Author: anil.saldhana(a)jboss.com Date: 2009-04-29 13:52:30 -0400 (Wed, 29 Apr 2009) New Revision: 468 Added: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java Log: JBID-82: circle of trust servlet Added: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java (rev 0) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-04-29 17:52:30 UTC (rev 468) @@ -0,0 +1,150 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.bindings.servlets; + +import java.io.IOException; +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.Unmarshaller; + +import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder; +import org.jboss.identity.federation.core.saml.v2.metadata.store.FileBasedMetadataConfigurationStore; +import org.jboss.identity.federation.core.saml.v2.metadata.store.IMetadataConfigurationStore; +import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType; + +/** + * Circle of trust establishing servlet that accesses + * the metadata urls of the various sites and updates + * the common store + * @author Anil.Saldhana(a)redhat.com + * @since Apr 23, 2009 + */ +public class CircleOfTrustServlet extends HttpServlet +{ + private static final long serialVersionUID = 1L; + + private IMetadataConfigurationStore configProvider = new FileBasedMetadataConfigurationStore(); + + @Override + public void init(ServletConfig config) throws ServletException + { + super.init(config); + + String cstr = config.getInitParameter("configProvider"); + if(cstr != null && cstr.length() > 0) + { + ClassLoader tcl; + try + { + tcl = SecurityActions.getContextClassLoader(); + configProvider = (IMetadataConfigurationStore) tcl.loadClass(cstr).newInstance(); + } + catch (Exception e) + { + throw new ServletException(e); + } + } + } + + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException + { + //Handle listing of providers for either idp or sp + //Handle adding an IDP + //Handle adding a SP + String action = req.getParameter("action"); + String type = req.getParameter("type"); + if(action == null) + throw new ServletException("action is null"); + if(type == null) + throw new ServletException("type is null"); + + //SP + if("sp".equalsIgnoreCase(type)) + { + if("add".equalsIgnoreCase(action)) + { + try + { + addIDP(req,resp); + req.getRequestDispatcher("/addedIDP.jsp").forward(req, resp); + } + catch (Exception e) + { + throw new ServletException(e); + } + } + } + } + + private void addIDP(HttpServletRequest request, HttpServletResponse response) throws Exception + { + String spName = request.getParameter("spname"); + String idpName = request.getParameter("idpname"); + String metadataURL = request.getParameter("metadataURL"); + InputStream is = null; + + URL md = new URL(metadataURL); + HttpURLConnection http = (HttpURLConnection) md.openConnection(); + http.setInstanceFollowRedirects(true); + is = http.getInputStream(); + + Unmarshaller un = MetaDataBuilder.getUnmarshaller(); + JAXBElement<?> j = (JAXBElement<?>) un.unmarshal(is); + Object obj = j.getValue(); + if(obj instanceof EntityDescriptorType == false) + throw new RuntimeException("Unsupported type:"+ obj.getClass()); + EntityDescriptorType edt = (EntityDescriptorType) obj; + configProvider.persist(edt, idpName); + + HttpSession httpSession = request.getSession(); + httpSession.setAttribute("idp", edt); + + //Let us add the trusted providers + Map<String,String> trustedProviders = new HashMap<String, String>(); + try + { + configProvider.loadTrustedProviders(spName); + } + catch(Exception e) + { + log("Error obtaining the trusted providers for "+spName); + } + finally + { + trustedProviders.put(idpName, metadataURL); + configProvider.persistTrustedProviders(spName, trustedProviders); + } + } +} \ No newline at end of file