Picketlink SVN: r1395 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util and 4 other directories.
1:39 p.m.
Author: anil.saldhana(a)jboss.com
Date: 2012-02-15 14:39:38 -0500 (Wed, 15 Feb 2012)
New Revision: 1395
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml
federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
Log:
PLFED-263: config providers using metadata
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-02-15
15:58:19 UTC (rev 1394)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -66,6 +66,8 @@
String IDP_WEBBROWSER_VALVE_NOT_STARTED = "PL00024: IDPWebBrowserSSOValve
NotStarted";
+ String ILLEGAL_METHOD_CALLED = "PL00020: Illegal Method Called";
+
String INVALID_ASSERTION = "PL00080: Invalid Assertion:";
String INVALID_DIGITAL_SIGNATURE = "PL00009: Invalid Digital Signature:";
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
===================================================================
---
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-02-15
15:58:19 UTC (rev 1394)
+++
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.core.ErrorCodes;
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
+import org.picketlink.identity.federation.core.config.IDPType;
import org.picketlink.identity.federation.core.config.KeyProviderType;
import org.picketlink.identity.federation.core.config.KeyValueType;
import org.picketlink.identity.federation.core.config.ProviderType;
@@ -45,11 +46,15 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.saml.v2.metadata.EndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType;
import
org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
import
org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IndexedEndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
/**
* Utility for configuration
@@ -287,8 +292,139 @@
return returningList;
}
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider
configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
public static SPType getSPConfiguration(EntityDescriptorType entityDescriptor, String
bindingURI)
{
+ SPType spType = new SPType();
+ String identityURL = null;
+ String serviceURL = null;
+
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor(entityDescriptor);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ spType.setIdentityURL(identityURL);
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor(entityDescriptor);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ spType.setServiceURL(serviceURL);
+ }
+ return spType;
+ }
+
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider
configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
+ public static SPType getSPConfiguration(EntitiesDescriptorType entitiesDescriptor,
String bindingURI)
+ {
+ SPType spType = null;
+ String identityURL = null;
+ String serviceURL = null;
+
+ List<Object> list = entitiesDescriptor.getEntityDescriptor();
+ if (list != null)
+ {
+ for (Object theObject : list)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ spType = getSPConfiguration((EntitiesDescriptorType) theObject,
bindingURI);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor((EntityDescriptorType)
theObject);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ if (identityURL != null && spType != null)
+ {
+ spType.setIdentityURL(identityURL);
+ }
+ else if (identityURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setIdentityURL(identityURL);
+ }
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor((EntityDescriptorType)
theObject);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ if (serviceURL != null && spType != null)
+ {
+ spType.setServiceURL(serviceURL);
+ }
+ else if (serviceURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setServiceURL(serviceURL);
+ }
+ }
+ }
+ if (spType != null &&
!StringUtil.isNullOrEmpty(spType.getIdentityURL())
+ && !StringUtil.isNullOrEmpty(spType.getServiceURL()))
+ break;
+ }
+ }
+ return spType;
+ }
+
+ /**
+ * Get the first metadata descriptor for an IDP
+ * @param entitiesDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntitiesDescriptorType
entitiesDescriptor)
+ {
+ IDPSSODescriptorType idp = null;
+ List<Object> entitiesList = entitiesDescriptor.getEntityDescriptor();
+ for (Object theObject : entitiesList)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ idp = getIDPDescriptor((EntitiesDescriptorType) theObject);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ idp = getIDPDescriptor((EntityDescriptorType) theObject);
+ }
+ if (idp != null)
+ {
+ break;
+ }
+ }
+ return idp;
+ }
+
+ /**
+ * Get the IDP metadata descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType
entityDescriptor)
+ {
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
{
@@ -298,14 +434,19 @@
IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
if (idpSSO != null)
{
- return getSPConfiguration(idpSSO, bindingURI);
+ return idpSSO;
}
}
}
return null;
}
- public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType
entityDescriptor)
+ /**
+ * Get the SP Descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static SPSSODescriptorType getSPDescriptor(EntityDescriptorType
entityDescriptor)
{
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
@@ -313,21 +454,26 @@
List<EDTDescriptorChoiceType> edtDescriptors = edt.getDescriptors();
for (EDTDescriptorChoiceType edtDesc : edtDescriptors)
{
- IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
- if (idpSSO != null)
+ SPSSODescriptorType spSSO = edtDesc.getSpDescriptor();
+ if (spSSO != null)
{
- return idpSSO;
+ return spSSO;
}
}
}
return null;
}
- public static SPType getSPConfiguration(IDPSSODescriptorType idp, String bindingURI)
+ /**
+ * Given a binding uri, get the IDP identity url
+ * @param idp
+ * @param bindingURI
+ * @return
+ */
+ public static String getIdentityURL(IDPSSODescriptorType idp, String bindingURI)
{
String identityURL = null;
- SPType sp = new SPType();
List<EndpointType> endpoints = idp.getSingleSignOnService();
for (EndpointType endpoint : endpoints)
{
@@ -338,8 +484,59 @@
}
}
- //get identity url
- sp.setIdentityURL(identityURL);
- return sp;
+ return identityURL;
}
+
+ /**
+ * Get the service url for the SP
+ * @param sp
+ * @param bindingURI
+ * @return
+ */
+ public static String getServiceURL(SPSSODescriptorType sp, String bindingURI)
+ {
+ String serviceURL = null;
+
+ List<IndexedEndpointType> endpoints = sp.getAssertionConsumerService();
+ for (IndexedEndpointType endpoint : endpoints)
+ {
+ if (endpoint.getBinding().toString().equals(bindingURI))
+ {
+ serviceURL = endpoint.getLocation().toString();
+ break;
+ }
+
+ }
+ return serviceURL;
+ }
+
+ /**
+ * Get the IDP Type
+ * @param idpSSODescriptor
+ * @return
+ */
+ public static IDPType getIDPType(IDPSSODescriptorType idpSSODescriptor)
+ {
+ IDPType idp = new IDPType();
+
+ List<EndpointType> endpoints = idpSSODescriptor.getSingleSignOnService();
+
+ if (endpoints != null)
+ {
+ for (EndpointType endpoint : endpoints)
+ {
+ if
(endpoint.getBinding().toString().equals(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()))
+ {
+ idp.setIdentityURL(endpoint.getLocation().toString());
+ break;
+ }
+ }
+ }
+
+ if (StringUtil.isNullOrEmpty(idp.getIdentityURL()))
+ {
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + "identity
url");
+ }
+ return idp;
+ }
}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
(rev 0)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the IDP configuration using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a idp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String IDP_MD_FILE = "idp-metadata.xml";
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ IDPType idpType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ IDPSSODescriptorType idpSSO = CoreConfigUtil.getIDPDescriptor(entities);
+ if (idpSSO != null)
+ {
+ idpType = CoreConfigUtil.getIDPType(idpSSO);
+ }
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return idpType;
+ }
+
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + IDP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
(rev 0)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-POST binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI =
JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
===================================================================
---
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
(rev 0)
+++
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-Redirect binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProvider implements
SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI =
JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
(rev 0)
+++
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.IDPMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link IDPMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testIDPType() throws ProcessingException
+ {
+ IDPMetadataConfigurationProvider provider = new
IDPMetadataConfigurationProvider();
+ IDPType idp = provider.getIDPConfiguration();
+ assertNotNull(idp);
+ assertEquals("https://idp.testshib.org/idp/profile/SAML2/POST/SSO";,
idp.getIdentityURL());
+ }
+
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
(rev 0)
+++
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import
org.picketlink.identity.federation.web.config.SPPostMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPPostMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPPostMetadataConfigurationProvider provider = new
SPPostMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://sp.testshib.org/Shibboleth.sso/SAML2/POST";,
sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added:
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
===================================================================
---
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
(rev 0)
+++
federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import
org.picketlink.identity.federation.web.config.SPRedirectMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPRedirectMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPRedirectMetadataConfigurationProvider provider = new
SPRedirectMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT&...;,
sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml
===================================================================
--- federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml
(rev 0)
+++ federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml 2012-02-15
19:39:38 UTC (rev 1395)
@@ -0,0 +1,141 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol
urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService
Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol
urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService
Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"
/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"
/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</Orga...
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
Added: federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml
===================================================================
--- federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml
(rev 0)
+++ federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml 2012-02-15 19:39:38
UTC (rev 1395)
@@ -0,0 +1,237 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol
urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService
Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol
urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService
Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"
/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"
/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</Orga...
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="https://sp.testshib.org/shibboleth-sp">
+ <SPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol
urn:oasis:names:tc:SAML:1.1:protocol
http://schemas.xmlsoap.org/ws/2003/07/secext">
+ <Extensions>
+ <idpdisc:DiscoveryResponse
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ Location="https://sp.testshib.org/Shibboleth.sso/DS" index="1"
+ xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
/>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEPjCCAyagAwIBAgIBADANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMSIwIAYD
+ VQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQDEw9zcC50ZXN0
+ c2hpYi5vcmcwHhcNMDYwODMwMjEyNDM5WhcNMTYwODI3MjEyNDM5WjB3MQswCQYD
+ VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1
+ cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQD
+ Ew9zcC50ZXN0c2hpYi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+ AQDJyR6ZP6MXkQ9z6RRziT0AuCabDd3x1m7nLO9ZRPbr0v1LsU+nnC363jO8nGEq
+ sqkgiZ/bSsO5lvjEt4ehff57ERio2Qk9cYw8XCgmYccVXKH9M+QVO1MQwErNobWb
+ AjiVkuhWcwLWQwTDBowfKXI87SA7KR7sFUymNx5z1aoRvk3GM++tiPY6u4shy8c7
+ vpWbVfisfTfvef/y+galxjPUQYHmegu7vCbjYP3On0V7/Ivzr+r2aPhp8egxt00Q
+ XpilNai12LBYV3Nv/lMsUzBeB7+CdXRVjZOHGuQ8mGqEbsj8MBXvcxIKbcpeK5Zi
+ JCVXPfarzuriM1G5y5QkKW+LAgMBAAGjgdQwgdEwHQYDVR0OBBYEFKB6wPDxwYrY
+ StNjU5P4b4AjBVQVMIGhBgNVHSMEgZkwgZaAFKB6wPDxwYrYStNjU5P4b4AjBVQV
+ oXukeTB3MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYD
+ VQQHEwpQaXR0c2J1cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3Zp
+ ZGVyMRgwFgYDVQQDEw9zcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAc06Kgt7ZP6g2TIZgMbFxg6vKwvDL0+2dzF11Onpl
+ 5sbtkPaNIcj24lQ4vajCrrGKdzHXo9m54BzrdRJ7xDYtw0dbu37l1IZVmiZr12eE
+ Iay/5YMU+aWP1z70h867ZQ7/7Y4HW345rdiS6EW663oH732wSYNt9kr7/0Uer3KD
+ 9CuPuOidBacospDaFyfsaJruE99Kd6Eu/w5KLAGG+m0iqENCziDGzVA47TngKz2v
+ PVA+aokoOyoz3b53qeti77ijatSEoKjxheBWpO+eoJeGq/e49Um3M2ogIX/JAlMa
+ Inh+vYSYngQB2sx9LGkR9KHaMKNIGCDehk93Xla4pWJx1w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/SOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Redirect" />
+ <SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/POST" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Artifact" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="1" isDefault="true" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST-SimpleSi...
+ index="2" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/Artifact"
+ index="3" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML/POST"
index="4" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
Location="https://sp.testshib.org/Shibboleth.sso/SAML/Artifact"
+ index="5" />
+ <AssertionConsumerService
+ Binding="http://schemas.xmlsoap.org/ws/2003/07/secext"
Location="https://sp.testshib.org/Shibboleth.sso/ADFS"
+ index="6" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="https://www.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="7" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/POST"
index="8" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT"
index="9" />
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Service Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</Orga...
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk(a)internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
4698
days inactive
4698
days old
picketlink-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
picketlink-commits@lists.jboss.org