Author: anil.saldhana(a)jboss.com
Date: 2012-03-12 14:57:57 -0400 (Mon, 12 Mar 2012)
New Revision: 1495
Added:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java
Removed:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/
product/trunk/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml
Log:
PLFED-249 merged
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web:1152-1173,1329-1348
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web:1152-1173,1329-1348,1361-1369
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1173,1329-1348
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1173,1329-1348,1361-1369
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1173,1329-1348
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1173,1329-1348,1361-1369
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1144-1147,1152-1173,1295-1298,1329-1348
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1144-1147,1152-1173,1295-1298,1329-1348,1361-1369
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java 2012-03-12
14:26:40 UTC (rev 1494)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2InResponseToVerificationHandler.java 2012-03-12
18:57:57 UTC (rev 1495)
@@ -23,6 +23,8 @@
package org.picketlink.identity.federation.web.handlers.saml2;
+import javax.servlet.http.HttpSession;
+
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.ErrorCodes;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -31,8 +33,6 @@
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
-import javax.servlet.http.HttpSession;
-
/**
* Handler is useful on SP side. It's used for verification that InResponseId from
SAML Authentication Response is same
* as ID of previously sent SAML Authentication request
@@ -44,7 +44,7 @@
private static Logger log =
Logger.getLogger(SAML2InResponseToVerificationHandler.class);
private final boolean trace = log.isTraceEnabled();
-
+
@Override
public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse
response)
throws ProcessingException
@@ -56,7 +56,7 @@
return;
// Determine Id of of request, which is saved into session thanks to
SAML2AuthenticationHandler
- String authnRequestId =
(String)request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID);
+ String authnRequestId = (String)
request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID);
// Save it into session for later use
HttpSession session = BaseSAML2Handler.getHttpSession(request);
@@ -67,15 +67,15 @@
log.trace("ID of authentication request " + authnRequestId + "
saved into HTTP session.");
}
}
-
- @Override
+
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse
response) throws ProcessingException
- {
+ {
}
@Override
- public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse
response) throws ProcessingException
- {
+ public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse
response)
+ throws ProcessingException
+ {
if (request.getSAML2Object() instanceof ResponseType == false)
return;
@@ -85,14 +85,14 @@
// Obtain inResponseTo ID from Authentication response
ResponseType responseType = (ResponseType) request.getSAML2Object();
String inResponseTo = responseType.getInResponseTo();
-
+
// Obtain ID from session, which was saved before sending AuthnRequest
HttpSession session = BaseSAML2Handler.getHttpSession(request);
- String authnRequestId =
(String)session.getAttribute(GeneralConstants.AUTH_REQUEST_ID);
-
+ String authnRequestId = (String)
session.getAttribute(GeneralConstants.AUTH_REQUEST_ID);
+
// Remove it from session now
session.removeAttribute(GeneralConstants.AUTH_REQUEST_ID);
-
+
// Compare both ID
if (inResponseTo != null && inResponseTo.equals(authnRequestId))
{
@@ -103,7 +103,8 @@
}
else
{
- log.error("Verification of InResponseTo failed. InResponseTo from SAML
response is " + inResponseTo + ". Value of request Id from HTTP session is
" + authnRequestId);
+ log.error("Verification of InResponseTo failed. InResponseTo from SAML
response is " + inResponseTo
+ + ". Value of request Id from HTTP session is " +
authnRequestId);
throw new ProcessingException(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED);
}
}
Deleted:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java 2012-02-03
18:20:23 UTC (rev 1369)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java 2012-03-12
18:57:57 UTC (rev 1495)
@@ -1,83 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- */
-package org.picketlink.identity.federation.web.listeners;
-
-import javax.servlet.http.HttpSession;
-import javax.servlet.http.HttpSessionEvent;
-import javax.servlet.http.HttpSessionListener;
-
-import org.apache.log4j.Logger;
-import org.picketlink.identity.federation.core.ErrorCodes;
-import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext;
-import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
-import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.web.constants.GeneralConstants;
-
-/**
- * An instance of {@link HttpSessionListener} at the IDP
- * that performs actions when an {@link HttpSession} is created or destroyed.
- *
- * @author Anil.Saldhana(a)redhat.com
- * @since Feb 3, 2012
- */
-public class IDPHttpSessionListener implements HttpSessionListener
-{
- private static Logger log = Logger.getLogger(IDPHttpSessionListener.class);
-
- private final boolean trace = log.isTraceEnabled();
-
- public void sessionCreated(HttpSessionEvent se)
- {
- }
-
- public void sessionDestroyed(HttpSessionEvent se)
- {
- HttpSession httpSession = se.getSession();
- if (httpSession == null)
- throw new RuntimeException(ErrorCodes.NULL_ARGUMENT + ":session");
- AssertionType assertion = (AssertionType)
httpSession.getAttribute(GeneralConstants.ASSERTION);
-
- //If the user had logged out, then the assertion would not be available in the
session.
- //The case when the user closes the browser and does not logout, the session will
time out on the
- //server. So we know that the token has not been canceled by the STS.
- if (assertion != null)
- {
- if (trace)
- {
- log.trace("User has closed the browser. So we proceed to cancel the STS
issued token.");
- }
- PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
- SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext();
- samlProtocolContext.setIssuedAssertion(assertion);
- try
- {
- sts.cancelToken(samlProtocolContext);
- }
- catch (ProcessingException e)
- {
- log.error(ErrorCodes.PROCESSING_EXCEPTION, e);
- }
- httpSession.removeAttribute(GeneralConstants.ASSERTION);
- }
- }
-}
\ No newline at end of file
Copied:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java
(from rev 1369,
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java)
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java
(rev 0)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/listeners/IDPHttpSessionListener.java 2012-03-12
18:57:57 UTC (rev 1495)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.listeners;
+
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionEvent;
+import javax.servlet.http.HttpSessionListener;
+
+import org.apache.log4j.Logger;
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext;
+import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+
+/**
+ * An instance of {@link HttpSessionListener} at the IDP
+ * that performs actions when an {@link HttpSession} is created or destroyed.
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Feb 3, 2012
+ */
+public class IDPHttpSessionListener implements HttpSessionListener
+{
+ private static Logger log = Logger.getLogger(IDPHttpSessionListener.class);
+
+ private final boolean trace = log.isTraceEnabled();
+
+ public void sessionCreated(HttpSessionEvent se)
+ {
+ }
+
+ public void sessionDestroyed(HttpSessionEvent se)
+ {
+ HttpSession httpSession = se.getSession();
+ if (httpSession == null)
+ throw new RuntimeException(ErrorCodes.NULL_ARGUMENT + ":session");
+ AssertionType assertion = (AssertionType)
httpSession.getAttribute(GeneralConstants.ASSERTION);
+
+ //If the user had logged out, then the assertion would not be available in the
session.
+ //The case when the user closes the browser and does not logout, the session will
time out on the
+ //server. So we know that the token has not been canceled by the STS.
+ if (assertion != null)
+ {
+ if (trace)
+ {
+ log.trace("User has closed the browser. So we proceed to cancel the STS
issued token.");
+ }
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext();
+ samlProtocolContext.setIssuedAssertion(assertion);
+ try
+ {
+ sts.cancelToken(samlProtocolContext);
+ }
+ catch (ProcessingException e)
+ {
+ log.error(ErrorCodes.PROCESSING_EXCEPTION, e);
+ }
+ httpSession.removeAttribute(GeneralConstants.ASSERTION);
+ }
+ }
+}
\ No newline at end of file
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util
___________________________________________________________________
Modified: svn:mergeinfo
-
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1302-1320,1329-1348
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1302-1320,1329-1348,1361-1369
Modified: product/trunk/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml
===================================================================
--- product/trunk/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml 2012-03-12
14:26:40 UTC (rev 1494)
+++ product/trunk/picketlink-webapps/idp/src/main/webapp/WEB-INF/web.xml 2012-03-12
18:57:57 UTC (rev 1495)
@@ -9,6 +9,10 @@
IDP Web Application for the PicketLink project
</description>
+ <listener>
+
<listener-class>org.picketlink.identity.federation.web.listeners.IDPHttpSessionListener</listener-class>
+ </listener>
+
<!-- Define a security constraint that gives unlimted access to images -->
<security-constraint>
<web-resource-collection>