Picketlink SVN: r1164 - in federation/trunk/picketlink-webapps: employee-standalone/src/main/webapp/WEB-INF and 1 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 11:44:11 -0400 (Tue, 09 Aug 2011)
New Revision: 1164
Modified:
federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/sales-standalone/src/main/webapp/index.jsp
Log:
standalone apps
Modified: federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/WEB-INF/web.xml 2011-08-09 15:43:40 UTC (rev 1163)
+++ federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/WEB-INF/web.xml 2011-08-09 15:44:11 UTC (rev 1164)
@@ -3,46 +3,23 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
+ <description>Employee Standalone Application</description>
- <display-name>Test Employee Application</display-name>
- <description>
- Just a Test SP
- </description>
+ <filter>
+ <description>
+ The SP Filter intersects all requests at the SP and sees if there is a need to contact the IDP.
+ </description>
+ <filter-name>SPFilter</filter-name>
+ <filter-class>org.picketlink.identity.federation.web.filters.SPFilter</filter-class>
+ <init-param>
+ <param-name>ROLES</param-name>
+ <param-value>employee,manager</param-value>
+ </init-param>
+ </filter>
- <!-- Define a Security Constraint on this Application -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>EMPLOYEE Application</web-resource-name>
- <url-pattern>/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>manager</role-name>
- </auth-constraint>
- </security-constraint>
-
- <!-- Define a security constraint that gives unlimted access to freezone -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>freezone</web-resource-name>
- <url-pattern>/freezone/*</url-pattern>
- </web-resource-collection>
- </security-constraint>
-
- <!-- Define the Login Configuration for this Application -->
- <login-config>
- <auth-method>FORM</auth-method>
- <realm-name>Tomcat EMPLOYEE Application</realm-name>
- <form-login-config>
- <form-login-page>/jsp/login.jsp</form-login-page>
- <form-error-page>/jsp/loginerror.jsp</form-error-page>
- </form-login-config>
- </login-config>
-
- <!-- Security roles referenced by this web application -->
- <security-role>
- <description>
- The role that is required to log in to the EMPLOYEE Application
- </description>
- <role-name>manager</role-name>
- </security-role>
+ <filter-mapping>
+ <filter-name>SPFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ </filter-mapping>
</web-app>
Modified: federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/index.jsp 2011-08-09 15:43:40 UTC (rev 1163)
+++ federation/trunk/picketlink-webapps/employee-standalone/src/main/webapp/index.jsp 2011-08-09 15:44:11 UTC (rev 1164)
@@ -1,7 +1,14 @@
<div align="center">
<h1>EmployeeDashboard</h1>
<br/>
-Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%>
+Welcome to the Employee Tool,
+<%
+java.security.Principal principal = (java.security.Principal)session.getAttribute("picketlink.principal");
+if(principal != null)
+out.println(principal.getName());
+else
+out.println("Null Principal");
+%>
<br/>
Here is your cartoon of the day:
Modified: federation/trunk/picketlink-webapps/sales-standalone/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-standalone/src/main/webapp/index.jsp 2011-08-09 15:43:40 UTC (rev 1163)
+++ federation/trunk/picketlink-webapps/sales-standalone/src/main/webapp/index.jsp 2011-08-09 15:44:11 UTC (rev 1164)
@@ -1,8 +1,17 @@
<div align="center">
<h1>SalesTool</h1>
<br/>
-Welcome to the Sales Tool
+Welcome to the Sales Tool,
+<%
+java.security.Principal principal = (java.security.Principal)session.getAttribute("picketlink.principal");
+if(principal != null)
+out.println(principal.getName());
+else
+out.println("Null Principal");
+%>
+
+
<br/>
Here is your sales chart:
<br/>
13 years, 1 month
- 1
- 0
Picketlink SVN: r1163 - federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 11:43:40 -0400 (Tue, 09 Aug 2011)
New Revision: 1163
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java
Log:
change to error
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2011-08-09 15:41:08 UTC (rev 1162)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/filters/SPFilter.java 2011-08-09 15:43:40 UTC (rev 1163)
@@ -358,9 +358,8 @@
}
catch (Exception e)
{
- if (trace)
- log.trace("Server Exception:", e);
- throw new ServletException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION + "Server Exception");
+ log.error("Server Exception:", e);
+ throw new ServletException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION);
}
}
13 years, 1 month
- 1
- 0
Picketlink SVN: r1162 - federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 11:41:08 -0400 (Tue, 09 Aug 2011)
New Revision: 1162
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
Log:
change to pl
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-08-09 14:45:08 UTC (rev 1161)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-08-09 15:41:08 UTC (rev 1162)
@@ -70,13 +70,13 @@
String NAMEID_FORMAT = "NAMEID_FORMAT";
- String PRINCIPAL_ID = "jboss_identity.principal";
+ String PRINCIPAL_ID = "picketlink.principal";
String RELAY_STATE = "RelayState";
String ROLES = "ROLES";
- String ROLES_ID = "jboss_identity.roles";
+ String ROLES_ID = "picketlink.roles";
String ROLE_GENERATOR = "ROLE_GENERATOR";
13 years, 1 month
- 1
- 0
Picketlink SVN: r1161 - in integration-tests/trunk: ant-scripts and 3 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 10:45:08 -0400 (Tue, 09 Aug 2011)
New Revision: 1161
Added:
integration-tests/trunk/picketlink-saml-standalone/
integration-tests/trunk/picketlink-saml-standalone/pom.xml
integration-tests/trunk/picketlink-saml-standalone/src/
integration-tests/trunk/picketlink-saml-standalone/src/test/
integration-tests/trunk/picketlink-saml-standalone/src/test/java/
Modified:
integration-tests/trunk/ant-scripts/ant-build.xml
Log:
add saml standalone
Modified: integration-tests/trunk/ant-scripts/ant-build.xml
===================================================================
--- integration-tests/trunk/ant-scripts/ant-build.xml 2011-08-09 14:01:48 UTC (rev 1160)
+++ integration-tests/trunk/ant-scripts/ant-build.xml 2011-08-09 14:45:08 UTC (rev 1161)
@@ -63,6 +63,15 @@
<chmod dir="${basedir}/target/apache-tomcat-6.0.26/bin" perm="700" includes="**/*.jar"/>
</target>
+ <target name="copy-standalone-tomcat6" depends="copy-picketlink-tomcat6">
+ <copy file="${localRepository}/org/picketlink/idp-standalone/${version}/idp-standalone-${version}.war" todir="${TOMCAT6_DEPLOY}"/>
+ <move file="${TOMCAT6_DEPLOY}/idp-standalone-${version}.war" tofile="${TOMCAT6_DEPLOY}/idp-standalone.war"/>
+ <copy file="${localRepository}/org/picketlink/sales-standalone/${version}/sales-standalone-${version}.war" todir="${TOMCAT6_DEPLOY}"/>
+ <move file="${TOMCAT6_DEPLOY}/sales-standalone-${version}.war" tofile="${TOMCAT6_DEPLOY}/sales-standalone.war"/>
+ <copy file="${localRepository}/org/picketlink/employee-standalone/${version}/employee-standalone-${version}.war" todir="${TOMCAT6_DEPLOY}"/>
+ <move file="${TOMCAT6_DEPLOY}/employee-standalone-${version}.war" tofile="${TOMCAT6_DEPLOY}/employee-standalone.war"/>
+ </target>
+
<target name="copy-picketlink-jboss">
<mkdir dir="${deploy}/picketlink" />
<copy file="${localRepository}/org/picketlink/picketlink-bindings/${version}/picketlink-bindings-${version}.jar" todir="${deploy}/picketlink"/>
@@ -158,6 +167,8 @@
<echo>:Local 8080 Started</echo>
</target>
+ <target name="start-tomcat6-standalone" depends="copy-standalone-tomcat6,start-tomcat6"/>
+
<target name="stop-jboss">
<echo>Stopping Local 8080 </echo>
<echo>Going to Kill the JBoss Process</echo>
Property changes on: integration-tests/trunk/picketlink-saml-standalone
___________________________________________________________________
Added: svn:ignore
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
Added: integration-tests/trunk/picketlink-saml-standalone/pom.xml
===================================================================
--- integration-tests/trunk/picketlink-saml-standalone/pom.xml (rev 0)
+++ integration-tests/trunk/picketlink-saml-standalone/pom.xml 2011-08-09 14:45:08 UTC (rev 1161)
@@ -0,0 +1,154 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-integration-tests-parent</artifactId>
+ <version>2.0.0-SNAPSHOT</version>
+ <relativePath>../parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>picketlink-integration-saml-tests-standalone</artifactId>
+ <packaging>jar</packaging>
+ <name>PicketLink Integration Tests for SAML - Standalone</name>
+ <url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Federation Tests to be run in a continous integration environment such as Hudson</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <properties>
+ <java.endorsed.dirs>${basedir}/../picketlink-saml-tests/src/test/resources/endorsed</java.endorsed.dirs>
+ <SERVICE_1_URL>http://localhost:8080/sales-post/</SERVICE_1_URL>
+ <SERVICE_2_URL>http://localhost:8080/employee-post/</SERVICE_2_URL>
+ <SERVICE_3_URL>http://localhost:8080/sales/</SERVICE_3_URL>
+ <SERVICE_4_URL>http://localhost:8080/employee/</SERVICE_4_URL>
+ </properties>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.4.3</version>
+ <configuration>
+ <phase>test</phase>
+ <printSummary>true</printSummary>
+ <disableXmlReport>false</disableXmlReport>
+ <includes>
+ <include>**/**TestCase.java</include>
+ </includes>
+ <forkMode>pertest</forkMode>
+ <argLine>-Djava.endorsed.dirs=${basedir}/../picketlink-saml-tests/src/test/resources/endorsed</argLine>
+ <useFile>false</useFile>
+ <trimStackTrace>false</trimStackTrace>
+ </configuration>
+ </plugin>
+ <plugin>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>phase-1</id>
+ <phase>compile</phase>
+ <configuration>
+ <tasks>
+ <property name="depclasspath" refid="maven.dependency.classpath"/>
+ <property name="version" value="${project.version}"/>
+ <property name="localRepository" value="${user.home}/.m2/repository"/>
+ <ant antfile="${basedir}/../ant-scripts/ant-build.xml" target="start-tomcat6-standalone" />
+ </tasks>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>phase-2</id>
+ <phase>test</phase>
+ <configuration>
+ <tasks>
+ <property name="depclasspath" refid="maven.dependency.classpath"/>
+ <property name="version" value="${version}"/>
+ <property name="localRepository" value="${user.home}/.m2/repository"/>
+ <ant antfile="${basedir}/../ant-scripts/ant-build.xml" target="stop-tomcat6" />
+ </tasks>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>httpunit</groupId>
+ <artifactId>httpunit</artifactId>
+ <version>1.7</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>rhino</groupId>
+ <artifactId>js</artifactId>
+ <version>1.6R7</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>nekohtml</groupId>
+ <artifactId>nekohtml</artifactId>
+ <version>1.9.12</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>apache-xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.9.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>ant-contrib</groupId>
+ <artifactId>ant-contrib</artifactId>
+ <version>1.0b2</version>
+ </dependency>
+
+ </dependencies>
+
+ <reporting>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <doclet>org.jboss.apiviz.APIviz</doclet>
+ <docletArtifact>
+ <groupId>org.jboss.apiviz</groupId>
+ <artifactId>apiviz</artifactId>
+ <version>1.2.5.GA</version>
+ </docletArtifact>
+ <additionalparam>
+ -charset UTF-8
+ -docencoding UTF-8
+ -version
+ -author
+ -breakiterator
+ -windowtitle "${project.name} ${project.version} API Reference"
+ -doctitle "${project.name} ${project.version} API Reference"
+ -bottom "Copyright © ${project.inceptionYear}-Present ${project.organization.name}. All Rights Reserved."
+ -link http://java.sun.com/javase/6/docs/api/
+ -sourceclasspath ${project.build.outputDirectory}
+ </additionalparam>
+ <encoding>UTF-8</encoding>
+ </configuration>
+ </plugin>
+ </plugins>
+ </reporting>
+</project>
13 years, 1 month
- 1
- 0
Picketlink SVN: r1160 - integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 10:01:48 -0400 (Tue, 09 Aug 2011)
New Revision: 1160
Modified:
integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java
Log:
fix
Modified: integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java
===================================================================
--- integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java 2011-08-09 13:34:50 UTC (rev 1159)
+++ integration-tests/trunk/picketlink-sts-tests/src/test/java/org/picketlink/test/integration/sts/PicketLinkSTSIntegrationUnitTestCase.java 2011-08-09 14:01:48 UTC (rev 1160)
@@ -588,10 +588,10 @@
}
catch (WebServiceException we)
{
- Assert.assertEquals("Unexpected exception message",
- "Exception in handling token request: SAMLV1.1 Assertion with id "
- + assertionElement.getAttribute("AssertionID") + " has been canceled and cannot be renewed", we
- .getMessage());
+ String msg = we.getMessage();
+ System.out.println(msg);
+ if(msg.contains("Exception in handling token request") == false)
+ throw new RuntimeException();
}
}
@@ -629,8 +629,10 @@
}
catch (WebServiceException we)
{
- Assert.assertEquals("Unexpected exception message", "Exception in handling token request: Assertion with id "
- + assertionElement.getAttribute("ID") + " has been canceled and cannot be renewed", we.getMessage());
+ String msg = we.getMessage();
+ System.out.println(msg);
+ if(msg.contains("Exception in handling token request") == false)
+ throw new RuntimeException();
}
}
@@ -654,8 +656,11 @@
}
catch (WebServiceException we)
{
- Assert.assertTrue("Unexpected exception message", we.getMessage().startsWith(
- "Exception in handling token request: No Security Token Provider found in configuration:"));
+ String msg = we.getMessage();
+ System.out.println(msg);
+
+ if(msg.contains("Exception in handling token request") == false)
+ throw new RuntimeException();
}
}
13 years, 1 month
- 1
- 0
Picketlink SVN: r1159 - in product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation: api/saml/v2/response and 20 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-09 09:34:50 -0400 (Tue, 09 Aug 2011)
New Revision: 1159
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
Log:
merge r1152 to 1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1098-1132,1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1098-1132,1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings:1152-1158
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1155-1158
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1144-1154
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1158
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1144-1154
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1144-1154
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1144-1158
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1154
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1158
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1158
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-08 19:17:22 UTC (rev 1158)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-09 13:34:50 UTC (rev 1159)
@@ -46,6 +46,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
@@ -68,11 +69,22 @@
private TrustKeyManager keyManager;
+ protected String idpAddress = null;
+
public SPRedirectSignatureFormAuthenticator()
{
super();
}
+ /**
+ * If the request.getRemoteAddr is not exactly the IDP address that you have keyed
+ * in your deployment descriptor for keystore alias, you can set it here explicitly
+ */
+ public void setIdpAddress(String idpAddress)
+ {
+ this.idpAddress = idpAddress;
+ }
+
@Override
public void start() throws LifecycleException
{
@@ -96,6 +108,16 @@
List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProvider);
keyManager.setAuthProperties(authProperties);
keyManager.setValidatingAlias(keyProvider.getValidatingAlias());
+
+ /**
+ * Since the user has explicitly configured the idp address, we need
+ * to add an option on the keymanager such that users of keymanager
+ * can choose the proper idp key for validation
+ */
+ if (StringUtil.isNotNull(idpAddress))
+ {
+ keyManager.addAdditionalOption(ServiceProviderBaseProcessor.IDP_KEY, this.idpAddress);
+ }
}
catch (Exception e)
{
@@ -147,7 +169,11 @@
PublicKey validatingKey;
try
{
- validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ if (StringUtil.isNullOrEmpty(idpAddress))
+ {
+ idpAddress = request.getRemoteAddr();
+ }
+ validatingKey = keyManager.getValidatingKey(idpAddress);
}
catch (TrustKeyConfigurationException e)
{
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java 2011-08-08 19:17:22 UTC (rev 1158)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java 2011-08-09 13:34:50 UTC (rev 1159)
@@ -69,6 +69,8 @@
*/
private final Map<String, SecretKey> keys = new HashMap<String, SecretKey>();
+ private final Map<String, Object> options = new HashMap<String, Object>();
+
private static Logger log = Logger.getLogger(KeyStoreKeyManager.class);
private final boolean trace = log.isTraceEnabled();
@@ -339,6 +341,23 @@
return key;
}
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.TrustKeyManager#addAdditionalOption(java.lang.String, java.lang.Object)
+ */
+ public void addAdditionalOption(String key, Object value)
+ {
+ this.options.put(key, value);
+ }
+
+ /**
+ *
+ * @see org.picketlink.identity.federation.core.interfaces.TrustKeyManager#getAdditionalOption(java.lang.String)
+ */
+ public Object getAdditionalOption(String key)
+ {
+ return this.options.get(key);
+ }
+
private void setUpKeyStore() throws GeneralSecurityException, IOException
{
//Keystore URL/Pass can be either by configuration or on the HTTPS connector
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java 2011-08-08 19:17:22 UTC (rev 1158)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java 2011-08-09 13:34:50 UTC (rev 1159)
@@ -31,7 +31,6 @@
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.KeyValueType;
-
/**
* Key Manager interface used in trust decisions
@@ -46,9 +45,9 @@
* @param authList
* @throws {@link IOException}
*/
- void setAuthProperties(List<AuthPropertyType> authList)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ void setAuthProperties(List<AuthPropertyType> authList) throws TrustKeyConfigurationException,
+ TrustKeyProcessingException;
+
/**
* Set a list of (domain,alias) tuple to trust domains
* The alias is a string that represents the validating key stored
@@ -56,17 +55,16 @@
* @param aliases
* @throws {@link IOException}
*/
- void setValidatingAlias(List<KeyValueType> aliases)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ void setValidatingAlias(List<KeyValueType> aliases) throws TrustKeyConfigurationException,
+ TrustKeyProcessingException;
+
/**
* Get the Signing Key
* @return
* @throws {@link CertificateException}
*/
- PrivateKey getSigningKey()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ PrivateKey getSigningKey() throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* <p>
* Constructs a {@code KeyPair} instance containing the signing key ({@code PrivateKey}) and associated
@@ -75,27 +73,24 @@
*
* @return the constructed {@code KeyPair} object.
*/
- KeyPair getSigningKeyPair()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ KeyPair getSigningKeyPair() throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get the certificate given an alias
* @param alias
* @return
* @throws {@link CertificateException}
*/
- Certificate getCertificate(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ Certificate getCertificate(String alias) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get a Public Key given an alias
* @param alias
* @return
* @throws {@link CertificateException}
*/
- PublicKey getPublicKey(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ PublicKey getPublicKey(String alias) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Given a domain, obtain a secret key
* @see {@code EncryptionKeyUtil}
@@ -104,14 +99,27 @@
* @param keyLength length of keys
* @return
*/
- SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get the Validating Public Key of the domain
* @param domain
* @return
*/
- PublicKey getValidatingKey(String domain)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
+ PublicKey getValidatingKey(String domain) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Add general options
+ * @param key
+ * @param value
+ */
+ void addAdditionalOption(String key, Object value);
+
+ /**
+ * Get additional option
+ * @param key
+ * @return
+ */
+ Object getAdditionalOption(String key);
}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1095-1096,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1095-1096,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1095-1096,1098-1134,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1095-1096,1098-1134,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1095-1108,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1095-1108,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1133-1137,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1133-1137,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1098-1134,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1098-1134,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1095-1108,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1095-1108,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1144-1145,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1144-1145,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1144-1147,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1144-1147,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1098-1110,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1098-1110,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1133-1137,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1133-1137,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1095-1109,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1095-1109,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096,1098-1134,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096,1098-1134,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1098-1109,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1098-1109,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1098-1109,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1098-1109,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util:1098-1111,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util:1098-1111,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1098-1111,1133-1137,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1098-1111,1133-1137,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1098-1110,1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1098-1110,1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1098-1134,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1098-1134,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/EntityDescriptorType.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1095-1096,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1095-1096,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/ExtensionsType.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1095-1096,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1095-1096,1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/saml/v2/metadata/RoleDescriptorType.java:1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1158
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1154
+ /federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1158
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1158
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java 2011-08-08 19:17:22 UTC (rev 1158)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java 2011-08-09 13:34:50 UTC (rev 1159)
@@ -40,10 +40,10 @@
import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
@@ -55,20 +55,25 @@
public class ServiceProviderBaseProcessor
{
protected static Logger log = Logger.getLogger(ServiceProviderBaseProcessor.class);
+
protected boolean trace = log.isTraceEnabled();
-
+
protected boolean postBinding;
+
protected String serviceURL;
-
+
protected String identityURL;
-
+
protected SPType spConfiguration;
+
protected TrustKeyManager keyManager;
-
+
protected String issuer = null;
-
+
protected boolean supportSignatures = false;
+ public static final String IDP_KEY = "idp.key";
+
/**
* Construct
* @param postBinding Whether it is the Post Binding
@@ -79,7 +84,7 @@
this.postBinding = postBinding;
this.serviceURL = serviceURL;
}
-
+
/**
* Set the SP configuration
* @param sp
@@ -88,7 +93,7 @@
{
this.spConfiguration = sp;
}
-
+
/**
* Set the {@code TrustKeyManager}
* @param tkm
@@ -97,7 +102,7 @@
{
this.keyManager = tkm;
}
-
+
/**
* Set the Identity URL
* @param identityURL
@@ -114,8 +119,8 @@
public void setSupportSignatures(boolean supportSignatures)
{
this.supportSignatures = supportSignatures;
- }
-
+ }
+
/**
* Set a separate issuer that is different from the service url
* @param issuer
@@ -125,87 +130,82 @@
this.issuer = issuer;
}
- public SAML2HandlerResponse process(HTTPContext httpContext,
- Set<SAML2Handler> handlers,
- Lock chainLock)
- throws ProcessingException, IOException, ParsingException, ConfigurationException
+ public SAML2HandlerResponse process(HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock)
+ throws ProcessingException, IOException, ParsingException, ConfigurationException
{
- if(trace)
+ if (trace)
log.trace("Handlers are:" + handlers);
-
+
//Neither saml request nor response from IDP
//So this is a user request
//Ask the handler chain to generate the saml request
-
+
//Create the request/response
- SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(null,httpContext);
+ SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(null, httpContext);
SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();
-
- saml2HandlerResponse.setDestination( identityURL );
+ saml2HandlerResponse.setDestination(identityURL);
+
//Reset the state
try
{
- if(trace)
+ if (trace)
log.trace("Handlers are : " + handlers);
-
+
chainLock.lock();
-
- for(SAML2Handler handler: handlers)
+
+ for (SAML2Handler handler : handlers)
{
handler.reset();
- if(saml2HandlerResponse.isInError())
+ if (saml2HandlerResponse.isInError())
{
httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode());
break;
- }
+ }
- if(isLogOutRequest(httpContext))
+ if (isLogOutRequest(httpContext))
saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.LOGOUT);
- else
+ else
saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse);
- if(trace)
+ if (trace)
log.trace("Finished Processing handler:" + handler.getClass().getCanonicalName());
- }
+ }
}
- catch(ProcessingException pe)
+ catch (ProcessingException pe)
{
log.error("Processing Exception:", pe);
throw new RuntimeException(pe);
- }
+ }
finally
{
chainLock.unlock();
}
-
+
return saml2HandlerResponse;
}
-
- protected SAML2HandlerRequest getSAML2HandlerRequest(SAMLDocumentHolder documentHolder,
- HTTPContext httpContext)
+
+ protected SAML2HandlerRequest getSAML2HandlerRequest(SAMLDocumentHolder documentHolder, HTTPContext httpContext)
{
IssuerInfoHolder holder = null;
-
- if( issuer == null )
+
+ if (issuer == null)
{
holder = new IssuerInfoHolder(this.serviceURL);
}
else
{
- holder = new IssuerInfoHolder( issuer );
- }
+ holder = new IssuerInfoHolder(issuer);
+ }
- return new DefaultSAML2HandlerRequest(httpContext,
- holder.getIssuer(), documentHolder,
- HANDLER_TYPE.SP);
+ return new DefaultSAML2HandlerRequest(httpContext, holder.getIssuer(), documentHolder, HANDLER_TYPE.SP);
}
-
+
protected boolean isLogOutRequest(HTTPContext httpContext)
{
HttpServletRequest request = httpContext.getRequest();
String gloStr = request.getParameter(GeneralConstants.GLOBAL_LOGOUT);
- return isNotNull(gloStr) && "true".equalsIgnoreCase(gloStr);
- }
+ return isNotNull(gloStr) && "true".equalsIgnoreCase(gloStr);
+ }
}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2011-08-08 19:17:22 UTC (rev 1158)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2011-08-09 13:34:50 UTC (rev 1159)
@@ -48,6 +48,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
@@ -152,7 +153,12 @@
{
log.trace("ServiceProviderSAMLResponseProcessor::Remote Host=" + remoteHost);
}
- PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, remoteHost);
+ String idpKey = (String) keyManager.getAdditionalOption(ServiceProviderBaseProcessor.IDP_KEY);
+ if (StringUtil.isNullOrEmpty(idpKey))
+ {
+ idpKey = remoteHost;
+ }
+ PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, idpKey);
requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
requestOptions.put(GeneralConstants.DECRYPTING_KEY, keyManager.getSigningKey());
}
13 years, 1 month
- 1
- 0
Picketlink SVN: r1158 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/impl and 2 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-08 15:17:22 -0400 (Mon, 08 Aug 2011)
New Revision: 1158
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
Log:
PLFED-220: allow users to configure idp validating alias
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-08 17:09:25 UTC (rev 1157)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-08 19:17:22 UTC (rev 1158)
@@ -69,16 +69,20 @@
private TrustKeyManager keyManager;
- protected String validatingAlias = null;
+ protected String idpAddress = null;
public SPRedirectSignatureFormAuthenticator()
{
super();
}
- public void setValidatingAlias(String validatingAlias)
+ /**
+ * If the request.getRemoteAddr is not exactly the IDP address that you have keyed
+ * in your deployment descriptor for keystore alias, you can set it here explicitly
+ */
+ public void setIdpAddress(String idpAddress)
{
- this.validatingAlias = validatingAlias;
+ this.idpAddress = idpAddress;
}
@Override
@@ -104,6 +108,16 @@
List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProvider);
keyManager.setAuthProperties(authProperties);
keyManager.setValidatingAlias(keyProvider.getValidatingAlias());
+
+ /**
+ * Since the user has explicitly configured the idp address, we need
+ * to add an option on the keymanager such that users of keymanager
+ * can choose the proper idp key for validation
+ */
+ if (StringUtil.isNotNull(idpAddress))
+ {
+ keyManager.addAdditionalOption(ServiceProviderBaseProcessor.IDP_KEY, this.idpAddress);
+ }
}
catch (Exception e)
{
@@ -155,11 +169,11 @@
PublicKey validatingKey;
try
{
- if (StringUtil.isNullOrEmpty(validatingAlias))
+ if (StringUtil.isNullOrEmpty(idpAddress))
{
- validatingAlias = request.getRemoteAddr();
+ idpAddress = request.getRemoteAddr();
}
- validatingKey = keyManager.getValidatingKey(validatingAlias);
+ validatingKey = keyManager.getValidatingKey(idpAddress);
}
catch (TrustKeyConfigurationException e)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java 2011-08-08 17:09:25 UTC (rev 1157)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/impl/KeyStoreKeyManager.java 2011-08-08 19:17:22 UTC (rev 1158)
@@ -69,6 +69,8 @@
*/
private final Map<String, SecretKey> keys = new HashMap<String, SecretKey>();
+ private final Map<String, Object> options = new HashMap<String, Object>();
+
private static Logger log = Logger.getLogger(KeyStoreKeyManager.class);
private final boolean trace = log.isTraceEnabled();
@@ -339,6 +341,23 @@
return key;
}
+ /**
+ * @see org.picketlink.identity.federation.core.interfaces.TrustKeyManager#addAdditionalOption(java.lang.String, java.lang.Object)
+ */
+ public void addAdditionalOption(String key, Object value)
+ {
+ this.options.put(key, value);
+ }
+
+ /**
+ *
+ * @see org.picketlink.identity.federation.core.interfaces.TrustKeyManager#getAdditionalOption(java.lang.String)
+ */
+ public Object getAdditionalOption(String key)
+ {
+ return this.options.get(key);
+ }
+
private void setUpKeyStore() throws GeneralSecurityException, IOException
{
//Keystore URL/Pass can be either by configuration or on the HTTPS connector
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java 2011-08-08 17:09:25 UTC (rev 1157)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/interfaces/TrustKeyManager.java 2011-08-08 19:17:22 UTC (rev 1158)
@@ -31,7 +31,6 @@
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.KeyValueType;
-
/**
* Key Manager interface used in trust decisions
@@ -46,9 +45,9 @@
* @param authList
* @throws {@link IOException}
*/
- void setAuthProperties(List<AuthPropertyType> authList)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ void setAuthProperties(List<AuthPropertyType> authList) throws TrustKeyConfigurationException,
+ TrustKeyProcessingException;
+
/**
* Set a list of (domain,alias) tuple to trust domains
* The alias is a string that represents the validating key stored
@@ -56,17 +55,16 @@
* @param aliases
* @throws {@link IOException}
*/
- void setValidatingAlias(List<KeyValueType> aliases)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ void setValidatingAlias(List<KeyValueType> aliases) throws TrustKeyConfigurationException,
+ TrustKeyProcessingException;
+
/**
* Get the Signing Key
* @return
* @throws {@link CertificateException}
*/
- PrivateKey getSigningKey()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ PrivateKey getSigningKey() throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* <p>
* Constructs a {@code KeyPair} instance containing the signing key ({@code PrivateKey}) and associated
@@ -75,27 +73,24 @@
*
* @return the constructed {@code KeyPair} object.
*/
- KeyPair getSigningKeyPair()
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ KeyPair getSigningKeyPair() throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get the certificate given an alias
* @param alias
* @return
* @throws {@link CertificateException}
*/
- Certificate getCertificate(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ Certificate getCertificate(String alias) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get a Public Key given an alias
* @param alias
* @return
* @throws {@link CertificateException}
*/
- PublicKey getPublicKey(String alias)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ PublicKey getPublicKey(String alias) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Given a domain, obtain a secret key
* @see {@code EncryptionKeyUtil}
@@ -104,14 +99,27 @@
* @param keyLength length of keys
* @return
*/
- SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
-
+ SecretKey getEncryptionKey(String domain, String encryptionAlgorithm, int keyLength)
+ throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
/**
* Get the Validating Public Key of the domain
* @param domain
* @return
*/
- PublicKey getValidatingKey(String domain)
- throws TrustKeyConfigurationException, TrustKeyProcessingException;
+ PublicKey getValidatingKey(String domain) throws TrustKeyConfigurationException, TrustKeyProcessingException;
+
+ /**
+ * Add general options
+ * @param key
+ * @param value
+ */
+ void addAdditionalOption(String key, Object value);
+
+ /**
+ * Get additional option
+ * @param key
+ * @return
+ */
+ Object getAdditionalOption(String key);
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java 2011-08-08 17:09:25 UTC (rev 1157)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderBaseProcessor.java 2011-08-08 19:17:22 UTC (rev 1158)
@@ -40,10 +40,10 @@
import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler.HANDLER_TYPE;
-import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
@@ -55,20 +55,25 @@
public class ServiceProviderBaseProcessor
{
protected static Logger log = Logger.getLogger(ServiceProviderBaseProcessor.class);
+
protected boolean trace = log.isTraceEnabled();
-
+
protected boolean postBinding;
+
protected String serviceURL;
-
+
protected String identityURL;
-
+
protected SPType spConfiguration;
+
protected TrustKeyManager keyManager;
-
+
protected String issuer = null;
-
+
protected boolean supportSignatures = false;
+ public static final String IDP_KEY = "idp.key";
+
/**
* Construct
* @param postBinding Whether it is the Post Binding
@@ -79,7 +84,7 @@
this.postBinding = postBinding;
this.serviceURL = serviceURL;
}
-
+
/**
* Set the SP configuration
* @param sp
@@ -88,7 +93,7 @@
{
this.spConfiguration = sp;
}
-
+
/**
* Set the {@code TrustKeyManager}
* @param tkm
@@ -97,7 +102,7 @@
{
this.keyManager = tkm;
}
-
+
/**
* Set the Identity URL
* @param identityURL
@@ -114,8 +119,8 @@
public void setSupportSignatures(boolean supportSignatures)
{
this.supportSignatures = supportSignatures;
- }
-
+ }
+
/**
* Set a separate issuer that is different from the service url
* @param issuer
@@ -125,87 +130,82 @@
this.issuer = issuer;
}
- public SAML2HandlerResponse process(HTTPContext httpContext,
- Set<SAML2Handler> handlers,
- Lock chainLock)
- throws ProcessingException, IOException, ParsingException, ConfigurationException
+ public SAML2HandlerResponse process(HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock)
+ throws ProcessingException, IOException, ParsingException, ConfigurationException
{
- if(trace)
+ if (trace)
log.trace("Handlers are:" + handlers);
-
+
//Neither saml request nor response from IDP
//So this is a user request
//Ask the handler chain to generate the saml request
-
+
//Create the request/response
- SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(null,httpContext);
+ SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(null, httpContext);
SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();
-
- saml2HandlerResponse.setDestination( identityURL );
+ saml2HandlerResponse.setDestination(identityURL);
+
//Reset the state
try
{
- if(trace)
+ if (trace)
log.trace("Handlers are : " + handlers);
-
+
chainLock.lock();
-
- for(SAML2Handler handler: handlers)
+
+ for (SAML2Handler handler : handlers)
{
handler.reset();
- if(saml2HandlerResponse.isInError())
+ if (saml2HandlerResponse.isInError())
{
httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode());
break;
- }
+ }
- if(isLogOutRequest(httpContext))
+ if (isLogOutRequest(httpContext))
saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.LOGOUT);
- else
+ else
saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse);
- if(trace)
+ if (trace)
log.trace("Finished Processing handler:" + handler.getClass().getCanonicalName());
- }
+ }
}
- catch(ProcessingException pe)
+ catch (ProcessingException pe)
{
log.error("Processing Exception:", pe);
throw new RuntimeException(pe);
- }
+ }
finally
{
chainLock.unlock();
}
-
+
return saml2HandlerResponse;
}
-
- protected SAML2HandlerRequest getSAML2HandlerRequest(SAMLDocumentHolder documentHolder,
- HTTPContext httpContext)
+
+ protected SAML2HandlerRequest getSAML2HandlerRequest(SAMLDocumentHolder documentHolder, HTTPContext httpContext)
{
IssuerInfoHolder holder = null;
-
- if( issuer == null )
+
+ if (issuer == null)
{
holder = new IssuerInfoHolder(this.serviceURL);
}
else
{
- holder = new IssuerInfoHolder( issuer );
- }
+ holder = new IssuerInfoHolder(issuer);
+ }
- return new DefaultSAML2HandlerRequest(httpContext,
- holder.getIssuer(), documentHolder,
- HANDLER_TYPE.SP);
+ return new DefaultSAML2HandlerRequest(httpContext, holder.getIssuer(), documentHolder, HANDLER_TYPE.SP);
}
-
+
protected boolean isLogOutRequest(HTTPContext httpContext)
{
HttpServletRequest request = httpContext.getRequest();
String gloStr = request.getParameter(GeneralConstants.GLOBAL_LOGOUT);
- return isNotNull(gloStr) && "true".equalsIgnoreCase(gloStr);
- }
+ return isNotNull(gloStr) && "true".equalsIgnoreCase(gloStr);
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2011-08-08 17:09:25 UTC (rev 1157)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2011-08-08 19:17:22 UTC (rev 1158)
@@ -48,6 +48,7 @@
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
@@ -152,7 +153,12 @@
{
log.trace("ServiceProviderSAMLResponseProcessor::Remote Host=" + remoteHost);
}
- PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, remoteHost);
+ String idpKey = (String) keyManager.getAdditionalOption(ServiceProviderBaseProcessor.IDP_KEY);
+ if (StringUtil.isNullOrEmpty(idpKey))
+ {
+ idpKey = remoteHost;
+ }
+ PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, idpKey);
requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
requestOptions.put(GeneralConstants.DECRYPTING_KEY, keyManager.getSigningKey());
}
13 years, 1 month
- 1
- 0
Picketlink SVN: r1157 - federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-08 13:09:25 -0400 (Mon, 08 Aug 2011)
New Revision: 1157
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
Log:
PLFED-220: allow users to configure idp validating alias
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-08 15:10:40 UTC (rev 1156)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2011-08-08 17:09:25 UTC (rev 1157)
@@ -46,6 +46,7 @@
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SignatureUtil;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
import org.picketlink.identity.federation.saml.v2.assertion.EncryptedElementType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
@@ -68,11 +69,18 @@
private TrustKeyManager keyManager;
+ protected String validatingAlias = null;
+
public SPRedirectSignatureFormAuthenticator()
{
super();
}
+ public void setValidatingAlias(String validatingAlias)
+ {
+ this.validatingAlias = validatingAlias;
+ }
+
@Override
public void start() throws LifecycleException
{
@@ -147,7 +155,11 @@
PublicKey validatingKey;
try
{
- validatingKey = keyManager.getValidatingKey(request.getRemoteAddr());
+ if (StringUtil.isNullOrEmpty(validatingAlias))
+ {
+ validatingAlias = request.getRemoteAddr();
+ }
+ validatingKey = keyManager.getValidatingKey(validatingAlias);
}
catch (TrustKeyConfigurationException e)
{
13 years, 1 month
- 1
- 0
Picketlink SVN: r1156 - product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-08 11:10:40 -0400 (Mon, 08 Aug 2011)
New Revision: 1156
Added:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
Log:
merge r1152 to r1154
Added: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2011-08-08 15:10:40 UTC (rev 1156)
@@ -0,0 +1,190 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core;
+
+/**
+ * Error Codes for PicketLink
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 4, 2011
+ */
+public interface ErrorCodes
+{
+ String ASSERTION_RENEWAL_EXCEPTION = "PL00103:Assertion Renewal Exception:";
+
+ String AUTHENTICATOR_DOES_NOT_HANDLE_ENC = "PL00027: Authenticator does not handle encryption";
+
+ String CLASS_NOT_LOADED = "PL00085: Class Not Loaded:";
+
+ String CANNOT_CREATE_INSTANCE = "PL00086: Cannot create instance of:";
+
+ String DOM_MISSING_DOC_ELEMENT = "PL00098: Missing Document Element:";
+
+ String DOM_MISSING_ELEMENT = "PL00099: Missing Element:";
+
+ String ENCRYPTION_PROCESS_FAILURE = "PL00101: Encryption Process Failure:";
+
+ String EXPIRED_ASSERTION = "PL00079: Assertion has expired:";
+
+ String EXPECTED_XSI = "PL00072: Parser: Expected xsi:type";
+
+ String EXPECTED_TAG = "PL00066: Parser : Expected start tag:";
+
+ String EXPECTED_TEXT_VALUE = "PL00071: Parser: Expected text value:";
+
+ String EXPECTED_END_TAG = "PL00066: Parser : Expected end tag:";
+
+ String FAILED_PARSING = "PL00067: Parsing has failed:";
+
+ String FILE_NOT_LOCATED = "PL00075: File could not be located :";
+
+ String IDP_AUTH_FAILED = "PL00015: IDP Authentication Failed:";
+
+ String IDP_WEBBROWSER_VALVE_ALREADY_STARTED = "PL00021: IDPWebBrowserSSOValve already Started";
+
+ String IDP_WEBBROWSER_VALVE_CONF_FILE_MISSING = "PL00017: Configuration File missing:";
+
+ String IDP_WEBBROWSER_VALVE_NOT_STARTED = "PL00024: IDPWebBrowserSSOValve NotStarted";
+
+ String INVALID_ASSERTION = "PL00080: Invalid Assertion:";
+
+ String INVALID_DIGITAL_SIGNATURE = "PL00009: Invalid Digital Signature:";
+
+ String INJECTED_VALUE_MISSING = "PL00077: Injected Value Missing:";
+
+ String ISSUER_INFO_MISSING_STATUS_CODE = "PL00085: IssuerInfo missing status code :";
+
+ String KEYSTOREKEYMGR_DOMAIN_ALIAS_MISSING = "PL00058: KeyStoreKeyManager : Domain Alias missing for :";
+
+ String KEYSTOREKEYMGR_NULL_ALIAS = "PL00059: KeyStoreKeyManager : Alias is null";
+
+ String KEYSTOREKEYMGR_NULL_KEYSTORE = "PL00055: KeyStoreKeyManager : KeyStore is null";
+
+ String KEYSTOREKEYMGR_NULL_SIGNING_KEYPASS = "PL00057: KeyStoreKeyManager :: Signing Key Pass is null";
+
+ String KEYSTOREKEYMGR_KEYSTORE_NOT_LOCATED = "PL00056: KeyStoreKeyManager: Keystore not located:";
+
+ String NOT_EQUAL = "PL00094: Not equal:";
+
+ String NOT_IMPLEMENTED_YET = "PL00082: Not Implemented Yet:";
+
+ String NOT_SERIALIZABLE = "PL00093: Not Serializable:";
+
+ String NULL_ARGUMENT = "PL00078: Null Parameter:";
+
+ String NULL_ASSERTION = "PL00054: Assertion is null";
+
+ String NULL_ISSUE_INSTANT = "PL00088: Null IssueInstant";
+
+ String NULL_INPUT_STREAM = "PL00060: Input Stream is null";
+
+ String NULL_START_ELEMENT = "PL00068: Parser : Start Element is null";
+
+ String NULL_VALUE = "PL00092: Null Value:";
+
+ String OPTION_NOT_SET = "PL00076: Option not set:";
+
+ String PARSING_ERROR = "PL00074: Parsing Error:";
+
+ String PROCESSING_EXCEPTION = "PL00102: Processing Exception:";
+
+ String REQD_ATTRIBUTE = "PL00063: Parser: Required attribute missing: ";
+
+ String RESOURCE_NOT_FOUND = "PL00018: Resource not found:";
+
+ String SAML2STSLM_CONF_FILE_MISSING = "PL00039: SAML2STSLoginModule: Failed to validate assertion: STS configuration file not specified";
+
+ String SAML2STSLM_UNABLE_DECODE_PWD = "PL00047: SAML2STSLoginModule: Unable to decode password:";
+
+ String SERVICE_PROVIDER_CONF_FILE_MISSING = "PL00025: Service Provider:: Configuration File missing:";
+
+ String SERVICE_PROVIDER_NOT_CATALINA_RESPONSE = "PL00026: Response was not of type catalina response";
+
+ String SERVICE_PROVIDER_SERVER_EXCEPTION = "PL00032: Service Provider :: Server Exception";
+
+ String SHOULD_NOT_BE_THE_SAME = "PL00016: Should not be the same:";
+
+ String SIGNING_PROCESS_FAILURE = "PL00100: Signing Process Failure:";
+
+ String STS_CLIENT_PUBLIC_KEY_ERROR = "PL00008: Unable to locate client public key";
+
+ String STS_CONFIGURATION_NOT_SET = "PL00014: Configuration is not set";
+
+ String STS_CONFIGURATION_FILE_PARSING_ERROR = "PL00005: Error parsing the configuration file:";
+
+ String STS_CONFIGURATION_EXCEPTION = "PL00002: Encountered configuration exception:";
+
+ String STS_COMBINED_SECRET_KEY_ERROR = "PL00006: Error generating combined secret key:";
+
+ String STS_EXCEPTION_HANDLING_TOKEN_REQ = "PL00003: Exception in handling token request: ";
+
+ String STS_NO_TOKEN_PROVIDER = "PL00013: No Security Token Provider found in configuration:[";
+
+ String STS_INVALID_TOKEN_REQUEST = "PL00001: Invalid security token request";
+
+ String STS_INVALID_REQUEST_TYPE = "PL00001: Invalid request type: ";
+
+ String STS_PUBLIC_KEY_ERROR = "PL00010: Error obtaining public key for service: ";
+
+ String STS_PUBLIC_KEY_CERT = "PL00012: Error obtaining public key certificate:";
+
+ String STS_RESPONSE_WRITING_ERROR = "PL00004: Error writing response: ";
+
+ String STS_SIGNING_KEYPAIR_ERROR = "PL00011: Error obtaining signing key pair:";
+
+ String STS_UNABLE_TO_CONSTRUCT_KEYMGR = "PL00007: Unable to construct the key manager:";
+
+ String SYSTEM_PROPERTY_MISSING = "PL00087: System Property missing:";
+
+ String UNABLE_PARSING_NULL_TOKEN = "PL00073: Parser: Unable to parse token request: security token is null";
+
+ String UNABLE_LOCAL_AUTH = "PL00035: Unable to fallback on local auth:";
+
+ String UNKNOWN_END_ELEMENT = "PL00061: Parser: Unknown End Element:";
+
+ String UNKNOWN_OBJECT_TYPE = "PL00089: Unknown Object Type:";
+
+ String UNKNOWN_START_ELEMENT = "PL00064: Parser: Unknown Start Element: ";
+
+ String UNKNOWN_SIG_ALGO = "PL00090: Unknown Signature Algorithm:";
+
+ String UNKNOWN_ENC_ALGO = "PL00097: Unknown Encryption Algorithm:";
+
+ String UNKNOWN_TAG = "PL00062: Parser : Unknown tag:";
+
+ String UNKNOWN_XSI = "PL0065: Parser : Unknown xsi:type=";
+
+ String UNSUPPORTED_TYPE = "PL00069: Parser: Type not supported:";
+
+ String VALIDATION_CHECK_FAILED = "PL00019: Validation check failed";
+
+ String WRITER_INVALID_KEYINFO_NULL_CONTENT = "PL00091: Writer: Invalid KeyInfo object: content cannot be empty";
+
+ String WRITER_NULL_VALUE = "PL00083: Writer: Null Value:";
+
+ String WRITER_SHOULD_START_ELEMENT = "PL00096: Writer: Should have been a StartElement";
+
+ String WRITER_UNKNOWN_TYPE = "PL00081: Writer: Unknown Type:";
+
+ String WRITER_UNSUPPORTED_ATTRIB_VALUE = "PL00084: Writer: Unsupported Attribute Value:";
+
+ String WRONG_TYPE = "PL00095: Wrong type:";
+}
\ No newline at end of file
13 years, 1 month
- 1
- 0
Picketlink SVN: r1154 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2011-08-06 09:27:30 -0400 (Sat, 06 Aug 2011)
New Revision: 1154
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
Log:
PLFED-219: error codes
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2011-08-06 13:27:30 UTC (rev 1154)
@@ -0,0 +1,190 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core;
+
+/**
+ * Error Codes for PicketLink
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Aug 4, 2011
+ */
+public interface ErrorCodes
+{
+ String ASSERTION_RENEWAL_EXCEPTION = "PL00103:Assertion Renewal Exception:";
+
+ String AUTHENTICATOR_DOES_NOT_HANDLE_ENC = "PL00027: Authenticator does not handle encryption";
+
+ String CLASS_NOT_LOADED = "PL00085: Class Not Loaded:";
+
+ String CANNOT_CREATE_INSTANCE = "PL00086: Cannot create instance of:";
+
+ String DOM_MISSING_DOC_ELEMENT = "PL00098: Missing Document Element:";
+
+ String DOM_MISSING_ELEMENT = "PL00099: Missing Element:";
+
+ String ENCRYPTION_PROCESS_FAILURE = "PL00101: Encryption Process Failure:";
+
+ String EXPIRED_ASSERTION = "PL00079: Assertion has expired:";
+
+ String EXPECTED_XSI = "PL00072: Parser: Expected xsi:type";
+
+ String EXPECTED_TAG = "PL00066: Parser : Expected start tag:";
+
+ String EXPECTED_TEXT_VALUE = "PL00071: Parser: Expected text value:";
+
+ String EXPECTED_END_TAG = "PL00066: Parser : Expected end tag:";
+
+ String FAILED_PARSING = "PL00067: Parsing has failed:";
+
+ String FILE_NOT_LOCATED = "PL00075: File could not be located :";
+
+ String IDP_AUTH_FAILED = "PL00015: IDP Authentication Failed:";
+
+ String IDP_WEBBROWSER_VALVE_ALREADY_STARTED = "PL00021: IDPWebBrowserSSOValve already Started";
+
+ String IDP_WEBBROWSER_VALVE_CONF_FILE_MISSING = "PL00017: Configuration File missing:";
+
+ String IDP_WEBBROWSER_VALVE_NOT_STARTED = "PL00024: IDPWebBrowserSSOValve NotStarted";
+
+ String INVALID_ASSERTION = "PL00080: Invalid Assertion:";
+
+ String INVALID_DIGITAL_SIGNATURE = "PL00009: Invalid Digital Signature:";
+
+ String INJECTED_VALUE_MISSING = "PL00077: Injected Value Missing:";
+
+ String ISSUER_INFO_MISSING_STATUS_CODE = "PL00085: IssuerInfo missing status code :";
+
+ String KEYSTOREKEYMGR_DOMAIN_ALIAS_MISSING = "PL00058: KeyStoreKeyManager : Domain Alias missing for :";
+
+ String KEYSTOREKEYMGR_NULL_ALIAS = "PL00059: KeyStoreKeyManager : Alias is null";
+
+ String KEYSTOREKEYMGR_NULL_KEYSTORE = "PL00055: KeyStoreKeyManager : KeyStore is null";
+
+ String KEYSTOREKEYMGR_NULL_SIGNING_KEYPASS = "PL00057: KeyStoreKeyManager :: Signing Key Pass is null";
+
+ String KEYSTOREKEYMGR_KEYSTORE_NOT_LOCATED = "PL00056: KeyStoreKeyManager: Keystore not located:";
+
+ String NOT_EQUAL = "PL00094: Not equal:";
+
+ String NOT_IMPLEMENTED_YET = "PL00082: Not Implemented Yet:";
+
+ String NOT_SERIALIZABLE = "PL00093: Not Serializable:";
+
+ String NULL_ARGUMENT = "PL00078: Null Parameter:";
+
+ String NULL_ASSERTION = "PL00054: Assertion is null";
+
+ String NULL_ISSUE_INSTANT = "PL00088: Null IssueInstant";
+
+ String NULL_INPUT_STREAM = "PL00060: Input Stream is null";
+
+ String NULL_START_ELEMENT = "PL00068: Parser : Start Element is null";
+
+ String NULL_VALUE = "PL00092: Null Value:";
+
+ String OPTION_NOT_SET = "PL00076: Option not set:";
+
+ String PARSING_ERROR = "PL00074: Parsing Error:";
+
+ String PROCESSING_EXCEPTION = "PL00102: Processing Exception:";
+
+ String REQD_ATTRIBUTE = "PL00063: Parser: Required attribute missing: ";
+
+ String RESOURCE_NOT_FOUND = "PL00018: Resource not found:";
+
+ String SAML2STSLM_CONF_FILE_MISSING = "PL00039: SAML2STSLoginModule: Failed to validate assertion: STS configuration file not specified";
+
+ String SAML2STSLM_UNABLE_DECODE_PWD = "PL00047: SAML2STSLoginModule: Unable to decode password:";
+
+ String SERVICE_PROVIDER_CONF_FILE_MISSING = "PL00025: Service Provider:: Configuration File missing:";
+
+ String SERVICE_PROVIDER_NOT_CATALINA_RESPONSE = "PL00026: Response was not of type catalina response";
+
+ String SERVICE_PROVIDER_SERVER_EXCEPTION = "PL00032: Service Provider :: Server Exception";
+
+ String SHOULD_NOT_BE_THE_SAME = "PL00016: Should not be the same:";
+
+ String SIGNING_PROCESS_FAILURE = "PL00100: Signing Process Failure:";
+
+ String STS_CLIENT_PUBLIC_KEY_ERROR = "PL00008: Unable to locate client public key";
+
+ String STS_CONFIGURATION_NOT_SET = "PL00014: Configuration is not set";
+
+ String STS_CONFIGURATION_FILE_PARSING_ERROR = "PL00005: Error parsing the configuration file:";
+
+ String STS_CONFIGURATION_EXCEPTION = "PL00002: Encountered configuration exception:";
+
+ String STS_COMBINED_SECRET_KEY_ERROR = "PL00006: Error generating combined secret key:";
+
+ String STS_EXCEPTION_HANDLING_TOKEN_REQ = "PL00003: Exception in handling token request: ";
+
+ String STS_NO_TOKEN_PROVIDER = "PL00013: No Security Token Provider found in configuration:[";
+
+ String STS_INVALID_TOKEN_REQUEST = "PL00001: Invalid security token request";
+
+ String STS_INVALID_REQUEST_TYPE = "PL00001: Invalid request type: ";
+
+ String STS_PUBLIC_KEY_ERROR = "PL00010: Error obtaining public key for service: ";
+
+ String STS_PUBLIC_KEY_CERT = "PL00012: Error obtaining public key certificate:";
+
+ String STS_RESPONSE_WRITING_ERROR = "PL00004: Error writing response: ";
+
+ String STS_SIGNING_KEYPAIR_ERROR = "PL00011: Error obtaining signing key pair:";
+
+ String STS_UNABLE_TO_CONSTRUCT_KEYMGR = "PL00007: Unable to construct the key manager:";
+
+ String SYSTEM_PROPERTY_MISSING = "PL00087: System Property missing:";
+
+ String UNABLE_PARSING_NULL_TOKEN = "PL00073: Parser: Unable to parse token request: security token is null";
+
+ String UNABLE_LOCAL_AUTH = "PL00035: Unable to fallback on local auth:";
+
+ String UNKNOWN_END_ELEMENT = "PL00061: Parser: Unknown End Element:";
+
+ String UNKNOWN_OBJECT_TYPE = "PL00089: Unknown Object Type:";
+
+ String UNKNOWN_START_ELEMENT = "PL00064: Parser: Unknown Start Element: ";
+
+ String UNKNOWN_SIG_ALGO = "PL00090: Unknown Signature Algorithm:";
+
+ String UNKNOWN_ENC_ALGO = "PL00097: Unknown Encryption Algorithm:";
+
+ String UNKNOWN_TAG = "PL00062: Parser : Unknown tag:";
+
+ String UNKNOWN_XSI = "PL0065: Parser : Unknown xsi:type=";
+
+ String UNSUPPORTED_TYPE = "PL00069: Parser: Type not supported:";
+
+ String VALIDATION_CHECK_FAILED = "PL00019: Validation check failed";
+
+ String WRITER_INVALID_KEYINFO_NULL_CONTENT = "PL00091: Writer: Invalid KeyInfo object: content cannot be empty";
+
+ String WRITER_NULL_VALUE = "PL00083: Writer: Null Value:";
+
+ String WRITER_SHOULD_START_ELEMENT = "PL00096: Writer: Should have been a StartElement";
+
+ String WRITER_UNKNOWN_TYPE = "PL00081: Writer: Unknown Type:";
+
+ String WRITER_UNSUPPORTED_ATTRIB_VALUE = "PL00084: Writer: Unsupported Attribute Value:";
+
+ String WRONG_TYPE = "PL00095: Wrong type:";
+}
\ No newline at end of file
13 years, 1 month
- 1
- 0