Author: anil.saldhana(a)jboss.com
Date: 2011-02-07 18:17:07 -0500 (Mon, 07 Feb 2011)
New Revision: 742
Added:
picketlink-seam/trunk/picketlink-seam/src/test/java/org/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java
picketlink-seam/trunk/picketlink-seam/src/test/resources/saml-entities.xml
Modified:
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/configuration/SamlConfiguration.java
Log:
fix the saml configuration parsing
Modified:
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/configuration/SamlConfiguration.java
===================================================================
---
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/configuration/SamlConfiguration.java 2011-02-07
16:57:28 UTC (rev 741)
+++
picketlink-seam/trunk/picketlink-seam/src/main/java/org/picketlink/identity/seam/federation/configuration/SamlConfiguration.java 2011-02-07
23:17:07 UTC (rev 742)
@@ -43,7 +43,6 @@
import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.IDPSSODescriptorType;
-import org.picketlink.identity.federation.newmodel.saml.v2.metadata.RoleDescriptorType;
import org.picketlink.identity.seam.federation.jaxb.config.SamlConfigType;
import org.picketlink.identity.seam.federation.jaxb.config.SamlIdentityProviderType;
@@ -168,12 +167,11 @@
List<EDTDescriptorChoiceType> descriptors = edt.getDescriptors();
for( EDTDescriptorChoiceType edtDesc : descriptors )
{
- RoleDescriptorType roleDescriptor = edtDesc.getRoleDescriptor();
- if( roleDescriptor instanceof IDPSSODescriptorType )
- {
- IDPSSODescriptorType IDPSSODescriptor = (IDPSSODescriptorType)
roleDescriptor;
- idpMetaInfo.put(entityId, IDPSSODescriptor);
- }
+ IDPSSODescriptorType idpSSODesc = edtDesc.getIdpDescriptor();
+ if( idpSSODesc != null )
+ {
+ idpMetaInfo.put(entityId, idpSSODesc);
+ }
}
}
Added:
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java
===================================================================
---
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java
(rev 0)
+++
picketlink-seam/trunk/picketlink-seam/src/test/java/org/picketlink/test/identity/seam/federation/SamlConfigurationUnitTestCase.java 2011-02-07
23:17:07 UTC (rev 742)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.test.identity.seam.federation;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
+import
org.picketlink.identity.federation.newmodel.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.seam.federation.configuration.SamlConfiguration;
+
+/**
+ * Unit test the {@link SamlConfiguration} class
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Feb 7, 2011
+ */
+public class SamlConfigurationUnitTestCase
+{
+ private Map<String, IDPSSODescriptorType> idpMetaInfo = new HashMap<String,
IDPSSODescriptorType>();
+
+ @Test
+ public void testSamlConfig() throws Exception
+ {
+ InputStream samlEntitiesStream =
Thread.currentThread().getContextClassLoader().getResourceAsStream(
"saml-entities.xml" );
+ if( samlEntitiesStream == null )
+ throw new RuntimeException( "SAML Entities File is missing" );
+
+ SAMLParser samlParser = new SAMLParser();
+ EntitiesDescriptorType entitiesDescriptor = (EntitiesDescriptorType)
samlParser.parse( samlEntitiesStream );
+ assertNotNull( entitiesDescriptor );
+ readEntitiesDescriptor(entitiesDescriptor);
+ assertTrue( idpMetaInfo.keySet().size() > 0 );
+ }
+
+ private void readEntitiesDescriptor(EntitiesDescriptorType entitiesDescriptor)
+ {
+ for (Object object : entitiesDescriptor.getEntityDescriptor() )
+ {
+ if (object instanceof EntityDescriptorType)
+ {
+ EntityDescriptorType entityDescriptor = (EntityDescriptorType) object;
+ String entityId = entityDescriptor.getEntityID();
+
+ for( EDTChoiceType edt: entityDescriptor.getChoiceType() )
+ {
+ List<EDTDescriptorChoiceType> descriptors = edt.getDescriptors();
+ for( EDTDescriptorChoiceType edtDesc : descriptors )
+ {
+ IDPSSODescriptorType idpSSODesc = edtDesc.getIdpDescriptor();
+ if( idpSSODesc != null )
+ {
+ idpMetaInfo.put(entityId, idpSSODesc);
+ }
+ }
+ }
+
+ /*for (RoleDescriptorType roleDescriptor : entityDescriptor.getC
+ .getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor())
+ {
+ if (roleDescriptor instanceof IDPSSODescriptorType)
+ {
+ IDPSSODescriptorType IDPSSODescriptor = (IDPSSODescriptorType)
roleDescriptor;
+ idpMetaInfo.put(entityId, IDPSSODescriptor);
+ }
+ }*/
+ }
+ else
+ {
+ EntitiesDescriptorType descriptor = (EntitiesDescriptorType) object;
+ readEntitiesDescriptor(descriptor);
+ }
+ }
+ }
+}
\ No newline at end of file
Added: picketlink-seam/trunk/picketlink-seam/src/test/resources/saml-entities.xml
===================================================================
--- picketlink-seam/trunk/picketlink-seam/src/test/resources/saml-entities.xml
(rev 0)
+++ picketlink-seam/trunk/picketlink-seam/src/test/resources/saml-entities.xml 2011-02-07
23:17:07 UTC (rev 742)
@@ -0,0 +1,155 @@
+<?xml version="1.0" encoding="UTF-8"
standalone="yes"?>
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata
http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xs...
+ <EntityDescriptor entityID="http://localhost:8888/opensso">
+ <IDPSSODescriptor WantAuthnRequestsSigned="false"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
+bGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09w
+ZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAK
+BgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+
+RkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNY
+Js0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/U
+QzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDA
+cGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC
+/FfwWigmrW0Y0Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService index="0"
+ isDefault="true"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/ArtifactResolver/metaAlias/idp"
/>
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/IDPSloRedirect/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPSloRedirect/metaAlias/idp"
/>
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/IDPSloPOST/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPSloPOST/metaAlias/idp"
/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/IDPSloSoap/metaAlias/idp" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/IDPMniRedirect/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPMniRedirect/metaAlias/idp"
/>
+ <ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/IDPMniPOST/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPMniPOST/metaAlias/idp"
/>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/IDPMniSoap/metaAlias/idp" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/SSORedirect/metaAlias/idp" />
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/SSOPOST/metaAlias/idp" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/SSOSoap/metaAlias/idp" />
+ <NameIDMappingService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/NIMSoap/metaAlias/idp" />
+ <AssertionIDRequestService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/AIDReqSoap/IDPRole/metaAlias/idp"
/>
+ <AssertionIDRequestService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:URI"
+ Location="http://localhost:8888/opensso/AIDReqUri/IDPRole/metaAlias/idp"
/>
+ </IDPSSODescriptor>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="http://idp.ssocircle.com"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <IDPSSODescriptor WantAuthnRequestsSigned="false"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIB8TCCAVqgAwIBAgIFAIxwZnIwDQYJKoZIhvcNAQEEBQAwLjELMAkGA1UEBhMCREUxEjAQBgNV
+ BAoTCVNTT0NpcmNsZTELMAkGA1UEAxMCQ0EwHhcNMDkwMjIyMTUwNDI0WhcNMTEwNTIyMTUwNDI0
+ WjBLMQswCQYDVQQGEwJERTESMBAGA1UEChMJU1NPQ2lyY2xlMQwwCgYDVQQLEwNpZHAxGjAYBgNV
+ BAMTEWlkcC5zc29jaXJjbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbzDRkudC/
+ aC2gMqRVVaLdPJJEwpFB4o71fR5bnNd2ocnnNzJ/W9CoCargzKx+EJ4Nm3vWmX/IZRCFvrvy9C78
+ fP1cmt6Sa091K9luaMAyWn7oC8h/YBXH7rB42tdvWLY4Kl9VJy6UCclvasyrfKx+SR4KU6zCsM62
+ 2Kvp5wW67QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAGyaydfJHDkm77C39gq9bBb7OqK8OXEUTbIM
+ p8PDJZzIf9QkpkE7gHGcWctRKi7fNdONulc5kn2K2nbvCGrbWsWQvr/DA0bjkBrK8OeWpRhLe7fl
+ +JUgsErMcDIzRTmjNpZzUZp+WESRHV1j3SIcfY4tJM2uMt4Sc/afVnl5P6wL</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIB8TCCAVqgAwIBAgIFAIxwZnIwDQYJKoZIhvcNAQEEBQAwLjELMAkGA1UEBhMCREUxEjAQBgNV
+ BAoTCVNTT0NpcmNsZTELMAkGA1UEAxMCQ0EwHhcNMDkwMjIyMTUwNDI0WhcNMTEwNTIyMTUwNDI0
+ WjBLMQswCQYDVQQGEwJERTESMBAGA1UEChMJU1NPQ2lyY2xlMQwwCgYDVQQLEwNpZHAxGjAYBgNV
+ BAMTEWlkcC5zc29jaXJjbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbzDRkudC/
+ aC2gMqRVVaLdPJJEwpFB4o71fR5bnNd2ocnnNzJ/W9CoCargzKx+EJ4Nm3vWmX/IZRCFvrvy9C78
+ fP1cmt6Sa091K9luaMAyWn7oC8h/YBXH7rB42tdvWLY4Kl9VJy6UCclvasyrfKx+SR4KU6zCsM62
+ 2Kvp5wW67QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAGyaydfJHDkm77C39gq9bBb7OqK8OXEUTbIM
+ p8PDJZzIf9QkpkE7gHGcWctRKi7fNdONulc5kn2K2nbvCGrbWsWQvr/DA0bjkBrK8OeWpRhLe7fl
+ +JUgsErMcDIzRTmjNpZzUZp+WESRHV1j3SIcfY4tJM2uMt4Sc/afVnl5P6wL</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc">
+
+ <xenc:KeySize
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">128</xenc:...
+ </EncryptionMethod>
+ </KeyDescriptor>
+ <ArtifactResolutionService index="0"
+ isDefault="true"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/ArtifactResolver/metaAlias/ssocircle"
/>
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloRedirect/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPSloRedirect/metaAlias/ssocircle"
/>
+ <!--
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloPost/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPSloPost/metaAlias/ssocircle"
/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloSoap/metaAlias/ssocircle"
/>
+ -->
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniRedirect/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPMniRedirect/metaAlias/ssocircle"
/>
+ <ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniPOSTmetaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPMniPOST/metaAlias/ssocircle"
/>
+
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniSoap/metaAlias/ssocircle"
/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/SSORedirect/metaAlias/ssocircle"
/>
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/SSOPOST/metaAlias/ssocircle"
/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/SSOSoap/metaAlias/ssocircle"
/>
+ <NameIDMappingService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/NIMSoap/metaAlias/ssocircle"
/>
+ </IDPSSODescriptor>
+ </EntityDescriptor>
+
+</EntitiesDescriptor>