Picketlink SVN: r555 - in idm/branches/1.1.0: picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-17 08:41:00 -0500 (Wed, 17 Nov 2010)
New Revision: 555
Modified:
idm/branches/1.1.0/picketlink-idm-hibernate/src/main/java/org/picketlink/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/java/org/picketlink/idm/impl/api/OrganizationTest.java
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/minimal-flexible-identity-config.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k3.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k8.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-local.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends12.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends20.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-23.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-24.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-sunds.xml
idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config.xml
Log:
Fix issue where readOnly attribute was updated in LDAP. Make update of readOnly attribute silently fail.
Modified: idm/branches/1.1.0/picketlink-idm-hibernate/src/main/java/org/picketlink/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-hibernate/src/main/java/org/picketlink/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-hibernate/src/main/java/org/picketlink/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2010-11-17 13:41:00 UTC (rev 555)
@@ -1883,7 +1883,10 @@
}
if (amd.isReadonly())
{
- throw new IdentityException("Cannot update readonly attribute: " + attribute.getName());
+ // Just silently fail and go on
+ mappedAttributes.remove(name);
+ continue;
+ //throw new IdentityException("Cannot update readonly attribute: " + attribute.getName());
}
if (amd.isUnique())
@@ -2051,7 +2054,10 @@
}
if (amd.isReadonly())
{
- throw new IdentityException("Cannot add readonly attribute: " + attribute.getName());
+ // Just silently fail and go on
+ mappedAttributes.remove(name);
+ continue;
+ //throw new IdentityException("Cannot add readonly attribute: " + attribute.getName());
}
if (amd.isUnique())
Modified: idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-17 13:41:00 UTC (rev 555)
@@ -2819,14 +2819,16 @@
if (mdMap != null)
{
- IdentityObjectAttributeMetaData amd = mdMap.get(attributeName);
+ IdentityObjectAttributeMetaData amd = mdMap.get(name);
if (amd != null && !amd.isMultivalued() && values.size() > 1)
{
throw new IdentityException("Cannot assigned multiply values to single valued attribute: " + attributeName);
}
if (amd != null && amd.isReadonly())
{
- throw new IdentityException("Cannot update readonly attribute: " + attributeName);
+ // Just silently fail and go on
+ continue;
+ // throw new IdentityException("Cannot update readonly attribute: " + attributeName);
}
if (amd != null && amd.isUnique())
@@ -2960,7 +2962,9 @@
}
if (amd != null && amd.isReadonly())
{
- throw new IdentityException("Cannot update readonly attribute: " + attributeName);
+ // Just silently fail and go on
+ continue;
+ //throw new IdentityException("Cannot update readonly attribute: " + attributeName);
}
if (amd != null && amd.isUnique())
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/java/org/picketlink/idm/impl/api/OrganizationTest.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/java/org/picketlink/idm/impl/api/OrganizationTest.java 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/java/org/picketlink/idm/impl/api/OrganizationTest.java 2010-11-17 13:41:00 UTC (rev 555)
@@ -289,7 +289,19 @@
assertEquals(3, attributes.keySet().size());
assertEquals("Dawidowicz", (attributes.get(P3PConstants.INFO_USER_NAME_FAMILY)).getValue());
+ // Check readOnly attribute change
+ userInfo = new Attribute[]
+ {
+ new SimpleAttribute("description", new String[]{"some description"})
+ };
+ session.getAttributesManager().addAttributes(bdawidowUser, userInfo);
+ session.getAttributesManager().updateAttributes(bdawidowUser, userInfo);
+
+ attributes = session.getAttributesManager().getAttributes(bdawidowUser);
+ assertEquals(3, attributes.keySet().size());
+ assertEquals(null, (attributes.get("description")));
+
// Generate random binary data for binary attribute
Random random = new Random();
@@ -426,7 +438,7 @@
User u1 = session.getPersistenceManager().findUser("!(06_13_07 Sche) !(0");
- assertNotNull(u1);
+ assertNotNull(u1);
ctx.commit();
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/minimal-flexible-identity-config.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/minimal-flexible-identity-config.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/minimal-flexible-identity-config.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -41,7 +41,24 @@
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
<relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
</supported-relationship-types>
- <supported-identity-object-types/>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials/>
+ <attributes>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
<options>
<option>
<name>hibernateSessionFactoryJNDIName</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k3.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k3.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k3.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -172,6 +172,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -476,7 +484,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k8.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k8.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-2k8.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -172,6 +172,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -476,7 +484,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-local.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-local.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-msad-local.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -200,6 +200,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -504,7 +512,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends12.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends12.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends12.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -211,6 +211,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -515,7 +523,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends20.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends20.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-opends20.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -211,6 +211,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -523,7 +531,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>email</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-23.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-23.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-23.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -172,6 +172,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -476,7 +484,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-24.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-24.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapd-24.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -172,6 +172,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -476,7 +484,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapds.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-openldapds.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -172,6 +172,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -476,7 +484,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-redhatds.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-redhatds.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -200,6 +200,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -504,7 +512,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-sunds.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-sunds.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config-sunds.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -200,6 +200,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -504,7 +512,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config.xml 2010-11-16 20:57:31 UTC (rev 554)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/src/test/resources/test-identity-config.xml 2010-11-17 13:41:00 UTC (rev 555)
@@ -245,6 +245,14 @@
<isReadOnly>false</isReadOnly>
<isUnique>true</isUnique>
</attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
</attributes>
<options/>
</identity-object-type>
@@ -549,7 +557,7 @@
<type>text</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
- <isReadOnly>false</isReadOnly>
+ <isReadOnly>true</isReadOnly>
</attribute>
<attribute>
<name>carLicense</name>
13 years, 5 months
- 1
- 0
Picketlink SVN: r554 - in federation/trunk: picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response and 9 other directories.
by picketlink-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2010-11-16 15:57:31 -0500 (Tue, 16 Nov 2010)
New Revision: 554
Removed:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
Log:
PLFED-119: Using Stax now to generate and parse WS-Trust requests.
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -50,6 +50,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
@@ -295,14 +296,14 @@
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
- SAMLRequestWriter writer = new SAMLRequestWriter();
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
if( rat instanceof AuthnRequestType )
{
- writer.write( (AuthnRequestType) rat, bos);
+ writer.write( (AuthnRequestType) rat);
}
else if( rat instanceof LogoutRequestType )
{
- writer.write( (LogoutRequestType) rat, bos);
+ writer.write( (LogoutRequestType) rat);
}
return DocumentUtil.getDocument( new String( bos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -60,6 +60,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.ActionType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -352,16 +353,16 @@
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
- SAMLResponseWriter writer = new SAMLResponseWriter();
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
if( responseType instanceof ResponseType )
{
ResponseType response = (ResponseType) responseType;
- writer.write(response, bos );
+ writer.write(response);
}
else
{
- writer.write(responseType, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"), bos );
+ writer.write(responseType, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"));
}
//System.out.println( new String( bos.toByteArray() ) );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTCancelTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,15 +24,20 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:CancelTarget element
@@ -47,8 +52,12 @@
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
CancelTargetType cancelTarget = new CancelTargetType();
-
- StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ // null start element indicates that the token to be canceled hasn't been specified.
+ if (startElement == null)
+ {
+ throw new ParsingException("Unable to parse cancel token request: security token is null");
+ }
String tag = StaxParserUtil.getStartElementName( startElement );
if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
@@ -57,7 +66,23 @@
AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
cancelTarget.setAny( assertion );
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ cancelTarget.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
return cancelTarget;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRenewTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,41 +1,43 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.wst;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:RenewTarget element
+ *
* @author Anil.Saldhana(a)redhat.com
* @since Oct 13, 2010
*/
@@ -45,19 +47,40 @@
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
- {
+ {
RenewTargetType renewTargetType = new RenewTargetType();
-
- StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
- String tag = StaxParserUtil.getStartElementName( startElement );
-
- if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
+
+ StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ // null start element indicates that the original token hasn't been specified.
+ if (startElement == null)
{
+ throw new ParsingException("Unable to parse renew token request: security token is null");
+ }
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if (tag.equals(JBossSAMLConstants.ASSERTION.get()))
+ {
SAMLParser assertionParser = new SAMLParser();
- AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
- renewTargetType.setAny( assertion );
+ AssertionType assertion = (AssertionType) assertionParser.parse(xmlEventReader);
+ renewTargetType.setAny(assertion);
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ renewTargetType.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
return renewTargetType;
}
@@ -65,11 +88,10 @@
* @see {@link ParserNamespaceSupport#supports(QName)}
*/
public boolean supports(QName qname)
- {
+ {
String nsURI = qname.getNamespaceURI();
String localPart = qname.getLocalPart();
-
- return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
- && WSTrustConstants.RENEW_TARGET.equals( localPart );
- }
+
+ return WSTrustConstants.BASE_NAMESPACE.equals(nsURI) && WSTrustConstants.RENEW_TARGET.equals(localPart);
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -68,9 +68,11 @@
QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
Attribute contextAttribute = startElement.getAttributeByName( contextQName );
- String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
- requestToken.setContext( contextValue );
-
+ if (contextAttribute != null)
+ {
+ String contextValue = StaxParserUtil.getAttributeValue(contextAttribute);
+ requestToken.setContext(contextValue);
+ }
while( xmlEventReader.hasNext() )
{
XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
@@ -125,7 +127,6 @@
else if( tag.equals( WSTrustConstants.VALIDATE_TARGET ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
-
WSTValidateTargetParser wstValidateTargetParser = new WSTValidateTargetParser();
ValidateTargetType validateTarget = (ValidateTargetType) wstValidateTargetParser.parse( xmlEventReader );
requestToken.setValidateTarget( validateTarget );
@@ -135,7 +136,6 @@
else if( tag.equals( WSTrustConstants.RENEW_TARGET ))
{
subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
-
WSTRenewTargetParser wstValidateTargetParser = new WSTRenewTargetParser();
RenewTargetType validateTarget = (RenewTargetType) wstValidateTargetParser.parse( xmlEventReader );
requestToken.setRenewTarget( validateTarget );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTValidateTargetParser.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,15 +24,20 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.StartElement;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.w3c.dom.Document;
/**
* Stax parser for the wst:ValidateTarget element
@@ -47,8 +52,12 @@
public Object parse(XMLEventReader xmlEventReader) throws ParsingException
{
ValidateTargetType validateTargetType = new ValidateTargetType();
-
StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ // null start element indicates that the token to be validated hasn't been specified.
+ if (startElement == null)
+ {
+ throw new ParsingException("Unable to parse validate token request: security token is null");
+ }
String tag = StaxParserUtil.getStartElementName( startElement );
if( tag.equals( JBossSAMLConstants.ASSERTION.get() ) )
@@ -57,7 +66,24 @@
AssertionType assertion = (AssertionType) assertionParser.parse( xmlEventReader );
validateTargetType.setAny( assertion );
}
-
+ else
+ {
+ // this is an unknown type - parse using the transformer.
+ try
+ {
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult(resultDocument);
+ StAXSource source = new StAXSource(xmlEventReader);
+ TransformerUtil.transform(TransformerUtil.getStaxSourceToDomResultTransformer(), source, domResult);
+ Document doc = (Document) domResult.getNode();
+ validateTargetType.setAny(doc.getDocumentElement());
+ }
+ catch(Exception e)
+ {
+ throw new ParsingException("Error parsing security token: " + e.getMessage(), e);
+ }
+ }
+
return validateTargetType;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/DocumentUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -277,9 +277,12 @@
*/
public static InputStream getNodeAsStream(Node node) throws ConfigurationException, ProcessingException
{
- Source source = new DOMSource(node);
+ return getSourceAsStream(new DOMSource(node));
+ }
+
+ public static InputStream getSourceAsStream(Source source) throws ConfigurationException, ProcessingException
+ {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
Result streamResult = new StreamResult(baos);
// Write the DOM document to the stream
Transformer transformer = TransformerUtil.getTransformer();
@@ -292,11 +295,9 @@
throw new ProcessingException(e);
}
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
-
- return bis;
+ return new ByteArrayInputStream(baos.toByteArray());
}
-
+
/**
* Stream a DOM Node as a String
* @param node
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -21,8 +21,6 @@
*/
package org.picketlink.identity.federation.core.saml.v2.writers;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
@@ -44,6 +42,11 @@
protected XMLStreamWriter writer = null;
+ public BaseWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ this.writer = writer;
+ }
+
/**
* Write {@code NameIDType} to stream
* @param nameIDType
@@ -51,11 +54,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( NameIDType nameIDType, QName tag, OutputStream out ) throws ProcessingException
+ public void write( NameIDType nameIDType, QName tag ) throws ProcessingException
{
- if( writer == null )
- writer = StaxUtil.getXMLStreamWriter( out );
-
StaxUtil.writeStartElement( writer, tag.getPrefix(), tag.getLocalPart() , tag.getNamespaceURI() );
String format = nameIDType.getFormat();
@@ -91,10 +91,4 @@
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
}
-
- protected void verifyWriter( OutputStream out ) throws ProcessingException
- {
- if( writer == null )
- writer = StaxUtil.getXMLStreamWriter( out );
- }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -23,7 +23,6 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
-import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -32,6 +31,7 @@
import javax.xml.bind.JAXBElement;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -57,16 +57,19 @@
*/
public class SAMLAssertionWriter extends BaseWriter
{
+ public SAMLAssertionWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ }
+
/**
* Write an {@code AssertionType} to stream
* @param assertion
* @param out
* @throws ProcessingException
*/
- public void write( AssertionType assertion, OutputStream out ) throws ProcessingException
+ public void write( AssertionType assertion ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ASSERTION.get() , ASSERTION_NSURI.get() );
StaxUtil.writeNameSpace( writer, ASSERTION_PREFIX, ASSERTION_NSURI.get() );
StaxUtil.writeDefaultNameSpace( writer, ASSERTION_NSURI.get() );
@@ -77,12 +80,12 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), assertion.getIssueInstant().toString() );
NameIDType issuer = assertion.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
SubjectType subject = assertion.getSubject();
if( subject != null )
{
- write(subject, out);
+ write(subject);
}
//TODO: conditions and advice
@@ -94,11 +97,11 @@
{
if( statement instanceof AuthnStatementType )
{
- write( ( AuthnStatementType )statement, out );
+ write( ( AuthnStatementType )statement );
}
else if( statement instanceof AttributeStatementType )
{
- write( ( AttributeStatementType )statement, out );
+ write( ( AttributeStatementType )statement );
}
else
throw new RuntimeException( "unknown statement type=" + statement.getClass().getName() );
@@ -115,15 +118,13 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatementAbstractType statement, OutputStream out ) throws ProcessingException
+ public void write( StatementAbstractType statement ) throws ProcessingException
{
- verifyWriter( out );
//TODO: handle this section
}
- public void write( AttributeStatementType statement, OutputStream out ) throws ProcessingException
+ public void write( AttributeStatementType statement ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_STATEMENT.get() , ASSERTION_NSURI.get() );
List<Object> attributes = statement.getAttributeOrEncryptedAttribute();
@@ -134,7 +135,7 @@
if( attr instanceof AttributeType )
{
AttributeType attributeType = (AttributeType) attr;
- write( attributeType, out );
+ write( attributeType );
}
}
}
@@ -150,9 +151,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AuthnStatementType authnStatement, OutputStream out ) throws ProcessingException
+ public void write( AuthnStatementType authnStatement ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get() , ASSERTION_NSURI.get() );
XMLGregorianCalendar authnInstant = authnStatement.getAuthnInstant();
@@ -163,7 +163,7 @@
AuthnContextType authnContext = authnStatement.getAuthnContext();
if( authnContext != null )
- write( authnContext, out );
+ write( authnContext );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -175,9 +175,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AuthnContextType authContext, OutputStream out ) throws ProcessingException
+ public void write( AuthnContextType authContext ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get() , ASSERTION_NSURI.get() );
List< JAXBElement<?> > subList = authContext.getContent();
@@ -217,9 +216,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( AttributeType attributeType, OutputStream out ) throws ProcessingException
+ public void write( AttributeType attributeType ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE.get() , ASSERTION_NSURI.get() );
StaxUtil.writeAttribute( writer, JBossSAMLConstants.NAME.get(), attributeType.getName() );
@@ -287,9 +285,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( SubjectType subject, OutputStream out ) throws ProcessingException
+ public void write( SubjectType subject ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT.get() , ASSERTION_NSURI.get() );
List<JAXBElement<?>> contentList = subject.getContent();
if( contentList != null )
@@ -307,17 +304,17 @@
BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
if( baseID != null )
{
- write( baseID, out );
+ write( baseID );
}
NameIDType nameIDType = subjectConfirmationType.getNameID();
if( nameIDType != null )
{
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX), out );
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
}
SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
if( subjectConfirmationData != null )
{
- write( subjectConfirmationData, out );
+ write( subjectConfirmationData );
}
@@ -326,7 +323,7 @@
else if( declaredType.equals( NameIDType.class ))
{
NameIDType nameIDType = (NameIDType) jaxbEl.getValue();
- write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX), out );
+ write( nameIDType, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX) );
}
else
throw new RuntimeException( "SAMLAssertionWriter: NYI: declared Type:" + declaredType.getName() );
@@ -337,14 +334,13 @@
StaxUtil.flush( writer );
}
- private void write( BaseIDAbstractType baseId, OutputStream out ) throws ProcessingException
+ private void write( BaseIDAbstractType baseId ) throws ProcessingException
{
throw new RuntimeException( "NYI");
}
- private void write( SubjectConfirmationDataType subjectConfirmationData, OutputStream out ) throws ProcessingException
+ private void write( SubjectConfirmationDataType subjectConfirmationData ) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get(), ASSERTION_NSURI.get() );
//Let us look at attributes
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,9 +24,8 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -44,18 +43,20 @@
*/
public class SAMLRequestWriter extends BaseWriter
{
+ public SAMLRequestWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ }
+
/**
* Write a {@code AuthnRequestType } to stream
* @param request
* @param out
* @throws ProcessingException
*/
- public void write( AuthnRequestType request, OutputStream out ) throws ProcessingException
+ public void write( AuthnRequestType request ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.AUTHN_REQUEST.get() , PROTOCOL_NSURI.get() );
-
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
StaxUtil.writeDefaultNameSpace( writer, ASSERTION_NSURI.get() );
@@ -77,11 +78,11 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL );
NameIDType issuer = request.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
NameIDPolicyType nameIDPolicy = request.getNameIDPolicy();
if( nameIDPolicy != null )
- write( nameIDPolicy, out );
+ write( nameIDPolicy );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -93,10 +94,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( LogoutRequestType logOutRequest, OutputStream out ) throws ProcessingException
+ public void write( LogoutRequestType logOutRequest ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.LOGOUT_REQUEST.get() , PROTOCOL_NSURI.get() );
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
@@ -118,7 +117,7 @@
StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
NameIDType issuer = logOutRequest.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -130,10 +129,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( NameIDPolicyType nameIDPolicy, OutputStream out ) throws ProcessingException
+ public void write( NameIDPolicyType nameIDPolicy ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.NAMEID_POLICY.get(), PROTOCOL_NSURI.get() );
String format = nameIDPolicy.getFormat();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -24,11 +24,11 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
-import java.io.OutputStream;
import java.util.List;
import javax.xml.namespace.QName;
-
+import javax.xml.stream.XMLStreamWriter;
+
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -48,18 +48,22 @@
*/
public class SAMLResponseWriter extends BaseWriter
{
- private SAMLAssertionWriter assertionWriter = new SAMLAssertionWriter();
+ private SAMLAssertionWriter assertionWriter;
+ public SAMLResponseWriter(XMLStreamWriter writer) throws ProcessingException
+ {
+ super(writer);
+ this.assertionWriter = new SAMLAssertionWriter(writer);
+ }
+
/**
* Write a {@code ResponseType} to stream
* @param response
* @param out
* @throws ProcessingException
*/
- public void write( ResponseType response, OutputStream out ) throws ProcessingException
+ public void write( ResponseType response ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.RESPONSE.get() , PROTOCOL_NSURI.get() );
StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
@@ -68,10 +72,10 @@
writeBaseAttributes( response );
NameIDType issuer = response.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
StatusType status = response.getStatus();
- write( status, out );
+ write( status );
List<Object> assertions = response.getAssertionOrEncryptedAssertion();
if( assertions != null )
@@ -80,7 +84,7 @@
{
if( assertion instanceof AssertionType )
{
- assertionWriter.write( (AssertionType) assertion, out );
+ assertionWriter.write( (AssertionType) assertion );
}
}
}
@@ -95,10 +99,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusResponseType response, QName qname, OutputStream out ) throws ProcessingException
+ public void write( StatusResponseType response, QName qname ) throws ProcessingException
{
- verifyWriter( out );
-
if( qname == null )
{
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_RESPONSE_TYPE.get() , PROTOCOL_NSURI.get() );
@@ -114,10 +116,10 @@
writeBaseAttributes( response );
NameIDType issuer = response.getIssuer();
- write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ), out );
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get() ) );
StatusType status = response.getStatus();
- write( status, out );
+ write( status );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -129,13 +131,12 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusType status, OutputStream out ) throws ProcessingException
+ public void write( StatusType status ) throws ProcessingException
{
- verifyWriter( out );
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS.get() , PROTOCOL_NSURI.get() );
StatusCodeType statusCodeType = status.getStatusCode();
- write( statusCodeType , out );
+ write( statusCodeType );
String statusMessage = status.getStatusMessage();
if( StringUtil.isNotNull( statusMessage ))
@@ -146,7 +147,7 @@
StatusDetailType statusDetail = status.getStatusDetail();
if( statusDetail != null )
- write( statusDetail, out );
+ write( statusDetail );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -158,10 +159,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusCodeType statusCodeType, OutputStream out ) throws ProcessingException
+ public void write( StatusCodeType statusCodeType ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
String value = statusCodeType.getValue();
@@ -171,7 +170,7 @@
}
StatusCodeType subStatusCode = statusCodeType.getStatusCode();
if( subStatusCode != null )
- write( subStatusCode, out );
+ write( subStatusCode );
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
@@ -183,12 +182,9 @@
* @param out
* @throws ProcessingException
*/
- public void write( StatusDetailType statusDetailType, OutputStream out ) throws ProcessingException
+ public void write( StatusDetailType statusDetailType ) throws ProcessingException
{
- verifyWriter( out );
-
StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.STATUS_CODE.get() , PROTOCOL_NSURI.get() );
-
StaxUtil.writeEndElement( writer);
StaxUtil.flush( writer );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -29,6 +29,7 @@
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.w3c.dom.Attr;
@@ -101,6 +102,19 @@
}
}
+ public static XMLStreamWriter getXMLStreamWriter(final Result result) throws ProcessingException
+ {
+ XMLOutputFactory factory = XMLOutputFactory.newInstance();
+ try
+ {
+ return factory.createXMLStreamWriter(result);
+ }
+ catch (XMLStreamException xe)
+ {
+ throw new ProcessingException(xe);
+ }
+ }
+
/**
* Set a prefix
* @param writer
@@ -286,7 +300,7 @@
//Should we register namespace
if( domElementPrefix != "" && !registeredNSStack.get().contains(domElementNS) )
{
- writeNameSpace(writer, domElementPrefix, domElementNS );
+ // writeNameSpace(writer, domElementPrefix, domElementNS );
registeredNSStack.get().push( domElementNS );
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -29,6 +29,7 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.Namespace;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import javax.xml.transform.ErrorListener;
@@ -285,13 +286,24 @@
Attribute attr = attrs.next();
QName attrName = attr.getName();
ns = attrName.getNamespaceURI();
- qual = attrName.getPrefix() + ":" + attrName.getLocalPart();
+ prefix = attrName.getPrefix();
+ localPart = attrName.getLocalPart();
+ qual = prefix != null && prefix != "" ? prefix + ":" + localPart : localPart ;
doc.createAttributeNS( ns, qual );
el.setAttributeNS( ns, qual , attr.getValue() );
}
-
-
+
+ // look for namespaces
+ @SuppressWarnings("unchecked")
+ Iterator<Namespace> namespaces = startElement.getNamespaces();
+ while (namespaces != null && namespaces.hasNext())
+ {
+ Namespace namespace = namespaces.next();
+ QName name = namespace.getName();
+ el.setAttributeNS(name.getNamespaceURI(), "xmlns:" + name.getLocalPart(), namespace.getNamespaceURI());
+ }
+
XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader);
if( nextEvent.getEventType() == XMLEvent.CHARACTERS )
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -38,7 +38,8 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
-import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
@@ -78,17 +79,23 @@
public Source invoke(Source request)
{
BaseRequestSecurityToken baseRequest;
+ Document document;
try
{
- baseRequest = WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(request);
+ document = (Document) DocumentUtil.getNodeFromSource(request);
+ baseRequest = (BaseRequestSecurityToken) new WSTrustParser().parse(DocumentUtil.getSourceAsStream(request));
}
- catch (WSTrustException we)
+ catch (Exception e)
{
- throw new RuntimeException(we);
+ throw new WebServiceException("Exception parsing token request: " + e.getMessage(), e);
}
if (baseRequest instanceof RequestSecurityToken)
- return this.handleTokenRequest((RequestSecurityToken) baseRequest);
+ {
+ RequestSecurityToken req = (RequestSecurityToken) baseRequest;
+ req.setRSTDocument(document);
+ return this.handleTokenRequest(req);
+ }
else if (baseRequest instanceof RequestSecurityTokenCollection)
return this.handleTokenRequestCollection((RequestSecurityTokenCollection) baseRequest);
else
@@ -106,13 +113,6 @@
*/
protected Source handleTokenRequest(RequestSecurityToken request)
{
- SAMLDocumentHolder holder = WSTrustJAXBFactory.getInstance().getSAMLDocumentHolderOnThread();
-
- /**
- * The RST Document is very important for XML Signatures
- */
- request.setRSTDocument(holder.getSamlDocument());
-
if (this.config == null)
try
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/STSClient.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2008, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -30,6 +26,7 @@
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPPart;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Dispatch;
@@ -41,6 +38,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -94,10 +92,10 @@
/**
* Issues a Security Token for the ultimate recipient of the token.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
- * @return Element - The Security Token Element which will be of the TokenType configured
- * for the endpointURI passed in.
+ * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
+ * @return Element - The Security Token Element which will be of the TokenType configured for the endpointURI passed
+ * in.
* @throws WSTrustException
*/
public Element issueTokenForEndpoint(String endpointURI) throws WSTrustException
@@ -108,12 +106,11 @@
}
/**
- * Issues a Security Token from the STS. This methods has the option of
- * specifying one or both of endpointURI/tokenType but at least one must
- * specified.
+ * Issues a Security Token from the STS. This methods has the option of specifying one or both of
+ * endpointURI/tokenType but at least one must specified.
*
- * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
+ * @param endpointURI - The ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
* @param tokenType - The type of security token to be issued.
* @return Element - The Security Token Element issued.
* @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
@@ -135,11 +132,11 @@
* Issues a security token on behalf of the specified principal.
* </p>
*
- * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for
- * the RequestSecurityToken which is an optional element so it may be null.
- * @param tokenType the type of the token to be issued.
- * @param principal the {@code Principal} to whom the token will be issued.
- * @return an {@code Element} representing the issued security token.
+ * @param endpointURI the ultimate recipient of the token. This will be set at the AppliesTo for the
+ * RequestSecurityToken which is an optional element so it may be null.
+ * @param tokenType the type of the token to be issued.
+ * @param principal the {@code Principal} to whom the token will be issued.
+ * @return an {@code Element} representing the issued security token.
* @throws IllegalArgumentException If neither endpointURI nor tokenType was specified.
* @throws WSTrustException if an error occurs while issuing the security token.
*/
@@ -169,7 +166,7 @@
rst.setTokenType(URI.create(tokenType));
return rst;
}
-
+
private RequestSecurityToken setOnBehalfOf(Principal principal, RequestSecurityToken request)
{
if (principal != null)
@@ -183,8 +180,7 @@
request.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
if (request.getContext() == null)
request.setContext("default-context");
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
NodeList nodes;
@@ -237,8 +233,7 @@
request.setRenewTarget(renewTarget);
// send the token request to JBoss STS and get the response.
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
NodeList nodes;
@@ -291,13 +286,11 @@
validateTarget.setAny(token);
request.setValidateTarget(validateTarget);
- WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
+ DOMSource requestSource = this.createSourceFromRequest(request);
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
-
Source response = dispatchLocal.get().invoke(requestSource);
- RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) jaxbFactory
- .parseRequestSecurityTokenResponse(response);
+ RequestSecurityTokenResponseCollection responseCollection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory
+ .getInstance().parseRequestSecurityTokenResponse(response);
RequestSecurityTokenResponse tokenResponse = responseCollection.getRequestSecurityTokenResponses().get(0);
StatusType status = tokenResponse.getStatus();
@@ -326,10 +319,11 @@
CancelTargetType cancelTarget = new CancelTargetType();
cancelTarget.setAny(securityToken);
request.setCancelTarget(cancelTarget);
+ request.setContext("context");
// marshal the request and send it to the STS.
WSTrustJAXBFactory jaxbFactory = WSTrustJAXBFactory.getInstance();
- DOMSource requestSource = (DOMSource) jaxbFactory.marshallRequestSecurityToken(request);
+ DOMSource requestSource = this.createSourceFromRequest(request);
Source response = dispatchLocal.get().invoke(requestSource);
// get the WS-Trust response and check for presence of the RequestTokenCanceled element.
@@ -345,4 +339,19 @@
{
return dispatchLocal.get();
}
+
+ private DOMSource createSourceFromRequest(RequestSecurityToken request) throws WSTrustException
+ {
+ try
+ {
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
+ catch (Exception e)
+ {
+ throw new WSTrustException("Error creating source from request: " + e.getMessage(), e);
+ }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,23 +1,19 @@
/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2009, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.wstrust;
@@ -36,6 +32,7 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
@@ -96,10 +93,6 @@
if (trace)
log.trace("Issuing token for principal " + callerPrincipal);
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
-
SecurityTokenProvider provider = null;
// first try to obtain the security token provider using the applies-to contents.
@@ -191,18 +184,20 @@
requestedProofToken = new RequestedProofTokenType();
ObjectFactory objFactory = new ObjectFactory();
- byte[] clientSecret = null;
- EntropyType clientEntropy = request.getEntropy();
- if (clientEntropy != null)
- clientSecret = WSTrustUtil.getBinarySecret(clientEntropy);
-
byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8);
BinarySecretType serverBinarySecret = new BinarySecretType();
serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
- serverBinarySecret.setValue(serverSecret);
- serverEntropy = new EntropyType();
- serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ serverBinarySecret.setValue(Base64.encodeBytes(serverSecret).getBytes());
+ byte[] clientSecret = null;
+ EntropyType clientEntropy = request.getEntropy();
+ if (clientEntropy != null)
+ {
+ clientSecret = Base64.decode(new String(WSTrustUtil.getBinarySecret(clientEntropy)));
+ serverEntropy = new EntropyType();
+ serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
+ }
+
if (clientSecret != null && clientSecret.length != 0)
{
// client secret has been specified - combine it with the sts secret.
@@ -210,7 +205,8 @@
byte[] combinedSecret = null;
try
{
- combinedSecret = WSTrustUtil.P_SHA1(clientSecret, serverSecret, (int) keySize / 8);
+ combinedSecret = Base64
+ .encodeBytes(WSTrustUtil.P_SHA1(clientSecret, serverSecret, (int) keySize / 8)).getBytes();
}
catch (Exception e)
{
@@ -223,8 +219,8 @@
{
// client secret has not been specified - use the sts secret only.
requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret));
- requestContext
- .setProofTokenInfo(WSTrustUtil.createKeyInfo(serverSecret, providerPublicKey, keyWrapAlgo));
+ requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverBinarySecret.getValue(),
+ providerPublicKey, keyWrapAlgo));
}
}
else if (WSTrustConstants.KEY_TYPE_PUBLIC.equalsIgnoreCase(keyType.toString()))
@@ -305,7 +301,8 @@
public RequestSecurityTokenResponse renew(RequestSecurityToken request, Principal callerPrincipal)
throws WSTrustException
{
- // first validate the provided token signature to make sure it has been issued by this STS and hasn't been tempered.
+ // first validate the provided token signature to make sure it has been issued by this STS and hasn't been
+ // tempered.
if (trace)
log.trace("Validating token for renew request " + request.getContext());
if (request.getRenewTargetElement() == null)
@@ -391,9 +388,6 @@
{
if (trace)
log.trace("Started validation for request " + request.getContext());
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
if (request.getValidateTargetElement() == null)
throw new WSTrustException("Unable to validate token: request does not have a validate target");
@@ -488,9 +482,6 @@
throws WSTrustException
{
// check if request contains all required elements.
- Document rstDocument = request.getRSTDocument();
- if (rstDocument == null)
- throw new IllegalArgumentException("Request does not contain the DOM Document");
if (request.getCancelTargetElement() == null)
throw new WSTrustException("Unable to cancel token: request does not have a cancel target");
@@ -530,7 +521,7 @@
{
rstrDocument = DocumentUtil.normalizeNamespaces(rstrDocument);
- //Sign the security token
+ // Sign the security token
if (this.configuration.signIssuedToken() && this.configuration.getSTSKeyPair() != null)
{
KeyPair keyPair = this.configuration.getSTSKeyPair();
@@ -544,9 +535,9 @@
if (trace)
log.trace("NamespaceURI of element to be signed:" + tokenElement.getNamespaceURI());
- //Set the CanonicalizationMethod if any
- XMLSignatureUtil.setCanonicalizationMethodType( configuration.getXMLDSigCanonicalizationMethod() );
-
+ // Set the CanonicalizationMethod if any
+ XMLSignatureUtil.setCanonicalizationMethodType(configuration.getXMLDSigCanonicalizationMethod());
+
rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair, DigestMethod.SHA1,
signatureMethod, "#" + tokenElement.getAttribute("ID"));
if (trace)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -47,6 +47,7 @@
import org.apache.xml.security.encryption.XMLCipher;
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
@@ -243,7 +244,6 @@
*/
public static OnBehalfOfType createOnBehalfOfWithUsername(String username, String id)
{
- org.picketlink.identity.federation.ws.wss.secext.ObjectFactory secextFactory = new org.picketlink.identity.federation.ws.wss.secext.ObjectFactory();
AttributedString attrString = new AttributedString();
attrString.setValue(username);
UsernameTokenType usernameToken = new UsernameTokenType();
@@ -251,7 +251,7 @@
usernameToken.setUsername(attrString);
// create the OnBehalfOfType and set the UsernameTokenType.
OnBehalfOfType onBehalfOf = new OnBehalfOfType();
- onBehalfOf.setAny(secextFactory.createUsernameToken(usernameToken));
+ onBehalfOf.setAny(usernameToken);
return onBehalfOf;
}
@@ -271,10 +271,9 @@
for (Object obj : entropy.getAny())
{
- JAXBElement element = (JAXBElement) obj;
- if (element.getDeclaredType().equals(BinarySecretType.class))
+ if (obj instanceof BinarySecretType)
{
- BinarySecretType binarySecret = (BinarySecretType) element.getValue();
+ BinarySecretType binarySecret = (BinarySecretType) obj;
secret = binarySecret.getValue();
break;
}
@@ -476,7 +475,6 @@
*/
public static KeyValueType createKeyValue(PublicKey key)
{
- org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory factory = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory();
if (key instanceof RSAPublicKey)
{
RSAPublicKey pubKey = (RSAPublicKey) key;
@@ -484,11 +482,11 @@
byte[] exponent = pubKey.getPublicExponent().toByteArray();
RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
- rsaKeyValue.setModulus(modulus);
- rsaKeyValue.setExponent(exponent);
+ rsaKeyValue.setModulus(Base64.encodeBytes(modulus).getBytes());
+ rsaKeyValue.setExponent(Base64.encodeBytes(exponent).getBytes());
KeyValueType keyValue = new KeyValueType();
- keyValue.getContent().add(factory.createRSAKeyValue(rsaKeyValue));
+ keyValue.getContent().add(rsaKeyValue);
return keyValue;
}
else if (key instanceof DSAPublicKey)
@@ -500,13 +498,13 @@
byte[] Y = pubKey.getY().toByteArray();
DSAKeyValueType dsaKeyValue = new DSAKeyValueType();
- dsaKeyValue.setP(P);
- dsaKeyValue.setQ(Q);
- dsaKeyValue.setG(G);
- dsaKeyValue.setY(Y);
+ dsaKeyValue.setP(Base64.encodeBytes(P).getBytes());
+ dsaKeyValue.setQ(Base64.encodeBytes(Q).getBytes());
+ dsaKeyValue.setG(Base64.encodeBytes(G).getBytes());
+ dsaKeyValue.setY(Base64.encodeBytes(Y).getBytes());
KeyValueType keyValue = new KeyValueType();
- keyValue.getContent().add(factory.createDSAKeyValue(dsaKeyValue));
+ keyValue.getContent().add(dsaKeyValue);
return keyValue;
}
else
Deleted: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/AbstractWSWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -1,48 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.identity.federation.core.wstrust.writers;
-
-import java.io.OutputStream;
-
-import javax.xml.stream.XMLStreamWriter;
-
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.util.StaxUtil;
-
-/**
- * Base class for the WS Stax Writers
- * @author Anil.Saldhana(a)redhat.com
- * @since Nov 5, 2010
- */
-public class AbstractWSWriter
-{
- protected XMLStreamWriter writer = null;
-
- protected void verifyWriter( OutputStream out ) throws ProcessingException
- {
- if( writer == null )
- {
- writer = StaxUtil.getXMLStreamWriter( out );
- }
- }
-
-}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSAddressingWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -27,7 +27,7 @@
import static org.picketlink.identity.federation.core.wsa.WSAddressingConstants.WSA_NS;
import static org.picketlink.identity.federation.core.wsa.WSAddressingConstants.WSA_PREFIX;
-import java.io.OutputStream;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -39,12 +39,17 @@
* @author Anil.Saldhana(a)redhat.com
* @since Nov 5, 2010
*/
-public class WSAddressingWriter extends AbstractWSWriter
+public class WSAddressingWriter
{
- public void write( EndpointReferenceType endpointReference, OutputStream out ) throws ProcessingException
+ private XMLStreamWriter writer;
+
+ public WSAddressingWriter(XMLStreamWriter writer)
{
- verifyWriter(out);
-
+ this.writer = writer;
+ }
+
+ public void write( EndpointReferenceType endpointReference) throws ProcessingException
+ {
StaxUtil.writeStartElement( writer, WSA_PREFIX, ENDPOINT_REFERENCE, WSA_NS );
StaxUtil.writeNameSpace( writer, WSA_PREFIX, WSA_NS );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSPolicyWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -26,10 +26,10 @@
import static org.picketlink.identity.federation.core.wspolicy.WSPolicyConstants.WSP_PREFIX;
import static org.picketlink.identity.federation.core.wstrust.WSTrustConstants.WSP_NS;
-import java.io.OutputStream;
import java.util.List;
import javax.xml.bind.JAXBElement;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -41,18 +41,22 @@
* @author Anil.Saldhana(a)redhat.com
* @since Nov 5, 2010
*/
-public class WSPolicyWriter extends AbstractWSWriter
+public class WSPolicyWriter
{
+ private XMLStreamWriter writer;
+
+ public WSPolicyWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
/**
* Write an {@code AppliesTo} to the stream
* @param appliesTo
* @param out
* @throws ProcessingException
*/
- public void write( AppliesTo appliesTo, OutputStream out ) throws ProcessingException
+ public void write( AppliesTo appliesTo) throws ProcessingException
{
- verifyWriter(out);
-
StaxUtil.writeStartElement( writer, WSP_PREFIX, APPLIES_TO, WSP_NS );
StaxUtil.writeNameSpace( writer, WSP_PREFIX, WSP_NS );
StaxUtil.writeCharacters(writer, "" ); //Seems like JDK bug - not writing end character
@@ -66,8 +70,8 @@
if( EndpointReferenceType.class.equals( jaxb.getDeclaredType() ) )
{
EndpointReferenceType endpointReference = (EndpointReferenceType) jaxb.getValue();
- WSAddressingWriter wsAddressingWriter = new WSAddressingWriter();
- wsAddressingWriter.write(endpointReference, out);
+ WSAddressingWriter wsAddressingWriter = new WSAddressingWriter(this.writer);
+ wsAddressingWriter.write(endpointReference);
}
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSSecurityWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -30,9 +30,8 @@
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_NS;
import static org.picketlink.identity.federation.core.wsse.WSSecurityConstants.WSU_PREFIX;
-import java.io.OutputStream;
-
import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -45,18 +44,17 @@
* @author Anil.Saldhana(a)redhat.com
* @since Nov 8, 2010
*/
-public class WSSecurityWriter extends AbstractWSWriter
+public class WSSecurityWriter
{
- /**
- * Write an {@code UsernameTokenType} to the stream
- * @param appliesTo
- * @param out
- * @throws ProcessingException
- */
- public void write( UsernameTokenType usernameToken, OutputStream out ) throws ProcessingException
+ private XMLStreamWriter writer;
+
+ public WSSecurityWriter(XMLStreamWriter writer)
{
- verifyWriter(out);
-
+ this.writer = writer;
+ }
+
+ public void write(UsernameTokenType usernameToken) throws ProcessingException
+ {
StaxUtil.writeStartElement( writer, WSSE_PREFIX, USERNAME_TOKEN, WSSE_NS );
StaxUtil.writeNameSpace( writer, WSSE_PREFIX, WSSE_NS );
@@ -79,5 +77,5 @@
StaxUtil.writeEndElement( writer );
StaxUtil.flush( writer );
- }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/writers/WSTrustRSTWriter.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -32,6 +32,7 @@
import java.util.List;
import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Result;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
@@ -45,9 +46,12 @@
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyValueType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.RSAKeyValueType;
import org.w3c.dom.Element;
/**
@@ -55,17 +59,59 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 19, 2010
*/
-public class WSTrustRSTWriter extends AbstractWSWriter
+public class WSTrustRSTWriter
{
+ private XMLStreamWriter writer;
+
/**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code OutputStream}.
+ * </p>
+ *
+ * @param out the stream where the request is to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(OutputStream out) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(out);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that writes {@code RequestSecurityToken} instances to the specified
+ * {@code Result}.
+ * </p>
+ *
+ * @param result the {@code Result} where the request it to be written.
+ * @throws ProcessingException if an error occurs while processing the request.
+ */
+ public WSTrustRSTWriter(Result result) throws ProcessingException
+ {
+ this.writer = StaxUtil.getXMLStreamWriter(result);
+ }
+
+ /**
+ * <p>
+ * Creates a {@code WSTrustRSTWriter} that uses the specified {@code XMLStreamWriter} to write the request
+ * objects.
+ * </p>
+ *
+ * @param writer the {@code XMLStreamWriter} to be used to write requests.
+ */
+ public WSTrustRSTWriter(XMLStreamWriter writer)
+ {
+ this.writer = writer;
+ }
+
+ /**
* Write the {@code RequestSecurityTokenCollection} into the {@code OutputStream}
* @param requestTokenCollection
* @param out
* @throws ProcessingException
*/
- public void write( RequestSecurityTokenCollection requestTokenCollection, OutputStream out ) throws ProcessingException
+ public void write( RequestSecurityTokenCollection requestTokenCollection) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, PREFIX, RST_COLLECTION, BASE_NAMESPACE);
StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
@@ -75,7 +121,7 @@
for( RequestSecurityToken token: tokenList )
{
- write(token, out);
+ write(token);
}
StaxUtil.writeEndElement( writer );
@@ -88,9 +134,8 @@
* @param out
* @throws ProcessingException
*/
- public void write( RequestSecurityToken requestToken, OutputStream out ) throws ProcessingException
+ public void write( RequestSecurityToken requestToken ) throws ProcessingException
{
- verifyWriter(out);
StaxUtil.writeStartElement( writer, PREFIX, RST, BASE_NAMESPACE);
StaxUtil.writeNameSpace( writer, PREFIX, BASE_NAMESPACE );
String context = requestToken.getContext();
@@ -111,10 +156,18 @@
AppliesTo appliesTo = requestToken.getAppliesTo();
if( appliesTo != null )
{
- WSPolicyWriter wsPolicyWriter = new WSPolicyWriter();
- wsPolicyWriter.write( appliesTo, out );
+ WSPolicyWriter wsPolicyWriter = new WSPolicyWriter(this.writer);
+ wsPolicyWriter.write( appliesTo );
}
+ long keySize = requestToken.getKeySize();
+ if (keySize != 0)
+ {
+ StaxUtil.writeStartElement(writer, PREFIX, WSTrustConstants.KEY_SIZE, BASE_NAMESPACE);
+ StaxUtil.writeCharacters(writer, Long.toString(keySize));
+ StaxUtil.writeEndElement(writer);
+ }
+
URI keyType = requestToken.getKeyType();
if( keyType != null )
{
@@ -137,22 +190,27 @@
OnBehalfOfType onBehalfOf = requestToken.getOnBehalfOf();
if( onBehalfOf != null )
{
- writeOnBehalfOfType(onBehalfOf, out);
+ writeOnBehalfOfType(onBehalfOf);
}
ValidateTargetType validateTarget = requestToken.getValidateTarget();
if( validateTarget != null )
{
-
- writeValidateTargetType(validateTarget, out);
+ writeValidateTargetType(validateTarget);
}
CancelTargetType cancelTarget = requestToken.getCancelTarget();
if( cancelTarget != null )
{
- writeCancelTargetType(cancelTarget, out);
+ writeCancelTargetType(cancelTarget);
}
+ RenewTargetType renewTarget = requestToken.getRenewTarget();
+ if (renewTarget != null)
+ {
+ writeRenewTargetType(renewTarget);
+ }
+
StaxUtil.writeEndElement( writer );
StaxUtil.flush( writer );
}
@@ -188,30 +246,81 @@
*/
private void writeUseKeyType(UseKeyType useKeyType) throws ProcessingException
{
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.USE_KEY, BASE_NAMESPACE);
+
Object useKeyTypeValue = useKeyType.getAny();
if( useKeyTypeValue instanceof Element )
{
Element domElement = (Element) useKeyTypeValue;
StaxUtil.writeDOMElement( writer, domElement );
}
+ else if (useKeyTypeValue instanceof byte[])
+ {
+ byte[] certificate = (byte[]) useKeyTypeValue;
+ StaxUtil.writeStartElement(writer, "dsig", "X509Certificate", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace( writer, "dsig", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(certificate));
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (useKeyTypeValue instanceof KeyValueType)
+ {
+ writeKeyValueType((KeyValueType) useKeyTypeValue);
+ }
else
throw new RuntimeException( " Unknown use key type:" + useKeyTypeValue.getClass().getName() );
+
+ StaxUtil.writeEndElement(writer);
}
+ private void writeKeyValueType(KeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", WSTrustConstants.KEY_VALUE, WSTrustConstants.DSIG_NS);
+ StaxUtil.writeNameSpace(writer, "dsig", WSTrustConstants.DSIG_NS);
+ if (type.getContent().size() == 0)
+ throw new ProcessingException("KeyValueType must contain at least one value");
+
+ for (Object obj : type.getContent())
+ {
+ if (obj instanceof RSAKeyValueType)
+ {
+ RSAKeyValueType rsaKeyValue = (RSAKeyValueType) obj;
+ writeRSAKeyValueType(rsaKeyValue);
+ }
+ }
+ StaxUtil.writeEndElement(writer);
+ }
+
+ private void writeRSAKeyValueType(RSAKeyValueType type) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, "dsig", "RSAKeyValue", WSTrustConstants.DSIG_NS);
+ // write the rsa key modulus.
+ byte[] modulus = type.getModulus();
+ StaxUtil.writeStartElement(writer, "dsig", "Modulus", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(modulus));
+ StaxUtil.writeEndElement(writer);
+
+ // write the rsa key exponent.
+ byte[] exponent = type.getExponent();
+ StaxUtil.writeStartElement(writer, "dsig", "Exponent", WSTrustConstants.DSIG_NS);
+ StaxUtil.writeCharacters(writer, new String(exponent));
+ StaxUtil.writeEndElement(writer);
+
+ StaxUtil.writeEndElement(writer);
+ }
/**
* Write an {@code OnBehalfOfType} to stream
* @param onBehalfOf
* @param out
* @throws ProcessingException
*/
- private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf, OutputStream out) throws ProcessingException
+ private void writeOnBehalfOfType(OnBehalfOfType onBehalfOf) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.On_BEHALF_OF, BASE_NAMESPACE);
StaxUtil.writeCharacters(writer, "" );
UsernameTokenType usernameToken = (UsernameTokenType) onBehalfOf.getAny();
- WSSecurityWriter wsseWriter = new WSSecurityWriter();
- wsseWriter.write( usernameToken, out );
+ WSSecurityWriter wsseWriter = new WSSecurityWriter(this.writer);
+ wsseWriter.write( usernameToken );
StaxUtil.writeEndElement( writer );
}
@@ -221,20 +330,49 @@
* @param out
* @throws ProcessingException
*/
- private void writeValidateTargetType(ValidateTargetType validateTarget, OutputStream out) throws ProcessingException
+ private void writeValidateTargetType(ValidateTargetType validateTarget) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.VALIDATE_TARGET, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
Object validateTargetObj = validateTarget.getAny();
- if( validateTargetObj instanceof AssertionType )
+ if (validateTargetObj != null)
{
- AssertionType assertion = (AssertionType) validateTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter();
- samlAssertionWriter.write(assertion, out);
+ if (validateTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) validateTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (validateTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) validateTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown validate target type=" + validateTargetObj.getClass().getName());
}
- else throw new ProcessingException( "Unknown validate target type=" + validateTargetObj.getClass().getName() );
+ StaxUtil.writeEndElement( writer );
+ }
+
+ private void writeRenewTargetType(RenewTargetType renewTarget) throws ProcessingException
+ {
+ StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.RENEW_TARGET, BASE_NAMESPACE);
+ Object renewTargetObj = renewTarget.getAny();
+ if (renewTargetObj != null)
+ {
+ if (renewTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) renewTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (renewTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) renewTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown renew target type=" + renewTargetObj.getClass().getName());
+ }
StaxUtil.writeEndElement( writer );
}
@@ -244,20 +382,26 @@
* @param out
* @throws ProcessingException
*/
- private void writeCancelTargetType(CancelTargetType cancelTarget, OutputStream out) throws ProcessingException
+ private void writeCancelTargetType(CancelTargetType cancelTarget) throws ProcessingException
{
StaxUtil.writeStartElement( writer, PREFIX, WSTrustConstants.CANCEL_TARGET, BASE_NAMESPACE);
- StaxUtil.writeCharacters(writer, "" );
Object cancelTargetObj = cancelTarget.getAny();
- if( cancelTargetObj instanceof AssertionType )
+ if (cancelTargetObj != null)
{
- AssertionType assertion = (AssertionType) cancelTargetObj;
- SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter();
- samlAssertionWriter.write(assertion, out);
- }
- else throw new ProcessingException( "Unknown cancel target type=" + cancelTargetObj.getClass().getName() );
-
+ if (cancelTargetObj instanceof AssertionType)
+ {
+ AssertionType assertion = (AssertionType) cancelTargetObj;
+ SAMLAssertionWriter samlAssertionWriter = new SAMLAssertionWriter(this.writer);
+ samlAssertionWriter.write(assertion);
+ }
+ else if (cancelTargetObj instanceof Element)
+ {
+ StaxUtil.writeDOMElement(writer, (Element) cancelTargetObj);
+ }
+ else
+ throw new ProcessingException("Unknown cancel target type=" + cancelTargetObj.getClass().getName());
+ }
StaxUtil.writeEndElement( writer );
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -39,6 +39,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
@@ -247,9 +248,9 @@
}
}
- SAMLAssertionWriter writer = new SAMLAssertionWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(assertion, baos );
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(assertion);
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -33,6 +33,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
@@ -70,9 +71,9 @@
assertEquals( Boolean.TRUE , nameIDPolicy.isAllowCreate() );
//Try out writing
- SAMLRequestWriter writer = new SAMLRequestWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write( authnRequest, baos );
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( authnRequest );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
@@ -101,9 +102,9 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", authnContextDeclRefJaxb.getValue() );
//Let us do some writing - currently only visual inspection. We will do proper validation later.
- SAMLResponseWriter writer = new SAMLResponseWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(response, baos );
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -33,6 +33,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
/**
@@ -59,9 +60,9 @@
assertEquals( "http://localhost:8080/sales/", lotRequest.getIssuer().getValue() );
//Try out writing
- SAMLRequestWriter writer = new SAMLRequestWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write( lotRequest, baos );
+ SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write( lotRequest );
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -37,6 +37,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
@@ -70,8 +71,9 @@
assertEquals( "urn:oasis:names:tc:SAML:2.0:status:Success", status.getStatusCode().getStatusCode().getValue() );
//Let us do some writing - currently only visual inspection. We will do proper validation later.
- SAMLResponseWriter writer = new SAMLResponseWriter();ByteArrayOutputStream baos = new ByteArrayOutputStream();
- writer.write(response, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"), baos );
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response, new QName( PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"));
System.out.println( new String( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -68,10 +68,10 @@
assertEquals( WSTrustConstants.RSTR_STATUS_TOKEN_TYPE , rst2.getTokenType().toASCIIString() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write( requestCollection, baos );
+ rstWriter.write( requestCollection );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -70,10 +70,10 @@
validateAssertion( assertion );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -76,10 +76,10 @@
assertEquals( "ds:" + WSTRequestSecurityTokenParser.X509CERTIFICATE, certEl.getTagName() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -77,10 +77,10 @@
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken );
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -75,10 +75,10 @@
assertEquals( "M0/7qLpV49c=" , new String( binarySecret.getValue() ));
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -27,6 +27,8 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
+import javax.xml.transform.dom.DOMSource;
+
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
@@ -55,10 +57,10 @@
assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, requestToken.getTokenType().toASCIIString() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -61,10 +61,10 @@
assertEquals( "anotherduke", userNameToken.getUsername().getValue() );
//Now for the writing part
- WSTrustRSTWriter rstWriter = new WSTrustRSTWriter();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRSTWriter rstWriter = new WSTrustRSTWriter(baos);
- rstWriter.write(requestToken, baos );
+ rstWriter.write(requestToken);
System.out.println( new String( baos.toByteArray() ));
DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-16 20:57:31 UTC (rev 554)
@@ -36,6 +36,8 @@
import javax.xml.datatype.DatatypeConstants;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.EndpointReference;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.WebServiceException;
@@ -45,8 +47,10 @@
import org.picketlink.identity.federation.core.config.STSType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTS;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration;
import org.picketlink.identity.federation.core.wstrust.STSConfiguration;
@@ -64,6 +68,7 @@
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRSTWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionAbstractType;
@@ -243,11 +248,8 @@
// create a simple token request, asking for a "special" test token.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
"http://www.tokens.org/SpecialToken", null);
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -299,11 +301,8 @@
// create a simple token request, asking for a SAMLv2.0 token.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -327,11 +326,8 @@
// create a simple token request, this time using the applies to get to the token type.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider1");
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -354,11 +350,8 @@
{
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
"http://services.testcorp.org/provider2");
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -397,9 +390,7 @@
OnBehalfOfType onBehalfOf = WSTrustUtil.createOnBehalfOfWithUsername("anotherduke", "id");
request.setOnBehalfOf(onBehalfOf);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -418,7 +409,7 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
+ */
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
@@ -428,11 +419,8 @@
// add a symmetric key type to the request, but don't supply any client key - STS should generate one.
request.setKeyType(URI.create(WSTrustConstants.KEY_TYPE_SYMMETRIC));
+ Source requestMessage = this.createSourceFromRequest(request);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
-
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
@@ -457,7 +445,8 @@
BinarySecretType serverBinarySecret = (BinarySecretType) proofElement.getValue();
assertNotNull("Unexpected null secret", serverBinarySecret.getValue());
// default key size is 128 bits (16 bytes).
- assertEquals("Unexpected secret size", 16, serverBinarySecret.getValue().length);
+ byte[] encodedSecret = serverBinarySecret.getValue();
+ assertEquals("Unexpected secret size", 16, Base64.decode(encodedSecret, 0, encodedSecret.length).length);
}
/**
@@ -469,7 +458,7 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
+ */
@SuppressWarnings("rawtypes")
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
@@ -477,12 +466,11 @@
byte[] clientSecret = WSTrustUtil.createRandomSecret(8);
BinarySecretType clientBinarySecret = new BinarySecretType();
clientBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
- clientBinarySecret.setValue(clientSecret);
+ clientBinarySecret.setValue(Base64.encodeBytes(clientSecret).getBytes());
// set the client secret in the client entropy.
EntropyType clientEntropy = new EntropyType();
- clientEntropy.getAny().add(
- new org.picketlink.identity.federation.ws.trust.ObjectFactory().createBinarySecret(clientBinarySecret));
+ clientEntropy.getAny().add(clientBinarySecret);
// create a token request specifying the key type, key size, and client entropy.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null,
@@ -492,7 +480,7 @@
request.setKeySize(64);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -525,7 +513,9 @@
BinarySecretType serverBinarySecret = (BinarySecretType) serverEntropyContent.getValue();
assertEquals("Unexpected binary secret type", WSTrustConstants.BS_TYPE_NONCE, serverBinarySecret.getType());
assertNotNull("Unexpected null secret value", serverBinarySecret.getValue());
- assertEquals("Unexpected secret size", 8, serverBinarySecret.getValue().length);
+ // get the base64 decoded
+ byte[] encodedSecret = serverBinarySecret.getValue();
+ assertEquals("Unexpected secret size", 8, Base64.decode(encodedSecret, 0, encodedSecret.length).length);
}
/**
@@ -545,14 +535,12 @@
// include a UseKey section that specifies the certificate in the request.
Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
- JAXBElement<byte[]> certElement = new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory()
- .createX509DataTypeX509Certificate(certificate.getEncoded());
UseKeyType useKey = new UseKeyType();
- useKey.setAny(certElement);
+ useKey.setAny(Base64.encodeBytes(certificate.getEncoded()).getBytes());
request.setUseKey(useKey);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -585,11 +573,11 @@
Certificate certificate = this.getCertificate("keystore/sts_keystore.jks", "testpass", "service1");
KeyValueType keyValue = WSTrustUtil.createKeyValue(certificate.getPublicKey());
UseKeyType useKey = new UseKeyType();
- useKey.setAny(new org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory().createKeyValue(keyValue));
+ useKey.setAny(keyValue);
request.setUseKey(useKey);
// invoke the token service.
- Source requestMessage = WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
@@ -619,17 +607,18 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
BaseRequestSecurityTokenResponse baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response and get the SAML assertion from the request.
- this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke", SAMLUtil.SAML2_BEARER_URI);
+ this.validateSAMLAssertionResponse(baseResponse, "testcontext", "jduke",
+ SAMLUtil.SAML2_BEARER_URI);
RequestSecurityTokenResponseCollection collection = (RequestSecurityTokenResponseCollection) baseResponse;
Element assertion = (Element) collection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken()
- .getAny();
+ .getAny();
// now construct a WS-Trust validate request with the generated assertion.
request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST, WSTrustConstants.STATUS_TYPE,
@@ -639,7 +628,7 @@
request.setValidateTarget(validateTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response contents.
@@ -658,7 +647,7 @@
// now let's temper the SAML assertion and try to validate it again.
assertion.getFirstChild().getFirstChild().setNodeValue("Tempered Issuer");
request.getValidateTarget().setAny(assertion);
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
collection = (RequestSecurityTokenResponseCollection) WSTrustJAXBFactory.getInstance()
.parseRequestSecurityTokenResponse(responseMessage);
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
@@ -687,7 +676,7 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -706,7 +695,7 @@
request.setRenewTarget(renewTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the renew response contents and get the renewed token.
@@ -744,7 +733,7 @@
// use the factory to marshall the request.
WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
Source responseMessage = this.tokenService.invoke(requestMessage);
@@ -763,7 +752,7 @@
request.setCancelTarget(cancelTarget);
// invoke the token service.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
baseResponse = factory.parseRequestSecurityTokenResponse(responseMessage);
// validate the response contents.
@@ -783,7 +772,7 @@
request.setValidateTarget(validateTarget);
// the response should contain a status indicating that the token is not valid.
- responseMessage = this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ responseMessage = this.tokenService.invoke(this.createSourceFromRequest(request));
collection = (RequestSecurityTokenResponseCollection) factory.parseRequestSecurityTokenResponse(responseMessage);
assertEquals("Unexpected number of responses", 1, collection.getRequestSecurityTokenResponses().size());
response = collection.getRequestSecurityTokenResponses().get(0);
@@ -804,7 +793,7 @@
// we should receive an exception when renewing the token.
try
{
- this.tokenService.invoke(factory.marshallRequestSecurityToken(request));
+ this.tokenService.invoke(this.createSourceFromRequest(request));
fail("Renewing a canceled token should result in an exception being thrown");
}
catch (WebServiceException we)
@@ -829,9 +818,7 @@
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST,
"http://www.tokens.org/UnknownToken", null);
- // use the factory to marshall the request.
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the security token service.
try
@@ -859,8 +846,7 @@
{
// lets create an issue request that container neither an applies-to nor a token type.
RequestSecurityToken request = this.createRequest("testcontext", WSTrustConstants.ISSUE_REQUEST, null, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service. A WSTrustException should be raised.
try
@@ -879,7 +865,7 @@
// a request that asks for a public key to be used as proof key will fail if the public key is not available.
request.setTokenType(URI.create(SAMLUtil.SAML2_TOKEN_TYPE));
request.setKeyType(URI.create(WSTrustConstants.KEY_TYPE_PUBLIC));
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
@@ -906,8 +892,7 @@
// first create a request that doesn't have a renew target element.
RequestSecurityToken request = this.createRequest("renewcontext", WSTrustConstants.RENEW_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -924,7 +909,7 @@
// a request with an empty renew target should also result in a failure.
request.setRenewTarget(new RenewTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -933,13 +918,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to renew token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse renew token request: security token is null", we.getCause().getMessage());
}
// a request to renew an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getRenewTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -966,8 +951,7 @@
// first create a request that doesn't have a validate target element.
RequestSecurityToken request = this.createRequest("validatecontext", WSTrustConstants.VALIDATE_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -984,7 +968,7 @@
// a request with an empty validate target should also result in a failure.
request.setValidateTarget(new ValidateTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -993,13 +977,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to validate token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse validate token request: security token is null", we.getCause().getMessage());
}
// a request to validate an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getValidateTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1026,8 +1010,7 @@
// first create a request that doesn't have a cancel target element.
RequestSecurityToken request = this.createRequest("cancelcontext", WSTrustConstants.CANCEL_REQUEST,
SAMLUtil.SAML2_TOKEN_TYPE, null);
- WSTrustJAXBFactory factory = WSTrustJAXBFactory.getInstance();
- Source requestMessage = factory.marshallRequestSecurityToken(request);
+ Source requestMessage = this.createSourceFromRequest(request);
// invoke the token service.
try
@@ -1044,7 +1027,7 @@
// a request with an empty cancel target should also result in a failure.
request.setCancelTarget(new CancelTargetType());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1053,13 +1036,13 @@
catch (WebServiceException we)
{
assertNotNull("Unexpected null cause", we.getCause());
- assertTrue("Unexpected cause type", we.getCause() instanceof WSTrustException);
- assertEquals("Unable to cancel token: security token is null", we.getCause().getMessage());
+ assertTrue("Unexpected cause type", we.getCause() instanceof ParsingException);
+ assertEquals("Unable to parse cancel token request: security token is null", we.getCause().getMessage());
}
// a request to cancel an unknown token (i.e. there's no provider can handle the token) should also fail.
request.getCancelTarget().setAny(this.createUnknownToken());
- requestMessage = factory.marshallRequestSecurityToken(request);
+ requestMessage = this.createSourceFromRequest(request);
try
{
this.tokenService.invoke(requestMessage);
@@ -1318,10 +1301,12 @@
Document doc = DocumentUtil.createDocument();
String namespaceURI = "http://www.unknowntoken.org";
Element root = doc.createElementNS(namespaceURI, "token:UnknownToken");
- root.appendChild(doc.createTextNode("Unknown content"));
+ Element child = doc.createElementNS(namespaceURI, "token:UnknownTokenValue");
+ child.appendChild(doc.createTextNode("Unknown content"));
+ root.appendChild(child);
String id = IDGenerator.create("ID_");
root.setAttributeNS(namespaceURI, "ID", id);
-
+ root.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:token", namespaceURI);
return root;
}
@@ -1346,6 +1331,15 @@
return certificate;
}
+ private Source createSourceFromRequest(RequestSecurityToken request) throws Exception
+ {
+ // write the request XML to a byte[]
+ DOMResult result = new DOMResult(DocumentUtil.createDocument());
+ WSTrustRSTWriter writer = new WSTrustRSTWriter(result);
+ writer.write(request);
+ return new DOMSource(result.getNode());
+ }
+
/**
* <p>
* Helper class that exposes the PicketLinkSTS methods as public for the tests to work.
13 years, 5 months
- 1
- 0
Picketlink SVN: r553 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/util and 5 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-12 15:25:28 -0500 (Fri, 12 Nov 2010)
New Revision: 553
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
Log:
PLFED-109: as wstrust response parsing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLConditionsParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -20,10 +20,7 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.parsers.saml;
-
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
-import javax.xml.datatype.XMLGregorianCalendar;
+
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
@@ -36,6 +33,7 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AudienceRestrictionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
@@ -56,16 +54,6 @@
StartElement conditionsElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(conditionsElement, JBossSAMLConstants.CONDITIONS.get() );
-
- DatatypeFactory dtf;
- try
- {
- dtf = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException e )
- {
- throw new ParsingException( e );
- }
ConditionsType conditions = new ConditionsType();
@@ -87,17 +75,14 @@
if( notBeforeAttribute != null )
{
- String notBeforeValue = StaxParserUtil.getAttributeValue( notBeforeAttribute );
-
- XMLGregorianCalendar xmlcal = dtf.newXMLGregorianCalendar( notBeforeValue );
- conditions.setNotBefore( xmlcal );
+ String notBeforeValue = StaxParserUtil.getAttributeValue( notBeforeAttribute );
+ conditions.setNotBefore( XMLTimeUtil.parse(notBeforeValue) );
}
if( notAfterAttribute != null )
{
- String notAfterValue = StaxParserUtil.getAttributeValue( notAfterAttribute );
- XMLGregorianCalendar xmlcal = dtf.newXMLGregorianCalendar( notAfterValue );
- conditions.setNotOnOrAfter( xmlcal );
+ String notAfterValue = StaxParserUtil.getAttributeValue( notAfterAttribute );
+ conditions.setNotOnOrAfter( XMLTimeUtil.parse( notAfterValue ) );
}
@@ -111,7 +96,10 @@
{
EndElement nextEndElement = (EndElement) xmlEvent;
if( StaxParserUtil.matches(nextEndElement, JBossSAMLConstants.CONDITIONS.get() ))
- break;
+ {
+ nextEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
}
String tag = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSubjectParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -37,12 +37,15 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
/**
* Parse the saml subject
@@ -125,8 +128,7 @@
subject.getContent().add( jaxbEl );
}
else throw new RuntimeException( "Unknown tag:" + tag );
- }
-
+ }
return subject;
}
@@ -142,6 +144,7 @@
&& localPart.equals( JBossSAMLConstants.SUBJECT.get() );
}
+ @SuppressWarnings({"unchecked", "rawtypes"})
private SubjectConfirmationDataType parseSubjectConfirmationData( XMLEventReader xmlEventReader ) throws ParsingException
{
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -178,10 +181,67 @@
{
subjectConfirmationData.setAddress( StaxParserUtil.getAttributeValue( address ));
}
+
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( ! ( xmlEvent instanceof EndElement ))
+ {
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ String tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ {
+ KeyInfoType keyInfo = parseKeyInfo(xmlEventReader);
+ QName qname = new QName( WSTrustConstants.XMLDSig.DSIG_NS, WSTrustConstants.XMLDSig.KEYINFO,
+ WSTrustConstants.XMLDSig.PREFIX );
+ JAXBElement<?> jaxb = new JAXBElement(qname, KeyInfoType.class, keyInfo );
+ subjectConfirmationData.getContent().add( jaxb );
+ }
+ }
//Get the end tag
EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
StaxParserUtil.matches(endElement, JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get() );
return subjectConfirmationData;
}
+
+ private KeyInfoType parseKeyInfo( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ KeyInfoType keyInfo = new KeyInfoType();
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO );
+
+ XMLEvent xmlEvent = null;
+ String tag = null;
+
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ tag = StaxParserUtil.getEndElementName( (EndElement) xmlEvent );
+ if( tag.equals( WSTrustConstants.XMLDSig.KEYINFO ))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.XMLDSig.X509DATA ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ X509DataType x509 = new X509DataType();
+ //Let us go for the X509 certificate
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT );
+
+ String certValue = StaxParserUtil.getElementText(xmlEventReader);
+ QName qname = new QName( WSTrustConstants.DSIG_NS, WSTrustConstants.XMLDSig.X509CERT, WSTrustConstants.XMLDSig.PREFIX );
+ JAXBElement<?> cert = new JAXBElement<byte[]>( qname, byte[].class, certValue.getBytes() );
+ x509.getX509IssuerSerialOrX509SKIOrX509SubjectName().add( cert );
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA );
+ }
+ }
+ return keyInfo;
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SecurityActions.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 25, 2010
+ */
+public class SecurityActions
+{
+ /**
+ * Get a system property
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty( final String key, final String defaultValue )
+ {
+ return AccessController.doPrivileged( new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty( key, defaultValue );
+ }
+ } );
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -31,8 +31,16 @@
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.stax.StAXSource;
-import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
/**
@@ -72,6 +80,52 @@
}
/**
+ * Given that the {@code XMLEventReader} is in {@code XMLStreamConstants.START_ELEMENT}
+ * mode, we parse into a DOM Element
+ * @param xmlEventReader
+ * @return
+ * @throws ParsingException
+ */
+ public static Element getDOMElement( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ Transformer transformer = null;
+
+ final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
+
+ boolean useJDKTransformer = Boolean.parseBoolean( SecurityActions.getSystemProperty(JDK_TRANSFORMER_PROPERTY, "false" ));
+
+ try
+ {
+ if( useJDKTransformer )
+ {
+ transformer = TransformerUtil.getTransformer();
+ }
+ else
+ {
+ transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
+ }
+
+ Document resultDocument = DocumentUtil.createDocument();
+ DOMResult domResult = new DOMResult( resultDocument );
+
+ StAXSource source = new StAXSource( xmlEventReader );
+
+ TransformerUtil.transform( transformer, source, domResult );
+
+ Document doc = ( Document ) domResult.getNode();
+ return doc.getDocumentElement();
+ }
+ catch ( ConfigurationException e )
+ {
+ throw new ParsingException( e );
+ }
+ catch ( XMLStreamException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+
+ /**
* Get the element text.
* @param xmlEventReader
* @return A <b>trimmed</b> string value
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsp/WSPolicyParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -23,6 +23,7 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
@@ -77,6 +78,9 @@
Object parsedObject = parser.parse( xmlEventReader );
appliesTo.getAny().add( parsedObject );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSPolicyConstants.APPLIES_TO );
return appliesTo;
}
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wsse/WSSecurityParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -34,6 +34,8 @@
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.ws.wss.secext.AttributedString;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
/**
@@ -46,9 +48,7 @@
* @since Oct 14, 2010
*/
public class WSSecurityParser extends AbstractParser
-{
- public static final String USERNAME_TOKEN = "UsernameToken";
-
+{
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -63,9 +63,8 @@
StartElement startElement = (StartElement) xmlEvent;
String elementName = StaxParserUtil.getStartElementName( startElement );
- if( elementName.equalsIgnoreCase( USERNAME_TOKEN ))
- {
- //Get the AppliesTo element
+ if( elementName.equalsIgnoreCase( WSTrustConstants.WSSE.USERNAME_TOKEN ))
+ {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
UsernameTokenType userNameToken = new UsernameTokenType();
@@ -93,10 +92,14 @@
//Get the end element
EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
- StaxParserUtil.validate( onBehalfOfEndElement, USERNAME_TOKEN ) ;
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.WSSE.USERNAME_TOKEN ) ;
return userNameToken;
}
+ else if( elementName.equals( WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE ))
+ {
+ return parseSecurityTokenReference(xmlEventReader);
+ }
}
else
{
@@ -115,4 +118,56 @@
return WSTrustConstants.WSSE_NS.equals( nsURI );
}
+
+ private SecurityTokenReferenceType parseSecurityTokenReference( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE );
+
+ SecurityTokenReferenceType securityTokenRef = new SecurityTokenReferenceType();
+
+ //Get the Token Type attribute
+ QName tokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE );
+ Attribute tokenTypeAttr = startElement.getAttributeByName( tokenType );
+ if(tokenTypeAttr != null )
+ {
+ tokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE, tokenTypeAttr.getName().getPrefix() );
+ securityTokenRef.getOtherAttributes().put( tokenType, StaxParserUtil.getAttributeValue( tokenTypeAttr ));
+ }
+
+ XMLEvent xmlEvent = null;
+ EndElement endElement = null;
+ String tag = null;
+
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ endElement = (EndElement) xmlEvent;
+ tag = StaxParserUtil.getEndElementName(endElement);
+ if( tag.equals( WSTrustConstants.WSSE.SECURITY_TOKEN_REFERENCE ))
+ {
+ endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+
+ startElement = (StartElement) xmlEvent;
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.equals( WSTrustConstants.WSSE.KEY_IDENTIFIER ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ KeyIdentifierType keyIdentifierType = new KeyIdentifierType();
+
+ Attribute valueTypeAttr = startElement.getAttributeByName( new QName( WSTrustConstants.VALUE_TYPE ));
+ if( valueTypeAttr != null )
+ keyIdentifierType.setValueType( StaxParserUtil.getAttributeValue( valueTypeAttr ));
+ keyIdentifierType.setValue( StaxParserUtil.getElementText(xmlEventReader));
+ securityTokenRef.getAny().add( keyIdentifierType );
+ }
+ }
+
+ return securityTokenRef;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -26,22 +26,15 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
-import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.stax.StAXSource;
-import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserController;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
@@ -52,7 +45,6 @@
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -65,8 +57,6 @@
public static final String X509CERTIFICATE = "X509Certificate";
public static final String KEYVALUE = "KeyValue";
- public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
-
/**
* @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
*/
@@ -225,7 +215,7 @@
subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
{
- Element domElement = this.getDOMElement(xmlEventReader);
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
//Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
useKeyType.setAny( domElement );
@@ -234,7 +224,7 @@
else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
{
//Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
- Element domElement = this.getDOMElement(xmlEventReader);//
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
useKeyType.setAny( domElement );
requestToken.setUseKey( useKeyType );
}
@@ -273,49 +263,5 @@
return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
&& WSTrustConstants.RST.equals( localPart );
- }
-
- /**
- * Given that the {@code XMLEventReader} is in {@code XMLStreamConstants.START_ELEMENT}
- * mode, we parse into a DOM Element
- * @param xmlEventReader
- * @return
- * @throws ParsingException
- */
- private Element getDOMElement( XMLEventReader xmlEventReader ) throws ParsingException
- {
- Transformer transformer = null;
-
- boolean useJDKTransformer = Boolean.parseBoolean( SecurityActions.getSystemProperty(JDK_TRANSFORMER_PROPERTY, "false" ));
-
- try
- {
- if( useJDKTransformer )
- {
- transformer = TransformerUtil.getTransformer();
- }
- else
- {
- transformer = TransformerUtil.getStaxSourceToDomResultTransformer();
- }
-
- Document resultDocument = DocumentUtil.createDocument();
- DOMResult domResult = new DOMResult( resultDocument );
-
- StAXSource source = new StAXSource( xmlEventReader );
-
- TransformerUtil.transform( transformer, source, domResult );
-
- Document doc = ( Document ) domResult.getNode();
- return doc.getDocumentElement();
- }
- catch ( ConfigurationException e )
- {
- throw new ParsingException( e );
- }
- catch ( XMLStreamException e )
- {
- throw new ParsingException( e );
- }
- }
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseCollectionParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.wst;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+
+/**
+ * Parse the WS-Trust RequestSecurityTokenResponse Collection
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 11, 2010
+ */
+public class WSTRequestSecurityTokenResponseCollectionParser implements ParserNamespaceSupport
+{
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StaxParserUtil.getNextEvent(xmlEventReader);
+
+ RequestSecurityTokenResponseCollection requestCollection = new RequestSecurityTokenResponseCollection();
+
+ //Peek at the next event
+ while( xmlEventReader.hasNext() )
+ {
+ StartElement peekedElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( peekedElement == null )
+ break;
+
+ String tag = StaxParserUtil.getStartElementName( peekedElement );
+
+ if( WSTrustConstants.RSTR.equalsIgnoreCase( tag ) )
+ {
+ WSTRequestSecurityTokenResponseParser rstrParser = new WSTRequestSecurityTokenResponseParser();
+ RequestSecurityTokenResponse rstr = ( RequestSecurityTokenResponse ) rstrParser.parse( xmlEventReader );
+ requestCollection.addRequestSecurityTokenResponse(rstr);
+ }
+ }
+ return requestCollection;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports( QName qname )
+ {
+ return ( qname.getNamespaceURI().equals( WSTrustConstants.BASE_NAMESPACE )
+ && qname.getLocalPart().equals( WSTrustConstants.RSTR_COLLECTION ) );
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTRequestSecurityTokenResponseParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,335 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.wst;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserController;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.parsers.wsse.WSSecurityParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.Lifetime;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.picketlink.identity.federation.ws.trust.BinarySecretType;
+import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.picketlink.identity.federation.ws.trust.LifetimeType;
+import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.trust.RequestedSecurityTokenType;
+import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+import org.picketlink.identity.federation.ws.wss.utility.AttributedDateTime;
+import org.w3c.dom.Element;
+
+/**
+ * Parse the WS-Trust RequestSecurityToken
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Oct 11, 2010
+ */
+public class WSTRequestSecurityTokenResponseParser implements ParserNamespaceSupport
+{
+ public static final String X509CERTIFICATE = "X509Certificate";
+ public static final String KEYVALUE = "KeyValue";
+
+ public static final String JDK_TRANSFORMER_PROPERTY = "picketlink.jdk.transformer";
+
+ /**
+ * @see {@link ParserNamespaceSupport#parse(XMLEventReader)}
+ */
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement( xmlEventReader );
+
+ RequestSecurityTokenResponse responseToken = new RequestSecurityTokenResponse();
+
+ QName contextQName = new QName( "", WSTrustConstants.RST_CONTEXT );
+ Attribute contextAttribute = startElement.getAttributeByName( contextQName );
+ String contextValue = StaxParserUtil.getAttributeValue( contextAttribute );
+ responseToken.setContext( contextValue );
+
+ while( xmlEventReader.hasNext() )
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek( xmlEventReader );
+ if( xmlEvent == null )
+ break;
+ if( xmlEvent instanceof EndElement )
+ {
+ xmlEvent = StaxParserUtil.getNextEvent( xmlEventReader );
+ EndElement endElement = (EndElement) xmlEvent;
+ String endElementTag = StaxParserUtil.getEndElementName( endElement );
+ if( endElementTag.equals( WSTrustConstants.RSTR ) )
+ break;
+ }
+
+ try
+ {
+ StartElement subEvent = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( subEvent == null )
+ break;
+
+ String tag = StaxParserUtil.getStartElementName( subEvent );
+ if( tag.equals( WSTrustConstants.REQUEST_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "request type is expected ahead" );
+
+ String value = StaxParserUtil.getElementText(xmlEventReader);
+ responseToken.setRequestType( new URI( value ));
+ }
+ else if( tag.equals( WSTrustConstants.LIFETIME ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(subEvent, WSTrustConstants.LIFETIME );
+
+
+ LifetimeType lifeTime = new LifetimeType();
+ //Get the Created
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ String subTag = StaxParserUtil.getStartElementName( subEvent );
+ if( subTag.equals( WSTrustConstants.CREATED ))
+ {
+ AttributedDateTime created = new AttributedDateTime();
+ created.setValue( StaxParserUtil.getElementText(xmlEventReader) );
+ lifeTime.setCreated( created );
+ }
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ subTag = StaxParserUtil.getStartElementName( subEvent );
+
+ if( subTag.equals( WSTrustConstants.EXPIRES ))
+ {
+ AttributedDateTime expires = new AttributedDateTime();
+ expires.setValue( StaxParserUtil.getElementText(xmlEventReader) );
+ lifeTime.setExpires( expires );
+ }
+ else
+ throw new RuntimeException( subTag + " was unexpected" );
+
+ responseToken.setLifetime( new Lifetime( lifeTime ));
+ EndElement lifeTimeElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( lifeTimeElement, WSTrustConstants.LIFETIME ) ;
+ }
+ else if( tag.equals( WSTrustConstants.TOKEN_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "token type is expected ahead" );
+
+ String value = StaxParserUtil.getElementText(xmlEventReader);
+ responseToken.setTokenType( new URI( value ));
+ }
+ else if( tag.equals( WSTrustConstants.On_BEHALF_OF ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ WSTrustOnBehalfOfParser wstOnBehalfOfParser = new WSTrustOnBehalfOfParser();
+ OnBehalfOfType onBehalfOf = (OnBehalfOfType) wstOnBehalfOfParser.parse(xmlEventReader);
+ responseToken.setOnBehalfOf(onBehalfOf);
+ EndElement onBehalfOfEndElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( onBehalfOfEndElement, WSTrustConstants.On_BEHALF_OF ) ;
+ }
+ else if( tag.equals( WSTrustConstants.KEY_TYPE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "key type is expected ahead" );
+
+ String keyType = StaxParserUtil.getElementText(xmlEventReader);
+ try
+ {
+ URI keyTypeURI = new URI( keyType );
+ responseToken.setKeyType( keyTypeURI );
+ }
+ catch( URISyntaxException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+ else if( tag.equals( WSTrustConstants.KEY_SIZE ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "key size is expected ahead" );
+
+ String keySize = StaxParserUtil.getElementText(xmlEventReader);
+ try
+ {
+ responseToken.setKeySize(Long.parseLong( keySize ));
+ }
+ catch( NumberFormatException e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+ else if( tag.equals( WSTrustConstants.ENTROPY ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ EntropyType entropy = new EntropyType();
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ if( StaxParserUtil.matches(subEvent, WSTrustConstants.BINARY_SECRET ))
+ {
+ BinarySecretType binarySecret = new BinarySecretType();
+ Attribute typeAttribute = subEvent.getAttributeByName( new QName( "", "Type" ));
+ binarySecret.setType( StaxParserUtil.getAttributeValue( typeAttribute ));
+
+ if( !StaxParserUtil.hasTextAhead( xmlEventReader ))
+ throw new ParsingException( "binary secret value is expected ahead" );
+
+ binarySecret.setValue( StaxParserUtil.getElementText(xmlEventReader).getBytes() );
+ entropy.getAny().add( binarySecret );
+ }
+ responseToken.setEntropy(entropy);
+ }
+ else if( tag.equals( WSTrustConstants.USE_KEY ))
+ {
+ subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
+ UseKeyType useKeyType = new UseKeyType();
+ StaxParserUtil.validate( subEvent, WSTrustConstants.USE_KEY ) ;
+
+ //We peek at the next start element as the stax source has to be in the START_ELEMENT mode
+ subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if( StaxParserUtil.matches(subEvent, X509CERTIFICATE ))
+ {
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);
+ //Element domElement = getX509CertificateAsDomElement( subEvent, xmlEventReader );
+
+ useKeyType.setAny( domElement );
+ responseToken.setUseKey( useKeyType );
+ }
+ else if( StaxParserUtil.matches(subEvent, KEYVALUE ))
+ {
+ //Element domElement = getKeyValueAsDomElement( subEvent, xmlEventReader );
+ Element domElement = StaxParserUtil.getDOMElement(xmlEventReader);//
+ useKeyType.setAny( domElement );
+ responseToken.setUseKey( useKeyType );
+ }
+ else throw new RuntimeException( "unsupported " + StaxParserUtil.getStartElementName( subEvent ));
+ }
+ else if( tag.equals( WSTrustConstants.REQUESTED_TOKEN ))
+ {
+ responseToken.setRequestedSecurityToken( parseRequestedSecurityTokenType(xmlEventReader) );
+ }
+ else if( tag.equals( WSTrustConstants.REQUESTED_ATTACHED_REFERENCE ))
+ {
+ responseToken.setRequestedAttachedReference( parseRequestedReference(xmlEventReader));
+ }
+ else
+ {
+ QName qname = subEvent.getName();
+ ParserNamespaceSupport parser = ParserController.get( qname );
+ if( parser == null )
+ throw new RuntimeException( "Cannot parse " + qname );
+
+ Object parsedObject = parser.parse( xmlEventReader );
+ if( parsedObject instanceof AppliesTo )
+ {
+ responseToken.setAppliesTo( (AppliesTo) parsedObject );
+ }
+ }
+ }
+ catch (URISyntaxException e)
+ {
+ throw new ParsingException( e );
+ }
+ }
+
+ return responseToken;
+ }
+
+ /**
+ * @see {@link ParserNamespaceSupport#supports(QName)}
+ */
+ public boolean supports(QName qname)
+ {
+ String nsURI = qname.getNamespaceURI();
+ String localPart = qname.getLocalPart();
+
+ return WSTrustConstants.BASE_NAMESPACE.equals( nsURI )
+ && WSTrustConstants.RST.equals( localPart );
+ }
+
+ private RequestedSecurityTokenType parseRequestedSecurityTokenType( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
+
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_TOKEN );
+
+ XMLEvent xmlEvent = null;
+ while( xmlEventReader.hasNext() )
+ {
+ xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ if( StaxParserUtil.getEndElementName( (EndElement) xmlEvent ).equals( WSTrustConstants.REQUESTED_TOKEN ))
+ {
+ xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ }
+ startElement = (StartElement) xmlEvent;
+ String tag = StaxParserUtil.getStartElementName(startElement);
+
+ if( tag.equals( JBossSAMLConstants.ASSERTION.get() ))
+ {
+ SAMLAssertionParser assertionParser = new SAMLAssertionParser();
+ requestedSecurityTokenType.setAny( assertionParser.parse(xmlEventReader) );
+ }
+ }
+
+ return requestedSecurityTokenType;
+ }
+
+ private RequestedReferenceType parseRequestedReference( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
+
+ RequestedReferenceType ref = new RequestedReferenceType();
+
+ WSSecurityParser wsseParser = new WSSecurityParser();
+ SecurityTokenReferenceType secref = (SecurityTokenReferenceType) wsseParser.parse(xmlEventReader);
+
+ ref.setSecurityTokenReference( secref );
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, WSTrustConstants.REQUESTED_ATTACHED_REFERENCE );
+
+ return ref;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustOnBehalfOfParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -49,7 +49,7 @@
StartElement startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
String tag = StaxParserUtil.getStartElementName( startElement );
- if( tag.equals( WSSecurityParser.USERNAME_TOKEN ) )
+ if( tag.equals( WSTrustConstants.WSSE.USERNAME_TOKEN ) )
{
WSSecurityParser wsseParser = new WSSecurityParser();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/wst/WSTrustParser.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -64,6 +64,16 @@
WSTRequestSecurityTokenParser wst = new WSTRequestSecurityTokenParser();
return wst.parse(xmlEventReader);
}
+ else if( elementName.equalsIgnoreCase( WSTrustConstants.RSTR_COLLECTION ))
+ {
+ WSTRequestSecurityTokenResponseCollectionParser wstrcoll = new WSTRequestSecurityTokenResponseCollectionParser();
+ return wstrcoll.parse(xmlEventReader);
+ }
+ else if( elementName.equalsIgnoreCase( WSTrustConstants.RSTR ))
+ {
+ WSTRequestSecurityTokenResponseParser wst = new WSTRequestSecurityTokenResponseParser();
+ return wst.parse(xmlEventReader);
+ }
}
else
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-11 17:43:49 UTC (rev 552)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustConstants.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -31,73 +31,99 @@
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
* @author <a href="mailto:asaldhan@redhat.com">Anil Saldhana</a>
*/
-public class WSTrustConstants
+public interface WSTrustConstants
{
- public static final String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
- public static final String PREFIX = "wst";
+ String BASE_NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
+ String PREFIX = "wst";
// WS-Trust request types
- public static final String BATCH_ISSUE_REQUEST = BASE_NAMESPACE + "/BatchIssue";
- public static final String ISSUE_REQUEST = BASE_NAMESPACE + "/Issue";
- public static final String RENEW_REQUEST = BASE_NAMESPACE + "/Renew";
- public static final String CANCEL_REQUEST = BASE_NAMESPACE + "/Cancel";
- public static final String VALIDATE_REQUEST = BASE_NAMESPACE + "/Validate";
- public static final String BATCH_VALIDATE_REQUEST = BASE_NAMESPACE + "/BatchValidate";
+ String BATCH_ISSUE_REQUEST = BASE_NAMESPACE + "/BatchIssue";
+ String ISSUE_REQUEST = BASE_NAMESPACE + "/Issue";
+ String RENEW_REQUEST = BASE_NAMESPACE + "/Renew";
+ String CANCEL_REQUEST = BASE_NAMESPACE + "/Cancel";
+ String VALIDATE_REQUEST = BASE_NAMESPACE + "/Validate";
+ String BATCH_VALIDATE_REQUEST = BASE_NAMESPACE + "/BatchValidate";
// WS-Trust validation constants.
- public static final String STATUS_TYPE = BASE_NAMESPACE + "/RSTR/Status";
- public static final String STATUS_CODE_VALID = BASE_NAMESPACE + "/status/valid";
- public static final String STATUS_CODE_INVALID = BASE_NAMESPACE + "/status/invalid";
+ String STATUS_TYPE = BASE_NAMESPACE + "/RSTR/Status";
+ String STATUS_CODE_VALID = BASE_NAMESPACE + "/status/valid";
+ String STATUS_CODE_INVALID = BASE_NAMESPACE + "/status/invalid";
// WS-Trust key types.
- public static final String KEY_TYPE_BEARER = BASE_NAMESPACE + "/Bearer";
- public static final String KEY_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
- public static final String KEY_TYPE_PUBLIC = BASE_NAMESPACE + "/PublicKey";
+ String KEY_TYPE_BEARER = BASE_NAMESPACE + "/Bearer";
+ String KEY_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
+ String KEY_TYPE_PUBLIC = BASE_NAMESPACE + "/PublicKey";
// WS-Trust binary secret types.
- public static final String BS_TYPE_ASYMMETRIC = BASE_NAMESPACE + "/AsymmetricKey";
- public static final String BS_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
- public static final String BS_TYPE_NONCE = BASE_NAMESPACE + "/Nonce";
+ String BS_TYPE_ASYMMETRIC = BASE_NAMESPACE + "/AsymmetricKey";
+ String BS_TYPE_SYMMETRIC = BASE_NAMESPACE + "/SymmetricKey";
+ String BS_TYPE_NONCE = BASE_NAMESPACE + "/Nonce";
// WS-Trust computed key types.
- public static final String CK_PSHA1 = BASE_NAMESPACE + "/CK/PSHA1";
+ String CK_PSHA1 = BASE_NAMESPACE + "/CK/PSHA1";
// WSS namespaces values.
- public static final String WSA_NS = "http://www.w3.org/2005/08/addressing";
- public static final String WSP_NS = "http://schemas.xmlsoap.org/ws/2004/09/policy";
- public static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...";
- public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...";
- public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
- public static final String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
- public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
- public static final String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
+ String WSA_NS = "http://www.w3.org/2005/08/addressing";
+ String WSP_NS = "http://schemas.xmlsoap.org/ws/2004/09/policy";
+ String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...";
+ String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...";
+ String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
+ String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
+ String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ String SAML2_ASSERTION_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
// WSS Fault codes
- public static final QName SECURITY_TOKEN_UNAVAILABLE = new QName(WSSE_NS, "SecurityTokenUnavailable");
- public static final QName INVALID_SECURITY_TOKEN = new QName(WSSE_NS, "InvalidSecurityToken");
- public static final QName INVALID_SECURITY = new QName(WSSE_NS, "InvalidSecurity");
- public static final QName FAILED_AUTHENTICATION = new QName(WSSE_NS, "FailedAuthentication");
+ QName SECURITY_TOKEN_UNAVAILABLE = new QName(WSSE_NS, "SecurityTokenUnavailable");
+ QName INVALID_SECURITY_TOKEN = new QName(WSSE_NS, "InvalidSecurityToken");
+ QName INVALID_SECURITY = new QName(WSSE_NS, "InvalidSecurity");
+ QName FAILED_AUTHENTICATION = new QName(WSSE_NS, "FailedAuthentication");
//Token Types
- public static final String SAML2_TOKEN_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
- public static final String RSTR_STATUS_TOKEN_TYPE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status";
+ String SAML2_TOKEN_TYPE = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
+ String RSTR_STATUS_TOKEN_TYPE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status";
//Element Names
- public static final String BINARY_SECRET = "BinarySecret";
- public static final String ENTROPY = "Entropy";
- public static final String On_BEHALF_OF = "OnBehalfOf";
- public static final String KEY_SIZE = "KeySize";
- public static final String KEY_TYPE = "KeyType";
- public static final String RST = "RequestSecurityToken";
- public static final String RST_COLLECTION = "RequestSecurityTokenCollection";
- public static final String REQUEST_TYPE = "RequestType";
- public static final String TOKEN_TYPE = "TokenType";
- public static final String CANCEL_TARGET = "CancelTarget";
- public static final String RENEW_TARGET = "RenewTarget";
- public static final String VALIDATE_TARGET = "ValidateTarget";
- public static final String USE_KEY = "UseKey";
+ String BINARY_SECRET = "BinarySecret";
+ String CREATED = "Created";
+ String ENTROPY = "Entropy";
+ String EXPIRES = "Expires";
+ String On_BEHALF_OF = "OnBehalfOf";
+ String KEY_SIZE = "KeySize";
+ String KEY_TYPE = "KeyType";
+ String LIFETIME = "Lifetime";
+ String RST = "RequestSecurityToken";
+ String RSTR = "RequestSecurityTokenResponse";
+ String RST_COLLECTION = "RequestSecurityTokenCollection";
+ String RSTR_COLLECTION = "RequestSecurityTokenResponseCollection";
+ String REQUESTED_TOKEN = "RequestedSecurityToken";
+ String REQUESTED_ATTACHED_REFERENCE = "RequestedAttachedReference";
+ String REQUEST_TYPE = "RequestType";
+ String TOKEN_TYPE = "TokenType";
+ String CANCEL_TARGET = "CancelTarget";
+ String RENEW_TARGET = "RenewTarget";
+ String VALIDATE_TARGET = "ValidateTarget";
+ String USE_KEY = "UseKey";
//Attribute Names
- public static final String RST_CONTEXT = "Context";
- public static final String TYPE = "Type";
+ String RST_CONTEXT = "Context";
+ String TYPE = "Type";
+ String VALUE_TYPE = "ValueType";
+
+ public interface XMLDSig
+ {
+ String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
+ String KEYINFO = "KeyInfo";
+ String PREFIX = "ds";
+ String X509DATA = "X509Data";
+ String X509CERT = "X509Certificate";
+ }
+
+ public interface WSSE
+ {
+ String KEY_IDENTIFIER = "KeyIdentifier";
+ String KEY_IDENTIFIER_VALUETYPE_SAML = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID";
+ String PREFIX_11 = "wsse11";
+ String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference";
+ String USERNAME_TOKEN = "UsernameToken";
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTResponseAssertionHOKCertificateTestCase.java 2010-11-12 20:25:28 UTC (rev 553)
@@ -0,0 +1,91 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.wst;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
+import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
+import org.picketlink.identity.federation.ws.wss.secext.KeyIdentifierType;
+import org.picketlink.identity.federation.ws.wss.secext.SecurityTokenReferenceType;
+
+/**
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 11, 2010
+ */
+public class WSTResponseAssertionHOKCertificateTestCase
+{
+
+ @SuppressWarnings("rawtypes")
+ @Test
+ public void testWST_RSTR_Assertion() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-response-assertion-hok-certificate.xml" );
+
+ WSTrustParser parser = new WSTrustParser();
+ RequestSecurityTokenResponseCollection coll = (RequestSecurityTokenResponseCollection) parser.parse(configStream);
+ assertEquals(1, coll.getRequestSecurityTokenResponses().size() );
+
+ RequestSecurityTokenResponse rstr = coll.getRequestSecurityTokenResponses().get(0);
+
+ assertEquals( "testcontext", rstr.getContext() );
+ assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, rstr.getTokenType().toASCIIString() );
+
+ assertEquals( XMLTimeUtil.parse( "2010-11-11T16:34:19.602Z" ), rstr.getLifetime().getCreated() );
+ assertEquals( XMLTimeUtil.parse( "2010-11-11T18:34:19.602Z" ), rstr.getLifetime().getExpires() );
+
+ EndpointReferenceType endpoint = (EndpointReferenceType)((JAXBElement) rstr.getAppliesTo().getAny().get(0)).getValue();
+ assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
+
+ assertEquals( 128, rstr.getKeySize() );
+ assertEquals( WSTrustConstants.KEY_TYPE_PUBLIC, rstr.getKeyType().toASCIIString() );
+
+ AssertionType assertion = (AssertionType) rstr.getRequestedSecurityToken().getAny();
+ assertEquals( "ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", assertion.getID() );
+
+ RequestedReferenceType ref = rstr.getRequestedAttachedReference();
+ SecurityTokenReferenceType secRef = ref.getSecurityTokenReference();
+ assertNotNull( secRef );
+ Map<QName, String> map = secRef.getOtherAttributes();
+ QName wsseTokenType = new QName( WSTrustConstants.WSSE11_NS, WSTrustConstants.TOKEN_TYPE, WSTrustConstants.WSSE.PREFIX_11 );
+ assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, map.get(wsseTokenType) );
+
+ KeyIdentifierType keyId = (KeyIdentifierType) secRef.getAny().get(0);
+ assertEquals( "#ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f", keyId.getValue() );
+ assertEquals( WSTrustConstants.WSSE.KEY_IDENTIFIER_VALUETYPE_SAML, keyId.getValueType() );
+ }
+}
\ No newline at end of file
13 years, 5 months
- 1
- 0
Picketlink SVN: r552 - federation/trunk/picketlink-fed-core/src/test/resources/parser/wst.
by picketlink-commits@lists.jboss.org
Author: sguilhen(a)redhat.com
Date: 2010-11-11 12:43:49 -0500 (Thu, 11 Nov 2010)
New Revision: 552
Added:
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml
Log:
Adding sample WS-Trust response messages for testing purposes
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,78 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created>
+ <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires>
+ </wst:Lifetime>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Address>http://services.testcorp.org/provider2</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml2:Assertion ID="ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Issuer>Test STS</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
+ <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType">
+ <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:X509Data>
+ <dsig:X509Certificate>
+MIICVDCCAb0CBEn2ANAwDQYJKoZIhvcNAQEEBQAwcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMQ4wDAYDVQQHEwVNaWFtaTESMBAGA1UEChMJVGVjaG5vYnVnMRQwEgYDVQQLEwtTYW1wbGUgVW5pdDEbMBkGA1UEAxMSU2VydmljZSBQcm92aWRlciAxMB4XDTA5MDQyNzE5MDAzMloXDTA5MDcyNjE5MDAzMlowcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMQ4wDAYDVQQHEwVNaWFtaTESMBAGA1UEChMJVGVjaG5vYnVnMRQwEgYDVQQLEwtTYW1wbGUgVW5pdDEbMBkGA1UEAxMSU2VydmljZSBQcm92aWRlciAxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1yAvTR3PaBfYU77dznEb6PRPJWwAn3XDvp1kIObmaV2rkDwb+8dDkS2Y0pfl52ubKKK82kg/PA6GeL1c0/MCGCRnrZdCaQgKW/Tj+jh1SzZdLlMdBxYuV39jRUXoHJYgfhm7FZjew2SXo40T/qbeKYGhBS6D1tDPngxU1umB/hwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAK33IhDY8BGFf5A4gk4iQ8pOpfxq7khBerj5+5VaW5fdxbfs9vIpD2lLNkk0OnIEs5cd7ERqi2W7pb/M4yHVJ2/09JqAqVEbZYW/Gi88ZrxdfPexP5F9SnHkRwdMNPAV/XUXc0m6Jw44t02xzrgOVRyOaLE+X1Wvb1YWpLkgIua2
+ </dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ </saml2:SubjectConfirmationData>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>XOHHAGsbjaDmICo3hwutC7N31Nk=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+RS/FTE78ndmSjuccLTn4HuzBO90/PYvIufv57eZHftSOZIPC/5LeycMHK84a7dsE+CEslLJYdKEU
+3+rbg8cnN9mhEJEmNjVmjKvCvCrWPOj/0p2vImZPMOCTimlhipUMd65ldtdvps35sQBtE4jBIJ+N
+OB+stBdZbMGw16AQ8S0=
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw
+lYGGtrP5VQv00dfNPbs=
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+ </saml2:Assertion>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...">
+ <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
+#ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f
+ </wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,87 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created>
+ <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires>
+ </wst:Lifetime>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Address>http://services.testcorp.org/provider2</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml2:Assertion ID="ID_17a5f8b6-0c74-4df8-993d-ff51f00c57c7" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Issuer>Test STS</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
+ <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType">
+ <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <saml2:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <xenc:CipherData>
+ <xenc:CipherValue>Sq+duLMJvG9iRtcd4zSpIEPDfa7RCxf7pAP9hnjRjcIcBBVu//5jrzLOY67Su8TkNqG6Y4Oo+LiCriqsw78Rm+4fcZ79/aY2f9Pfo7H2xPsRP9B0yD7DsvKp03gNRp5y2OHL9fhSIgevswvVmspNbpn0BGecE9BwM69/9jU/fl8=
+ </xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedKey>
+ </dsig:KeyInfo>
+ </saml2:SubjectConfirmationData>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>2kY+t5BbdjKKg3vq0SIKCSLTR04=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+LNQLG+ZGKpIyrT0HM7Rvlie4P3TWK7N/MzKdL+FKu5VlzxzMVjt56b31SGufTl5Lgjx7P7b5MZRj
+QGwfQRxlfHP7zWGr5A3zyDtV8OS5u8UZt8dYaO96PyPYOzS82drb2ujPxx63cucvcQnONrQXr/Ob
+vsQ212ns9qYBk60G2Cg=
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw
+lYGGtrP5VQv00dfNPbs=
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+ </saml2:Assertion>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedProofToken>
+ <wst:ComputedKey>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1</wst:ComputedKey>
+ </wst:RequestedProofToken>
+ <wst:Entropy>
+ <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">dSRCR4Abu6c=</wst:BinarySecret>
+ </wst:Entropy>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...">
+ <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
+#ID_17a5f8b6-0c74-4df8-993d-ff51f00c57c7
+ </wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
+
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,81 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created>
+ <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires>
+ </wst:Lifetime>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Address>http://services.testcorp.org/provider2</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml2:Assertion ID="ID_22727062-ce90-44d3-a870-823ec0d69809" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Issuer>Test STS</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
+ <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType">
+ <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+ALXIC9NHc9oF9hTvt3OcRvo9E8lbACfdcO+nWQg5uZpXauQPBv7x0ORLZjSl+Xna5soorzaSD88DoZ4vVzT8wIYJGetl0JpCApb9OP6OHVLNl0uUx0HFi5Xf2NFRegcliB+GbsVmN7DZJejjRP+pt4pgaEFLoPW0M+eDFTW6YH+H
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </saml2:SubjectConfirmationData>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>N5WxOctBkA4K6JfkMjM7u0VPv+I=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+sfZJ7mQFaEsE+eeKBnccbi9ollA1byl37SrhjVAOpWHya9AwoY3iKliStQRIrdgYCMUcRJkw+OXl
+7lIc4kgbLWnfzBM9oy8AN4Vfa0O8hnGLY5GZP++18BlQluudVyDw3yBvkXC0NxIYuXi2O2nJQ9OB
+rGfVybfpTIPOp+oaAgY=
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw
+lYGGtrP5VQv00dfNPbs=
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+ </saml2:Assertion>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...">
+ <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
+#ID_22727062-ce90-44d3-a870-823ec0d69809
+ </wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,86 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created>
+ <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires>
+ </wst:Lifetime>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Address>http://services.testcorp.org/provider2</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml2:Assertion ID="ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Issuer>Test STS</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
+ <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType">
+ <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <saml2:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <xenc:CipherData>
+ <xenc:CipherValue>oeD3q5F1smRylk8s0aECc9aQf2HBEZpLnRLAHlz2K12yZ64j6Y5QYFKOQi/gwUnqnTsu/QGSVLUtR2k4BKwBKsRJo8bNoEafkzwWqsdZ7FteZvhAJ1cCJaSyWBNznaMHLPKb5J7phw3N6lPQblJprePOU+6ivGrdomdNC8DReVs=
+ </xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedKey>
+ </dsig:KeyInfo>
+ </saml2:SubjectConfirmationData>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>2Num77N2i/oDzItrDBA7oT39xqU=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+RZ15mBooDeqgbHExYz5+eWLdAerE8FW/c0kEcJ9jJZc7dIL8B0NTFkVtdJP0h0htdLqMDtKAS/0Z
+nE+8bGDoZGA2oFCDD0zMLHh5iqPNkqBjVWZVYClh7pOB7+iHUbDpcYICKPQupEDkkl3BYHCHljVS
+D46FGN0ARuAav0vtE8g=
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw
+lYGGtrP5VQv00dfNPbs=
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+ </saml2:Assertion>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedProofToken>
+ <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">vEkFafTxSjucwlle7aObtg==</wst:BinarySecret>
+ </wst:RequestedProofToken>
+ <wst:Entropy>
+ <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">vEkFafTxSjucwlle7aObtg==</wst:BinarySecret>
+ </wst:Entropy>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...">
+ <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
+#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae
+ </wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,61 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
+ <wst:RequestSecurityTokenResponse Context="testcontext">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created>2010-11-11T16:34:19.466Z</wsu:Created>
+ <wsu:Expires>2010-11-11T18:34:19.466Z</wsu:Expires>
+ </wst:Lifetime>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Address>http://services.testcorp.org/provider2</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml2:Assertion ID="ID_9e316914-0934-4138-b72b-d095a02da6c0" IssueInstant="2010-11-11T16:34:19.466Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Issuer>Test STS</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2010-11-11T16:34:19.466Z" NotOnOrAfter="2010-11-11T18:34:19.466Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="#ID_9e316914-0934-4138-b72b-d095a02da6c0">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>BqUzdf4lWiqRG9YZRKjTeWI7cdg=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+ANyfL86/tF5t+0XKnKMv5Gd3eV+mtqRvVxekEjAoDbc4bmZ9bAz3mpmNmcOXthrk6AlwasBA+AMS
+5gfHmCFXHcHhcQ2RvrfM8LtFrcxAnb2U/s7kTEJKmPRuLstjFAtA9BV3jKUTBt6siVZjMo8QP54r
+XwC2SZv0gVWhyYXEdH4=
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>
+suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw
+lYGGtrP5VQv00dfNPbs=
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+ </saml2:Assertion>
+ </wst:RequestedSecurityToken>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,6 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+ <wst:RequestSecurityTokenResponse Context="cancelcontext">
+ <wst:RequestedTokenCancelled/>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
+
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,9 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+ <wst:RequestSecurityTokenResponse Context="validatecontext">
+ <wst:TokenType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status</wst:TokenType>
+ <wst:Status>
+ <wst:Code>http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/invalid</wst:Code>
+ <wst:Reason>Validation failure: digital signature is invalid</wst:Reason>
+ </wst:Status>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml 2010-11-11 17:43:49 UTC (rev 552)
@@ -0,0 +1,9 @@
+<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+ <wst:RequestSecurityTokenResponse Context="validatecontext">
+ <wst:TokenType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status</wst:TokenType>
+ <wst:Status>
+ <wst:Code>http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid</wst:Code>
+ <wst:Reason>SAMLV2.0 Assertion successfuly validated</wst:Reason>
+ </wst:Status>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
13 years, 5 months
- 1
- 0
Picketlink SVN: r551 - in idm/branches/1.1.0: assembly and 18 other directories.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-10 10:58:25 -0500 (Wed, 10 Nov 2010)
New Revision: 551
Modified:
idm/branches/1.1.0/assembly/pom.xml
idm/branches/1.1.0/example/auth-simple/pom.xml
idm/branches/1.1.0/example/auth/pom.xml
idm/branches/1.1.0/example/simple/pom.xml
idm/branches/1.1.0/integration/deployer/pom.xml
idm/branches/1.1.0/integration/jboss5/pom.xml
idm/branches/1.1.0/integration/pom.xml
idm/branches/1.1.0/parent/pom.xml
idm/branches/1.1.0/picketlink-idm-api/pom.xml
idm/branches/1.1.0/picketlink-idm-auth/pom.xml
idm/branches/1.1.0/picketlink-idm-cache/pom.xml
idm/branches/1.1.0/picketlink-idm-common/pom.xml
idm/branches/1.1.0/picketlink-idm-core/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/pom.xml
idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
idm/branches/1.1.0/picketlink-idm-spi/pom.xml
idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
idm/branches/1.1.0/pom.xml
Log:
[maven-release-plugin] prepare for next development iteration
Modified: idm/branches/1.1.0/assembly/pom.xml
===================================================================
--- idm/branches/1.1.0/assembly/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/assembly/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -8,7 +8,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/example/auth/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/example/auth/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<artifactId>example-auth</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication</name>
Modified: idm/branches/1.1.0/example/auth-simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<artifactId>example-auth-simple</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication (using deployer)</name>
Modified: idm/branches/1.1.0/example/simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/simple/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/example/simple/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<artifactId>example-simple</artifactId>
<packaging>jar</packaging>
<name>Example - Simple PicketLink IDM Maven2 project</name>
Modified: idm/branches/1.1.0/integration/deployer/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
</parent>
<properties>
Modified: idm/branches/1.1.0/integration/jboss5/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
</parent>
<dependencies>
Modified: idm/branches/1.1.0/integration/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/integration/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -12,7 +12,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent/pom.xml</relativePath>
</parent>
Modified: idm/branches/1.1.0/parent/pom.xml
===================================================================
--- idm/branches/1.1.0/parent/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/parent/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -8,7 +8,7 @@
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
<packaging>pom</packaging>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<name>PicketLink IDM- Parent</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>PicketLink is a cross-cutting project that handles identity needs for the JEMS projects</description>
@@ -520,10 +520,4 @@
</dependency>
</dependencies>
</dependencyManagement>
-
- <scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1...</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1....</developerConnection>
- <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.CR01</url>
- </scm>
</project>
Modified: idm/branches/1.1.0/picketlink-idm-api/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-auth/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-cache/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-common/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-core/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/picketlink-idm-docs/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-spi/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/pom.xml
===================================================================
--- idm/branches/1.1.0/pom.xml 2010-11-10 15:57:47 UTC (rev 550)
+++ idm/branches/1.1.0/pom.xml 2010-11-10 15:58:25 UTC (rev 551)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01</version>
+ <version>1.1.7.CR02-SNAPSHOT</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -14,9 +14,9 @@
<description />
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/tags/1.1.7.CR01</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/tags/1.1.7.CR01</developerConnection>
- <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.CR01</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/branches/1.1.0</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/branches/1.1.0</developerConnection>
+ <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/jboss-par...</url>
</scm>
<profiles>
13 years, 5 months
- 1
- 0
Picketlink SVN: r550 - idm/tags.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-10 10:57:47 -0500 (Wed, 10 Nov 2010)
New Revision: 550
Added:
idm/tags/1.1.7.CR01/
Log:
[maven-scm] copy for tag 1.1.7.CR01
Copied: idm/tags/1.1.7.CR01 (from rev 549, idm/branches/1.1.0)
13 years, 5 months
- 1
- 0
Picketlink SVN: r549 - in idm/branches/1.1.0: assembly and 18 other directories.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-10 10:57:21 -0500 (Wed, 10 Nov 2010)
New Revision: 549
Modified:
idm/branches/1.1.0/assembly/pom.xml
idm/branches/1.1.0/example/auth-simple/pom.xml
idm/branches/1.1.0/example/auth/pom.xml
idm/branches/1.1.0/example/simple/pom.xml
idm/branches/1.1.0/integration/deployer/pom.xml
idm/branches/1.1.0/integration/jboss5/pom.xml
idm/branches/1.1.0/integration/pom.xml
idm/branches/1.1.0/parent/pom.xml
idm/branches/1.1.0/picketlink-idm-api/pom.xml
idm/branches/1.1.0/picketlink-idm-auth/pom.xml
idm/branches/1.1.0/picketlink-idm-cache/pom.xml
idm/branches/1.1.0/picketlink-idm-common/pom.xml
idm/branches/1.1.0/picketlink-idm-core/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
idm/branches/1.1.0/picketlink-idm-docs/pom.xml
idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
idm/branches/1.1.0/picketlink-idm-spi/pom.xml
idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
idm/branches/1.1.0/pom.xml
Log:
[maven-release-plugin] prepare release 1.1.7.CR01
Modified: idm/branches/1.1.0/assembly/pom.xml
===================================================================
--- idm/branches/1.1.0/assembly/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/assembly/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -8,7 +8,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/example/auth/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/example/auth/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<artifactId>example-auth</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication</name>
Modified: idm/branches/1.1.0/example/auth-simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/example/auth-simple/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<artifactId>example-auth-simple</artifactId>
<packaging>jar</packaging>
<name>Example - JEE authentication (using deployer)</name>
Modified: idm/branches/1.1.0/example/simple/pom.xml
===================================================================
--- idm/branches/1.1.0/example/simple/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/example/simple/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -1,7 +1,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.picketlink.idm.example</groupId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<artifactId>example-simple</artifactId>
<packaging>jar</packaging>
<name>Example - Simple PicketLink IDM Maven2 project</name>
Modified: idm/branches/1.1.0/integration/deployer/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/integration/deployer/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
</parent>
<properties>
Modified: idm/branches/1.1.0/integration/jboss5/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/integration/jboss5/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-integration</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
</parent>
<dependencies>
Modified: idm/branches/1.1.0/integration/pom.xml
===================================================================
--- idm/branches/1.1.0/integration/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/integration/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -12,7 +12,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent/pom.xml</relativePath>
</parent>
Modified: idm/branches/1.1.0/parent/pom.xml
===================================================================
--- idm/branches/1.1.0/parent/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/parent/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -8,7 +8,7 @@
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
<packaging>pom</packaging>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<name>PicketLink IDM- Parent</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>PicketLink is a cross-cutting project that handles identity needs for the JEMS projects</description>
@@ -520,4 +520,10 @@
</dependency>
</dependencies>
</dependencyManagement>
+
+ <scm>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1...</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1....</developerConnection>
+ <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.CR01</url>
+ </scm>
</project>
Modified: idm/branches/1.1.0/picketlink-idm-api/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-api/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-auth/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-auth/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-cache/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-cache/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-common/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-common/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-core/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-core/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-docs/ReferenceGuide/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../../parent</relativePath>
</parent>
Modified: idm/branches/1.1.0/picketlink-idm-docs/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-docs/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-hibernate/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-ldap/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-ldap/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-spi/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-spi/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml
===================================================================
--- idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/picketlink-idm-testsuite/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: idm/branches/1.1.0/pom.xml
===================================================================
--- idm/branches/1.1.0/pom.xml 2010-11-10 09:14:49 UTC (rev 548)
+++ idm/branches/1.1.0/pom.xml 2010-11-10 15:57:21 UTC (rev 549)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.idm</groupId>
<artifactId>picketlink-idm-parent</artifactId>
- <version>1.1.7.CR01-SNAPSHOT</version>
+ <version>1.1.7.CR01</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -14,9 +14,9 @@
<description />
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/branches/1.1.0</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/branches/1.1.0</developerConnection>
- <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/jboss-par...</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/idm/tags/1.1.7.CR01</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/idm/tags/1.1.7.CR01</developerConnection>
+ <url>http://anonsvn.jboss.org/repos/maven/poms/jboss-parent-pom/tags/1.1.7.CR01</url>
</scm>
<profiles>
13 years, 5 months
- 1
- 0
Picketlink SVN: r548 - in idm/branches/1.1.0: picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-10 04:14:49 -0500 (Wed, 10 Nov 2010)
New Revision: 548
Modified:
idm/branches/1.1.0/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java
idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
Log:
- fix usage of "childMembershipAttributeVirtual" LDAP config option
Modified: idm/branches/1.1.0/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java 2010-11-09 16:44:46 UTC (rev 547)
+++ idm/branches/1.1.0/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java 2010-11-10 09:14:49 UTC (rev 548)
@@ -903,7 +903,18 @@
defaultIdentityStore.createIdentityObject(defaultTargetCtx, toIdentity.getName(), toIdentity.getIdentityType());
}
- defaultIdentityStore.removeRelationship(defaultTargetCtx, fromIdentity, toIdentity, relationshipType, relationshipName);
+ Set<IdentityObjectRelationship> rels =
+ defaultIdentityStore.resolveRelationships(defaultTargetCtx, fromIdentity, toIdentity, relationshipType);
+
+ for (IdentityObjectRelationship rel : rels) {
+
+ if (rel.getName() == null || rel.getName().equals(relationshipName))
+ {
+ defaultIdentityStore.
+ removeRelationship(defaultTargetCtx, fromIdentity, toIdentity, relationshipType, relationshipName);
+ }
+ }
+
}
catch (IdentityException e)
{
Modified: idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-09 16:44:46 UTC (rev 547)
+++ idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-10 09:14:49 UTC (rev 548)
@@ -1941,12 +1941,15 @@
try
{
// Escape JNDI special characters
- Name jndiName = new CompositeName().add(ldapFromIO.getDn());
- Attributes attrs = ldapContext.getAttributes(jndiName);
+ Name fromJndiName = new CompositeName().add(ldapFromIO.getDn());
+ Attributes fromAttrs = ldapContext.getAttributes(fromJndiName);
+ Name toJndiName = new CompositeName().add(ldapToIO.getDn());
+ Attributes toAttrs = ldapContext.getAttributes(toJndiName);
+
if (fromTypeConfig.getParentMembershipAttributeName() != null)
{
- Attribute member = attrs.get(fromTypeConfig.getParentMembershipAttributeName());
+ Attribute member = fromAttrs.get(fromTypeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -1966,7 +1969,7 @@
}
else if (toTypeConfig.getChildMembershipAttributeName() != null)
{
- Attribute member = attrs.get(toTypeConfig.getChildMembershipAttributeName());
+ Attribute member = toAttrs.get(toTypeConfig.getChildMembershipAttributeName());
if (member != null)
{
@@ -1975,8 +1978,8 @@
{
String memberRef = memberValues.nextElement().toString();
- if ((fromTypeConfig.isChildMembershipAttributeDN() && memberRef.equals(ldapFromIO.getDn())) ||
- (!fromTypeConfig.isChildMembershipAttributeDN() && memberRef.equals(ldapFromIO.getName())))
+ if ((toTypeConfig.isChildMembershipAttributeDN() && memberRef.equals(ldapFromIO.getDn())) ||
+ (!toTypeConfig.isChildMembershipAttributeDN() && memberRef.equals(ldapFromIO.getName())))
{
//TODO: impl lacks support for rel type
relationships.add(new LDAPIdentityObjectRelationshipImpl(MEMBERSHIP_TYPE, ldapFromIO, ldapToIO));
Modified: idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2010-11-09 16:44:46 UTC (rev 547)
+++ idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2010-11-10 09:14:49 UTC (rev 548)
@@ -177,7 +177,7 @@
this.isChildMembershipAttributeDN = false;
}
- String isChildMembershipAttributeVirtual = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_DN);
+ String isChildMembershipAttributeVirtual = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_VIRTUAL);
if (isChildMembershipAttributeVirtual != null && isChildMembershipAttributeVirtual.equalsIgnoreCase("false"))
{
this.isChildMembershipAttributeVirtual = false;
13 years, 5 months
- 1
- 0
Picketlink SVN: r547 - in federation/trunk: picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets and 13 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2010-11-09 11:44:46 -0500 (Tue, 09 Nov 2010)
New Revision: 547
Modified:
federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SecurityActions.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaContext.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaSession.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletConfig.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletContext.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/openid/provider/OpenIDParameterList.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/auth/AbstractSTSLoginModule.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/handlers/STSSecurityHandler.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java
Log:
fix unused imports, suppress warnings and remove dead code
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaContext.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaContext.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaContext.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -69,7 +69,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 20, 2009
*/
-@SuppressWarnings("unchecked")
+@SuppressWarnings({ "unchecked", "rawtypes"})
public class MockCatalinaContext
implements Context, Container, ServletContext
{
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaSession.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaSession.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/mock/MockCatalinaSession.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -42,7 +42,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 20, 2009
*/
-@SuppressWarnings({"deprecation", "unchecked"})
+@SuppressWarnings({"deprecation", "unchecked", "rawtypes"})
public class MockCatalinaSession implements Session, HttpSession
{
private Map<String, Object> notes = new HashMap<String,Object>();
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletConfig.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletConfig.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletConfig.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -27,11 +27,11 @@
import javax.servlet.ServletContext;
-@SuppressWarnings("unchecked")
/**
* @author Anil.Saldhana(a)redhat.com
* @since Jan 28, 2009
*/
+@SuppressWarnings({"rawtypes"})
public class TestServletConfig implements ServletConfig
{
private ServletContext sc;
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletContext.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletContext.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletContext.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -33,12 +33,12 @@
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
-
-@SuppressWarnings("unchecked")
+
/**
* @author Anil.Saldhana(a)redhat.com
* @since Jan 28, 2009
*/
+@SuppressWarnings({ "rawtypes"})
public class TestServletContext implements ServletContext
{
private HashMap<String,String> params = new HashMap<String,String>();
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -37,12 +37,12 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-
-@SuppressWarnings("unchecked")
+
/**
* @author Anil.Saldhana(a)redhat.com
* @since Jan 28, 2009
*/
+@SuppressWarnings({ "rawtypes"})
public class TestServletRequest implements HttpServletRequest
{
private BufferedInputStream is = null;
Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SecurityActions.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SecurityActions.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -36,7 +36,7 @@
*/
class SecurityActions
{
- @SuppressWarnings("unchecked")
+ @SuppressWarnings({"rawtypes", "unchecked"})
static SecurityContext createSecurityContext() throws PrivilegedActionException
{
return (SecurityContext) AccessController.doPrivileged(new PrivilegedExceptionAction()
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/openid/provider/OpenIDParameterList.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/openid/provider/OpenIDParameterList.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/openid/provider/OpenIDParameterList.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -39,7 +39,7 @@
super();
}
- @SuppressWarnings("unchecked")
+ @SuppressWarnings({ "rawtypes"})
public OpenIDParameterList(Map parameterMap)
{
super(parameterMap);
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/sig/SAML2Signature.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -28,7 +28,6 @@
import javax.xml.bind.JAXBException;
import javax.xml.crypto.MarshalException;
-import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.XMLSignatureException;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -207,8 +207,8 @@
* @return
* @throws GeneralSecurityException
* @throws Exception
- */
- @SuppressWarnings("unchecked")
+ */
+ @SuppressWarnings("rawtypes")
private static List decryptPasswords( List keyValueList ) throws GeneralSecurityException
{
String pbeAlgo = PicketLinkFederationConstants.PBE_ALGORITHM;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -163,8 +163,7 @@
* the XML source containing the security token response message.
* @return the constructed {@code BaseRequestSecurityTokenResponse} instance. According to the WS-Trust
* specification, the returned object will be an instance of {@code RequestSecurityTokenResponseCollection}.
- */
- @SuppressWarnings("unchecked")
+ */
public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source response) throws WSTrustException
{
// if the response contains an issued token, we must preserve it from the JAXB unmarshalling.
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/WSTrustUtil.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -264,6 +264,7 @@
* @return a {@code byte[]} containing the secret; {@code null} if the specified entropy doesn't contain
* any secret.
*/
+ @SuppressWarnings("rawtypes")
public static byte[] getBinarySecret(EntropyType entropy)
{
byte[] secret = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/auth/AbstractSTSLoginModule.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/auth/AbstractSTSLoginModule.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/auth/AbstractSTSLoginModule.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -353,7 +353,7 @@
}
}
- @SuppressWarnings("unchecked")
+ @SuppressWarnings({"rawtypes", "unchecked"})
private void setPasswordStackingCredentials(final Builder builder)
{
final Map sharedState = (Map) this.sharedState;
@@ -440,7 +440,7 @@
this.samlToken = samlToken;
}
- @SuppressWarnings("unchecked")
+ @SuppressWarnings({"unchecked", "rawtypes"})
protected void setSharedToken(final Object token)
{
if (sharedState == null)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/handlers/STSSecurityHandler.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/handlers/STSSecurityHandler.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -205,8 +205,8 @@
return true;
}
-
- @SuppressWarnings("unchecked")
+
+ @SuppressWarnings({"rawtypes"})
private Element extractSecurityToken(final SOAPMessageContext messageContext, final QName securityQName, final QName tokenQName)
{
try
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -90,8 +90,7 @@
* the {@code Element} that contains the marshaled SAMLV2.0 assertion.
* @return a reference to the unmarshaled {@code AssertionType} instance.
* @throws JAXBException if an error occurs while unmarshalling the document.
- */
- @SuppressWarnings("unchecked")
+ */
public static AssertionType fromElement(Element assertionElement) throws JAXBException
{
Unmarshaller unmarshaller = JAXBUtil.getUnmarshaller("org.picketlink.identity.federation.saml.v2.assertion");
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityToken.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -183,8 +183,7 @@
* </p>
*
* @param delegate the JAXB {@code RequestSecurityTokenType} that represents a WS-Trust token request.
- */
- @SuppressWarnings("unchecked")
+ */
public RequestSecurityToken(RequestSecurityTokenType delegate)
{
this.delegate = delegate;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/wrappers/RequestSecurityTokenResponse.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -196,8 +196,7 @@
* </p>
*
* @param delegate the JAXB {@code RequestSecurityTokenResponseType} that represents a WS-Trust response.
- */
- @SuppressWarnings("unchecked")
+ */
public RequestSecurityTokenResponse(RequestSecurityTokenResponseType delegate)
{
this.delegate = delegate;
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/wstrust/PicketLinkSTSUnitTestCase.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -418,8 +418,8 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
- @SuppressWarnings("unchecked")
+ */
+ @SuppressWarnings("rawtypes")
public void testInvokeSAML20WithSTSGeneratedSymmetricKey() throws Exception
{
// create a simple token request, asking for a SAMLv2.0 token.
@@ -469,8 +469,8 @@
* </p>
*
* @throws Exception if an error occurs while running the test.
- */
- @SuppressWarnings("unchecked")
+ */
+ @SuppressWarnings("rawtypes")
public void testInvokeSAML20WithCombinedSymmetricKey() throws Exception
{
// create a 64-bit random client secret.
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -147,9 +147,7 @@
transitSet = new HashSet<String>();
inTransitMap.put(sessionID, transitSet);
}
- if(transitSet != null)
- return transitSet.add(participant);
- return false;
+ return transitSet.add(participant);
}
/**
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -83,7 +83,7 @@
private String encryptingAlias = null;
private TrustKeyManager keyManager;
- @SuppressWarnings("unchecked")
+ @SuppressWarnings("rawtypes")
@Override
public void init(ServletConfig config) throws ServletException
{
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -57,8 +57,8 @@
{
return params.get(arg0);
}
-
- @SuppressWarnings("unchecked")
+
+ @SuppressWarnings("rawtypes")
public Enumeration getInitParameterNames()
{
throw new RuntimeException("NYI");
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -43,7 +43,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 7, 2009
*/
-@SuppressWarnings("unchecked")
+@SuppressWarnings({ "unchecked", "rawtypes"})
public class MockHttpServletRequest implements HttpServletRequest
{
private HttpSession session = null;
@@ -58,11 +58,12 @@
this.session = session;
this.methodType = methodType;
}
-
+
public void addHeader(String key, String value)
{
headers.put(key, value);
}
+
public void addParameter(String key, String value)
{
parameters.put(key, value);
@@ -105,7 +106,6 @@
{
return iter.hasNext();
}
-
public Object nextElement()
{
Entry<String,String> entry = (Entry<String, String>) iter.next();
@@ -379,9 +379,7 @@
}
public void removeAttribute(String arg0)
- {
-
-
+ {
}
public void setAttribute(String arg0, Object arg1)
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -37,7 +37,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 7, 2009
*/
-@SuppressWarnings({"deprecation", "unchecked"})
+@SuppressWarnings({"deprecation", "unchecked", "rawtypes"})
public class MockHttpSession implements HttpSession
{
private boolean valid = true;
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -35,7 +35,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 7, 2009
*/
-@SuppressWarnings("unchecked")
+@SuppressWarnings({"unchecked", "rawtypes"})
public class MockServletConfig implements ServletConfig
{
private ServletContext context;
Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java 2010-11-09 14:37:52 UTC (rev 546)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java 2010-11-09 16:44:46 UTC (rev 547)
@@ -44,7 +44,7 @@
* @author Anil.Saldhana(a)redhat.com
* @since Oct 7, 2009
*/
-@SuppressWarnings("unchecked")
+@SuppressWarnings({ "unchecked", "rawtypes"})
public class MockServletContext implements ServletContext
{
private Map params = new HashMap();
13 years, 5 months
- 1
- 0
Picketlink SVN: r546 - idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap.
by picketlink-commits@lists.jboss.org
Author: bdaw
Date: 2010-11-09 09:37:52 -0500 (Tue, 09 Nov 2010)
New Revision: 546
Modified:
idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
Log:
- disable JNDI connection pooling for LDAP password validation as it was cached by JNDI
Modified: idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-09 08:59:39 UTC (rev 545)
+++ idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2010-11-09 14:37:52 UTC (rev 546)
@@ -2440,6 +2440,9 @@
env.put(Context.SECURITY_PRINCIPAL, ldapIO.getDn());
env.put(Context.SECURITY_CREDENTIALS, passwordString);
+ // Prevent password caching by JNDI connection poll
+ env.put("com.sun.jndi.ldap.connect.pool", "false");
+
InitialContext initialCtx = new InitialLdapContext(env, null);
if (initialCtx != null)
13 years, 5 months
- 1
- 0