Author: anil.saldhana(a)jboss.com
Date: 2011-09-22 01:19:29 -0400 (Thu, 22 Sep 2011)
New Revision: 1245
Added:
federation/trunk/picketlink-webapps/as7/
federation/trunk/picketlink-webapps/as7/assembly/
federation/trunk/picketlink-webapps/as7/assembly/bin.xml
federation/trunk/picketlink-webapps/as7/assembly/pom.xml
federation/trunk/picketlink-webapps/as7/assembly/src/
federation/trunk/picketlink-webapps/as7/assembly/src/main/
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sp-jboss-beans.xml
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sts-jboss-beans.xml
federation/trunk/picketlink-webapps/as7/employee-post/
federation/trunk/picketlink-webapps/as7/employee-post/pom.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/resources/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/careermap.jpg
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/employee-saml11/
federation/trunk/picketlink-webapps/as7/employee-saml11/pom.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/resources/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/careermap.jpg
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/employee/
federation/trunk/picketlink-webapps/as7/employee/pom.xml
federation/trunk/picketlink-webapps/as7/employee/src/
federation/trunk/picketlink-webapps/as7/employee/src/main/
federation/trunk/picketlink-webapps/as7/employee/src/main/resources/
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/careermap.jpg
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/idp/
federation/trunk/picketlink-webapps/as7/idp/pom.xml
federation/trunk/picketlink-webapps/as7/idp/src/
federation/trunk/picketlink-webapps/as7/idp/src/main/
federation/trunk/picketlink-webapps/as7/idp/src/main/resources/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/roles.properties
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/users.properties
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/hosted/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/hosted/index.jsp
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/error.jsp
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login-error.jsp
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login.jsp
federation/trunk/picketlink-webapps/as7/pdp/
federation/trunk/picketlink-webapps/as7/pdp/pom.xml
federation/trunk/picketlink-webapps/as7/pdp/src/
federation/trunk/picketlink-webapps/as7/pdp/src/main/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/himss-policy.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policyConfig.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/wsdl/
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl
federation/trunk/picketlink-webapps/as7/picketlink-sts/
federation/trunk/picketlink-webapps/as7/picketlink-sts/pom.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/picketlink-sts.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/sts_keystore.jks
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-wsse-server.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/lib/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/wsdl/
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/wsdl/PicketLinkSTS.wsdl
federation/trunk/picketlink-webapps/as7/pom.xml
federation/trunk/picketlink-webapps/as7/sales-post/
federation/trunk/picketlink-webapps/as7/sales-post/pom.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/MANIFEST.MF
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.properties
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/piechart.gif
federation/trunk/picketlink-webapps/as7/sales-saml11/
federation/trunk/picketlink-webapps/as7/sales-saml11/pom.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/resources/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/lib/
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/piechart.gif
federation/trunk/picketlink-webapps/as7/sales/
federation/trunk/picketlink-webapps/as7/sales/pom.xml
federation/trunk/picketlink-webapps/as7/sales/src/
federation/trunk/picketlink-webapps/as7/sales/src/main/
federation/trunk/picketlink-webapps/as7/sales/src/main/resources/
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/jboss-deployment-structure.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/lib/
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/piechart.gif
Modified:
federation/trunk/picketlink-webapps/pom.xml
Log:
PLFED-208: add as7 webapps
Added: federation/trunk/picketlink-webapps/as7/assembly/bin.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/assembly/bin.xml (rev
0)
+++ federation/trunk/picketlink-webapps/as7/assembly/bin.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,53 @@
+<assembly>
+ <formats>
+ <format>zip</format>
+ </formats>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <files>
+ <file>
+ <source>${basedir}/../idp/target/idp.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../sales/target/sales.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../employee/target/employee.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../sales-post/target/sales-post.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../employee-post/target/employee-post.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../sales-saml11/target/sales-saml11.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+
<source>${basedir}/../employee-saml11/target/employee-saml11.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+
<source>${basedir}/../picketlink-sts/target/picketlink-sts.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
+ <source>${basedir}/../pdp/target/pdp.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ </files>
+</assembly>
Added: federation/trunk/picketlink-webapps/as7/assembly/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/assembly/pom.xml (rev
0)
+++ federation/trunk/picketlink-webapps/as7/assembly/pom.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,62 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-fed-parent</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../../parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-fed-webapps-as7-assembly</artifactId>
+ <packaging>pom</packaging>
+ <name>PicketLink Federation WebApps Samples- Assembly</name>
+ <
url>http://www.picketlink.org/</url>
+ <description>PicketLink Federation</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>2.1</version>
+ <executions>
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>attached</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Specification-Title>PicketLink</Specification-Title>
+
<Specification-Version>${project.version}</Specification-Version>
+ <Specification-Vendor>Red Hat Middleware
LLC</Specification-Vendor>
+ <Implementation-Title>JBoss Identity</Implementation-Title>
+
<Implementation-Version>${project.version}</Implementation-Version>
+
<Implementation-VendorId>org.jboss.security</Implementation-VendorId>
+ <Implementation-Vendor>Red Hat Middleware
LLC</Implementation-Vendor>
+
<
Implementation-URL>http://picketlink.org/</Implementation-URL>
+ </manifestEntries>
+ </archive>
+ <descriptors>
+ <descriptor>bin.xml</descriptor>
+ </descriptors>
+ </configuration>
+ <inherited>false</inherited>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Added:
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sp-jboss-beans.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sp-jboss-beans.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sp-jboss-beans.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
+
+ <application-policy xmlns="urn:jboss:security-beans:1.0"
name="sp">
+ <authentication>
+ <login-module code =
"org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule"
+ flag = "required" />
+ </authentication>
+ </application-policy>
+
+</deployment>
Property changes on:
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sp-jboss-beans.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sts-jboss-beans.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sts-jboss-beans.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/assembly/src/main/resources/picketlink-sts-jboss-beans.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
+
+ <!-- ejb3 test application-policy definition -->
+ <application-policy xmlns="urn:jboss:security-beans:1.0"
name="cache-test">
+ <authentication>
+ <login-module
code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule"
flag="required">
+ <module-option
name="password-stacking">useFirstPass</module-option>
+ <module-option
name="configFile">sts-config.properties</module-option>
+ <module-option
name="cache.invalidation">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</deployment>
+
Added: federation/trunk/picketlink-webapps/as7/employee/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/pom.xml (rev
0)
+++ federation/trunk/picketlink-webapps/as7/employee/pom.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,39 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>employee-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Web Apps Employee</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>employee</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator</class-name>
+ </valve>
+
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${employee.url::http://localhost:8080/employee/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>PicketLink Employee Application</display-name>
+ <description>
+ Just a Test SP
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>EMPLOYEE Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat EMPLOYEE Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the EMPLOYEE Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/careermap.jpg
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/careermap.jpg
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/error.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/index.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>EmployeeDashboard</h1>
+<br/>
+Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your cartoon of the day:
+<br/>
+<img src="careermap.jpg"/>
+<br/>
+<a href="?GLO=true">Click to LogOut</a>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/login.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/logout.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/employee/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-post/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/pom.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee-post/pom.xml 2011-09-22 05:19:29 UTC
(rev 1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>employee-post-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Employee With Post</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>employee-post</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator</class-name>
+ </valve>
+
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+
<ServiceURL>${employee-post.url::http://localhost:8080/employee-post/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>PicketLink Employee Application</display-name>
+ <description>
+ Just a Test SP
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>EMPLOYEE Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat EMPLOYEE Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the EMPLOYEE Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/careermap.jpg
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/careermap.jpg
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added: federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/error.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/index.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>EmployeeDashboard</h1>
+<br/>
+Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your cartoon of the day:
+<br/>
+<img src="careermap.jpg"/>
+<br/>
+<a href="?GLO=true">Click to LogOut</a>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/login.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/logout.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,2 @@
+
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-post/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-saml11/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-saml11/pom.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/employee-saml11/pom.xml 2011-09-22 05:19:29
UTC (rev 1245)
@@ -0,0 +1,39 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>employee-saml11-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Web Apps Employee</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>employee-saml11</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator</class-name>
+ </valve>
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${employee.url::http://localhost:8080/employee/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>PicketLink Employee Application</display-name>
+ <description>
+ Just a Test SP
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>EMPLOYEE Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat EMPLOYEE Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the EMPLOYEE Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/careermap.jpg
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/careermap.jpg
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added: federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/error.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/index.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<div align="center">
+<h1>EmployeeDashboard</h1>
+<br/>
+Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your cartoon of the day:
+<br/>
+<img src="careermap.jpg"/>
+<br/>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/login.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/logout.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/employee-saml11/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/pom.xml (rev 0)
+++ federation/trunk/picketlink-webapps/as7/idp/pom.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>idp-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Identity Provider</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>idp</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,8 @@
+<Context>
+ <Valve
+ className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve"
/>
+ <Valve
+ className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve"
+ signOutgoingMessages="false"
+ ignoreIncomingSignatures="true"/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/roles.properties
===================================================================
---
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/roles.properties
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/roles.properties 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+tomcat=manager,sales,employee
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/roles.properties
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/users.properties
===================================================================
---
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/users.properties
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/users.properties 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+tomcat=tomcat
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/classes/users.properties
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,8 @@
+<Context>
+ <Valve
+ className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve"
/>
+ <Valve
+ className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve"
+ signOutgoingMessages="false"
+ ignoreIncomingSignatures="true"/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,15 @@
+<jboss-web>
+ <security-domain>idp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name>
+ <param>
+ <param-name>signOutgoingMessages</param-name>
+ <param-value>false</param-value>
+ </param>
+ <param>
+ <param-name>ignoreIncomingSignatures</param-name>
+ <param-value>true</param-value>
+ </param>
+ </valve>
+
+</jboss-web>
Added:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,6 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler"/>
+</Handlers>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,6 @@
+<PicketLinkIDP xmlns="urn:picketlink:identity-federation:config:1.0" >
+<IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+<Trust>
+ <Domains>localhost,jboss.com,jboss.org,amazonaws.com</Domains>
+</Trust>
+</PicketLinkIDP>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>IDP</display-name>
+ <description>
+ IDP Web Application for the PicketLink project
+ </description>
+
+ <!-- Define a security constraint that gives unlimted access to images -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Images</web-resource-name>
+ <url-pattern>/images/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Manager command</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ <role-name>Sales</role-name>
+ <role-name>Employee</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>PicketLink IDP Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/login-error.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <role-name>manager</role-name>
+ </security-role>
+ <security-role>
+ <role-name>Sales</role-name>
+ </security-role>
+ <security-role>
+ <role-name>Employee</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/hosted/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/hosted/index.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/hosted/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,11 @@
+<html>
+<body>
+Welcome to the Identity Provider from PicketLink.
+<br/>
+Dashboard links are:
+<br/>
+<a
href="?TARGET=http%3A//localhost%3a8080/sales-saml11/">Sales</a>
+<br/>
+<a
href="?TARGET=http%3A//localhost%3a8080/employee-saml11/">Employee</a>
+</body>
+</html>
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/index.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+Welcome to IDP!
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/error.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login-error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login-error.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login-error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,6 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Login Error</font><hr>
+
+</body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login-error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/idp/src/main/webapp/jsp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/pdp/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/pdp/pom.xml (rev 0)
+++ federation/trunk/picketlink-webapps/as7/pdp/pom.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>pdp-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink XACML PDP</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>XACML PDP Web Application for the PicketLink
Project</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>pdp</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.jboss.security.xacml" />
+ <module name="org.picketlink" />
+ <module name="org.picketbox" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Top level policy set which combines the CDA and N confidentiality codes.
+ </Description>
+ <Target/>
+ <PolicySet
+
PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:emergency"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target/>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:emergency</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:CDA"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >UBA</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:CDA</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:MA"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >MA</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:MA</PolicySetIdReference>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:MA:default-to-permit"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA"
+ Effect="Permit">
+ <Description>
+ If a Deny was obtained for object above then set Permit by default.
+ </Description>
+ </Rule>
+ </Policy>
+ </PolicySet>
+ <PolicySet
+
PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:bus-rule"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:progress-note</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:toplevel:N"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target/>
+ <PolicySetIdReference
+ >urn:va:xacml:2.0:interop:rsa8:policysetid:N</PolicySetIdReference>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:N:PermCollections</PolicySetIdReference>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-01-top-level.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:CDA"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the UBA confidentiality code.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:CDA"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:CDA:1"
+ Effect="Permit">
+ <Description>
+ If the access subject is NOT one of those users which consent has
+ been removed, then permit.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:dissented-subject-id NOT EQUAL TO subject:subject-id -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <!-- True if hl7:dissented-subject-id EQUAL TO subject:subject-id -->
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:dissented-subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:CDA:2"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response
-->
+ <!-- This obligation instructs the PEP to apply privacy constraints to
-->
+ <!-- user's responsibility for the data.
-->
+ <Obligation
+
ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:privacy:constraint"
+ FulfillOn="Deny"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02a-CDA.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for evaluating the subject:role attributes.
+ This implements an RBAC policy. This policy set matches
+ subject roles and refers to permission policy sets.
+ </Description>
+ <Target/>
+ <PolicySet
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:physician"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:role:hl7:physician</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ </Target>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02b-N.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:PermCollections"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for evaluating the subject:hl7:permission attributes.
+ This implements an RBAC policy. This policy set matches
+ subject roles and refers to permission policy sets.
+ </Description>
+ <Target/>
+ <PolicySet
+
PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides">
+ <Target/>
+ <PolicySet
+
PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set-0"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target/>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+ <PolicySet
+
PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:med-rec-perm-set-1"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</AttributeValue>
+ <SubjectAttributeDesignator
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ </Target>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole</PolicySetIdReference>
+ </PolicySet>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02c-N-PermCollections.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:progress-note"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the business rule for unsigned progress notes.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:progress-note"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:sig"
+ Effect="Permit">
+ <Description>
+ If the progress-note is signed allow any user to see it. If not signed
+ then only author may see it.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if resource:hl7:progress-note:signed EQUAL TO True -->
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >True</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note:signed"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:author"
+ Effect="Permit">
+ <Description>
+ If a Permit was not obtained then subject must be author.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:dissented-subject-id EQUAL TO subject:subject-id -->
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note:author-subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:progress-note:deny-sig"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response
-->
+ <!-- This obligation informs the PEP access denied unsigned non-author
-->
+ <Obligation
+
ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:deny:unsigned:non-author"
+ FulfillOn="Deny"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02d-prog-note.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:MA"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the MA confidentiality code.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:MA"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA:1"
+ Effect="Deny">
+ <Description>
+ If the access subject is NOT one of those users which consent has
+ been removed, then deny.
+ Note: there is reverse logic here because the Obligation that denies
+ access to the user for this object must be issued when the user has
+ obtained a Permit. So, the caller of this policy must know to reverse
+ sense as well.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if hl7:radiology:dissented-subject-id NOTEQUALTO subject:subject-id
-->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <!-- True if hl7:radiology:dissented-subject-id EQUALTO subject:subject-id
-->
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <ResourceAttributeDesignator
+ AttributeId=
+
"urn:va:xacml:2.0:interop:rsa8:resource:hl7:radiology:dissented-subject-id"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:MA:2"
+ Effect="Permit">
+ <Description>
+ If a Deny was not obtained above then set Permit by default.
+ </Description>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response
-->
+ <!-- This obligation instructs the PEP to apply privacy constraints to
-->
+ <!-- user's responsibility for the data.
-->
+ <Obligation
+ ObligationId=
+
"urn:va:xacml:2.0:interop:rsa8:obligation:ma:privacy:constraint:radiology"
+ FulfillOn="Permit"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02e-MA.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:emergency"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set to allow emergency access for non-facility subjects.
+ Returns Deny if user not from supported facility AND does not have emergency perm
+ Returns Permit if not from supported facility AND not denied access
+ Returns NotApplicable if plain old user from supported facility
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:emergency"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Target/>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:emergency:deny"
+ Effect="Deny">
+ <Description>
+ If the subject is not from a supported facility AND
+. if the subject does not have emergency permission THEN Deny access.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <!-- AND if hl7:pea-001 NOT EQUAL TO ANYOF subject:hl7:permission -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:oasis:names:tc:xacml:1.0:subject:locality"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <EnvironmentAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:environment:locality"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ <!-- True if hl7:pea-001 NOT EQUAL TO ANYOF subject:hl7:permission -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:hl7:pea-001</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:emergency:permit"
+ Effect="Permit">
+ <Description>
+ If a Deny was not obtained above AND subject not part of a supported
+ facility then subject must have emergency permission.
+ </Description>
+ <Target/>
+ <Condition>
+ <!-- True if subject:locality NOT EQUAL TO ANYOF environment:locality -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
+ <Function
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId=
+ "urn:oasis:names:tc:xacml:1.0:subject:locality"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <EnvironmentAttributeDesignator
+ AttributeId=
+ "urn:va:xacml:2.0:interop:rsa8:environment:locality"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <!-- These obligations provide specific instructions to PEP in the response
-->
+ <!-- This obligation informs the PEP user granted emergency access -->
+ <Obligation
+
ObligationId="urn:va:xacml:2.0:interop:rsa8:obligation:emergency:permit"
+ FulfillOn="Permit"/>
+ </Obligations>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-02f-emergency.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId=
+ "urn:va:xacml:2.0:interop:rsa8:policysetid:N:RPS:med-rec-vrole"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set that points to the Permission PolicySet for medical record
+ resources and actions.
+ </Description>
+ <Target/>
+ <PolicySetIdReference
+
>urn:va:xacml:2.0:interop:rsa8:policysetid:N:PPS:PRD-004</PolicySetIdReference>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-03-N-RPS-virt-med-rec-role.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,180 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PolicySet
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:va:xacml:2.0:interop:rsa8:policysetid:N:PPS:PRD-004"
+ PolicyCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>
+ Policy set for the PRD-004 permission. This permission allows
+ access to all medical records.
+ </Description>
+ <Target/>
+ <Policy
+ PolicyId="urn:va:xacml:2.0:interop:rsa8:policyid:N:PPS:PRD-004:1"
+ RuleCombiningAlgId=
+
"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:demographics</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:chart</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:problemlist</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:procedures</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:laboratory</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:radiology</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:medications</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:vitals</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:progress-note</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
>urn:va:xacml:2.0:interop:rsa8:resource:hl7:patientsearch</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+
DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:policy:N:PPS:PRD-004:1:rule:1"
+ Effect="Permit">
+ <Condition>
+
+ <!-- Returns true iff the first argument is a subset of the second argument
-->
+ <!-- i.e. the permissions required by the resource must be a
-->
+ <!-- subset of the permissions supplied by the subject
-->
+
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+
+ <!-- 1st argument: returns the values of all Attributes with
-->
+ <!--
DataType="http://www.w3.org/2001/XMLSchema#string" and
-->
+ <!--
AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission" -->
+ <ResourceAttributeDesignator
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"/>
+
+ <!-- 2nd argument: returns the values of all Attributes with
-->
+ <!--
DataType="http://www.w3.org/2001/XMLSchema#string" and
-->
+ <!--
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission" -->
+ <SubjectAttributeDesignator
+
DataType="http://www.w3.org/2001/XMLSchema#string"
+
AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"/>
+
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule
+ RuleId="urn:va:xacml:2.0:interop:rsa8:rule:N:PPS:PRD-004:1:rule:2"
+ Effect="Deny">
+ <Description>
+ If a Permit was not obtained above then set Deny by default.
+ </Description>
+ </Rule>
+ </Policy>
+</PolicySet>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/XacmlPolicySet-04-N-PPS-PRD-004.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/himss-policy.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/himss-policy.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/himss-policy.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,601 @@
+<?xml version="1.0" encoding="utf-8"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-o...
+ PolicySetId="urn:oasis:names:tc:xspa:1.0"
+
PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target />
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:org"
PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>Contains all organizational policies which are evaluated on all
requests.</Description>
+ <Target />
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and is not a member of the allowed organizations.
+ </Description>
+ <Target />
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations:deny"
Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the
subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperations"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ the resource outside of the alloted time.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperation:deny"
Effect="Deny">
+ <Description>Evaluates the environment time against the hours of operation
start and end.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-greater-than-or-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time"
DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:start"
DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-less-than-or-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time"
DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:end"
DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.STRUCTURED-ROLE NOT IN ORG.REQUIRED-ROLES -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:required:roles"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and they are not a member of the required role(s).
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:required:roles:deny"
Effect="Deny">
+ <Description>Evaluates the organization roles (if available) against the
subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <!-- MAY NEED TO SWITCH ~~ Is this a one to many relationship? Are
all roles required or does the subject just need to be included? -->
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.PERMISSIONS NOT IN ORG.RESOURCE.PERMISSIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.resource.permissions"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject does not have adequate
+ permissions to access the resource.
+ </Description>
+ <Target />
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:org:resource.permissions:deny"
Effect="Deny">
+ <Description>Evaluates the required permissions (if available) against the
subject's permissions.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:hl7:permission"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.catch-all"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Description></Description>
+ <Target />
+ <Rule RuleId="" Effect="Permit"></Rule>
+ </Policy>
+ </PolicySet>
+
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:patient"
PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>These policies are patient consent directives and are invoked on
medical-record requests.</Description>
+ <Target />
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN
PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by
the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-roles for problems (if available)
against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted
by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-roles for medications (if available)
against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request alerts from the subject if the NPI is not permitted by the
patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-roles for alerts (if available)
against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- IMMUNIZATIONS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted
by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-roles for immunizations (if
available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN
PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by
the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for problems (if
available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted
by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for medications (if
available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for alerts from the subject if the NPI is not permitted by the
patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for alerts (if
available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- IMMUNIZATIONS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted
by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids:permit"
Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for immunizations
(if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation
ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id"
FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- SUBJECT.LOCALITY NOT IN PATIENT.ALLOWED-ORGANIZATIONS -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their locality is not permitted by the
patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations:deny"
Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the
subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ROLE IN PATIENT.DISSENTING-ROLES -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting:role"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their role is not permitted by the
patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:patient:dissenting:roles:deny"
Effect="Deny">
+ <Description>Evaluates the dissenting-role (if available) against the
subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-role"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ID IN PATIENT.DISSENTING-ID -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-ids"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target />
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:deny"
Effect="Deny">
+ <Description>Evaluates the dissenting-subject-id (if available) against the
subject's NPI.</Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#integer">0</At...
+ </Apply>
+ </Apply>
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- CONFIDENTIALITY -->
+ <Policy
PolicyId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-codes"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the confidentiality code is set to
"Sensitive". This policy
+ is acting as the "Catch-All".
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule
RuleId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code:deny"
Effect="Deny">
+ <Description>Evaluates the HL7 confidentiality-code.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string">S</Att...
+ <ResourceAttributeDesignator
AttributeId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code"
DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ </PolicySet>
+</PolicySet>
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policies/himss-policy.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policyConfig.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policyConfig.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policyConfig.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,11 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+ <ns:Policies>
+ <ns:PolicySet>
+ <ns:Location>policies/himss-policy.xml</ns:Location>
+ </ns:PolicySet>
+ </ns:Policies>
+ <ns:Locators>
+ <ns:Locator
Name="org.jboss.security.xacml.locators.JBossPolicySetLocator">
+ </ns:Locator>
+ </ns:Locators>
+</ns:jbosspdp>
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/classes/policyConfig.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>PDP Endpoint</display-name>
+ <description>
+ XACML PDP Web Application for the PicketLink project
+ </description>
+
+ <context-param>
+ <param-name>debug</param-name>
+ <param-value>false</param-value>
+ </context-param>
+
+
+ <servlet>
+ <servlet-name>SOAPServlet</servlet-name>
+
<servlet-class>org.picketlink.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet</servlet-class>
+ <!-- Issuer is the string used in the issuer of saml
messages/assertions/statements-->
+ <init-param>
+ <param-name>issuer</param-name>
+ <param-value>redhatPdpEntity</param-value>
+ </init-param>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name>SOAPSAMLXACMLPDPServlet</servlet-name>
+
<servlet-class>org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP</servlet-class>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>SOAPSAMLXACMLPDPServlet</servlet-name>
+ <url-pattern>/SOAPSAMLXACMLPDP</url-pattern>
+ </servlet-mapping>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl
===================================================================
---
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/pdp/src/main/webapp/WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,51 @@
+<?xml version="1.0"?>
+<wsdl:definitions name="SOAPSAMLXACMLPDP"
targetNamespace="urn:picketlink:identity-federation:pdp"
+ xmlns:tns="urn:picketlink:identity-federation:pdp"
+
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+
xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl"
+
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/">
+ <wsdl:types>
+ <xs:schema targetNamespace="urn:picketlink:identity-federation:pdp"
+ xmlns:tns="urn:picketlink:identity-federation:pdp"
+
xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ version="1.0" elementFormDefault="qualified">
+ <xs:element name="MessageBody">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:any minOccurs="0" maxOccurs="unbounded"
namespace="##any"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:schema>
+ </wsdl:types>
+ <wsdl:message name="Authorize">
+ <wsdl:part name="authorizeMessage"
element="tns:MessageBody"/>
+ </wsdl:message>
+ <wsdl:message name="AuthorizeResponse">
+ <wsdl:part name="authorizerMessage"
element="tns:MessageBody"/>
+ </wsdl:message>
+ <wsdl:portType name="SOAPSAMLXACMLPort">
+ <wsdl:operation name="Authorize">
+ <wsdl:input
wsap10:Action="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue...
message="tns:Authorize"/>
+ <wsdl:output
wsap10:Action="http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issu...
message="tns:AuthorizeResponse"/>
+ </wsdl:operation>
+ </wsdl:portType>
+ <wsdl:binding name="PDPBinding"
type="tns:SOAPSAMLXACMLPort">
+ <soap12:binding
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="Authorize">
+ <soap12:operation
soapAction="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue"
style="document"/>
+ <wsdl:input>
+ <soap12:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap12:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:service name="SOAPSAMLXACMLPDP">
+ <wsdl:port name="SOAPSAMLXACMLPort"
binding="tns:PDPBinding">
+ <soap12:address
location="http://localhost:8080/SOAPSAMLXACMLPDP"/>
+ </wsdl:port>
+ </wsdl:service>
+</wsdl:definitions>
\ No newline at end of file
Added: federation/trunk/picketlink-webapps/as7/picketlink-sts/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/picketlink-sts/pom.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/picketlink-sts/pom.xml 2011-09-22 05:19:29 UTC
(rev 1245)
@@ -0,0 +1,39 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>picketlink-sts-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Security Token Service</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>picketlink-sts</warName>
+ <!--webappDirectory>${basedir}/resources/</webappDirectory>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes-->
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/picketlink-sts.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/picketlink-sts.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/picketlink-sts.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,24 @@
+<PicketLinkSTS xmlns="urn:picketlink:identity-federation:config:1.0"
+ STSName="PicketLinkSTS" TokenTimeout="7200"
EncryptToken="false">
+ <KeyProvider
ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
+ <Auth Key="KeyStoreURL" Value="sts_keystore.jks"/>
+ <Auth Key="KeyStorePass" Value="testpass"/>
+ <Auth Key="SigningKeyAlias" Value="sts"/>
+ <Auth Key="SigningKeyPass" Value="keypass"/>
+ <ValidatingAlias
Key="http://services.testcorp.org/provider1"
Value="service1"/>
+ </KeyProvider>
+ <TokenProviders>
+ <TokenProvider
ProviderClass="org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML11TokenProvider"
+
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
+ TokenElement="Assertion"
+ TokenElementNS="urn:oasis:names:tc:SAML:1.0:assertion"/>
+ <TokenProvider
ProviderClass="org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
+
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
+ TokenElement="Assertion"
+ TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion"/>
+ </TokenProviders>
+ <ServiceProviders>
+ <ServiceProvider
Endpoint="http://services.testcorp.org/provider1"
TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi...
+ TruststoreAlias="service1"/>
+ </ServiceProviders>
+</PicketLinkSTS>
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/sts_keystore.jks
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/resources/sts_keystore.jks
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-web>
+ <security-domain>jmx-console</security-domain>
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-wsse-server.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-wsse-server.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-wsse-server.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <config>
+ <requires/>
+ </config>
+</jboss-ws-security>
Property changes on:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/jboss-wsse-server.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+ <servlet>
+ <servlet-name>PicketLinkSTS</servlet-name>
+
<servlet-class>org.picketlink.identity.federation.core.wstrust.PicketLinkSTS</servlet-class>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>PicketLinkSTS</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>PicketLinkSTSService</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>JBossAdmin</role-name>
+ <role-name>STSClient</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>PicketLinkSTSRealm</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>JBossAdmin</role-name>
+ </security-role>
+ <security-role>
+ <role-name>STSClient</role-name>
+ </security-role>
+
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/wsdl/PicketLinkSTS.wsdl
===================================================================
---
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/wsdl/PicketLinkSTS.wsdl
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/picketlink-sts/src/main/webapp/WEB-INF/wsdl/PicketLinkSTS.wsdl 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,51 @@
+<?xml version="1.0"?>
+<wsdl:definitions name="PicketLinkSTS"
targetNamespace="urn:picketlink:identity-federation:sts"
+ xmlns:tns="urn:picketlink:identity-federation:sts"
+
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+
xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl"
+
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/">
+ <wsdl:types>
+ <xs:schema targetNamespace="urn:picketlink:identity-federation:sts"
+ xmlns:tns="urn:picketlink:identity-federation:sts"
+
xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ version="1.0" elementFormDefault="qualified">
+ <xs:element name="MessageBody">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:any minOccurs="0" maxOccurs="unbounded"
namespace="##any"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:schema>
+ </wsdl:types>
+ <wsdl:message name="RequestSecurityToken">
+ <wsdl:part name="rstMessage" element="tns:MessageBody"/>
+ </wsdl:message>
+ <wsdl:message name="RequestSecurityTokenResponse">
+ <wsdl:part name="rstrMessage" element="tns:MessageBody"/>
+ </wsdl:message>
+ <wsdl:portType name="SecureTokenService">
+ <wsdl:operation name="IssueToken">
+ <wsdl:input
wsap10:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/...
message="tns:RequestSecurityToken"/>
+ <wsdl:output
wsap10:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR...
message="tns:RequestSecurityTokenResponse"/>
+ </wsdl:operation>
+ </wsdl:portType>
+ <wsdl:binding name="STSBinding"
type="tns:SecureTokenService">
+ <soap12:binding
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="IssueToken">
+ <soap12:operation
soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Iss...
style="document"/>
+ <wsdl:input>
+ <soap12:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap12:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:service name="PicketLinkSTS">
+ <wsdl:port name="PicketLinkSTSPort"
binding="tns:STSBinding">
+ <soap12:address
location="http://localhost:8080/picketlink-sts/PicketLinkSTS"/>
+ </wsdl:port>
+ </wsdl:service>
+</wsdl:definitions>
Added: federation/trunk/picketlink-webapps/as7/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/pom.xml (rev 0)
+++ federation/trunk/picketlink-webapps/as7/pom.xml 2011-09-22 05:19:29 UTC (rev 1245)
@@ -0,0 +1,37 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-fed-parent</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../../parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <packaging>pom</packaging>
+ <name>PicketLink Federation Web Applications for JBoss AS7++</name>
+ <
url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>PicketLink Web Applications contains the web
+ applications for Federated Identity Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <modules>
+ <module>sales</module>
+ <module>employee</module>
+ <module>sales-post</module>
+ <module>employee-post</module>
+ <module>sales-saml11</module>
+ <module>employee-saml11</module>
+ <module>idp</module>
+ <module>picketlink-sts</module>
+ <module>pdp</module>
+ <module>assembly</module>
+ </modules>
+</project>
Added: federation/trunk/picketlink-webapps/as7/sales/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/pom.xml (rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales/pom.xml 2011-09-22 05:19:29 UTC (rev
1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Sales</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,3 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,5 @@
+<Context>
+ <!-- log all incoming and outgoing messages. -->
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator"
/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator</class-name>
+ </valve>
+</jboss-web>
Added:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${sales.url::http://localhost:8080/sales/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>Fedbridge Test SALES Application</display-name>
+ <description>
+ Just a Test SP for Fedbridge Project
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>SALES Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat SALES Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the Manager Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/error.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/index.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,14 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+<a href="?GLO=true">Click to LogOut</a>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/login.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/logout.jsp
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/piechart.gif
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/sales/src/main/webapp/piechart.gif
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added: federation/trunk/picketlink-webapps/as7/sales-post/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/pom.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales-post/pom.xml 2011-09-22 05:19:29 UTC
(rev 1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales-post-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Sales With Post</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales-post</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/MANIFEST.MF
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/MANIFEST.MF
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/MANIFEST.MF 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,6 @@
+Manifest-Version: 1.0
+Archiver-Version: Plexus Archiver
+Created-By: Apache Maven
+Built-By: anil
+Build-Jdk: 1.6.0_16
+
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/MANIFEST.MF
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.properties
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.properties
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.properties 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,5 @@
+#Generated by Maven
+#Wed Mar 17 14:09:48 CDT 2010
+version=1.0.3.CR2
+groupId=org.picketlink
+artifactId=sales
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.properties
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps</artifactId>
+ <version>1.0.3.CR2</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Sales</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/META-INF/maven/org.picketlink/sales/pom.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator"
+ />
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator</class-name>
+ </valve>
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+
<ServiceURL>${sales-post.url::http://localhost:8080/sales-post/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>Fedbridge Test SALES Application</display-name>
+ <description>
+ Just a Test SP for Fedbridge Project
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>SALES Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat SALES Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the Manager Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/error.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/index.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,14 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+<a href="?GLO=true">Click to LogOut</a>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/login.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/logout.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/piechart.gif
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-post/src/main/webapp/piechart.gif
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/pom.xml
(rev 0)
+++ federation/trunk/picketlink-webapps/as7/sales-saml11/pom.xml 2011-09-22 05:19:29 UTC
(rev 1245)
@@ -0,0 +1,38 @@
+<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps-as7</artifactId>
+ <version>2.0.2-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales-saml11-as7</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Sales</name>
+ <
url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity
Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <
url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales-saml11</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Property changes on: federation/trunk/picketlink-webapps/as7/sales-saml11/pom.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,3 @@
+<Context>
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator"
/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/META-INF/jboss-deployment-structure.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,10 @@
+<jboss-deployment-structure>
+
+ <deployment>
+ <!-- Add picketlink module dependency -->
+ <dependencies>
+ <module name="org.picketlink" />
+ </dependencies>
+ </deployment>
+</jboss-deployment-structure>
+
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/context.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/context.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/context.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,5 @@
+<Context>
+ <!-- log all incoming and outgoing messages. -->
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ <Valve
className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator"
/>
+</Context>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+ <valve>
+
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator</class-name>
+ </valve>
+</jboss-web>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
---
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0"
ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${sales.url::http://localhost:8080/sales/}</ServiceURL>
+</PicketLinkSP>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/web.xml
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/web.xml 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>Fedbridge Test SALES Application</display-name>
+ <description>
+ Just a Test SP for Fedbridge Project
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>SALES Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat SALES Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the Manager Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/error.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/error.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp")
%>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/index.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/index.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+
+</div>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/login.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/login.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text'
name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password'
size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/logout.jsp
(rev 0)
+++
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/logout.jsp 2011-09-22
05:19:29 UTC (rev 1245)
@@ -0,0 +1 @@
+You are logged out.
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/piechart.gif
===================================================================
(Binary files differ)
Property changes on:
federation/trunk/picketlink-webapps/as7/sales-saml11/src/main/webapp/piechart.gif
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
Modified: federation/trunk/picketlink-webapps/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/pom.xml 2011-09-22 05:02:27 UTC (rev 1244)
+++ federation/trunk/picketlink-webapps/pom.xml 2011-09-22 05:19:29 UTC (rev 1245)
@@ -42,9 +42,7 @@
<module>metadata</module>
<module>picketlink-sts</module>
<module>pdp</module>
- <!--
- <module>seam-sp</module>
- -->
<module>assembly</module>
+ <module>as7</module>
</modules>
</project>