Picketlink SVN: r1054 - federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 16:00:05 -0400 (Fri, 01 Jul 2011)
New Revision: 1054
Added:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParserTestCase.java
Removed:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java
Log:
PLFED-116: saml artifact resolve parsing
Deleted: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java 2011-07-01 19:58:08 UTC (rev 1053)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java 2011-07-01 20:00:05 UTC (rev 1054)
@@ -1,61 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.picketlink.test.identity.federation.core.parser.saml;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.io.InputStream;
-
-import org.junit.Test;
-import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
-import org.picketlink.identity.federation.saml.v2.protocol.ArtifactResolveType;
-
-/**
- * Unit test the parsing of {@link ArtifactResolveType}
- * @author Anil.Saldhana(a)redhat.com
- * @since Jul 1, 2011
- */
-public class SAMLArtifactResolveParerTestCase
-{
- @Test
- public void testSAMLArtifactResolveParse() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
-
- JAXPValidationUtil.validate(configStream);
- configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
-
- SAMLParser parser = new SAMLParser();
- ArtifactResolveType artifactResolve = (ArtifactResolveType) parser.parse(configStream);
- assertNotNull("ArtifactResolveType is not null", artifactResolve);
-
- assertEquals("ID_cce4ee769ed970b501d680f697989d14", artifactResolve.getID());
- assertEquals(XMLTimeUtil.parse("2004-12-05T09:21:58Z"), artifactResolve.getIssueInstant());
- assertEquals("https://sp.example.com/SAML2/ArtifactResolution", artifactResolve.getDestination().toString());
- assertEquals("https://idp.example.org/SAML2", artifactResolve.getIssuer().getValue());
- assertEquals("AAQAAMh48/1oXIM+sDo7Dh2qMp1HM4IF5DaRNmDj6RdUmllwn9jJHyEgIi8=", artifactResolve.getArtifact());
- }
-}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParserTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParserTestCase.java 2011-07-01 20:00:05 UTC (rev 1054)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
+import org.picketlink.identity.federation.saml.v2.protocol.ArtifactResolveType;
+
+/**
+ * Unit test the parsing of {@link ArtifactResolveType}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jul 1, 2011
+ */
+public class SAMLArtifactResolveParserTestCase
+{
+ @Test
+ public void testSAMLArtifactResolveParse() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
+
+ JAXPValidationUtil.validate(configStream);
+ configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
+
+ SAMLParser parser = new SAMLParser();
+ ArtifactResolveType artifactResolve = (ArtifactResolveType) parser.parse(configStream);
+ assertNotNull("ArtifactResolveType is not null", artifactResolve);
+
+ assertEquals("ID_cce4ee769ed970b501d680f697989d14", artifactResolve.getID());
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:21:58Z"), artifactResolve.getIssueInstant());
+ assertEquals("https://sp.example.com/SAML2/ArtifactResolution", artifactResolve.getDestination().toString());
+ assertEquals("https://idp.example.org/SAML2", artifactResolve.getIssuer().getValue());
+ assertEquals("AAQAAMh48/1oXIM+sDo7Dh2qMp1HM4IF5DaRNmDj6RdUmllwn9jJHyEgIi8=", artifactResolve.getArtifact());
+ }
+}
\ No newline at end of file
13 years, 6 months
Picketlink SVN: r1053 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/saml/v2/constants and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 15:58:08 -0400 (Fri, 01 Jul 2011)
New Revision: 1053
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLArtifactResolveParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-artifact-resolve.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
Log:
PLFED-116: saml artifact resolve parsing
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLArtifactResolveParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLArtifactResolveParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLArtifactResolveParser.java 2011-07-01 19:58:08 UTC (rev 1053)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.StartElement;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.saml.v2.protocol.ArtifactResolveType;
+
+/**
+ * Parse the {@link ArtifactResolveType}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jul 1, 2011
+ */
+public class SAMLArtifactResolveParser extends SAMLRequestAbstractParser implements ParserNamespaceSupport
+{
+ public Object parse(XMLEventReader xmlEventReader) throws ParsingException
+ {
+ //Get the startelement
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, JBossSAMLConstants.ARTIFACT_RESOLVE.get());
+
+ ArtifactResolveType artifactResolve = parseBaseAttributes(startElement);
+
+ while (xmlEventReader.hasNext())
+ {
+ //Let us peek at the next start element
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ break;
+ super.parseCommonElements(startElement, xmlEventReader, artifactResolve);
+ String elementName = StaxParserUtil.getStartElementName(startElement);
+
+ if (JBossSAMLConstants.ARTIFACT.get().equals(elementName))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ artifactResolve.setArtifact(StaxParserUtil.getElementText(xmlEventReader));
+ }
+ else if (JBossSAMLConstants.ISSUER.get().equals(elementName))
+ {
+ continue;
+ }
+ else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName))
+ {
+ continue;
+ }
+ else
+ throw new RuntimeException("Unknown Element:" + elementName + "::location=" + startElement.getLocation());
+ }
+ return artifactResolve;
+ }
+
+ public boolean supports(QName qname)
+ {
+ return JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(qname.getNamespaceURI());
+ }
+
+ /**
+ * Parse the attributes at the authnrequesttype element
+ * @param startElement
+ * @return
+ * @throws ParsingException
+ */
+ private ArtifactResolveType parseBaseAttributes(StartElement startElement) throws ParsingException
+ {
+ super.parseRequiredAttributes(startElement);
+ ArtifactResolveType authnRequest = new ArtifactResolveType(id, issueInstant);
+ //Let us get the attributes
+ super.parseBaseAttributes(startElement, authnRequest);
+
+ return authnRequest;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-07-01 17:50:35 UTC (rev 1052)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-07-01 19:58:08 UTC (rev 1053)
@@ -109,6 +109,12 @@
}
throw new RuntimeException("Unknown xsi:type=" + xsiTypeValue);
}
+ else if (JBossSAMLURIConstants.PROTOCOL_NSURI.get().equals(nsURI)
+ && JBossSAMLConstants.ARTIFACT_RESOLVE.get().equals(startElementName.getLocalPart()))
+ {
+ SAMLArtifactResolveParser artifactResolverParser = new SAMLArtifactResolveParser();
+ return artifactResolverParser.parse(xmlEventReader);
+ }
else if (JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get().equals(localPart))
{
SAMLXACMLRequestParser samlXacmlParser = new SAMLXACMLRequestParser();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-01 17:50:35 UTC (rev 1052)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-07-01 19:58:08 UTC (rev 1053)
@@ -30,6 +30,8 @@
{
ADDRESS( "Address" ),
ALLOW_CREATE( "AllowCreate" ),
+ ARTIFACT( "Artifact" ),
+ ARTIFACT_RESOLVE( "ArtifactResolve" ),
ARTIFACT_RESOLUTION_SERVICE( "ArtifactResolutionService" ),
ASSERTION( "Assertion" ),
ASSERTION_CONSUMER_SERVICE( "AssertionConsumerService" ),
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLArtifactResolveParerTestCase.java 2011-07-01 19:58:08 UTC (rev 1053)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
+import org.picketlink.identity.federation.saml.v2.protocol.ArtifactResolveType;
+
+/**
+ * Unit test the parsing of {@link ArtifactResolveType}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jul 1, 2011
+ */
+public class SAMLArtifactResolveParerTestCase
+{
+ @Test
+ public void testSAMLArtifactResolveParse() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
+
+ JAXPValidationUtil.validate(configStream);
+ configStream = tcl.getResourceAsStream("parser/saml2/saml2-artifact-resolve.xml");
+
+ SAMLParser parser = new SAMLParser();
+ ArtifactResolveType artifactResolve = (ArtifactResolveType) parser.parse(configStream);
+ assertNotNull("ArtifactResolveType is not null", artifactResolve);
+
+ assertEquals("ID_cce4ee769ed970b501d680f697989d14", artifactResolve.getID());
+ assertEquals(XMLTimeUtil.parse("2004-12-05T09:21:58Z"), artifactResolve.getIssueInstant());
+ assertEquals("https://sp.example.com/SAML2/ArtifactResolution", artifactResolve.getDestination().toString());
+ assertEquals("https://idp.example.org/SAML2", artifactResolve.getIssuer().getValue());
+ assertEquals("AAQAAMh48/1oXIM+sDo7Dh2qMp1HM4IF5DaRNmDj6RdUmllwn9jJHyEgIi8=", artifactResolve.getArtifact());
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-artifact-resolve.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-artifact-resolve.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-artifact-resolve.xml 2011-07-01 19:58:08 UTC (rev 1053)
@@ -0,0 +1,42 @@
+<samlp:ArtifactResolve
+ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ ID="ID_cce4ee769ed970b501d680f697989d14"
+ Version="2.0"
+ IssueInstant="2004-12-05T09:21:58Z"
+ Destination="https://sp.example.com/SAML2/ArtifactResolution">
+ <saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod
+ Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmlds#rsa-sha1" />
+ <ds:Reference URI="#ID_ab0392ef-b557-4453-95a8-a7e168da8ac5">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmlds#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmlds#sha1" />
+ <ds:DigestValue>0Y9QM5c5qCShz5UWmbFzBmbuTus=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>
+ se/flQ2htUQ0IUYieVkXNn9cfjnfgv6H99nFarsTNTpRI9xuSlw5OTai/2PYdZI2Va9+QzzBf99m
+ VFyigfFdfrqug6aKFhF0lsujzlFfPfmXBbDRiTFX+4SkBeV71uuy7rOUI/jRiitEA0QrKqs0e/pV
+ +C8PoaariisK96Mtt7A=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:KeyValue>
+ <ds:RSAKeyValue>
+ <ds:Modulus>
+ suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+ dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw
+ lYGGtrP5VQv00dfNPbs=
+ </ds:Modulus>
+ <ds:Exponent>AQAB</ds:Exponent>
+ </ds:RSAKeyValue>
+ </ds:KeyValue>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <samlp:Artifact>AAQAAMh48/1oXIM+sDo7Dh2qMp1HM4IF5DaRNmDj6RdUmllwn9jJHyEgIi8=</samlp:Artifact>
+ </samlp:ArtifactResolve>
\ No newline at end of file
13 years, 6 months
Picketlink SVN: r1052 - federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 13:50:35 -0400 (Fri, 01 Jul 2011)
New Revision: 1052
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchIssueParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustRenewTargetParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustValidateSamlTestCase.java
Log:
add writing
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchIssueParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchIssueParsingTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchIssueParsingTestCase.java 2011-07-01 17:50:35 UTC (rev 1052)
@@ -24,14 +24,20 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.List;
-import org.junit.Test;
+import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
+import org.w3c.dom.Document;
/**
* Unit Test the WS Trust batch issue
@@ -48,24 +54,32 @@
public void testWST_BatchIssue() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-batch-issue.xml" );
-
+ InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-batch-issue.xml");
+
WSTrustParser parser = new WSTrustParser();
- RequestSecurityTokenCollection requestCollection = (RequestSecurityTokenCollection) parser.parse( configStream );
- assertNotNull( "Request Security Token Collection is null?", requestCollection );
-
- List<RequestSecurityToken> tokens = requestCollection.getRequestSecurityTokens();
- assertEquals( 2, tokens.size() );
-
- RequestSecurityToken rst1 = tokens.get( 0 );
- assertEquals( "context1", rst1.getContext() );
- assertEquals( WSTrustConstants.BATCH_ISSUE_REQUEST, rst1.getRequestType().toASCIIString() );
- assertEquals( WSTrustConstants.SAML2_TOKEN_TYPE, rst1.getTokenType().toASCIIString() );
-
- RequestSecurityToken rst2 = tokens.get( 1 );
- assertEquals( "context2", rst2.getContext() );
- assertEquals( WSTrustConstants.BATCH_ISSUE_REQUEST , rst2.getRequestType().toASCIIString() );
- assertEquals( "http://www.tokens.org/SpecialToken" , rst2.getTokenType().toASCIIString() );
-
+ RequestSecurityTokenCollection requestCollection = (RequestSecurityTokenCollection) parser.parse(configStream);
+ assertNotNull("Request Security Token Collection is null?", requestCollection);
+
+ List<RequestSecurityToken> tokens = requestCollection.getRequestSecurityTokens();
+ assertEquals(2, tokens.size());
+
+ RequestSecurityToken rst1 = tokens.get(0);
+ assertEquals("context1", rst1.getContext());
+ assertEquals(WSTrustConstants.BATCH_ISSUE_REQUEST, rst1.getRequestType().toASCIIString());
+ assertEquals(WSTrustConstants.SAML2_TOKEN_TYPE, rst1.getTokenType().toASCIIString());
+
+ RequestSecurityToken rst2 = tokens.get(1);
+ assertEquals("context2", rst2.getContext());
+ assertEquals(WSTrustConstants.BATCH_ISSUE_REQUEST, rst2.getRequestType().toASCIIString());
+ assertEquals("http://www.tokens.org/SpecialToken", rst2.getTokenType().toASCIIString());
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
+
+ rstWriter.write(requestCollection);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueAppliesToTestCase.java 2011-07-01 17:50:35 UTC (rev 1052)
@@ -23,14 +23,20 @@
import static org.junit.Assert.assertEquals;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
+import org.w3c.dom.Document;
/**
* Validate the wst applies to parsing
@@ -38,21 +44,30 @@
* @since Oct 14, 2010
*/
public class WSTrustIssueAppliesToTestCase
-{
+{
@Test
public void testAppliesTo() throws Exception
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream configStream = tcl.getResourceAsStream( "parser/wst/wst-issue-appliesto.xml" );
-
+ InputStream configStream = tcl.getResourceAsStream("parser/wst/wst-issue-appliesto.xml");
+
WSTrustParser parser = new WSTrustParser();
- RequestSecurityToken requestToken = ( RequestSecurityToken ) parser.parse( configStream );
-
- assertEquals( "testcontext", requestToken.getContext() );
- assertEquals( WSTrustConstants.ISSUE_REQUEST , requestToken.getRequestType().toASCIIString() );
-
+ RequestSecurityToken requestToken = (RequestSecurityToken) parser.parse(configStream);
+
+ assertEquals("testcontext", requestToken.getContext());
+ assertEquals(WSTrustConstants.ISSUE_REQUEST, requestToken.getRequestType().toASCIIString());
+
AppliesTo appliesTo = requestToken.getAppliesTo();
EndpointReferenceType endpoint = (EndpointReferenceType) appliesTo.getAny().get(0);
- assertEquals( "http://services.testcorp.org/provider2", endpoint.getAddress().getValue() );
- }
+ assertEquals("http://services.testcorp.org/provider2", endpoint.getAddress().getValue());
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
+
+ rstWriter.write(requestToken);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustRenewTargetParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustRenewTargetParsingTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustRenewTargetParsingTestCase.java 2011-07-01 17:50:35 UTC (rev 1052)
@@ -23,16 +23,22 @@
import static org.junit.Assert.assertEquals;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
+import org.w3c.dom.Document;
/**
* Validate the parsing of wst-batch-validate.xml
@@ -59,5 +65,14 @@
assertEquals("Test STS", assertion.getIssuer().getValue());
SubjectType subject = assertion.getSubject();
assertEquals("jduke", ((NameIDType) subject.getSubType().getBaseID()).getValue());
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
+
+ rstWriter.write(requestToken);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustValidateSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustValidateSamlTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustValidateSamlTestCase.java 2011-07-01 17:50:35 UTC (rev 1052)
@@ -23,14 +23,20 @@
import static org.junit.Assert.assertEquals;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
+import org.w3c.dom.Document;
/**
* Validate the parsing of wst-validate-saml.xml
@@ -54,5 +60,14 @@
ValidateTargetType validateTarget = rst1.getValidateTarget();
AssertionType assertion = (AssertionType) validateTarget.getAny().get(0);
assertEquals("ID_654b6092-c725-40ea-8044-de453b59cb28", assertion.getID());
+
+ //Now for the writing part
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ WSTrustRequestWriter rstWriter = new WSTrustRequestWriter(baos);
+
+ rstWriter.write(rst1);
+
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
13 years, 6 months
Picketlink SVN: r1051 - federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 13:45:15 -0400 (Fri, 01 Jul 2011)
New Revision: 1051
Modified:
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
Log:
add schema validation
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustBatchValidateParsingTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -32,10 +32,12 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
+import org.w3c.dom.Document;
/**
* Validate the parsing of wst-batch-validate.xml
@@ -73,8 +75,9 @@
rstWriter.write(requestCollection);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
baos.close();
+
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
-
-}
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustCancelTargetSamlTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -34,6 +34,7 @@
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
@@ -43,6 +44,7 @@
import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.trust.CancelTargetType;
+import org.w3c.dom.Document;
/**
* Validate the WST Cancel Target for SAML assertions
@@ -73,7 +75,8 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
private void validateAssertion(AssertionType assertion) throws Exception
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicCertificateTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -31,12 +31,14 @@
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -76,6 +78,7 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssuePublicKeyTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -27,12 +27,14 @@
import org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.addressing.EndpointReferenceType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.UseKeyType;
+import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -73,6 +75,7 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueSymmetricKeyTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -30,6 +30,7 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
@@ -37,6 +38,7 @@
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.BinarySecretType;
import org.picketlink.identity.federation.ws.trust.EntropyType;
+import org.w3c.dom.Document;
/**
* Validate parsing of RST with Use Key set to Symmetric Key
@@ -75,6 +77,7 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustIssueTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -30,9 +30,11 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
+import org.w3c.dom.Document;
/**
* Validate simple RST parsing
@@ -60,6 +62,7 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2011-07-01 16:56:59 UTC (rev 1050)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/wst/WSTrustOnBehalfOfTestCase.java 2011-07-01 17:45:15 UTC (rev 1051)
@@ -32,11 +32,13 @@
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.wst.WSTrustParser;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.writers.WSTrustRequestWriter;
import org.picketlink.identity.federation.ws.trust.OnBehalfOfType;
import org.picketlink.identity.federation.ws.wss.secext.UsernameTokenType;
+import org.w3c.dom.Document;
/**
* Validate the OnBehalfOf parsing
@@ -70,6 +72,7 @@
rstWriter.write(requestToken);
- DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(doc));
}
}
\ No newline at end of file
13 years, 6 months
Picketlink SVN: r1050 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 12:56:59 -0400 (Fri, 01 Jul 2011)
New Revision: 1050
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11SubjectConfirmationType.java
Log:
PLFED-194: saml 1.1 token provider
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAML11ParserUtil.java 2011-07-01 16:56:59 UTC (rev 1050)
@@ -215,7 +215,7 @@
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
String method = StaxParserUtil.getElementText(xmlEventReader);
- subjectConfirmationType.addConfirmation(URI.create(method));
+ subjectConfirmationType.addConfirmationMethod(URI.create(method));
}
else if (startTag.equals(JBossSAMLConstants.SUBJECT_CONFIRMATION_DATA.get()))
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-01 16:56:59 UTC (rev 1050)
@@ -37,6 +37,7 @@
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -256,6 +257,37 @@
}
/**
+ * Check whether the assertion has expired
+ * @param assertion
+ * @return
+ * @throws ConfigurationException
+ */
+ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException
+ {
+ boolean expiry = false;
+
+ //Check for validity of assertion
+ SAML11ConditionsType conditionsType = assertion.getConditions();
+ if (conditionsType != null)
+ {
+ XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
+ XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
+ XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
+ if (trace)
+ log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter="
+ + notOnOrAfter);
+ expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
+ if (expiry)
+ {
+ log.info("Assertion has expired with id=" + assertion.getID());
+ }
+ }
+
+ //TODO: if conditions do not exist, assume the assertion to be everlasting?
+ return expiry;
+ }
+
+ /**
* Extract the expiration time from an {@link AssertionType}
* @param assertion
* @return
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java 2011-07-01 16:24:49 UTC (rev 1049)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAML11TokenProvider.java 2011-07-01 16:56:59 UTC (rev 1050)
@@ -35,7 +35,6 @@
import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
import org.picketlink.identity.federation.core.sts.AbstractSecurityTokenProvider;
@@ -48,13 +47,12 @@
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AudienceRestrictionCondition;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.assertion.KeyInfoConfirmationDataType;
-import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectConfirmationType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectConfirmationType;
-import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.ws.policy.AppliesTo;
import org.picketlink.identity.federation.ws.trust.RequestedReferenceType;
import org.picketlink.identity.federation.ws.trust.StatusType;
@@ -63,7 +61,7 @@
/**
* <p>
- * A {@code SecurityTokenProvider} implementation that handles WS-Trust SAML 2.0 token requests.
+ * A {@code SecurityTokenProvider} implementation that handles WS-Trust SAML 1.1 token requests.
* </p>
*
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
@@ -131,10 +129,10 @@
throw new ProcessingException("Invalid cancel request: missing required CancelTarget");
Element assertionElement = (Element) token.getFirstChild();
if (!this.isAssertion(assertionElement))
- throw new ProcessingException("CancelTarget doesn't not contain a SAMLV2.0 assertion");
+ throw new ProcessingException("CancelTarget doesn't not contain a SAMLV1.1 assertion");
// get the assertion ID and add it to the canceled assertions set.
- String assertionId = assertionElement.getAttribute("ID");
+ String assertionId = assertionElement.getAttribute(SAML11Constants.ASSERTIONID);
this.revocationRegistry.revokeToken(SAMLUtil.SAML11_TOKEN_TYPE, assertionId);
}
@@ -171,7 +169,10 @@
Principal principal = context.getCallerPrincipal();
String confirmationMethod = null;
- KeyInfoConfirmationDataType keyInfoDataType = null;
+ //KeyInfoConfirmationDataType keyInfoDataType = null;
+
+ Element keyInfo = null;
+
// if there is a on-behalf-of principal, we have the sender vouches confirmation method.
if (context.getOnBehalfOfPrincipal() != null)
{
@@ -182,19 +183,31 @@
else if (context.getProofTokenInfo() != null)
{
confirmationMethod = SAMLUtil.SAML11_HOLDER_OF_KEY_URI;
- keyInfoDataType = SAMLAssertionFactory.createKeyInfoConfirmation(context.getProofTokenInfo());
+ //keyInfoDataType = SAMLAssertionFactory.createKeyInfoConfirmation(context.getProofTokenInfo());
+ keyInfo = (Element) context.getProofTokenInfo().getContent().get(0);
}
else
confirmationMethod = SAMLUtil.SAML11_BEARER_URI;
- SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,
- confirmationMethod, keyInfoDataType);
+ /* SubjectConfirmationType subjectConfirmation = SAMLAssertionFactory.createSubjectConfirmation(null,
+ confirmationMethod, keyInfoDataType);
+ */
+ SAML11SubjectConfirmationType subjectConfirmation = new SAML11SubjectConfirmationType();
+ subjectConfirmation.addConfirmationMethod(URI.create(confirmationMethod));
+ if (keyInfo != null)
+ subjectConfirmation.setKeyInfo(keyInfo);
// create a subject using the caller principal or on-behalf-of principal.
String subjectName = principal == null ? "ANONYMOUS" : principal.getName();
- NameIDType nameID = SAMLAssertionFactory.createNameID(null, "urn:picketlink:identity-federation", subjectName);
- SubjectType subject = SAMLAssertionFactory.createSubject(nameID, subjectConfirmation);
+ SAML11NameIdentifierType nameID = new SAML11NameIdentifierType();
+ nameID.setNameQualifier("urn:picketlink:identity-federation");
+ nameID.setValue(subjectName);
+ SAML11SubjectTypeChoice subjectChoice = new SAML11SubjectTypeChoice(nameID);
+ SAML11SubjectType subject = new SAML11SubjectType();
+ subject.setChoice(subjectChoice);
+ subject.setSubjectConfirmation(subjectConfirmation);
+
// create the attribute statements if necessary.
List<StatementAbstractType> statements = null;
Map<String, Object> claimedAttributes = context.getClaimedAttributes();
@@ -203,6 +216,8 @@
statements = new ArrayList<StatementAbstractType>();
statements.add(StatementUtil.createAttributeStatement(claimedAttributes));
}
+ throw new RuntimeException("Implement");
+
/*
// create the SAML assertion.
NameIDType issuerID = SAMLAssertionFactory.createNameID(null, null, context.getTokenIssuer());
@@ -341,7 +356,7 @@
String code = WSTrustConstants.STATUS_CODE_VALID;
String reason = "SAMLV2.0 Assertion successfuly validated";
- AssertionType assertion = null;
+ SAML11AssertionType assertion = null;
Element assertionElement = (Element) token.getFirstChild();
if (!this.isAssertion(assertionElement))
{
@@ -352,7 +367,7 @@
{
try
{
- assertion = SAMLUtil.fromElement(assertionElement);
+ assertion = SAMLUtil.saml11FromElement(assertionElement);
}
catch (Exception e)
{
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11SubjectConfirmationType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11SubjectConfirmationType.java 2011-07-01 16:24:49 UTC (rev 1049)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v1/assertion/SAML11SubjectConfirmationType.java 2011-07-01 16:56:59 UTC (rev 1050)
@@ -49,17 +49,17 @@
protected Element keyInfo;
- public void addConfirmation(URI confirmation)
+ public void addConfirmationMethod(URI confirmation)
{
this.confirmationMethod.add(confirmation);
}
- public void addAllConfirmation(List<URI> confirmation)
+ public void addAllConfirmationMethod(List<URI> confirmation)
{
this.confirmationMethod.addAll(confirmation);
}
- public boolean removeConfirmation(URI confirmation)
+ public boolean removeConfirmationMethod(URI confirmation)
{
return this.confirmationMethod.remove(confirmation);
}
13 years, 6 months
Picketlink SVN: r1049 - in federation/trunk: picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 12:24:49 -0400 (Fri, 01 Jul 2011)
New Revision: 1049
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SystemPropertiesUtil.java
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
Log:
PLFED-199: centralize system prop
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -87,6 +87,7 @@
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
@@ -864,6 +865,8 @@
lifecycle.fireLifecycleEvent(START_EVENT, null);
started = true;
+ SystemPropertiesUtil.ensure();
+
//Get the chain from config
if (StringUtil.isNullOrEmpty(samlHandlerChainClass))
chain = SAML2HandlerChainFactory.createChain();
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -60,6 +60,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.HandlerUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
+import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.metadata.EndpointType;
import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
@@ -182,6 +183,7 @@
public void start() throws LifecycleException
{
super.start();
+ SystemPropertiesUtil.ensure();
processStart();
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -465,6 +465,12 @@
throw new RuntimeException("Expecting </" + tag + ">. Found </" + elementTag + ">");
}
+ /**
+ * Get the {@link Validator} for JAXP Validation
+ * @return
+ * @throws SAXException
+ * @throws IOException
+ */
public static Validator getSchemaValidator() throws SAXException, IOException
{
return JAXPValidationUtil.validator();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -43,6 +43,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.XACMLAuthzDecisionQueryType;
import org.w3c.dom.Document;
@@ -52,21 +53,20 @@
* @author Anil.Saldhana(a)redhat.com
* @since Jan 24, 2011
*/
-@WebServiceProvider(serviceName="SOAPSAMLXACMLPDP",portName="SOAPSAMLXACMLPort",
- targetNamespace="urn:picketlink:identity-federation:pdp",wsdlLocation="WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl")
+@WebServiceProvider(serviceName = "SOAPSAMLXACMLPDP", portName = "SOAPSAMLXACMLPort", targetNamespace = "urn:picketlink:identity-federation:pdp", wsdlLocation = "WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl")
public class SOAPSAMLXACMLPDP implements Provider<Source>
-{
- protected Logger log = Logger.getLogger( SOAPSAMLXACMLPDP.class );
-
+{
+ protected Logger log = Logger.getLogger(SOAPSAMLXACMLPDP.class);
+
@Resource
WebServiceContext context;
-
+
protected String policyConfigFileName = "policyConfig.xml";
-
+
protected PolicyDecisionPoint pdp;
-
+
protected String issuer = "PicketLinkPDP";
-
+
public SOAPSAMLXACMLPDP()
{
try
@@ -74,55 +74,55 @@
pdp = getPDP();
}
catch (PrivilegedActionException e)
- {
- throw new RuntimeException( e );
+ {
+ throw new RuntimeException(e);
}
}
-
+
public Source invoke(Source request)
- {
+ {
try
{
- Document doc = (Document) DocumentUtil.getNodeFromSource( request );
- if( log.isDebugEnabled() )
+ Document doc = (Document) DocumentUtil.getNodeFromSource(request);
+ if (log.isDebugEnabled())
{
- log.debug( "Received Message::" + DocumentUtil.asString(doc) );
+ log.debug("Received Message::" + DocumentUtil.asString(doc));
}
XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc);
ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
- SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter( xmlStreamWriter );
- samlResponseWriter.write( samlResponseType );
- Document responseDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
-
- return new DOMSource( responseDocument.getDocumentElement());
+ SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter(xmlStreamWriter);
+ samlResponseWriter.write(samlResponseType);
+ Document responseDocument = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+
+ return new DOMSource(responseDocument.getDocumentElement());
}
- catch ( Exception e )
- {
- throw new RuntimeException( e) ;
- }
- }
-
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
private PolicyDecisionPoint getPDP() throws PrivilegedActionException
- {
- SecurityActions.setSystemProperty( "org.jboss.security.xacml.schema.validation", "false" );
-
+ {
+ SystemPropertiesUtil.ensure();
+
ClassLoader tcl = SecurityActions.getContextClassLoader();
- URL url = tcl.getResource( policyConfigFileName );
- if( url == null)
- throw new IllegalStateException(policyConfigFileName + " could not be located");
-
+ URL url = tcl.getResource(policyConfigFileName);
+ if (url == null)
+ throw new IllegalStateException(policyConfigFileName + " could not be located");
+
InputStream is;
try
{
is = url.openStream();
}
catch (IOException e)
- {
- throw new RuntimeException( e );
+ {
+ throw new RuntimeException(e);
}
- return new JBossPDP(is);
- }
+ return new JBossPDP(is);
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -26,7 +26,6 @@
import java.net.URL;
import java.util.List;
-import javax.xml.XMLConstants;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
@@ -89,8 +88,7 @@
public static Validator validator() throws SAXException, IOException
{
- String schemaFactoryProperty = "javax.xml.validation.SchemaFactory:" + XMLConstants.W3C_XML_SCHEMA_NS_URI;
- SecurityActions.setSystemProperty(schemaFactoryProperty, "org.apache.xerces.jaxp.validation.XMLSchemaFactory");
+ SystemPropertiesUtil.ensure();
if (validator == null)
{
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SystemPropertiesUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SystemPropertiesUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SystemPropertiesUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -0,0 +1,64 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.util;
+
+import javax.xml.XMLConstants;
+
+/**
+ * Utility dealing with the system properties at the JVM level
+ * for PicketLink
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Jul 1, 2011
+ */
+public class SystemPropertiesUtil
+{
+ static
+ {
+ //XML Signature
+ String xmlSec = "org.apache.xml.security.ignoreLineBreaks";
+ if (StringUtil.isNullOrEmpty(SecurityActions.getSystemProperty(xmlSec, "")))
+ {
+ SecurityActions.setSystemProperty(xmlSec, "true");
+ }
+
+ //For JAXP Validation
+ String schemaFactoryProperty = "javax.xml.validation.SchemaFactory:" + XMLConstants.W3C_XML_SCHEMA_NS_URI;
+ if (StringUtil.isNullOrEmpty(SecurityActions.getSystemProperty(schemaFactoryProperty, "")))
+ {
+ SecurityActions.setSystemProperty(schemaFactoryProperty, "org.apache.xerces.jaxp.validation.XMLSchemaFactory");
+ }
+
+ //For the XACML Engine
+ String xacmlValidation = "org.jboss.security.xacml.schema.validation";
+ if (StringUtil.isNullOrEmpty(SecurityActions.getSystemProperty(xacmlValidation, "")))
+ {
+ SecurityActions.setSystemProperty(xacmlValidation, "false");
+ }
+ };
+
+ /**
+ * No-op call such that the default system properties are set
+ */
+ public static void ensure()
+ {
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/XMLSignatureUtil.java 2011-07-01 16:24:49 UTC (rev 1049)
@@ -23,12 +23,10 @@
import java.io.ByteArrayInputStream;
import java.io.OutputStream;
-import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.PrivateKey;
-import java.security.PrivilegedAction;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -106,14 +104,7 @@
//Set some system properties
static
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
- {
- public Object run()
- {
- System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
- return null;
- }
- });
+ SystemPropertiesUtil.ensure();
};
/**
13 years, 6 months
Picketlink SVN: r1048 - in federation/trunk: picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request and 5 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-07-01 11:40:09 -0400 (Fri, 01 Jul 2011)
New Revision: 1048
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
Log:
PLFED-188: jaxp schema validation
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -47,7 +47,6 @@
import org.picketlink.identity.federation.api.saml.v2.metadata.MetaDataExtractor;
import org.picketlink.identity.federation.core.config.SPType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
-import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.handler.config.Handlers;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
@@ -57,6 +56,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.HandlerUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
@@ -68,6 +68,7 @@
import org.picketlink.identity.federation.saml.v2.metadata.KeyDescriptorType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
+import org.w3c.dom.Document;
/**
* Base Class for Service Provider Form Authenticators
@@ -313,13 +314,14 @@
if (is == null)
return;
- SAMLParser parser = new SAMLParser();
Object metadata = null;
try
{
- metadata = parser.parse(is);
+ Document samlDocument = DocumentUtil.getDocument(is);
+ SAMLParser parser = new SAMLParser();
+ metadata = parser.parse(DocumentUtil.getNodeAsStream(samlDocument));
}
- catch (ParsingException e)
+ catch (Exception e)
{
throw new RuntimeException(e);
}
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -44,6 +44,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLRequestWriter;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
@@ -149,6 +150,7 @@
Document samlDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
+ JAXPValidationUtil.checkSchemaValidation(samlDocument);
SAML2Object requestType = (SAML2Object) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
@@ -173,6 +175,7 @@
Document samlDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
+ JAXPValidationUtil.checkSchemaValidation(samlDocument);
RequestAbstractType requestType = (RequestAbstractType) samlParser.parse(DocumentUtil
.getNodeAsStream(samlDocument));
@@ -198,6 +201,8 @@
Document samlDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
+ JAXPValidationUtil.checkSchemaValidation(samlDocument);
+
AuthnRequestType requestType = (AuthnRequestType) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
return requestType;
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -54,6 +54,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.ActionType;
@@ -276,15 +277,21 @@
* @param is
* @return
* @throws ParsingException
+ * @throws ProcessingException
+ * @throws ConfigurationException
*/
- public EncryptedAssertionType getEncryptedAssertion(InputStream is) throws ParsingException
+ public EncryptedAssertionType getEncryptedAssertion(InputStream is) throws ParsingException, ConfigurationException,
+ ProcessingException
{
if (is == null)
throw new IllegalArgumentException("inputstream is null");
+ Document samlDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
- return (EncryptedAssertionType) samlParser.parse(is);
+ JAXPValidationUtil.checkSchemaValidation(samlDocument);
+ return (EncryptedAssertionType) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
+
}
/**
@@ -292,14 +299,19 @@
* @param is
* @return
* @throws ParsingException
+ * @throws ProcessingException
+ * @throws ConfigurationException
*/
- public AssertionType getAssertionType(InputStream is) throws ParsingException
+ public AssertionType getAssertionType(InputStream is) throws ParsingException, ConfigurationException,
+ ProcessingException
{
if (is == null)
throw new IllegalArgumentException("inputstream is null");
+ Document samlDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
- return (AssertionType) samlParser.parse(is);
+ JAXPValidationUtil.checkSchemaValidation(samlDocument);
+ return (AssertionType) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
}
/**
@@ -327,6 +339,8 @@
Document samlResponseDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = new SAMLParser();
+ JAXPValidationUtil.checkSchemaValidation(samlResponseDocument);
+
ResponseType responseType = (ResponseType) samlParser.parse(DocumentUtil.getNodeAsStream(samlResponseDocument));
samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
@@ -353,6 +367,8 @@
log.trace("RESPONSE=" + DocumentUtil.asString(samlResponseDocument));
SAMLParser samlParser = new SAMLParser();
+ JAXPValidationUtil.checkSchemaValidation(samlResponseDocument);
+
InputStream responseStream = DocumentUtil.getNodeAsStream(samlResponseDocument);
SAML2Object responseType = (SAML2Object) samlParser.parse(responseStream);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -46,11 +46,12 @@
import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.saml.v2.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.w3c.dom.Node;
/**
@@ -94,6 +95,9 @@
{
XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader(DocumentUtil.getNodeAsStream(samlResponse));
SAMLParser samlParser = new SAMLParser();
+
+ JAXPValidationUtil.checkSchemaValidation(samlResponse);
+
org.picketlink.identity.federation.saml.v2.protocol.ResponseType response = (org.picketlink.identity.federation.saml.v2.protocol.ResponseType) samlParser
.parse(xmlEventReader);
List<RTChoiceType> choices = response.getAssertions();
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -34,6 +34,9 @@
import javax.xml.validation.Validator;
import org.apache.log4j.Logger;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.w3c.dom.Node;
import org.xml.sax.ErrorHandler;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
@@ -63,6 +66,27 @@
validator().validate(new StreamSource(stream));
}
+ /**
+ * Based on system property "picketlink.schema.validate" set to "true",
+ * do schema validation
+ * @param samlDocument
+ * @throws ProcessingException
+ */
+ public static void checkSchemaValidation(Node samlDocument) throws ProcessingException
+ {
+ if (SecurityActions.getSystemProperty("picketlink.schema.validate", "false").equalsIgnoreCase("true"))
+ {
+ try
+ {
+ JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(samlDocument));
+ }
+ catch (Exception e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+ }
+
public static Validator validator() throws SAXException, IOException
{
String schemaFactoryProperty = "javax.xml.validation.SchemaFactory:" + XMLConstants.W3C_XML_SCHEMA_NS_URI;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/SAMLUtil.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -32,6 +32,7 @@
import org.picketlink.identity.federation.core.saml.v1.writers.SAML11AssertionWriter;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLAssertionWriter;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
@@ -130,6 +131,8 @@
ConfigurationException, ParsingException
{
SAMLParser samlParser = new SAMLParser();
+
+ JAXPValidationUtil.checkSchemaValidation(assertionElement);
AssertionType assertion = (AssertionType) samlParser.parse(DocumentUtil.getNodeAsStream(assertionElement));
return assertion;
}
@@ -143,6 +146,8 @@
public static SAML11AssertionType saml11FromElement(Element assertionElement) throws GeneralSecurityException
{
SAMLParser samlParser = new SAMLParser();
+
+ JAXPValidationUtil.checkSchemaValidation(assertionElement);
return (SAML11AssertionType) samlParser.parse(DocumentUtil.getNodeAsStream(assertionElement));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2011-06-30 23:50:05 UTC (rev 1047)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2011-07-01 15:40:09 UTC (rev 1048)
@@ -55,22 +55,23 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.EncryptedAssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
-import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
-import org.picketlink.identity.federation.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
@@ -414,6 +415,8 @@
Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey);
SAMLParser parser = new SAMLParser();
+
+ JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement);
AssertionType assertion = (AssertionType) parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil
.getNodeAsStream(decryptedDocumentElement)));
13 years, 6 months