Picketlink SVN: r789 - in federation/trunk: picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants and 2 other directories. - picketlink-commits

Wednesday, 2 March 2011


Author: anil.saldhana(a)jboss.com
Date: 2011-03-02 17:10:46 -0500 (Wed, 02 Mar 2011)
New Revision: 789

Modified:
  
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
  
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
  
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
  
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java
Log:
PLFED-156: nameid format customization

Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java
===================================================================
---
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java	2011-03-02
17:26:35 UTC (rev 788)
+++
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/request/SAML2Request.java	2011-03-02
22:10:46 UTC (rev 789)
@@ -28,7 +28,7 @@
 import java.io.OutputStream;
 import java.io.Writer;
 import java.net.URI;
- 
+
 import javax.xml.datatype.XMLGregorianCalendar;
 import javax.xml.parsers.ParserConfigurationException;
 
@@ -63,8 +63,19 @@
 public class SAML2Request
 {
    private SAMLDocumentHolder samlDocumentHolder = null;
-   
+
+   private String nameIDFormat = JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get();
+
    /**
+    * Set the NameIDFormat 
+    * @param nameIDFormat
+    */
+   public void setNameIDFormat(String nameIDFormat)
+   {
+      this.nameIDFormat = nameIDFormat;
+   }
+
+   /**
     * Create an authentication request
     * @param id
     * @param assertionConsumerURL
@@ -73,38 +84,36 @@
     * @return 
     * @throws ConfigurationException 
     */
-   public AuthnRequestType createAuthnRequestType(String id, 
-         String assertionConsumerURL, 
-         String destination, 
-         String issuerValue) throws ConfigurationException 
+   public AuthnRequestType createAuthnRequestType(String id, String assertionConsumerURL,
String destination,
+         String issuerValue) throws ConfigurationException
    {
-      XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); 
-      
+      XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
+
       String version = JBossSAMLConstants.VERSION_2_0.get();
-      AuthnRequestType authnRequest = new AuthnRequestType( id, version, issueInstant );

-      authnRequest.setAssertionConsumerServiceURL( URI.create( assertionConsumerURL ));
-      authnRequest.setProtocolBinding( URI.create(
JBossSAMLConstants.HTTP_POST_BINDING.get() ));
-      if( destination != null )
+      AuthnRequestType authnRequest = new AuthnRequestType(id, version, issueInstant);
+      authnRequest.setAssertionConsumerServiceURL(URI.create(assertionConsumerURL));
+     
authnRequest.setProtocolBinding(URI.create(JBossSAMLConstants.HTTP_POST_BINDING.get()));
+      if (destination != null)
       {
-         authnRequest.setDestination(  URI.create( destination )); 
-      } 
-      
+         authnRequest.setDestination(URI.create(destination));
+      }
+
       //Create an issuer 
       NameIDType issuer = new NameIDType();
       issuer.setValue(issuerValue);
-      
+
       authnRequest.setIssuer(issuer);
-      
+
       //Create a default NameIDPolicy
       NameIDPolicyType nameIDPolicy = new NameIDPolicyType();
-      nameIDPolicy.setAllowCreate( Boolean.TRUE );
-      nameIDPolicy.setFormat( URI.create(
JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get() ));
-      
-      authnRequest.setNameIDPolicy( nameIDPolicy );
-      
-      return authnRequest;  
+      nameIDPolicy.setAllowCreate(Boolean.TRUE);
+      nameIDPolicy.setFormat(URI.create(this.nameIDFormat));
+
+      authnRequest.setNameIDPolicy(nameIDPolicy);
+
+      return authnRequest;
    }
-   
+
    /**
     * Get AuthnRequestType from a file
     * @param fileName file with the serialized AuthnRequestType
@@ -115,38 +124,38 @@
     * @throws IllegalArgumentException if the input fileName is null
     *         IllegalStateException if the InputStream from the fileName is null
     */
-   public AuthnRequestType getAuthnRequestType(String fileName) throws
ConfigurationException, ProcessingException, ParsingException  
-   {   
-      if(fileName == null)
+   public AuthnRequestType getAuthnRequestType(String fileName) throws
ConfigurationException, ProcessingException,
+         ParsingException
+   {
+      if (fileName == null)
          throw new IllegalArgumentException("fileName is null");
       ClassLoader tcl = SecurityActions.getContextClassLoader();
       InputStream is = tcl.getResourceAsStream(fileName);
       return getAuthnRequestType(is);
-   }  
-   
+   }
+
    /**
     * Get the Underlying SAML2Object from the input stream
     * @param is
     * @return
     * @throws IOException
     * @throws ParsingException
-    */ 
-   public SAML2Object getSAML2ObjectFromStream(InputStream is) 
-   throws  ConfigurationException, ParsingException,
-   ProcessingException
+    */
+   public SAML2Object getSAML2ObjectFromStream(InputStream is) throws
ConfigurationException, ParsingException,
+         ProcessingException
    {
-      if(is == null)
-         throw new IllegalStateException("InputStream is null"); 
+      if (is == null)
+         throw new IllegalStateException("InputStream is null");
 
-      Document samlDocument =  DocumentUtil.getDocument(is); 
+      Document samlDocument = DocumentUtil.getDocument(is);
 
       SAMLParser samlParser = new SAMLParser();
-      SAML2Object requestType = (SAML2Object) samlParser.parse(
DocumentUtil.getNodeAsStream( samlDocument ));
+      SAML2Object requestType = (SAML2Object)
samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
 
       samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
-      return requestType; 
+      return requestType;
    }
-   
+
    /**
     * Get a Request Type from Input Stream
     * @param is
@@ -155,22 +164,23 @@
     * @throws ConfigurationException 
     * @throws  
     * @throws IllegalArgumentException inputstream is null
-    */ 
-   public RequestAbstractType getRequestType(InputStream is) 
-   throws ParsingException, ConfigurationException, ProcessingException 
+    */
+   public RequestAbstractType getRequestType(InputStream is) throws ParsingException,
ConfigurationException,
+         ProcessingException
    {
-      if(is == null)
-         throw new IllegalStateException("InputStream is null"); 
+      if (is == null)
+         throw new IllegalStateException("InputStream is null");
 
-      Document samlDocument = DocumentUtil.getDocument( is );
+      Document samlDocument = DocumentUtil.getDocument(is);
 
       SAMLParser samlParser = new SAMLParser();
-      RequestAbstractType requestType = (RequestAbstractType) samlParser.parse(
DocumentUtil.getNodeAsStream(samlDocument));
+      RequestAbstractType requestType = (RequestAbstractType)
samlParser.parse(DocumentUtil
+            .getNodeAsStream(samlDocument));
 
       samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
-      return requestType; 
+      return requestType;
    }
-   
+
    /**
     * Get the AuthnRequestType from an input stream
     * @param is Inputstream containing the AuthnRequest
@@ -179,20 +189,20 @@
     * @throws ProcessingException 
     * @throws ConfigurationException 
     * @throws IllegalArgumentException inputstream is null
-    */ 
-   public AuthnRequestType getAuthnRequestType(InputStream is) throws
ConfigurationException, ProcessingException, ParsingException 
+    */
+   public AuthnRequestType getAuthnRequestType(InputStream is) throws
ConfigurationException, ProcessingException,
+         ParsingException
    {
-      if(is == null)
-         throw new IllegalStateException("InputStream is null"); 
-      
-      Document samlDocument = DocumentUtil.getDocument( is );
+      if (is == null)
+         throw new IllegalStateException("InputStream is null");
 
+      Document samlDocument = DocumentUtil.getDocument(is);
+
       SAMLParser samlParser = new SAMLParser();
-      AuthnRequestType requestType = (AuthnRequestType) samlParser.parse(
DocumentUtil.getNodeAsStream(samlDocument));
+      AuthnRequestType requestType = (AuthnRequestType)
samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
       samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
       return requestType;
-   } 
-   
+   }
 
    /**
     * Get the parsed {@code SAMLDocumentHolder}
@@ -201,28 +211,28 @@
    public SAMLDocumentHolder getSamlDocumentHolder()
    {
       return samlDocumentHolder;
-   }  
-   
+   }
+
    /**
     * Create a Logout Request
     * @param issuer
     * @return  
     * @throws ConfigurationException 
     */
-   public LogoutRequestType createLogoutRequest(String issuer) throws
ConfigurationException 
-   {  
-      LogoutRequestType lrt = new LogoutRequestType( IDGenerator.create("ID_"),
JBossSAMLConstants.VERSION_2_0.get(),
-             XMLTimeUtil.getIssueInstant() ); 
-      
+   public LogoutRequestType createLogoutRequest(String issuer) throws
ConfigurationException
+   {
+      LogoutRequestType lrt = new LogoutRequestType(IDGenerator.create("ID_"),
JBossSAMLConstants.VERSION_2_0.get(),
+            XMLTimeUtil.getIssueInstant());
+
       //Create an issuer 
-      NameIDType issuerNameID = new NameIDType(); 
+      NameIDType issuerNameID = new NameIDType();
       issuerNameID.setValue(issuer);
-      
+
       lrt.setIssuer(issuerNameID);
-      
+
       return lrt;
    }
-   
+
    /**
     * Return the DOM object
     * @param rat
@@ -231,79 +241,80 @@
     * @throws ParsingException 
     * @throws ConfigurationException 
     */
-   public Document convert(RequestAbstractType rat) 
-   throws ProcessingException, ConfigurationException, ParsingException 
+   public Document convert(RequestAbstractType rat) throws ProcessingException,
ConfigurationException,
+         ParsingException
    {
       ByteArrayOutputStream bos = new ByteArrayOutputStream();
-      
+
       SAMLRequestWriter writer = new
SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
-      if( rat instanceof AuthnRequestType )
+      if (rat instanceof AuthnRequestType)
       {
-         writer.write( (AuthnRequestType) rat);
-      } 
-      else if( rat instanceof LogoutRequestType )
+         writer.write((AuthnRequestType) rat);
+      }
+      else if (rat instanceof LogoutRequestType)
       {
-         writer.write( (LogoutRequestType) rat);
+         writer.write((LogoutRequestType) rat);
       }
-      
-      return DocumentUtil.getDocument( new String( bos.toByteArray() ));  
+
+      return DocumentUtil.getDocument(new String(bos.toByteArray()));
    }
-   
+
    /**
     * Convert a SAML2 Response into a Document
     * @param responseType
     * @return 
     * @throws ParserConfigurationException
     */
-   public Document convert( ResponseType responseType) throws ProcessingException,
ParsingException, ConfigurationException
+   public Document convert(ResponseType responseType) throws ProcessingException,
ParsingException,
+         ConfigurationException
    {
-      ByteArrayOutputStream baos = new ByteArrayOutputStream(); 
-      SAMLResponseWriter writer = new
SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos)); 
-      writer.write( responseType );
-      
-      ByteArrayInputStream bis = new ByteArrayInputStream( baos.toByteArray() );
-      return DocumentUtil.getDocument(bis);  
+      ByteArrayOutputStream baos = new ByteArrayOutputStream();
+      SAMLResponseWriter writer = new
SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+      writer.write(responseType);
+
+      ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+      return DocumentUtil.getDocument(bis);
    }
-   
+
    /**
     * Marshall the AuthnRequestType to an output stream
     * @param requestType
     * @param os 
     * @throws SAXException 
     */
-   public void marshall(RequestAbstractType requestType, OutputStream os) throws
ProcessingException 
-   { 
-      SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter(
StaxUtil.getXMLStreamWriter(os));
-      if( requestType instanceof AuthnRequestType )
+   public void marshall(RequestAbstractType requestType, OutputStream os) throws
ProcessingException
+   {
+      SAMLRequestWriter samlRequestWriter = new
SAMLRequestWriter(StaxUtil.getXMLStreamWriter(os));
+      if (requestType instanceof AuthnRequestType)
       {
-         samlRequestWriter.write((AuthnRequestType)requestType ); 
+         samlRequestWriter.write((AuthnRequestType) requestType);
       }
-      else if( requestType instanceof LogoutRequestType )
+      else if (requestType instanceof LogoutRequestType)
       {
-         samlRequestWriter.write((LogoutRequestType)requestType ); 
+         samlRequestWriter.write((LogoutRequestType) requestType);
       }
       else
-         throw new RuntimeException( "Unsupported" );
+         throw new RuntimeException("Unsupported");
    }
-   
+
    /**
     * Marshall the AuthnRequestType to a writer
     * @param requestType
     * @param writer 
     * @throws SAXException 
     */
-   public void marshall(RequestAbstractType requestType, Writer writer) throws
ProcessingException  
-   {  
-      SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter(
StaxUtil.getXMLStreamWriter( writer ));
-      if( requestType instanceof AuthnRequestType )
+   public void marshall(RequestAbstractType requestType, Writer writer) throws
ProcessingException
+   {
+      SAMLRequestWriter samlRequestWriter = new
SAMLRequestWriter(StaxUtil.getXMLStreamWriter(writer));
+      if (requestType instanceof AuthnRequestType)
       {
-         samlRequestWriter.write((AuthnRequestType)requestType ); 
+         samlRequestWriter.write((AuthnRequestType) requestType);
       }
-      else if( requestType instanceof LogoutRequestType )
+      else if (requestType instanceof LogoutRequestType)
       {
-         samlRequestWriter.write((LogoutRequestType)requestType ); 
+         samlRequestWriter.write((LogoutRequestType) requestType);
       }
       else
-         throw new RuntimeException( "Unsupported" );
+         throw new RuntimeException("Unsupported");
    }
 }
\ No newline at end of file

Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java	2011-03-02
17:26:35 UTC (rev 788)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java	2011-03-02
22:10:46 UTC (rev 789)
@@ -62,6 +62,8 @@
 
    String LOGOUT_PAGE_NAME = "/logout.jsp";
 
+   String NAMEID_FORMAT = "NAMEID_FORMAT";
+
    String PRINCIPAL_ID = "jboss_identity.principal";
 
    String RELAY_STATE = "RelayState";

Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java	2011-03-02
17:26:35 UTC (rev 788)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java	2011-03-02
22:10:46 UTC (rev 789)
@@ -93,51 +93,55 @@
  * @since Oct 8, 2009
  */
 public class SAML2AuthenticationHandler extends BaseSAML2Handler
-{  
+{
    private static Logger log = Logger.getLogger(SAML2AuthenticationHandler.class);
-   private boolean trace = log.isTraceEnabled();
-   
-   private IDPAuthenticationHandler idp = new IDPAuthenticationHandler();
-   private SPAuthenticationHandler sp = new SPAuthenticationHandler();
-   
+
+   private final boolean trace = log.isTraceEnabled();
+
+   private final IDPAuthenticationHandler idp = new IDPAuthenticationHandler();
+
+   private final SPAuthenticationHandler sp = new SPAuthenticationHandler();
+
    public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse
response) throws ProcessingException
-   { 
-      if(request.getSAML2Object() instanceof AuthnRequestType == false)
-         return ;
-      
-      if(getType() == HANDLER_TYPE.IDP)
+   {
+      if (request.getSAML2Object() instanceof AuthnRequestType == false)
+         return;
+
+      if (getType() == HANDLER_TYPE.IDP)
       {
          idp.handleRequestType(request, response);
       }
       else
       {
          sp.handleRequestType(request, response);
-      } 
+      }
    }
- 
+
+   @Override
    public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse
response)
          throws ProcessingException
-   { 
-      if(request.getSAML2Object() instanceof ResponseType == false)
-         return ;
-      
-      if(getType() == HANDLER_TYPE.IDP)
+   {
+      if (request.getSAML2Object() instanceof ResponseType == false)
+         return;
+
+      if (getType() == HANDLER_TYPE.IDP)
       {
          idp.handleStatusResponseType(request, response);
       }
       else
       {
          sp.handleStatusResponseType(request, response);
-      } 
+      }
    }
 
+   @Override
    public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse
response)
          throws ProcessingException
-   { 
-      if(GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated())
+   {
+      if (GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated())
          return;
-      
-      if(getType() == HANDLER_TYPE.IDP)
+
+      if (getType() == HANDLER_TYPE.IDP)
       {
          idp.generateSAMLRequest(request, response);
          response.setSendRequest(true);
@@ -146,38 +150,37 @@
       {
          sp.generateSAMLRequest(request, response);
          response.setSendRequest(true);
-      } 
+      }
    }
-   
+
    private class IDPAuthenticationHandler
    {
-      public void generateSAMLRequest(SAML2HandlerRequest request, 
-            SAML2HandlerResponse response) throws ProcessingException
+      public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse
response)
+            throws ProcessingException
       {
-         
+
       }
-      
-      
-      public void handleStatusResponseType( SAML2HandlerRequest request, 
-             SAML2HandlerResponse response ) throws ProcessingException
-      {  
+
+      public void handleStatusResponseType(SAML2HandlerRequest request,
SAML2HandlerResponse response)
+            throws ProcessingException
+      {
       }
-      
-      public void handleRequestType( SAML2HandlerRequest request, 
-            SAML2HandlerResponse response ) throws ProcessingException
-      { 
+
+      public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse
response)
+            throws ProcessingException
+      {
          HTTPContext httpContext = (HTTPContext) request.getContext();
          ServletContext servletContext = httpContext.getServletContext();
-         
+
          AuthnRequestType art = (AuthnRequestType) request.getSAML2Object();
-         if( art == null )
-            throw new ProcessingException( "AuthnRequest is null" );
-         
+         if (art == null)
+            throw new ProcessingException("AuthnRequest is null");
+
          String destination = art.getAssertionConsumerServiceURL().toASCIIString();
-         
+
          HttpSession session = BaseSAML2Handler.getHttpSession(request);
          Principal userPrincipal = (Principal)
session.getAttribute(GeneralConstants.PRINCIPAL_ID);
-         if(userPrincipal == null)
+         if (userPrincipal == null)
             userPrincipal = httpContext.getRequest().getUserPrincipal();
          /*
          List<String> roles = (List<String>)
session.getAttribute(GeneralConstants.ROLES_ID);*/
@@ -190,117 +193,117 @@
                   userPrincipal, roles, request.getIssuer().getValue(),
                   attribs,
                   assertionValidity, art.getID());*/
-            
+
             Document samlResponse = this.getResponse(request);
-            
+
             //Update the Identity Server
-            boolean isPost = httpContext.getRequest().getMethod().equalsIgnoreCase(
"POST" );
-            IdentityServer identityServer = (IdentityServer)
servletContext.getAttribute(GeneralConstants.IDENTITY_SERVER);
-            identityServer.stack().register(session.getId(), destination, isPost );
-            
+            boolean isPost =
httpContext.getRequest().getMethod().equalsIgnoreCase("POST");
+            IdentityServer identityServer = (IdentityServer) servletContext
+                  .getAttribute(GeneralConstants.IDENTITY_SERVER);
+            identityServer.stack().register(session.getId(), destination, isPost);
+
             response.setDestination(destination);
-            response.setResultingDocument(samlResponse); 
+            response.setResultingDocument(samlResponse);
             response.setRelayState(request.getRelayState());
-            response.setPostBindingForResponse( isPost );
+            response.setPostBindingForResponse(isPost);
          }
-         catch(Exception e)
+         catch (Exception e)
          {
             log.error("Exception in processing authentication:", e);
             throw new ProcessingException("authentication issue");
          }
       }
-      
+
       @SuppressWarnings("unchecked")
-      public Document getResponse( SAML2HandlerRequest request ) throws
ConfigurationException, ProcessingException
+      public Document getResponse(SAML2HandlerRequest request) throws
ConfigurationException, ProcessingException
       {
          HTTPContext httpContext = (HTTPContext) request.getContext();
          AuthnRequestType art = (AuthnRequestType) request.getSAML2Object();
          HttpSession session = BaseSAML2Handler.getHttpSession(request);
          Principal userPrincipal = (Principal)
session.getAttribute(GeneralConstants.PRINCIPAL_ID);
-         if(userPrincipal == null)
-            userPrincipal = httpContext.getRequest().getUserPrincipal(); 
-         
-         String assertionConsumerURL =
art.getAssertionConsumerServiceURL().toASCIIString(); 
-         List<String> roles = (List<String>)
session.getAttribute(GeneralConstants.ROLES_ID); 
+         if (userPrincipal == null)
+            userPrincipal = httpContext.getRequest().getUserPrincipal();
+
+         String assertionConsumerURL =
art.getAssertionConsumerServiceURL().toASCIIString();
+         List<String> roles = (List<String>)
session.getAttribute(GeneralConstants.ROLES_ID);
          String identityURL = request.getIssuer().getValue();
-         Map<String, Object> attribs = (Map<String, Object>)
request.getOptions().get(GeneralConstants.ATTRIBUTES); 
+         Map<String, Object> attribs = (Map<String, Object>)
request.getOptions().get(GeneralConstants.ATTRIBUTES);
          long assertionValidity = (Long)
request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY);
          String requestID = art.getID();
-          
+
          Document samlResponseDocument = null;
-         
-         if(trace) 
-            log.trace("AssertionConsumerURL=" + assertionConsumerURL + 
-               "::assertion validity=" + assertionValidity);
-         ResponseType responseType = null;     
-         
+
+         if (trace)
+            log.trace("AssertionConsumerURL=" + assertionConsumerURL +
"::assertion validity=" + assertionValidity);
+         ResponseType responseType = null;
+
          SAML2Response saml2Response = new SAML2Response();
-               
+
          //Create a response type
          String id = IDGenerator.create("ID_");
-          
-         IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL); 
+
+         IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
          issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
 
          IDPInfoHolder idp = new IDPInfoHolder();
          idp.setNameIDFormatValue(userPrincipal.getName());
          idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
-         
-         String assertionID = (String) session.getAttribute(
GeneralConstants.ASSERTION_ID );
-          
-         if( assertionID != null )
+
+         String assertionID = (String)
session.getAttribute(GeneralConstants.ASSERTION_ID);
+
+         if (assertionID != null)
          {
             //Just renew the assertion
-            AssertionType latestAssertion = (AssertionType) session.getAttribute(
GeneralConstants.ASSERTION );
-            if( latestAssertion != null )
-               idp.setAssertion( latestAssertion );
+            AssertionType latestAssertion = (AssertionType)
session.getAttribute(GeneralConstants.ASSERTION);
+            if (latestAssertion != null)
+               idp.setAssertion(latestAssertion);
          }
 
          SPInfoHolder sp = new SPInfoHolder();
          sp.setResponseDestinationURI(assertionConsumerURL);
          sp.setRequestID(requestID);
          responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
-         
+
          //Add information on the roles
-         AssertionType assertion = (AssertionType)
responseType.getAssertions().get(0).getAssertion();
+         AssertionType assertion = responseType.getAssertions().get(0).getAssertion();
 
          //Create an AuthnStatementType
-         if( handlerConfig.getParameter( DISABLE_AUTHN_STATEMENT ) == null )
+         if (handlerConfig.getParameter(DISABLE_AUTHN_STATEMENT) == null)
          {
-            AuthnStatementType authnStatement =
-               StatementUtil.createAuthnStatement( XMLTimeUtil.getIssueInstant(),
JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get() );
-           assertion.addStatement( authnStatement ); 
+            AuthnStatementType authnStatement =
StatementUtil.createAuthnStatement(XMLTimeUtil.getIssueInstant(),
+                  JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get());
+            assertion.addStatement(authnStatement);
          }
-         
-         if( handlerConfig.getParameter( DISABLE_SENDING_ROLES ) == null )
+
+         if (handlerConfig.getParameter(DISABLE_SENDING_ROLES) == null)
          {
             AttributeStatementType attrStatement =
StatementUtil.createAttributeStatement(roles);
-            assertion.addStatement( attrStatement ); 
+            assertion.addStatement(attrStatement);
          }
 
          //Add in the attributes information
-         if(attribs != null && attribs.size() > 0 )
+         if (attribs != null && attribs.size() > 0)
          {
             AttributeStatementType attStatement =
StatementUtil.createAttributeStatement(attribs);
-            assertion.addStatement( attStatement );
-         } 
-         
+            assertion.addStatement(attStatement);
+         }
+
          //Add assertion to the session
-         session.setAttribute( GeneralConstants.ASSERTION, assertion );
-    
+         session.setAttribute(GeneralConstants.ASSERTION, assertion);
+
          //Lets see how the response looks like 
-         if(log.isTraceEnabled())
+         if (log.isTraceEnabled())
          {
             StringWriter sw = new StringWriter();
             try
             {
                saml2Response.marshall(responseType, sw);
             }
-            catch ( ProcessingException e)
+            catch (ProcessingException e)
             {
                log.trace(e);
-            } 
-            log.trace("Response="+sw.toString()); 
+            }
+            log.trace("Response=" + sw.toString());
          }
          try
          {
@@ -309,63 +312,70 @@
          catch (Exception e)
          {
             e.printStackTrace();
-            if(trace)
-               log.trace(e); 
-         } 
-         return samlResponseDocument; 
-      } 
+            if (trace)
+               log.trace(e);
+         }
+         return samlResponseDocument;
+      }
    }
-   
+
    private class SPAuthenticationHandler
    {
-      public void generateSAMLRequest(SAML2HandlerRequest request, 
-            SAML2HandlerResponse response) throws ProcessingException
+      public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse
response)
+            throws ProcessingException
       {
          String issuerValue = request.getIssuer().getValue();
-         
+
          SAML2Request samlRequest = new SAML2Request();
          String id = IDGenerator.create("ID_");
+
+         //Check if there is a nameid policy
+         String nameIDFormat = (String)
request.getOptions().get(GeneralConstants.NAMEID_FORMAT);
+         if (StringUtil.isNotNull(nameIDFormat))
+         {
+            samlRequest.setNameIDFormat(nameIDFormat);
+         }
          try
          {
-            AuthnRequestType authn = samlRequest.createAuthnRequestType(id, 
-                issuerValue, response.getDestination(), issuerValue);
-            
+            AuthnRequestType authn = samlRequest.createAuthnRequestType(id, issuerValue,
response.getDestination(),
+                  issuerValue);
+
             response.setResultingDocument(samlRequest.convert(authn));
             response.setSendRequest(true);
          }
          catch (Exception e)
          {
             throw new ProcessingException(e);
-         }  
+         }
       }
-      
-      public void handleStatusResponseType( SAML2HandlerRequest request, 
-            SAML2HandlerResponse response ) throws ProcessingException
-      { 
+
+      public void handleStatusResponseType(SAML2HandlerRequest request,
SAML2HandlerResponse response)
+            throws ProcessingException
+      {
          HTTPContext httpContext = (HTTPContext) request.getContext();
          ResponseType responseType = (ResponseType) request.getSAML2Object();
          List<RTChoiceType> assertions = responseType.getAssertions();
-         if(assertions.size() == 0)
-            throw new IllegalStateException("No assertions in reply from IDP");

-         
-         PrivateKey privateKey = (PrivateKey) request.getOptions().get(
GeneralConstants.DECRYPTING_KEY );
-         
+         if (assertions.size() == 0)
+            throw new IllegalStateException("No assertions in reply from
IDP");
+
+         PrivateKey privateKey = (PrivateKey)
request.getOptions().get(GeneralConstants.DECRYPTING_KEY);
+
          Object assertion = assertions.get(0).getEncryptedAssertion();
-         if(assertion instanceof EncryptedAssertionType)
+         if (assertion instanceof EncryptedAssertionType)
          {
-            responseType = this.decryptAssertion(responseType, privateKey );
+            responseType = this.decryptAssertion(responseType, privateKey);
             assertion = responseType.getAssertions().get(0).getAssertion();
          }
-         if( assertion == null )
+         if (assertion == null)
          {
             assertion = assertions.get(0).getAssertion();
          }
-         
+
          Principal userPrincipal = handleSAMLResponse(responseType, response);
-         if(userPrincipal == null)
+         if (userPrincipal == null)
          {
             response.setError(403, "User Principal not determined:
Forbidden");
-         } 
+         }
          else
          {
             //add it to the session
@@ -373,60 +383,62 @@
             session.setAttribute(GeneralConstants.PRINCIPAL_ID, userPrincipal);
          }
       }
-      
-      public void handleRequestType( SAML2HandlerRequest request,  
-            SAML2HandlerResponse response ) throws ProcessingException
-      {  
+
+      public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse
response)
+            throws ProcessingException
+      {
       }
-      
-      private ResponseType decryptAssertion(ResponseType responseType, PrivateKey
privateKey ) throws ProcessingException
+
+      private ResponseType decryptAssertion(ResponseType responseType, PrivateKey
privateKey)
+            throws ProcessingException
       {
-         if( privateKey == null )
-            throw new IllegalArgumentException( "privateKey is null" );
+         if (privateKey == null)
+            throw new IllegalArgumentException("privateKey is null");
          SAML2Response saml2Response = new SAML2Response();
          try
          {
-            Document doc = saml2Response.convert( responseType ); 
-            
-            Element enc = DocumentUtil.getElement(doc, new QName(
JBossSAMLConstants.ENCRYPTED_ASSERTION.get() ));
-            if( enc == null )
-               throw new ProcessingException( "Null encrypted assertion
element" );
-            String oldID = enc.getAttribute( "ID" );
+            Document doc = saml2Response.convert(responseType);
+
+            Element enc = DocumentUtil.getElement(doc, new
QName(JBossSAMLConstants.ENCRYPTED_ASSERTION.get()));
+            if (enc == null)
+               throw new ProcessingException("Null encrypted assertion
element");
+            String oldID = enc.getAttribute("ID");
             Document newDoc = DocumentUtil.createDocument();
             Node importedNode = newDoc.importNode(enc, true);
             newDoc.appendChild(importedNode);
-            
-            Element decryptedDocumentElement =
XMLEncryptionUtil.decryptElementInDocument( newDoc, privateKey );
+
+            Element decryptedDocumentElement =
XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey);
             SAMLParser parser = new SAMLParser();
-            AssertionType assertion = (AssertionType) parser.parse(
StaxParserUtil.getXMLEventReader(
DocumentUtil.getNodeAsStream(decryptedDocumentElement)));
-            
-            responseType.replaceAssertion( oldID, new RTChoiceType(assertion));
-            return  responseType;
+            AssertionType assertion = (AssertionType)
parser.parse(StaxParserUtil.getXMLEventReader(DocumentUtil
+                  .getNodeAsStream(decryptedDocumentElement)));
+
+            responseType.replaceAssertion(oldID, new RTChoiceType(assertion));
+            return responseType;
          }
-         catch ( Exception e )
-         { 
-            throw new ProcessingException( e );
+         catch (Exception e)
+         {
+            throw new ProcessingException(e);
          }
       }
-       
-      private Principal handleSAMLResponse(ResponseType responseType,
SAML2HandlerResponse response) 
-      throws ProcessingException 
-      { 
-         if(responseType == null)
+
+      private Principal handleSAMLResponse(ResponseType responseType,
SAML2HandlerResponse response)
+            throws ProcessingException
+      {
+         if (responseType == null)
             throw new IllegalArgumentException("response type is null");
-         
+
          StatusType statusType = responseType.getStatus();
-         if(statusType == null)
+         if (statusType == null)
             throw new IllegalArgumentException("Status Type from the IDP is
null");
 
          String statusValue = statusType.getStatusCode().getValue().toASCIIString();
-         if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
+         if (JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
             throw new SecurityException("IDP forbid the user");
 
          List<RTChoiceType> assertions = responseType.getAssertions();
-         if(assertions.size() == 0)
-            throw new IllegalStateException("No assertions in reply from IDP");

-         
+         if (assertions.size() == 0)
+            throw new IllegalStateException("No assertions in reply from
IDP");
+
          AssertionType assertion = assertions.get(0).getAssertion();
          //Check for validity of assertion
          boolean expiredAssertion;
@@ -436,45 +448,45 @@
          }
          catch (ConfigurationException e)
          {
-           throw new ProcessingException(e);
+            throw new ProcessingException(e);
          }
-         if(expiredAssertion)
+         if (expiredAssertion)
          {
             AssertionExpiredException aee = new AssertionExpiredException();
-            throw new ProcessingException("Assertion has expired",aee);
-         } 
-         
-         SubjectType subject = assertion.getSubject(); 
+            throw new ProcessingException("Assertion has expired", aee);
+         }
+
+         SubjectType subject = assertion.getSubject();
          /*JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>)
subject.getContent().get(0);
          NameIDType nameID = jnameID.getValue();
          */
-         if( subject == null )
-            throw new ProcessingException( "Subject in the assertion is null"
);
-         
+         if (subject == null)
+            throw new ProcessingException("Subject in the assertion is null");
+
          STSubType subType = subject.getSubType();
-         if( subType == null )
-            throw new RuntimeException( "Unable to find subtype via subject"
);
+         if (subType == null)
+            throw new RuntimeException("Unable to find subtype via subject");
          NameIDType nameID = (NameIDType) subType.getBaseID();
 
-         if( nameID == null )
-            throw new RuntimeException( "Unable to find username via subject"
);
-         
+         if (nameID == null)
+            throw new RuntimeException("Unable to find username via subject");
+
          final String userName = nameID.getValue();
          List<String> roles = new ArrayList<String>();
 
          //Let us get the roles
          Set<StatementAbstractType> statements = assertion.getStatements();
-         for( StatementAbstractType statement : statements )
+         for (StatementAbstractType statement : statements)
          {
-            if( statement instanceof AttributeStatementType )
+            if (statement instanceof AttributeStatementType)
             {
                AttributeStatementType attributeStatement = (AttributeStatementType)
statement;
-               roles.addAll( getRoles( attributeStatement ));
+               roles.addAll(getRoles(attributeStatement));
             }
          }
-         
+
          response.setRoles(roles);
-         
+
          Principal principal = new Principal()
          {
             public String getName()
@@ -482,78 +494,79 @@
                return userName;
             }
          };
-    
-         if(handlerChainConfig.getParameter(GeneralConstants.ROLE_VALIDATOR_IGNORE) ==
null)
+
+         if (handlerChainConfig.getParameter(GeneralConstants.ROLE_VALIDATOR_IGNORE) ==
null)
          {
             //Validate the roles
-            IRoleValidator roleValidator = 
-               (IRoleValidator)
handlerChainConfig.getParameter(GeneralConstants.ROLE_VALIDATOR);
-            if(roleValidator == null)
+            IRoleValidator roleValidator = (IRoleValidator) handlerChainConfig
+                  .getParameter(GeneralConstants.ROLE_VALIDATOR);
+            if (roleValidator == null)
                throw new ProcessingException("Role Validator not provided");
-            
+
             boolean validRole = roleValidator.userInRole(principal, roles);
-            if(!validRole)
+            if (!validRole)
             {
-               if(trace)
+               if (trace)
                   log.trace("Invalid role:" + roles);
                principal = null;
-            }  
+            }
          }
          return principal;
-      } 
-      
+      }
+
       /**
        * Get the roles from the attribute statement
        * @param attributeStatement
        * @return
        */
-      private List<String> getRoles( AttributeStatementType attributeStatement )
+      private List<String> getRoles(AttributeStatementType attributeStatement)
       {
          List<String> roles = new ArrayList<String>();
-         
+
          //PLFED-141: Disable role picking from IDP response
-         if( handlerConfig.containsKey( DISABLE_ROLE_PICKING ))
+         if (handlerConfig.containsKey(DISABLE_ROLE_PICKING))
          {
-            String val = (String) handlerConfig.getParameter( DISABLE_ROLE_PICKING );
-            if( StringUtil.isNotNull(val) &&
"true".equalsIgnoreCase(val) )
+            String val = (String) handlerConfig.getParameter(DISABLE_ROLE_PICKING);
+            if (StringUtil.isNotNull(val) &&
"true".equalsIgnoreCase(val))
                return roles;
          }
-         
+
          //PLFED-140: which of the attribute statements represent roles?
          List<String> roleKeys = new ArrayList<String>();
-         
-         if( handlerConfig.containsKey( ROLE_KEY ) )
+
+         if (handlerConfig.containsKey(ROLE_KEY))
          {
-            String roleKey = (String) handlerConfig.getParameter( ROLE_KEY );
-            roleKeys.addAll( StringUtil.tokenize( roleKey ) );
+            String roleKey = (String) handlerConfig.getParameter(ROLE_KEY);
+            roleKeys.addAll(StringUtil.tokenize(roleKey));
          }
-         
+
          List<ASTChoiceType> attList = attributeStatement.getAttributes();
-         for(ASTChoiceType obj:attList)
+         for (ASTChoiceType obj : attList)
          {
             AttributeType attr = obj.getAttribute();
-            if( roleKeys.size() > 0 )
+            if (roleKeys.size() > 0)
             {
-               if( !roleKeys.contains( attr.getNameFormat() ) )
+               if (!roleKeys.contains(attr.getNameFormat()))
                   continue;
             }
             List<Object> attributeValues = attr.getAttributeValue();
-            if( attributeValues != null)
+            if (attributeValues != null)
             {
-               for( Object attrValue : attributeValues )
+               for (Object attrValue : attributeValues)
                {
-                  if( attrValue instanceof String )
+                  if (attrValue instanceof String)
                   {
-                     roles.add( (String) attrValue ); 
+                     roles.add((String) attrValue);
                   }
-                  else if( attrValue instanceof Node )
+                  else if (attrValue instanceof Node)
                   {
                      Node roleNode = (Node) attrValue;
-                     roles.add( roleNode.getFirstChild().getNodeValue() );
+                     roles.add(roleNode.getFirstChild().getNodeValue());
                   }
-                  else throw new RuntimeException( "Unknown role object type :
" +  attrValue ); 
+                  else
+                     throw new RuntimeException("Unknown role object type : " +
attrValue);
                }
-            } 
+            }
          }
          return roles;
       }

Modified:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java	2011-03-02
17:26:35 UTC (rev 788)
+++
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java	2011-03-02
22:10:46 UTC (rev 789)
@@ -21,6 +21,8 @@
  */
 package org.picketlink.test.identity.federation.web.saml.handlers;
 
+import static org.junit.Assert.assertEquals;
+
 import java.security.KeyPair;
 import java.security.Principal;
 import java.security.PublicKey;
@@ -31,6 +33,7 @@
 import javax.crypto.spec.SecretKeySpec;
 import javax.xml.namespace.QName;
 
+import org.junit.Ignore;
 import org.junit.Test;
 import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
 import org.picketlink.identity.federation.core.config.SPType;
@@ -47,6 +50,7 @@
 import
org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
 import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
 import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import
org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
 import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
 import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
 import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
@@ -57,6 +61,8 @@
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
 import
org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
 import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
 import org.picketlink.identity.federation.saml.v2.SAML2Object;
 import org.picketlink.identity.federation.web.constants.GeneralConstants;
@@ -76,82 +82,133 @@
 public class SAML2AuthenticationHandlerUnitTestCase
 {
    @Test
+   public void handleNameIDCustomization() throws Exception
+   {
+      SAML2AuthenticationHandler handler = new SAML2AuthenticationHandler();
+
+      SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+      SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+      Map<String, Object> chainOptions = new HashMap<String, Object>();
+      SPType spType = new SPType();
+      chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+      chainOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+      chainConfig.set(chainOptions);
+
+      //Initialize the handler
+      handler.initChainConfig(chainConfig);
+      handler.initHandlerConfig(handlerConfig);
+
+      //Create a Protocol Context
+      MockHttpSession session = new MockHttpSession();
+      MockServletContext servletContext = new MockServletContext();
+      MockHttpServletRequest servletRequest = new MockHttpServletRequest(session,
"POST");
+      MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+      HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse,
servletContext);
+
+      SAML2Object saml2Object = new SAML2Object()
+      {
+      };
+
+      SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
+      IssuerInfoHolder issuerInfo = new
IssuerInfoHolder("http://localhost:8080/idp/");
+
+      SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext,
issuerInfo.getIssuer(), docHolder,
+            SAML2Handler.HANDLER_TYPE.SP);
+      request.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
+      request.addOption(GeneralConstants.NAMEID_FORMAT,
JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
+
+      SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+      handler.generateSAMLRequest(request, response);
+
+      Document samlReq = response.getResultingDocument();
+      SAMLParser parser = new SAMLParser();
+      System.out.println("Doc=" + DocumentUtil.asString(samlReq));
+      AuthnRequestType authnRequest = (AuthnRequestType)
parser.parse(DocumentUtil.getNodeAsStream(samlReq));
+      NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy();
+      assertEquals(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get(),
nameIDPolicy.getFormat().toString());
+   }
+
+   @Ignore
+   @Test
    public void handleEncryptedAssertion() throws Exception
-   {   
+   {
       SAML2AuthenticationHandler handler = new SAML2AuthenticationHandler();
-      
+
       SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
       SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
- 
-      Map<String,Object> chainOptions = new HashMap<String, Object>();
-      SPType spType = new SPType(); 
-      chainOptions.put(GeneralConstants.CONFIGURATION, spType );
-      chainOptions.put( GeneralConstants.ROLE_VALIDATOR_IGNORE, "true" );
-      chainConfig.set(chainOptions); 
-      
+
+      Map<String, Object> chainOptions = new HashMap<String, Object>();
+      SPType spType = new SPType();
+      chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+      chainOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+      chainConfig.set(chainOptions);
+
       //Initialize the handler
       handler.initChainConfig(chainConfig);
       handler.initHandlerConfig(handlerConfig);
-      
-    //Create a Protocol Context
+
+      //Create a Protocol Context
       MockHttpSession session = new MockHttpSession();
       MockServletContext servletContext = new MockServletContext();
       MockHttpServletRequest servletRequest = new MockHttpServletRequest(session,
"POST");
       MockHttpServletResponse servletResponse = new MockHttpServletResponse();
       HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse,
servletContext);
-      
-      SAML2Object saml2Object = new SAML2Object(){};
-      
-      KeyPair keypair = KeyStoreUtil.generateKeyPair( "RSA" ); 
-      
-      
+
+      SAML2Object saml2Object = new SAML2Object()
+      {
+      };
+
+      KeyPair keypair = KeyStoreUtil.generateKeyPair("RSA");
+
       SAML2Response saml2Response = new SAML2Response();
-      IssuerInfoHolder issuerInfoholder = new IssuerInfoHolder( "testIssuer"
);
-      
-      AssertionType assertion = AssertionUtil.createAssertion(
IDGenerator.create("ID_") , new NameIDType() );
+      IssuerInfoHolder issuerInfoholder = new IssuerInfoHolder("testIssuer");
+
+      AssertionType assertion =
AssertionUtil.createAssertion(IDGenerator.create("ID_"), new NameIDType());
       SubjectType assertionSubject = new SubjectType();
       STSubType subType = new STSubType();
       NameIDType anil = new NameIDType();
-      anil.setValue( "anil" );
-      subType.addBaseID( anil );
+      anil.setValue("anil");
+      subType.addBaseID(anil);
       assertionSubject.setSubType(subType);
       assertion.setSubject(assertionSubject);
-      
-      ResponseType responseType = 
-         saml2Response.createResponseType(IDGenerator.create("ID_"),
issuerInfoholder, assertion);
-      
+
+      ResponseType responseType =
saml2Response.createResponseType(IDGenerator.create("ID_"), issuerInfoholder,
+            assertion);
+
       String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
-      
+
       QName assertionQName = new QName(assertionNS, "EncryptedAssertion",
"saml");
       Document responseDoc = saml2Response.convert(responseType);
- 
-      byte[] secret = WSTrustUtil.createRandomSecret((int) 128 / 8);
+
+      byte[] secret = WSTrustUtil.createRandomSecret(128 / 8);
       SecretKey secretKey = new SecretKeySpec(secret, "AES");
- 
+
       PublicKey publicKey = keypair.getPublic();
-      XMLEncryptionUtil.encryptElement(new QName(assertionNS, "Assertion",
"saml" ), responseDoc  , publicKey, secretKey, 128, assertionQName, true); 
-      
-      System.out.println( DocumentUtil.asString(responseDoc));
-       
+      XMLEncryptionUtil.encryptElement(new QName(assertionNS, "Assertion",
"saml"), responseDoc, publicKey, secretKey,
+            128, assertionQName, true);
+
+      System.out.println(DocumentUtil.asString(responseDoc));
+
       SAMLParser parser = new SAMLParser();
-      saml2Object = (SAML2Object) parser.parse(
DocumentUtil.getNodeAsStream(responseDoc));
-      
+      saml2Object = (SAML2Object)
parser.parse(DocumentUtil.getNodeAsStream(responseDoc));
+
       SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
       IssuerInfoHolder issuerInfo = new
IssuerInfoHolder("http://localhost:8080/idp/");
-      SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, 
-            issuerInfo.getIssuer(), docHolder, SAML2Handler.HANDLER_TYPE.SP);
-      request.addOption( GeneralConstants.DECRYPTING_KEY, keypair.getPrivate() );
-      
+      SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext,
issuerInfo.getIssuer(), docHolder,
+            SAML2Handler.HANDLER_TYPE.SP);
+      request.addOption(GeneralConstants.DECRYPTING_KEY, keypair.getPrivate());
+
       SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
-      
+
       session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
       {
          public String getName()
          {
             return "Hi";
-         }});
-      
-      
-      handler.handleStatusResponseType(request, response); 
-   } 
+         }
+      });
+
+      handler.handleStatusResponseType(request, response);
+   }
 }
\ No newline at end of file


    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Picketlink SVN: r789 - in federation/trunk: picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants and 2 other directories.