Picketlink SVN: r1074 - in federation/trunk/picketlink-webapps/idp/src/main/webapp: hosted and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 21:04:03 -0400 (Wed, 06 Jul 2011)
New Revision: 1074
Added:
federation/trunk/picketlink-webapps/idp/src/main/webapp/hosted/
federation/trunk/picketlink-webapps/idp/src/main/webapp/hosted/index.jsp
Modified:
federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp
Log:
idp war has a hosted section
Added: federation/trunk/picketlink-webapps/idp/src/main/webapp/hosted/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/idp/src/main/webapp/hosted/index.jsp (rev 0)
+++ federation/trunk/picketlink-webapps/idp/src/main/webapp/hosted/index.jsp 2011-07-07 01:04:03 UTC (rev 1074)
@@ -0,0 +1,5 @@
+<html>
+<body>
+<a href="?TARGET=http%3A//localhost%3a8080/sales-saml11/">Sales</a>
+</body>
+</html>
Modified: federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp 2011-07-07 01:03:42 UTC (rev 1073)
+++ federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp 2011-07-07 01:04:03 UTC (rev 1074)
@@ -1,5 +1 @@
-<html>
-<body>
-<a href="?TARGET=http%3A//localhost%3a8080/sales-saml11/">Sales</a>
-</body>
-</html>
+Welcome to IDP!
13 years, 6 months
Picketlink SVN: r1073 - federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 21:03:42 -0400 (Wed, 06 Jul 2011)
New Revision: 1073
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
Log:
use dispatch to hosted
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06 18:33:55 UTC (rev 1072)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-07 01:03:42 UTC (rev 1073)
@@ -40,6 +40,7 @@
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
+import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.xml.crypto.dsig.CanonicalizationMethod;
@@ -366,7 +367,18 @@
}
else
{
- getNext().invoke(request, response);
+ if (trace)
+ log.trace("SAML 1.1::Proceeding to IDP index page");
+ RequestDispatcher dispatch = context.getServletContext().getRequestDispatcher("/hosted/");
+ try
+ {
+ dispatch.forward(request, response);
+ }
+ catch (Exception e)
+ {
+ //JBAS5.1 and 6 quirkiness
+ dispatch.forward(request.getRequest(), response);
+ }
}
/*log.error("No SAML Request or Response Message");
if (trace)
13 years, 6 months
Picketlink SVN: r1072 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml and 4 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 14:33:55 -0400 (Wed, 06 Jul 2011)
New Revision: 1072
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11NameIdentifierType.java
federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp
Log:
PLFED-189:
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06 18:33:55 UTC (rev 1072)
@@ -40,7 +40,6 @@
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
-import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.xml.crypto.dsig.CanonicalizationMethod;
@@ -100,6 +99,9 @@
import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusType;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
@@ -364,9 +366,7 @@
}
else
{
- //Send it to the hosted page
- RequestDispatcher dispatch = request.getRequestDispatcher("/hosted/");
- dispatch.forward(request, response);
+ getNext().invoke(request, response);
}
/*log.error("No SAML Request or Response Message");
if (trace)
@@ -390,6 +390,8 @@
{
try
{
+ Principal userPrincipal = request.getPrincipal();
+
String target = request.getParameter(SAML11Constants.TARGET);
Session session = request.getSessionInternal();
@@ -397,6 +399,13 @@
if (saml11Assertion == null)
{
SAML11ProtocolContext saml11Protocol = new SAML11ProtocolContext();
+ saml11Protocol.setIssuerID(this.identityURL);
+ SAML11SubjectType subject = new SAML11SubjectType();
+ SAML11SubjectTypeChoice subjectChoice = new SAML11SubjectTypeChoice(new SAML11NameIdentifierType(
+ userPrincipal.getName()));
+ subject.setChoice(subjectChoice);
+ saml11Protocol.setSubjectType(subject);
+
PicketLinkCoreSTS.instance().issueToken(saml11Protocol);
saml11Assertion = saml11Protocol.getIssuedAssertion();
session.setNote("SAML11", saml11Assertion);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11SubjectParser.java 2011-07-06 18:33:55 UTC (rev 1072)
@@ -80,7 +80,8 @@
if (SAML11Constants.NAME_IDENTIFIER.equalsIgnoreCase(tag))
{
peekedElement = StaxParserUtil.getNextStartElement(xmlEventReader);
- SAML11NameIdentifierType nameID = new SAML11NameIdentifierType();
+ String val = StaxParserUtil.getElementText(xmlEventReader);
+ SAML11NameIdentifierType nameID = new SAML11NameIdentifierType(val);
Attribute formatAtt = peekedElement.getAttributeByName(new QName(SAML11Constants.FORMAT));
if (formatAtt != null)
{
@@ -93,8 +94,6 @@
nameID.setNameQualifier(StaxParserUtil.getAttributeValue(nameQAtt));
}
- String val = StaxParserUtil.getElementText(xmlEventReader);
- nameID.setValue(val);
SAML11SubjectTypeChoice subChoice = new SAML11SubjectTypeChoice(nameID);
subject.setChoice(subChoice);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java 2011-07-06 18:33:55 UTC (rev 1072)
@@ -49,7 +49,7 @@
*/
public class SAML11ProtocolContext implements ProtocolContext
{
- protected SAML11NameIdentifierType issuerID;
+ protected String issuerID;
protected SAML11SubjectType subjectType;
@@ -65,16 +65,16 @@
* Get the Issuer ID
* @return instance of {@link SAML11NameIdentifierType}
*/
- public SAML11NameIdentifierType getIssuerID()
+ public String getIssuerID()
{
return issuerID;
}
/**
* Set the Issuer ID
- * @param issuerID {@link SAML11NameIdentifierType}
+ * @param issuerID {@link String}
*/
- public void setIssuerID(SAML11NameIdentifierType issuerID)
+ public void setIssuerID(String issuerID)
{
this.issuerID = issuerID;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java 2011-07-06 18:33:55 UTC (rev 1072)
@@ -45,7 +45,6 @@
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -117,7 +116,10 @@
SAML11ProtocolContext samlProtocolContext = (SAML11ProtocolContext) context;
- SAML11NameIdentifierType issuerID = samlProtocolContext.getIssuerID();
+ String issuerID = samlProtocolContext.getIssuerID();
+ if (issuerID == null)
+ throw new ProcessingException("Issuer in SAML Protocol Context is null");
+
XMLGregorianCalendar issueInstant;
try
{
@@ -134,7 +136,7 @@
String assertionID = IDGenerator.create("ID_");
SAML11AssertionType assertionType = new SAML11AssertionType(assertionID, issueInstant);
- assertionType.setIssuer(issuerID.getValue());
+ assertionType.setIssuer(issuerID);
assertionType.addAllStatements(statements);
try
{
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11NameIdentifierType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11NameIdentifierType.java 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11NameIdentifierType.java 2011-07-06 18:33:55 UTC (rev 1072)
@@ -46,6 +46,11 @@
protected String value;
+ public SAML11NameIdentifierType(String val)
+ {
+ this.value = val;
+ }
+
public String getNameQualifier()
{
return nameQualifier;
@@ -70,9 +75,4 @@
{
return value;
}
-
- public void setValue(String value)
- {
- this.value = value;
- }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp 2011-07-06 16:10:29 UTC (rev 1071)
+++ federation/trunk/picketlink-webapps/idp/src/main/webapp/index.jsp 2011-07-06 18:33:55 UTC (rev 1072)
@@ -1 +1,5 @@
-Welcome to IDP.
+<html>
+<body>
+<a href="?TARGET=http%3A//localhost%3a8080/sales-saml11/">Sales</a>
+</body>
+</html>
13 years, 6 months
Picketlink SVN: r1071 - in integration-tests/trunk: picketlink-saml-jbas51/.externalToolBuilders and 12 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 12:10:29 -0400 (Wed, 06 Jul 2011)
New Revision: 1071
Added:
integration-tests/trunk/picketlink-saml-jbas51/.externalToolBuilders/
integration-tests/trunk/picketlink-saml-jbas51/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (6).launch
integration-tests/trunk/picketlink-saml-jbas6/.externalToolBuilders/
integration-tests/trunk/picketlink-saml-jbas6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (5).launch
integration-tests/trunk/picketlink-saml-tomcat6/.externalToolBuilders/
integration-tests/trunk/picketlink-saml-tomcat6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (4).launch
integration-tests/trunk/picketlink-sts-jbas51-cxf/.externalToolBuilders/
integration-tests/trunk/picketlink-sts-jbas51-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (3).launch
integration-tests/trunk/picketlink-sts-jbas51-native/.externalToolBuilders/
integration-tests/trunk/picketlink-sts-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (2).launch
integration-tests/trunk/picketlink-sts-jbas6-cxf/.externalToolBuilders/
integration-tests/trunk/picketlink-sts-jbas6-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (1).launch
integration-tests/trunk/picketlink-trust-jbas51-native/.externalToolBuilders/
integration-tests/trunk/picketlink-trust-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder.launch
Log:
disable default mvn building in eclipse
Added: integration-tests/trunk/picketlink-saml-jbas51/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (6).launch
===================================================================
--- integration-tests/trunk/picketlink-saml-jbas51/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (6).launch (rev 0)
+++ integration-tests/trunk/picketlink-saml-jbas51/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (6).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-saml-jbas6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (5).launch
===================================================================
--- integration-tests/trunk/picketlink-saml-jbas6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (5).launch (rev 0)
+++ integration-tests/trunk/picketlink-saml-jbas6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (5).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-saml-tomcat6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (4).launch
===================================================================
--- integration-tests/trunk/picketlink-saml-tomcat6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (4).launch (rev 0)
+++ integration-tests/trunk/picketlink-saml-tomcat6/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (4).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-sts-jbas51-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (3).launch
===================================================================
--- integration-tests/trunk/picketlink-sts-jbas51-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (3).launch (rev 0)
+++ integration-tests/trunk/picketlink-sts-jbas51-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (3).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-sts-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (2).launch
===================================================================
--- integration-tests/trunk/picketlink-sts-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (2).launch (rev 0)
+++ integration-tests/trunk/picketlink-sts-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (2).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-sts-jbas6-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (1).launch
===================================================================
--- integration-tests/trunk/picketlink-sts-jbas6-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (1).launch (rev 0)
+++ integration-tests/trunk/picketlink-sts-jbas6-cxf/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder (1).launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
Added: integration-tests/trunk/picketlink-trust-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder.launch
===================================================================
--- integration-tests/trunk/picketlink-trust-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder.launch (rev 0)
+++ integration-tests/trunk/picketlink-trust-jbas51-native/.externalToolBuilders/org.maven.ide.eclipse.maven2Builder.launch 2011-07-06 16:10:29 UTC (rev 1071)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<launchConfiguration type="org.eclipse.ant.AntBuilderLaunchConfigurationType">
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
+<stringAttribute key="org.eclipse.ui.externaltools.ATTR_DISABLED_BUILDER" value="org.maven.ide.eclipse.maven2Builder"/>
+<mapAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS"/>
+<booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
+</launchConfiguration>
13 years, 6 months
Picketlink SVN: r1070 - in integration-tests/trunk: common-dist/files and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 12:09:59 -0400 (Wed, 06 Jul 2011)
New Revision: 1070
Added:
integration-tests/trunk/common-dist/files/jboss-logging.xml
Modified:
integration-tests/trunk/ant-scripts/ant-build.xml
integration-tests/trunk/common-dist/files/jboss-log4j.xml
Log:
add as6 logging
Modified: integration-tests/trunk/ant-scripts/ant-build.xml
===================================================================
--- integration-tests/trunk/ant-scripts/ant-build.xml 2011-07-06 16:09:32 UTC (rev 1069)
+++ integration-tests/trunk/ant-scripts/ant-build.xml 2011-07-06 16:09:59 UTC (rev 1070)
@@ -24,6 +24,7 @@
<echo>Unzip JBOSS AS 6.0.0.Final</echo>
<unzip src="${basedir}/../common-dist/jbossas/6.0/jboss-as-distribution-6.0.0.Final.zip"
dest="${basedir}/target"/>
+ <copy file="${basedir}/../common-dist/files/jboss-logging.xml" todir="${basedir}/target/jboss-6.0.0.Final/server/default/deploy"/>
</target>
<target name="init-tomcat6">
Modified: integration-tests/trunk/common-dist/files/jboss-log4j.xml
===================================================================
--- integration-tests/trunk/common-dist/files/jboss-log4j.xml 2011-07-06 16:09:32 UTC (rev 1069)
+++ integration-tests/trunk/common-dist/files/jboss-log4j.xml 2011-07-06 16:09:59 UTC (rev 1070)
@@ -261,6 +261,7 @@
<priority value="TRACE"/>
</category>
+<!--
<category name="org.jboss.security">
<priority value="TRACE"/>
</category>
@@ -271,6 +272,7 @@
<category name="org.apache">
<priority value="TRACE"/>
</category>
+-->
<!-- Category specifically for Security Audit Provider
<category name="org.jboss.security.audit.providers.LogAuditProvider" additivity="false">
Added: integration-tests/trunk/common-dist/files/jboss-logging.xml
===================================================================
--- integration-tests/trunk/common-dist/files/jboss-logging.xml (rev 0)
+++ integration-tests/trunk/common-dist/files/jboss-logging.xml 2011-07-06 16:09:59 UTC (rev 1070)
@@ -0,0 +1,687 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Logging System Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<logging xmlns="urn:jboss:logging:6.0" xmlns:b="urn:jboss:bean-deployer:2.0">
+
+ <!-- ================================= -->
+ <!-- Preserve messages in a local file -->
+ <!-- ================================= -->
+
+ <!-- A time/date based rolling handler -->
+
+ <periodic-rotating-file-handler
+ file-name="${jboss.server.log.dir}/server.log"
+ name="FILE"
+ autoflush="true"
+ append="true"
+ suffix=".yyyy-MM-dd"> <!-- To roll over at the top of each hour, use ".yyyy-MM-dd-HH" instead -->
+
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <formatter>
+ <!-- To revert back to simple stack traces without JAR versions, change "%E" to "%e" below. -->
+ <!-- Uncomment this to get the class name in the log as well as the category
+ <pattern-formatter pattern="%d %-5p [%c] %C{1} (%t) %s%E%n"/>
+ -->
+ <!-- Uncomment this to log without the class name in the log -->
+ <pattern-formatter pattern="%d %-5p [%c] (%t) %s%E%n"/>
+ </formatter>
+ </periodic-rotating-file-handler>
+
+ <!-- A size based file rolling appender
+
+ <size-rotating-file-handler
+ file-name="${jboss.server.log.dir}/server.log"
+ name="FILE"
+ autoflush="true"
+ append="true"
+ rotate-size="500k"
+ max-backup-index="5">
+
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <formatter>
+ <pattern-formatter pattern="%d %-5p [%c] (%t) %m%n"/>
+ </formatter>
+ </size-rotating-file-handler>
+ -->
+
+ <!-- ============================== -->
+ <!-- Append messages to the console -->
+ <!-- ============================== -->
+
+ <console-handler name="CONSOLE" autoflush="true" target="System.out">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <level name="INFO"/>
+
+ <formatter>
+ <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] %s%E%n"/>
+ </formatter>
+ </console-handler>
+
+ <!-- ====================== -->
+ <!-- More Appender examples -->
+ <!-- ====================== -->
+
+ <!-- Buffer events and log them asynchronously
+
+ <async-handler name="ASYNC">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <sub-handlers>
+ <handler-ref name="FILE"/>
+ <handler-ref name="CONSOLE"/>
+ <handler-ref name="SMTP"/>
+ </sub-handlers>
+ </async-handler>
+ -->
+
+ <!-- EMail events to an administrator
+
+ <log4j-appender name="SMTP" class="org.apache.log4j.net.SMTPAppender">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <level name="ERROR"/>
+
+ <properties>
+ <property name="to">admin(a)myhost.domain.com</property>
+ <property name="from">nobody(a)myhost.domain.com</property>
+ <property name="subject">JBoss Sever Errors</property>
+ <property name="SMTPHost">localhost</property>
+ <property name="bufferSize">10</property>
+ </properties>
+
+ <formatter>
+ <pattern-formatter pattern="%d %-5p [%c] (%t) %m%n"/>
+ </formatter>
+ </log4j-appender>
+ -->
+
+ <!-- Syslog events
+
+ <log4j-appender name="SYSLOG" class="org.apache.log4j.net.SyslogAppender">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <properties>
+ <property name="facility">LOCAL7</property>
+ <property name="facilityPrinting">true</property>
+ <property name="syslogHost">localhost</property>
+ </properties>
+
+ <formatter>
+ <pattern-formatter pattern="[%d,%c{1}] %m%n"/>
+ </formatter>
+ </log4j-appender>
+ -->
+
+ <!-- Log events to JMS (requires a topic to be created)
+
+ <log4j-appender name="JMS" class="org.apache.log4j.net.JMSAppender">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <level name="ERROR"/>
+
+ <properties>
+ <property name="topicConnectionFactoryBindingName">
+ --><!-- Use injection so that an implicit dependency is formed - TODO: get the correct property name --><!--
+ <b:inject bean="myTopicBiding" property="name"/>
+ </property>
+ <property name="topicBindingName">topic/MyErrorsTopic</property>
+ </properties>
+ </log4j-appender>
+ -->
+
+ <!-- Log events through SNMP
+
+ <log4j-appender name="TRAP_LOG" class="org.apache.log4j.ext.SNMPTrapAppender">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <level name="DEBUG"/>
+
+ <properties>
+ <property name="implementationClassName">org.apache.log4j.ext.JoeSNMPTrapSender</property>
+ <property name="managementHost">127.0.0.1</property>
+ <property name="managementHostTrapListenPort">162</property>
+ <property name="enterpriseOID">1.3.6.1.4.1.24.0</property>
+ <property name="localIPAddress">127.0.0.1</property>
+ <property name="localTrapSendPort">161</property>
+ <property name="genericTrapType">6</property>
+ <property name="specificTrapType">12345678</property>
+ <property name="communityString">public</property>
+ <property name="forwardStackTraceWithTrap">true</property>
+ <property name="applicationTrapOID">1.3.6.1.4.1.24.12.10.22.64</property>
+ </properties>
+ <formatter>
+ <pattern-formatter pattern="%d,%p,[%t],[%c],%m%n"/>
+ </formatter>
+ </log4j-appender>
+ -->
+
+ <!-- Emit events as JMX notifications
+
+ <log4j-appender name="JMX" class="org.jboss.monitor.services.JMXNotificationAppender">
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <level name="WARN"/>
+
+ <properties>
+ <property name="objectName">jboss.system:service=Logging,type=JMXNotificationAppender</property>
+ </properties>
+
+ <formatter>
+ <pattern-formatter pattern="%d %-5p [%c] %m"/>
+ </formatter>
+ </log4j-appender>
+ -->
+
+ <!-- Security AUDIT Appender
+
+ <periodic-rotating-file-handler
+ name="AUDIT"
+ autoflush="true"
+ file-name="${jboss.server.log.dir}/audit.log"
+ suffix=".yyyy-MM-dd"
+ append="true">
+
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <formatter>
+ <pattern-formatter pattern="%d %-5p [%c] (%t:%x) %m%n"/>
+ </formatter>
+ </periodic-rotating-file-handler>
+ -->
+
+ <!-- =============================================== -->
+ <!-- Limit categories -->
+ <!-- if enabling "trace" at root logger level, -->
+ <!-- use limit category settings to disable trace -->
+ <!-- for packages that you don't want to trace -->
+ <!-- =============================================== -->
+
+ <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
+ <logger category="org.apache">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the jacorb category to WARN as its INFO is verbose -->
+ <logger category="jacorb">
+ <level name="WARN"/>
+ </logger>
+
+ <!-- Limit JSF to INFO as its FINE is verbose -->
+ <logger category="javax.enterprise.resource.webcontainer.jsf">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the org.jgroups category to WARN as its INFO is verbose -->
+ <logger category="org.jgroups">
+ <level name="WARN"/>
+ </logger>
+
+ <!-- Limit the org.quartz category to INFO as its DEBUG is verbose -->
+ <logger category="org.quartz">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the com.sun category to INFO as its FINE is verbose -->
+ <logger category="com.sun">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the sun category to INFO as its FINE is verbose -->
+ <logger category="sun">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the javax.xml.bind category to INFO as its FINE is verbose -->
+ <logger category="javax.xml.bind">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the springframework category to WARN-->
+ <logger category="org.springframework">
+ <level name="WARN"/>
+ </logger>
+
+ <!-- Limit JBoss categories
+ <logger category="org.jboss">
+ <level name="INFO"/>
+ </logger>
+ -->
+
+ <!-- Or limit individual JBoss categories
+ <logger category="org.jboss.web">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.tm">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.jdbc">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.on">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.services">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.bootstrap">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.kernel">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.beans">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.injection">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.annotation">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.system">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.mx">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.jmx">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.invocation">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.classloader">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.classloading">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.deployment">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.deployers">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.dependency">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.metadata">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.detailed">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.logging">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.logbridge">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.aop">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.joinpoint">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.util">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.ha">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.resource">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.varia">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.net">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.security">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.console">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.wsf">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.ejb">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.ejb3">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.jpa">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.vfs">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.xb">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.naming">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.wsf">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.ws">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.mail">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.monitor">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.remoting">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.profileservice">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.cache">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.proxy">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.jms">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.messaging">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.webbeans">
+ <level name="INFO" />
+ </logger>
+
+ <logger category="org.jboss.managed">
+ <level name="INFO" />
+ </logger>
+ -->
+
+ <!-- Limit Arjuna transaction manager -->
+ <logger category="com.arjuna.ats">
+ <level name="INFO" />
+ </logger>
+
+ <!-- Limit Hibernate
+ <logger category="org.hibernate">
+ <level name="INFO" />
+ </logger>
+ -->
+
+ <!-- Limit Ajax4jsf
+ <logger category="org.ajax4jsf">
+ <level name="INFO" />
+ </logger>
+ -->
+
+ <!-- Limit JNP
+ <logger category="org.jnp">
+ <level name="INFO" />
+ </logger>
+ -->
+
+
+ <!-- Limit the JSR77 categories -->
+ <logger category="org.jboss.management">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Limit the verbose facelets compiler -->
+ <!-- Also suppress error with legacy facelets (JBAS-7600) -->
+ <logger category="facelets.compiler">
+ <level name="WARN"/>
+ <filter>
+ <not>
+ <match pattern="Error\sLoading\sLibrary.*jsf-libs/jsf-impl"/>
+ </not>
+ </filter>
+ </logger>
+
+
+ <!-- Limit the verbose ajax4jsf cache initialization
+ <logger category="org.ajax4jsf.cache">
+ <level name="WARN"/>
+ </logger>
+ -->
+ <!-- Limit the verbose embedded jopr categories
+ <logger category="org.rhq">
+ <level name="WARN"/>
+ </logger>
+ -->
+ <!-- Limit the verbose seam categories
+ <logger category="org.jboss.seam">
+ <level name="WARN"/>
+ </logger>
+ -->
+
+ <!-- Show the evolution of the DataSource pool in the logs [inUse/Available/Max]
+ <logger category="org.jboss.resource.connectionmanager.JBossManagedConnectionPool">
+ <level name="TRACE"/>
+ </logger>
+ -->
+
+ <!-- Category specifically for Security Audit Provider
+ <logger category="org.jboss.security.audit.providers.LogAuditProvider" additivity="false">
+ <level name="TRACE"/>
+ <appender-ref ref="AUDIT"/>
+ </logger>
+ -->
+
+ <!-- Limit the org.jboss.serial (jboss-serialization) to INFO as its DEBUG is verbose -->
+ <logger category="org.jboss.serial">
+ <level name="INFO"/>
+ </logger>
+
+ <!-- Decrease the priority threshold for the org.jboss.varia category
+ <logger category="org.jboss.varia">
+ <level name="DEBUG"/>
+ </logger>
+ -->
+
+ <!-- Enable JBossWS message tracing
+ <logger category="org.jboss.ws.core.MessageTrace">
+ <level name="TRACE"/>
+ </logger>
+ -->
+
+ <!-- Enable System log message tracing
+ <logger category="org.jboss.system">
+ <level name="TRACE"/>
+ </logger>
+ <logger category="org.jboss.ejb.plugins">
+ <level name="TRACE"/>
+ </logger>
+ -->
+
+ <logger category="org.picketlink">
+ <level name="TRACE"/>
+ </logger>
+
+ <!--
+ | Logs these events to SNMP:
+ - server starts/stops
+ - cluster evolution (node death/startup)
+ - When an EJB archive is deployed (and associated verified messages)
+ - When an EAR archive is deployed
+
+ <logger category="org.jboss.system.server.Server">
+ <level name="INFO"/>
+ <handlers>
+ <handler-ref name="TRAP_LOG"/>
+ </handlers>
+ </logger>
+
+ <logger category="org.jboss.ha.framework.interfaces.HAPartition.lifecycle">
+ <level name="INFO"/>
+ <handlers>
+ <handler-ref name="TRAP_LOG"/>
+ </handlers>
+ </logger>
+
+ <logger category="org.jboss.deployment.MainDeployer">
+ <level name="ERROR"/>
+ <handlers>
+ <handler-ref name="TRAP_LOG"/>
+ </handlers>
+ </logger>
+
+ <logger category="org.jboss.ejb.EJBDeployer">
+ <level name="INFO"/>
+ <handlers>
+ <handler-ref name="TRAP_LOG"/>
+ </handlers>
+ </logger>
+
+ <logger category="org.jboss.deployment.EARDeployer">
+ <level name="INFO"/>
+ <handlers>
+ <handler-ref name="TRAP_LOG"/>
+ </handlers>
+ </logger>
+ -->
+
+ <!-- Reduce org.mc4j stuff in the logs -->
+ <logger category="org.mc4j">
+ <level name="WARN"/>
+ </logger>
+
+ <!-- Clustering logging -->
+ <!-- Uncomment the following to redirect the org.jgroups and
+ org.jboss.ha categories to a cluster.log file.
+
+ <size-rotating-file-handler
+ file-name="${jboss.server.log.dir}/cluster.log"
+ name="CLUSTER"
+ append="false"
+ rotate-size="500k"
+ max-backup-index="5"
+ autoflush="true">
+
+ <error-manager>
+ <only-once/>
+ </error-manager>
+
+ <formatter>
+ <pattern-formatter pattern="%d %-5p [%c] %m%n"/>
+ </formatter>
+ </size-rotating-file-handler>
+
+ <logger category="org.jgroups">
+ <level name="DEBUG" />
+ <handlers>
+ <handler-ref name="CLUSTER"/>
+ </handlers>
+ </logger>
+
+ <logger category="org.jboss.ha">
+ <level name="DEBUG" />
+ <handlers>
+ <handler-ref name="CLUSTER"/>
+ </handlers>
+ </logger>
+ -->
+
+ <!-- This is a temporary workaround for https://jira.jboss.org/jira/browse/EMBJOPR-280 and
+ should be removed once that bug if fixed in the bundled admin-console war. -->
+ <logger category="org.rhq.plugins.jbossas5.ApplicationServerComponent">
+ <level name="FATAL"/>
+ </logger>
+
+ <!-- ======================= -->
+ <!-- Setup the Root category -->
+ <!-- ======================= -->
+
+ <root-logger>
+ <!-- Set the root logger priority via a system property, with a default value. -->
+ <level name="${jboss.server.log.threshold:INFO}"/>
+ <handlers>
+ <handler-ref name="CONSOLE"/>
+ <handler-ref name="FILE"/>
+ </handlers>
+ </root-logger>
+
+</logging>
13 years, 6 months
Picketlink SVN: r1069 - integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 12:09:32 -0400 (Wed, 06 Jul 2011)
New Revision: 1069
Modified:
integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2MixedBindingGlobalLogOutUnitTestCase.java
integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2PostBindingGlobalLogOutUnitTestCase.java
integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2RedirectBindingGlobalLogOutUnitTestCase.java
Log:
add sys out statements
Modified: integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2MixedBindingGlobalLogOutUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2MixedBindingGlobalLogOutUnitTestCase.java 2011-07-06 15:29:51 UTC (rev 1068)
+++ integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2MixedBindingGlobalLogOutUnitTestCase.java 2011-07-06 16:09:32 UTC (rev 1069)
@@ -70,6 +70,7 @@
private void hitURLs( String url1, String url2, String url3, String url4 ) throws Exception
{
+ System.out.println("Trying "+ url1);
//Sales post Application Login
WebRequest serviceRequest1 = new GetMethodWebRequest( url1 );
WebConversation webConversation = new WebConversation();
@@ -85,30 +86,38 @@
assertTrue( " Reached the sales index page ", webResponse.getText().contains( "SalesTool" ));
//Employee post Application Login
+ System.out.println("Trying "+ url2);
webResponse = webConversation.getResponse( url2 );
assertTrue( " Reached the employee index page ", webResponse.getText().contains( "EmployeeDashboard" ));
//Sales Application Login
+ System.out.println("Trying "+ url3);
webResponse = webConversation.getResponse( url3 );
assertTrue( " Reached the employee index page ", webResponse.getText().contains( "SalesTool" ));
//Employee Application Login
+ System.out.println("Trying "+ url4);
webResponse = webConversation.getResponse( url4 );
assertTrue( " Reached the employee index page ", webResponse.getText().contains( "EmployeeDashboard" ));
//Logout from sales
+ System.out.println("Trying "+ url1 + LOGOUT_URL);
webResponse = webConversation.getResponse( url1 + LOGOUT_URL );
assertTrue( "Reached logged out page", webResponse.getText().contains( "logged" ) );
//Hit the Sales Apps again
+ System.out.println("Trying "+ url1);
webResponse = webConversation.getResponse( url1 );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
+ System.out.println("Trying "+ url3);
webResponse = webConversation.getResponse( url3 );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
//Hit the Employee Apps again
+ System.out.println("Trying "+ url2);
webResponse = webConversation.getResponse( url2 );
- assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
+ assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
+ System.out.println("Trying "+ url2);
webResponse = webConversation.getResponse( url2 );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
}
Modified: integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2PostBindingGlobalLogOutUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2PostBindingGlobalLogOutUnitTestCase.java 2011-07-06 15:29:51 UTC (rev 1068)
+++ integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2PostBindingGlobalLogOutUnitTestCase.java 2011-07-06 16:09:32 UTC (rev 1069)
@@ -53,9 +53,9 @@
@Test
public void testSAMLPostBindingGlobalLogOut() throws Exception
- {
-
- //Sales Application Login
+ {
+ //Sales Application Login
+ System.out.println("Trying "+ getService1URL());
WebRequest serviceRequest1 = new GetMethodWebRequest( getService1URL() );
WebConversation webConversation = new WebConversation();
@@ -70,18 +70,23 @@
assertTrue( " Reached the sales index page ", webResponse.getText().contains( "SalesTool" ));
//Employee Application Login
+ System.out.println("Trying "+ getService2URL());
webResponse = webConversation.getResponse( getService2URL() );
assertTrue( " Reached the employee index page ", webResponse.getText().contains( "EmployeeDashboard" ));
//Logout from sales
+
+ System.out.println("Trying "+ getService1URL() + LOGOUT_URL);
webResponse = webConversation.getResponse( getService1URL() + LOGOUT_URL );
assertTrue( "Reached logged out page", webResponse.getText().contains( "logged" ) );
//Hit the Sales App again
+ System.out.println("Trying "+ getService1URL());
webResponse = webConversation.getResponse( getService1URL() );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
//Hit the Employee App again
+ System.out.println("Trying "+ getService2URL());
webResponse = webConversation.getResponse( getService2URL() );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
}
Modified: integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2RedirectBindingGlobalLogOutUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2RedirectBindingGlobalLogOutUnitTestCase.java 2011-07-06 15:29:51 UTC (rev 1068)
+++ integration-tests/trunk/picketlink-saml-tests/src/test/java/org/picketlink/test/integration/saml2/SAML2RedirectBindingGlobalLogOutUnitTestCase.java 2011-07-06 16:09:32 UTC (rev 1069)
@@ -57,6 +57,8 @@
String LOGOUT_URL = "?GLO=true";
//Sales Application Login
+
+ System.out.println("Trying "+ SERVICE_1_URL);
WebRequest serviceRequest1 = new GetMethodWebRequest( SERVICE_1_URL );
WebConversation webConversation = new WebConversation();
@@ -71,19 +73,23 @@
assertTrue( " Reached the sales index page ", webResponse.getText().contains( "SalesTool" ));
//Employee Application Login
+ System.out.println("Trying "+ SERVICE_2_URL);
webResponse = webConversation.getResponse( SERVICE_2_URL );
assertTrue( " Reached the employee index page ", webResponse.getText().contains( "EmployeeDashboard" ));
//Logout from sales
+ System.out.println("Trying "+ SERVICE_1_URL + LOGOUT_URL);
webResponse = webConversation.getResponse( SERVICE_1_URL + LOGOUT_URL );
assertTrue( "Reached logged out page", webResponse.getText().contains( "logged" ) );
//Hit the Sales App again
+ System.out.println("Trying "+ SERVICE_1_URL);
webResponse = webConversation.getResponse( SERVICE_1_URL );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
//Hit the Employee App again
+ System.out.println("Trying "+ SERVICE_2_URL);
webResponse = webConversation.getResponse( SERVICE_2_URL );
assertTrue( " Reached the Login page ", webResponse.getText().contains( "Login" ));
}
-}
+}
\ No newline at end of file
13 years, 6 months
Picketlink SVN: r1068 - in federation/trunk/picketlink-fed-core/src/main: java/org/picketlink/identity/federation/core/saml/v1/providers and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 11:29:51 -0400 (Wed, 06 Jul 2011)
New Revision: 1068
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java
Removed:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml
Log:
PLFED-189:
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-07-06 14:45:20 UTC (rev 1067)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-07-06 15:29:51 UTC (rev 1068)
@@ -52,6 +52,14 @@
String AUTHENTICATION_METHOD = "AuthenticationMethod";
+ String AUTH_METHOD_PASSWORD = "urn:oasis:names:tc:SAML:1.0:am:password";
+
+ String AUTH_METHOD_KERBEROS = "urn:ietf:rfc:1510";
+
+ String AUTH_METHOD_SRP = "urn:ietf:rfc:2945";
+
+ String AUTH_METHOD_TLS = "urn:ietf:rfc:2246";
+
String AUTHENTICATION_QUERY = "AuthenticationQuery";
String AUTHENTICATION_STATEMENT = "AuthenticationStatement";
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java 2011-07-06 14:45:20 UTC (rev 1067)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java 2011-07-06 15:29:51 UTC (rev 1068)
@@ -59,6 +59,8 @@
protected SAML11AssertionType issuedAssertion;
+ protected String authMethod = SAML11Constants.AUTH_METHOD_PASSWORD;
+
/**
* Get the Issuer ID
* @return instance of {@link SAML11NameIdentifierType}
@@ -158,6 +160,25 @@
}
/**
+ * Get the Authentication Method
+ * @return
+ */
+ public String getAuthMethod()
+ {
+ return authMethod;
+ }
+
+ /**
+ * Set the Authentication Method.
+ * By default, it is set to urn:oasis:names:tc:SAML:1.0:am:password
+ * @param authMethod
+ */
+ public void setAuthMethod(String authMethod)
+ {
+ this.authMethod = authMethod;
+ }
+
+ /**
* @see org.picketlink.identity.federation.core.interfaces.ProtocolContext#serviceName()
*/
public String serviceName()
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java 2011-07-06 15:29:51 UTC (rev 1068)
@@ -0,0 +1,295 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.saml.v1.providers;
+
+import java.io.IOException;
+import java.net.URI;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
+
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
+import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v1.SAML11ProtocolContext;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.sts.AbstractSecurityTokenProvider;
+import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+
+/**
+ * <p>
+ * A {@code SecurityTokenProvider} implementation for the SAML11 Specification.
+ * </p>
+ * <p>
+ * This token provider does not handle the SAML20 Token Profile of the Oasis WS-Trust Specification.
+ * @see {@code SAML20TokenProvider}
+ * </p>
+ * <p>
+ * Configurable Properties are:
+ * </p>
+ * <p>
+ * ASSERTION_VALIDITY: specify the validity of the assertion in miliseconds. (Example: 5000 = 5secs)
+ * </p>
+ * <p>
+ * CLOCK_SKEW: specify the clock skew of the conditions for assertion in miliseconds. (Example: 2000 = 2secs)
+ * </p>
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 30, 2010
+ */
+public class SAML11AssertionTokenProvider extends AbstractSecurityTokenProvider implements SecurityTokenProvider
+{
+ public static final String NS = SAML11Constants.ASSERTION_11_NSURI;
+
+ private long ASSERTION_VALIDITY = 5000; //5secs in milis
+
+ private long CLOCK_SKEW = 2000; //2secs
+
+ public void initialize(Map<String, String> props)
+ {
+ super.initialize(props);
+
+ String validity = this.properties.get("ASSERTION_VALIDITY");
+ if (validity != null)
+ {
+ ASSERTION_VALIDITY = Long.parseLong(validity);
+ }
+ String skew = this.properties.get("CLOCK_SKEW");
+ if (skew != null)
+ {
+ CLOCK_SKEW = Long.parseLong(skew);
+ }
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#supports(java.lang.String)
+ */
+ public boolean supports(String namespace)
+ {
+ return NS.equals(namespace);
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#issueToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
+ */
+ public void issueToken(ProtocolContext context) throws ProcessingException
+ {
+ if (!(context instanceof SAML11ProtocolContext))
+ return;
+
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ SAML11ProtocolContext samlProtocolContext = (SAML11ProtocolContext) context;
+
+ SAML11NameIdentifierType issuerID = samlProtocolContext.getIssuerID();
+ XMLGregorianCalendar issueInstant;
+ try
+ {
+ issueInstant = XMLTimeUtil.getIssueInstant();
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+ SAML11SubjectType subject = samlProtocolContext.getSubjectType();
+ List<SAML11StatementAbstractType> statements = samlProtocolContext.getStatements();
+
+ // generate an id for the new assertion.
+ String assertionID = IDGenerator.create("ID_");
+
+ SAML11AssertionType assertionType = new SAML11AssertionType(assertionID, issueInstant);
+ assertionType.setIssuer(issuerID.getValue());
+ assertionType.addAllStatements(statements);
+ try
+ {
+ AssertionUtil.createSAML11TimedConditions(assertionType, ASSERTION_VALIDITY, CLOCK_SKEW);
+ }
+ catch (Exception e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ //Create authentication statement
+ URI authenticationMethod = URI.create(samlProtocolContext.getAuthMethod());
+ SAML11AuthenticationStatementType stat = new SAML11AuthenticationStatementType(authenticationMethod, issueInstant);
+ stat.setSubject(subject);
+ assertionType.add(stat);
+
+ try
+ {
+ this.tokenRegistry.addToken(assertionID, assertionType);
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException(e);
+ }
+ samlProtocolContext.setIssuedAssertion(assertionType);
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#renewToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
+ */
+ public void renewToken(ProtocolContext context) throws ProcessingException
+ {
+ if (!(context instanceof SAMLProtocolContext))
+ return;
+
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
+
+ AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
+
+ try
+ {
+ XMLGregorianCalendar currentTime = XMLTimeUtil.getIssueInstant();
+ issuedAssertion.updateIssueInstant(currentTime);
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ try
+ {
+ AssertionUtil.createTimedConditions(issuedAssertion, ASSERTION_VALIDITY, CLOCK_SKEW);
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+ catch (IssueInstantMissingException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ try
+ {
+ this.tokenRegistry.addToken(issuedAssertion.getID(), issuedAssertion);
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException(e);
+ }
+ samlProtocolContext.setIssuedAssertion(issuedAssertion);
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#cancelToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
+ */
+ public void cancelToken(ProtocolContext context) throws ProcessingException
+ {
+ if (!(context instanceof SAMLProtocolContext))
+ return;
+
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
+ AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
+ try
+ {
+ this.tokenRegistry.removeToken(issuedAssertion.getID());
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#validateToken(org.picketlink.identity.federation.core.interfaces.ProtocolContext)
+ */
+ public void validateToken(ProtocolContext context) throws ProcessingException
+ {
+ if (!(context instanceof SAMLProtocolContext))
+ return;
+
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
+
+ AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
+
+ try
+ {
+ if (!AssertionUtil.hasExpired(issuedAssertion))
+ throw new ProcessingException("Assertion has expired");
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ if (issuedAssertion == null)
+ throw new ProcessingException("Assertion is null");
+ if (this.tokenRegistry.getToken(issuedAssertion.getID()) == null)
+ throw new ProcessingException("Invalid Assertion");
+ }
+
+ /**
+ *
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#tokenType()
+ */
+ public String tokenType()
+ {
+ return NS;
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#getSupportedQName()
+ */
+ public QName getSupportedQName()
+ {
+ return new QName(NS, JBossSAMLConstants.ASSERTION.get());
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#family()
+ */
+ public String family()
+ {
+ return SecurityTokenProvider.FAMILY_TYPE.SAML2.toString();
+ }
+}
\ No newline at end of file
Property changes on: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/providers/SAML11AssertionTokenProvider.java
___________________________________________________________________
Added: svn:executable
+ *
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-06 14:45:20 UTC (rev 1067)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-06 15:29:51 UTC (rev 1068)
@@ -203,6 +203,30 @@
}
/**
+ * Add validity conditions to the SAML2 Assertion
+ * @param assertion
+ * @param durationInMilis
+ * @throws ConfigurationException
+ * @throws IssueInstantMissingException
+ */
+ public static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew)
+ throws ConfigurationException, IssueInstantMissingException
+ {
+ XMLGregorianCalendar issueInstant = assertion.getIssueInstant();
+ if (issueInstant == null)
+ throw new IssueInstantMissingException("null issue instant");
+ XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis + clockSkew);
+
+ SAML11ConditionsType conditionsType = new SAML11ConditionsType();
+
+ XMLGregorianCalendar beforeInstant = XMLTimeUtil.subtract(issueInstant, clockSkew);
+
+ conditionsType.setNotBefore(beforeInstant);
+ conditionsType.setNotOnOrAfter(assertionValidityLength);
+ assertion.setConditions(conditionsType);
+ }
+
+ /**
* Given an assertion element, validate the signature
* @param assertionElement
* @param publicKey the {@link PublicKey}
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java 2011-07-06 14:45:20 UTC (rev 1067)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java 2011-07-06 15:29:51 UTC (rev 1068)
@@ -1,453 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
- * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
- * contributors.
- *
- * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
- * later version.
- *
- * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
- * details.
- *
- * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
- * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
- * http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust.plugins.saml;
-
-import java.net.URI;
-import java.security.Principal;
-import java.security.PrivilegedActionException;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.xml.datatype.XMLGregorianCalendar;
-import javax.xml.namespace.QName;
-
-import org.apache.log4j.Logger;
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
-import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
-import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
-import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
-import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
-import org.picketlink.identity.federation.core.sts.AbstractSecurityTokenProvider;
-import org.picketlink.identity.federation.core.wstrust.SecurityToken;
-import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
-import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
-import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
-import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11AudienceRestrictionCondition;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
-import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
-import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.ws.policy.AppliesTo;
-import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
-import org.picketlink.identity.federation.ws.trust.StatusType;
-import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
-import org.w3c.dom.Element;
-
-/**
- * <p>
- * A {@code SecurityTokenProvider} implementation that handles WS-Trust SAML 1.1 token requests.
- * </p>
- *
- * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
- */
-public class SAML11TokenProvider extends AbstractSecurityTokenProvider implements SecurityTokenProvider
-{
- protected static Logger logger = Logger.getLogger(SAML11TokenProvider.class);
-
- private SAML20TokenAttributeProvider attributeProvider;
-
- /*
- * (non-Javadoc)
- *
- * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#initialize(java.util.Map)
- */
- public void initialize(Map<String, String> properties)
- {
- super.initialize(properties);
-
- // Check if an attribute provider has been set.
- String attributeProviderClassName = this.properties.get(ATTRIBUTE_PROVIDER);
- if (attributeProviderClassName == null)
- {
- if (logger.isDebugEnabled())
- logger.debug("No attribute provider set");
- }
- else
- {
- try
- {
- Object object = SecurityActions.instantiateClass(attributeProviderClassName);
- if (object instanceof SAML20TokenAttributeProvider)
- {
- this.attributeProvider = (SAML20TokenAttributeProvider) object;
- this.attributeProvider.setProperties(this.properties);
- }
- else
- logger.warn("Attribute provider not installed: " + attributeProviderClassName
- + "is not an instance of SAML20TokenAttributeProvider");
- }
- catch (PrivilegedActionException pae)
- {
- logger.warn("Error instantiating attribute provider: " + pae.getMessage());
- pae.printStackTrace();
- }
- }
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * cancelToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
- */
- public void cancelToken(ProtocolContext protoContext) throws ProcessingException
- {
- if (!(protoContext instanceof WSTrustRequestContext))
- return;
-
- WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
-
- // get the assertion that must be canceled.
- Element token = context.getRequestSecurityToken().getCancelTargetElement();
- if (token == null)
- throw new ProcessingException("Invalid cancel request: missing required CancelTarget");
- Element assertionElement = (Element) token.getFirstChild();
- if (!this.isAssertion(assertionElement))
- throw new ProcessingException("CancelTarget doesn't not contain a SAMLV1.1 assertion");
-
- // get the assertion ID and add it to the canceled assertions set.
- String assertionId = assertionElement.getAttribute(SAML11Constants.ASSERTIONID);
- this.revocationRegistry.revokeToken(SAMLUtil.SAML11_TOKEN_TYPE, assertionId);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * issueToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
- */
- public void issueToken(ProtocolContext protoContext) throws ProcessingException
- {
- if (!(protoContext instanceof WSTrustRequestContext))
- return;
-
- WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
- // generate an id for the new assertion.
- String assertionID = IDGenerator.create("ID_");
-
- // lifetime and audience restrictions.
- Lifetime lifetime = context.getRequestSecurityToken().getLifetime();
- SAML11AudienceRestrictionCondition restriction = null;
- AppliesTo appliesTo = context.getRequestSecurityToken().getAppliesTo();
- if (appliesTo != null)
- {
- restriction = new SAML11AudienceRestrictionCondition();
- restriction.add(URI.create(WSTrustUtil.parseAppliesTo(appliesTo)));
- }
- SAML11ConditionsType conditions = new SAML11ConditionsType();
- conditions.setNotBefore(lifetime.getCreated());
- conditions.setNotOnOrAfter(lifetime.getExpires());
- conditions.add(restriction);
-
- // the assertion principal (default is caller principal)
- Principal principal = context.getCallerPrincipal();
-
- String confirmationMethod = null;
- //KeyInfoConfirmationDataType keyInfoDataType = null;
-
- Element keyInfo = null;
-
- // if there is a on-behalf-of principal, we have the sender vouches confirmation method.
- if (context.getOnBehalfOfPrincipal() != null)
- {
- principal = context.getOnBehalfOfPrincipal();
- confirmationMethod = SAMLUtil.SAML11_SENDER_VOUCHES_URI;
- }
- // if there is a proof-of-possession token in the context, we have the holder of key confirmation method.
- else if (context.getProofTokenInfo() != null)
- {
- confirmationMethod = SAMLUtil.SAML11_HOLDER_OF_KEY_URI;
- //keyInfoDataType = SAMLAssertionFactory.createKeyInfoConfirmation(context.getProofTokenInfo());
- keyInfo = (Element) context.getProofTokenInfo().getContent().get(0);
- }
- else
- confirmationMethod = SAMLUtil.SAML11_BEARER_URI;
-
- /* SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,
- confirmationMethod, keyInfoDataType);
- */
- SAML11SubjectConfirmationType subjectConfirmation = new SAML11SubjectConfirmationType();
- subjectConfirmation.addConfirmationMethod(URI.create(confirmationMethod));
- if (keyInfo != null)
- subjectConfirmation.setKeyInfo(keyInfo);
-
- // create a subject using the caller principal or on-behalf-of principal.
- String subjectName = principal == null ? "ANONYMOUS" : principal.getName();
- SAML11NameIdentifierType nameID = new SAML11NameIdentifierType();
- nameID.setNameQualifier("urn:picketlink:identity-federation");
- nameID.setValue(subjectName);
-
- SAML11SubjectTypeChoice subjectChoice = new SAML11SubjectTypeChoice(nameID);
- SAML11SubjectType subject = new SAML11SubjectType();
- subject.setChoice(subjectChoice);
- subject.setSubjectConfirmation(subjectConfirmation);
-
- // create the attribute statements if necessary.
- List<StatementAbstractType> statements = null;
- Map<String, Object> claimedAttributes = context.getClaimedAttributes();
- if (claimedAttributes != null)
- {
- statements = new ArrayList<StatementAbstractType>();
- statements.add(StatementUtil.createAttributeStatement(claimedAttributes));
- }
- throw new RuntimeException("Implement");
-
- /*
- // create the SAML assertion.
- NameIDType issuerID = SAMLAssertionFactory.createNameID(null, null, context.getTokenIssuer());
- AssertionType assertion = SAMLAssertionFactory.createAssertion(assertionID, issuerID, lifetime.getCreated(),
- conditions, subject, statements);
-
- if (this.attributeProvider != null)
- {
- AttributeStatementType attributeStatement = this.attributeProvider.getAttributeStatement();
- if (attributeStatement != null)
- {
- assertion.addStatement(attributeStatement);
- }
- }
-
- // convert the constructed assertion to element.
- Element assertionElement = null;
- try
- {
- assertionElement = SAMLUtil.toElement(assertion);
- }
- catch (Exception e)
- {
- throw new ProcessingException("Failed to marshall SAMLV2 assertion", e);
- }
-
- SecurityToken token = new StandardSecurityToken(context.getRequestSecurityToken().getTokenType().toString(),
- assertionElement, assertionID);
- context.setSecurityToken(token);
-
- // set the SAML assertion attached reference.
- KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML11_VALUE_TYPE, "#" + assertionID);
- Map<QName, String> attributes = new HashMap<QName, String>();
- attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType", WSTrustConstants.WSSE.PREFIX_11),
- SAMLUtil.SAML11_TOKEN_TYPE);
- RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes);
- context.setAttachedReference(attachedReference);*/
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * renewToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
- */
- public void renewToken(ProtocolContext protoContext) throws ProcessingException
- {
- if (!(protoContext instanceof WSTrustRequestContext))
- return;
-
- WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
- // get the specified assertion that must be renewed.
- Element token = context.getRequestSecurityToken().getRenewTargetElement();
- if (token == null)
- throw new ProcessingException("Invalid renew request: missing required RenewTarget");
- Element oldAssertionElement = (Element) token.getFirstChild();
- if (!this.isAssertion(oldAssertionElement))
- throw new ProcessingException("RenewTarget doesn't not contain a SAMLV1.1 assertion");
-
- // get the JAXB representation of the old assertion.
- SAML11AssertionType oldAssertion = null;
- try
- {
- oldAssertion = SAMLUtil.saml11FromElement(oldAssertionElement);
- }
- catch (Exception je)
- {
- throw new ProcessingException("Error unmarshalling assertion", je);
- }
-
- // canceled assertions cannot be renewed.
- if (this.revocationRegistry.isRevoked(SAMLUtil.SAML11_TOKEN_TYPE, oldAssertion.getID()))
- throw new ProcessingException("Assertion with id " + oldAssertion.getID()
- + " has been canceled and cannot be renewed");
-
- // adjust the lifetime for the renewed assertion.
- SAML11ConditionsType conditions = oldAssertion.getConditions();
- conditions.setNotBefore(context.getRequestSecurityToken().getLifetime().getCreated());
- conditions.setNotOnOrAfter(context.getRequestSecurityToken().getLifetime().getExpires());
-
- // create a new unique ID for the renewed assertion.
- String assertionID = IDGenerator.create("ID_");
-
- List<SAML11StatementAbstractType> statements = new ArrayList<SAML11StatementAbstractType>();
- statements.addAll(oldAssertion.getStatements());
-
- // create the new assertion.
- XMLGregorianCalendar created = context.getRequestSecurityToken().getLifetime().getCreated();
-
- SAML11AssertionType newAssertion = AssertionUtil.createSAML11Assertion(assertionID, created,
- oldAssertion.getIssuer());
- newAssertion.addAllStatements(oldAssertion.getStatements());
-
- // create a security token with the new assertion.
- Element assertionElement = null;
- try
- {
- assertionElement = SAMLUtil.toElement(newAssertion);
- }
- catch (Exception e)
- {
- throw new ProcessingException("Failed to marshall SAMLV2 assertion", e);
- }
- SecurityToken securityToken = new StandardSecurityToken(context.getRequestSecurityToken().getTokenType()
- .toString(), assertionElement, assertionID);
- context.setSecurityToken(securityToken);
-
- // set the SAML assertion attached reference.
- KeyIdentifierType keyIdentifier = WSTrustUtil.createKeyIdentifier(SAMLUtil.SAML11_VALUE_TYPE, "#" + assertionID);
- Map<QName, String> attributes = new HashMap<QName, String>();
- attributes.put(new QName(WSTrustConstants.WSSE11_NS, "TokenType"), SAMLUtil.SAML11_TOKEN_TYPE);
- RequestedReferenceType attachedReference = WSTrustUtil.createRequestedReference(keyIdentifier, attributes);
- context.setAttachedReference(attachedReference);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.picketlink.identity.federation.core.wstrust.SecurityTokenProvider#
- * validateToken(org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext)
- */
- public void validateToken(ProtocolContext protoContext) throws ProcessingException
- {
- if (!(protoContext instanceof WSTrustRequestContext))
- return;
-
- WSTrustRequestContext context = (WSTrustRequestContext) protoContext;
- if (logger.isTraceEnabled())
- logger.trace("SAML V2.0 token validation started");
-
- // get the SAML assertion that must be validated.
- Element token = context.getRequestSecurityToken().getValidateTargetElement();
- if (token == null)
- throw new ProcessingException("Bad validate request: missing required ValidateTarget");
-
- String code = WSTrustConstants.STATUS_CODE_VALID;
- String reason = "SAMLV2.0 Assertion successfuly validated";
-
- SAML11AssertionType assertion = null;
- Element assertionElement = (Element) token.getFirstChild();
- if (!this.isAssertion(assertionElement))
- {
- code = WSTrustConstants.STATUS_CODE_INVALID;
- reason = "Validation failure: supplied token is not a SAMLV2.0 Assertion";
- }
- else
- {
- try
- {
- assertion = SAMLUtil.saml11FromElement(assertionElement);
- }
- catch (Exception e)
- {
- throw new ProcessingException("Unmarshalling error:", e);
- }
- }
-
- // check if the assertion has been canceled before.
- if (this.revocationRegistry.isRevoked(SAMLUtil.SAML11_TOKEN_TYPE, assertion.getID()))
- {
- code = WSTrustConstants.STATUS_CODE_INVALID;
- reason = "Validation failure: assertion with id " + assertion.getID() + " has been canceled";
- }
-
- // check the assertion lifetime.
- try
- {
- if (AssertionUtil.hasExpired(assertion))
- {
- code = WSTrustConstants.STATUS_CODE_INVALID;
- reason = "Validation failure: assertion expired or used before its lifetime period";
- }
- }
- catch (Exception ce)
- {
- code = WSTrustConstants.STATUS_CODE_INVALID;
- reason = "Validation failure: unable to verify assertion lifetime: " + ce.getMessage();
- }
-
- // construct the status and set it on the request context.
- StatusType status = new StatusType();
- status.setCode(code);
- status.setReason(reason);
- context.setStatus(status);
- }
-
- /**
- * <p>
- * Checks whether the specified element is a SAMLV2.0 assertion or not.
- * </p>
- *
- * @param element
- * the {@code Element} being verified.
- * @return {@code true} if the element is a SAMLV2.0 assertion; {@code false} otherwise.
- */
- private boolean isAssertion(Element element)
- {
- return element == null ? false : "Assertion".equals(element.getLocalName())
- && SAML11Constants.ASSERTION_11_NSURI.equals(element.getNamespaceURI());
- }
-
- /**
- * @see {@code SecurityTokenProvider#supports(String)}
- */
- public boolean supports(String namespace)
- {
- return WSTrustConstants.BASE_NAMESPACE.equals(namespace);
- }
-
- /**
- * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#tokenType()
- */
- public String tokenType()
- {
- return SAMLUtil.SAML11_TOKEN_TYPE;
- }
-
- /**
- * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#getSupportedQName()
- */
- public QName getSupportedQName()
- {
- return new QName(tokenType(), JBossSAMLConstants.ASSERTION.get());
- }
-
- /**
- * @see org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider#family()
- */
- public String family()
- {
- return SecurityTokenProvider.FAMILY_TYPE.WS_TRUST.toString();
- }
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml 2011-07-06 14:45:20 UTC (rev 1067)
+++ federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml 2011-07-06 15:29:51 UTC (rev 1068)
@@ -5,7 +5,7 @@
TokenType="urn:oasis:names:tc:SAML:2.0:assertion"
TokenElement="Assertion"
TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <TokenProvider ProviderClass="org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML11TokenProvider"
+ <TokenProvider ProviderClass="org.picketlink.identity.federation.core.saml.v1.providers.SAML11AssertionTokenProvider"
TokenType="urn:oasis:names:tc:SAML:1.0:assertion"
TokenElement="Assertion"
TokenElementNS="urn:oasis:names:tc:SAML:1.0:assertion"/>
13 years, 6 months
Picketlink SVN: r1067 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 10:45:20 -0400 (Wed, 06 Jul 2011)
New Revision: 1067
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java
Log:
PLFED-189:
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06 14:44:27 UTC (rev 1066)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06 14:45:20 UTC (rev 1067)
@@ -23,6 +23,8 @@
import static org.picketlink.identity.federation.core.util.StringUtil.isNotNull;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
@@ -38,6 +40,7 @@
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
+import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.xml.crypto.dsig.CanonicalizationMethod;
@@ -68,6 +71,10 @@
import org.picketlink.identity.federation.core.interfaces.TrustKeyConfigurationException;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
import org.picketlink.identity.federation.core.interfaces.TrustKeyProcessingException;
+import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
+import org.picketlink.identity.federation.core.saml.v1.SAML11ProtocolContext;
+import org.picketlink.identity.federation.core.saml.v1.writers.SAML11ResponseWriter;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -82,12 +89,19 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.HandlerUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11StatusType;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
@@ -341,7 +355,20 @@
else
{
//TODO: PLFED-193
- log.error("No SAML Request or Response Message");
+ String target = request.getParameter(SAML11Constants.TARGET);
+ if (isNotNull(target))
+ {
+ //We have SAML 1.1 IDP first scenario. Now we need to create a SAMLResponse and send back
+ //to SP as per target
+ handleSAML11(webRequestUtil, request, response);
+ }
+ else
+ {
+ //Send it to the hosted page
+ RequestDispatcher dispatch = request.getRequestDispatcher("/hosted/");
+ dispatch.forward(request, response);
+ }
+ /*log.error("No SAML Request or Response Message");
if (trace)
log.trace("Referer=" + referer);
@@ -353,9 +380,57 @@
{
if (trace)
log.trace(e);
+ }*/
+ }
+ }
+ }
+
+ protected void handleSAML11(IDPWebRequestUtil webRequestUtil, Request request, Response response)
+ throws ServletException, IOException
+ {
+ try
+ {
+ String target = request.getParameter(SAML11Constants.TARGET);
+
+ Session session = request.getSessionInternal();
+ SAML11AssertionType saml11Assertion = (SAML11AssertionType) session.getNote("SAML11");
+ if (saml11Assertion == null)
+ {
+ SAML11ProtocolContext saml11Protocol = new SAML11ProtocolContext();
+ PicketLinkCoreSTS.instance().issueToken(saml11Protocol);
+ saml11Assertion = saml11Protocol.getIssuedAssertion();
+ session.setNote("SAML11", saml11Assertion);
+
+ if (AssertionUtil.hasExpired(saml11Assertion))
+ {
+ saml11Protocol.setIssuedAssertion(saml11Assertion);
+ PicketLinkCoreSTS.instance().renewToken(saml11Protocol);
+ saml11Assertion = saml11Protocol.getIssuedAssertion();
+ session.setNote("SAML11", saml11Assertion);
}
}
+ //Send it as SAMLResponse
+ String id = IDGenerator.create("ID_");
+ SAML11ResponseType saml11Response = new SAML11ResponseType(id, XMLTimeUtil.getIssueInstant());
+ saml11Response.add(saml11Assertion);
+ saml11Response.setStatus(SAML11StatusType.successType());
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAML11ResponseWriter writer = new SAML11ResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(saml11Response);
+
+ Document samlResponse = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+
+ WebRequestUtilHolder holder = webRequestUtil.getHolder();
+ holder.setResponseDoc(samlResponse).setDestination(target).setRelayState("").setAreWeSendingRequest(false)
+ .setPrivateKey(null).setSupportSignature(false).setServletResponse(response);
+ webRequestUtil.send(holder);
}
+ catch (GeneralSecurityException e)
+ {
+ log.error("Exception handling saml 11 use case:", e);
+ throw new ServletException();
+ }
}
protected void processSAMLRequestMessage(IDPWebRequestUtil webRequestUtil, Request request, Response response)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java 2011-07-06 14:44:27 UTC (rev 1066)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/SecurityTokenProvider.java 2011-07-06 14:45:20 UTC (rev 1067)
@@ -26,7 +26,7 @@
import javax.xml.namespace.QName;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.wstrust.WSTrustException;
+import org.picketlink.identity.federation.core.wstrust.WSTrustException;
/**
* <p>
@@ -41,11 +41,10 @@
* An enumeration that identifies the family to which
* the security token provider belongs
*/
- public enum FAMILY_TYPE
- {
- SAML2, WS_TRUST,OPENID,OAUTH, CUSTOM;
+ public enum FAMILY_TYPE {
+ SAML2, SAML11, WS_TRUST, OPENID, OAUTH, CUSTOM;
}
-
+
/**
* <p>
* Initializes the {@code SecurityTokenProvider} using the specified properties map.
@@ -55,27 +54,26 @@
* this {@code SecurityTokenProvider}.
*/
public void initialize(Map<String, String> properties);
-
+
/**
* Specify whether this token provider supports a particular namespace
* @param namespace a string value representing a namespace
* @return
*/
- public boolean supports( String namespace );
-
+ public boolean supports(String namespace);
+
/**
* Token Type
* @return
*/
public String tokenType();
-
+
/**
* Provide an optional {@code QName} for configuration
* @return
*/
public QName getSupportedQName();
-
-
+
/**
* The family where this security token provider belongs
* @see {@code FAMILY_TYPE}}
@@ -92,7 +90,7 @@
* @param context the {@code ProtocolContext} to be used when generating the token.
* @throws WSTrustException if an error occurs while creating the security token.
*/
- public void issueToken( ProtocolContext context) throws ProcessingException;
+ public void issueToken(ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -103,7 +101,7 @@
* @param context the {@code ProtocolContext} that contains the token to be renewed.
* @throws WSTrustException if an error occurs while renewing the security token.
*/
- public void renewToken( ProtocolContext context) throws ProcessingException;
+ public void renewToken(ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -114,7 +112,7 @@
* @param context the {@code ProtocolContext} that contains the token to be canceled.
* @throws WSTrustException if an error occurs while canceling the security token.
*/
- public void cancelToken( ProtocolContext context) throws ProcessingException;
+ public void cancelToken(ProtocolContext context) throws ProcessingException;
/**
* <p>
@@ -125,5 +123,5 @@
* @param context the {@code ProtocolContext} that contains the token to be validated.
* @throws WSTrustException if an error occurs while validating the security token.
*/
- public void validateToken( ProtocolContext context) throws ProcessingException;
+ public void validateToken(ProtocolContext context) throws ProcessingException;
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java 2011-07-06 14:44:27 UTC (rev 1066)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAML11ResponseParser.java 2011-07-06 14:45:20 UTC (rev 1067)
@@ -124,7 +124,7 @@
QName startElementName = startElement.getName();
String elementTag = startElementName.getLocalPart();
- SAML11StatusCodeType statusCode = new SAML11StatusCodeType();
+ SAML11StatusCodeType statusCode = null;
if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
{
@@ -134,7 +134,7 @@
Attribute valueAttr = startElement.getAttributeByName(new QName("Value"));
if (valueAttr != null)
{
- statusCode.setValue(new QName(StaxParserUtil.getAttributeValue(valueAttr)));
+ statusCode = new SAML11StatusCodeType(new QName(StaxParserUtil.getAttributeValue(valueAttr)));
}
status.setStatusCode(statusCode);
@@ -143,12 +143,13 @@
elementTag = startElement.getName().getLocalPart();
if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
{
- SAML11StatusCodeType subStatusCodeType = new SAML11StatusCodeType();
+ SAML11StatusCodeType subStatusCodeType = null;
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
Attribute subValueAttr = startElement.getAttributeByName(new QName("Value"));
if (subValueAttr != null)
{
- subStatusCodeType.setValue(new QName(StaxParserUtil.getAttributeValue(subValueAttr)));
+ subStatusCodeType = new SAML11StatusCodeType(
+ new QName(StaxParserUtil.getAttributeValue(subValueAttr)));
}
statusCode.setStatusCode(subStatusCodeType);
13 years, 6 months
Picketlink SVN: r1066 - in federation/trunk: picketlink-fed-core/src/main/resources and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 10:44:27 -0400 (Wed, 06 Jul 2011)
New Revision: 1066
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusType.java
Log:
PLFED-189:
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-07-06 14:43:18 UTC (rev 1065)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11Constants.java 2011-07-06 14:44:27 UTC (rev 1066)
@@ -118,5 +118,7 @@
String STATUS_MSG = "StatusMessage";
+ String TARGET = "TARGET";
+
String VALUE = "Value";
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java 2011-07-06 14:44:27 UTC (rev 1066)
@@ -0,0 +1,193 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.saml.v1;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
+import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+
+/**
+ * <p>
+ * A SAML2 specification based instance of {@code ProtocolContext}
+ * </p>
+ * <p>
+ * This instance is used to pass information from the IDP to the Core STS.
+ * </p>
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Dec 30, 2010
+ */
+public class SAML11ProtocolContext implements ProtocolContext
+{
+ protected SAML11NameIdentifierType issuerID;
+
+ protected SAML11SubjectType subjectType;
+
+ protected SAML11ConditionsType conditions;
+
+ protected List<SAML11StatementAbstractType> statements = new ArrayList<SAML11StatementAbstractType>();
+
+ protected SAML11AssertionType issuedAssertion;
+
+ /**
+ * Get the Issuer ID
+ * @return instance of {@link SAML11NameIdentifierType}
+ */
+ public SAML11NameIdentifierType getIssuerID()
+ {
+ return issuerID;
+ }
+
+ /**
+ * Set the Issuer ID
+ * @param issuerID {@link SAML11NameIdentifierType}
+ */
+ public void setIssuerID(SAML11NameIdentifierType issuerID)
+ {
+ this.issuerID = issuerID;
+ }
+
+ /**
+ * Get the subject
+ * @return {@link SAML11SubjectType}
+ */
+ public SAML11SubjectType getSubjectType()
+ {
+ return subjectType;
+ }
+
+ /**
+ * Set the subject
+ * @param subjectType {@link SAML11SubjectType}
+ */
+ public void setSubjectType(SAML11SubjectType subjectType)
+ {
+ this.subjectType = subjectType;
+ }
+
+ /**
+ * Get the conditions
+ * @return {@link SAML11ConditionsType}
+ */
+ public SAML11ConditionsType getConditions()
+ {
+ return conditions;
+ }
+
+ /**
+ * Set the conditions
+ * @param conditions {@link SAML11ConditionsType}
+ */
+ public void setConditions(SAML11ConditionsType conditions)
+ {
+ this.conditions = conditions;
+ }
+
+ /**
+ * Get the statements as a read-only list
+ * @return {@link SAML11StatementAbstractType}
+ */
+ public List<SAML11StatementAbstractType> getStatements()
+ {
+ return Collections.unmodifiableList(statements);
+ }
+
+ /**
+ * Add a list of statements
+ * @param statements {@link SAML11StatementAbstractType}
+ */
+ public void setStatements(List<SAML11StatementAbstractType> statements)
+ {
+ this.statements = statements;
+ }
+
+ /**
+ * Get the previously issued assertion by the STS
+ * @return {@link SAML11AssertionType}
+ */
+ public SAML11AssertionType getIssuedAssertion()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ return issuedAssertion;
+ }
+
+ /**
+ * Set the assertion issued by the STS
+ * @param issuedAssertion {@link SAML11AssertionType}
+ */
+ public void setIssuedAssertion(SAML11AssertionType issuedAssertion)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ this.issuedAssertion = issuedAssertion;
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.ProtocolContext#serviceName()
+ */
+ public String serviceName()
+ {
+ return null;
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.ProtocolContext#tokenType()
+ */
+ public String tokenType()
+ {
+ return SAML11Constants.ASSERTION_11_NSURI;
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.ProtocolContext#getQName()
+ */
+ public QName getQName()
+ {
+ String localPart = JBossSAMLConstants.ASSERTION.get();
+ String ns = tokenType();
+ return new QName(ns, localPart);
+ }
+
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.ProtocolContext#family()
+ */
+ public String family()
+ {
+ return SecurityTokenProvider.FAMILY_TYPE.SAML11.toString();
+ }
+}
\ No newline at end of file
Property changes on: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/SAML11ProtocolContext.java
___________________________________________________________________
Added: svn:executable
+ *
Modified: federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml 2011-07-06 14:43:18 UTC (rev 1065)
+++ federation/trunk/picketlink-fed-core/src/main/resources/core-sts.xml 2011-07-06 14:44:27 UTC (rev 1066)
@@ -5,6 +5,10 @@
TokenType="urn:oasis:names:tc:SAML:2.0:assertion"
TokenElement="Assertion"
TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion"/>
+ <TokenProvider ProviderClass="org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML11TokenProvider"
+ TokenType="urn:oasis:names:tc:SAML:1.0:assertion"
+ TokenElement="Assertion"
+ TokenElementNS="urn:oasis:names:tc:SAML:1.0:assertion"/>
<!--<TokenProvider ProviderClass="org.picketlink.identity.federation.core.openid.providers.OpenIDTokenProvider"
TokenType="urn:openid:1:0"
TokenElementNS="urn:openid:1:0"/>
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusType.java 2011-07-06 14:43:18 UTC (rev 1065)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusType.java 2011-07-06 14:44:27 UTC (rev 1066)
@@ -77,4 +77,11 @@
{
this.statusDetail = statusDetail;
}
+
+ public static SAML11StatusType successType()
+ {
+ SAML11StatusType success = new SAML11StatusType();
+ success.setStatusCode(SAML11StatusCodeType.SUCCESS);
+ return success;
+ }
}
\ No newline at end of file
13 years, 6 months
Picketlink SVN: r1065 - federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 10:43:18 -0400 (Wed, 06 Jul 2011)
New Revision: 1065
Modified:
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusCodeType.java
Log:
use the required attr
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusCodeType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusCodeType.java 2011-07-06 04:42:18 UTC (rev 1064)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/protocol/SAML11StatusCodeType.java 2011-07-06 14:43:18 UTC (rev 1065)
@@ -40,10 +40,17 @@
{
private static final long serialVersionUID = 1L;
+ public static final SAML11StatusCodeType SUCCESS = new SAML11StatusCodeType(new QName("samlp:Success"));
+
protected SAML11StatusCodeType statusCode;
protected QName value;
+ public SAML11StatusCodeType(QName theValue)
+ {
+ value = theValue;
+ }
+
/**
* Gets the value of the statusCode property.
*
@@ -82,17 +89,4 @@
{
return value;
}
-
- /**
- * Sets the value of the value property.
- *
- * @param value
- * allowed object is
- * {@link String }
- *
- */
- public void setValue(QName value)
- {
- this.value = value;
- }
}
\ No newline at end of file
13 years, 6 months