Picketlink SVN: r1399 - product/branches/Branch_6_plus/picketlink-webapps/pdp.
by picketlink-commits@lists.jboss.org
Author: pskopek(a)redhat.com
Date: 2012-02-16 04:35:25 -0500 (Thu, 16 Feb 2012)
New Revision: 1399
Added:
product/branches/Branch_6_plus/picketlink-webapps/pdp/SOAPSAMLXACMLPDPService.java
Log:
Missed file in previous commit. (eclipse showed, that it is already added :-()
Added: product/branches/Branch_6_plus/picketlink-webapps/pdp/SOAPSAMLXACMLPDPService.java
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/SOAPSAMLXACMLPDPService.java (rev 0)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/SOAPSAMLXACMLPDPService.java 2012-02-16 09:35:25 UTC (rev 1399)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+
+package org.picketlink.identity.federation.app.pdp;
+
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.PrivilegedActionException;
+
+import javax.annotation.Resource;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.ws.Service;
+import javax.xml.ws.ServiceMode;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.WebServiceProvider;
+import javax.xml.ws.Provider;
+
+import org.apache.log4j.Logger;
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP;
+import org.picketlink.identity.federation.app.pdp.SecurityActions;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.saml.v2.protocol.XACMLAuthzDecisionQueryType;
+import org.w3c.dom.Document;
+
+/**
+ * <p>
+ * Default implementation of the {@code SecurityTokenService} interface.
+ * </p>
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @author <a href="mailto:pskopek@redhat.com">Peter Skopek</a>
+ */
+@WebServiceProvider(serviceName = "SOAPSAMLXACMLPDP", portName = "SOAPSAMLXACMLPort", targetNamespace = "urn:picketlink:identity-federation:pdp", wsdlLocation = "WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl")
+@ServiceMode(value = Service.Mode.MESSAGE)
+public class SOAPSAMLXACMLPDPService implements Provider<Source>
+{
+
+ @Resource
+ protected WebServiceContext context;
+
+ protected Logger log = Logger.getLogger(SOAPSAMLXACMLPDP.class);
+
+ protected String policyConfigFileName = "policyConfig.xml";
+
+ protected PolicyDecisionPoint pdp;
+
+ protected String issuer = "PicketLinkPDP";
+
+ public SOAPSAMLXACMLPDPService()
+ {
+ try
+ {
+ pdp = getPDP();
+ }
+ catch (PrivilegedActionException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public Source invoke(Source request)
+ {
+
+ try
+ {
+ Document doc = (Document) DocumentUtil.getNodeFromSource(request);
+ if (log.isDebugEnabled())
+ {
+ log.debug("Received Message::" + DocumentUtil.asString(doc));
+ }
+ XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc);
+ ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
+
+ SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter(xmlStreamWriter);
+ samlResponseWriter.write(samlResponseType);
+ Document responseDocument = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray()));
+
+ return new DOMSource(responseDocument.getDocumentElement());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+
+ }
+
+
+ private PolicyDecisionPoint getPDP() throws PrivilegedActionException
+ {
+ SystemPropertiesUtil.ensure();
+
+ URL url = SecurityActions.loadResource(getClass(), policyConfigFileName);
+ if (url == null)
+ throw new IllegalStateException(ErrorCodes.FILE_NOT_LOCATED + policyConfigFileName);
+
+ InputStream is;
+ try
+ {
+ is = url.openStream();
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException(e);
+ }
+ return new JBossPDP(is);
+ }
+
+}
\ No newline at end of file
12 years, 2 months
- 1
- 0
Picketlink SVN: r1398 - in product/branches/Branch_6_plus/picketlink-webapps: idp/src/main/webapp/WEB-INF and 11 other directories.
by picketlink-commits@lists.jboss.org
Author: pskopek(a)redhat.com
Date: 2012-02-16 04:32:42 -0500 (Thu, 16 Feb 2012)
New Revision: 1398
Added:
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/pdp/
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/pdp/SOAPSAMLXACMLPDPService.java
Modified:
product/branches/Branch_6_plus/picketlink-webapps/idp/
product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml
product/branches/Branch_6_plus/picketlink-webapps/pdp/
product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml
product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/WEB-INF/web.xml
Log:
idp.war and pdp.war fixes to make them load under AS7/EAP6.
pdp.war requires usage os jbossxacml newer than 2.0.6.Final.
Property changes on: product/branches/Branch_6_plus/picketlink-webapps/idp
___________________________________________________________________
Modified: svn:ignore
- .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
.externalToolBuilders
Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-15 20:03:53 UTC (rev 1397)
+++ product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-16 09:32:42 UTC (rev 1398)
@@ -27,12 +27,19 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
- <version>2.0.2</version>
<configuration>
<warName>idp</warName>
<warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
</plugins>
</build>
</project>
Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml 2012-02-15 20:03:53 UTC (rev 1397)
+++ product/branches/Branch_6_plus/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml 2012-02-16 09:32:42 UTC (rev 1398)
@@ -1,8 +1,9 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
- version="2.5">
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app
+ version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>IDP</display-name>
<description>
Property changes on: product/branches/Branch_6_plus/picketlink-webapps/pdp
___________________________________________________________________
Modified: svn:ignore
- .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
+ .settings
target
target-eclipse
eclipse-target
.project
.classpath
.settings
.metadata
.externalToolBuilders
Modified: product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-15 20:03:53 UTC (rev 1397)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-16 09:32:42 UTC (rev 1398)
@@ -27,12 +27,26 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
- <version>2.0.2</version>
<configuration>
<warName>pdp</warName>
- <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ <packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
</plugins>
</build>
+ <dependencies>
+ <dependency>
+ <groupId>org.picketlink.product.eap</groupId>
+ <artifactId>picketlink-core</artifactId>
+ <version>${project.parent.version}</version>
+ </dependency>
+ </dependencies>
</project>
Added: product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/pdp/SOAPSAMLXACMLPDPService.java
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/pdp/SOAPSAMLXACMLPDPService.java (rev 0)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/java/org/picketlink/identity/federation/app/pdp/SOAPSAMLXACMLPDPService.java 2012-02-16 09:32:42 UTC (rev 1398)
@@ -0,0 +1,49 @@
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+
+package org.picketlink.identity.federation.app.pdp;
+
+
+
+import javax.annotation.Resource;
+import javax.xml.ws.Service;
+import javax.xml.ws.ServiceMode;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.WebServiceProvider;
+
+import org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP;
+
+
+/**
+ * <p>
+ * Default implementation of the {@code SecurityTokenService} interface.
+ * </p>
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @author <a href="mailto:pskopek@redhat.com">Peter Skopek</a>
+ */
+@WebServiceProvider(serviceName = "SOAPSAMLXACMLPDP", portName = "SOAPSAMLXACMLPort", targetNamespace = "urn:picketlink:identity-federation:pdp", wsdlLocation = "WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl")
+@ServiceMode(value = Service.Mode.MESSAGE)
+public class SOAPSAMLXACMLPDPService extends SOAPSAMLXACMLPDP
+{
+
+ @Resource
+ protected WebServiceContext context;
+
+
+}
\ No newline at end of file
Modified: product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2012-02-15 20:03:53 UTC (rev 1397)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2012-02-16 09:32:42 UTC (rev 1398)
@@ -3,9 +3,8 @@
<deployment>
<!-- Add picketlink module dependency -->
<dependencies>
- <module name="org.jboss.security.xacml" />
<module name="org.picketlink" />
- <module name="org.picketbox" />
+ <module name="org.jboss.security.xacml" />
</dependencies>
</deployment>
</jboss-deployment-structure>
Modified: product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/WEB-INF/web.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/WEB-INF/web.xml 2012-02-15 20:03:53 UTC (rev 1397)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/src/main/webapp/WEB-INF/web.xml 2012-02-16 09:32:42 UTC (rev 1398)
@@ -1,8 +1,9 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
- version="2.5">
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app
+ version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>PDP Endpoint</display-name>
<description>
@@ -31,7 +32,7 @@
<servlet>
<servlet-name>SOAPSAMLXACMLPDPServlet</servlet-name>
- <servlet-class>org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP</servlet-class>
+ <servlet-class>org.picketlink.identity.federation.app.pdp.SOAPSAMLXACMLPDPService</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SOAPSAMLXACMLPDPServlet</servlet-name>
12 years, 2 months
- 1
- 0
Picketlink SVN: r1397 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/registry.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-15 15:03:53 -0500 (Wed, 15 Feb 2012)
New Revision: 1397
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java
Log:
PLFED-250: make DefaultTokenRegistry use a concurrenthashmap
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java 2012-02-15 20:01:47 UTC (rev 1396)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java 2012-02-15 20:03:53 UTC (rev 1397)
@@ -22,8 +22,8 @@
package org.picketlink.identity.federation.core.sts.registry;
import java.io.IOException;
-import java.util.HashMap;
import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
@@ -33,19 +33,19 @@
* @since Jan 4, 2011
*/
public class DefaultTokenRegistry implements SecurityTokenRegistry
-{
- protected Map<String, Object> tokens = new HashMap<String,Object>();
-
+{
+ protected Map<String, Object> tokens = new ConcurrentHashMap<String, Object>();
+
/**
* @see org.picketlink.identity.federation.core.sts.registry.SecurityTokenRegistry#addToken(java.lang.String, java.lang.Object)
*/
public void addToken(String tokenID, Object token) throws IOException
{
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
-
- tokens.put( tokenID, token );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ tokens.put(tokenID, token);
}
/**
@@ -54,20 +54,20 @@
public Object getToken(String tokenID)
{
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
-
- return tokens.get( tokenID );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ return tokens.get(tokenID);
}
/**
* @see org.picketlink.identity.federation.core.sts.registry.SecurityTokenRegistry#removeToken(java.lang.String)
*/
public void removeToken(String tokenID) throws IOException
- {
+ {
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
- tokens.remove( tokenID );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+ tokens.remove(tokenID);
}
}
\ No newline at end of file
12 years, 2 months
- 1
- 0
Picketlink SVN: r1396 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-15 15:01:47 -0500 (Wed, 15 Feb 2012)
New Revision: 1396
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
Log:
PLFED-250: avoid the NPE
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2012-02-15 19:39:38 UTC (rev 1395)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2012-02-15 20:01:47 UTC (rev 1396)
@@ -129,6 +129,13 @@
//Peek at the next start element to see if it is status code
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ {
+ // Go to Status code end element.
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATUS_CODE.get());
+ continue;
+ }
elementTag = startElement.getName().getLocalPart();
if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
{
12 years, 2 months
- 1
- 0
Picketlink SVN: r1395 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util and 4 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-15 14:39:38 -0500 (Wed, 15 Feb 2012)
New Revision: 1395
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml
federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
Log:
PLFED-263: config providers using metadata
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-02-15 15:58:19 UTC (rev 1394)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -66,6 +66,8 @@
String IDP_WEBBROWSER_VALVE_NOT_STARTED = "PL00024: IDPWebBrowserSSOValve NotStarted";
+ String ILLEGAL_METHOD_CALLED = "PL00020: Illegal Method Called";
+
String INVALID_ASSERTION = "PL00080: Invalid Assertion:";
String INVALID_DIGITAL_SIGNATURE = "PL00009: Invalid Digital Signature:";
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-02-15 15:58:19 UTC (rev 1394)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.core.ErrorCodes;
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
+import org.picketlink.identity.federation.core.config.IDPType;
import org.picketlink.identity.federation.core.config.KeyProviderType;
import org.picketlink.identity.federation.core.config.KeyValueType;
import org.picketlink.identity.federation.core.config.ProviderType;
@@ -45,11 +46,15 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.saml.v2.metadata.EndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IndexedEndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
/**
* Utility for configuration
@@ -287,8 +292,139 @@
return returningList;
}
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
public static SPType getSPConfiguration(EntityDescriptorType entityDescriptor, String bindingURI)
{
+ SPType spType = new SPType();
+ String identityURL = null;
+ String serviceURL = null;
+
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor(entityDescriptor);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ spType.setIdentityURL(identityURL);
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor(entityDescriptor);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ spType.setServiceURL(serviceURL);
+ }
+ return spType;
+ }
+
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
+ public static SPType getSPConfiguration(EntitiesDescriptorType entitiesDescriptor, String bindingURI)
+ {
+ SPType spType = null;
+ String identityURL = null;
+ String serviceURL = null;
+
+ List<Object> list = entitiesDescriptor.getEntityDescriptor();
+ if (list != null)
+ {
+ for (Object theObject : list)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ spType = getSPConfiguration((EntitiesDescriptorType) theObject, bindingURI);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor((EntityDescriptorType) theObject);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ if (identityURL != null && spType != null)
+ {
+ spType.setIdentityURL(identityURL);
+ }
+ else if (identityURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setIdentityURL(identityURL);
+ }
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor((EntityDescriptorType) theObject);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ if (serviceURL != null && spType != null)
+ {
+ spType.setServiceURL(serviceURL);
+ }
+ else if (serviceURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setServiceURL(serviceURL);
+ }
+ }
+ }
+ if (spType != null && !StringUtil.isNullOrEmpty(spType.getIdentityURL())
+ && !StringUtil.isNullOrEmpty(spType.getServiceURL()))
+ break;
+ }
+ }
+ return spType;
+ }
+
+ /**
+ * Get the first metadata descriptor for an IDP
+ * @param entitiesDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntitiesDescriptorType entitiesDescriptor)
+ {
+ IDPSSODescriptorType idp = null;
+ List<Object> entitiesList = entitiesDescriptor.getEntityDescriptor();
+ for (Object theObject : entitiesList)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ idp = getIDPDescriptor((EntitiesDescriptorType) theObject);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ idp = getIDPDescriptor((EntityDescriptorType) theObject);
+ }
+ if (idp != null)
+ {
+ break;
+ }
+ }
+ return idp;
+ }
+
+ /**
+ * Get the IDP metadata descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType entityDescriptor)
+ {
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
{
@@ -298,14 +434,19 @@
IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
if (idpSSO != null)
{
- return getSPConfiguration(idpSSO, bindingURI);
+ return idpSSO;
}
}
}
return null;
}
- public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType entityDescriptor)
+ /**
+ * Get the SP Descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static SPSSODescriptorType getSPDescriptor(EntityDescriptorType entityDescriptor)
{
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
@@ -313,21 +454,26 @@
List<EDTDescriptorChoiceType> edtDescriptors = edt.getDescriptors();
for (EDTDescriptorChoiceType edtDesc : edtDescriptors)
{
- IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
- if (idpSSO != null)
+ SPSSODescriptorType spSSO = edtDesc.getSpDescriptor();
+ if (spSSO != null)
{
- return idpSSO;
+ return spSSO;
}
}
}
return null;
}
- public static SPType getSPConfiguration(IDPSSODescriptorType idp, String bindingURI)
+ /**
+ * Given a binding uri, get the IDP identity url
+ * @param idp
+ * @param bindingURI
+ * @return
+ */
+ public static String getIdentityURL(IDPSSODescriptorType idp, String bindingURI)
{
String identityURL = null;
- SPType sp = new SPType();
List<EndpointType> endpoints = idp.getSingleSignOnService();
for (EndpointType endpoint : endpoints)
{
@@ -338,8 +484,59 @@
}
}
- //get identity url
- sp.setIdentityURL(identityURL);
- return sp;
+ return identityURL;
}
+
+ /**
+ * Get the service url for the SP
+ * @param sp
+ * @param bindingURI
+ * @return
+ */
+ public static String getServiceURL(SPSSODescriptorType sp, String bindingURI)
+ {
+ String serviceURL = null;
+
+ List<IndexedEndpointType> endpoints = sp.getAssertionConsumerService();
+ for (IndexedEndpointType endpoint : endpoints)
+ {
+ if (endpoint.getBinding().toString().equals(bindingURI))
+ {
+ serviceURL = endpoint.getLocation().toString();
+ break;
+ }
+
+ }
+ return serviceURL;
+ }
+
+ /**
+ * Get the IDP Type
+ * @param idpSSODescriptor
+ * @return
+ */
+ public static IDPType getIDPType(IDPSSODescriptorType idpSSODescriptor)
+ {
+ IDPType idp = new IDPType();
+
+ List<EndpointType> endpoints = idpSSODescriptor.getSingleSignOnService();
+
+ if (endpoints != null)
+ {
+ for (EndpointType endpoint : endpoints)
+ {
+ if (endpoint.getBinding().toString().equals(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()))
+ {
+ idp.setIdentityURL(endpoint.getLocation().toString());
+ break;
+ }
+ }
+ }
+
+ if (StringUtil.isNullOrEmpty(idp.getIdentityURL()))
+ {
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + "identity url");
+ }
+ return idp;
+ }
}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java (rev 0)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the IDP configuration using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a idp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String IDP_MD_FILE = "idp-metadata.xml";
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ IDPType idpType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ IDPSSODescriptorType idpSSO = CoreConfigUtil.getIDPDescriptor(entities);
+ if (idpSSO != null)
+ {
+ idpType = CoreConfigUtil.getIDPType(idpSSO);
+ }
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return idpType;
+ }
+
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + IDP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java (rev 0)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-POST binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI = JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java (rev 0)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-Redirect binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI = JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.IDPMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link IDPMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testIDPType() throws ProcessingException
+ {
+ IDPMetadataConfigurationProvider provider = new IDPMetadataConfigurationProvider();
+ IDPType idp = provider.getIDPConfiguration();
+ assertNotNull(idp);
+ assertEquals("https://idp.testshib.org/idp/profile/SAML2/POST/SSO", idp.getIdentityURL());
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.SPPostMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPPostMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPPostMetadataConfigurationProvider provider = new SPPostMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://sp.testshib.org/Shibboleth.sso/SAML2/POST", sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.SPRedirectMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPRedirectMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPRedirectMetadataConfigurationProvider provider = new SPRedirectMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT", sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml
===================================================================
--- federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml (rev 0)
+++ federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,141 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml
===================================================================
--- federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml (rev 0)
+++ federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml 2012-02-15 19:39:38 UTC (rev 1395)
@@ -0,0 +1,237 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="https://sp.testshib.org/shibboleth-sp">
+ <SPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext">
+ <Extensions>
+ <idpdisc:DiscoveryResponse
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ Location="https://sp.testshib.org/Shibboleth.sso/DS" index="1"
+ xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" />
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEPjCCAyagAwIBAgIBADANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMSIwIAYD
+ VQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQDEw9zcC50ZXN0
+ c2hpYi5vcmcwHhcNMDYwODMwMjEyNDM5WhcNMTYwODI3MjEyNDM5WjB3MQswCQYD
+ VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1
+ cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQD
+ Ew9zcC50ZXN0c2hpYi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+ AQDJyR6ZP6MXkQ9z6RRziT0AuCabDd3x1m7nLO9ZRPbr0v1LsU+nnC363jO8nGEq
+ sqkgiZ/bSsO5lvjEt4ehff57ERio2Qk9cYw8XCgmYccVXKH9M+QVO1MQwErNobWb
+ AjiVkuhWcwLWQwTDBowfKXI87SA7KR7sFUymNx5z1aoRvk3GM++tiPY6u4shy8c7
+ vpWbVfisfTfvef/y+galxjPUQYHmegu7vCbjYP3On0V7/Ivzr+r2aPhp8egxt00Q
+ XpilNai12LBYV3Nv/lMsUzBeB7+CdXRVjZOHGuQ8mGqEbsj8MBXvcxIKbcpeK5Zi
+ JCVXPfarzuriM1G5y5QkKW+LAgMBAAGjgdQwgdEwHQYDVR0OBBYEFKB6wPDxwYrY
+ StNjU5P4b4AjBVQVMIGhBgNVHSMEgZkwgZaAFKB6wPDxwYrYStNjU5P4b4AjBVQV
+ oXukeTB3MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYD
+ VQQHEwpQaXR0c2J1cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3Zp
+ ZGVyMRgwFgYDVQQDEw9zcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAc06Kgt7ZP6g2TIZgMbFxg6vKwvDL0+2dzF11Onpl
+ 5sbtkPaNIcj24lQ4vajCrrGKdzHXo9m54BzrdRJ7xDYtw0dbu37l1IZVmiZr12eE
+ Iay/5YMU+aWP1z70h867ZQ7/7Y4HW345rdiS6EW663oH732wSYNt9kr7/0Uer3KD
+ 9CuPuOidBacospDaFyfsaJruE99Kd6Eu/w5KLAGG+m0iqENCziDGzVA47TngKz2v
+ PVA+aokoOyoz3b53qeti77ijatSEoKjxheBWpO+eoJeGq/e49Um3M2ogIX/JAlMa
+ Inh+vYSYngQB2sx9LGkR9KHaMKNIGCDehk93Xla4pWJx1w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/SOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Redirect" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/POST" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Artifact" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="1" isDefault="true" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST-SimpleSign"
+ index="2" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/Artifact"
+ index="3" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML/POST" index="4" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.testshib.org/Shibboleth.sso/SAML/Artifact"
+ index="5" />
+ <AssertionConsumerService
+ Binding="http://schemas.xmlsoap.org/ws/2003/07/secext" Location="https://sp.testshib.org/Shibboleth.sso/ADFS"
+ index="6" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="7" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/POST" index="8" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT" index="9" />
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Service Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
12 years, 2 months
- 1
- 0
Picketlink SVN: r1393 - federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-15 10:31:41 -0500 (Wed, 15 Feb 2012)
New Revision: 1393
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
Log:
proper use of boolean
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2012-02-15 12:39:15 UTC (rev 1392)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2012-02-15 15:31:41 UTC (rev 1393)
@@ -156,7 +156,7 @@
private Boolean ignoreIncomingSignatures = false;
private Boolean signOutgoingMessages = true;
-
+
/**
* Defines how the token's signature will be validated. If true is used the token's issuer, otherwise the request.getRemoteAddr. Default false.
*/
@@ -234,10 +234,10 @@
{
this.validatingAliasToTokenIssuer = validatingAliasToTokenIssuer;
}
-
- public Boolean getValidatingAliasToTokenIssuer()
+
+ public Boolean getValidatingAliasToTokenIssuer()
{
- return validatingAliasToTokenIssuer;
+ return validatingAliasToTokenIssuer;
}
/**
@@ -530,8 +530,9 @@
{
samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
samlObject = samlDocumentHolder.getSamlObject();
-
- if (!(samlObject instanceof RequestAbstractType)) {
+
+ if (!(samlObject instanceof RequestAbstractType))
+ {
throw new RuntimeException(ErrorCodes.WRONG_TYPE + samlObject.getClass().getName());
}
@@ -577,7 +578,7 @@
log.trace("Remote Host=" + request.getRemoteAddr());
log.trace("Validating Alias=" + tokenSignatureValidatingAlias);
}
-
+
PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, tokenSignatureValidatingAlias);
requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
requestOptions.put(GeneralConstants.DECRYPTING_KEY, keyManager.getSigningKey());
@@ -686,20 +687,22 @@
private String getTokenSignatureValidatingAlias(Request request, String issuer)
{
String issuerHost = request.getRemoteAddr();
-
- if (this.validatingAliasToTokenIssuer) {
+
+ if (this.validatingAliasToTokenIssuer)
+ {
try
{
issuerHost = new URL(issuer).getHost();
}
catch (MalformedURLException e)
{
- if (trace) {
+ if (trace)
+ {
log.trace("Token issuer is not a valid URL: " + issuer + ". Using the requester address instead.", e);
}
}
}
-
+
return issuerHost;
}
@@ -713,7 +716,7 @@
Document samlResponse = null;
String destination = null;
- Boolean requestedPostProfile = null;
+ boolean requestedPostProfile = false;
//Get the SAML Response Message
String samlResponseMessage = (String) session.getNote(GeneralConstants.SAML_RESPONSE_KEY);
@@ -731,18 +734,18 @@
{
samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
samlObject = samlDocumentHolder.getSamlObject();
-
+
if (!(samlObject instanceof StatusResponseType))
{
throw new RuntimeException(ErrorCodes.WRONG_TYPE + samlObject.getClass().getName());
}
-
+
boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
boolean isValid = false;
StatusResponseType statusResponseType = (StatusResponseType) samlObject;
String issuer = statusResponseType.getIssuer().getValue();
String tokenValidatingAlias = getTokenSignatureValidatingAlias(request, issuer);
-
+
if (isPost)
{
//Validate
@@ -827,7 +830,7 @@
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
.setServletResponse(response).setPostBindingRequested(requestedPostProfile);
- if (requestedPostProfile != null)
+ if (requestedPostProfile)
holder.setPostBindingRequested(requestedPostProfile);
else
holder.setPostBindingRequested(postProfile);
@@ -1123,9 +1126,9 @@
log.info("Did not find picketlink-sts.xml. We will install default configuration");
sts.installDefaultConfiguration();
}
- else
+ else
sts.installDefaultConfiguration(stsTokenConfigFile.toURI().toString());
-
+
if (this.signOutgoingMessages)
{
KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider();
12 years, 2 months
- 1
- 0
Picketlink SVN: r1392 - in product/branches/Branch_6_plus: picketlink-core and 1 other directory.
by picketlink-commits@lists.jboss.org
Author: pskopek(a)redhat.com
Date: 2012-02-15 07:39:15 -0500 (Wed, 15 Feb 2012)
New Revision: 1392
Modified:
product/branches/Branch_6_plus/parent/pom.xml
product/branches/Branch_6_plus/picketlink-core/pom.xml
Log:
JBPAPP-7553: PickeLink Core deps. aligned with EAP6
Modified: product/branches/Branch_6_plus/parent/pom.xml
===================================================================
--- product/branches/Branch_6_plus/parent/pom.xml 2012-02-14 21:51:15 UTC (rev 1391)
+++ product/branches/Branch_6_plus/parent/pom.xml 2012-02-15 12:39:15 UTC (rev 1392)
@@ -102,7 +102,7 @@
<dependency>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
- <version>2.0.3-SNAPSHOT</version>
+ <version>2.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
@@ -117,7 +117,7 @@
<optional>true</optional>
</dependency>
<dependency>
- <groupId>org.apache</groupId>
+ <groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>1.4.3</version>
<optional>true</optional>
@@ -128,16 +128,22 @@
<version>1.0.3</version>
<optional>true</optional>
</dependency>
- <dependency>
+ <!-- dependency>
<groupId>javax.persistence</groupId>
<artifactId>persistence-api</artifactId>
- <version>1.0</version>
+ <version>2.0</version>
<optional>true</optional>
+ </dependency -->
+ <dependency>
+ <groupId>org.hibernate.javax.persistence</groupId>
+ <artifactId>hibernate-jpa-2.0-api</artifactId>
+ <version>1.0.0.Final</version>
+ <optional>true</optional>
</dependency>
<dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jbossxacml</artifactId>
- <version>2.0.4</version>
+ <version>2.0.6.Final</version>
</dependency>
</dependencies>
</dependencyManagement>
Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-14 21:51:15 UTC (rev 1391)
+++ product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-15 12:39:15 UTC (rev 1392)
@@ -57,8 +57,14 @@
<artifactId>log4j</artifactId>
</dependency>
<dependency>
- <groupId>org.apache</groupId>
+ <groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
@@ -87,8 +93,8 @@
<scope>compile</scope>
</dependency>
<dependency>
- <groupId>javax.persistence</groupId>
- <artifactId>persistence-api</artifactId>
+ <groupId>org.hibernate.javax.persistence</groupId>
+ <artifactId>hibernate-jpa-2.0-api</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.security.jacc</groupId>
@@ -107,21 +113,21 @@
<scope>test</scope>
</dependency>
<dependency>
- <groupId>apache-xalan</groupId>
+ <groupId>xalan</groupId>
<artifactId>xalan</artifactId>
- <version>2.7.1.patch01-brew</version>
+ <version>2.7.1</version>
<scope>test</scope>
</dependency>
<dependency>
- <groupId>apache-xalan</groupId>
+ <groupId>xalan</groupId>
<artifactId>serializer</artifactId>
- <version>2.7.1.patch01-brew</version>
+ <version>2.7.1</version>
<scope>test</scope>
</dependency>
<dependency>
- <groupId>commons-httpclient</groupId>
- <artifactId>commons-httpclient</artifactId>
- <version>3.1</version>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.1.3</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -165,6 +171,14 @@
<encoding>UTF-8</encoding>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
</plugins>
</reporting>
</project>
12 years, 2 months
- 1
- 0
Picketlink SVN: r1391 - federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-14 16:51:15 -0500 (Tue, 14 Feb 2012)
New Revision: 1391
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
Log:
PLFED-262: fix the cce
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2012-02-14 14:11:15 UTC (rev 1390)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2012-02-14 21:51:15 UTC (rev 1391)
@@ -91,7 +91,6 @@
}
}
- @SuppressWarnings("unchecked")
@Override
public void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws ConfigurationException
{
@@ -99,9 +98,12 @@
String attribStr = (String) this.handlerConfig.getParameter(GeneralConstants.ATTIBUTE_MANAGER);
this.insantiateAttributeManager(attribStr);
- List<String> ak = (List<String>) this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
- if (ak != null)
- this.attributeKeys.addAll(ak);
+ //Get a list of attributes we are interested in
+ String attribList = (String) this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
+ if (StringUtil.isNotNull(attribList))
+ {
+ this.attributeKeys.addAll(StringUtil.tokenize(attribList));
+ }
String chooseFriendlyNameStr = (String) handlerConfig
.getParameter(GeneralConstants.ATTRIBUTE_CHOOSE_FRIENDLY_NAME);
12 years, 2 months
- 1
- 0
Picketlink SVN: r1390 - in product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts: src/main and 8 other directories.
by picketlink-commits@lists.jboss.org
Author: pskopek(a)redhat.com
Date: 2012-02-14 09:11:15 -0500 (Tue, 14 Feb 2012)
New Revision: 1390
Added:
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/sts/
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/sts/PicketLinkSTService.java
Modified:
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml
Log:
New version of STS web app ready for AS7/EAP6.
Modified: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
+++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-14 14:11:15 UTC (rev 1390)
@@ -27,13 +27,20 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
- <version>2.0.2</version>
<configuration>
<warName>picketlink-sts</warName>
+ <packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
<!--webappDirectory>${basedir}/resources/</webappDirectory>
<warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes-->
</configuration>
</plugin>
</plugins>
</build>
+ <dependencies>
+ <dependency>
+ <groupId>org.picketlink.product.eap</groupId>
+ <artifactId>picketlink-core</artifactId>
+ <version>${project.parent.version}</version>
+ </dependency>
+ </dependencies>
</project>
Added: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/sts/PicketLinkSTService.java
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/sts/PicketLinkSTService.java (rev 0)
+++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/java/org/picketlink/identity/federation/app/sts/PicketLinkSTService.java 2012-02-14 14:11:15 UTC (rev 1390)
@@ -0,0 +1,45 @@
+package org.picketlink.identity.federation.app.sts;
+/*
+ * JBoss, Home of Professional Open Source. Copyright 2009, Red Hat Middleware LLC, and individual contributors as
+ * indicated by the @author tags. See the copyright.txt file in the distribution for a full listing of individual
+ * contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any
+ * later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to
+ * the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site:
+ * http://www.fsf.org.
+ */
+
+
+import javax.annotation.Resource;
+import javax.xml.ws.Service;
+import javax.xml.ws.ServiceMode;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.WebServiceProvider;
+
+import org.picketlink.identity.federation.core.wstrust.PicketLinkSTS;
+
+/**
+ * <p>
+ * Default implementation of the {@code SecurityTokenService} interface.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
+ * @author <a href="mailto:pskopek@redhat.com">Peter Skopek</a>
+ */
+@WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
+@ServiceMode(value = Service.Mode.MESSAGE)
+public class PicketLinkSTService extends PicketLinkSTS
+{
+
+ @Resource
+ protected WebServiceContext context;
+
+}
\ No newline at end of file
Modified: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml 2012-02-07 23:03:06 UTC (rev 1389)
+++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/src/main/webapp/WEB-INF/web.xml 2012-02-14 14:11:15 UTC (rev 1390)
@@ -1,9 +1,10 @@
-<?xml version="1.0"?>
-<!DOCTYPE web-app PUBLIC
- "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd">
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app
+ version="3.0"
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
-<web-app>
<servlet>
<servlet-name>PicketLinkSTS</servlet-name>
<servlet-class>org.picketlink.identity.federation.core.wstrust.PicketLinkSTS</servlet-class>
12 years, 2 months
- 1
- 0
Picketlink SVN: r1389 - in product/branches/Branch_6_plus: parent and 5 other directories.
by picketlink-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2012-02-07 18:03:06 -0500 (Tue, 07 Feb 2012)
New Revision: 1389
Modified:
product/branches/Branch_6_plus/parent/pom.xml
product/branches/Branch_6_plus/picketlink-core/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml
product/branches/Branch_6_plus/picketlink-webapps/pom.xml
product/branches/Branch_6_plus/pom.xml
Log:
get to snapshot
Modified: product/branches/Branch_6_plus/parent/pom.xml
===================================================================
--- product/branches/Branch_6_plus/parent/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/parent/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -8,7 +8,7 @@
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-fed-parent</artifactId>
<packaging>pom</packaging>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<name>PicketLink Federation- Parent</name>
<url>http://labs.jboss.org/portal/picketlink/</url>
<description>PicketLink is a cross-cutting project that handles identity needs for the JEMS projects</description>
@@ -23,8 +23,8 @@
<url>http://www.jboss.org</url>
</organization>
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/product/tags/2.0.3</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/product/tags/2.0.3</developerConnection>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/picketlink/product/tags/2.0.3-SNAP...</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/picketlink/product/tags/2.0.3-SNAPSHOT</developerConnection>
</scm>
<build>
@@ -102,7 +102,7 @@
<dependency>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>junit</groupId>
Modified: product/branches/Branch_6_plus/picketlink-core/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/picketlink-core/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-fed-parent</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/picketlink-webapps/idp/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-federation-webapps</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>../</relativePath>
</parent>
Modified: product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/picketlink-webapps/pdp/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-federation-webapps</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>../</relativePath>
</parent>
Modified: product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/picketlink-webapps/picketlink-sts/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-federation-webapps</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>../</relativePath>
</parent>
Modified: product/branches/Branch_6_plus/picketlink-webapps/pom.xml
===================================================================
--- product/branches/Branch_6_plus/picketlink-webapps/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/picketlink-webapps/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-fed-parent</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: product/branches/Branch_6_plus/pom.xml
===================================================================
--- product/branches/Branch_6_plus/pom.xml 2012-02-07 23:02:36 UTC (rev 1388)
+++ product/branches/Branch_6_plus/pom.xml 2012-02-07 23:03:06 UTC (rev 1389)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.picketlink.product.eap</groupId>
<artifactId>picketlink-fed-parent</artifactId>
- <version>2.0.3</version>
+ <version>2.0.3-SNAPSHOT</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
12 years, 2 months
- 1
- 0