Author: anil.saldhana(a)jboss.com
Date: 2011-07-28 18:24:59 -0400 (Thu, 28 Jul 2011)
New Revision: 1147
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
Log:
PLFED-149: option for assertionConsumerURL
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2Handler.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2011-07-28
22:13:46 UTC (rev 1146)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/SAML2Handler.java 2011-07-28
22:24:59 UTC (rev 1147)
@@ -20,7 +20,6 @@
* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
*/
package org.picketlink.identity.federation.core.saml.v2.interfaces;
-
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -31,36 +30,38 @@
* @since Sep 17, 2009
*/
public interface SAML2Handler
-{
+{
//Define some constants
+ String ASSERTION_CONSUMER_URL = "ASSERTION_CONSUMER_URL";
+
String DISABLE_AUTHN_STATEMENT = "DISABLE_AUTHN_STATEMENT";
- String DISABLE_SENDING_ROLES = "DISABLE_SENDING_ROLES";
+
+ String DISABLE_SENDING_ROLES = "DISABLE_SENDING_ROLES";
+
String DISABLE_ROLE_PICKING = "DISABLE_ROLE_PICKING";
+
String ROLE_KEY = "ROLE_KEY";
-
+
/**
* Processing Point - idp side
* or service side
*/
- public enum HANDLER_TYPE
- {
- IDP,SP;
+ public enum HANDLER_TYPE {
+ IDP, SP;
};
-
+
/**
* Initialize the handler
* @param handlerConfig Handler Config
*/
- void initChainConfig(SAML2HandlerChainConfig handlerChainConfig)
- throws ConfigurationException;
-
+ void initChainConfig(SAML2HandlerChainConfig handlerChainConfig) throws
ConfigurationException;
+
/**
* Initialize the handler from configuration
* @param options
*/
- void initHandlerConfig(SAML2HandlerConfig handlerConfig)
- throws ConfigurationException;
-
+ void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws
ConfigurationException;
+
/**
* Generate a SAML Request to be sent to the IDP
* if the handler is invoked at the SP and vice-versa
@@ -68,9 +69,7 @@
* @param response
* @throws ProcessingException
*/
- void generateSAMLRequest(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException;
-
+ void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response)
throws ProcessingException;
/**
* Get the type of handler
@@ -78,25 +77,23 @@
* @return
*/
HANDLER_TYPE getType();
-
+
/**
* Handle a SAML2 RequestAbstractType
* @param requestAbstractType
* @param resultingDocument
* @return
*/
- void handleRequestType(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException;
-
+ void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response)
throws ProcessingException;
+
/**
* Handle a SAML2 Status Response Type
* @param statusResponseType
* @param resultingDocument
* @return
*/
- void handleStatusResponseType(SAML2HandlerRequest request,
- SAML2HandlerResponse response) throws ProcessingException;
-
+ void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse
response) throws ProcessingException;
+
/**
* Shed all state
* @throws ProcessingException
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2011-07-28
22:13:46 UTC (rev 1146)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2011-07-28
22:24:59 UTC (rev 1147)
@@ -91,6 +91,7 @@
* @see SAML2Handler#DISABLE_ROLE_PICKING Setting to true will disable picking IDP
attribute statements (SP Setting)
* @see SAML2Handler#ROLE_KEY a csv list of strings that represent the roles coming from
IDP (SP Setting)
* @see GeneralConstants#NAMEID_FORMAT Setting to a value will provide the nameid format
to be sent to IDP (SP Setting)
+ * @see SAML2Handler#ASSERTION_CONSUMER_URL: the url to be used for assertionConsumerURL
* </p>
*
* @author Anil.Saldhana(a)redhat.com
@@ -339,6 +340,12 @@
SAML2Request samlRequest = new SAML2Request();
String id = IDGenerator.create("ID_");
+ String assertionConsumerURL = (String)
handlerConfig.getParameter(SAML2Handler.ASSERTION_CONSUMER_URL);
+ if (StringUtil.isNullOrEmpty(assertionConsumerURL))
+ {
+ assertionConsumerURL = issuerValue;
+ }
+
//Check if there is a nameid policy
String nameIDFormat = (String)
handlerConfig.getParameter(GeneralConstants.NAMEID_FORMAT);
if (StringUtil.isNotNull(nameIDFormat))
@@ -347,8 +354,8 @@
}
try
{
- AuthnRequestType authn = samlRequest.createAuthnRequestType(id, issuerValue,
response.getDestination(),
- issuerValue);
+ AuthnRequestType authn = samlRequest.createAuthnRequestType(id,
assertionConsumerURL,
+ response.getDestination(), issuerValue);
response.setResultingDocument(samlRequest.convert(authn));
response.setSendRequest(true);