Author: anil.saldhana(a)jboss.com
Date: 2011-02-25 17:03:26 -0500 (Fri, 25 Feb 2011)
New Revision: 778
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityParticipantStack.java
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
Log:
PLFED-145: use an interface for participant stack
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
---
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-02-25
19:12:09 UTC (rev 777)
+++
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-02-25
22:03:26 UTC (rev 778)
@@ -94,6 +94,7 @@
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.core.IdentityParticipantStack;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
import org.picketlink.identity.federation.web.util.IDPWebRequestUtil;
@@ -144,6 +145,11 @@
protected String canonicalizationMethod =
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
/**
+ * If the user wants to set a particular {@link IdentityParticipantStack}
+ */
+ protected String identityParticipantStack = null;
+
+ /**
* A Lock for Handler operations in the chain
*/
private Lock chainLock = new ReentrantLock();
@@ -209,6 +215,11 @@
{
this.samlHandlerChainClass = samlHandlerChainClass;
}
+
+ public void setIdentityParticipantStack( String fqn )
+ {
+ this.identityParticipantStack = fqn;
+ }
@Override
public void invoke(Request request, Response response) throws IOException,
ServletException
@@ -1006,7 +1017,27 @@
if(identityServer == null)
{
identityServer = new IdentityServer();
- context.getServletContext().setAttribute(GeneralConstants.IDENTITY_SERVER,
identityServer);
+ context.getServletContext().setAttribute(GeneralConstants.IDENTITY_SERVER,
identityServer);
+ if( StringUtil.isNotNull( this.identityParticipantStack ))
+ {
+ try
+ {
+ Class<?> stackClass =
SecurityActions.getContextClassLoader().loadClass( this.identityParticipantStack );
+ identityServer.setStack( (IdentityParticipantStack)
stackClass.newInstance() );
+ }
+ catch (ClassNotFoundException e)
+ {
+ log.error( "Unable to set the Identity Participant Stack Class. Will
just use the default", e );
+ }
+ catch (InstantiationException e)
+ {
+ log.error( "Unable to set the Identity Participant Stack Class. Will
just use the default", e );
+ }
+ catch (IllegalAccessException e)
+ {
+ log.error( "Unable to set the Identity Participant Stack Class. Will
just use the default", e );
+ }
+ }
}
}
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-02-25
19:12:09 UTC (rev 777)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-02-25
22:03:26 UTC (rev 778)
@@ -45,6 +45,7 @@
String HANDLER_CONFIG_FILE_LOCATION = "/WEB-INF/picketlink-handlers.xml";
String IDENTITY_SERVER = "IDENTITY_SERVER";
+ String IDENTITY_PARTICIPANT_STACK = "IDENTITY_PARTICIPANT_STACK";
String IGNORE_SIGNATURES = "IGNORE_SIGNATURES";
String KEYPAIR = "KEYPAIR";
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityParticipantStack.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityParticipantStack.java
(rev 0)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityParticipantStack.java 2011-02-25
22:03:26 UTC (rev 778)
@@ -0,0 +1,115 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.core;
+
+/**
+ * A stack to register and deregister participants
+ * in the identity federation
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Feb 25, 2011
+ */
+public interface IdentityParticipantStack
+{
+
+ /**
+ * Peek at the most recent participant in the session
+ * @param sessionID
+ * @return
+ */
+ String peek(String sessionID);
+
+ /**
+ * Remove the most recent participant in the session
+ * @param sessionID
+ * @return
+ */
+ String pop(String sessionID);
+
+ /**
+ * Register a participant in a session
+ * @param sessionID
+ * @param participant
+ */
+ void register(String sessionID, String participant, boolean postBinding);
+
+ /**
+ * For a given identity session, return the number of participants
+ * @param sessionID
+ * @return
+ */
+ int getParticipants(String sessionID);
+
+ /**
+ * Register a participant as in transit in a logout interaction
+ * @param sessionID
+ * @param participant
+ * @return
+ */
+ boolean registerTransitParticipant(String sessionID, String participant);
+
+ /**
+ * Deregister a participant as in transit in a logout interaction
+ * @param sessionID
+ * @param participant
+ * @return
+ */
+ boolean deRegisterTransitParticipant(String sessionID, String participant);
+
+ /**
+ * Return the number of participants in transit
+ * @param sessionID
+ * @return
+ */
+ int getNumOfParticipantsInTransit(String sessionID);
+
+ /**
+ * <p>
+ * For a particular participant, indicate whether it supports
+ * POST or REDIRECT binding.
+ * </p>
+ * <p>
+ * <b>NOTE:</b> true: POST, false: REDIRECT, null: does not exist
+ * </p>
+ * @param participant
+ * @return
+ */
+ Boolean getBinding(String participant);
+
+ /**
+ * The total number of sessions active
+ * @return
+ */
+ int totalSessions();
+
+ /**
+ * Create a session
+ * @param id
+ */
+ void createSession( String id );
+
+ /**
+ * Remove a session
+ * @param id
+ */
+ void removeSession( String id );
+
+}
\ No newline at end of file
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java 2011-02-25
19:12:09 UTC (rev 777)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/core/IdentityServer.java 2011-02-25
22:03:26 UTC (rev 778)
@@ -58,9 +58,9 @@
private static int activeSessionCount = 0;
- private STACK stack = new STACK();
+ private IdentityParticipantStack stack = new STACK();
- public class STACK
+ public class STACK implements IdentityParticipantStack
{
private ConcurrentHashMap<String,Stack<String>> sessionParticipantsMap
=
new ConcurrentHashMap<String, Stack<String>>();
@@ -71,9 +71,7 @@
private ConcurrentHashMap<String, Boolean> postBindingMap = new
ConcurrentHashMap<String, Boolean>();
/**
- * Peek at the most recent participant in the session
- * @param sessionID
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#peek(java.lang.String)
*/
public String peek(String sessionID)
{
@@ -84,9 +82,7 @@
}
/**
- * Remove the most recent participant in the session
- * @param sessionID
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#pop(java.lang.String)
*/
public String pop(String sessionID)
{
@@ -100,9 +96,7 @@
}
/**
- * Register a participant in a session
- * @param sessionID
- * @param participant
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#register(java.lang.String,
java.lang.String, boolean)
*/
public void register(String sessionID, String participant, boolean postBinding)
{
@@ -120,9 +114,7 @@
}
/**
- * For a given identity session, return the number of participants
- * @param sessionID
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#getParticipants(java.lang.String)
*/
public int getParticipants(String sessionID)
{
@@ -134,10 +126,7 @@
}
/**
- * Register a participant as in transit in a logout interaction
- * @param sessionID
- * @param participant
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#registerTransitParticipant(java.lang.String,
java.lang.String)
*/
public boolean registerTransitParticipant(String sessionID, String participant)
{
@@ -151,10 +140,7 @@
}
/**
- * Deregister a participant as in transit in a logout interaction
- * @param sessionID
- * @param participant
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#deRegisterTransitParticipant(java.lang.String,
java.lang.String)
*/
public boolean deRegisterTransitParticipant(String sessionID, String participant)
{
@@ -168,9 +154,7 @@
}
/**
- * Return the number of participants in transit
- * @param sessionID
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#getNumOfParticipantsInTransit(java.lang.String)
*/
public int getNumOfParticipantsInTransit(String sessionID)
{
@@ -181,15 +165,7 @@
}
/**
- * <p>
- * For a particular participant, indicate whether it supports
- * POST or REDIRECT binding.
- * </p>
- * <p>
- * <b>NOTE:</b> true: POST, false: REDIRECT, null: does not exist
- * </p>
- * @param participant
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#getBinding(java.lang.String)
*/
public Boolean getBinding( String participant )
{
@@ -197,21 +173,26 @@
}
/**
- * The total number of sessions active
- * @return
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#totalSessions()
*/
public int totalSessions()
{
return sessionParticipantsMap.keySet().size();
}
- private void put(String id)
+ /**
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#createSession(java.lang.String)
+ */
+ public void createSession( String id )
{
sessionParticipantsMap.put(id, new Stack<String>());
inTransitMap.put(id, new HashSet<String>());
}
- private void remove(String id)
+ /**
+ * @see
org.picketlink.identity.federation.web.core.IdentityParticipantStack#removeSession(java.lang.String)
+ */
+ public void removeSession( String id )
{
sessionParticipantsMap.remove(id);
inTransitMap.remove(id);
@@ -231,11 +212,20 @@
* Return a reference to the internal stack
* @return
*/
- public STACK stack()
+ public IdentityParticipantStack stack()
{
return stack;
}
+ /**
+ * Set a custom instance of the {@link IdentityParticipantStack}
+ * @param theStack
+ */
+ public void setStack( IdentityParticipantStack theStack )
+ {
+ this.stack = theStack;
+ }
+
/**
* @see HttpSessionListener#sessionCreated(HttpSessionEvent)
@@ -268,7 +258,7 @@
throw new IllegalStateException("Identity Server mismatch");
String id = sessionEvent.getSession().getId();
- stack.put(id);
+ stack.createSession( id );
}
/**
@@ -282,6 +272,6 @@
if(trace)
log.trace("Session Destroyed with id=" + id + "::active session
count="
+ activeSessionCount);
- stack.remove(id);
+ stack.removeSession( id );
}
}
\ No newline at end of file
Modified:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2011-02-25
19:12:09 UTC (rev 777)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2011-02-25
22:03:26 UTC (rev 778)
@@ -75,12 +75,14 @@
import org.picketlink.identity.federation.core.saml.v2.util.HandlerUtil;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.core.IdentityParticipantStack;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.roles.DefaultRoleGenerator;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
@@ -105,28 +107,33 @@
protected transient IDPType idpConfiguration = null;
- private transient RoleGenerator roleGenerator = new DefaultRoleGenerator();
+ protected transient RoleGenerator roleGenerator = new DefaultRoleGenerator();
- private transient DelegatedAttributeManager attribManager = new
DelegatedAttributeManager();
+ protected transient DelegatedAttributeManager attribManager = new
DelegatedAttributeManager();
- private List<String> attributeKeys = new ArrayList<String>();
+ protected List<String> attributeKeys = new ArrayList<String>();
- private long assertionValidity = 5000; // 5 seconds in miliseconds
+ protected long assertionValidity = 5000; // 5 seconds in miliseconds
- private String identityURL = null;
+ protected String identityURL = null;
- private transient TrustKeyManager keyManager;
+ protected transient TrustKeyManager keyManager;
- private Boolean ignoreIncomingSignatures = false;
+ protected Boolean ignoreIncomingSignatures = false;
- private Boolean signOutgoingMessages = true;
+ protected Boolean signOutgoingMessages = true;
protected String canonicalizationMethod =
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
- private transient ServletContext context = null;
+ protected transient ServletContext context = null;
- private transient SAML2HandlerChain chain = null;
+ protected transient SAML2HandlerChain chain = null;
+ /**
+ * If the user wants to set a particular {@link IdentityParticipantStack}
+ */
+ protected String identityParticipantStack = null;
+
public Boolean getIgnoreIncomingSignatures()
{
return ignoreIncomingSignatures;
@@ -252,6 +259,27 @@
{
identityServer = new IdentityServer();
context.setAttribute(GeneralConstants.IDENTITY_SERVER, identityServer);
+ String theStackParam = config.getInitParameter(
GeneralConstants.IDENTITY_PARTICIPANT_STACK );
+ if( StringUtil.isNotNull( theStackParam ) )
+ {
+ try
+ {
+ Class<?> stackClass =
SecurityActions.getContextClassLoader().loadClass(theStackParam);
+ identityServer.setStack( (IdentityParticipantStack)
stackClass.newInstance() );
+ }
+ catch (ClassNotFoundException e)
+ {
+ log( "Unable to set the Identity Participant Stack Class. Will just
use the default", e );
+ }
+ catch (InstantiationException e)
+ {
+ log( "Unable to set the Identity Participant Stack Class. Will just
use the default", e );
+ }
+ catch (IllegalAccessException e)
+ {
+ log( "Unable to set the Identity Participant Stack Class. Will just
use the default", e );
+ }
+ }
}
//Ensure the configuration in the STS