February 2012 - picketlink-commits

Picketlink SVN: r1368 - in federation/trunk/picketlink-web/src: test/java/org/picketlink/test/identity/federation/web/saml/handlers and 1 other directory.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-03 11:47:37 -0500 (Fri, 03 Feb 2012) New Revision: 1368 Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java Log: warnings removed Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java =================================================================== --- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java 2012-02-03 15:25:53 UTC (rev 1367) +++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java 2012-02-03 16:47:37 UTC (rev 1368) @@ -23,6 +23,8 @@ package org.picketlink.identity.federation.web.handlers.saml2; +import javax.servlet.http.HttpSession; + import org.apache.log4j.Logger; import org.picketlink.identity.federation.core.ErrorCodes; import org.picketlink.identity.federation.core.exceptions.ProcessingException; @@ -31,8 +33,6 @@ import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; import org.picketlink.identity.federation.web.constants.GeneralConstants; -import javax.servlet.http.HttpSession; - /** * Handler is useful on SP side. It's used for verification that InResponseId from SAML Authentication Response is same * as ID of previously sent SAML Authentication request @@ -44,7 +44,7 @@ private static Logger log = Logger.getLogger(SAML2InResponseToVerificationHandler.class); private final boolean trace = log.isTraceEnabled(); - + @Override public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException @@ -56,7 +56,7 @@ return; // Determine Id of of request, which is saved into session thanks to SAML2AuthenticationHandler - String authnRequestId = (String)request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID); + String authnRequestId = (String) request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID); // Save it into session for later use HttpSession session = BaseSAML2Handler.getHttpSession(request); @@ -67,15 +67,15 @@ log.trace("ID of authentication request " + authnRequestId + " saved into HTTP session."); } } - - @Override + public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException - { + { } @Override - public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException - { + public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) + throws ProcessingException + { if (request.getSAML2Object() instanceof ResponseType == false) return; @@ -85,14 +85,14 @@ // Obtain inResponseTo ID from Authentication response ResponseType responseType = (ResponseType) request.getSAML2Object(); String inResponseTo = responseType.getInResponseTo(); - + // Obtain ID from session, which was saved before sending AuthnRequest HttpSession session = BaseSAML2Handler.getHttpSession(request); - String authnRequestId = (String)session.getAttribute(GeneralConstants.AUTH_REQUEST_ID); - + String authnRequestId = (String) session.getAttribute(GeneralConstants.AUTH_REQUEST_ID); + // Remove it from session now session.removeAttribute(GeneralConstants.AUTH_REQUEST_ID); - + // Compare both ID if (inResponseTo != null && inResponseTo.equals(authnRequestId)) { @@ -103,7 +103,8 @@ } else { - log.error("Verification of InResponseTo failed. InResponseTo from SAML response is " + inResponseTo + ". Value of request Id from HTTP session is " + authnRequestId); + log.error("Verification of InResponseTo failed. InResponseTo from SAML response is " + inResponseTo + + ". Value of request Id from HTTP session is " + authnRequestId); throw new ProcessingException(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED); } } Modified: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java =================================================================== --- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java 2012-02-03 15:25:53 UTC (rev 1367) +++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java 2012-02-03 16:47:37 UTC (rev 1368) @@ -23,7 +23,16 @@ package org.picketlink.test.identity.federation.web.saml.handlers; +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.security.Principal; +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.http.HttpSession; + import junit.framework.TestCase; + import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response; import org.picketlink.identity.federation.core.ErrorCodes; import org.picketlink.identity.federation.core.config.IDPType; @@ -44,8 +53,8 @@ import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse; import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil; import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS; +import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.saml.v2.protocol.ResponseType; -import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType; import org.picketlink.identity.federation.web.constants.GeneralConstants; import org.picketlink.identity.federation.web.core.HTTPContext; import org.picketlink.identity.federation.web.core.IdentityServer; @@ -58,13 +67,6 @@ import org.picketlink.test.identity.federation.web.mock.MockServletContext; import org.w3c.dom.Document; -import javax.servlet.http.HttpSession; -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.security.Principal; -import java.util.HashMap; -import java.util.Map; - /** * Unit test the {@link org.picketlink.identity.federation.web.handlers.saml2.SAML2InResponseToVerificationHandler} * @@ -113,8 +115,6 @@ request.setTypeOfRequestToBeGenerated(SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH); SAML2HandlerResponse response = new DefaultSAML2HandlerResponse(); - - // 2) GENERATE SAML AUTHENTICATION REQUEST // Generate SAML AuthnRequest with handlers @@ -127,41 +127,40 @@ AuthnRequestType authnRequest = (AuthnRequestType) parser.parse(DocumentUtil.getNodeAsStream(samlReqDoc)); assertEquals(authnRequest.getID(), servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID)); - - // 3) SEND SAML AUTHENTICATION REQUEST TO IDP // Generate request and response for IDP - SAML2HandlerResponse handlerResponseFromIdp = sendRequestToIdp(authnRequest, samlReqDoc, httpContext, handlerConfig); + SAML2HandlerResponse handlerResponseFromIdp = sendRequestToIdp(authnRequest, samlReqDoc, httpContext, + handlerConfig); // Parse SAML response from IDP Document doc2response = handlerResponseFromIdp.getResultingDocument(); - assertNotNull(doc2response); + assertNotNull(doc2response); String responseString = DocumentUtil.asString(doc2response); - // 4) PROCESS SAML RESPONSE FROM IDP. VERIFICATION OF InResponseId SHOULD BE SUCCESSFUL HandlerContext handlerContext = getHandlerRequestAndResponse(httpContext, issuerInfo, responseString); // Assert that ID from session is not null - String inResponseIdFromSession = (String)servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID); + String inResponseIdFromSession = (String) servletRequest.getSession().getAttribute( + GeneralConstants.AUTH_REQUEST_ID); assertNotNull(inResponseIdFromSession); - + // Handle response from IDP authenticationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response); verificationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response); - + // Verify that Id is not in session anymore. Becaue it was removed by SAML2ResponseIdVerificationHandler assertNull(servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID)); - - // 5) CHANGE InResponseId IN SAML RESPONSE. VALIDATION MUST FAIL NOW. // Change InResponseId - String responseStringChangedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", "InResponseTo=\"ID_101dcb5e-f432-4f45-87cb-47daff92edef\""); - HandlerContext handlerContextChangedId = getHandlerRequestAndResponse(httpContext, issuerInfo, responseStringChangedId); + String responseStringChangedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", + "InResponseTo=\"ID_101dcb5e-f432-4f45-87cb-47daff92edef\""); + HandlerContext handlerContextChangedId = getHandlerRequestAndResponse(httpContext, issuerInfo, + responseStringChangedId); // Set Id to session again as it was removed in previous processing servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession); @@ -169,9 +168,11 @@ // Handle response with changed Id. This time it should fail try { - authenticationHandler.handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response); - verificationHandler.handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response); - + authenticationHandler.handleStatusResponseType(handlerContextChangedId.request, + handlerContextChangedId.response); + verificationHandler + .handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response); + fail("Verification of InResponseTo should fail."); } catch (ProcessingException pe) @@ -179,12 +180,13 @@ assertEquals(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED, pe.getMessage()); } - // 6) REMOVE InResponseId FROM SAML RESPONSE. VALIDATION MUST FAIL NOW. // Remove inResponseId - String responseStringRemovedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", ""); - HandlerContext handlerContextRemovedId = getHandlerRequestAndResponse(httpContext, issuerInfo, responseStringRemovedId); + String responseStringRemovedId = responseString + .replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", ""); + HandlerContext handlerContextRemovedId = getHandlerRequestAndResponse(httpContext, issuerInfo, + responseStringRemovedId); // Set Id to session again as it was removed in previous processing servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession); @@ -192,8 +194,10 @@ // Now handle again response from IDP. This time it should also fail as InResponseTo is null try { - authenticationHandler.handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response); - verificationHandler.handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response); + authenticationHandler.handleStatusResponseType(handlerContextRemovedId.request, + handlerContextRemovedId.response); + verificationHandler + .handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response); fail("Verification of InResponseTo should fail."); } @@ -214,13 +218,13 @@ * @throws Exception */ private SAML2HandlerResponse sendRequestToIdp(AuthnRequestType authnRequest, Document samlReqDoc, - HTTPContext httpContext, SAML2HandlerConfig handlerConfig) throws Exception + HTTPContext httpContext, SAML2HandlerConfig handlerConfig) throws Exception { // Generate handler request and handler response for IDP IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/"); SAMLDocumentHolder docHolder = new SAMLDocumentHolder(authnRequest, samlReqDoc); - SAML2HandlerRequest idpHandlerRequest = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder, - SAML2Handler.HANDLER_TYPE.IDP); + SAML2HandlerRequest idpHandlerRequest = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), + docHolder, SAML2Handler.HANDLER_TYPE.IDP); idpHandlerRequest.addOption(GeneralConstants.ASSERTIONS_VALIDITY, 10000l); SAML2HandlerResponse idpHandlerResponse = new DefaultSAML2HandlerResponse(); @@ -228,7 +232,7 @@ Map<String, Object> chainOptionsIdp = new HashMap<String, Object>(); IDPType idpType = new IDPType(); chainOptionsIdp.put(GeneralConstants.CONFIGURATION, idpType); - chainOptionsIdp.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true"); + chainOptionsIdp.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true"); SAML2HandlerChainConfig chainConfigIdp = new DefaultSAML2HandlerChainConfig(chainOptionsIdp); // Create and init handlers for IDP @@ -242,7 +246,6 @@ HttpSession session = BaseSAML2Handler.getHttpSession(idpHandlerRequest); session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal() { - @Override public String getName() { return "testPrincipal"; @@ -263,31 +266,34 @@ return idpHandlerResponse; } - + private ResponseType getResponseTypeFromString(String responseString) throws Exception { InputStream is = new ByteArrayInputStream(responseString.getBytes()); SAML2Response saml2Response = new SAML2Response(); return saml2Response.getResponseType(is); } - - private HandlerContext getHandlerRequestAndResponse(HTTPContext httpContext, IssuerInfoHolder issuerInfo, String responseString) throws Exception + + private HandlerContext getHandlerRequestAndResponse(HTTPContext httpContext, IssuerInfoHolder issuerInfo, + String responseString) throws Exception { ResponseType responseType = getResponseTypeFromString(responseString); SAML2Response saml2Response = new SAML2Response(); Document doc = saml2Response.convert(responseType); SAMLDocumentHolder docHolder = new SAMLDocumentHolder(responseType, doc); - SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder, SAML2Handler.HANDLER_TYPE.SP); + SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder, + SAML2Handler.HANDLER_TYPE.SP); SAML2HandlerResponse response = new DefaultSAML2HandlerResponse(); return new HandlerContext(request, response); } - + private class HandlerContext { - private SAML2HandlerRequest request; - private SAML2HandlerResponse response; - + private final SAML2HandlerRequest request; + + private final SAML2HandlerResponse response; + private HandlerContext(SAML2HandlerRequest request, SAML2HandlerResponse response) { this.request = request;

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1367 - idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository.

by picketlink-commits＠lists.jboss.org

Author: mposolda Date: 2012-02-03 10:25:53 -0500 (Fri, 03 Feb 2012) New Revision: 1367 Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java Log: JBEPP-1195 improve error logging in FallbackIdentityStoreRepository Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java 2012-02-02 21:57:08 UTC (rev 1366) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/repository/FallbackIdentityStoreRepository.java 2012-02-03 15:25:53 UTC (rev 1367) @@ -514,10 +514,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to create IdentityObject: ", e); - } + log.log(Level.SEVERE, "Failed to create IdentityObject: ", e); } return result; @@ -552,10 +549,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to create IdentityObject: ", e); - } + log.log(Level.SEVERE, "Failed to create IdentityObject: ", e); } return result; @@ -583,10 +577,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to remove IdentityObject from target store: ", e); - } + log.log(Level.SEVERE, "Failed to remove IdentityObject from target store: ", e); } } @@ -601,10 +592,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to remove IdentityObject from default store: ", e); - } + log.log(Level.SEVERE, "Failed to remove IdentityObject from default store: ", e); } } } @@ -631,10 +619,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.FINER)) - { - log.log(Level.INFO, "Failed to obtain IdentityObject count: ", e); - } + log.log(Level.SEVERE, "Failed to obtain IdentityObject count from store " + targetStore.getId() + " : ", e); } } @@ -659,10 +644,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to create IdentityObject: ", e); - } + log.log(Level.SEVERE, "Failed to find IdentityObject in target store: ", e); } if (io != null) @@ -680,10 +662,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.INFO, "Failed to create IdentityObject: ", e); - } + log.log(Level.SEVERE, "Failed to find IdentityObject in default store: ", e); } return io; @@ -729,10 +708,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.FINER, "Exception occurred: ", e); - } + log.log(Level.SEVERE, "Exception occurred: ", e); } return resx; @@ -765,10 +741,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.FINER, "Exception occurred: ", e); - } + log.log(Level.SEVERE, "Exception occurred: ", e); } return resx; @@ -785,10 +758,7 @@ } catch (IdentityException e) { - if (log.isLoggable(Level.INFO)) - { - log.log(Level.FINER, "Exception occurred: ", e); - } + log.log(Level.SEVERE, "Exception occurred: ", e); } } @@ -1719,10 +1689,7 @@ } catch (Exception e) { - if (log.isLoggable(Level.FINER)) - { - log.log(Level.FINER, "Exception occurred: ", e); - } + log.log(Level.SEVERE, "Exception occurred: ", e); } return new HashMap<String, IdentityObjectAttributeMetaData>(); }

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1366 - in product/branches/Branch_6_plus/picketlink-core: src/main/java/org/picketlink/identity/federation/bindings/jboss/auth and 3 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-02 16:57:08 -0500 (Thu, 02 Feb 2012) New Revision: 1366 Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/AbstractPicketLinkTrustHandler.java product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/SecurityActions.java product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/WSAuthenticationHandler.java product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML2STSLoginModuleUnitTestCase.java product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java Log: AS7/JBossWS changes Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-02 21:57:08 UTC (rev 1366) @@ -44,8 +44,8 @@ <dependencies> <dependency> <groupId>org.jboss.ws</groupId> - <artifactId>jbossws-common</artifactId> - <version>1.4.1.GA</version> + <artifactId>jbossws-spi</artifactId> + <version>2.0.1.GA</version> </dependency> <dependency> <groupId>org.jboss.logging</groupId> Modified: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -524,10 +524,11 @@ protected boolean localValidation(Element assertionElement) throws Exception { - throw new RuntimeException(ErrorCodes.NOT_IMPLEMENTED_YET); - /*//For unit tests + //For unit tests if (localTestingOnly) return true; + throw new RuntimeException(ErrorCodes.NOT_IMPLEMENTED_YET); + /* try { Modified: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/AbstractPicketLinkTrustHandler.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/AbstractPicketLinkTrustHandler.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/AbstractPicketLinkTrustHandler.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -36,7 +36,7 @@ import org.jboss.logging.Logger; import org.jboss.security.AuthenticationManager; import org.jboss.security.AuthorizationManager; -import org.jboss.wsf.common.handler.GenericSOAPHandler; +import org.jboss.ws.api.handler.GenericSOAPHandler; import org.jboss.wsf.spi.SPIProvider; import org.jboss.wsf.spi.SPIProviderResolver; import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory; Modified: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/SecurityActions.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/SecurityActions.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/SecurityActions.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -163,5 +163,18 @@ return theGroup; } }); - } + } + + static void pushSecurityContext(final SecurityContext sc) + { + AccessController.doPrivileged(new PrivilegedAction<Void>() + { + @Override + public Void run() + { + SecurityContextAssociation.setSecurityContext(sc); + return null; + } + }); + } } \ No newline at end of file Modified: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/WSAuthenticationHandler.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/WSAuthenticationHandler.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/trust/jbossws/handler/WSAuthenticationHandler.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -27,6 +27,7 @@ import javax.xml.ws.handler.MessageContext; import org.jboss.security.AuthenticationManager; +import org.jboss.security.SecurityContext; import org.jboss.wsf.spi.invocation.SecurityAdaptor; import org.picketlink.identity.federation.core.ErrorCodes; @@ -67,8 +68,8 @@ { log.trace("Successfully Authenticated:Principal="+principal + "::subject="+subject); } - securityAdaptor.pushSubjectContext(subject, principal, credential); - + SecurityContext securityContext = SecurityActions.createSecurityContext(principal, credential, subject); + SecurityActions.pushSecurityContext(securityContext); return true; } } \ No newline at end of file Modified: product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML2STSLoginModuleUnitTestCase.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML2STSLoginModuleUnitTestCase.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML2STSLoginModuleUnitTestCase.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -29,6 +29,7 @@ import java.security.acl.Group; import java.util.ArrayList; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; @@ -42,6 +43,7 @@ import javax.security.auth.login.Configuration; import javax.security.auth.login.LoginContext; +import org.jboss.security.SecurityConstants; import org.jboss.security.SimplePrincipal; import org.jboss.security.auth.callback.ObjectCallback; import org.junit.Before; @@ -126,12 +128,24 @@ LoginContext lc = new LoginContext("something", subject, new MyCBH()); lc.login(); + boolean handledOurRoles = false; + Set<Group> groups = subject.getPrincipals(Group.class); assertNotNull(groups); - assertEquals(1, groups.size()); - Group gp = groups.iterator().next(); - assertTrue(gp.isMember(new SimplePrincipal("test1"))); - assertTrue(gp.isMember(new SimplePrincipal("test2"))); - assertTrue(gp.isMember(new SimplePrincipal("testX"))); + assertEquals(2, groups.size()); + Iterator<Group> iter = groups.iterator(); + while(iter.hasNext()) + { + Group gp = iter.next(); + if(gp.getName().equals(SecurityConstants.ROLES_IDENTIFIER)) + { + assertTrue(gp.isMember(new SimplePrincipal("test1"))); + assertTrue(gp.isMember(new SimplePrincipal("test2"))); + assertTrue(gp.isMember(new SimplePrincipal("testX"))); + handledOurRoles = true; + } + } + + assertTrue("Handled our Roles", handledOurRoles); } } \ No newline at end of file Modified: product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2012-02-02 14:29:48 UTC (rev 1365) +++ product/branches/Branch_6_plus/picketlink-core/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2012-02-02 21:57:08 UTC (rev 1366) @@ -29,6 +29,7 @@ import java.security.acl.Group; import java.util.ArrayList; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; @@ -42,6 +43,7 @@ import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; +import org.jboss.security.SecurityConstants; import org.jboss.security.SimplePrincipal; import org.junit.Before; import org.junit.Test; @@ -148,12 +150,21 @@ LoginContext lc = new LoginContext("something", subject); lc.login(); +boolean handledOurRoles = false; Set<Group> groups = subject.getPrincipals(Group.class); assertNotNull(groups); - assertEquals(1, groups.size()); - Group gp = groups.iterator().next(); - assertTrue(gp.isMember(new SimplePrincipal("test1"))); - assertTrue(gp.isMember(new SimplePrincipal("test2"))); + assertEquals(2, groups.size()); + Iterator<Group> iter = groups.iterator(); + while(iter.hasNext()) + { + Group gp = iter.next(); + if(gp.getName().equals(SecurityConstants.ROLES_IDENTIFIER)) + { + assertTrue(gp.isMember(new SimplePrincipal("test1"))); + assertTrue(gp.isMember(new SimplePrincipal("test2"))); + handledOurRoles = true; + } + } } } \ No newline at end of file

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1365 - in idm/trunk/picketlink-idm-core/src: main/java/org/picketlink/idm/impl/configuration/jaxb2/generated and 2 other directories.

by picketlink-commits＠lists.jboss.org

Author: mposolda Date: 2012-02-02 09:29:48 -0500 (Thu, 02 Feb 2012) New Revision: 1365 Added: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/SystemPropertiesSubstitutionConverter.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SystemPropertiesSubstitutionAdapter.java idm/trunk/picketlink-idm-core/src/test/resources/example-system-properties-config.xml Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/AttributeType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/CredentialsType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/ExternalConfigType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/GroupTypeMappingType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypeType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypesType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreMappingType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityTypeMappingsType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/OptionType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RealmType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RelationshipType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RepositoryType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/StoresType.java idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SupportedRelationshipTypesType.java idm/trunk/picketlink-idm-core/src/test/java/org/picketlink/idm/impl/configuration/ConfigurationTestCase.java Log: JBEPP-1027 Support for system properties substitution in Picketlink IDM configuration Added: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/SystemPropertiesSubstitutionConverter.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/SystemPropertiesSubstitutionConverter.java (rev 0) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/SystemPropertiesSubstitutionConverter.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -0,0 +1,184 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2012, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.picketlink.idm.impl.configuration.jaxb2; + +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.StringTokenizer; +import java.util.logging.Logger; + +/** + * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a> + */ +public class SystemPropertiesSubstitutionConverter +{ + private static Logger log = Logger.getLogger(SystemPropertiesSubstitutionConverter.class.getName()); + + /** + * Replaces variables of ${var:default} with System.getProperty(var, default). If no variables are found, returns + * the same string, otherwise a copy of the string with variables substituted + * + * @param input + * @return A string with vars replaced, or the same string if no vars found + */ + public static String substituteSystemProperty(String input) + { + String output = substituteVariable(input); + + log.fine("Substituting value from configuration with System properties - input=" + input + ", output=" + output); + return output; + } + + /** + * Method is doing nothing but is needed by JAXB adapter. + * + * @param input + * @return input + */ + public static String printValue(String input) + { + return input; + } + + + + /****** PRIVATE METHODS **************/ + + // Methods for substitute system properties are forked from JGroups class org.jgroups.utils.Util to avoid bugs + // and ensure same parsing behaviour, which is used by JGroups and by JBoss AS. + + + private static String substituteVariable(String val) + { + if(val == null) + return val; + String retval=val, prev; + + while(retval.contains("${")) + { // handle multiple variables in val + prev=retval; + retval=_substituteVar(retval); + if(retval.equals(prev)) + break; + } + return retval; + } + + private static String _substituteVar(String val) + { + int start_index, end_index; + start_index=val.indexOf("${"); + if(start_index == -1) + return val; + end_index=val.indexOf("}", start_index+2); + if(end_index == -1) + throw new IllegalArgumentException("missing \"}\" in " + val); + + String tmp=getProperty(val.substring(start_index +2, end_index)); + if(tmp == null) + return val; + StringBuilder sb=new StringBuilder(); + sb.append(val.substring(0, start_index)); + sb.append(tmp); + sb.append(val.substring(end_index+1)); + return sb.toString(); + } + + private static String getProperty(String s) + { + String var, default_val, retval=null; + int index=s.indexOf(":"); + if(index >= 0) + { + var=s.substring(0, index); + default_val=s.substring(index+1); + if(default_val != null && default_val.length() > 0) + default_val=default_val.trim(); + // retval=System.getProperty(var, default_val); + retval=_getProperty(var, default_val); + } + else + { + var=s; + // retval=System.getProperty(var); + retval=_getProperty(var, null); + } + return retval; + } + + /** + * Parses a var which might be comma delimited, e.g. bla,foo:1000: if 'bla' is set, return its value. Else, + * if 'foo' is set, return its value, else return "1000" + * @param var + * @param default_value + * @return + */ + private static String _getProperty(String var, String default_value) + { + if(var == null) + return null; + List<String> list=parseCommaDelimitedStrings(var); + if(list == null || list.isEmpty()) + { + list=new ArrayList<String>(1); + list.add(var); + } + String retval=null; + for(String prop: list) + { + try + { + retval=System.getProperty(prop); + if(retval != null) + return retval; + } + catch(Throwable e) + { + } + } + return default_value; + } + + /** e.g. "bela,jeannette,michelle" --> List{"bela", "jeannette", "michelle"} */ + private static List<String> parseCommaDelimitedStrings(String l) + { + return parseStringList(l, ","); + } + + private static List<String> parseStringList(String l, String separator) + { + List<String> tmp=new LinkedList<String>(); + StringTokenizer tok=new StringTokenizer(l, separator); + String t; + + while(tok.hasMoreTokens()) + { + t=tok.nextToken(); + tmp.add(t.trim()); + } + + return tmp; + } + +} Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/AttributeType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/AttributeType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/AttributeType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -67,14 +68,27 @@ public class AttributeType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String name; + @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String mapping; + @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String type; + + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String isRequired; + + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String isMultivalued; + + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String isReadOnly; + + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String isUnique; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/CredentialsType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/CredentialsType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/CredentialsType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,6 +43,7 @@ public class CredentialsType { @XmlElement(name = "credential-type") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected List<String> credentialType; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/ExternalConfigType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/ExternalConfigType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/ExternalConfigType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -13,6 +13,7 @@ import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.XmlValue; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -39,8 +40,11 @@ public class ExternalConfigType { @XmlValue + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String value; + @XmlAttribute + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String override; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/GroupTypeMappingType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/GroupTypeMappingType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/GroupTypeMappingType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,8 +43,12 @@ public class GroupTypeMappingType { @XmlElement(name = "group-type-name", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String groupTypeName; + + @XmlElement(name = "identity-object-type-name", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String identityObjectTypeName; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypeType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypeType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypeType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -90,7 +91,9 @@ public class IdentityObjectTypeType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String name; + @XmlElement(required = true) protected IdentityObjectTypeType.Relationships relationships; @XmlElement(required = true) @@ -306,6 +309,7 @@ public static class Credentials { @XmlElement(name = "credential-type") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected List<String> credentialType; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypesType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypesType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityObjectTypesType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,6 +43,7 @@ public class IdentityObjectTypesType { @XmlElement(name = "identity-object-type") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected List<String> identityObjectType; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreMappingType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreMappingType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreMappingType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -44,7 +45,9 @@ public class IdentityStoreMappingType { @XmlElement(name = "identity-store-id", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String identityStoreId; + @XmlElement(name = "identity-object-types", required = true) protected IdentityObjectTypesType identityObjectTypes; @XmlElement(required = true) Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityStoreType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -62,9 +63,13 @@ public class IdentityStoreType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String id; + @XmlElement(name = "class", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String clazz; + @XmlElement(name = "external-config", required = true) protected ExternalConfigType externalConfig; @XmlElement(name = "supported-relationship-types", required = true) Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityTypeMappingsType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityTypeMappingsType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/IdentityTypeMappingsType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -44,7 +45,9 @@ public class IdentityTypeMappingsType { @XmlElement(name = "user-mapping", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String identityMapping; + @XmlElement(name = "group-type-mapping") protected List<GroupTypeMappingType> groupTypeMapping; Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/OptionType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/OptionType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/OptionType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -44,7 +45,10 @@ public class OptionType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String name; + + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected List<String> value; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RealmType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RealmType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RealmType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -46,9 +47,13 @@ public class RealmType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String id; + @XmlElement(name = "repository-id-ref", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String repositoryIdRef; + @XmlElement(name = "identity-type-mappings") protected IdentityTypeMappingsType identityTypeMappings; protected OptionsType options; Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RelationshipType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RelationshipType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RelationshipType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,8 +43,11 @@ public class RelationshipType { @XmlElement(name = "relationship-type-ref", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String relationshipTypeRef; + @XmlElement(name = "identity-object-type-ref", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String identityObjectTypeRef; /** Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RepositoryType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RepositoryType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/RepositoryType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -52,15 +53,24 @@ public class RepositoryType { @XmlElement(required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String id; + @XmlElement(name = "class", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String clazz; + @XmlElement(name = "external-config") protected ExternalConfigType externalConfig; + @XmlElement(name = "default-identity-store-id") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String defaultIdentityStoreId; + @XmlElement(name = "default-attribute-store-id") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String defaultAttributeStoreId; + @XmlElement(name = "identity-store-mappings") protected IdentityStoreMappingsType identityStoreMappings; protected OptionsType options; Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/StoresType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/StoresType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/StoresType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -12,6 +12,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,7 +43,9 @@ public class StoresType { @XmlElement(name = "attribute-stores", required = true) + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected String attributeStores; + @XmlElement(name = "identity-stores", required = true) protected IdentityStoresType identityStores; Modified: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SupportedRelationshipTypesType.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SupportedRelationshipTypesType.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SupportedRelationshipTypesType.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -14,6 +14,7 @@ import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; /** @@ -42,6 +43,7 @@ public class SupportedRelationshipTypesType { @XmlElement(name = "relationship-type") + @XmlJavaTypeAdapter(SystemPropertiesSubstitutionAdapter.class) protected List<String> relationshipType; /** Added: idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SystemPropertiesSubstitutionAdapter.java =================================================================== --- idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SystemPropertiesSubstitutionAdapter.java (rev 0) +++ idm/trunk/picketlink-idm-core/src/main/java/org/picketlink/idm/impl/configuration/jaxb2/generated/SystemPropertiesSubstitutionAdapter.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -0,0 +1,26 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6 +// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2012.02.01 at 07:21:12 odp. CET +// + + +package org.picketlink.idm.impl.configuration.jaxb2.generated; + +import javax.xml.bind.annotation.adapters.XmlAdapter; + +public class SystemPropertiesSubstitutionAdapter + extends XmlAdapter<String, String> +{ + + + public String unmarshal(String value) { + return (org.picketlink.idm.impl.configuration.jaxb2.SystemPropertiesSubstitutionConverter.substituteSystemProperty(value)); + } + + public String marshal(String value) { + return (org.picketlink.idm.impl.configuration.jaxb2.SystemPropertiesSubstitutionConverter.printValue(value)); + } + +} Modified: idm/trunk/picketlink-idm-core/src/test/java/org/picketlink/idm/impl/configuration/ConfigurationTestCase.java =================================================================== --- idm/trunk/picketlink-idm-core/src/test/java/org/picketlink/idm/impl/configuration/ConfigurationTestCase.java 2012-02-01 15:49:30 UTC (rev 1364) +++ idm/trunk/picketlink-idm-core/src/test/java/org/picketlink/idm/impl/configuration/ConfigurationTestCase.java 2012-02-02 14:29:48 UTC (rev 1365) @@ -25,8 +25,13 @@ import junit.framework.TestCase; import java.io.File; +import java.util.List; +import java.util.Map; +import java.util.Properties; +import java.util.logging.Level; import org.picketlink.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration; +import org.picketlink.idm.impl.configuration.jaxb2.SystemPropertiesSubstitutionConverter; import org.picketlink.idm.spi.configuration.metadata.IdentityConfigurationMetaData; /** @@ -49,4 +54,48 @@ } + + public void testSystemPropertiesSubstitution() throws Exception + { + // Init system properties for substitution + System.setProperty("identity.store.id", "HibernateStore"); + System.setProperty("relationship.type1", "JBOSS_IDENTITY_MEMBERSHIP"); + System.setProperty("relationship.type2", "JBOSS_IDENTITY_ROLLE"); + + System.setProperty("option2.value", "Value of option2"); + System.setProperty("option3.value", "Value of option3"); + System.setProperty("option5.value1", "Option5 value1"); + System.setProperty("option5.value2", "Option5 value2"); + System.setProperty("option6.value1", "Option6 value1"); + System.setProperty("option7.value2", "Option7 value2"); + System.setProperty("option8.value2", "Option8 value2"); + System.setProperty("option8.value4", "Option8 value4"); + + // Parse config file + IdentityConfigurationMetaData config = JAXB2IdentityConfiguration.createConfigurationMetaData(new File("src/test/resources/example-system-properties-config.xml")); + assertNotNull(config); + + // Assert that values from configuration were correctly substituted + assertEquals("HibernateStore", config.getRepositories().get(0).getDefaultIdentityStoreId()); + assertEquals("HibernateStore", config.getRepositories().get(0).getDefaultAttributeStoreId()); + assertEquals("true", config.getRepositories().get(0).getOption("allowNotDefinedAttributes").get(0)); + assertEquals("HibernateStore", config.getIdentityStores().get(0).getId()); + assertTrue(config.getIdentityStores().get(0).getSupportedRelationshipTypes().contains("JBOSS_IDENTITY_MEMBERSHIP")); + assertTrue(config.getIdentityStores().get(0).getSupportedRelationshipTypes().contains("JBOSS_IDENTITY_ROLLE")); + + // Assert that all options were correctly substituted + Map<String, List<String>> options = config.getIdentityStores().get(0).getOptions(); + assertEquals("option1Value", options.get("option1").get(0)); + assertEquals("Value of option2", options.get("option2").get(0)); + assertEquals("Value of option3", options.get("option3").get(0)); + assertEquals("defaultValue", options.get("option4").get(0)); + assertEquals("Option5 value1", options.get("option5").get(0)); + assertEquals("Option6 value1", options.get("option6").get(0)); + assertEquals("Option7 value2", options.get("option7").get(0)); + assertEquals("something1 Option8 value2 something2 defaultValue something3 Option8 value4 something4", options.get("option8").get(0)); + assertEquals("something1 ${} something2", options.get("option9").get(0)); + assertEquals("${option10.value1}", options.get("option10").get(0)); + assertEquals("value2", options.get("option10").get(1)); + assertEquals("defaultValue3", options.get("option10").get(2)); + } } Added: idm/trunk/picketlink-idm-core/src/test/resources/example-system-properties-config.xml =================================================================== --- idm/trunk/picketlink-idm-core/src/test/resources/example-system-properties-config.xml (rev 0) +++ idm/trunk/picketlink-idm-core/src/test/resources/example-system-properties-config.xml 2012-02-02 14:29:48 UTC (rev 1365) @@ -0,0 +1,98 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:picketlink:idm:config:v1_0_0_ga" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:picketlink:idm:config:v1_0_0_ga identity-config.xsd"> + <realms> + <realm> + <id>realm://Example/DB</id> + <repository-id-ref>Example Repository</repository-id-ref> + <identity-type-mappings> + <user-mapping>IDENTITY</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>Example Repository</id> + <class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>${identity.store.id}</default-identity-store-id> + <default-attribute-store-id>${identity.store.id}</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>${alow.not.defined.attributes:true}</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>${identity.store.id}</id> + <class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>${relationship.type1}</relationship-type> + <relationship-type>${relationship.type2}</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>option1</name> + <value>option1Value</value> + </option> + <option> + <name>option2</name> + <value>${option2.value}</value> + </option> + <option> + <name>option3</name> + <value>${option3.value:defaultValue}</value> + </option> + <option> + <name>option4</name> + <value>${option4.value:defaultValue}</value> + </option> + <option> + <name>option5</name> + <value>${option5.value1,option5.value2}</value> + </option> + <option> + <name>option6</name> + <value>${option6.value1,option6.value2}</value> + </option> + <option> + <name>option7</name> + <value>${option7.value1,option7.value2:defaultValue}</value> + </option> + <option> + <name>option8</name> + <value>something1 ${option8.value1,option8.value2} something2 ${option8.value3:defaultValue} something3 ${option8.value4:defaultValue} something4</value> + </option> + <option> + <name>option9</name> + <value>something1 ${} something2</value> + </option> + <option> + <name>option10</name> + <value>${option10.value1}</value> + <value>value2</value> + <value>${option10.value3:defaultValue3}</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1364 - in product/branches/Branch_6_plus/picketlink-webapps: idp/src/main/webapp/WEB-INF and 3 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-01 10:49:30 -0500 (Wed, 01 Feb 2012) New Revision: 1364 Added: product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/META-INF/ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/jboss-web.xml Log: AS7 related needs of web apps Added: product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml (rev 0) +++ product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2012-02-01 15:49:30 UTC (rev 1364) @@ -0,0 +1,10 @@ +<jboss-deployment-structure> + + <deployment> +  + <dependencies> + <module name="org.picketlink" /> + </dependencies> + </deployment> +</jboss-deployment-structure> + Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/jboss-web.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/jboss-web.xml 2012-02-01 06:17:28 UTC (rev 1363) +++ product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/jboss-web.xml 2012-02-01 15:49:30 UTC (rev 1364) @@ -1,3 +1,15 @@ <jboss-web> <security-domain>idp</security-domain> + <valve> + <class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name> + <param> + <param-name>signOutgoingMessages</param-name> + <param-value>false</param-value> + </param> + <param> + <param-name>ignoreIncomingSignatures</param-name> + <param-value>true</param-value> + </param> + </valve> + </jboss-web> Added: product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml (rev 0) +++ product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2012-02-01 15:49:30 UTC (rev 1364) @@ -0,0 +1,12 @@ +<jboss-deployment-structure> + + <deployment> +  + <dependencies> + <module name="org.jboss.security.xacml" /> + <module name="org.picketlink" /> + <module name="org.picketbox" /> + </dependencies> + </deployment> +</jboss-deployment-structure> + Added: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml (rev 0) +++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml 2012-02-01 15:49:30 UTC (rev 1364) @@ -0,0 +1,10 @@ +<jboss-deployment-structure> + + <deployment> +  + <dependencies> + <module name="org.picketlink" /> + </dependencies> + </deployment> +</jboss-deployment-structure> +

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1363 - in product/branches/Branch_6_plus/picketlink-core: src/main/java/org/picketlink/identity/federation/bindings/jboss/auth and 1 other directory.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-01 01:17:28 -0500 (Wed, 01 Feb 2012) New Revision: 1363 Removed: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/STSClientInterceptor.java Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java Log: remove the problematic stuff Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) +++ product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-01 06:17:28 UTC (rev 1363) @@ -81,9 +81,9 @@ <scope>compile</scope> </dependency> <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbosssx</artifactId> - <version>2.0.4</version> + <groupId>org.picketbox</groupId> + <artifactId>picketbox</artifactId> + <version>4.0.6.final</version> <scope>compile</scope> </dependency> <dependency> @@ -108,24 +108,6 @@ <optional>true</optional> </dependency> <dependency> - <groupId>org.jboss.jbossas</groupId> - <artifactId>jboss-as-security</artifactId> - <version>6.0.0.Final</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.jboss.aop</groupId> - <artifactId>jboss-aop</artifactId> - <version>2.1.6.GA</version> - <scope>provided</scope> - <exclusions> - <exclusion> - <groupId>trove</groupId> - <artifactId>trove</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> <groupId>org.apache.tomcat</groupId> <artifactId>coyote</artifactId> <version>6.0.18</version> Modified: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2012-02-01 06:03:47 UTC (rev 1362) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java 2012-02-01 06:17:28 UTC (rev 1363) @@ -48,7 +48,7 @@ import org.jboss.security.SimplePrincipal; import org.jboss.security.auth.callback.ObjectCallback; import org.jboss.security.auth.spi.AbstractServerLoginModule; -import org.jboss.security.plugins.JaasSecurityDomain; +//import org.jboss.security.plugins.JaasSecurityDomain; import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkGroup; import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal; import org.picketlink.identity.federation.core.ErrorCodes; @@ -524,7 +524,8 @@ protected boolean localValidation(Element assertionElement) throws Exception { - //For unit tests + throw new RuntimeException(ErrorCodes.NOT_IMPLEMENTED_YET); + /*//For unit tests if (localTestingOnly) return true; @@ -577,6 +578,6 @@ { throw new LoginException(e.toString()); } - return true; + return true;*/ } } \ No newline at end of file Deleted: product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/STSClientInterceptor.java =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/STSClientInterceptor.java 2012-02-01 06:03:47 UTC (rev 1362) +++ product/branches/Branch_6_plus/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/STSClientInterceptor.java 2012-02-01 06:17:28 UTC (rev 1363) @@ -1,139 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * Copyright 2008, Red Hat Middleware LLC, and individual contributors - * as indicated by the @author tags. See the copyright.txt file in the - * distribution for a full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.picketlink.identity.federation.bindings.jboss.auth; - -import java.io.Serializable; -import java.security.Principal; - -import javax.security.auth.Subject; - -import org.jboss.aop.advice.Interceptor; -import org.jboss.aop.joinpoint.Invocation; -import org.jboss.logging.Logger; -import org.jboss.security.SecurityContext; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient.SecurityInfo; -import org.picketlink.identity.federation.core.ErrorCodes; -import org.picketlink.identity.federation.core.wstrust.STSClientConfig.Builder; -import org.picketlink.identity.federation.core.wstrust.SamlCredential; -import org.picketlink.identity.federation.core.wstrust.WSTrustException; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; -import org.w3c.dom.Element; - -/** - * <p> - * A client side EJB3 interceptor to automatically create a STS token and use it as the credential to invoke an EJB. - * This interceptor must be included after <code>org.jboss.ejb3.security.client.SecurityClientInterceptor</code> - * in the client interceptor stack in deploy/ejb3-interceptors-aop.xml - * This interceptor requires an attribute named propertiesFile which is a resource in the classpath where the configuration - * necessary to connect to the STS application can be read. E.g. - * <pre> - * <interceptor class="org.picketlink.identity.federation.bindings.jboss.auth.STSClientInterceptor" scope="PER_VM"> - * <attribute name="propertiesFile">sts.properties</attribute> - * </interceptor> - * </pre> - * The properties file must contain the following parameters: - * <pre> - * serviceName=[service name] - * portName=[port name] - * endpointAddress=[endpoint URI] - * </pre> - * </p> - * - * @author <a href="mailto:mmoyses@redhat.com">Marcus Moyses</a> - * @version $Revision: 1 $ - */ -public class STSClientInterceptor implements Interceptor, Serializable -{ - private static final long serialVersionUID = -4351623612864518960L; - - private static final Logger log = Logger.getLogger(STSClientInterceptor.class); - - private static boolean trace = log.isTraceEnabled(); - - private String propertiesFile; - - private Builder builder; - - public String getName() - { - return getClass().getName(); - } - - public void setPropertiesFile(String propertiesFile) - { - this.propertiesFile = propertiesFile; - if (trace) - log.trace("Constructing STSClientInterceptor using " + propertiesFile + " as the configuration file"); - } - - public Object invoke(Invocation invocation) throws Throwable - { - SecurityContext sc = (SecurityContext) invocation.getMetaData("security", "context"); - if (trace) - log.trace("Retrieved SecurityContext from invocation: " + sc); - if (sc != null) - { - // retrieve username and credential from invocation - Principal principal = sc.getUtil().getUserPrincipal(); - String credential = (String) sc.getUtil().getCredential(); - // look for the properties file in the classpath - if (builder == null) - { - if (propertiesFile != null) - { - builder = new Builder(propertiesFile); - } - else - throw new IllegalStateException(ErrorCodes.OPTION_NOT_SET + "Attribute propertiesFile must be set"); - } - WSTrustClient client = new WSTrustClient(builder.getServiceName(), builder.getPortName(), - builder.getEndpointAddress(), new SecurityInfo(principal.getName(), credential)); - Element assertion = null; - try - { - if (trace) - log.trace("Invoking token service to get SAML assertion for " + principal.getName()); - // create the token - assertion = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE); - if (trace) - log.trace("SAML assertion for " + principal.getName() + " successfully obtained"); - } - catch (WSTrustException wse) - { - log.error("Unable to issue assertion", wse); - } - - if (assertion != null) - { - Subject subject = sc.getUtil().getSubject(); - // create new SecurityContext with token credential - SecurityContext newSC = SecurityActions.createSecurityContext(); - newSC.getUtil().createSubjectInfo(principal, new SamlCredential(assertion), subject); - // replace SecurityContext in the invocation - invocation.getMetaData().addMetaData("security", "context", newSC); - } - } - - return invocation.invokeNext(); - } -} \ No newline at end of file

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1362 - in product/branches/Branch_6_plus: parent and 7 other directories.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-01 01:03:47 -0500 (Wed, 01 Feb 2012) New Revision: 1362 Added: product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/ product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/casidp.xml product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/pingidp.xml Modified: product/branches/Branch_6_plus/parent/pom.xml product/branches/Branch_6_plus/picketlink-core/pom.xml product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml product/branches/Branch_6_plus/picketlink-webapps/pom.xml product/branches/Branch_6_plus/pom.xml Log: workspace for EAP6+ Modified: product/branches/Branch_6_plus/parent/pom.xml =================================================================== --- product/branches/Branch_6_plus/parent/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/parent/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -5,7 +5,7 @@ <version>5</version> </parent> <modelVersion>4.0.0</modelVersion> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-fed-parent</artifactId> <packaging>pom</packaging> <version>2.0.3-SNAPSHOT</version> Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-fed-parent</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>../parent</relativePath> Added: product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/casidp.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/casidp.xml (rev 0) +++ product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/casidp.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -0,0 +1,47 @@ +<samlp:Response ID="pmilcfianoapejannhabalcfdlmlpbhbhifalhph" + IssueInstant="2011-11-04T09:42:04Z" InResponseTo="ID_8b7b580b-592a-49ba-b55e-b2ef2bbefb51" + Destination="http://localhost:8080/sales/" Version="2.0" + xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> + <Issuer>https://localhost:8443</Issuer> + <samlp:Status> + <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> + </samlp:Status> + <Assertion ID="bndkhciapdbmobheooakhphogocfnljcnkejpgcf" + IssueInstant="2011-11-04T09:42:04Z" Version="2.0" + xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> + <Issuer>https://localhost:8443</Issuer> + <Subject> + <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">velias</NameID> + <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> + <SubjectConfirmationData Recipient="http://localhost:8080/sales/" + NotBefore="2011-11-04T09:42:04Z" NotOnOrAfter="2011-11-05T09:42:04Z" + InResponseTo="ID_8b7b580b-592a-49ba-b55e-b2ef2bbefb51" /> + </SubjectConfirmation> + </Subject> + <Conditions NotBefore="2011-11-04T09:42:04Z" NotOnOrAfter="2051-11-05T09:42:04Z" /> + <AuthnStatement AuthnInstant="2011-11-04T09:42:04Z"> + <AuthnContext> + <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password + </AuthnContextClassRef> + </AuthnContext> + </AuthnStatement> + <AttributeStatement> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">employee + </AttributeValue> + </Attribute> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">manager + </AttributeValue> + </Attribute> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">sales + </AttributeValue> + </Attribute> + </AttributeStatement> + </Assertion> +</samlp:Response> \ No newline at end of file Added: product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/pingidp.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/pingidp.xml (rev 0) +++ product/branches/Branch_6_plus/picketlink-core/src/test/resources/responseIDP/pingidp.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -0,0 +1,229 @@ +<samlp:Response Destination="https://201.000.000.00/gctxyz" InResponseTo="ID_76b05a86-993e-4ba4-83b6-e0fe7d292e78" + + IssueInstant="2011-02-21T17:35:08.182Z" ID="o5x7YnbyTo.XL_47-oLmZwgUgpP" Version="2.0" + + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> + + <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://test.xyz.com</saml:Issuer> + + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + + <ds:SignedInfo> + + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + + <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + + <ds:Reference URI="#o5x7YnbyTo.XL_47-oLmZwgUgpP"> + + <ds:Transforms> + + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + + </ds:Transforms> + + <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + + <ds:DigestValue>joOnzlFL1squOg8uAb5fLcA9x0s=</ds:DigestValue> + + </ds:Reference> + + </ds:SignedInfo> + + <ds:SignatureValue> + + ... + + </ds:SignatureValue> + + <ds:KeyInfo> + + <ds:X509Data> + + <ds:X509Certificate> + + ... + + </ds:X509Certificate> + + </ds:X509Data> + + <ds:KeyValue> + + <ds:RSAKeyValue> + + <ds:Modulus> + + ... + + </ds:Modulus> + + <ds:Exponent>AQAB</ds:Exponent> + + </ds:RSAKeyValue> + + </ds:KeyValue> + + </ds:KeyInfo> + + </ds:Signature> + + <samlp:Status> + + <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> + + </samlp:Status> + + <saml:Assertion Version="2.0" IssueInstant="2011-02-21T17:35:08.196Z" ID="RM9ViMLu.M-ejey1FVNCeeIBws." + + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> + + <saml:Issuer>https://test.xyz.com</saml:Issuer> + + <saml:Subject> + + <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">asptest</saml:NameID> + + <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> + + <saml:SubjectConfirmationData InResponseTo="ID_76b05a86-993e-4ba4-83b6-e0fe7d292e78" + + NotOnOrAfter="2023-02-21T17:40:08.196Z" + + Recipient="https://201.000.000.00/gctxyz"/> + + </saml:SubjectConfirmation> + + </saml:Subject> + + <saml:Conditions NotOnOrAfter="2023-02-21T17:40:08.196Z" NotBefore="2011-02-21T17:30:08.196Z"> + + <saml:AudienceRestriction> + + <saml:Audience>https://201.000.000.00/gctxyz</saml:Audience> + + </saml:AudienceRestriction> + + </saml:Conditions> + + <saml:AuthnStatement AuthnInstant="2011-02-21T17:35:08.195Z" SessionIndex="RM9ViMLu.M-ejey1FVNCeeIBws."> + + <saml:AuthnContext> + + <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified + + </saml:AuthnContextClassRef> + + </saml:AuthnContext> + + </saml:AuthnStatement> + + <saml:AttributeStatement xmlns:xs="http://www.w3.org/2001/XMLSchema"> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="street"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_street + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="zipcode"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_zipcode + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="state"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_state + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="lastname"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_lastname + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="firstname"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_firstname + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="billtoid"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_billtoid + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="telephonenumber"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_telephonenumber + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="city"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_city + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="email"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_email + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="contractnumber"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_contractnumber + + </saml:AttributeValue> + + </saml:Attribute> + + </saml:AttributeStatement> + + </saml:Assertion> + +</samlp:Response> \ No newline at end of file Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-federation-webapps</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>../</relativePath> Modified: product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-federation-webapps</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>../</relativePath> Modified: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-federation-webapps</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>../</relativePath> Modified: product/branches/Branch_6_plus/picketlink-webapps/pom.xml =================================================================== --- product/branches/Branch_6_plus/picketlink-webapps/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/picketlink-webapps/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-fed-parent</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>../parent</relativePath> Modified: product/branches/Branch_6_plus/pom.xml =================================================================== --- product/branches/Branch_6_plus/pom.xml 2012-02-01 05:59:59 UTC (rev 1361) +++ product/branches/Branch_6_plus/pom.xml 2012-02-01 06:03:47 UTC (rev 1362) @@ -1,6 +1,6 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <groupId>org.picketlink.product</groupId> + <groupId>org.picketlink.product.eap</groupId> <artifactId>picketlink-fed-parent</artifactId> <version>2.0.3-SNAPSHOT</version> <relativePath>parent</relativePath>

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1361 - in product/trunk/picketlink-core/src/test/resources: responseIDP and 1 other directory.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-01 00:59:59 -0500 (Wed, 01 Feb 2012) New Revision: 1361 Added: product/trunk/picketlink-core/src/test/resources/responseIDP/ product/trunk/picketlink-core/src/test/resources/responseIDP/casidp.xml product/trunk/picketlink-core/src/test/resources/responseIDP/pingidp.xml Log: add responseIDP dir Added: product/trunk/picketlink-core/src/test/resources/responseIDP/casidp.xml =================================================================== --- product/trunk/picketlink-core/src/test/resources/responseIDP/casidp.xml (rev 0) +++ product/trunk/picketlink-core/src/test/resources/responseIDP/casidp.xml 2012-02-01 05:59:59 UTC (rev 1361) @@ -0,0 +1,47 @@ +<samlp:Response ID="pmilcfianoapejannhabalcfdlmlpbhbhifalhph" + IssueInstant="2011-11-04T09:42:04Z" InResponseTo="ID_8b7b580b-592a-49ba-b55e-b2ef2bbefb51" + Destination="http://localhost:8080/sales/" Version="2.0" + xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> + <Issuer>https://localhost:8443</Issuer> + <samlp:Status> + <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> + </samlp:Status> + <Assertion ID="bndkhciapdbmobheooakhphogocfnljcnkejpgcf" + IssueInstant="2011-11-04T09:42:04Z" Version="2.0" + xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> + <Issuer>https://localhost:8443</Issuer> + <Subject> + <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">velias</NameID> + <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> + <SubjectConfirmationData Recipient="http://localhost:8080/sales/" + NotBefore="2011-11-04T09:42:04Z" NotOnOrAfter="2011-11-05T09:42:04Z" + InResponseTo="ID_8b7b580b-592a-49ba-b55e-b2ef2bbefb51" /> + </SubjectConfirmation> + </Subject> + <Conditions NotBefore="2011-11-04T09:42:04Z" NotOnOrAfter="2051-11-05T09:42:04Z" /> + <AuthnStatement AuthnInstant="2011-11-04T09:42:04Z"> + <AuthnContext> + <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password + </AuthnContextClassRef> + </AuthnContext> + </AuthnStatement> + <AttributeStatement> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">employee + </AttributeValue> + </Attribute> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">manager + </AttributeValue> + </Attribute> + <Attribute Name="Role"> + <AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">sales + </AttributeValue> + </Attribute> + </AttributeStatement> + </Assertion> +</samlp:Response> \ No newline at end of file Added: product/trunk/picketlink-core/src/test/resources/responseIDP/pingidp.xml =================================================================== --- product/trunk/picketlink-core/src/test/resources/responseIDP/pingidp.xml (rev 0) +++ product/trunk/picketlink-core/src/test/resources/responseIDP/pingidp.xml 2012-02-01 05:59:59 UTC (rev 1361) @@ -0,0 +1,229 @@ +<samlp:Response Destination="https://201.000.000.00/gctxyz" InResponseTo="ID_76b05a86-993e-4ba4-83b6-e0fe7d292e78" + + IssueInstant="2011-02-21T17:35:08.182Z" ID="o5x7YnbyTo.XL_47-oLmZwgUgpP" Version="2.0" + + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> + + <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://test.xyz.com</saml:Issuer> + + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + + <ds:SignedInfo> + + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + + <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + + <ds:Reference URI="#o5x7YnbyTo.XL_47-oLmZwgUgpP"> + + <ds:Transforms> + + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + + </ds:Transforms> + + <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + + <ds:DigestValue>joOnzlFL1squOg8uAb5fLcA9x0s=</ds:DigestValue> + + </ds:Reference> + + </ds:SignedInfo> + + <ds:SignatureValue> + + ... + + </ds:SignatureValue> + + <ds:KeyInfo> + + <ds:X509Data> + + <ds:X509Certificate> + + ... + + </ds:X509Certificate> + + </ds:X509Data> + + <ds:KeyValue> + + <ds:RSAKeyValue> + + <ds:Modulus> + + ... + + </ds:Modulus> + + <ds:Exponent>AQAB</ds:Exponent> + + </ds:RSAKeyValue> + + </ds:KeyValue> + + </ds:KeyInfo> + + </ds:Signature> + + <samlp:Status> + + <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> + + </samlp:Status> + + <saml:Assertion Version="2.0" IssueInstant="2011-02-21T17:35:08.196Z" ID="RM9ViMLu.M-ejey1FVNCeeIBws." + + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> + + <saml:Issuer>https://test.xyz.com</saml:Issuer> + + <saml:Subject> + + <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">asptest</saml:NameID> + + <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> + + <saml:SubjectConfirmationData InResponseTo="ID_76b05a86-993e-4ba4-83b6-e0fe7d292e78" + + NotOnOrAfter="2023-02-21T17:40:08.196Z" + + Recipient="https://201.000.000.00/gctxyz"/> + + </saml:SubjectConfirmation> + + </saml:Subject> + + <saml:Conditions NotOnOrAfter="2023-02-21T17:40:08.196Z" NotBefore="2011-02-21T17:30:08.196Z"> + + <saml:AudienceRestriction> + + <saml:Audience>https://201.000.000.00/gctxyz</saml:Audience> + + </saml:AudienceRestriction> + + </saml:Conditions> + + <saml:AuthnStatement AuthnInstant="2011-02-21T17:35:08.195Z" SessionIndex="RM9ViMLu.M-ejey1FVNCeeIBws."> + + <saml:AuthnContext> + + <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified + + </saml:AuthnContextClassRef> + + </saml:AuthnContext> + + </saml:AuthnStatement> + + <saml:AttributeStatement xmlns:xs="http://www.w3.org/2001/XMLSchema"> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="street"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_street + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="zipcode"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_zipcode + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="state"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_state + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="lastname"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_lastname + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="firstname"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_firstname + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="billtoid"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_billtoid + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="telephonenumber"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_telephonenumber + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="city"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_city + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="email"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_email + + </saml:AttributeValue> + + </saml:Attribute> + + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="contractnumber"> + + <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + asptest_contractnumber + + </saml:AttributeValue> + + </saml:Attribute> + + </saml:AttributeStatement> + + </saml:Assertion> + +</samlp:Response> \ No newline at end of file

12 years, 2 months

1
0
0 / 0

Picketlink SVN: r1360 - product/branches.

by picketlink-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2012-02-01 00:03:28 -0500 (Wed, 01 Feb 2012) New Revision: 1360 Added: product/branches/Branch_6_plus/ Log: eap6+ branch

12 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

picketlink-commits February 2012