatement);
- assertion.setID(ID);
- assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
- assertion.setIssuer(issuerInfo.getIssuer());
+ List<StatementAbstractType> statements = new
ArrayList<StatementAbstractType>();
+ statements.add(xacmlStatement);
+ AssertionType assertion = SAMLAssertionFactory.createAssertion(ID,
+ issuerInfo.getIssuer(),
+ XMLTimeUtil.getIssueInstant(),
+ null,
+ null,
+ statements);
+
JAXBElement<?> jaxbResponse =
JAXBElementMappingUtil.get(saml2Response.createResponseType(ID, issuerInfo, assertion));
//Create a SOAP Envelope to hold the SAML response
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-25
20:22:41 UTC (rev 743)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-26
04:11:02 UTC (rev 744)
@@ -25,6 +25,7 @@
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
+import java.util.Arrays;
import java.util.List;
import javax.xml.bind.Binder;
@@ -53,12 +54,16 @@
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.jboss.identity.federation.core.util.JAXBUtil;
+import org.jboss.identity.federation.saml.v2.assertion.ActionType;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
import org.jboss.identity.federation.saml.v2.assertion.AuthnContextType;
import org.jboss.identity.federation.saml.v2.assertion.AuthnStatementType;
+import org.jboss.identity.federation.saml.v2.assertion.AuthzDecisionStatementType;
+import org.jboss.identity.federation.saml.v2.assertion.DecisionType;
import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType;
+import org.jboss.identity.federation.saml.v2.assertion.EvidenceType;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
@@ -104,7 +109,36 @@
authnStatement.setAuthnContext(act);
return authnStatement;
}
+
/**
+ * Create an Authorization Decision Statement Type
+ * @param resource
+ * @param decision
+ * @param evidence
+ * @param actions
+ * @return
+ */
+ public AuthzDecisionStatementType createAuthzDecisionStatementType(String resource,
+ DecisionType decision,
+ EvidenceType evidence,
+ ActionType... actions)
+ {
+ ObjectFactory objectFactory = SAMLAssertionFactory.getObjectFactory();
+ AuthzDecisionStatementType authzDecST =
objectFactory.createAuthzDecisionStatementType();
+ authzDecST.setResource(resource);
+ authzDecST.setDecision(decision);
+ if(evidence != null)
+ authzDecST.setEvidence(evidence);
+
+ if(actions != null)
+ {
+ authzDecST.getAction().addAll(Arrays.asList(actions));
+ }
+
+ return authzDecST;
+ }
+
+ /**
* Given a set of roles, create an attribute statement
* @param roles
* @return
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/factories/XACMLContextFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/factories/XACMLContextFactory.java 2009-08-25
20:22:41 UTC (rev 743)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/factories/XACMLContextFactory.java 2009-08-26
04:11:02 UTC (rev 744)
@@ -21,7 +21,11 @@
*/
package org.jboss.identity.federation.core.factories;
+import org.jboss.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
+import
org.jboss.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.jboss.security.xacml.core.model.context.ObjectFactory;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
/**
@@ -37,4 +41,19 @@
{
return _objectFactory;
}
+
+ /**
+ * Create an XACML Authorization Decision Statement Type
+ * @param request
+ * @param response
+ * @return
+ */
+ public static XACMLAuthzDecisionStatementType
createXACMLAuthzDecisionStatementType(RequestType request,
+ ResponseType response)
+ {
+ XACMLAuthzDecisionStatementType xacmlStatement =
SOAPSAMLXACMLUtil.createXACMLAuthzDecisionStatementType();
+ xacmlStatement.setRequest(request);
+ xacmlStatement.setResponse(response);
+ return xacmlStatement;
+ }
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2009-08-25
20:22:41 UTC (rev 743)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/SAMLAssertionFactory.java 2009-08-26
04:11:02 UTC (rev 744)
@@ -26,6 +26,7 @@
import javax.xml.datatype.XMLGregorianCalendar;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.jboss.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -44,7 +45,7 @@
* @since Jan 28, 2009
*/
public class SAMLAssertionFactory
-{
+{
private static ObjectFactory factory = new ObjectFactory();
public static ObjectFactory getObjectFactory()
@@ -147,8 +148,8 @@
if (confirmation != null)
subject.getContent().add(factory.createSubjectConfirmation(confirmation));
return subject;
- }
-
+ }
+
/**
* <p>
* Creates a SAMLV2 {@code AssertionType} with the specified values.
@@ -170,11 +171,14 @@
assertion.setID(id);
assertion.setIssuer(issuerID);
assertion.setIssueInstant(issueInstant);
- assertion.setConditions(conditions);
- assertion.setSubject(subject);
+ if(conditions != null)
+ assertion.setConditions(conditions);
+ if(subject != null)
+ assertion.setSubject(subject);
+ assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
+
if (statements != null)
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statements);
return assertion;
}
-
}
\ No newline at end of file
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java 2009-08-25
20:22:41 UTC (rev 743)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/AssertionUtil.java 2009-08-26
04:11:02 UTC (rev 744)
@@ -30,8 +30,10 @@
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
+import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory;
/**
* Utility to deal with assertions
@@ -59,6 +61,31 @@
}
/**
+ * Create an attribute type
+ * @param name Name of the attribute
+ * @param nameFormat name format uri
+ * @param attributeValues an object array of attribute values
+ * @return
+ */
+ public static AttributeType createAttribute(String name, String nameFormat,
+ Object... attributeValues)
+ {
+ ObjectFactory of = SAMLAssertionFactory.getObjectFactory();
+ AttributeType att = of.createAttributeType();
+ att.setName(name);
+ att.setNameFormat(nameFormat);
+ if(attributeValues != null && attributeValues.length > 0)
+ {
+ for(Object attributeValue:attributeValues)
+ {
+ att.getAttributeValue().add(of.createAttributeValue(attributeValue));
+ }
+ }
+
+ return att;
+ }
+
+ /**
* Add validity conditions to the SAML2 Assertion
* @param assertion
* @param durationInMilis