3:14 p.m.
Author: anil.saldhana(a)jboss.com
Date: 2012-01-31 16:14:29 -0500 (Tue, 31 Jan 2012)
New Revision: 1347
Added:
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SPRedirectFormAuthenticatorResponseTestCase.java
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml
Removed:
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/
product/trunk/picketlink-core/src/test/resources/
Log:
merge in -r1318, 1319, 1320 and a change to ServerDetector.java to look for a different
class in AS: org.jboss.Main
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1173,1192-1228,1302-1319
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2012-01-27
13:54:16 UTC (rev 1346)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2012-01-31
21:14:29 UTC (rev 1347)
@@ -198,8 +198,7 @@
}
catch (Exception e)
{
- if (trace)
- log.trace("Server Exception:", e);
+ log.error("Server Exception:", e);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION);
}
return localAuthentication(request, response, loginConfig);
@@ -317,6 +316,7 @@
//Just issue a fresh request back to IDP
return generalUserRequest(request, response, loginConfig);
}
+ log.error("Server Exception:", pe);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION +
pe.getLocalizedMessage());
}
catch (Exception e)
@@ -393,8 +393,7 @@
}
catch (Exception e)
{
- if (trace)
- log.trace("Exception:", e);
+ log.error("Server Exception:", e);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION);
}
}
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2012-01-27
13:54:16 UTC (rev 1346)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2012-01-31
21:14:29 UTC (rev 1347)
@@ -332,12 +332,12 @@
//Just issue a fresh request back to IDP
return generalUserRequest(request, response, loginConfig);
}
+ log.error("Server Exception:", pe);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION +
pe.getLocalizedMessage());
}
catch (Exception e)
{
- if (trace)
- log.trace("Server Exception:", e);
+ log.error("Server Exception:", e);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION +
e.getLocalizedMessage());
}
return localAuthentication(request, response, loginConfig);
@@ -426,8 +426,7 @@
}
catch (Exception e)
{
- if (trace)
- log.trace("Exception:", e);
+ log.error("Server Exception:", e);
throw new IOException(ErrorCodes.SERVICE_PROVIDER_SERVER_EXCEPTION);
}
}
@@ -529,4 +528,4 @@
{
throw new RuntimeException(ErrorCodes.AUTHENTICATOR_DOES_NOT_HANDLE_ENC);
}
-}
\ No newline at end of file
+}
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util
___________________________________________________________________
Added: svn:mergeinfo
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1302-1320
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java 2012-01-27
13:54:16 UTC (rev 1346)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java 2012-01-31
21:14:29 UTC (rev 1347)
@@ -51,10 +51,11 @@
private void detectServer()
{
//Detect JBoss
-
+ Class<?> me = getClass();
+ Class<?> clazz = null;
try
{
- Class<?> clazz = SecurityActions.loadClass(getClass(),
"org.jboss.system.Service");
+ clazz = SecurityActions.loadClass(me, "org.jboss.Main");
if (clazz != null)
{
jboss = true;
@@ -63,13 +64,21 @@
}
catch (Exception e)
{
- //ignore
+ try
+ {
+ clazz = SecurityActions.loadClass(me,
"org.jboss.as.server.Bootstrap");
+ jboss = true;
+ return;
+ }
+ catch (Exception ee)
+ {
+ }
}
//Tomcat
try
{
- Class<?> clazz = SecurityActions.loadClass(getClass(),
"org.apache.cataline.Server");
+ clazz = SecurityActions.loadClass(getClass(),
"org.apache.cataline.Server");
if (clazz != null)
{
tomcat = true;
Property changes on:
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow
___________________________________________________________________
Added: svn:mergeinfo
+
/federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1140-1173,1307-1318
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1152-1154,1159-1173,1192-1228
Copied:
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SPRedirectFormAuthenticatorResponseTestCase.java
(from rev 1318,
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SPRedirectFormAuthenticatorResponseTestCase.java)
===================================================================
---
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SPRedirectFormAuthenticatorResponseTestCase.java
(rev 0)
+++
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/SPRedirectFormAuthenticatorResponseTestCase.java 2012-01-31
21:14:29 UTC (rev 1347)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.bindings.workflow;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PrintWriter;
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.catalina.deploy.LoginConfig;
+import org.junit.Test;
+import
org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
+import org.picketlink.test.identity.federation.bindings.mock.MockCatalinaContext;
+import
org.picketlink.test.identity.federation.bindings.mock.MockCatalinaContextClassLoader;
+import org.picketlink.test.identity.federation.bindings.mock.MockCatalinaRequest;
+import org.picketlink.test.identity.federation.bindings.mock.MockCatalinaResponse;
+import org.picketlink.test.identity.federation.bindings.mock.MockCatalinaSession;
+
+/**
+ * Test to validate the handling of a saml response by the
+ * {@link SPRedirectFormAuthenticator}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Nov 4, 2011
+ */
+public class SPRedirectFormAuthenticatorResponseTestCase
+{
+ private final String profile = "saml2/redirect";
+
+ private final ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void testSP() throws Exception
+ {
+ MockCatalinaSession session = new MockCatalinaSession();
+ //First we go to the employee application
+ MockCatalinaContextClassLoader mclSPEmp = setupTCL(profile +
"/responses");
+ Thread.currentThread().setContextClassLoader(mclSPEmp);
+ SPRedirectFormAuthenticator spEmpl = new SPRedirectFormAuthenticator();
+
+ MockCatalinaContext context = new MockCatalinaContext();
+ spEmpl.setContainer(context);
+ spEmpl.testStart();
+
+ MockCatalinaRequest catalinaRequest = new MockCatalinaRequest();
+ catalinaRequest.setSession(session);
+ catalinaRequest.setContext(context);
+
+ byte[] samlResponse = readIDPResponse();
+
+ String idpResponse = RedirectBindingUtil.deflateBase64Encode(samlResponse);
+
+ catalinaRequest.setParameter(GeneralConstants.SAML_RESPONSE_KEY, idpResponse);
+
+ MockCatalinaResponse catalinaResponse = new MockCatalinaResponse();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ catalinaResponse.setWriter(new PrintWriter(baos));
+
+ LoginConfig loginConfig = new LoginConfig();
+ assertTrue(spEmpl.authenticate(catalinaRequest, catalinaResponse, loginConfig));
+
+ Map<String, List<Object>> sessionMap = (Map<String,
List<Object>>) session
+ .getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP);
+ assertNotNull(sessionMap);
+ assertEquals("sales", sessionMap.get("Role").get(0));
+ }
+
+ private byte[] readIDPResponse() throws IOException
+ {
+ File file = new
File(tcl.getResource("responseIDP/casidp.xml").getPath());
+ InputStream is = new FileInputStream(file);
+ assertNotNull(is);
+
+ long length = file.length();
+
+ // Create the byte array to hold the data
+ byte[] bytes = new byte[(int) length];
+
+ // Read in the bytes
+ int offset = 0;
+ int numRead = 0;
+ while (offset < bytes.length && (numRead = is.read(bytes, offset,
bytes.length - offset)) >= 0)
+ {
+ offset += numRead;
+ }
+
+ // Ensure all the bytes have been read in
+ if (offset < bytes.length)
+ {
+ throw new IOException("Could not completely read file " +
file.getName());
+ }
+
+ // Close the input stream and return bytes
+ is.close();
+ return bytes;
+ }
+
+ private MockCatalinaContextClassLoader setupTCL(String resource)
+ {
+ URL[] urls = new URL[]
+ {tcl.getResource(resource)};
+
+ MockCatalinaContextClassLoader mcl = new MockCatalinaContextClassLoader(urls);
+ mcl.setDelegate(tcl);
+ mcl.setProfile(resource);
+ return mcl;
+ }
+
+}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/test/resources
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/test/resources:1302-1318
Deleted:
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml 2011-11-04
18:19:34 UTC (rev 1318)
+++
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml 2012-01-31
21:14:29 UTC (rev 1347)
@@ -1,6 +0,0 @@
-<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
- <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
- <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
- <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
- <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler"/>
-</Handlers>
\ No newline at end of file
Copied:
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml
(from rev 1318,
federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml)
===================================================================
---
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-handlers.xml 2012-01-31
21:14:29 UTC (rev 1347)
@@ -0,0 +1,6 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler"/>
+</Handlers>
\ No newline at end of file
Deleted:
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml 2011-11-04
18:19:34 UTC (rev 1318)
+++
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml 2012-01-31
21:14:29 UTC (rev 1347)
@@ -1,37 +0,0 @@
-<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
-
- <IdentityURL>https://fedtst.company.com/idp/SSO.saml2</IdentityURL>
-
- <ServiceURL>https://201.000.000.00/gctxyz</ServiceURL>
- <Trust>
-
-
<Domains>localhost,jboss.com,jboss.org,fedtst.company.com,201.000.000.00</Domains>
-
- </Trust>
- <KeyProvider
-
-
ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
-
-
-
- <Auth Key="KeyStoreURL" Value="/jbid_test_keystore.jks"
/>
-
- <Auth Key="KeyStorePass" Value="store123" />
-
- <Auth Key="SigningKeyPass" Value="test123" />
-
- <Auth Key="SigningKeyAlias" Value="servercert" />
-
-
-
- <ValidatingAlias Key="localhost" Value="picketlink"/>
-
- <ValidatingAlias Key="127.0.0.1" Value="picketlink"/>
-
- <ValidatingAlias Key="fedtst.company.com"
Value="test"/>
-
- </KeyProvider>
-
-
-
-</PicketLinkSP>
\ No newline at end of file
Copied:
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml
(from rev 1318,
federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml)
===================================================================
---
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
product/trunk/picketlink-core/src/test/resources/saml2/redirect/responses/WEB-INF/picketlink-idfed.xml 2012-01-31
21:14:29 UTC (rev 1347)
@@ -0,0 +1,37 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+
+ <IdentityURL>https://fedtst.company.com/idp/SSO.saml2</IdentityURL>
+
+ <ServiceURL>https://201.000.000.00/gctxyz</ServiceURL>
+ <Trust>
+
+
<Domains>localhost,jboss.com,jboss.org,fedtst.company.com,201.000.000.00</Domains>
+
+ </Trust>
+ <KeyProvider
+
+
ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
+
+
+
+ <Auth Key="KeyStoreURL" Value="/jbid_test_keystore.jks"
/>
+
+ <Auth Key="KeyStorePass" Value="store123" />
+
+ <Auth Key="SigningKeyPass" Value="test123" />
+
+ <Auth Key="SigningKeyAlias" Value="servercert" />
+
+
+
+ <ValidatingAlias Key="localhost" Value="picketlink"/>
+
+ <ValidatingAlias Key="127.0.0.1" Value="picketlink"/>
+
+ <ValidatingAlias Key="fedtst.company.com"
Value="test"/>
+
+ </KeyProvider>
+
+
+
+</PicketLinkSP>
\ No newline at end of file