seam-commits September 2010

seam-commits@lists.jboss.org

2 participants
123 discussions

by noreply＠github.com

Branch: refs/heads/master Home: http://github.com/pmuir/ticket-monster Commit: ae463dc67e11a48c742e8a9e039b39993144d79f http://github.com/pmuir/ticket-monster/commit/ae463dc67e11a48c742e8a9e039... Author: Pete Muir <pmuir(a)bleepbleep.org.uk> Date: 2010-09-26 (Sun, 26 Sep 2010) Changed paths: M core/src/main/java/org/jboss/seam/example/ticketmonster/jsf/CategoryConverter.java M core/src/main/java/org/jboss/seam/example/ticketmonster/server/CategorySearchDelegate.java Log Message: ----------- minor

14 years, 3 months

1
0
0 / 0

Seam SVN: r13773 - in modules/security/trunk: examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer and 19 other directories.

by seam-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2010-09-23 19:01:20 -0400 (Thu, 23 Sep 2010) New Revision: 13773 Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java Removed: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java Log: Documented the API and SPI of the external authentication submodule of Seam Security (i.e. added Javadoc). On the way made some minor changes in the interfaces. Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -21,7 +21,7 @@ */ package org.jboss.seam.security.examples.openid; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; public class AttributeVO { Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,9 +33,9 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; @Model @DialogueScoped Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.inject.Model; import javax.inject.Inject; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi; @Model public class Configuration Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -51,7 +51,7 @@ ServletContext servletContext = (ServletContext) facesContext.getExternalContext().getContext(); if (DialogueBeanProvider.dialogueManager(servletContext).isAttached()) { - String dialogueId = DialogueBeanProvider.dialogue(servletContext).getDialogueId(); + String dialogueId = DialogueBeanProvider.dialogue(servletContext).getId(); ResponseHolder responseHolder = new ResponseHolderImpl((HttpServletResponse) facesContext.getExternalContext().getResponse(), dialogueId); return responseHolder.addDialogueIdToUrl(actionUrl); } Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,7 +27,7 @@ import org.jboss.seam.faces.event.qualifier.Before; import org.jboss.seam.faces.event.qualifier.RestoreView; -import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.servlet.http.HttpParam; public class DialoguePhaseListener Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -29,7 +29,7 @@ import javax.inject.Inject; import javax.inject.Named; -import org.jboss.seam.security.external.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; @SessionScoped @Named Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -26,8 +26,8 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; @Model public class Login Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class OpenIdProviderCustomizer Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -28,9 +28,9 @@ import javax.inject.Inject; import javax.servlet.ServletContext; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.spi.OpenIdProviderSpi; public class OpenIdProviderSpiImpl implements OpenIdProviderSpi Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.inject.Model; import javax.inject.Inject; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi; @Model public class Configuration Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,9 +33,9 @@ import javax.inject.Named; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.OpenIdPrincipal; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; @SessionScoped @Named @@ -61,7 +61,7 @@ if (!isLoggedIn()) { List<OpenIdRequestedAttribute> attributes = new LinkedList<OpenIdRequestedAttribute>(); - attributes.add(new OpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null)); + attributes.add(openIdApi.createOpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null)); openIdApi.login(openId, attributes, (HttpServletResponse) externalContext.getResponse()); } else Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class OpenIdRelyingPartyCustomizer Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -26,8 +26,8 @@ import javax.inject.Inject; import javax.servlet.ServletContext; -import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; public class OpenIdRelyingPartySpiImpl implements OpenIdRelyingPartySpi Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -35,8 +35,8 @@ import javax.faces.context.FacesContext; import javax.inject.Inject; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; import org.jboss.seam.security.external.saml.SamlExternalEntity; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi; @Model public class Configuration Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -29,9 +29,8 @@ import javax.inject.Named; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; @Named public class Identity implements Serializable @@ -46,7 +45,7 @@ public void localLogin(String userName) { - samlIdp.localLogin(new SamlNameId(userName, null, null), null); + samlIdp.localLogin(samlIdp.createNameId(userName, null, null), null); } public void remoteLogin(String spEntityId) Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -26,8 +26,8 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; @Model public class Login Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,8 +27,8 @@ import javax.servlet.ServletContext; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; import org.slf4j.Logger; @@ -58,7 +58,7 @@ } } - public void singleLogoutFailed(ResponseHolder responseHolder) + public void globalLogoutFailed(ResponseHolder responseHolder) { try { @@ -70,7 +70,7 @@ } } - public void singleLogoutSucceeded(ResponseHolder responseHolder) + public void globalLogoutSucceeded(ResponseHolder responseHolder) { try { Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class SamlIdpCustomizer Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -29,8 +29,8 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi; import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider; @Model Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -35,8 +35,8 @@ import javax.faces.context.FacesContext; import javax.inject.Inject; -import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; import org.jboss.seam.security.external.saml.SamlExternalEntity; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi; @Model public class Configuration Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -28,9 +28,9 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlServiceProviderApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; -import org.jboss.seam.security.external.saml.sp.SamlSpSession; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.saml.api.SamlSpSession; @Model public class Identity Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,8 +27,8 @@ import javax.servlet.ServletContext; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.api.SamlServiceProviderApi; -import org.jboss.seam.security.external.saml.sp.SamlSpSession; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.saml.api.SamlSpSession; import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; import org.slf4j.Logger; @@ -55,7 +55,7 @@ } } - public void loginFailed(ResponseHolder responseHolder) + public void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder) { try { @@ -67,7 +67,7 @@ } } - public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder) + public void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder) { try { Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -23,7 +23,7 @@ import javax.enterprise.event.Observes; -import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi; import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation; import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication; Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,109 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import java.net.URL; +import java.util.List; +import java.util.Map; + +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; + +/** + * @author Marcel Kolsteren + */ +public class OpenIdPrincipalImpl implements OpenIdPrincipal +{ + private String identifier; + + private URL openIdProvider; + + private Map<String, List<String>> attributeValues; + + public OpenIdPrincipalImpl(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues) + { + super(); + this.identifier = identifier; + this.openIdProvider = openIdProvider; + this.attributeValues = attributeValues; + } + + public String getIdentifier() + { + return identifier; + } + + public URL getOpenIdProvider() + { + return openIdProvider; + } + + public Map<String, List<String>> getAttributeValues() + { + return attributeValues; + } + + public String getAttribute(String alias) + { + List<String> values = attributeValues.get(alias); + if (values.size() == 0) + { + return null; + } + else if (values.size() == 1) + { + return (String) attributeValues.get(alias).get(0); + } + else + { + throw new RuntimeException("Attribute has multiple values"); + } + } + + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((identifier == null) ? 0 : identifier.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + OpenIdPrincipalImpl other = (OpenIdPrincipalImpl) obj; + if (identifier == null) + { + if (other.identifier != null) + return false; + } + else if (!identifier.equals(other.identifier)) + return false; + return true; + } +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdPrincipalImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,90 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; + +/** + * @author Marcel Kolsteren + * + */ +public class OpenIdRequestedAttributeImpl implements OpenIdRequestedAttribute +{ + private String alias; + private String typeUri; + private boolean required; + private Integer count; + + public OpenIdRequestedAttributeImpl() + { + } + + public OpenIdRequestedAttributeImpl(String alias, String typeUri, boolean required, Integer count) + { + super(); + this.alias = alias; + this.typeUri = typeUri; + this.required = required; + this.count = count; + } + + public String getAlias() + { + return alias; + } + + public void setAlias(String alias) + { + this.alias = alias; + } + + public String getTypeUri() + { + return typeUri; + } + + public void setTypeUri(String typeUri) + { + this.typeUri = typeUri; + } + + public boolean isRequired() + { + return required; + } + + public void setRequired(boolean required) + { + this.required = required; + } + + public Integer getCount() + { + return count; + } + + public void setCount(Integer count) + { + this.count = count; + } + +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/OpenIdRequestedAttributeImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -7,8 +7,8 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.dialogues.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.security.external.saml.SamlMessage; import org.jboss.seam.security.external.saml.SamlPostMessage; import org.jboss.seam.security.external.saml.SamlRedirectMessage; @@ -110,7 +110,7 @@ String dialogueId = null; if (dialogueManager.isAttached()) { - dialogueId = dialogue.getDialogueId(); + dialogueId = dialogue.getId(); } return new ResponseHolderImpl(response, dialogueId); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -73,11 +73,14 @@ public String addDialogueIdToUrl(String url) { - String paramName = DialogueFilter.DIALOGUE_ID_PARAM; - int queryStringIndex = url.indexOf("?"); - if (queryStringIndex < 0 || url.indexOf(paramName + "=", queryStringIndex) < 0) + if (dialogueId != null) { - url = new StringBuilder(url).append(queryStringIndex < 0 ? "?" : "&").append(paramName).append("=").append(dialogueId).toString(); + String paramName = DialogueFilter.DIALOGUE_ID_PARAM; + int queryStringIndex = url.indexOf("?"); + if (queryStringIndex < 0 || url.indexOf(paramName + "=", queryStringIndex) < 0) + { + url = new StringBuilder(url).append(queryStringIndex < 0 ? "?" : "&").append(paramName).append("=").append(dialogueId).toString(); + } } return url; } Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,54 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import java.util.List; +import java.util.Set; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlNameId; + +/** + * @author Marcel Kolsteren + * + */ +public interface SamlMultiUserIdentityProviderApi +{ + void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response); + + void authenticationFailed(HttpServletResponse response); + + Set<SamlIdpSession> getSessions(); + + SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes); + + SamlNameId createNameId(String value, String format, String qualifier); + + void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response); + + void localLogout(SamlIdpSession session); + + void globalLogout(SamlIdpSession session, HttpServletResponse response); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlMultiUserServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,43 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import java.util.Set; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.saml.api.SamlSpSession; + +/** + * @author Marcel Kolsteren + * + */ +public interface SamlMultiUserServiceProviderApi +{ + public void login(String idpEntityId, HttpServletResponse response); + + public void localLogout(SamlSpSession session); + + public void globalLogout(SamlSpSession session, HttpServletResponse response); + + public Set<SamlSpSession> getSessions(); +} Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,121 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import org.jboss.seam.security.external.saml.api.SamlNameId; + +/** + * + * @author Marcel Kolsteren + */ +public class SamlNameIdImpl implements SamlNameId +{ + private String value; + + private String format; + + private String qualifier; + + public SamlNameIdImpl(String value, String format, String qualifier) + { + super(); + this.value = value; + this.format = format; + this.qualifier = qualifier; + } + + public String getValue() + { + return value; + } + + public void setValue(String value) + { + this.value = value; + } + + public String getFormat() + { + return format; + } + + public void setFormat(String format) + { + this.format = format; + } + + public String getQualifier() + { + return qualifier; + } + + public void setQualifier(String qualifier) + { + this.qualifier = qualifier; + } + + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((format == null) ? 0 : format.hashCode()); + result = prime * result + ((qualifier == null) ? 0 : qualifier.hashCode()); + result = prime * result + ((value == null) ? 0 : value.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + SamlNameIdImpl other = (SamlNameIdImpl) obj; + if (format == null) + { + if (other.format != null) + return false; + } + else if (!format.equals(other.format)) + return false; + if (qualifier == null) + { + if (other.qualifier != null) + return false; + } + else if (!qualifier.equals(other.qualifier)) + return false; + if (value == null) + { + if (other.value != null) + return false; + } + else if (!value.equals(other.value)) + return false; + return true; + } + +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlNameIdImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,102 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +import java.util.LinkedList; +import java.util.List; + +import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType; +import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external.saml.api.SamlNameId; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; + +/** + * @author Marcel Kolsteren + * + */ +public class SamlPrincipalImpl implements SamlPrincipal +{ + private SamlNameId nameId; + + private List<AttributeType> attributes = new LinkedList<AttributeType>(); + + private AssertionType assertion; + + public SamlNameId getNameId() + { + return nameId; + } + + public void setNameId(SamlNameId nameId) + { + this.nameId = nameId; + } + + public List<AttributeType> getAttributes() + { + return attributes; + } + + public void setAttributes(List<AttributeType> attributes) + { + this.attributes = attributes; + } + + public AssertionType getAssertion() + { + return assertion; + } + + public void setAssertion(AssertionType assertion) + { + this.assertion = assertion; + } + + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((nameId == null) ? 0 : nameId.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + SamlPrincipalImpl other = (SamlPrincipalImpl) obj; + if (nameId == null) + { + if (other.nameId != null) + return false; + } + else if (!nameId.equals(other.nameId)) + return false; + return true; + } +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlPrincipalImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/SamlSingleUserServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,27 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external; + +public class SamlSingleUserServiceProviderSpi +{ + +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/EntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -21,22 +21,60 @@ */ package org.jboss.seam.security.external.api; - /** + * API for configuration of entities that play a role in distributed security + * (examples of entities are SAML identity providers, SAML service providers, + * OpenID relying parties and OpenID providers) + * * @author Marcel Kolsteren * */ public interface EntityConfigurationApi { + /** + * This property contains the protocol that is used by the entity. Either + * "http" or "https". + * + * @return the protocol + */ String getProtocol(); + /** + * See {@link #getProtocol} + * + * @param protocol protocol + */ void setProtocol(String protocol); + /** + * The host name which is used to access this application from a web browser + * (by the end user). + * + * @return the host name + */ String getHostName(); + /** + * See {@link #getHostName} + * + * @param hostName host name + */ void setHostName(String hostName); + /** + * The port at which this application is reachable from the browser of the + * end user. This might be another port then the port where the web container + * is listening to (in case of port forwarding). In most practical production + * employments, this port will be the standard HTTPS port, being 443. + * + * @return + */ int getPort(); + /** + * See {@link #getPort} + * + * @param port port + */ void setPort(int port); } Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,81 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.net.URL; -import java.util.List; -import java.util.Map; - -/** - * @author Marcel Kolsteren - * - */ -// TODO: create hash code and equals method -public class OpenIdPrincipal -{ - private String identifier; - - private URL openIdProvider; - - private Map<String, List<String>> attributeValues; - - public OpenIdPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues) - { - super(); - this.identifier = identifier; - this.openIdProvider = openIdProvider; - this.attributeValues = attributeValues; - } - - public String getIdentifier() - { - return identifier; - } - - public URL getOpenIdProvider() - { - return openIdProvider; - } - - public Map<String, List<String>> getAttributeValues() - { - return attributeValues; - } - - public String getAttribute(String alias) - { - List<String> values = attributeValues.get(alias); - if (values.size() == 0) - { - return null; - } - else if (values.size() == 1) - { - return (String) attributeValues.get(alias).get(0); - } - else - { - throw new RuntimeException("Attribute has multiple values"); - } - } - -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,42 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletResponse; - -/** - * @author Marcel Kolsteren - * - */ -public interface OpenIdProviderApi -{ - void authenticationSucceeded(String userName, HttpServletResponse response); - - void authenticationFailed(HttpServletResponse response); - - void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response); - - String getOpLocalIdentifierForUserName(String userName); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,29 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -public interface OpenIdProviderConfigurationApi extends EntityConfigurationApi -{ - String getXrdsURL(); - - String getRealm(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,43 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; - -import javax.servlet.http.HttpServletResponse; - -/** - * @author Marcel Kolsteren - * - */ -public interface OpenIdRelyingPartyApi -{ - /** - * Start an OpenID login dialogue. - * - * @param identifier either a Claimed Identifier (identifying the user) or an - * OP Identifier (identifying the OpenID Provider where the user - * has an account) - * @param attributes attributes that are requested - */ - void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,29 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -public interface OpenIdRelyingPartyConfigurationApi extends EntityConfigurationApi -{ - String getXrdsURL(); - - String getRealm(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,89 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -/** - * @author Marcel Kolsteren - * - */ -public class OpenIdRequestedAttribute -{ - private String alias; - private String typeUri; - private boolean required; - private Integer count; - - public OpenIdRequestedAttribute() - { - - } - - public OpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count) - { - super(); - this.alias = alias; - this.typeUri = typeUri; - this.required = required; - this.count = count; - } - - public String getAlias() - { - return alias; - } - - public void setAlias(String alias) - { - this.alias = alias; - } - - public String getTypeUri() - { - return typeUri; - } - - public void setTypeUri(String typeUri) - { - this.typeUri = typeUri; - } - - public boolean isRequired() - { - return required; - } - - public void setRequired(boolean required) - { - this.required = required; - } - - public Integer getCount() - { - return count; - } - - public void setCount(Integer count) - { - this.count = count; - } - -} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,16 +24,37 @@ import javax.servlet.http.HttpServletResponse; /** + * This class is used in the SPI to pass the HTTP response on to the + * application. It also contains methods that make it easier for the application + * to propagate the dialogue over redirects or postbacks. + * * @author Marcel Kolsteren * */ public interface ResponseHolder { - void setResponse(HttpServletResponse response); - + /** + * Gets the HTTP servlet response + * + * @return the response + */ HttpServletResponse getResponse(); + /** + * Results in a redirect to the specified URL. If a dialogue is active, the + * id of that dialogue will be appended to the URL as a query parameter, so + * that the dialogue will be restored when the browser gets the redirect URL. + * + * @param url URL + */ void redirectWithDialoguePropagation(String url); + /** + * Adds the id of the current dialogue to the URL. If no dialogue is active, + * it just returns the URL unmodified. + * + * @param url URL + * @return URL + */ String addDialogueIdToUrl(String url); } Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,31 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -/** - * @author Marcel Kolsteren - * - */ -public enum SamlBinding -{ - HTTP_Redirect, HTTP_Post -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,67 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.io.Reader; -import java.io.Writer; -import java.util.List; - -import org.jboss.seam.security.external.saml.SamlExternalEntity; - -/** - * @author Marcel Kolsteren - * - */ -public interface SamlEntityConfigurationApi -{ - String getProtocol(); - - void setProtocol(String protocol); - - void setEntityId(String entityId); - - String getEntityId(); - - String getHostName(); - - void setHostName(String hostName); - - int getPort(); - - void setPort(int port); - - SamlBinding getPreferredBinding(); - - void setPreferredBinding(SamlBinding preferredBinding); - - void setSigningKey(String keyStoreUrl, String keyStorePass, String signingKeyAlias, String signingKeyPass); - - SamlExternalEntity getExternalSamlEntityByEntityId(String entityId); - - SamlExternalEntity addExternalSamlEntity(Reader reader); - - List<SamlExternalEntity> getExternalSamlEntities(); - - void writeMetaData(Writer writer); - - String getMetaDataURL(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,112 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; - -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; -import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; - -/** - * @author Marcel Kolsteren - * - */ - -public interface SamlIdentityProviderApi -{ - /** - * Creates a local SAML session for the user with the given name and - * attributes. This call is typically done before a remoteLogin or an - * authenticationSucceeded call. - * - * @param nameId - * @param attributes - */ - void localLogin(SamlNameId nameId, List<AttributeType> attributes); - - /** - * <p> - * Logs the user in remotely in the application of the given service - * provider. If the remote URL is specified, the service provider will - * redirect the user to that URL. Otherwise, the service provider will - * determine for itself which page is shown to the user. - * </p> - * - * <p> - * In SAML terms, this call results in an "unsolicited login" at the side of - * the service provider. - * </p> - * - * @param spEntityId the entity id of the remote service provider - * @param remoteUrl the URL where the user agent needs to be redirected to by - * the service provider (can be null) - */ - void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response); - - /** - * This is one of the possible responses that relate to the SPI call - * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the - * same dialogue context as the corresponding SPI call. It instructs the SAML - * identity provider to send a positive authentication result back to the - * service provider, using the local SAML session, which must have been - * established before this call is done. - */ - void authenticationSucceeded(HttpServletResponse response); - - /** - * This is one of the possible responses that relate to the SPI call - * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the - * same dialogue context as the corresponding SPI call. It instructs the SAML - * identity provider to send a positive authentication result back to the - * service provider. - */ - void authenticationFailed(HttpServletResponse response); - - /** - * Gets the current SAML session. This contains information about the logged - * in user, and the external service providers that take part in this - * session. - * - * @return the session - */ - SamlIdpSession getSession(); - - /** - * Removes the local SAML session for the current user. This use case is - * considered out of scope by the SAML spec (see the SAMLv2 Profiles - * document, section 4.4). External service providers that take part in the - * session are not informed about the fact that the shared session has been - * removed at the identity provider side. - */ - void localLogout(); - - /** - * Globally logs out the current user. This leads to a "single logout" where - * the identity provider logs out the user from all service providers that - * participate in the current session. The result of the global logout is - * reported asynchronously through the SPI. - */ - void globalLogout(HttpServletResponse response); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,47 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; - -import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider; - -/** - * @author Marcel Kolsteren - * - */ -public interface SamlIdentityProviderConfigurationApi extends SamlEntityConfigurationApi -{ - boolean isWantAuthnRequestsSigned(); - - void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned); - - boolean isSingleLogoutMessagesSigned(); - - void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned); - - boolean isWantSingleLogoutMessagesSigned(); - - void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned); - - List<SamlExternalServiceProvider> getServiceProviders(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,51 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; -import java.util.Set; - -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; - -/** - * @author Marcel Kolsteren - * - */ -public interface SamlMultiUserIdentityProviderApi -{ - void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response); - - void authenticationFailed(HttpServletResponse response); - - Set<SamlIdpSession> getSessions(); - - SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes); - - void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response); - - void localLogout(SamlIdpSession session); - - void globalLogout(SamlIdpSession session, HttpServletResponse response); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,43 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.Set; - -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.saml.sp.SamlSpSession; - -/** - * @author Marcel Kolsteren - * - */ -public interface SamlMultiUserServiceProviderApi -{ - public void login(String idpEntityId, HttpServletResponse response); - - public void localLogout(SamlSpSession session); - - public void globalLogout(SamlSpSession session, HttpServletResponse response); - - public Set<SamlSpSession> getSessions(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,119 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -/** - * @author Marcel Kolsteren - * - */ -public class SamlNameId -{ - private String value; - - private String format; - - private String qualifier; - - public SamlNameId(String value, String format, String qualifier) - { - super(); - this.value = value; - this.format = format; - this.qualifier = qualifier; - } - - public String getValue() - { - return value; - } - - public void setValue(String value) - { - this.value = value; - } - - public String getFormat() - { - return format; - } - - public void setFormat(String format) - { - this.format = format; - } - - public String getQualifier() - { - return qualifier; - } - - public void setQualifier(String qualifier) - { - this.qualifier = qualifier; - } - - @Override - public int hashCode() - { - final int prime = 31; - int result = 1; - result = prime * result + ((format == null) ? 0 : format.hashCode()); - result = prime * result + ((qualifier == null) ? 0 : qualifier.hashCode()); - result = prime * result + ((value == null) ? 0 : value.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) - { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - SamlNameId other = (SamlNameId) obj; - if (format == null) - { - if (other.format != null) - return false; - } - else if (!format.equals(other.format)) - return false; - if (qualifier == null) - { - if (other.qualifier != null) - return false; - } - else if (!qualifier.equals(other.qualifier)) - return false; - if (value == null) - { - if (other.value != null) - return false; - } - else if (!value.equals(other.value)) - return false; - return true; - } - -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,100 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.LinkedList; -import java.util.List; - -import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType; -import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; - -/** - * @author Marcel Kolsteren - * - */ -public class SamlPrincipal -{ - private SamlNameId nameId; - - private List<AttributeType> attributes = new LinkedList<AttributeType>(); - - private AssertionType assertion; - - public SamlNameId getNameId() - { - return nameId; - } - - public void setNameId(SamlNameId nameId) - { - this.nameId = nameId; - } - - public List<AttributeType> getAttributes() - { - return attributes; - } - - public void setAttributes(List<AttributeType> attributes) - { - this.attributes = attributes; - } - - public AssertionType getAssertion() - { - return assertion; - } - - public void setAssertion(AssertionType assertion) - { - this.assertion = assertion; - } - - @Override - public int hashCode() - { - final int prime = 31; - int result = 1; - result = prime * result + ((nameId == null) ? 0 : nameId.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) - { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - SamlPrincipal other = (SamlPrincipal) obj; - if (nameId == null) - { - if (other.nameId != null) - return false; - } - else if (!nameId.equals(other.nameId)) - return false; - return true; - } -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,119 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.dialogues.api.Dialogued; -import org.jboss.seam.security.external.saml.sp.SamlSpInApplicationScopeProducer; -import org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer; -import org.jboss.seam.security.external.saml.sp.SamlSpSession; -import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; -import org.jboss.seam.security.external.spi.SamlSingleUserServiceProviderSpi; -import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; - -/** - * API to the SAMLv2 compliant service provider. In order to use this API, one - * of the following alternative beans need to be activated: - * - * <ul> - * <li>{@link SamlSpInApplicationScopeProducer}</li> - * <li>{@link SamlSpInVirtualApplicationScopeProducer}</li> - * </ul> - * - * The former will install the service provider in application scope, the latter - * will install it in virtual application scope. The virtual application scope - * allows for using different service provider configurations depending on the - * server name. See {@link VirtualApplicationScoped} - * - * <p> - * This API (implemented by the framework) comes along with an SPI: - * {@link SamlServiceProviderSpi} (implemented by the client application). - * Dialogues are used to bridge corresponding API and SPI calls (see - * {@link Dialogued}). - * </p> - * - * <p> - * All methods in this API, except the {@link #logout} method, require that the - * request scoped {@link ResponseHolder} bean contains a link to the current - * HTTP response. The implementation needs to response, in order to redirect the - * browser to the identity provider. Beware not to touch the HTTP response after - * one of these method returns. - * </p> - * - * @author Marcel Kolsteren - * - */ -public interface SamlServiceProviderApi -{ - /** - * Sends the user agent to the site of the given identity provider, where the - * user can be authenticated. When the call returns, a redirect on the HTTP - * response has taken place. The response of the identity provider will be - * sent asynchronously through the SPI methods - * {@link SamlSingleUserServiceProviderSpi#loginSucceeded(OpenIdSession)} or - * {@link SamlSingleUserServiceProviderSpi#loginFailed(OpenIdSession)}. If - * the method is called within a dialogue, that same dialogue will be active - * when the SPI method is called. Thus, the dialogue can be used to store API - * client state that needs to survive the sign on process. - * - * @param idpEntityId - */ - public void login(String idpEntityId, HttpServletResponse response); - - /** - * <p> - * Locally logs out the user. This use case is considered out of scope by the - * SAML spec (see the SAMLv2 Profiles document, section 4.4). The local - * logout means that the session established by the SAML SP is not used any - * more by the application. So when the SAML SP will receive a logout request - * for this session in the future, it won't pass that on to the application. - * </p> - * - * <p> - * This method doesn't write the HTTP response. - * </p> - */ - public void localLogout(); - - /** - * Globally logs out the user. The browser of the user is redirected to the - * site of the identity provider, so that the identity provider can logout - * the user from all applications that share the same session at the identity - * provider. The result of the logout operation is reported back - * asynchronously through the SPI methods - * {@link SamlSingleUserServiceProviderSpi#globalLogoutSucceeded()} and - * {@link SamlSingleUserServiceProviderSpi#singleLogoutFailed()}. If this - * method is called with an active dialogue scope, the same dialogue will be - * active when the SPI method is called. This allows the API client to store - * state information in the dialogue. - */ - public void globalLogout(HttpServletResponse response); - - /** - * Gets the current session (login). If there is no active session, null is - * returned. - * - * @return active session, or null - */ - public SamlSpSession getSession(); -} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,105 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.api; - -import java.util.List; - -import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider; - -/** - * @author Marcel Kolsteren - * - */ -public interface SamlServiceProviderConfigurationApi extends SamlEntityConfigurationApi -{ - /** - * Returns a list with all identity providers that are supported (trusted). - * This allows the API client to present the list to the user, so that the - * user can choose the provider that needs to be used for doing the login. - * - * @return list of identity providers - */ - List<SamlExternalIdentityProvider> getIdentityProviders(); - - /** - * If this property is enabled, all authentication requests targeted at - * identity providers will be signed. The property is disabled by default. - * When enabling it, be sure to add a signing key by calling - * {@link SamlEntityConfigurationApi#setSigningKey(String, String, String, String)} - * . - * - * @return true iff the authentication requests are signed - */ - boolean isAuthnRequestsSigned(); - - /** - * See {@link #isAuthnRequestsSigned}. - */ - void setAuthnRequestsSigned(boolean authnRequestsSigned); - - /** - * This property, which is enabled by default, determines whether incoming - * authentication responses from the identity provider are required to have a - * valid signature. It is strongly discouraged to disabled signature - * validation, because this opens possibilities for sending fake - * authentication responses to the service provider. - * - * @return true iff incoming assertions need to have a valid signature - */ - boolean isWantAssertionsSigned(); - - /** - * See {@link #isWantAssertionsSigned()}. - */ - void setWantAssertionsSigned(boolean wantAssertionsSigned); - - /** - * This property indicates whether outgoing single logout messages are - * signed. True by default, and the advice is not to disable this property, - * unless you understand the security risks of doing so. - * - * @return true iff the single logout requests (sent to identity providers) - * are signed - */ - boolean isSingleLogoutMessagesSigned(); - - /** - * See {@link #isSingleLogoutMessagesSigned()}. - */ - void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned); - - /** - * This property indicates whether incoming single logout requests are - * required to have a valid signature. True by default, and the advice is not - * to disable this property, unless you understand the security risks of - * doing so. - * - * @return true iff incoming single logout requests need to have a valid - * signature - */ - boolean isWantSingleLogoutMessagesSigned(); - - /** - * See {@link #isWantSingleLogoutMessagesSigned()}. - */ - void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned); -} Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,53 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.dialogues; + +import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.api.DialogueScoped; + +@DialogueScoped +public class DialogueBean implements Dialogue +{ + private String id; + + private boolean finished; + + public String getId() + { + return id; + } + + public void setId(String id) + { + this.id = id; + } + + public boolean isFinished() + { + return finished; + } + + public void setFinished(boolean finished) + { + this.finished = finished; + } +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBean.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,6 +27,7 @@ import javax.servlet.ServletContext; import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.weld.manager.BeanManagerImpl; /** Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,6 +33,8 @@ import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletResponse; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; + @WebFilter(filterName = "DialogueFilter", urlPatterns = "/*") public class DialogueFilter implements Filter { Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,41 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.dialogues; - -/** - * @author Marcel Kolsteren - * - */ -public interface DialogueManager -{ - void beginDialogue(); - - void endDialogue(); - - boolean isExistingDialogue(String dialogueId); - - boolean isAttached(); - - void attachDialogue(String dialogueId); - - void detachDialogue(); -} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,92 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.dialogues; + +import javax.enterprise.event.Observes; +import javax.enterprise.inject.Instance; +import javax.inject.Inject; +import javax.servlet.ServletContextEvent; + +import org.jboss.seam.security.external.dialogues.api.DialogueManager; +import org.jboss.seam.servlet.event.qualifier.Destroyed; +import org.jboss.seam.servlet.event.qualifier.Initialized; + +/** + * @author Marcel Kolsteren + * + */ +public class DialogueManagerBean implements DialogueManager +{ + @Inject + private DialogueContextExtension dialogueContextExtension; + + @Inject + private Instance<DialogueBean> dialogue; + + public void servletInitialized(@Observes @Initialized final ServletContextEvent e) + { + dialogueContextExtension.getDialogueContext().initialize(e.getServletContext()); + } + + public void servletDestroyed(@Observes @Destroyed final ServletContextEvent e) + { + dialogueContextExtension.getDialogueContext().destroy(); + } + + public void beginDialogue() + { + String dialogueId = dialogueContextExtension.getDialogueContext().create(); + dialogue.get().setId(dialogueId); + } + + public void endDialogue() + { + dialogueContextExtension.getDialogueContext().remove(); + } + + public void attachDialogue(String requestId) + { + dialogueContextExtension.getDialogueContext().attach(requestId); + } + + public void detachDialogue() + { + if (dialogue.get().isFinished()) + { + endDialogue(); + } + else + { + dialogueContextExtension.getDialogueContext().detach(); + } + } + + public boolean isExistingDialogue(String dialogueId) + { + return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId); + } + + public boolean isAttached() + { + return dialogueContextExtension.getDialogueContext().isAttached(); + } +} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,92 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.dialogues; - -import javax.enterprise.event.Observes; -import javax.enterprise.inject.Instance; -import javax.inject.Inject; -import javax.servlet.ServletContextEvent; - -import org.jboss.seam.security.external.dialogues.api.Dialogue; -import org.jboss.seam.servlet.event.qualifier.Destroyed; -import org.jboss.seam.servlet.event.qualifier.Initialized; - -/** - * @author Marcel Kolsteren - * - */ -public class DialogueManagerImpl implements DialogueManager -{ - @Inject - private DialogueContextExtension dialogueContextExtension; - - @Inject - private Instance<Dialogue> dialogue; - - public void servletInitialized(@Observes @Initialized final ServletContextEvent e) - { - dialogueContextExtension.getDialogueContext().initialize(e.getServletContext()); - } - - public void servletDestroyed(@Observes @Destroyed final ServletContextEvent e) - { - dialogueContextExtension.getDialogueContext().destroy(); - } - - public void beginDialogue() - { - String dialogueId = dialogueContextExtension.getDialogueContext().create(); - dialogue.get().setDialogueId(dialogueId); - } - - public void endDialogue() - { - dialogueContextExtension.getDialogueContext().remove(); - } - - public void attachDialogue(String requestId) - { - dialogueContextExtension.getDialogueContext().attach(requestId); - } - - public void detachDialogue() - { - if (dialogue.get().isFinished()) - { - endDialogue(); - } - else - { - dialogueContextExtension.getDialogueContext().detach(); - } - } - - public boolean isExistingDialogue(String dialogueId) - { - return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId); - } - - public boolean isAttached() - { - return dialogueContextExtension.getDialogueContext().isAttached(); - } -} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialoguedInterceptor.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -26,6 +26,7 @@ import javax.interceptor.Interceptor; import javax.interceptor.InvocationContext; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogued; /** Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/Dialogue.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -22,33 +22,14 @@ package org.jboss.seam.security.external.dialogues.api; /** + * This dialogue-scoped bean is automatically created in the dialogue scope as + * soon as the dialogue is created. It can be used to get dialogue properties. + * For background about the dialogue scope, see {@link DialogueScoped}. + * * @author Marcel Kolsteren * */ -@DialogueScoped -public class Dialogue +public interface Dialogue { - private String dialogueId; - - private boolean finished; - - public String getDialogueId() - { - return dialogueId; - } - - public void setDialogueId(String requestId) - { - this.dialogueId = requestId; - } - - public boolean isFinished() - { - return finished; - } - - public void setFinished(boolean finished) - { - this.finished = finished; - } + public String getId(); } Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManager.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueManager.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,75 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.dialogues.api; + +/** + * Manager for the dialogue scope. For background about the dialogue scope, see + * {@link DialogueScoped}. + * + * @author Marcel Kolsteren + * + */ +public interface DialogueManager +{ + /** + * Starts a new dialogue. Results in a {@link RuntimeException} if + * {@link #isAttached} is true. + */ + void beginDialogue(); + + /** + * Ends the current dialogue. Results in a {@link RuntimeException} if + * {@link #isAttached} is false. + */ + void endDialogue(); + + /** + * Checks whether a dialogue exists with the given id. + * + * @param dialogueId the id + * @return true if a dialogue with that id exists + */ + boolean isExistingDialogue(String dialogueId); + + /** + * Checks whether the current thread is attached to a dialogue (i.e. whether + * a dialogue is currently active) + * + * @return true if the current thread is attached to a dialogue + */ + boolean isAttached(); + + /** + * Attaches the current thread to the given dialogue. Results in a + * {@link RuntimeException} if the thread is already attached to a dialogue, + * i.e. if {@link #isAttached} is true. + * + * @param dialogueId + */ + void attachDialogue(String dialogueId); + + /** + * Detaches the current thread from the dialogue. Results in a + * {@link RuntimeException} if {@link #isAttached} is false. + */ + void detachDialogue(); +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/DialogueScoped.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,8 +33,38 @@ import javax.enterprise.context.NormalScope; /** + * <p> + * Scope for a dialogue (flow) between the application and an external identity + * provider or consumer. + * </p> + * + * <p> + * The protocols for sharing identity information (e.g. SAMLv2, OpenID) have + * quite complex dialogues, that often rely on the user agent (browser) relaying + * messages between the identity consumer and the identity producer. When the + * application calls an API method of Seam's SAML or OpenID submodule, the + * application will often temporary loose control over the browser. After a + * number of redirects, the external authentication module uses the SPI to + * inform the application about the outcome. At that moment, the application + * re-gains control over the browser. This round trip is modeled as a + * "dialogue", and the dialogue CDI scope is used to manage state that is bound + * to the dialogue. Not only the identity sharing module uses it to maintain + * state, also the application: it can save stuff in dialogue scope before the + * API is called, and read the stuff back in when it is called back through the + * SPI. For example, when the user opens a page that requires authentication, + * the view can be stored in the dialogue scope before calling login() on the + * API. When the SPI reports back that the login succeeded, the same dialogue + * will be active, so that the application can easily inject the saved view and + * redirect the user to it. + * </p> + * + * <p> + * The dialogue scope is not a passivating scope, so the contextual objects that + * are saved in contexts of this scope do not have to be serializable. The + * context is stored in a servlet context attribute. + * </p> + * * @author Marcel Kolsteren - * */ @Documented @Retention(RUNTIME) Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,10 +33,11 @@ import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.OpenIdRequestedAttributeImpl; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; -import org.jboss.seam.security.external.dialogues.DialogueManager; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.DialogueBean; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.spi.OpenIdProviderSpi; import org.openid4java.message.AuthRequest; import org.openid4java.message.DirectError; @@ -71,7 +72,7 @@ private DialogueManager dialogueManager; @Inject - private Instance<Dialogue> dialogue; + private Instance<DialogueBean> dialogue; @Inject private Instance<OpenIdProviderBean> opBean; @@ -168,7 +169,7 @@ for (Map.Entry<String, String> entry : attributes.entrySet()) { - OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute(); + OpenIdRequestedAttributeImpl requestedAttribute = new OpenIdRequestedAttributeImpl(); requestedAttribute.setAlias(entry.getKey()); requestedAttribute.setTypeUri(entry.getValue()); requestedAttribute.setRequired(required); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -39,8 +39,6 @@ import org.jboss.seam.security.external.EntityBean; import org.jboss.seam.security.external.JaxbContext; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.xrds.LocalID; import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory; @@ -49,6 +47,8 @@ import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern; import org.jboss.seam.security.external.jaxb.xrds.XRD; import org.jboss.seam.security.external.jaxb.xrds.XRDS; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi; import org.jboss.seam.security.external.spi.OpenIdProviderSpi; import org.openid4java.discovery.DiscoveryInformation; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,8 +24,8 @@ import java.io.Serializable; import java.util.List; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.openid4java.message.ParameterList; import org.openid4java.message.ax.FetchRequest; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -31,11 +31,12 @@ import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.OpenIdPrincipalImpl; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.OpenIdPrincipal; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.DialogueBean; import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; import org.openid4java.OpenIDException; import org.openid4java.consumer.ConsumerManager; @@ -75,7 +76,7 @@ private Logger log; @Inject - private Instance<Dialogue> dialogue; + private Instance<DialogueBean> dialogue; public void handleIncomingMessage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException { @@ -146,7 +147,7 @@ String openIdServiceUrl = relyingPartyBean.getServiceURL(OpenIdService.OPEN_ID_SERVICE); String realm = relyingPartyBean.getRealm(); - String returnTo = openIdServiceUrl + "?dialogueId=" + dialogue.get().getDialogueId(); + String returnTo = openIdServiceUrl + "?dialogueId=" + dialogue.get().getId(); AuthRequest authReq = openIdConsumerManager.authenticate(discovered, returnTo, realm); if (attributes != null && attributes.size() > 0) @@ -173,6 +174,6 @@ private OpenIdPrincipal createPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues) { - return new OpenIdPrincipal(identifier, openIdProvider, attributeValues); + return new OpenIdPrincipalImpl(identifier, openIdProvider, attributeValues); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,9 +33,7 @@ import org.jboss.seam.security.external.EntityBean; import org.jboss.seam.security.external.JaxbContext; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.OpenIdRequestedAttributeImpl; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory; import org.jboss.seam.security.external.jaxb.xrds.Service; @@ -43,6 +41,9 @@ import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern; import org.jboss.seam.security.external.jaxb.xrds.XRD; import org.jboss.seam.security.external.jaxb.xrds.XRDS; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.openid4java.discovery.DiscoveryInformation; /** @@ -116,4 +117,9 @@ throw new RuntimeException(e); } } + + public OpenIdRequestedAttribute createOpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count) + { + return new OpenIdRequestedAttributeImpl(alias, typeUri, required, count); + } } Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,67 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +import java.net.URL; +import java.util.List; +import java.util.Map; + +/** + * Object respresenting a person that has been authenticated using OpenID. + * + * @author Marcel Kolsteren + */ +public interface OpenIdPrincipal +{ + /** + * This identifier holds the OpenID that is owned by the person. + * + * @return the verified OpenID + */ + String getIdentifier(); + + /** + * The endpoint URL of the authentication service of the OpenID provider that + * verified that the person owns the OpenID. + * + * @return the OpenID provider authentication endpoint URL + */ + URL getOpenIdProvider(); + + /** + * The attributes of the person, that have been received from the OpenID + * provider. It maps aliases of requested attributes to lists of attribute + * values. + * + * @return the attribute map + */ + Map<String, List<String>> getAttributeValues(); + + /** + * Convenience method for fetching the first value of the attribute with the + * given alias. If the attribute doesn't exits, it returns null; + * + * @param alias attribute alias + * @return the first value of the attribute, or null + */ + String getAttribute(String alias); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,107 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.openid.OpenIdProviderInApplicationScopeProducer; +import org.jboss.seam.security.external.openid.OpenIdProviderInVirtualApplicationScopeProducer; +import org.jboss.seam.security.external.spi.OpenIdProviderSpi; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; + +/** + * API to the OpenID Provider (OP) of Seam security. In order to use this API, + * one of the following alternative beans needs to be activated: + * + * <ul> + * <li>{@link OpenIdProviderInApplicationScopeProducer}</li> + * <li>{@link OpenIdProviderInVirtualApplicationScopeProducer}</li> + * </ul> + * + * The former will install the OpenID provider in application scope, the latter + * will install it in virtual application scope. The virtual application scope + * allows for using different provider configurations depending on the server + * name. See {@link VirtualApplicationScoped}. + * + * <p> + * This API (implemented by the framework) comes along with an SPI: + * {@link OpenIdProviderSpi} (implemented by the client application). Dialogues + * are used to bridge corresponding API and SPI calls (see {@link Dialogued}). + * </p> + * + * <p> + * Most methods in this API require that the HTTP response is passed as a + * parameter. The implementation needs the response, in order to redirect the + * browser to the relying party. Beware not to touch the HTTP response after one + * of these method returns. + * </p> + * + * @author Marcel Kolsteren + * + */ +public interface OpenIdProviderApi +{ + /** + * This is one of the possible reactions of the application after having + * received and processed an authentication request through the API call + * {@link OpenIdProviderSpi#authenticate(String, String, boolean, ResponseHolder)} + * . By calling this method, the application informs the OpenID provider + * module that authentication succeeded. The userName of the authenticated + * user is provided. The OpenID provider module will redirect the user back + * to the relying party's website. + * + * @param userName user name + * @param response HTTP response + */ + void authenticationSucceeded(String userName, HttpServletResponse response); + + /** + * This is one of the possible reactions of the application after having + * received and processed an authentication request through the API call + * {@link OpenIdProviderSpi#authenticate(String, String, boolean, ResponseHolder)} + * . By calling this method, the application informs the OpenID provider + * module that authentication failed. The OpenID provider module will + * redirect the user back to the relying party's website. + * + * @param userName user name + * @param response HTTP response + */ + void authenticationFailed(HttpServletResponse response); + + void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response); + + /** + * This method can be used to find out the OP-Local identifier for a given + * user name. The OpenID authentication specification defines this identifier + * as follows: 'An alternate Identifier for an end user that is local to a + * particular OP and thus not necessarily under the end user's control'. + * + * @param userName user name + * @return the OP-Local Identifier + */ + String getOpLocalIdentifierForUserName(String userName); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,43 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +import org.jboss.seam.security.external.api.EntityConfigurationApi; + +/** + * API for accessing the OpenID Provider configuration + * + * @author Marcel Kolsteren + * + */ +public interface OpenIdProviderConfigurationApi extends EntityConfigurationApi +{ + /** + * Gets the URL where the XRDS is served that can be used by relying parties + * for OpenID Provider discovery. The document served at this URL is + * described in the OpenID 2.0 Authentication specification, section + * 7.3.2.1.1. + * + * @return the URL + */ + String getXrdsURL(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,90 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +import java.util.List; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; + +/** + * API to the OpenID Relying Party (RP) of Seam security. In order to use this + * API, one of the following alternative beans needs to be activated: + * + * <ul> + * <li>{@link OpenIdRelyingPartyInApplicationScopeProducer}</li> + * <li>{@link OpenIdRelyingPartyInVirtualApplicationScopeProducer}</li> + * </ul> + * + * The former will install the OpenID relying party in application scope, the + * latter will install it in virtual application scope. The virtual application + * scope allows for using different provider configurations depending on the + * server name. See {@link VirtualApplicationScoped}. + * + * <p> + * This API (implemented by the framework) comes along with an SPI: + * {@link OpenIdRelyingPartySpi} (implemented by the client application). + * Dialogues are used to bridge corresponding API and SPI calls (see + * {@link Dialogued}). + * </p> + * + * <p> + * Most methods in this API require that the HTTP response is passed as a + * parameter. The implementation needs the response, in order to redirect the + * browser to the relying party. Beware not to touch the HTTP response after one + * of these method returns. + * </p> + * + * @author Marcel Kolsteren + * + */ +public interface OpenIdRelyingPartyApi +{ + /** + * Start an OpenID login dialogue. + * + * @param identifier either a Claimed Identifier (identifying the user) or an + * OP Identifier (identifying the OpenID Provider where the user + * has an account) + * @param attributes attributes that are requested (they should have + * different aliases) + * @param response the HTTP servlet response + */ + void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response); + + /** + * Creates a request to fetch a certain attribute from the OpenID Provider. + * The resulting object can be passed to the {@link #login} method. + * + * @param alias name that identifies this requested attribute + * @param typeUri attribute type identifier + * @param required indicates whether the attribute is required + * @param count indicates the maximum number of values to be returned by the + * provider; must be at least 1 + * + * @return the requested attribute + */ + OpenIdRequestedAttribute createOpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,60 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +import org.jboss.seam.security.external.api.EntityConfigurationApi; + +/** + * API for accessing the OpenID Relying Party configuration + * + * @author Marcel Kolsteren + * + */ +public interface OpenIdRelyingPartyConfigurationApi extends EntityConfigurationApi +{ + /** + * Gets the URL where the XRDS is served that can be used by OpenID providers + * for relying party discovery. The XRDS document served at this URL is + * described in the OpenID 2.0 Authentication specification, section 13. + * Remark that some OpenID providers (e.g. Yahoo) require that a Yadis + * discovery on the realm also results in this document. Meeting this + * requirement is beyond the responsibility and beyond the reach of the Seam + * OpenID module, because the realm URL is not "handled" by the web + * application in which the OpenID module lives. Consult the Seam Security + * documentation for further details about setting up the realm-based + * discovery. + * + * @return the URL + */ + String getXrdsURL(); + + /** + * Gets the realm that is used by the relying party. A "realm" is a pattern + * that represents the part of URL-space for which an OpenID Authentication + * request is valid. See OpenID 2.0 Authentication specification, section + * 9.2. The OpenID provider uses the realm as the name of the the relying + * party site that is presented to the end user. + * + * @return the realm + */ + String getRealm(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/api/OpenIdRequestedAttribute.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,60 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.openid.api; + +/** + * Attribute requested by the relying party during the authentication of a user. + * + * @author Marcel Kolsteren + * + */ +public interface OpenIdRequestedAttribute +{ + /** + * Name that identifies this requested attribute. + * + * @return the alias + */ + String getAlias(); + + /** + * Attribute type identifier. + * + * @return the type URI + */ + String getTypeUri(); + + /** + * Indicates whether the attribute is required. + * + * @return true if required, false otherwise + */ + boolean isRequired(); + + /** + * Indicates the maximum number of values to be returned by the provider; + * must be at least 1. + * + * @return maximum number of values + */ + Integer getCount(); +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEndpoint.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -21,7 +21,7 @@ */ package org.jboss.seam.security.external.saml; -import org.jboss.seam.security.external.api.SamlBinding; +import org.jboss.seam.security.external.saml.api.SamlBinding; /** * @author Marcel Kolsteren Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -38,8 +38,6 @@ import org.jboss.seam.security.external.EntityBean; import org.jboss.seam.security.external.JaxbContext; -import org.jboss.seam.security.external.api.SamlBinding; -import org.jboss.seam.security.external.api.SamlEntityConfigurationApi; import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntitiesDescriptorType; import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType; import org.jboss.seam.security.external.jaxb.samlv2.metadata.IndexedEndpointType; @@ -50,6 +48,8 @@ import org.jboss.seam.security.external.jaxb.samlv2.metadata.SSODescriptorType; import org.jboss.seam.security.external.jaxb.xmldsig.KeyInfoType; import org.jboss.seam.security.external.jaxb.xmldsig.X509DataType; +import org.jboss.seam.security.external.saml.api.SamlBinding; +import org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi; /** * @author Marcel Kolsteren Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageFactory.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,7 +27,6 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; -import org.jboss.seam.security.external.api.SamlNameId; import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AudienceRestrictionType; @@ -46,7 +45,9 @@ import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusCodeType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusType; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlNameId; +import org.jboss.seam.security.external.saml.idp.SamlIdpSessionImpl; /** * @author Marcel Kolsteren @@ -132,7 +133,7 @@ AuthnStatementType authnStatement = assertionObjectFactory.createAuthnStatementType(); assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(authnStatement); authnStatement.setAuthnInstant(SamlUtils.getXMLGregorianCalendarNow()); - authnStatement.setSessionIndex(session.getSessionIndex()); + authnStatement.setSessionIndex(((SamlIdpSessionImpl) session).getSessionIndex()); AuthnContextType authnContext = assertionObjectFactory.createAuthnContextType(); authnStatement.setAuthnContext(authnContext); @@ -160,7 +161,7 @@ private void fillRequestAbstractTypeFields(RequestAbstractType request) { - request.setID(dialogue.getDialogueId()); + request.setID(dialogue.getId()); request.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow()); NameIDType issuer = assertionObjectFactory.createNameIDType(); @@ -172,7 +173,7 @@ private void fillStatusResponseFields(StatusResponseType response, String statusCode, String statusMessage) { - response.setID(dialogue.getDialogueId()); + response.setID(dialogue.getId()); response.setIssueInstant(SamlUtils.getXMLGregorianCalendarNow()); NameIDType issuer = assertionObjectFactory.createNameIDType(); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -43,7 +43,7 @@ import org.jboss.seam.security.external.Base64; import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.JaxbContext; -import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.ResponseType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -45,13 +45,13 @@ import org.jboss.seam.security.external.Base64; import org.jboss.seam.security.external.JaxbContext; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.SamlBinding; import org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.ObjectFactory; import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.ResponseType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.external.saml.api.SamlBinding; import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider; import org.slf4j.Logger; import org.w3c.dom.Document; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,8 +24,8 @@ import java.util.LinkedList; import java.util.List; -import org.jboss.seam.security.external.api.SamlBinding; import org.jboss.seam.security.external.jaxb.samlv2.metadata.EndpointType; +import org.jboss.seam.security.external.saml.api.SamlBinding; /** * @author Marcel Kolsteren Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlBinding.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlBinding.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,43 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +/** + * Enumeration that contains the SAML protocol bindings that can be used by the + * SAML Identity Provider and the SAML Service Provider. Refer to the SAMLv2 + * specification for details about the bindings. + * + * @author Marcel Kolsteren + * + */ +public enum SamlBinding +{ + /** + * HTTP_Redirect binding + */ + HTTP_Redirect, + + /** + * HTTP_Post binding + */ + HTTP_Post +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlEntityConfigurationApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlEntityConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,129 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.io.Reader; +import java.util.List; + +import org.jboss.seam.security.external.api.EntityConfigurationApi; +import org.jboss.seam.security.external.saml.SamlExternalEntity; + +/** + * API for the configuration of a SAML entity (i.e. a SAML Identity Provider or + * SAML Service Provider) + * + * @author Marcel Kolsteren + * + */ +public interface SamlEntityConfigurationApi extends EntityConfigurationApi +{ + /** + * The unique identification of this SAML Entity. Typically, this is + * "https://www.your-domain.com". + * + * @return the entity ID + */ + String getEntityId(); + + /** + * {@See #getEntityId()} + * + * @param entityId + */ + void setEntityId(String entityId); + + /** + * The preferred SAML protocol binding. By default, it is + * {@link SamlBinding#HTTP_Post} + * + * @return the preferred binding + */ + SamlBinding getPreferredBinding(); + + /** + * See {@link #getPreferredBinding()} + * + * @param preferredBinding + */ + void setPreferredBinding(SamlBinding preferredBinding); + + /** + * Sets the key that is used to sign outgoing messages. Remark that in + * production deployments, the key store and the passwords giving access to + * it need to be well secured. + * + * @param keyStoreUrl URL of the key store, which must have Java Key Store + * (JKS) format; if it starts with "classpath://", the keystore + * will be read from the given location within the classpath + * @param keyStorePass the password giving access to the key store + * @param signingKeyAlias the alias under which the private key is stored + * that needs to be used for signing; the private key must be + * either a DSA or an RSA key + * @param signingKeyPass the password that gives access to the private key + */ + void setSigningKey(String keyStoreUrl, String keyStorePass, String signingKeyAlias, String signingKeyPass); + + /** + * This method can be used to add an external SAML entity that is trusted by + * the entity that is being configured. If the entity that is being + * configured is an identity provider, this method can be used for adding + * trusted service providers, and vice versa. The reader must contain a UTF-8 + * encoded XML-file with the meta information of the entity that needs to be + * added. When this method returns, the configured entity trusts the added + * entity (has been added to the "circle of trust"). Remark that the meta + * data of the configured entity also needs to be loaded in the external + * entity. How this is done is out of scope for this API, but the needed meta + * information is served at the URL provided by {@link #getMetaDataURL}. + * + * @param reader reader that reads the meta information of the entry that + * needs to be added + * @return the contents of the external entity (extracted from the meta + * information) + */ + SamlExternalEntity addExternalSamlEntity(Reader reader); + + /** + * Gets the detailed of a trusted external entity, that has been added + * previously by calling {@link #addExternalSamlEntity}. + * + * @param entityId the id of the entity + * @return an object containing the properties of the entity + */ + SamlExternalEntity getExternalSamlEntityByEntityId(String entityId); + + /** + * Gets a list of all external entities that have been added previously by + * calling {@link #addExternalSamlEntity}. + * + * @return the list + */ + List<SamlExternalEntity> getExternalSamlEntities(); + + /** + * Gets the URL where the meta data of this entity is served. Call this + * function only after configuration is complete (after you called other + * methods on this API that change the configuration). + * + * @return the URL + */ + String getMetaDataURL(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,164 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.util.List; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external.saml.idp.SamlIdpInApplicationScopeProducer; +import org.jboss.seam.security.external.saml.idp.SamlIdpInVirtualApplicationScopeProducer; +import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; + +/** + * + * API to the SAML Identity Provider (IDP) of Seam security. In order to use + * this API, one of the following alternative beans needs to be activated: + * + * <ul> + * <li>{@link SamlIdpInApplicationScopeProducer}</li> + * <li>{@link SamlIdpInVirtualApplicationScopeProducer}</li> + * </ul> + * + * The former will install the Identity Provider in application scope, the + * latter will install it in virtual application scope. The virtual application + * scope allows for using different provider configurations depending on the + * server name. See {@link VirtualApplicationScoped}. + * + * <p> + * This API (implemented by the framework) comes along with an SPI: + * {@link SamlIdentityProviderSpi} (implemented by the client application). + * Dialogues are used to bridge corresponding API and SPI calls (see + * {@link Dialogued}). + * </p> + * + * <p> + * Most methods in this API require that the HTTP response is passed as a + * parameter. The implementation needs the response, in order to redirect the + * browser to the relying party. Beware not to touch the HTTP response after one + * of these method returns. + * </p> + * + * @author Marcel Kolsteren + * + */ + +public interface SamlIdentityProviderApi +{ + /** + * Creates a local SAML session for the user with the given name and + * attributes. This call is typically done before a {@link #remoteLogin} or + * an {@link #authenticationSucceeded} call. + * + * @param nameId + * @param attributes + */ + void localLogin(SamlNameId nameId, List<AttributeType> attributes); + + /** + * Creates a name identifier with the given properties. Needed for + * constructing the nameId parameter of a {@link #localLogin} call. + * + * @param value value (required) + * @param format format (optional) + * @param qualifier qualifier (optional) + * @return the name identifier + */ + SamlNameId createNameId(String value, String format, String qualifier); + + /** + * <p> + * Logs the user in remotely in the application of the given service + * provider. If the remote URL is specified, the service provider will + * redirect the user to that URL within the service provider's application. + * Otherwise, the service provider will determine for itself which page is + * shown to the user. + * </p> + * + * <p> + * In SAML terms, this call results in an "unsolicited login" at the side of + * the service provider. + * </p> + * + * @param spEntityId the entity id of the remote service provider + * @param remoteUrl the URL where the user agent needs to be redirected to by + * the service provider (can be null) + * @param response the HTTP servlet response + */ + void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response); + + /** + * This is one of the possible responses that relate to the SPI call + * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the + * same dialogue context as the corresponding SPI call. It instructs the SAML + * identity provider to send a positive authentication result back to the + * service provider, using the local SAML session, which must have been + * established before this call is done (by a previous call to + * {@link #localLogin}). + * + * @param response the HTTP servlet response + */ + void authenticationSucceeded(HttpServletResponse response); + + /** + * This is one of the possible responses that relate to the SPI call + * {@link SamlIdentityProviderSpi#authenticate}. If should be called in the + * same dialogue context as the corresponding SPI call. It instructs the SAML + * identity provider to send a positive authentication result back to the + * service provider. + * + * @param response the HTTP servlet response + */ + void authenticationFailed(HttpServletResponse response); + + /** + * Gets the current SAML session. This contains information about the logged + * in user, and the external service providers that take part in this + * session. + * + * @return the session + */ + SamlIdpSession getSession(); + + /** + * Removes the local SAML session for the current user. This use case is + * considered out of scope by the SAML spec (see the SAMLv2 Profiles + * document, section 4.4). External service providers that take part in the + * session are <b>not</b> informed about the fact that the shared session has + * been removed at the identity provider side. + */ + void localLogout(); + + /** + * Globally logs out the current user. This leads to a "single logout" where + * the identity provider logs out the user from all service providers that + * participate in the current session. The result of the global logout is + * reported asynchronously through the SPI. + * + * @param response the HTTP servlet response + */ + void globalLogout(HttpServletResponse response); + +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderConfigurationApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdentityProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,88 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.util.List; + +import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider; + +/** + * API for the configuration of a SAML Identity Provider + * + * @author Marcel Kolsteren + * + */ +public interface SamlIdentityProviderConfigurationApi extends SamlEntityConfigurationApi +{ + /** + * This property indicates whether incoming authentication requests need to + * be signed. This property is disabled (false) by default. + * + * @return true iff the authentication requests need to be signed + */ + boolean isWantAuthnRequestsSigned(); + + /** + * See {@link #isWantAuthnRequestsSigned()}. + */ + void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned); + + /** + * This property indicates whether outgoing single logout messages are + * signed. True by default, and the advice is not to disable this property, + * unless you understand the security risks of doing so. + * + * @return true iff the single logout requests (sent to identity providers) + * are signed + */ + boolean isSingleLogoutMessagesSigned(); + + /** + * See {@link #isSingleLogoutMessagesSigned()}. + */ + void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned); + + /** + * This property indicates whether incoming single logout requests are + * required to have a valid signature. True by default, and the advice is not + * to disable this property, unless you understand the security risks of + * doing so. + * + * @return true iff incoming single logout requests need to have a valid + * signature + */ + boolean isWantSingleLogoutMessagesSigned(); + + /** + * See {@link #isWantSingleLogoutMessagesSigned()}. + */ + void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned); + + /** + * Gets a list of all external service providers that have been added + * previously by calling + * {@link SamlEntityConfigurationApi#addExternalSamlEntity}. + * + * @return the list + */ + List<SamlExternalServiceProvider> getServiceProviders(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlIdpSession.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,54 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.util.Set; + +import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider; + +/** + * Session managed by a SAML Identity Provider (IDP). Multiple Service Providers + * (SPs) can take part in the session. The session can be terminated as a whole, + * for all parties involved, by initiating a SAML single logout (either by the + * IDP or by a SP). + * + * @author Marcel Kolsteren + * + */ +public interface SamlIdpSession +{ + /** + * Returns the details of the principal, i.e. the logged in person + * + * @return the principal + */ + SamlPrincipal getPrincipal(); + + /** + * Returns the list of service providers that participate in the session. The + * list can be empty. In that case, the session is local to the identity + * provider. + * + * @return the list + */ + Set<SamlExternalServiceProvider> getServiceProviders(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlNameId.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlNameId.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,56 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +/** + * Name identifying a subject (person) that has been authenticated using SAML. + * For details, refer to section 2.2 of the document 'Assertions and Protocols + * for the OASIS 3 Security Assertion Markup Language (SAML) V2.0' . + * + * @author Marcel Kolsteren + */ +public interface SamlNameId +{ + /** + * The actual name + * + * @return the name (not null) + */ + String getValue(); + + /** + * A URI reference representing the classification of string-based identifier + * information. + * + * @return an URI reference, or null if the format is unspecified + */ + String getFormat(); + + /** + * The security or administrative domain that qualifies the identifier. This + * attribute provides a means to federate identifiers from disparate user + * stores without collision. + * + * @return the qualifier, or null if the name is unqualified + */ + String getQualifier(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlPrincipal.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlPrincipal.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,48 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.util.List; + +import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; + +/** + * Object respresenting a person that has been authenticated using SAML. + * + * @author Marcel Kolsteren + */ +public interface SamlPrincipal +{ + /** + * Gets the name id of the principal. + * + * @return the name id + */ + SamlNameId getNameId(); + + /** + * Gets the attributes of the principal + * + * @return the attributes + */ + List<AttributeType> getAttributes(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java (from rev 13771, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,120 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.SamlSingleUserServiceProviderSpi; +import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.saml.sp.SamlSpInApplicationScopeProducer; +import org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer; +import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; + +/** + * API to the SAMLv2 compliant service provider. In order to use this API, one + * of the following alternative beans needs to be activated: + * + * <ul> + * <li>{@link SamlSpInApplicationScopeProducer}</li> + * <li>{@link SamlSpInVirtualApplicationScopeProducer}</li> + * </ul> + * + * The former will install the service provider in application scope, the latter + * will install it in virtual application scope. The virtual application scope + * allows for using different service provider configurations depending on the + * server name. See {@link VirtualApplicationScoped}. + * + * <p> + * This API (implemented by the framework) comes along with an SPI: + * {@link SamlServiceProviderSpi} (implemented by the client application). + * Dialogues are used to bridge corresponding API and SPI calls (see + * {@link Dialogued}). + * </p> + * + * <p> + * Most methods in this API require that the HTTP response is passed as a + * parameter. The implementation needs the response, in order to redirect the + * browser to the relying party. Beware not to touch the HTTP response after one + * of these method returns. + * </p> + * + * @author Marcel Kolsteren + * + */ +public interface SamlServiceProviderApi +{ + /** + * Sends the user agent to the site of the given identity provider, where the + * user can be authenticated. When the call returns, a redirect on the HTTP + * response has taken place. The response of the identity provider will be + * sent asynchronously through the SPI methods + * {@link SamlSingleUserServiceProviderSpi#loginSucceeded(OpenIdSession)} or + * {@link SamlSingleUserServiceProviderSpi#loginFailed(OpenIdSession)}. If + * the method is called within a dialogue, that same dialogue will be active + * when the SPI method is called. Thus, the dialogue can be used to store API + * client state that needs to survive the sign on process. + * + * @param idpEntityId + * @param response the HTTP servlet response + */ + public void login(String idpEntityId, HttpServletResponse response); + + /** + * <p> + * Locally logs out the user. This use case is considered out of scope by the + * SAML spec (see the SAMLv2 Profiles document, section 4.4). The local + * logout means that the session established by the SAML SP is not used any + * more by the application. So when the SAML SP will receive a logout request + * for this session in the future, it won't pass that on to the application. + * </p> + * + * <p> + * This method doesn't write the HTTP response. + * </p> + */ + public void localLogout(); + + /** + * Globally logs out the user. The browser of the user is redirected to the + * site of the identity provider, so that the identity provider can logout + * the user from all applications that share the same session at the identity + * provider. The result of the logout operation is reported back + * asynchronously through the SPI methods + * {@link SamlSingleUserServiceProviderSpi#globalLogoutSucceeded()} and + * {@link SamlSingleUserServiceProviderSpi#singleLogoutFailed()}. If this + * method is called with an active dialogue scope, the same dialogue will be + * active when the SPI method is called. This allows the API client to store + * state information in the dialogue. + * + * @param response the HTTP servlet response + */ + public void globalLogout(HttpServletResponse response); + + /** + * Gets the current session (login). If there is no active session, null is + * returned. + * + * @return active session, or null + */ + public SamlSpSession getSession(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderConfigurationApi.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlServiceProviderConfigurationApi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,109 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import java.util.List; + +import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider; + +/** + * API for the configuration of a SAML Service Provider. + * + * @author Marcel Kolsteren + * + */ +public interface SamlServiceProviderConfigurationApi extends SamlEntityConfigurationApi +{ + /** + * If this property is enabled, all authentication requests targeted at + * identity providers will be signed. The property is disabled by default. + * When enabling it, be sure to add a signing key by calling + * {@link SamlEntityConfigurationApi#setSigningKey(String, String, String, String)} + * . + * + * @return true iff the authentication requests are signed + */ + boolean isAuthnRequestsSigned(); + + /** + * See {@link #isAuthnRequestsSigned}. + */ + void setAuthnRequestsSigned(boolean authnRequestsSigned); + + /** + * This property, which is enabled by default, determines whether incoming + * authentication responses from the identity provider are required to have a + * valid signature. It is strongly discouraged to disabled signature + * validation, because this opens possibilities for sending fake + * authentication responses to the service provider. + * + * @return true iff incoming assertions need to have a valid signature + */ + boolean isWantAssertionsSigned(); + + /** + * See {@link #isWantAssertionsSigned()}. + */ + void setWantAssertionsSigned(boolean wantAssertionsSigned); + + /** + * This property indicates whether outgoing single logout messages are + * signed. True by default, and the advice is not to disable this property, + * unless you understand the security risks of doing so. + * + * @return true iff the single logout requests (sent to identity providers) + * are signed + */ + boolean isSingleLogoutMessagesSigned(); + + /** + * See {@link #isSingleLogoutMessagesSigned()}. + */ + void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned); + + /** + * This property indicates whether incoming single logout requests are + * required to have a valid signature. True by default, and the advice is not + * to disable this property, unless you understand the security risks of + * doing so. + * + * @return true iff incoming single logout requests need to have a valid + * signature + */ + boolean isWantSingleLogoutMessagesSigned(); + + /** + * See {@link #isWantSingleLogoutMessagesSigned()}. + */ + void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned); + + /** + * Returns a list with all identity providers that are trusted (i.e. identity + * providers that have been added by calling + * {@link SamlEntityConfigurationApi#addExternalSamlEntity}). This allows the + * API client to present the list to the user, so that the user can choose + * the provider that needs to be used for doing the login. + * + * @return list of identity providers + */ + List<SamlExternalIdentityProvider> getIdentityProviders(); +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/api/SamlSpSession.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,50 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.api; + +import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider; + +/** + * Session at the SAML Service Provider, managed by a master session at the SAML + * Identity Provider. Other Service Providers can also participate in the same + * master session. + * + * @author Marcel Kolsteren + */ +public interface SamlSpSession +{ + + /** + * Gets the details of the principal, i.e. the logged in user. + * + * @return the principal + */ + SamlPrincipal getPrincipal(); + + /** + * Gets the entity provider that manages the session. + * + * @return the entity provider + */ + SamlExternalIdentityProvider getIdentityProvider(); + +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,6 +24,7 @@ import java.io.Reader; import java.io.Writer; import java.util.Arrays; +import java.util.HashSet; import java.util.LinkedList; import java.util.List; import java.util.Set; @@ -34,10 +35,9 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; -import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.api.SamlPrincipal; +import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi; +import org.jboss.seam.security.external.SamlNameIdImpl; +import org.jboss.seam.security.external.SamlPrincipalImpl; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType; @@ -51,6 +51,10 @@ import org.jboss.seam.security.external.saml.SamlExternalEntity; import org.jboss.seam.security.external.saml.SamlIdpOrSp; import org.jboss.seam.security.external.saml.SamlServiceType; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlNameId; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; /** * @author Marcel Kolsteren @@ -188,7 +192,9 @@ public Set<SamlIdpSession> getSessions() { - return samlIdpSessions.getSessions(); + Set<SamlIdpSession> sessions = new HashSet<SamlIdpSession>(); + sessions.addAll(samlIdpSessions.getSessions()); + return sessions; } public SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes) @@ -196,9 +202,14 @@ return createSession(nameId, attributes); } + public SamlNameId createNameId(String value, String format, String qualifier) + { + return new SamlNameIdImpl(value, format, qualifier); + } + private SamlIdpSession createSession(SamlNameId nameId, List<AttributeType> attributes) { - SamlPrincipal samlPrincipal = new SamlPrincipal(); + SamlPrincipalImpl samlPrincipal = new SamlPrincipalImpl(); samlPrincipal.setNameId(nameId); if (attributes != null) { @@ -227,14 +238,14 @@ public void localLogout(SamlIdpSession session) { - samlIdpSessions.removeSession(session); + samlIdpSessions.removeSession((SamlIdpSessionImpl) session); } @Dialogued(join = true) public void globalLogout(SamlIdpSession session, HttpServletResponse response) { SamlPrincipal principal = session.getPrincipal(); - samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Arrays.asList(session.getSessionIndex()), response); + samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Arrays.asList(((SamlIdpSessionImpl) session).getSessionIndex()), response); } @Override Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpIncomingLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -2,8 +2,8 @@ import java.util.List; -import org.jboss.seam.security.external.api.SamlNameId; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; +import org.jboss.seam.security.external.saml.api.SamlNameId; /** * @author Marcel Kolsteren Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpOutgoingLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,6 +1,7 @@ package org.jboss.seam.security.external.saml.idp; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; /** * @author Marcel Kolsteren Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,108 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.saml.idp; - -import java.util.HashSet; -import java.util.Set; - -import org.jboss.seam.security.external.api.SamlPrincipal; - -/** - * @author Marcel Kolsteren - * - */ -public class SamlIdpSession -{ - private SamlPrincipal principal; - - private String sessionIndex; - - private Set<SamlExternalServiceProvider> serviceProviders = new HashSet<SamlExternalServiceProvider>(); - - public SamlPrincipal getPrincipal() - { - return principal; - } - - public void setPrincipal(SamlPrincipal samlPrincipal) - { - this.principal = samlPrincipal; - } - - public String getSessionIndex() - { - return sessionIndex; - } - - public void setSessionIndex(String sessionIndex) - { - this.sessionIndex = sessionIndex; - } - - public Set<SamlExternalServiceProvider> getServiceProviders() - { - return serviceProviders; - } - - public void setServiceProviders(Set<SamlExternalServiceProvider> serviceProviders) - { - this.serviceProviders = serviceProviders; - } - - @Override - public int hashCode() - { - final int prime = 31; - int result = 1; - result = prime * result + ((principal == null) ? 0 : principal.hashCode()); - result = prime * result + ((sessionIndex == null) ? 0 : sessionIndex.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) - { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - SamlIdpSession other = (SamlIdpSession) obj; - if (principal == null) - { - if (other.principal != null) - return false; - } - else if (!principal.equals(other.principal)) - return false; - if (sessionIndex == null) - { - if (other.sessionIndex != null) - return false; - } - else if (!sessionIndex.equals(other.sessionIndex)) - return false; - return true; - } - -} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSession.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessionImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,109 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.idp; + +import java.util.HashSet; +import java.util.Set; + +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; + +/** + * @author Marcel Kolsteren + * + */ +public class SamlIdpSessionImpl implements SamlIdpSession +{ + private SamlPrincipal principal; + + private String sessionIndex; + + private Set<SamlExternalServiceProvider> serviceProviders = new HashSet<SamlExternalServiceProvider>(); + + public SamlPrincipal getPrincipal() + { + return principal; + } + + public void setPrincipal(SamlPrincipal samlPrincipal) + { + this.principal = samlPrincipal; + } + + public String getSessionIndex() + { + return sessionIndex; + } + + public void setSessionIndex(String sessionIndex) + { + this.sessionIndex = sessionIndex; + } + + public Set<SamlExternalServiceProvider> getServiceProviders() + { + return serviceProviders; + } + + public void setServiceProviders(Set<SamlExternalServiceProvider> serviceProviders) + { + this.serviceProviders = serviceProviders; + } + + @Override + public int hashCode() + { + final int prime = 31; + int result = 1; + result = prime * result + ((principal == null) ? 0 : principal.hashCode()); + result = prime * result + ((sessionIndex == null) ? 0 : sessionIndex.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) + { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + SamlIdpSessionImpl other = (SamlIdpSessionImpl) obj; + if (principal == null) + { + if (other.principal != null) + return false; + } + else if (!principal.equals(other.principal)) + return false; + if (sessionIndex == null) + { + if (other.sessionIndex != null) + return false; + } + else if (!sessionIndex.equals(other.sessionIndex)) + return false; + return true; + } + +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSessions.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,7 +27,8 @@ import javax.enterprise.context.SessionScoped; -import org.jboss.seam.security.external.api.SamlPrincipal; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; /** * @author Marcel Kolsteren @@ -38,7 +39,7 @@ { private static final long serialVersionUID = 6297278286428111620L; - private Set<SamlIdpSession> sessions = new HashSet<SamlIdpSession>(); + private Set<SamlIdpSessionImpl> sessions = new HashSet<SamlIdpSessionImpl>(); public SamlIdpSession addSession(SamlPrincipal principal) { @@ -50,7 +51,7 @@ } while (getSession(principal, sessionIndex) != null); - SamlIdpSession session = new SamlIdpSession(); + SamlIdpSessionImpl session = new SamlIdpSessionImpl(); session.setPrincipal(principal); session.setSessionIndex(sessionIndex); sessions.add(session); @@ -60,7 +61,7 @@ public SamlIdpSession getSession(SamlPrincipal principal, String sessionIndex) { - for (SamlIdpSession session : sessions) + for (SamlIdpSessionImpl session : sessions) { if (session.getPrincipal().equals(principal) && session.getSessionIndex().equals(sessionIndex)) { @@ -70,12 +71,12 @@ return null; } - public void removeSession(SamlIdpSession session) + public void removeSession(SamlIdpSessionImpl session) { sessions.remove(session); } - public Set<SamlIdpSession> getSessions() + public Set<SamlIdpSessionImpl> getSessions() { return sessions; } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -30,10 +30,9 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.api.SamlPrincipal; -import org.jboss.seam.security.external.dialogues.DialogueManager; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.SamlNameIdImpl; +import org.jboss.seam.security.external.dialogues.DialogueBean; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.security.external.jaxb.samlv2.assertion.NameIDType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType; @@ -43,6 +42,9 @@ import org.jboss.seam.security.external.saml.SamlMessageFactory; import org.jboss.seam.security.external.saml.SamlMessageSender; import org.jboss.seam.security.external.saml.SamlProfile; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlNameId; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; /** @@ -64,7 +66,7 @@ private Instance<SamlIdentityProviderSpi> samlIdentityProviderSpi; @Inject - private Instance<Dialogue> dialogue; + private Instance<DialogueBean> dialogue; @Inject private Instance<SamlDialogue> samlDialogue; @@ -91,7 +93,7 @@ LogoutRequestType logoutRequest = (LogoutRequestType) request; NameIDType nameIdJaxb = logoutRequest.getNameID(); - SamlNameId samlNameId = new SamlNameId(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier()); + SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier()); samlIdpIncomingLogoutDialogue.get().setNameId(samlNameId); samlIdpIncomingLogoutDialogue.get().setSessionIndexes(logoutRequest.getSessionIndex()); @@ -123,7 +125,7 @@ { if (session.getPrincipal().getNameId().equals(samlNameId)) { - if (sessionIndexes == null || sessionIndexes.size() == 0 || sessionIndexes.contains(session.getSessionIndex())) + if (sessionIndexes == null || sessionIndexes.size() == 0 || sessionIndexes.contains(((SamlIdpSessionImpl) session).getSessionIndex())) { sessionToRemove = session; break; @@ -147,7 +149,7 @@ // participant (if available) or to the next session. if (sp != null && !sp.equals(samlDialogue.get().getExternalProvider()) && sp.getService(SamlProfile.SINGLE_LOGOUT) != null) { - String incomingDialogueId = dialogue.get().getDialogueId(); + String incomingDialogueId = dialogue.get().getId(); dialogueManager.detachDialogue(); dialogueManager.beginDialogue(); samlIdpOutgoingLogoutDialogue.get().setIncomingDialogueId(incomingDialogueId); @@ -160,7 +162,7 @@ { // Session has no participating service providers (any more). // Remove the session. - samlIdpSessions.removeSession(sessionToRemove); + samlIdpSessions.removeSession((SamlIdpSessionImpl) sessionToRemove); if (samlDialogue.get().getExternalProvider() != null) { samlIdentityProviderSpi.get().loggedOut(sessionToRemove); @@ -187,11 +189,11 @@ { if (failed) { - samlIdentityProviderSpi.get().singleLogoutFailed(responseHandler.createResponseHolder(response)); + samlIdentityProviderSpi.get().globalLogoutFailed(responseHandler.createResponseHolder(response)); } else { - samlIdentityProviderSpi.get().singleLogoutSucceeded(responseHandler.createResponseHolder(response)); + samlIdentityProviderSpi.get().globalLogoutSucceeded(responseHandler.createResponseHolder(response)); } } dialogue.get().setFinished(true); @@ -216,7 +218,7 @@ public void sendSingleLogoutRequestToSP(SamlIdpSession session, SamlExternalServiceProvider sp, HttpServletResponse response) { LogoutRequestType logoutRequest; - logoutRequest = samlMessageFactory.createLogoutRequest(session.getPrincipal().getNameId(), session.getSessionIndex()); + logoutRequest = samlMessageFactory.createLogoutRequest(session.getPrincipal().getNameId(), ((SamlIdpSessionImpl) session).getSessionIndex()); samlDialogue.get().setExternalProvider(sp); samlMessageSender.sendRequest(sp, SamlProfile.SINGLE_LOGOUT, logoutRequest, response); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -28,7 +28,7 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.DialogueBean; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType; @@ -41,6 +41,7 @@ import org.jboss.seam.security.external.saml.SamlMessageSender; import org.jboss.seam.security.external.saml.SamlProfile; import org.jboss.seam.security.external.saml.SamlService; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; import org.jboss.seam.security.external.saml.sp.SamlExternalIdentityProvider; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; @@ -60,7 +61,7 @@ private Instance<SamlIdentityProviderSpi> samlIdentityProviderSpi; @Inject - private Dialogue dialogue; + private DialogueBean dialogue; @Inject private SamlDialogue samlDialogue; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,10 +27,11 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlNameId; +import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlNameId; public class SamlIdpSingleUser implements SamlIdentityProviderApi { @@ -93,4 +94,9 @@ } multiUserApi.get().globalLogout(session, response); } + + public SamlNameId createNameId(String value, String format, String qualifier) + { + return multiUserApi.get().createNameId(value, format, qualifier); + } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -23,6 +23,7 @@ import java.io.Reader; import java.io.Writer; +import java.util.HashSet; import java.util.LinkedList; import java.util.List; import java.util.Set; @@ -32,8 +33,7 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; -import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi; -import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; +import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType; import org.jboss.seam.security.external.jaxb.samlv2.metadata.IDPSSODescriptorType; @@ -45,6 +45,8 @@ import org.jboss.seam.security.external.saml.SamlExternalEntity; import org.jboss.seam.security.external.saml.SamlIdpOrSp; import org.jboss.seam.security.external.saml.SamlServiceType; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlSpSession; /** * @author Marcel Kolsteren @@ -193,19 +195,21 @@ @Dialogued(join = true) public void localLogout(SamlSpSession session) { - samlSpSessions.removeSession(session); + samlSpSessions.removeSession((SamlSpSessionImpl) session); } @Dialogued(join = true) public void globalLogout(SamlSpSession session, HttpServletResponse response) { localLogout(session); - samlSpSingleLogoutService.sendSingleLogoutRequestToIDP(session, response); + samlSpSingleLogoutService.sendSingleLogoutRequestToIDP((SamlSpSessionImpl) session, response); } public Set<SamlSpSession> getSessions() { - return samlSpSessions.getSessions(); + Set<SamlSpSession> sessions = new HashSet<SamlSpSession>(); + sessions.addAll(samlSpSessions.getSessions()); + return sessions; } @Override Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpLogoutDialogue.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,6 +1,7 @@ package org.jboss.seam.security.external.saml.sp; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; +import org.jboss.seam.security.external.saml.api.SamlSpSession; /** * @author Marcel Kolsteren Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,68 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.saml.sp; - -import org.jboss.seam.security.external.api.SamlPrincipal; - -/** - * @author Marcel Kolsteren - * - */ -public class SamlSpSession -{ - private SamlPrincipal principal; - - private String sessionIndex; - - private SamlExternalIdentityProvider identityProvider; - - public SamlPrincipal getPrincipal() - { - return principal; - } - - public void setPrincipal(SamlPrincipal samlPrincipal) - { - this.principal = samlPrincipal; - } - - public String getSessionIndex() - { - return sessionIndex; - } - - public void setSessionIndex(String sessionIndex) - { - this.sessionIndex = sessionIndex; - } - - public SamlExternalIdentityProvider getIdentityProvider() - { - return identityProvider; - } - - public void setIdentityProvider(SamlExternalIdentityProvider identityProvider) - { - this.identityProvider = identityProvider; - } - -} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java (from rev 13768, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSession.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessionImpl.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,69 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.saml.sp; + +import org.jboss.seam.security.external.saml.api.SamlPrincipal; +import org.jboss.seam.security.external.saml.api.SamlSpSession; + +/** + * @author Marcel Kolsteren + * + */ +public class SamlSpSessionImpl implements SamlSpSession +{ + private SamlPrincipal principal; + + private String sessionIndex; + + private SamlExternalIdentityProvider identityProvider; + + public SamlPrincipal getPrincipal() + { + return principal; + } + + public void setPrincipal(SamlPrincipal samlPrincipal) + { + this.principal = samlPrincipal; + } + + public String getSessionIndex() + { + return sessionIndex; + } + + public void setSessionIndex(String sessionIndex) + { + this.sessionIndex = sessionIndex; + } + + public SamlExternalIdentityProvider getIdentityProvider() + { + return identityProvider; + } + + public void setIdentityProvider(SamlExternalIdentityProvider identityProvider) + { + this.identityProvider = identityProvider; + } + +} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSessions.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,7 +27,8 @@ import javax.enterprise.context.SessionScoped; -import org.jboss.seam.security.external.api.SamlPrincipal; +import org.jboss.seam.security.external.saml.api.SamlPrincipal; +import org.jboss.seam.security.external.saml.api.SamlSpSession; /** * @author Marcel Kolsteren @@ -38,26 +39,26 @@ { private static final long serialVersionUID = 6297278286428111620L; - private Set<SamlSpSession> sessions = new HashSet<SamlSpSession>(); + private Set<SamlSpSessionImpl> sessions = new HashSet<SamlSpSessionImpl>(); - public void addSession(SamlSpSession session) + public void addSession(SamlSpSessionImpl session) { sessions.add(session); } - public void removeSession(SamlSpSession session) + public void removeSession(SamlSpSessionImpl session) { sessions.remove(session); } - public Set<SamlSpSession> getSessions() + public Set<SamlSpSessionImpl> getSessions() { return sessions; } public SamlSpSession getSession(SamlPrincipal samlPrincipal, String idpEntityId, String sessionIndex) { - for (SamlSpSession session : sessions) + for (SamlSpSessionImpl session : sessions) { if (session.getPrincipal().equals(samlPrincipal) && session.getIdentityProvider().getEntityId().equals(idpEntityId) && session.getSessionIndex().equals(sessionIndex)) { Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -30,17 +30,19 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.SamlNameIdImpl; +import org.jboss.seam.security.external.dialogues.DialogueBean; import org.jboss.seam.security.external.jaxb.samlv2.assertion.NameIDType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.LogoutRequestType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType; import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType; +import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusType; import org.jboss.seam.security.external.saml.SamlConstants; import org.jboss.seam.security.external.saml.SamlDialogue; import org.jboss.seam.security.external.saml.SamlMessageFactory; import org.jboss.seam.security.external.saml.SamlMessageSender; import org.jboss.seam.security.external.saml.SamlProfile; +import org.jboss.seam.security.external.saml.api.SamlNameId; import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; /** @@ -65,7 +67,7 @@ private SamlSpLogoutDialogue samlSpLogoutDialogue; @Inject - private Dialogue dialogue; + private DialogueBean dialogue; @Inject private SamlDialogue samlDialogue; @@ -84,7 +86,7 @@ SamlExternalIdentityProvider idp = (SamlExternalIdentityProvider) samlDialogue.getExternalProvider(); NameIDType nameIdJaxb = logoutRequest.getNameID(); - SamlNameId samlNameId = new SamlNameId(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier()); + SamlNameId samlNameId = new SamlNameIdImpl(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier()); removeSessions(samlNameId, idp.getEntityId(), logoutRequest.getSessionIndex()); StatusResponseType statusResponse = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_SUCCESS, null); @@ -96,13 +98,13 @@ private void removeSessions(SamlNameId nameId, String idpEntityId, List<String> sessionIndexes) { - for (SamlSpSession session : samlSpSessions.getSessions()) + for (SamlSpSessionImpl session : samlSpSessions.getSessions()) { if (session.getPrincipal().getNameId().equals(nameId) && session.getIdentityProvider().getEntityId().equals(idpEntityId)) { if (sessionIndexes.size() == 0 || sessionIndexes.contains(session.getSessionIndex())) { - samlSpSessions.removeSession(session); + samlSpSessions.removeSession((SamlSpSessionImpl) session); samlServiceProviderSpi.get().loggedOut(session); } } @@ -111,19 +113,25 @@ public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse) { - if (statusResponse.getStatus() != null && statusResponse.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) + StatusType status = statusResponse.getStatus(); + if (status.getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) { samlServiceProviderSpi.get().globalLogoutSucceeded(responseHandler.createResponseHolder(httpResponse)); } else { - String statusCode = statusResponse.getStatus() == null ? "null" : statusResponse.getStatus().getStatusCode().getValue(); - samlServiceProviderSpi.get().globalLogoutFailed(statusCode, responseHandler.createResponseHolder(httpResponse)); + String statusCodeLevel1 = status.getStatusCode().getValue(); + String statusCodeLevel2 = null; + if (status.getStatusCode().getStatusCode() != null) + { + statusCodeLevel2 = status.getStatusCode().getStatusCode().getValue(); + } + samlServiceProviderSpi.get().globalLogoutFailed(statusCodeLevel1, statusCodeLevel2, responseHandler.createResponseHolder(httpResponse)); } dialogue.setFinished(true); } - public void sendSingleLogoutRequestToIDP(SamlSpSession session, HttpServletResponse httpResponse) + public void sendSingleLogoutRequestToIDP(SamlSpSessionImpl session, HttpServletResponse httpResponse) { SamlExternalIdentityProvider idp = session.getIdentityProvider(); LogoutRequestType logoutRequest; Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,9 +33,9 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.api.SamlPrincipal; -import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.SamlNameIdImpl; +import org.jboss.seam.security.external.SamlPrincipalImpl; +import org.jboss.seam.security.external.dialogues.DialogueBean; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AssertionType; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeStatementType; import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; @@ -79,7 +79,7 @@ private Instance<SamlEntityBean> samlEntityBean; @Inject - private Dialogue dialogue; + private DialogueBean dialogue; @Inject private SamlMessageSender samlMessageSender; @@ -104,9 +104,15 @@ } String statusValue = status.getStatusCode().getValue(); - if (SamlConstants.STATUS_SUCCESS.equals(statusValue) == false) + if (!SamlConstants.STATUS_SUCCESS.equals(statusValue)) { - samlServiceProviderSpi.get().loginFailed(responseHandler.createResponseHolder(httpResponse)); + String statusCodeLevel1 = statusValue; + String statusCodeLevel2 = null; + if (status.getStatusCode().getStatusCode() != null) + { + statusCodeLevel2 = status.getStatusCode().getStatusCode().getValue(); + } + samlServiceProviderSpi.get().loginFailed(statusCodeLevel1, statusCodeLevel2, responseHandler.createResponseHolder(httpResponse)); } if (!(statusResponse instanceof ResponseType)) @@ -122,7 +128,7 @@ throw new RuntimeException("IDP response does not contain assertions"); } - SamlSpSession session = createSession(response, idp); + SamlSpSessionImpl session = createSession(response, idp); if (session == null) { throw new InvalidRequestException("Not possible to login based on the supplied assertions"); @@ -136,15 +142,15 @@ dialogue.setFinished(true); } - private SamlSpSession createSession(ResponseType responseType, SamlExternalIdentityProvider idp) + private SamlSpSessionImpl createSession(ResponseType responseType, SamlExternalIdentityProvider idp) { - SamlSpSession session = null; + SamlSpSessionImpl session = null; for (Object assertion : responseType.getAssertionOrEncryptedAssertion()) { if (assertion instanceof AssertionType) { - SamlSpSession sessionExtractedFromAssertion = handleAssertion((AssertionType) assertion, idp); + SamlSpSessionImpl sessionExtractedFromAssertion = handleAssertion((AssertionType) assertion, idp); if (session == null) { session = sessionExtractedFromAssertion; @@ -163,7 +169,7 @@ return session; } - private SamlSpSession handleAssertion(AssertionType assertion, SamlExternalIdentityProvider idp) + private SamlSpSessionImpl handleAssertion(AssertionType assertion, SamlExternalIdentityProvider idp) { if (SamlUtils.hasAssertionExpired(assertion)) { @@ -185,10 +191,10 @@ return null; } - SamlPrincipal principal = new SamlPrincipal(); + SamlPrincipalImpl principal = new SamlPrincipalImpl(); principal.setAssertion(assertion); - principal.setNameId(new SamlNameId(nameId.getValue(), nameId.getFormat(), nameId.getNameQualifier())); - SamlSpSession session = new SamlSpSession(); + principal.setNameId(new SamlNameIdImpl(nameId.getValue(), nameId.getFormat(), nameId.getNameQualifier())); + SamlSpSessionImpl session = new SamlSpSessionImpl(); session.setSessionIndex(authnStatement.getSessionIndex()); session.setPrincipal(principal); session.setIdentityProvider(idp); @@ -253,7 +259,7 @@ boolean notTooLate = confirmationData.getNotOnOrAfter().compare(SamlUtils.getXMLGregorianCalendarNow()) == DatatypeConstants.GREATER; - boolean validInResponseTo = confirmationData.getInResponseTo() == null || confirmationData.getInResponseTo().equals(dialogue.getDialogueId()); + boolean validInResponseTo = confirmationData.getInResponseTo() == null || confirmationData.getInResponseTo().equals(dialogue.getId()); if (validRecipient && notTooLate && validInResponseTo) { @@ -277,7 +283,7 @@ } } - private void loginUser(HttpServletRequest httpRequest, HttpServletResponse response, SamlSpSession session, boolean unsolicited, String relayState) + private void loginUser(HttpServletRequest httpRequest, HttpServletResponse response, SamlSpSessionImpl session, boolean unsolicited, String relayState) { samlSpSessions.addSession(session); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -25,8 +25,9 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi; -import org.jboss.seam.security.external.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.saml.api.SamlSpSession; /** * @author Marcel Kolsteren Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -23,14 +23,25 @@ import java.util.List; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; /** + * Interface that needs to be implemented by applications that want to act as an + * OpenID Provider. It is the counterpart of the {@link OpenIdProviderApi}. + * + * Most methods in this interface have a responseHolder parameter, which + * contains the HTTP response. This is a way of handing over the control over + * the browser to the application. The application is responsible for writing + * the response (either a normal HTML response, or an error, or a redirect). + * Typically, the application will redirect the user to a URL within the + * application. + * * @author Marcel Kolsteren * */ + public interface OpenIdProviderSpi { /** @@ -51,6 +62,7 @@ * needs to ask the use for her username * @param immediate if this is true, there must be no interaction with the * user (silent authentication) + * @param responseHolder */ void authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -21,16 +21,48 @@ */ package org.jboss.seam.security.external.spi; -import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi; /** + * Interface that needs to be implemented by applications that want to act as an + * OpenID Relying Party. It is the counterpart of the + * {@link OpenIdRelyingPartyApi}. + * + * Most methods in this interface have a responseHolder parameter, which + * contains the HTTP response. This is a way of handing over the control over + * the browser to the application. The application is responsible for writing + * the response (either a normal HTML response, or an error, or a redirect). + * Typically, the application will redirect the user to a URL within the + * application. + * * @author Marcel Kolsteren * */ public interface OpenIdRelyingPartySpi { - public void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder); + /** + * This method is called after successful external authentication of the + * user. The principal contains the details about the user. The call takes + * place in the same dialogue context as the corresponding API call: + * {@link OpenIdRelyingPartyApi#login}. The dialogue can be used, for + * example, to store the page that the user requested, so that the user can + * be redirected to this page after login took place. + * + * @param principal principal + * @param responseHolder object holding the HTTP servlet response + */ + void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder); - public void loginFailed(String message, ResponseHolder responseHolder); + /** + * This method is called after failed external authentication of the user. + * The call takes place in the same dialogue context as the corresponding API + * call: {@link OpenIdRelyingPartyApi#login}. + * + * @param message reason why the login failed + * @param responseHolder object holding the HTTP servlet response + * + */ + void loginFailed(String message, ResponseHolder responseHolder); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -22,19 +22,81 @@ package org.jboss.seam.security.external.spi; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; /** + * Interface that needs to be implemented by applications that want to act as a + * SAML identity provider. It is the counterpart of the + * {@link SamlIdentityProviderApi}. + * + * Most methods in this interface have a responseHolder parameter, which + * contains the HTTP response. This is a way of handing over the control over + * the browser to the application. The application is responsible for writing + * the response (either a normal HTML response, or an error, or a redirect). + * Typically, the application will redirect the user to a URL within the + * application. + * * @author Marcel Kolsteren * */ public interface SamlIdentityProviderSpi { - public void authenticate(ResponseHolder responseHolder); + /** + * This method is called after receipt of an authentication request from a + * service provider. Upon receipt of this call, the application should try to + * authenticate the user, or, if the user is already logged in, reuse an + * existing session of the user. The result of the authentication needs to be + * reported back using the API calls + * {@link SamlIdentityProviderApi#authenticationSucceeded} or + * {@link SamlIdentityProviderApi#authenticationFailed}. Those API calls + * should be called in the same dialogue as this SPI call. When redirecting + * the user to a page where she can be authenticated, it is convenient to use + * {@link ResponseHolder#redirectWithDialoguePropagation(String)}, so that + * the current dialogue is automatically propagated to the next request. + * + * @param responseHolder object holding the HTTP servlet response + */ + void authenticate(ResponseHolder responseHolder); - public void loggedOut(SamlIdpSession session); + /** + * When the service provider receives a logout request from a service + * provider, this method is called. The implementation of this method must + * take for granted that the user has been logged out. + * + * @param session that has been removed + */ + void loggedOut(SamlIdpSession session); - public void singleLogoutSucceeded(ResponseHolder responseHolder); + /** + * This method is the asynchronous callbacks related to + * {@link SamlIdentityProviderApi#globalLogout()}. It is called when the + * global logout was successful. Before this callback is called, the dialogue + * that was active at the time of the API call is restored. An implementation + * of this method will typically redirect the user to a page where a message + * is shown that the user has been logged out. + * + * @param responseHolder object holding the HTTP servlet response + */ + void globalLogoutSucceeded(ResponseHolder responseHolder); - public void singleLogoutFailed(ResponseHolder responseHolder); + /** + * <p> + * This method is one of the asynchronous callbacks related to + * {@link SamlIdentityProviderApi#globalLogout}. It is called when the single + * logout was unsuccessful. Before this callback is called, the dialogue that + * was active at the time of the API call is restored. An implementation of + * this method will typically redirect the user to a page where a message is + * shown that the user could not be logged out. + * </p> + * + * <p> + * The fact that the single logout failed doesn't mean that all parts of the + * single logout failed. Possibly only one of the session participants + * couldn't perform a successful logout, while the others could. + * </p> + * + * @param responseHolder object holding the HTTP servlet response + */ + void globalLogoutFailed(ResponseHolder responseHolder); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -22,19 +22,20 @@ package org.jboss.seam.security.external.spi; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.saml.sp.SamlSpSession; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.saml.api.SamlSpSession; /** * Interface that needs to be implemented by applications that want to act as a * SAML service provider. It is the counterpart of the - * {@link SamlSingleUserServiceProviderApi}. + * {@link SamlServiceProviderApi}. * - * All methods in this interface are called within an active request scope, - * which contains a {@link ResponseHolder} bean that contains the HTTP response. - * The implementations of the methods are responsible to fill this response. - * Typically, this will entail a redirect to an application page. There is one - * exception: the implementation of the loggedOut method must not write to the - * HTTP response. + * Most methods in this interface have a responseHolder parameter, which + * contains the HTTP response. This is a way of handing over the control over + * the browser to the application. The application is responsible for writing + * the response (either a normal HTML response, or an error, or a redirect). + * Typically, the application will redirect the user to a URL within the + * application. * * @author Marcel Kolsteren * @@ -42,14 +43,15 @@ public interface SamlServiceProviderSpi { /** - * This method is called after succesfull external authentication of the + * This method is called after successful external authentication of the * user. The session contains the details about the user. The call takes * place in the same dialogue context as the corresponding API call: - * {@link SamlSingleUserServiceProviderApi#signOn(String)}. The dialogue can - * be used, for example, to store the page that the user requested, so that - * the user can be redirected to this page after login took place. + * {@link SamlServiceProviderApi#login}. The dialogue can be used, for + * example, to store the page that the user requested, so that the user can + * be redirected to this page after login took place. * * @param session session + * @param responseHolder object holding the HTTP servlet response */ void loginSucceeded(SamlSpSession session, ResponseHolder responseHolder); @@ -57,8 +59,17 @@ * This method is called after failed external authentication of the user. * The call takes place in the same dialogue context as the corresponding API * call. + * + * @param statusCodeLevel1 string indicating the top-level reason why the + * logout failed (see SAMLv2 core specification, section 3.2.2.2: + * top-level status code); it's required (never null) + * @param statusCodeLevel2 string indicating the second-level reason why the + * logout failed (see SAMLv2 core specification, section 3.2.2.2: + * second-level status code); it's optional (can be null) + * + * @param responseHolder object holding the HTTP servlet response */ - void loginFailed(ResponseHolder responseHolder); + void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder); /** * When the service provider receives an unsolicited login from an identity @@ -67,27 +78,30 @@ * @param session that has been created for this login * @param url URL where the user needs to be redirected to; this URL is * supplied by the identity provider and can be null + * @param responseHolder object holding the HTTP servlet response */ void loggedIn(SamlSpSession session, String url, ResponseHolder responseHolder); /** * This method is the asynchronous callbacks related to - * {@link SamlSingleUserServiceProviderApi#singleLogout()}. It is called when - * the single logout was successful. Before this callback is called, the - * dialogue that was active at the time of the API call is restored. An - * implementation of this method will typically redirect the user to a page - * where a message is shown that the user has been logged out. + * {@link SamlServiceProviderApi#globalLogout}. It is called when the single + * logout was successful. Before this callback is called, the dialogue that + * was active at the time of the API call is restored. An implementation of + * this method will typically redirect the user to a page where a message is + * shown that the user has been logged out. + * + * @param responseHolder object holding the HTTP servlet response */ void globalLogoutSucceeded(ResponseHolder responseHolder); /** * <p> * This method is one of the asynchronous callbacks related to - * {@link SamlSingleUserServiceProviderApi#singleLogout()}. It is called when - * the single logout was successful. Before this callback is called, the - * dialogue that was active at the time of the API call is restored. An - * implementation of this method will typically redirect the user to a page - * where a message is shown that the user could not be logged out. + * {@link SamlServiceProviderApi#globalLogout}. It is called when the single + * logout was unsuccessful. Before this callback is called, the dialogue that + * was active at the time of the API call is restored. An implementation of + * this method will typically redirect the user to a page where a message is + * shown that the user could not be logged out. * </p> * * <p> @@ -95,15 +109,21 @@ * single logout failed. Possibly only one of the session participants * couldn't perform a successful logout, while the others could. * </p> + * + * @param statusCodeLevel1 string indicating the top-level reason why the + * logout failed (see SAMLv2 core specification, section 3.2.2.2: + * top-level status code); it's required (never null) + * @param statusCodeLevel2 string indicating the second-level reason why the + * logout failed (see SAMLv2 core specification, section 3.2.2.2: + * second-level status code); it's optional (can be null) + * @param responseHolder object holding the HTTP servlet response */ - void globalLogoutFailed(String statusCode, ResponseHolder responseHolder); + void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder); /** * When the service provider receives a logout request from an identity * provider, this method is called. The implementation of this method must - * take for granted that the user has been logged off. The HTTP response must - * not be written during this call, because the service provider will use the - * HTTP response to send a response to the identity provider. + * take for granted that the user has been logged out. * * @param session that has been removed */ Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlSingleUserServiceProviderSpi.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,27 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.spi; - -public class SamlSingleUserServiceProviderSpi -{ - -} Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,47 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.virtualapplications; + +import java.util.HashSet; +import java.util.Set; + +import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationManagerCreation; + +/** + * @author Marcel Kolsteren + * + */ +public class AfterVirtualApplicationManagerCreationEvent implements AfterVirtualApplicationManagerCreation +{ + private Set<String> hostNames = new HashSet<String>(); + + public void addVirtualApplication(String hostName) + { + hostNames.add(hostName); + } + + public Set<String> getHostNames() + { + return hostNames; + } + +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/AfterVirtualApplicationManagerCreationEvent.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -0,0 +1,41 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.virtualapplications; + +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; + +@VirtualApplicationScoped +public class VirtualApplicationBean implements VirtualApplication +{ + private String hostName; + + public String getHostName() + { + return hostName; + } + + public void setHostName(String hostName) + { + this.hostName = hostName; + } +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationBean.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -33,9 +33,6 @@ import javax.servlet.ServletRequestEvent; import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation; -import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationManagerCreation; -import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationsCreation; -import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication; import org.jboss.seam.servlet.event.qualifier.Destroyed; import org.jboss.seam.servlet.event.qualifier.Initialized; import org.slf4j.Logger; @@ -54,7 +51,7 @@ private VirtualApplicationContextExtension virtualApplicationContextExtension; @Inject - private Instance<VirtualApplication> virtualApplication; + private Instance<VirtualApplicationBean> virtualApplication; @Inject private BeanManager beanManager; @@ -66,7 +63,7 @@ log.trace("Servlet initialized with event {}", e); getVirtualApplicationContext().initialize(e.getServletContext()); - AfterVirtualApplicationManagerCreation afterVirtualApplicationManagerCreation = new AfterVirtualApplicationManagerCreation(); + AfterVirtualApplicationManagerCreationEvent afterVirtualApplicationManagerCreation = new AfterVirtualApplicationManagerCreationEvent(); beanManager.fireEvent(afterVirtualApplicationManagerCreation); for (String hostName : afterVirtualApplicationManagerCreation.getHostNames()) @@ -77,7 +74,6 @@ beanManager.fireEvent(new AfterVirtualApplicationCreation()); getVirtualApplicationContext().detach(); } - beanManager.fireEvent(new AfterVirtualApplicationsCreation()); } protected void servletDestroyed(@Observes @Destroyed final ServletContextEvent e) Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationCreation.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -22,6 +22,9 @@ package org.jboss.seam.security.external.virtualapplications.api; /** + * Event that is fired after a virtual application has been created. For details + * about how to use this event, refer to {@link VirtualApplicationScoped}. + * * @author Marcel Kolsteren * */ Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationManagerCreation.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -21,30 +21,16 @@ */ package org.jboss.seam.security.external.virtualapplications.api; -import java.util.HashSet; -import java.util.Set; - /** + * Event that is fired after the virtual application manager has been created. + * Observers to this event can add virtual applications to the environment. For + * details about how to use this event, refer to + * {@link VirtualApplicationScoped}. + * * @author Marcel Kolsteren * */ -public class AfterVirtualApplicationManagerCreation +public interface AfterVirtualApplicationManagerCreation { - private Set<String> hostNames = new HashSet<String>(); - - public void addVirtualApplication(String hostName) - { - hostNames.add(hostName); - } - - public Set<String> getHostNames() - { - return hostNames; - } - - public void setHostNames(Set<String> hostNames) - { - this.hostNames = hostNames; - } - + void addVirtualApplication(String hostName); } Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/AfterVirtualApplicationsCreation.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -1,31 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.virtualapplications.api; - -/** - * @author Marcel Kolsteren - * - */ -public class AfterVirtualApplicationsCreation -{ - -} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplication.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -22,21 +22,15 @@ package org.jboss.seam.security.external.virtualapplications.api; /** + * This virtual application scoped bean is automatically created in the virtual + * application scope as soon as the virtual application is created. It can be + * used to get virtual application properties. For background about the virtual + * application scope, see {@link VirtualApplication}. + * * @author Marcel Kolsteren * */ -@VirtualApplicationScoped -public class VirtualApplication +public interface VirtualApplication { - private String hostName; - - public String getHostName() - { - return hostName; - } - - public void setHostName(String hostName) - { - this.hostName = hostName; - } + String getHostName(); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/api/VirtualApplicationScoped.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -30,6 +30,59 @@ import javax.enterprise.context.NormalScope; /** + * <p> + * The virtual application scope corresponds to a part of the application that + * serves a certain host name. It can be used for situations where a single + * application is used by different companies, each accessing the application + * using a host name that is part of the company's internet domain name. It is + * comparable to virtual hosting mechanisms that can be used to share one + * webserver with one IP-address by multiple companies. + * </p> + * + * <p> + * In the application context, one stores the configuration or data that is + * specific for one company using the application. In the context of Seam + * security, the virtual application context can be used to store the + * configuration of an OpenID or SAML entity that is specific for one + * hostName/company. + * </p> + * + * <p> + * Virtual applications need to be configured by adding the following observer + * to your application: + * + * <pre> + * public void virtualApplicationManagerCreated(@Observes final AfterVirtualApplicationManagerCreation event) + * { + * event.addVirtualApplication("www.company1.com"); + * event.addVirtualApplication("www.company2.com"); + * } + * </pre> + * + * </p> + * + * <p> + * If you need to configure an application scoped bean, for example a SAML + * service provider bean that is scoped to the virtual application context, you + * should do that by reacting on the {@link VirtualApplicationCreated} event, + * which is fired for each configured virtual application at application startup + * time. For example: + * + * <pre> + * public void customize(@Observes AfterVirtualApplicationCreation event, SamlServiceProviderConfigurationApi sp, VirtualApplication virtualApplication) + * { + * if (virtualApplication.getHostName().equals("www.sp2.com")) + * { + * sp.setPreferredBinding(SamlBinding.HTTP_Redirect); + * } + * sp.setSingleLogoutMessagesSigned(false); + * sp.setProtocol("http"); + * sp.setPort(8080); + * } + * </pre> + * + * </p> + * * @author Marcel Kolsteren * */ Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdProviderConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class OpCustomizer Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -29,11 +29,11 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.OpenIdProviderApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; +import org.jboss.seam.security.external.openid.api.OpenIdProviderApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.spi.OpenIdProviderSpi; import com.google.common.collect.Lists; @@ -79,7 +79,7 @@ { writeMessageToResponse("Please provide the password for " + userName + ".", responseHolder); } - dialogueId = dialogue.getDialogueId(); + dialogueId = dialogue.getId(); } private void writeMessageToResponse(String message, ResponseHolder responseHolder) @@ -102,6 +102,6 @@ public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder) { writeMessageToResponse("Please provide your " + requestedAttributes.get(0).getAlias() + ".", responseHolder); - dialogueId = dialogue.getDialogueId(); + dialogueId = dialogue.getId(); } } Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -26,11 +26,11 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.OpenIdPrincipal; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; -import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.openid.api.OpenIdPrincipal; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi; +import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; import com.google.common.collect.Lists; @@ -45,7 +45,7 @@ { if (fetchEmail) { - OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1); + OpenIdRequestedAttribute requestedAttribute = rpApi.createOpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1); rpApi.login(identifier, Lists.newArrayList(requestedAttribute), response); } else Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class RpCustomizer Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -24,7 +24,7 @@ import javax.enterprise.event.Observes; import javax.servlet.ServletContextEvent; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi; import org.jboss.seam.servlet.event.qualifier.Initialized; public class IdpCustomizer Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -28,13 +28,12 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; +import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlNameId; -import org.jboss.seam.security.external.dialogues.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.dialogues.api.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogued; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.saml.api.SamlIdpSession; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; import org.slf4j.Logger; @@ -57,7 +56,7 @@ public void authenticate(ResponseHolder responseHolder) { - dialogueId = dialogue.getDialogueId(); + dialogueId = dialogue.getId(); try { responseHolder.getResponse().getWriter().print("Please login"); @@ -70,7 +69,7 @@ public void handleLogin(String userName, HttpServletResponse response) { - SamlIdpSession session = idpApi.get().localLogin(new SamlNameId(userName, null, null), null); + SamlIdpSession session = idpApi.get().localLogin(idpApi.get().createNameId(userName, null, null), null); dialogueManager.attachDialogue(dialogueId); idpApi.get().authenticationSucceeded(session, response); dialogueManager.detachDialogue(); @@ -81,7 +80,7 @@ return idpApi.get().getSessions().size(); } - public void singleLogoutFailed(ResponseHolder responseHolder) + public void globalLogoutFailed(ResponseHolder responseHolder) { try { @@ -93,7 +92,7 @@ } } - public void singleLogoutSucceeded(ResponseHolder responseHolder) + public void globalLogoutSucceeded(ResponseHolder responseHolder) { try { Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -27,10 +27,10 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletResponse; +import org.jboss.seam.security.external.SamlMultiUserServiceProviderApi; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; -import org.jboss.seam.security.external.saml.sp.SamlSpSession; +import org.jboss.seam.security.external.saml.api.SamlSpSession; import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; import org.slf4j.Logger; @@ -50,7 +50,7 @@ spApi.get().login(idpEntityId, response); } - public void loginFailed(ResponseHolder responseHolder) + public void loginFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder) { writeMessageToResponse("login failed", responseHolder); } @@ -60,7 +60,7 @@ writeMessageToResponse("Login succeeded (" + session.getPrincipal().getNameId().getValue() + ")", responseHolder); } - public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder) + public void globalLogoutFailed(String statusCodeLevel1, String statusCodeLevel2, ResponseHolder responseHolder) { writeMessageToResponse("Single logout failed", responseHolder); } Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java 2010-09-21 12:37:23 UTC (rev 13772) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java 2010-09-23 23:01:20 UTC (rev 13773) @@ -23,8 +23,8 @@ import javax.enterprise.event.Observes; -import org.jboss.seam.security.external.api.SamlBinding; -import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; +import org.jboss.seam.security.external.saml.api.SamlBinding; +import org.jboss.seam.security.external.saml.api.SamlServiceProviderConfigurationApi; import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation; import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication; @@ -32,7 +32,7 @@ { public void customize(@Observes AfterVirtualApplicationCreation event, SamlServiceProviderConfigurationApi sp, VirtualApplication virtualApplication) { - if (virtualApplication.equals("www.sp2.com")) + if (virtualApplication.getHostName().equals("www.sp2.com")) { sp.setPreferredBinding(SamlBinding.HTTP_Redirect); }

14 years, 3 months

1
0
0 / 0

Seam SVN: r13772 - in modules/security/trunk/examples: openid-op/src/main/java/org/jboss/seam/security/examples/openid and 6 other directories.

by seam-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2010-09-21 08:37:23 -0400 (Tue, 21 Sep 2010) New Revision: 13772 Removed: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java Modified: modules/security/trunk/examples/openid-op/pom.xml modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java modules/security/trunk/examples/openid-rp/pom.xml modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java modules/security/trunk/examples/saml-idp/pom.xml modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java modules/security/trunk/examples/saml-sp/pom.xml modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java Log: Updated SAML and OpenID sample applications, because of changes in the external authentication API and SPI. Modified: modules/security/trunk/examples/openid-op/pom.xml =================================================================== --- modules/security/trunk/examples/openid-op/pom.xml 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-op/pom.xml 2010-09-21 12:37:23 UTC (rev 13772) @@ -15,8 +15,6 @@ </parent> <properties> - <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> - <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version> </properties> Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -29,7 +29,9 @@ import java.util.Map; import javax.enterprise.inject.Model; +import javax.faces.context.ExternalContext; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; @@ -46,6 +48,9 @@ @Inject private OpenIdProviderApi providerApi; + @Inject + private ExternalContext externalContext; + public void setRequestedAttributes(List<OpenIdRequestedAttribute> requestedAttributes) { attributeVOs = new LinkedList<AttributeVO>(); @@ -73,6 +78,6 @@ attributeValues.put(attributeVO.getRequestedAttribute().getAlias(), Arrays.asList(attributeVO.getAttributeValue())); } } - providerApi.setAttributes(attributeValues); + providerApi.setAttributes(attributeValues, (HttpServletResponse) externalContext.getResponse()); } } Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -25,10 +25,11 @@ import javax.faces.application.ViewHandlerWrapper; import javax.faces.context.FacesContext; import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.DialogueFilter; +import org.jboss.seam.security.external.ResponseHolderImpl; +import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.dialogues.DialogueBeanProvider; -import org.jboss.seam.security.external.dialogues.api.Dialogue; /** * @author Marcel Kolsteren @@ -36,10 +37,6 @@ */ public class DialogueAwareViewHandler extends ViewHandlerWrapper { - private static final String QUERY_STRING_DELIMITER = "?"; - private static final String PARAMETER_PAIR_DELIMITER = "&"; - private static final String PARAMETER_ASSIGNMENT_OPERATOR = "="; - private ViewHandler delegate; public DialogueAwareViewHandler(ViewHandler delegate) @@ -54,8 +51,9 @@ ServletContext servletContext = (ServletContext) facesContext.getExternalContext().getContext(); if (DialogueBeanProvider.dialogueManager(servletContext).isAttached()) { - Dialogue dialogue = DialogueBeanProvider.dialogue(servletContext); - return appendDialogueIdIfNecessary(actionUrl, facesContext, dialogue.getDialogueId()); + String dialogueId = DialogueBeanProvider.dialogue(servletContext).getDialogueId(); + ResponseHolder responseHolder = new ResponseHolderImpl((HttpServletResponse) facesContext.getExternalContext().getResponse(), dialogueId); + return responseHolder.addDialogueIdToUrl(actionUrl); } else { @@ -63,18 +61,6 @@ } } - public String appendDialogueIdIfNecessary(String url, FacesContext facesContext, String cid) - { - String paramName = DialogueFilter.DIALOGUE_ID_PARAM; - int queryStringIndex = url.indexOf(QUERY_STRING_DELIMITER); - if (queryStringIndex < 0 || url.indexOf(paramName + PARAMETER_ASSIGNMENT_OPERATOR, queryStringIndex) < 0) - { - url = new StringBuilder(url).append(queryStringIndex < 0 ? QUERY_STRING_DELIMITER : PARAMETER_PAIR_DELIMITER).append(paramName).append(PARAMETER_ASSIGNMENT_OPERATOR).append(cid).toString(); - } - return url; - - } - /** * @see {@link ViewHandlerWrapper#getWrapped()} */ Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -22,7 +22,9 @@ package org.jboss.seam.security.examples.openid; import javax.enterprise.inject.Model; +import javax.faces.context.ExternalContext; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.dialogues.DialogueManager; @@ -45,6 +47,9 @@ @Inject private Identity identity; + @Inject + private ExternalContext externalContext; + public String getUserName() { return userName; @@ -86,7 +91,7 @@ identity.localLogin(userName); if (dialogueManager.isAttached()) { - opApi.authenticationSucceeded(userName); + opApi.authenticationSucceeded(userName, (HttpServletResponse) externalContext.getResponse()); return null; } else @@ -99,7 +104,7 @@ { if (dialogueManager.isAttached()) { - opApi.authenticationFailed(); + opApi.authenticationFailed((HttpServletResponse) externalContext.getResponse()); } else { Modified: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -31,15 +31,11 @@ import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.spi.OpenIdProviderSpi; public class OpenIdProviderSpiImpl implements OpenIdProviderSpi { @Inject - private ResponseHolder responseHolder; - - @Inject private ServletContext servletContext; @Inject @@ -49,16 +45,13 @@ private OpenIdProviderApi opApi; @Inject - private Dialogue dialogue; - - @Inject private Attributes attributes; - public void authenticate(String realm, String userName, boolean immediate) + public void authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder) { if (identity.isLoggedIn() && userName != null && !userName.equals(identity.getUserName())) { - opApi.authenticationFailed(); + opApi.authenticationFailed(responseHolder.getResponse()); } else { @@ -66,13 +59,13 @@ { StringBuilder url = new StringBuilder(); url.append(servletContext.getContextPath()); - url.append("/Login.jsf?dialogueId=").append((dialogue.getDialogueId())); - url.append("&realm=").append(URLEncoder.encode(realm, "UTF-8")); + url.append("/Login.jsf"); + url.append("?realm=").append(URLEncoder.encode(realm, "UTF-8")); if (userName != null) { url.append("&userName=").append(URLEncoder.encode(userName, "UTF-8")); } - responseHolder.getResponse().sendRedirect(url.toString()); + responseHolder.redirectWithDialoguePropagation(url.toString()); } catch (IOException e) { @@ -81,17 +74,10 @@ } } - public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes) + public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder) { attributes.setRequestedAttributes(requestedAttributes); - try - { - responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Attributes.jsf?dialogueId=" + dialogue.getDialogueId()); - } - catch (IOException e) - { - throw new RuntimeException(e); - } + responseHolder.redirectWithDialoguePropagation(servletContext.getContextPath() + "/Attributes.jsf"); } public boolean userExists(String userName) Modified: modules/security/trunk/examples/openid-rp/pom.xml =================================================================== --- modules/security/trunk/examples/openid-rp/pom.xml 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-rp/pom.xml 2010-09-21 12:37:23 UTC (rev 13772) @@ -17,6 +17,7 @@ <properties> <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> + <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version> </properties> <build> @@ -38,12 +39,34 @@ </dependency> <dependency> + <groupId>org.jboss.weld</groupId> + <artifactId>weld-extensions</artifactId> + <version>${weld.extensions.version}</version> + </dependency> + + <dependency> <groupId>org.jboss.seam.servlet</groupId> <artifactId>seam-servlet</artifactId> <version>3.0.0-SNAPSHOT</version> </dependency> <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces-api</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.weld</groupId> + <artifactId>weld-extensions</artifactId> + <version>${weld.extensions.version}</version> + </dependency> + + <dependency> <groupId>javax.enterprise</groupId> <artifactId>cdi-api</artifactId> <scope>provided</scope> Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -27,9 +27,11 @@ import javax.enterprise.context.SessionScoped; import javax.faces.application.FacesMessage; +import javax.faces.context.ExternalContext; import javax.faces.context.FacesContext; import javax.inject.Inject; import javax.inject.Named; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; @@ -46,6 +48,9 @@ @Inject private OpenIdRelyingPartyApi openIdApi; + @Inject + private ExternalContext externalContext; + public OpenIdPrincipal getOpenIdPrincipal() { return openIdPrincipal; @@ -57,7 +62,7 @@ { List<OpenIdRequestedAttribute> attributes = new LinkedList<OpenIdRequestedAttribute>(); attributes.add(new OpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null)); - openIdApi.login(openId, attributes); + openIdApi.login(openId, attributes, (HttpServletResponse) externalContext.getResponse()); } else { Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -33,15 +33,12 @@ public class OpenIdRelyingPartySpiImpl implements OpenIdRelyingPartySpi { @Inject - private ResponseHolder responseHolder; - - @Inject private ServletContext servletContext; @Inject private Identity identity; - public void loginSucceeded(OpenIdPrincipal principal) + public void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder) { try { @@ -54,7 +51,7 @@ } } - public void loginFailed(String message) + public void loginFailed(String message, ResponseHolder responseHolder) { try { Modified: modules/security/trunk/examples/saml-idp/pom.xml =================================================================== --- modules/security/trunk/examples/saml-idp/pom.xml 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/pom.xml 2010-09-21 12:37:23 UTC (rev 13772) @@ -14,6 +14,11 @@ <relativePath>../../pom.xml</relativePath> </parent> + <properties> + <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> + <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version> + </properties> + <build> <finalName>saml-idp</finalName> </build> @@ -33,12 +38,28 @@ </dependency> <dependency> + <groupId>org.jboss.weld</groupId> + <artifactId>weld-extensions</artifactId> + <version>${weld.extensions.version}</version> + </dependency> + + <dependency> <groupId>org.jboss.seam.servlet</groupId> <artifactId>seam-servlet</artifactId> <version>3.0.0-SNAPSHOT</version> </dependency> <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces-api</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + </dependency> + + <dependency> <groupId>javax.enterprise</groupId> <artifactId>cdi-api</artifactId> <scope>provided</scope> Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -35,7 +35,7 @@ import javax.faces.context.FacesContext; import javax.inject.Inject; -import org.jboss.seam.security.external.api.SamlEntityConfigurationApi; +import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; import org.jboss.seam.security.external.saml.SamlExternalEntity; @Model @@ -44,7 +44,7 @@ private String spMetaDataUrl; @Inject - private SamlEntityConfigurationApi samlEntityConfig; + private SamlIdentityProviderConfigurationApi idpConfigApi; public String getSpMetaDataUrl() { @@ -65,7 +65,7 @@ urlConnection.setConnectTimeout(3000); urlConnection.setReadTimeout(3000); Reader reader = new InputStreamReader(urlConnection.getInputStream()); - SamlExternalEntity samlEntity = samlEntityConfig.addExternalSamlEntity(reader); + SamlExternalEntity samlEntity = idpConfigApi.addExternalSamlEntity(reader); FacesMessage facesMessage = new FacesMessage("SAML entity " + samlEntity.getEntityId() + " has been added."); FacesContext.getCurrentInstance().addMessage(null, facesMessage); @@ -84,13 +84,13 @@ public String getMetaDataUrl() { - return samlEntityConfig.getMetaDataURL(); + return idpConfigApi.getMetaDataURL(); } public List<String> getSpEntityIds() { List<String> entityIds = new LinkedList<String>(); - for (SamlExternalEntity entity : samlEntityConfig.getExternalSamlEntities()) + for (SamlExternalEntity entity : idpConfigApi.getExternalSamlEntities()) { entityIds.add(entity.getEntityId()); } Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -23,9 +23,11 @@ import java.io.Serializable; +import javax.faces.context.ExternalContext; import javax.faces.context.FacesContext; import javax.inject.Inject; import javax.inject.Named; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlIdentityProviderApi; import org.jboss.seam.security.external.api.SamlNameId; @@ -39,6 +41,9 @@ @Inject private SamlIdentityProviderApi samlIdp; + @Inject + private ExternalContext externalContext; + public void localLogin(String userName) { samlIdp.localLogin(new SamlNameId(userName, null, null), null); @@ -46,7 +51,7 @@ public void remoteLogin(String spEntityId) { - samlIdp.remoteLogin(spEntityId, null); + samlIdp.remoteLogin(spEntityId, null, (HttpServletResponse) externalContext.getResponse()); } public void localLogout() @@ -56,7 +61,7 @@ public void globalLogout() { - samlIdp.globalLogout(); + samlIdp.globalLogout((HttpServletResponse) externalContext.getResponse()); } public boolean isLoggedIn() Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -22,7 +22,9 @@ package org.jboss.seam.security.examples.id_provider; import javax.enterprise.inject.Model; +import javax.faces.context.ExternalContext; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlIdentityProviderApi; import org.jboss.seam.security.external.dialogues.DialogueManager; @@ -43,6 +45,9 @@ @Inject private Identity identity; + @Inject + private ExternalContext externalContext; + public String getUserName() { return userName; @@ -69,7 +74,7 @@ if (dialogueId != null) { dialogueManager.attachDialogue(dialogueId); - samlIdentityProviderApi.authenticationSucceeded(); + samlIdentityProviderApi.authenticationSucceeded((HttpServletResponse) externalContext.getResponse()); dialogueManager.detachDialogue(); return "SAML_LOGIN"; } @@ -84,7 +89,7 @@ if (dialogueId != null) { dialogueManager.attachDialogue(dialogueId); - samlIdentityProviderApi.authenticationFailed(); + samlIdentityProviderApi.authenticationFailed((HttpServletResponse) externalContext.getResponse()); dialogueManager.detachDialogue(); } else Deleted: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -1,46 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.examples.id_provider; - -import javax.enterprise.event.Observes; -import javax.faces.context.ExternalContext; -import javax.faces.context.FacesContext; -import javax.inject.Inject; -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; - -public class RequestObserver -{ - @Inject - private ResponseHolder responseHolder; - - public void dialogueCreated(@Observes AfterDialogueActivation event) - { - if (FacesContext.getCurrentInstance() != null) - { - ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); - responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); - } - } -} \ No newline at end of file Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -28,7 +28,6 @@ import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.saml.idp.SamlIdpSession; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; import org.slf4j.Logger; @@ -39,40 +38,27 @@ private Logger log; @Inject - private ResponseHolder responseHolder; - - @Inject private ServletContext servletContext; @Inject - private Dialogue dialogue; - - @Inject private Identity identity; @Inject private SamlIdentityProviderApi idpApi; - public void authenticate() + public void authenticate(ResponseHolder responseHolder) { if (identity.isLoggedIn()) { - idpApi.authenticationSucceeded(); + idpApi.authenticationSucceeded(responseHolder.getResponse()); } else { - try - { - responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf?dialogueId=" + dialogue.getDialogueId()); - } - catch (IOException e) - { - throw new RuntimeException(e); - } + responseHolder.redirectWithDialoguePropagation(servletContext.getContextPath() + "/Login.jsf"); } } - public void singleLogoutFailed() + public void singleLogoutFailed(ResponseHolder responseHolder) { try { @@ -84,7 +70,7 @@ } } - public void singleLogoutSucceeded() + public void singleLogoutSucceeded(ResponseHolder responseHolder) { try { Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -25,7 +25,9 @@ import java.util.List; import javax.enterprise.inject.Model; +import javax.faces.context.ExternalContext; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlIdentityProviderApi; import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; @@ -40,6 +42,9 @@ @Inject private SamlIdentityProviderConfigurationApi idpConfApi; + @Inject + private ExternalContext externalContext; + public List<String> getNonParticipatingServiceProviders() { List<String> serviceProviders = new LinkedList<String>(); @@ -77,6 +82,6 @@ { throw new RuntimeException("No local SAML session."); } - idpApi.remoteLogin(spEntityId, null); + idpApi.remoteLogin(spEntityId, null, (HttpServletResponse) externalContext.getResponse()); } } Modified: modules/security/trunk/examples/saml-sp/pom.xml =================================================================== --- modules/security/trunk/examples/saml-sp/pom.xml 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-sp/pom.xml 2010-09-21 12:37:23 UTC (rev 13772) @@ -17,6 +17,7 @@ <properties> <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> + <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version> </properties> <build> @@ -38,12 +39,28 @@ </dependency> <dependency> + <groupId>org.jboss.weld</groupId> + <artifactId>weld-extensions</artifactId> + <version>${weld.extensions.version}</version> + </dependency> + + <dependency> <groupId>org.jboss.seam.servlet</groupId> <artifactId>seam-servlet</artifactId> <version>3.0.0-SNAPSHOT</version> </dependency> <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces-api</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + </dependency> + + <dependency> <groupId>javax.enterprise</groupId> <artifactId>cdi-api</artifactId> <scope>provided</scope> Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -35,7 +35,7 @@ import javax.faces.context.FacesContext; import javax.inject.Inject; -import org.jboss.seam.security.external.api.SamlEntityConfigurationApi; +import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; import org.jboss.seam.security.external.saml.SamlExternalEntity; @Model @@ -44,7 +44,7 @@ private String idpMetaDataUrl; @Inject - private SamlEntityConfigurationApi samlEntityConfig; + private SamlServiceProviderConfigurationApi spConfigApi; public String getIdpMetaDataUrl() { @@ -65,7 +65,7 @@ urlConnection.setConnectTimeout(3000); urlConnection.setReadTimeout(3000); Reader reader = new InputStreamReader(urlConnection.getInputStream()); - SamlExternalEntity samlEntity = samlEntityConfig.addExternalSamlEntity(reader); + SamlExternalEntity samlEntity = spConfigApi.addExternalSamlEntity(reader); FacesMessage facesMessage = new FacesMessage("SAML entity " + samlEntity.getEntityId() + " has been added."); FacesContext.getCurrentInstance().addMessage(null, facesMessage); @@ -84,13 +84,13 @@ public String getMetaDataUrl() { - return samlEntityConfig.getMetaDataURL(); + return spConfigApi.getMetaDataURL(); } public List<String> getIdpEntityIds() { List<String> entityIds = new LinkedList<String>(); - for (SamlExternalEntity entity : samlEntityConfig.getExternalSamlEntities()) + for (SamlExternalEntity entity : spConfigApi.getExternalSamlEntities()) { entityIds.add(entity.getEntityId()); } Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -23,8 +23,10 @@ import javax.enterprise.inject.Model; import javax.faces.application.FacesMessage; +import javax.faces.context.ExternalContext; import javax.faces.context.FacesContext; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlServiceProviderApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; @@ -36,12 +38,15 @@ @Inject private SamlServiceProviderApi samlSpApi; + @Inject + private ExternalContext externalContext; + @Dialogued public void login(String idpEntityId) { if (!isLoggedIn()) { - samlSpApi.login(idpEntityId); + samlSpApi.login(idpEntityId, (HttpServletResponse) externalContext.getResponse()); } else { @@ -72,7 +77,7 @@ { if (samlSpApi.getSession() != null) { - samlSpApi.globalLogout(); + samlSpApi.globalLogout((HttpServletResponse) externalContext.getResponse()); } } else Deleted: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -1,47 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.examples.id_consumer; - -import javax.enterprise.event.Observes; -import javax.faces.context.ExternalContext; -import javax.faces.context.FacesContext; -import javax.inject.Inject; -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; - -public class RequestObserver -{ - @Inject - private ResponseHolder responseHolder; - - public void dialogueCreated(@Observes AfterDialogueActivation event) - { - if (FacesContext.getCurrentInstance() != null) - { - ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); - responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); - } - } - -} Modified: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-21 12:35:01 UTC (rev 13771) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-21 12:37:23 UTC (rev 13772) @@ -38,15 +38,12 @@ SamlServiceProviderApi samlServiceProviderApi; @Inject - ResponseHolder responseHolder; - - @Inject private Logger log; @Inject private ServletContext servletContext; - public void loginSucceeded(SamlSpSession session) + public void loginSucceeded(SamlSpSession session, ResponseHolder responseHolder) { try { @@ -58,7 +55,7 @@ } } - public void loginFailed() + public void loginFailed(ResponseHolder responseHolder) { try { @@ -70,7 +67,7 @@ } } - public void globalLogoutFailed(String statusCode) + public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder) { try { @@ -82,7 +79,7 @@ } } - public void globalLogoutSucceeded() + public void globalLogoutSucceeded(ResponseHolder responseHolder) { try { @@ -94,7 +91,7 @@ } } - public void loggedIn(SamlSpSession session, String url) + public void loggedIn(SamlSpSession session, String url, ResponseHolder responseHolder) { try {

14 years, 3 months

1
0
0 / 0

Seam SVN: r13771 - in modules/security/trunk/external/src: main/java/org/jboss/seam/security/external/api and 14 other directories.

by seam-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2010-09-21 08:35:01 -0400 (Tue, 21 Sep 2010) New Revision: 13771 Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ContextualInstanceImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/HashMapBeanStore.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java Removed: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContextManagerImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/AfterDialogueActivation.java Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContext.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlServlet.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationContext.java modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java Log: External authentication changes: - Removed dependencies on Weld implementation classes - Added HTTP servlet response parameters to API and SPI methods (previously the response was shared by means of a request scoped ResponseHolder bean) Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -1,86 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external; - -import java.io.IOException; - -import javax.inject.Inject; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.annotation.WebFilter; -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.DialogueManager; - -@WebFilter(filterName = "DialogueFilter", urlPatterns = "/*") -public class DialogueFilter implements Filter -{ - public final static String DIALOGUE_ID_PARAM = "dialogueId"; - - @Inject - private DialogueManager manager; - - @Inject - private ResponseHolder responseHolder; - - public void init(FilterConfig filterConfig) throws ServletException - { - } - - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException - { - responseHolder.setResponse((HttpServletResponse) response); - - if (manager.isAttached()) - { - manager.detachDialogue(); - } - - String dialogueId = request.getParameter(DIALOGUE_ID_PARAM); - - if (dialogueId != null) - { - if (!manager.isExistingDialogue(dialogueId)) - { - ((HttpServletResponse) response).sendError(HttpServletResponse.SC_BAD_REQUEST, "dialogue " + dialogueId + " does not exist"); - return; - } - manager.attachDialogue(dialogueId); - } - - chain.doFilter(request, response); - - if (manager.isAttached()) - { - manager.detachDialogue(); - } - } - - public void destroy() - { - } -} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHandler.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -5,8 +5,10 @@ import java.io.Writer; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.saml.SamlMessage; import org.jboss.seam.security.external.saml.SamlPostMessage; import org.jboss.seam.security.external.saml.SamlRedirectMessage; @@ -18,9 +20,12 @@ public class ResponseHandler { @Inject - private ResponseHolder responseHolder; + private DialogueManager dialogueManager; - public void sendFormToUserAgent(String destination, SamlPostMessage message) + @Inject + private Dialogue dialogue; + + public void sendFormToUserAgent(String destination, SamlPostMessage message, HttpServletResponse response) { String key = message.getRequestOrResponse().isRequest() ? SamlMessage.QSP_SAML_REQUEST : SamlMessage.QSP_SAML_RESPONSE; @@ -47,16 +52,16 @@ } builder.append("</FORM></BODY></HTML>"); - PrintWriter writer = getWriter(); + PrintWriter writer = getWriter(response); writer.print(builder.toString()); writer.flush(); } - public void sendHttpRedirectToUserAgent(String url) + public void sendHttpRedirectToUserAgent(String url, HttpServletResponse response) { try { - responseHolder.getResponse().sendRedirect(url); + response.sendRedirect(url); } catch (IOException e) { @@ -64,17 +69,17 @@ } } - public void sendHttpRedirectToUserAgent(String location, SamlRedirectMessage redirectMessage) + public void sendHttpRedirectToUserAgent(String location, SamlRedirectMessage redirectMessage, HttpServletResponse response) { String url = location + "?" + redirectMessage.createQueryString(); - sendHttpRedirectToUserAgent(url); + sendHttpRedirectToUserAgent(url, response); } - public void sendError(int statusCode, String message) + public void sendError(int statusCode, String message, HttpServletResponse response) { try { - responseHolder.getResponse().sendError(statusCode, message); + response.sendError(statusCode, message); } catch (IOException e) { @@ -82,11 +87,11 @@ } } - private PrintWriter getWriter() + private PrintWriter getWriter(HttpServletResponse response) { try { - return responseHolder.getResponse().getWriter(); + return response.getWriter(); } catch (IOException e) { @@ -94,9 +99,19 @@ } } - public Writer getWriter(String mimeType) + public Writer getWriter(String mimeType, HttpServletResponse response) { - responseHolder.getResponse().setContentType(mimeType); - return getWriter(); + response.setContentType(mimeType); + return getWriter(response); } + + public ResponseHolderImpl createResponseHolder(HttpServletResponse response) + { + String dialogueId = null; + if (dialogueManager.isAttached()) + { + dialogueId = dialogue.getDialogueId(); + } + return new ResponseHolderImpl(response, dialogueId); + } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/ResponseHolderImpl.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -21,27 +21,64 @@ */ package org.jboss.seam.security.external; -import javax.enterprise.context.RequestScoped; +import java.io.IOException; + import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.DialogueFilter; /** * @author Marcel Kolsteren * */ -@RequestScoped public class ResponseHolderImpl implements ResponseHolder { - private HttpServletResponse httpServletResponse; + private HttpServletResponse response; + private String dialogueId; + + public ResponseHolderImpl(HttpServletResponse response, String dialogueId) + { + this.response = response; + this.dialogueId = dialogueId; + } + public HttpServletResponse getResponse() { - return httpServletResponse; + return response; } public void setResponse(HttpServletResponse response) { - httpServletResponse = response; + this.response = response; } + + public void redirectWithDialoguePropagation(String url) + { + if (dialogueId != null) + { + url = addDialogueIdToUrl(url); + } + String encodedUrl = response.encodeURL(url); + try + { + response.sendRedirect(encodedUrl); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public String addDialogueIdToUrl(String url) + { + String paramName = DialogueFilter.DIALOGUE_ID_PARAM; + int queryStringIndex = url.indexOf("?"); + if (queryStringIndex < 0 || url.indexOf(paramName + "=", queryStringIndex) < 0) + { + url = new StringBuilder(url).append(queryStringIndex < 0 ? "?" : "&").append(paramName).append("=").append(dialogueId).toString(); + } + return url; + } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -24,17 +24,19 @@ import java.util.List; import java.util.Map; +import javax.servlet.http.HttpServletResponse; + /** * @author Marcel Kolsteren * */ public interface OpenIdProviderApi { - void authenticationSucceeded(String userName); + void authenticationSucceeded(String userName, HttpServletResponse response); - void authenticationFailed(); + void authenticationFailed(HttpServletResponse response); - void setAttributes(Map<String, List<String>> attributeValues); + void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response); String getOpLocalIdentifierForUserName(String userName); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -23,6 +23,8 @@ import java.util.List; +import javax.servlet.http.HttpServletResponse; + /** * @author Marcel Kolsteren * @@ -37,5 +39,5 @@ * has an account) * @param attributes attributes that are requested */ - void login(String identifier, List<OpenIdRequestedAttribute> attributes); + void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/ResponseHolder.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -32,4 +32,8 @@ void setResponse(HttpServletResponse response); HttpServletResponse getResponse(); + + void redirectWithDialoguePropagation(String url); + + String addDialogueIdToUrl(String url); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlIdentityProviderApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -23,6 +23,8 @@ import java.util.List; +import javax.servlet.http.HttpServletResponse; + import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; import org.jboss.seam.security.external.saml.idp.SamlIdpSession; import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; @@ -61,7 +63,7 @@ * @param remoteUrl the URL where the user agent needs to be redirected to by * the service provider (can be null) */ - void remoteLogin(String spEntityId, String remoteUrl); + void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response); /** * This is one of the possible responses that relate to the SPI call @@ -71,7 +73,7 @@ * service provider, using the local SAML session, which must have been * established before this call is done. */ - void authenticationSucceeded(); + void authenticationSucceeded(HttpServletResponse response); /** * This is one of the possible responses that relate to the SPI call @@ -80,7 +82,7 @@ * identity provider to send a positive authentication result back to the * service provider. */ - void authenticationFailed(); + void authenticationFailed(HttpServletResponse response); /** * Gets the current SAML session. This contains information about the logged @@ -106,5 +108,5 @@ * participate in the current session. The result of the global logout is * reported asynchronously through the SPI. */ - void globalLogout(); + void globalLogout(HttpServletResponse response); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserIdentityProviderApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -24,6 +24,8 @@ import java.util.List; import java.util.Set; +import javax.servlet.http.HttpServletResponse; + import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType; import org.jboss.seam.security.external.saml.idp.SamlIdpSession; @@ -33,17 +35,17 @@ */ public interface SamlMultiUserIdentityProviderApi { - void authenticationSucceeded(SamlIdpSession session); + void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response); - void authenticationFailed(); + void authenticationFailed(HttpServletResponse response); Set<SamlIdpSession> getSessions(); SamlIdpSession localLogin(SamlNameId nameId, List<AttributeType> attributes); - void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl); + void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response); void localLogout(SamlIdpSession session); - void globalLogout(SamlIdpSession session); + void globalLogout(SamlIdpSession session, HttpServletResponse response); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlMultiUserServiceProviderApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -23,6 +23,8 @@ import java.util.Set; +import javax.servlet.http.HttpServletResponse; + import org.jboss.seam.security.external.saml.sp.SamlSpSession; /** @@ -31,11 +33,11 @@ */ public interface SamlMultiUserServiceProviderApi { - public void login(String idpEntityId); + public void login(String idpEntityId, HttpServletResponse response); public void localLogout(SamlSpSession session); - public void globalLogout(SamlSpSession session); + public void globalLogout(SamlSpSession session, HttpServletResponse response); public Set<SamlSpSession> getSessions(); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/SamlServiceProviderApi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -21,6 +21,8 @@ */ package org.jboss.seam.security.external.api; +import javax.servlet.http.HttpServletResponse; + import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.saml.sp.SamlSpInApplicationScopeProducer; import org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer; @@ -76,7 +78,7 @@ * * @param idpEntityId */ - public void login(String idpEntityId); + public void login(String idpEntityId, HttpServletResponse response); /** * <p> @@ -105,7 +107,7 @@ * active when the SPI method is called. This allows the API client to store * state information in the dialogue. */ - public void globalLogout(); + public void globalLogout(HttpServletResponse response); /** * Gets the current session (login). If there is no active session, null is Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ContextualInstanceImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ContextualInstanceImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ContextualInstanceImpl.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -0,0 +1,59 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.contexts; + +import javax.enterprise.context.spi.Contextual; +import javax.enterprise.context.spi.CreationalContext; + +import org.jboss.weld.context.api.ContextualInstance; + +public class ContextualInstanceImpl<T> implements ContextualInstance<T> +{ + private Contextual<T> contextual; + + private CreationalContext<T> creationalContext; + + private T instance; + + public ContextualInstanceImpl(Contextual<T> contextual, CreationalContext<T> creationalContext, T instance) + { + this.contextual = contextual; + this.creationalContext = creationalContext; + this.instance = instance; + } + + public Contextual<T> getContextual() + { + return contextual; + } + + public CreationalContext<T> getCreationalContext() + { + return creationalContext; + } + + public T getInstance() + { + return instance; + } + +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/ContextualInstanceImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/HashMapBeanStore.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/HashMapBeanStore.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/HashMapBeanStore.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -0,0 +1,75 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.contexts; + +import java.util.HashMap; +import java.util.Map; + +import javax.enterprise.context.spi.Contextual; + +import org.jboss.weld.context.api.ContextualInstance; + +/** + * Non-serializable bean store, based on a hash map. This bean store should not + * be used for passivating scopes! + * + * @author Marcel Kolsteren + * + */ +public class HashMapBeanStore +{ + private static final long serialVersionUID = -8676730520345382886L; + + protected Map<Contextual<?>, ContextualInstance<? extends Object>> contextualInstanceMap; + + public HashMapBeanStore() + { + contextualInstanceMap = new HashMap<Contextual<?>, ContextualInstance<? extends Object>>(); + } + + public <T extends Object> ContextualInstance<T> get(Contextual<T> contextual) + { + @SuppressWarnings("unchecked") + ContextualInstance<T> instance = (ContextualInstance<T>) contextualInstanceMap.get(contextual); + return instance; + } + + private <T> void destroy(Contextual<T> contextual) + { + ContextualInstance<T> beanInstance = get(contextual); + beanInstance.getContextual().destroy(beanInstance.getInstance(), beanInstance.getCreationalContext()); + } + + public void clear() + { + for (Contextual<?> contextual : contextualInstanceMap.keySet()) + { + destroy(contextual); + } + contextualInstanceMap.clear(); + } + + public <T> void put(Contextual<T> contextual, ContextualInstance<T> beanInstance) + { + contextualInstanceMap.put(contextual, beanInstance); + } +} Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/contexts/HashMapBeanStore.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContext.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContext.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContext.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -21,46 +21,51 @@ */ package org.jboss.seam.security.external.dialogues; +import java.lang.annotation.Annotation; import java.util.UUID; +import javax.enterprise.context.ContextNotActiveException; +import javax.enterprise.context.spi.Context; +import javax.enterprise.context.spi.Contextual; +import javax.enterprise.context.spi.CreationalContext; import javax.servlet.ServletContext; +import org.jboss.seam.security.external.contexts.ContextualInstanceImpl; +import org.jboss.seam.security.external.contexts.HashMapBeanStore; import org.jboss.seam.security.external.dialogues.api.DialogueScoped; -import org.jboss.weld.context.AbstractMapContext; -import org.jboss.weld.context.api.BeanStore; -import org.jboss.weld.context.beanstore.HashMapBeanStore; +import org.jboss.weld.context.api.ContextualInstance; /** * @author Marcel Kolsteren * */ -public class DialogueContext extends AbstractMapContext +public class DialogueContext implements Context { private static final String BEAN_STORE_ATTRIBUTE_NAME_PREFIX = "DialogueContextBeanStore"; + private ServletContext servletContext; + private final ThreadLocal<String> dialogueIdThreadLocal; public DialogueContext() { - super(DialogueScoped.class); dialogueIdThreadLocal = new ThreadLocal<String>(); } - @Override - protected BeanStore getBeanStore() + protected HashMapBeanStore getBeanStore() { return getBeanStore(dialogueIdThreadLocal.get()); } - private BeanStore getBeanStore(String dialogueId) + private HashMapBeanStore getBeanStore(String dialogueId) { - BeanStore beanStore = (BeanStore) servletContext.getAttribute(getAttributeName(dialogueId)); + HashMapBeanStore beanStore = (HashMapBeanStore) servletContext.getAttribute(getAttributeName(dialogueId)); return beanStore; } private void createBeanStore(String dialogueId) { - BeanStore beanStore = new HashMapBeanStore(); + HashMapBeanStore beanStore = new HashMapBeanStore(); servletContext.setAttribute(getAttributeName(dialogueId), beanStore); } @@ -74,13 +79,6 @@ return BEAN_STORE_ATTRIBUTE_NAME_PREFIX + "_" + dialogueId; } - @Override - protected boolean isCreationLockRequired() - { - // TODO: find out whether the creation lock is required - return false; - } - public void initialize(ServletContext servletContext) { this.servletContext = servletContext; @@ -107,15 +105,14 @@ this.dialogueIdThreadLocal.set(dialogueId); createBeanStore(dialogueId); - setActive(true); return dialogueId; } public void remove() { + getBeanStore().clear(); removeBeanStore(this.dialogueIdThreadLocal.get()); this.dialogueIdThreadLocal.set(null); - setActive(false); } public boolean isExistingDialogue(String dialogueId) @@ -124,7 +121,7 @@ } /** - * Attaches an existing request to the current thread + * Attaches an existing dialogue to the current thread * * @param dialogueIdThreadLocal */ @@ -139,20 +136,60 @@ throw new RuntimeException("There is no active context with request id " + dialogueId); } this.dialogueIdThreadLocal.set(dialogueId); - setActive(true); } /** - * Detaches the request from the current thread + * Detaches the dialogue from the current thread */ public void detach() { this.dialogueIdThreadLocal.set(null); - setActive(false); } public boolean isAttached() { return dialogueIdThreadLocal.get() != null; } + + public <T> T get(Contextual<T> contextual, CreationalContext<T> creationalContext) + { + if (!isActive()) + { + throw new ContextNotActiveException(); + } + ContextualInstance<T> beanInstance = getBeanStore().get(contextual); + if (beanInstance != null) + { + return beanInstance.getInstance(); + } + else if (creationalContext != null) + { + T instance = contextual.create(creationalContext); + if (instance != null) + { + beanInstance = new ContextualInstanceImpl<T>(contextual, creationalContext, instance); + getBeanStore().put(contextual, beanInstance); + } + return instance; + } + else + { + return null; + } + } + + public <T> T get(Contextual<T> contextual) + { + return get(contextual, null); + } + + public Class<? extends Annotation> getScope() + { + return DialogueScoped.class; + } + + public boolean isActive() + { + return dialogueIdThreadLocal.get() != null; + } } Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContextManagerImpl.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContextManagerImpl.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContextManagerImpl.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -1,99 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.dialogues; - -import javax.enterprise.event.Observes; -import javax.enterprise.inject.Instance; -import javax.enterprise.inject.spi.BeanManager; -import javax.inject.Inject; -import javax.servlet.ServletContextEvent; - -import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; -import org.jboss.seam.security.external.dialogues.api.Dialogue; -import org.jboss.seam.servlet.event.qualifier.Destroyed; -import org.jboss.seam.servlet.event.qualifier.Initialized; - -/** - * @author Marcel Kolsteren - * - */ -public class DialogueContextManagerImpl implements DialogueManager -{ - @Inject - private DialogueContextExtension dialogueContextExtension; - - @Inject - private Instance<Dialogue> dialogue; - - @Inject - private BeanManager beanManager; - - protected void servletInitialized(@Observes @Initialized final ServletContextEvent e) - { - dialogueContextExtension.getDialogueContext().initialize(e.getServletContext()); - } - - protected void servletDestroyed(@Observes @Destroyed final ServletContextEvent e) - { - dialogueContextExtension.getDialogueContext().destroy(); - } - - public void beginDialogue() - { - String dialogueId = dialogueContextExtension.getDialogueContext().create(); - dialogue.get().setDialogueId(dialogueId); - beanManager.fireEvent(new AfterDialogueActivation()); - } - - public void endDialogue() - { - dialogueContextExtension.getDialogueContext().remove(); - } - - public void attachDialogue(String requestId) - { - dialogueContextExtension.getDialogueContext().attach(requestId); - beanManager.fireEvent(new AfterDialogueActivation()); - } - - public void detachDialogue() - { - if (dialogue.get().isFinished()) - { - endDialogue(); - } - else - { - dialogueContextExtension.getDialogueContext().detach(); - } - } - - public boolean isExistingDialogue(String dialogueId) - { - return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId); - } - - public boolean isAttached() - { - return dialogueContextExtension.getDialogueContext().isAttached(); - } -} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java (from rev 13767, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueFilter.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -0,0 +1,78 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.dialogues; + +import java.io.IOException; + +import javax.inject.Inject; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.annotation.WebFilter; +import javax.servlet.http.HttpServletResponse; + +@WebFilter(filterName = "DialogueFilter", urlPatterns = "/*") +public class DialogueFilter implements Filter +{ + public final static String DIALOGUE_ID_PARAM = "dialogueId"; + + @Inject + private DialogueManager manager; + + public void init(FilterConfig filterConfig) throws ServletException + { + } + + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException + { + if (manager.isAttached()) + { + manager.detachDialogue(); + } + + String dialogueId = request.getParameter(DIALOGUE_ID_PARAM); + + if (dialogueId != null) + { + if (!manager.isExistingDialogue(dialogueId)) + { + ((HttpServletResponse) response).sendError(HttpServletResponse.SC_BAD_REQUEST, "dialogue " + dialogueId + " does not exist"); + return; + } + manager.attachDialogue(dialogueId); + } + + chain.doFilter(request, response); + + if (manager.isAttached()) + { + manager.detachDialogue(); + } + } + + public void destroy() + { + } +} Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java (from rev 13764, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueContextManagerImpl.java) =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java (rev 0) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueManagerImpl.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -0,0 +1,92 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.external.dialogues; + +import javax.enterprise.event.Observes; +import javax.enterprise.inject.Instance; +import javax.inject.Inject; +import javax.servlet.ServletContextEvent; + +import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.servlet.event.qualifier.Destroyed; +import org.jboss.seam.servlet.event.qualifier.Initialized; + +/** + * @author Marcel Kolsteren + * + */ +public class DialogueManagerImpl implements DialogueManager +{ + @Inject + private DialogueContextExtension dialogueContextExtension; + + @Inject + private Instance<Dialogue> dialogue; + + public void servletInitialized(@Observes @Initialized final ServletContextEvent e) + { + dialogueContextExtension.getDialogueContext().initialize(e.getServletContext()); + } + + public void servletDestroyed(@Observes @Destroyed final ServletContextEvent e) + { + dialogueContextExtension.getDialogueContext().destroy(); + } + + public void beginDialogue() + { + String dialogueId = dialogueContextExtension.getDialogueContext().create(); + dialogue.get().setDialogueId(dialogueId); + } + + public void endDialogue() + { + dialogueContextExtension.getDialogueContext().remove(); + } + + public void attachDialogue(String requestId) + { + dialogueContextExtension.getDialogueContext().attach(requestId); + } + + public void detachDialogue() + { + if (dialogue.get().isFinished()) + { + endDialogue(); + } + else + { + dialogueContextExtension.getDialogueContext().detach(); + } + } + + public boolean isExistingDialogue(String dialogueId) + { + return dialogueContextExtension.getDialogueContext().isExistingDialogue(dialogueId); + } + + public boolean isAttached() + { + return dialogueContextExtension.getDialogueContext().isAttached(); + } +} Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/AfterDialogueActivation.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/AfterDialogueActivation.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/api/AfterDialogueActivation.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -1,31 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.external.dialogues.api; - -/** - * @author Marcel Kolsteren - * - */ -public class AfterDialogueActivation -{ - -} Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -30,6 +30,7 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; @@ -75,18 +76,18 @@ @Inject private Instance<OpenIdProviderBean> opBean; - public void handleIncomingMessage(HttpServletRequest httpRequest) throws InvalidRequestException + public void handleIncomingMessage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException { ParameterList parameterList = new ParameterList(httpRequest.getParameterMap()); String mode = parameterList.getParameterValue("openid.mode"); - Message response; + Message associationResponse; if ("associate".equals(mode)) { - response = openIdServerManager.get().associationResponse(parameterList); - writeMessageToResponse(response); + associationResponse = openIdServerManager.get().associationResponse(parameterList); + writeMessageToResponse(associationResponse, httpResponse); } else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) { @@ -133,30 +134,30 @@ if (opLocalIdentifier.equals(AuthRequest.SELECT_ID)) { - openIdProviderSpi.get().authenticate(realm, null, immediate); + openIdProviderSpi.get().authenticate(realm, null, immediate, responseHandler.createResponseHolder(httpResponse)); } else { String userName = opBean.get().getUserNameFromOpLocalIdentifier(opLocalIdentifier); - openIdProviderSpi.get().authenticate(realm, userName, immediate); + openIdProviderSpi.get().authenticate(realm, userName, immediate, responseHandler.createResponseHolder(httpResponse)); } } else { - response = DirectError.createDirectError("Invalid request; claimed_id or identity attribute is missing"); - writeMessageToResponse(response); + associationResponse = DirectError.createDirectError("Invalid request; claimed_id or identity attribute is missing"); + writeMessageToResponse(associationResponse, httpResponse); } dialogueManager.detachDialogue(); } else if ("check_authentication".equals(mode)) { - response = openIdServerManager.get().verify(parameterList); - writeMessageToResponse(response); + associationResponse = openIdServerManager.get().verify(parameterList); + writeMessageToResponse(associationResponse, httpResponse); } else { - response = DirectError.createDirectError("Unknown request"); - writeMessageToResponse(response); + associationResponse = DirectError.createDirectError("Unknown request"); + writeMessageToResponse(associationResponse, httpResponse); } } @@ -176,7 +177,7 @@ } } - public void sendAuthenticationResponse(boolean authenticationSuccesful, Map<String, List<String>> attributeValues) + public void sendAuthenticationResponse(boolean authenticationSuccesful, Map<String, List<String>> attributeValues, HttpServletResponse response) { ParameterList parameterList = openIdProviderRequest.get().getParameterList(); String userName = openIdProviderRequest.get().getUserName(); @@ -187,11 +188,11 @@ claimedIdentifier = opLocalIdentifier; } - Message response = openIdServerManager.get().authResponse(parameterList, opLocalIdentifier, claimedIdentifier, authenticationSuccesful); + Message authResponse = openIdServerManager.get().authResponse(parameterList, opLocalIdentifier, claimedIdentifier, authenticationSuccesful); if (response instanceof DirectError) { - writeMessageToResponse(response); + writeMessageToResponse(authResponse, response); } else { @@ -200,7 +201,7 @@ try { FetchResponse fetchResponse = FetchResponse.createFetchResponse(openIdProviderRequest.get().getFetchRequest(), attributeValues); - response.addExtension(fetchResponse); + authResponse.addExtension(fetchResponse); } catch (MessageException e) { @@ -211,8 +212,8 @@ // caller will need to decide which of the following to use: // option1: GET HTTP-redirect to the return_to URL - String destinationUrl = response.getDestinationUrl(true); - responseHandler.sendHttpRedirectToUserAgent(destinationUrl); + String destinationUrl = authResponse.getDestinationUrl(true); + responseHandler.sendHttpRedirectToUserAgent(destinationUrl, response); // option2: HTML FORM Redirection // RequestDispatcher dispatcher = @@ -227,9 +228,9 @@ dialogue.get().setFinished(true); } - private void writeMessageToResponse(Message message) + private void writeMessageToResponse(Message message, HttpServletResponse response) { - Writer writer = responseHandler.getWriter("text/plain"); + Writer writer = responseHandler.getWriter("text/plain", response); try { writer.append(message.keyValueFormEncoding()); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -31,12 +31,14 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import org.jboss.seam.security.external.EntityBean; import org.jboss.seam.security.external.JaxbContext; +import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi; import org.jboss.seam.security.external.dialogues.api.Dialogued; @@ -72,6 +74,9 @@ @JaxbContext(ObjectFactory.class) private JAXBContext jaxbContext; + @Inject + private ResponseHandler responseHandler; + public String getServiceURL(OpenIdService service) { String path = servletContext.getContextPath() + "/openid/OP/" + service.getName(); @@ -210,28 +215,28 @@ } @Dialogued(join = true) - public void authenticationFailed() + public void authenticationFailed(HttpServletResponse response) { - openIdSingleLoginSender.sendAuthenticationResponse(false, null); + openIdSingleLoginSender.sendAuthenticationResponse(false, null, response); } @Dialogued(join = true) - public void authenticationSucceeded(String userName) + public void authenticationSucceeded(String userName, HttpServletResponse response) { openIdProviderRequest.get().setUserName(userName); if (openIdProviderRequest.get().getRequestedAttributes() == null) { - openIdSingleLoginSender.sendAuthenticationResponse(true, null); + openIdSingleLoginSender.sendAuthenticationResponse(true, null, response); } else { - openIdProviderSpi.get().fetchParameters(openIdProviderRequest.get().getRequestedAttributes()); + openIdProviderSpi.get().fetchParameters(openIdProviderRequest.get().getRequestedAttributes(), responseHandler.createResponseHolder(response)); } } @Dialogued(join = true) - public void setAttributes(Map<String, List<String>> attributeValues) + public void setAttributes(Map<String, List<String>> attributeValues, HttpServletResponse response) { - openIdSingleLoginSender.sendAuthenticationResponse(true, attributeValues); + openIdSingleLoginSender.sendAuthenticationResponse(true, attributeValues, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -34,7 +34,6 @@ import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; -import org.jboss.seam.security.external.dialogues.DialogueManager; import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; @@ -78,16 +77,13 @@ @Inject private Instance<Dialogue> dialogue; - @Inject - private DialogueManager dialogueManager; - - public void handleIncomingMessage(HttpServletRequest httpRequest) throws InvalidRequestException + public void handleIncomingMessage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws InvalidRequestException { try { // extract the parameters from the authentication response // (which comes in as a HTTP request from the OpenID provider) - ParameterList response = new ParameterList(httpRequest.getParameterMap()); + ParameterList parameterList = new ParameterList(httpRequest.getParameterMap()); // retrieve the previously stored discovery information DiscoveryInformation discovered = openIdRequest.getDiscoveryInformation(); @@ -100,7 +96,7 @@ // verify the response; ConsumerManager needs to be the same // (static) instance used to place the authentication request - VerificationResult verification = openIdConsumerManager.verify(receivingURL.toString(), response, discovered); + VerificationResult verification = openIdConsumerManager.verify(receivingURL.toString(), parameterList, discovered); // examine the verification result and extract the verified identifier Identifier identifier = verification.getVerifiedId(); @@ -120,16 +116,16 @@ OpenIdPrincipal principal = createPrincipal(identifier.getIdentifier(), discovered.getOPEndpoint(), attributeValues); - openIdRelyingPartySpi.get().loginSucceeded(principal); + openIdRelyingPartySpi.get().loginSucceeded(principal, responseHandler.createResponseHolder(httpResponse)); } else { - openIdRelyingPartySpi.get().loginFailed(verification.getStatusMsg()); + openIdRelyingPartySpi.get().loginFailed(verification.getStatusMsg(), responseHandler.createResponseHolder(httpResponse)); } } catch (OpenIDException e) { - responseHandler.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + responseHandler.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage(), httpResponse); return; } @@ -137,7 +133,7 @@ } @Dialogued(join = true) - public void sendAuthRequest(String openId, List<OpenIdRequestedAttribute> attributes) + public void sendAuthRequest(String openId, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response) { try { @@ -166,12 +162,12 @@ String url = authReq.getDestinationUrl(true); - responseHandler.sendHttpRedirectToUserAgent(url); + responseHandler.sendHttpRedirectToUserAgent(url, response); } catch (OpenIDException e) { log.warn("Authentication failed", e); - openIdRelyingPartySpi.get().loginFailed(e.getMessage()); + openIdRelyingPartySpi.get().loginFailed(e.getMessage(), responseHandler.createResponseHolder(response)); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -26,6 +26,7 @@ import javax.inject.Inject; import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -61,9 +62,9 @@ private JAXBContext jaxbContext; @Dialogued(join = true) - public void login(String identifier, List<OpenIdRequestedAttribute> attributes) + public void login(String identifier, List<OpenIdRequestedAttribute> attributes, HttpServletResponse response) { - openIdSingleLoginSender.sendAuthRequest(identifier, attributes); + openIdSingleLoginSender.sendAuthRequest(identifier, attributes, response); } public String getServiceURL(OpenIdService service) Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -34,7 +34,6 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.ResponseHolder; import org.slf4j.Logger; /** @@ -49,9 +48,6 @@ private Logger log; @Inject - private ResponseHolder responseHolder; - - @Inject private ResponseHandler responseHandler; @Inject @@ -82,8 +78,7 @@ { try { - responseHolder.setResponse(response); - handleMessage(request); + handleMessage(request, response); } catch (InvalidRequestException e) { @@ -95,13 +90,13 @@ } } - private void handleMessage(HttpServletRequest httpRequest) throws InvalidRequestException + private void handleMessage(HttpServletRequest httpRequest, HttpServletResponse response) throws InvalidRequestException { Matcher matcher = Pattern.compile("/(OP|RP)/([^/]*?)$").matcher(httpRequest.getRequestURI()); boolean found = matcher.find(); if (!found) { - responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL."); + responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL.", response); return; } OpenIdProviderOrRelyingParty opOrRp = OpenIdProviderOrRelyingParty.valueOf(matcher.group(1)); @@ -109,7 +104,7 @@ if (service == null) { - responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL."); + responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL.", response); return; } @@ -118,21 +113,21 @@ case OPEN_ID_SERVICE: if (opOrRp == OpenIdProviderOrRelyingParty.OP) { - openIdProviderAuthenticationService.handleIncomingMessage(httpRequest); + openIdProviderAuthenticationService.handleIncomingMessage(httpRequest, response); } else { - openIdRpAuthenticationService.handleIncomingMessage(httpRequest); + openIdRpAuthenticationService.handleIncomingMessage(httpRequest, response); } break; case XRDS_SERVICE: if (opOrRp == OpenIdProviderOrRelyingParty.OP) { - opBean.get().writeOpIdentifierXrds(responseHandler.getWriter("application/xrds+xml")); + opBean.get().writeOpIdentifierXrds(responseHandler.getWriter("application/xrds+xml", response)); } else { - rpBean.get().writeRpXrds(responseHandler.getWriter("application/xrds+xml")); + rpBean.get().writeRpXrds(responseHandler.getWriter("application/xrds+xml", response)); } break; default: Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -31,6 +31,7 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; @@ -103,7 +104,7 @@ @JaxbContext( { RequestAbstractType.class, StatusResponseType.class }) private JAXBContext jaxbContext; - public void handleIncomingSamlMessage(SamlServiceType service, HttpServletRequest httpRequest, SamlIdpOrSp idpOrSp) throws InvalidRequestException + public void handleIncomingSamlMessage(SamlServiceType service, HttpServletRequest httpRequest, HttpServletResponse httpResponse, SamlIdpOrSp idpOrSp) throws InvalidRequestException { String samlRequestParam = httpRequest.getParameter(SamlRedirectMessage.QSP_SAML_REQUEST); String samlResponseParam = httpRequest.getParameter(SamlRedirectMessage.QSP_SAML_RESPONSE); @@ -248,11 +249,11 @@ { if (samlRequestOrResponse.isRequest()) { - samlIdpSingleSignOnService.processSPRequest(httpRequest, samlRequestMessage); + samlIdpSingleSignOnService.processSPRequest(httpRequest, httpResponse, samlRequestMessage); } else { - samlSpSingleSignOnService.processIDPResponse(httpRequest, samlResponseMessage); + samlSpSingleSignOnService.processIDPResponse(httpRequest, httpResponse, samlResponseMessage); } } else @@ -261,22 +262,22 @@ { if (idpOrSp == SamlIdpOrSp.IDP) { - samlIdpSingleLogoutService.processSPRequest(httpRequest, samlRequestMessage); + samlIdpSingleLogoutService.processSPRequest(httpRequest, httpResponse, samlRequestMessage); } else { - samlSpSingleLogoutService.processIDPRequest(httpRequest, samlRequestMessage); + samlSpSingleLogoutService.processIDPRequest(httpRequest, httpResponse, samlRequestMessage); } } else { if (idpOrSp == SamlIdpOrSp.IDP) { - samlIdpSingleLogoutService.processSPResponse(httpRequest, samlResponseMessage); + samlIdpSingleLogoutService.processSPResponse(httpRequest, httpResponse, samlResponseMessage); } else { - samlSpSingleLogoutService.processIDPResponse(httpRequest, samlResponseMessage); + samlSpSingleLogoutService.processIDPResponse(httpRequest, httpResponse, samlResponseMessage); } } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageSender.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -33,6 +33,7 @@ import javax.enterprise.context.ApplicationScoped; import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.Binder; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; @@ -85,7 +86,7 @@ @Inject private Instance<SamlDialogue> samlDialogue; - public void sendRequest(SamlExternalEntity samlProvider, SamlProfile profile, RequestAbstractType samlRequest) + public void sendRequest(SamlExternalEntity samlProvider, SamlProfile profile, RequestAbstractType samlRequest, HttpServletResponse response) { Document message = null; @@ -132,10 +133,10 @@ throw new RuntimeException(e); } - sendMessage(samlProvider, message, SamlRequestOrResponse.REQUEST, endpoint); + sendMessage(samlProvider, message, SamlRequestOrResponse.REQUEST, endpoint, response); } - public void sendResponse(SamlExternalEntity samlProvider, StatusResponseType samlResponse, SamlProfile profile) + public void sendResponse(SamlExternalEntity samlProvider, StatusResponseType samlResponse, SamlProfile profile, HttpServletResponse response) { Document message = null; @@ -176,7 +177,7 @@ throw new RuntimeException(e); } - sendMessage(samlDialogue.get().getExternalProvider(), message, SamlRequestOrResponse.RESPONSE, endpoint); + sendMessage(samlDialogue.get().getExternalProvider(), message, SamlRequestOrResponse.RESPONSE, endpoint, response); } public SamlEndpoint getEndpoint(SamlService service) @@ -194,7 +195,7 @@ return endpoint; } - private void sendMessage(SamlExternalEntity samlProvider, Document message, SamlRequestOrResponse samlRequestOrResponse, SamlEndpoint endpoint) + private void sendMessage(SamlExternalEntity samlProvider, Document message, SamlRequestOrResponse samlRequestOrResponse, SamlEndpoint endpoint, HttpServletResponse response) { if (log.isDebugEnabled()) { @@ -239,7 +240,7 @@ { privateKey = samlEntityBean.get().getSigningKey().getPrivateKey(); } - sendSamlRedirect(base64EncodedResponse, signMessage, samlRequestOrResponse, privateKey, endpoint); + sendSamlRedirect(base64EncodedResponse, signMessage, samlRequestOrResponse, privateKey, endpoint, response); } else { @@ -257,7 +258,7 @@ samlPostMessage.setRequestOrResponse(samlRequestOrResponse); samlPostMessage.setSamlMessage(base64EncodedMessage); samlPostMessage.setRelayState(samlDialogue.get().getExternalProviderRelayState()); - responseHandler.sendFormToUserAgent(endpoint.getLocation(), samlPostMessage); + responseHandler.sendFormToUserAgent(endpoint.getLocation(), samlPostMessage, response); } } catch (IOException e) @@ -266,7 +267,7 @@ } } - private void sendSamlRedirect(String base64EncodedSamlMessage, boolean sign, SamlRequestOrResponse samlRequestOrResponse, PrivateKey signingKey, SamlEndpoint endpoint) + private void sendSamlRedirect(String base64EncodedSamlMessage, boolean sign, SamlRequestOrResponse samlRequestOrResponse, PrivateKey signingKey, SamlEndpoint endpoint, HttpServletResponse response) { SamlRedirectMessage redirectMessage = new SamlRedirectMessage(); @@ -295,7 +296,7 @@ redirectMessage.setSamlMessage(base64EncodedSamlMessage); } - responseHandler.sendHttpRedirectToUserAgent(endpoint.getLocation(), redirectMessage); + responseHandler.sendHttpRedirectToUserAgent(endpoint.getLocation(), redirectMessage, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlServlet.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -34,7 +34,6 @@ import org.jboss.seam.security.external.InvalidRequestException; import org.jboss.seam.security.external.ResponseHandler; -import org.jboss.seam.security.external.api.ResponseHolder; import org.slf4j.Logger; /** @@ -49,9 +48,6 @@ private Logger log; @Inject - private ResponseHolder responseHolder; - - @Inject private SamlMessageReceiver samlMessageReceiver; @Inject @@ -76,8 +72,7 @@ { try { - responseHolder.setResponse(response); - handleMessage(request); + handleMessage(request, response); } catch (InvalidRequestException e) { @@ -89,13 +84,13 @@ } } - private void handleMessage(HttpServletRequest httpRequest) throws InvalidRequestException + private void handleMessage(HttpServletRequest httpRequest, HttpServletResponse response) throws InvalidRequestException { Matcher matcher = Pattern.compile("/(IDP|SP)/(.*?)$").matcher(httpRequest.getRequestURI()); boolean found = matcher.find(); if (!found) { - responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL."); + responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL.", response); } SamlIdpOrSp idpOrSp = SamlIdpOrSp.valueOf(matcher.group(1)); SamlServiceType service = SamlServiceType.getByName(matcher.group(2)); @@ -105,10 +100,10 @@ case SAML_SINGLE_LOGOUT_SERVICE: case SAML_SINGLE_SIGN_ON_SERVICE: case SAML_ASSERTION_CONSUMER_SERVICE: - samlMessageReceiver.handleIncomingSamlMessage(service, httpRequest, idpOrSp); + samlMessageReceiver.handleIncomingSamlMessage(service, httpRequest, response, idpOrSp); break; case SAML_META_DATA_SERVICE: - samlEntityBean.get().writeMetaData(responseHandler.getWriter("application/xml")); + samlEntityBean.get().writeMetaData(responseHandler.getWriter("application/xml", response)); break; default: throw new RuntimeException("Unsupported service " + service); Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -23,12 +23,14 @@ import java.io.Reader; import java.io.Writer; +import java.util.Arrays; import java.util.LinkedList; import java.util.List; import java.util.Set; import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -50,8 +52,6 @@ import org.jboss.seam.security.external.saml.SamlIdpOrSp; import org.jboss.seam.security.external.saml.SamlServiceType; -import com.google.common.collect.Lists; - /** * @author Marcel Kolsteren * @@ -174,16 +174,16 @@ } @Dialogued(join = true) - public void authenticationSucceeded(SamlIdpSession session) + public void authenticationSucceeded(SamlIdpSession session, HttpServletResponse response) { session.getServiceProviders().add((SamlExternalServiceProvider) samlDialogue.get().getExternalProvider()); - samlIdpSingleSignOnService.handleSucceededAuthentication(session); + samlIdpSingleSignOnService.handleSucceededAuthentication(session, response); } @Dialogued(join = true) - public void authenticationFailed() + public void authenticationFailed(HttpServletResponse response) { - samlIdpSingleSignOnService.handleFailedAuthentication(); + samlIdpSingleSignOnService.handleFailedAuthentication(response); } public Set<SamlIdpSession> getSessions() @@ -212,7 +212,7 @@ } @Dialogued(join = true) - public void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl) + public void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response) { for (SamlExternalServiceProvider sp : session.getServiceProviders()) { @@ -222,7 +222,7 @@ } } session.getServiceProviders().add(getExternalSamlEntityByEntityId(spEntityId)); - samlIdpSingleSignOnService.remoteLogin(spEntityId, session, remoteUrl); + samlIdpSingleSignOnService.remoteLogin(spEntityId, session, remoteUrl, response); } public void localLogout(SamlIdpSession session) @@ -231,10 +231,10 @@ } @Dialogued(join = true) - public void globalLogout(SamlIdpSession session) + public void globalLogout(SamlIdpSession session, HttpServletResponse response) { SamlPrincipal principal = session.getPrincipal(); - samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Lists.newArrayList(session.getSessionIndex())); + samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(principal, Arrays.asList(session.getSessionIndex()), response); } @Override Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleLogoutService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -26,8 +26,10 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.api.SamlNameId; import org.jboss.seam.security.external.api.SamlPrincipal; import org.jboss.seam.security.external.dialogues.DialogueManager; @@ -76,7 +78,10 @@ @Inject private DialogueManager dialogueManager; - public void processSPRequest(HttpServletRequest httpRequest, RequestAbstractType request) throws InvalidRequestException + @Inject + private ResponseHandler responseHandler; + + public void processSPRequest(HttpServletRequest httpRequest, HttpServletResponse httpResponse, RequestAbstractType request) throws InvalidRequestException { if (!(request instanceof LogoutRequestType)) { @@ -91,18 +96,18 @@ samlIdpIncomingLogoutDialogue.get().setNameId(samlNameId); samlIdpIncomingLogoutDialogue.get().setSessionIndexes(logoutRequest.getSessionIndex()); - removeNextSessionParticipant(); + removeNextSessionParticipant(httpResponse); } - public void handleIDPInitiatedSingleLogout(SamlPrincipal principal, List<String> indexes) + public void handleIDPInitiatedSingleLogout(SamlPrincipal principal, List<String> indexes, HttpServletResponse response) { samlIdpIncomingLogoutDialogue.get().setNameId(principal.getNameId()); samlIdpIncomingLogoutDialogue.get().setSessionIndexes(indexes); - removeNextSessionParticipant(); + removeNextSessionParticipant(response); } - private void removeNextSessionParticipant() + private void removeNextSessionParticipant(HttpServletResponse response) { SamlNameId samlNameId = samlIdpIncomingLogoutDialogue.get().getNameId(); List<String> sessionIndexes = samlIdpIncomingLogoutDialogue.get().getSessionIndexes(); @@ -147,7 +152,7 @@ dialogueManager.beginDialogue(); samlIdpOutgoingLogoutDialogue.get().setIncomingDialogueId(incomingDialogueId); - sendSingleLogoutRequestToSP(sessionToRemove, sp); + sendSingleLogoutRequestToSP(sessionToRemove, sp, response); readyForNow = true; } } @@ -164,35 +169,35 @@ } else { - finishSingleLogoutProcess(); + finishSingleLogoutProcess(response); readyForNow = true; } } } - private void finishSingleLogoutProcess() + private void finishSingleLogoutProcess(HttpServletResponse response) { boolean failed = samlIdpIncomingLogoutDialogue.get().isFailed(); if (samlDialogue.get().getExternalProvider() != null) { - StatusResponseType response = samlMessageFactory.createStatusResponse(failed ? SamlConstants.STATUS_RESPONDER : SamlConstants.STATUS_SUCCESS, null); - samlMessageSender.sendResponse(samlDialogue.get().getExternalProvider(), response, SamlProfile.SINGLE_LOGOUT); + StatusResponseType statusResponse = samlMessageFactory.createStatusResponse(failed ? SamlConstants.STATUS_RESPONDER : SamlConstants.STATUS_SUCCESS, null); + samlMessageSender.sendResponse(samlDialogue.get().getExternalProvider(), statusResponse, SamlProfile.SINGLE_LOGOUT, response); } else { if (failed) { - samlIdentityProviderSpi.get().singleLogoutFailed(); + samlIdentityProviderSpi.get().singleLogoutFailed(responseHandler.createResponseHolder(response)); } else { - samlIdentityProviderSpi.get().singleLogoutSucceeded(); + samlIdentityProviderSpi.get().singleLogoutSucceeded(responseHandler.createResponseHolder(response)); } } dialogue.get().setFinished(true); } - public void processSPResponse(HttpServletRequest httpRequest, StatusResponseType response) + public void processSPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse) { // End the outgoing samlDialogue and re-attach to the incoming // samlDialogue @@ -200,20 +205,20 @@ dialogueManager.endDialogue(); dialogueManager.attachDialogue(incomingDialogueId); - if (response.getStatus() != null && !response.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) + if (statusResponse.getStatus() != null && !statusResponse.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) { samlIdpIncomingLogoutDialogue.get().setFailed(true); } - removeNextSessionParticipant(); + removeNextSessionParticipant(httpResponse); } - public void sendSingleLogoutRequestToSP(SamlIdpSession session, SamlExternalServiceProvider sp) + public void sendSingleLogoutRequestToSP(SamlIdpSession session, SamlExternalServiceProvider sp, HttpServletResponse response) { LogoutRequestType logoutRequest; logoutRequest = samlMessageFactory.createLogoutRequest(session.getPrincipal().getNameId(), session.getSessionIndex()); samlDialogue.get().setExternalProvider(sp); - samlMessageSender.sendRequest(sp, SamlProfile.SINGLE_LOGOUT, logoutRequest); + samlMessageSender.sendRequest(sp, SamlProfile.SINGLE_LOGOUT, logoutRequest, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleSignOnService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -24,8 +24,10 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.dialogues.api.Dialogued; import org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType; @@ -66,62 +68,65 @@ @Inject private Instance<SamlEntityBean> samlEntityBean; - public void processSPRequest(HttpServletRequest httpRequest, RequestAbstractType request) throws InvalidRequestException + @Inject + private ResponseHandler responseHandler; + + public void processSPRequest(HttpServletRequest httpRequest, HttpServletResponse httpResponse, RequestAbstractType request) throws InvalidRequestException { if (!(request instanceof AuthnRequestType)) { throw new InvalidRequestException("Request should be an authentication request."); } - samlIdentityProviderSpi.get().authenticate(); + samlIdentityProviderSpi.get().authenticate(responseHandler.createResponseHolder(httpResponse)); } - public void handleSucceededAuthentication(SamlIdpSession session) + public void handleSucceededAuthentication(SamlIdpSession session, HttpServletResponse response) { - sendAuthenticationResponse(samlDialogue.getExternalProvider(), session, false); + sendAuthenticationResponse(samlDialogue.getExternalProvider(), session, false, response); } - private void sendAuthenticationResponse(SamlExternalEntity serviceProvider, SamlIdpSession session, boolean failed) + private void sendAuthenticationResponse(SamlExternalEntity serviceProvider, SamlIdpSession session, boolean failed, HttpServletResponse response) { - StatusResponseType response; + StatusResponseType statusResponse; if (failed) { - response = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_RESPONDER, null); + statusResponse = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_RESPONDER, null); } else { SamlService service = serviceProvider.getService(SamlProfile.SINGLE_SIGN_ON); - response = samlMessageFactory.createResponse(session, samlMessageSender.getEndpoint(service)); + statusResponse = samlMessageFactory.createResponse(session, samlMessageSender.getEndpoint(service)); } - samlMessageSender.sendResponse(serviceProvider, response, SamlProfile.SINGLE_SIGN_ON); + samlMessageSender.sendResponse(serviceProvider, statusResponse, SamlProfile.SINGLE_SIGN_ON, response); dialogue.setFinished(true); } - public void handleFailedAuthentication() + public void handleFailedAuthentication(HttpServletResponse response) { - sendAuthenticationResponse(samlDialogue.getExternalProvider(), null, true); + sendAuthenticationResponse(samlDialogue.getExternalProvider(), null, true, response); } @Dialogued - public void sendAuthenticationResponseToIDP(SamlExternalIdentityProvider idp) + public void sendAuthenticationResponseToIDP(SamlExternalIdentityProvider idp, HttpServletResponse response) { AuthnRequestType authnRequest = samlMessageFactory.createAuthnRequest(); samlDialogue.setExternalProvider(idp); - samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_SIGN_ON, authnRequest); + samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_SIGN_ON, authnRequest, response); } - public void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl) + public void remoteLogin(String spEntityId, SamlIdpSession session, String remoteUrl, HttpServletResponse response) { SamlExternalEntity serviceProvider = samlEntityBean.get().getExternalSamlEntityByEntityId(spEntityId); samlDialogue.setExternalProvider(serviceProvider); samlDialogue.setExternalProviderRelayState(remoteUrl); // Send an unsolicited authentication response to the service provider - sendAuthenticationResponse(serviceProvider, session, false); + sendAuthenticationResponse(serviceProvider, session, false, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpSingleUser.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -25,6 +25,7 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlIdentityProviderApi; import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi; @@ -36,14 +37,14 @@ @Inject private Instance<SamlMultiUserIdentityProviderApi> multiUserApi; - public void authenticationSucceeded() + public void authenticationSucceeded(HttpServletResponse response) { - multiUserApi.get().authenticationSucceeded(getSession()); + multiUserApi.get().authenticationSucceeded(getSession(), response); } - public void authenticationFailed() + public void authenticationFailed(HttpServletResponse response) { - multiUserApi.get().authenticationFailed(); + multiUserApi.get().authenticationFailed(response); } public SamlIdpSession getSession() @@ -63,14 +64,14 @@ multiUserApi.get().localLogin(nameId, attributes); } - public void remoteLogin(String spEntityId, String remoteUrl) + public void remoteLogin(String spEntityId, String remoteUrl, HttpServletResponse response) { SamlIdpSession session = getSession(); if (session == null) { throw new IllegalStateException("Need to login locally first."); } - multiUserApi.get().remoteLogin(spEntityId, session, remoteUrl); + multiUserApi.get().remoteLogin(spEntityId, session, remoteUrl, response); } public void localLogout() @@ -83,13 +84,13 @@ multiUserApi.get().localLogout(session); } - public void globalLogout() + public void globalLogout(HttpServletResponse response) { SamlIdpSession session = getSession(); if (session == null) { throw new IllegalStateException("Logout not possible because there is no current session."); } - multiUserApi.get().globalLogout(session); + multiUserApi.get().globalLogout(session, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -27,8 +27,8 @@ import java.util.List; import java.util.Set; -import javax.enterprise.inject.Typed; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -179,7 +179,7 @@ } @Dialogued(join = true) - public void login(String idpEntityId) + public void login(String idpEntityId, HttpServletResponse response) { SamlExternalIdentityProvider idp = getExternalSamlEntityByEntityId(idpEntityId); if (idp == null) @@ -187,7 +187,7 @@ throw new RuntimeException("Identity provider " + idpEntityId + " not found"); } - samlSpSingleSignOnService.sendAuthenticationRequestToIDP(idp); + samlSpSingleSignOnService.sendAuthenticationRequestToIDP(idp, response); } @Dialogued(join = true) @@ -197,10 +197,10 @@ } @Dialogued(join = true) - public void globalLogout(SamlSpSession session) + public void globalLogout(SamlSpSession session, HttpServletResponse response) { localLogout(session); - samlSpSingleLogoutService.sendSingleLogoutRequestToIDP(session); + samlSpSingleLogoutService.sendSingleLogoutRequestToIDP(session, response); } public Set<SamlSpSession> getSessions() Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleLogoutService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -26,8 +26,10 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.api.SamlNameId; import org.jboss.seam.security.external.dialogues.api.Dialogue; import org.jboss.seam.security.external.jaxb.samlv2.assertion.NameIDType; @@ -68,7 +70,10 @@ @Inject private SamlDialogue samlDialogue; - public void processIDPRequest(HttpServletRequest httpRequest, RequestAbstractType request) throws InvalidRequestException + @Inject + private ResponseHandler responseHandler; + + public void processIDPRequest(HttpServletRequest httpRequest, HttpServletResponse httpResponse, RequestAbstractType request) throws InvalidRequestException { if (!(request instanceof LogoutRequestType)) { @@ -82,9 +87,9 @@ SamlNameId samlNameId = new SamlNameId(nameIdJaxb.getValue(), nameIdJaxb.getFormat(), nameIdJaxb.getNameQualifier()); removeSessions(samlNameId, idp.getEntityId(), logoutRequest.getSessionIndex()); - StatusResponseType response = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_SUCCESS, null); + StatusResponseType statusResponse = samlMessageFactory.createStatusResponse(SamlConstants.STATUS_SUCCESS, null); - samlMessageSender.sendResponse(idp, response, SamlProfile.SINGLE_LOGOUT); + samlMessageSender.sendResponse(idp, statusResponse, SamlProfile.SINGLE_LOGOUT, httpResponse); dialogue.setFinished(true); } @@ -104,21 +109,21 @@ } } - public void processIDPResponse(HttpServletRequest httpRequest, StatusResponseType response) + public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse) { - if (response.getStatus() != null && response.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) + if (statusResponse.getStatus() != null && statusResponse.getStatus().getStatusCode().getValue().equals(SamlConstants.STATUS_SUCCESS)) { - samlServiceProviderSpi.get().globalLogoutSucceeded(); + samlServiceProviderSpi.get().globalLogoutSucceeded(responseHandler.createResponseHolder(httpResponse)); } else { - String statusCode = response.getStatus() == null ? "null" : response.getStatus().getStatusCode().getValue(); - samlServiceProviderSpi.get().globalLogoutFailed(statusCode); + String statusCode = statusResponse.getStatus() == null ? "null" : statusResponse.getStatus().getStatusCode().getValue(); + samlServiceProviderSpi.get().globalLogoutFailed(statusCode, responseHandler.createResponseHolder(httpResponse)); } dialogue.setFinished(true); } - public void sendSingleLogoutRequestToIDP(SamlSpSession session) + public void sendSingleLogoutRequestToIDP(SamlSpSession session, HttpServletResponse httpResponse) { SamlExternalIdentityProvider idp = session.getIdentityProvider(); LogoutRequestType logoutRequest; @@ -127,6 +132,6 @@ samlDialogue.setExternalProvider(idp); samlSpLogoutDialogue.setSession(session); - samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_LOGOUT, logoutRequest); + samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_LOGOUT, logoutRequest, httpResponse); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleSignOnService.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -27,10 +27,12 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBElement; import javax.xml.datatype.DatatypeConstants; import org.jboss.seam.security.external.InvalidRequestException; +import org.jboss.seam.security.external.ResponseHandler; import org.jboss.seam.security.external.api.SamlNameId; import org.jboss.seam.security.external.api.SamlPrincipal; import org.jboss.seam.security.external.dialogues.api.Dialogue; @@ -88,7 +90,10 @@ @Inject private SamlMessageFactory samlMessageFactory; - public void processIDPResponse(HttpServletRequest httpRequest, StatusResponseType statusResponse) throws InvalidRequestException + @Inject + private ResponseHandler responseHandler; + + public void processIDPResponse(HttpServletRequest httpRequest, HttpServletResponse httpResponse, StatusResponseType statusResponse) throws InvalidRequestException { SamlExternalIdentityProvider idp = (SamlExternalIdentityProvider) samlDialogue.getExternalProvider(); @@ -101,7 +106,7 @@ String statusValue = status.getStatusCode().getValue(); if (SamlConstants.STATUS_SUCCESS.equals(statusValue) == false) { - samlServiceProviderSpi.get().loginFailed(); + samlServiceProviderSpi.get().loginFailed(responseHandler.createResponseHolder(httpResponse)); } if (!(statusResponse instanceof ResponseType)) @@ -125,7 +130,7 @@ else { session.setIdentityProvider(idp); - loginUser(httpRequest, session, statusResponse.getInResponseTo() == null, httpRequest.getParameter(SamlRedirectMessage.QSP_RELAY_STATE)); + loginUser(httpRequest, httpResponse, session, statusResponse.getInResponseTo() == null, httpRequest.getParameter(SamlRedirectMessage.QSP_RELAY_STATE)); } dialogue.setFinished(true); @@ -272,26 +277,26 @@ } } - private void loginUser(HttpServletRequest httpRequest, SamlSpSession session, boolean unsolicited, String relayState) + private void loginUser(HttpServletRequest httpRequest, HttpServletResponse response, SamlSpSession session, boolean unsolicited, String relayState) { samlSpSessions.addSession(session); if (unsolicited) { - samlServiceProviderSpi.get().loggedIn(session, relayState); + samlServiceProviderSpi.get().loggedIn(session, relayState, responseHandler.createResponseHolder(response)); } else { - samlServiceProviderSpi.get().loginSucceeded(session); + samlServiceProviderSpi.get().loginSucceeded(session, responseHandler.createResponseHolder(response)); } } - public void sendAuthenticationRequestToIDP(SamlExternalIdentityProvider idp) + public void sendAuthenticationRequestToIDP(SamlExternalIdentityProvider idp, HttpServletResponse response) { AuthnRequestType authnRequest = samlMessageFactory.createAuthnRequest(); samlDialogue.setExternalProvider(idp); - samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_SIGN_ON, authnRequest); + samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_SIGN_ON, authnRequest, response); } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpSingleUser.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -23,6 +23,7 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi; import org.jboss.seam.security.external.api.SamlServiceProviderApi; @@ -36,9 +37,9 @@ @Inject private Instance<SamlMultiUserServiceProviderApi> multiUserApi; - public void login(String idpEntityId) + public void login(String idpEntityId, HttpServletResponse response) { - multiUserApi.get().login(idpEntityId); + multiUserApi.get().login(idpEntityId, response); } public void localLogout() @@ -51,14 +52,14 @@ multiUserApi.get().localLogout(session); } - public void globalLogout() + public void globalLogout(HttpServletResponse response) { SamlSpSession session = getSession(); if (session == null) { throw new IllegalStateException("Logout not possible because there is no current session."); } - multiUserApi.get().globalLogout(session); + multiUserApi.get().globalLogout(session, response); } public SamlSpSession getSession() Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -25,6 +25,7 @@ import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.api.ResponseHolder; /** * @author Marcel Kolsteren @@ -51,7 +52,7 @@ * @param immediate if this is true, there must be no interaction with the * user (silent authentication) */ - void authenticate(String realm, String userName, boolean immediate); + void authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder); /** * This method is called to check whether a username exists. @@ -61,5 +62,5 @@ */ boolean userExists(String userName); - void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes); + void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -22,6 +22,7 @@ package org.jboss.seam.security.external.spi; import org.jboss.seam.security.external.api.OpenIdPrincipal; +import org.jboss.seam.security.external.api.ResponseHolder; /** * @author Marcel Kolsteren @@ -29,7 +30,7 @@ */ public interface OpenIdRelyingPartySpi { - public void loginSucceeded(OpenIdPrincipal principal); + public void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder); - public void loginFailed(String message); + public void loginFailed(String message, ResponseHolder responseHolder); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlIdentityProviderSpi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -21,6 +21,7 @@ */ package org.jboss.seam.security.external.spi; +import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.saml.idp.SamlIdpSession; /** @@ -29,11 +30,11 @@ */ public interface SamlIdentityProviderSpi { - public void authenticate(); + public void authenticate(ResponseHolder responseHolder); public void loggedOut(SamlIdpSession session); - public void singleLogoutSucceeded(); + public void singleLogoutSucceeded(ResponseHolder responseHolder); - public void singleLogoutFailed(); + public void singleLogoutFailed(ResponseHolder responseHolder); } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/SamlServiceProviderSpi.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -51,14 +51,14 @@ * * @param session session */ - void loginSucceeded(SamlSpSession session); + void loginSucceeded(SamlSpSession session, ResponseHolder responseHolder); /** * This method is called after failed external authentication of the user. * The call takes place in the same dialogue context as the corresponding API * call. */ - void loginFailed(); + void loginFailed(ResponseHolder responseHolder); /** * When the service provider receives an unsolicited login from an identity @@ -68,7 +68,7 @@ * @param url URL where the user needs to be redirected to; this URL is * supplied by the identity provider and can be null */ - void loggedIn(SamlSpSession session, String url); + void loggedIn(SamlSpSession session, String url, ResponseHolder responseHolder); /** * This method is the asynchronous callbacks related to @@ -78,7 +78,7 @@ * implementation of this method will typically redirect the user to a page * where a message is shown that the user has been logged out. */ - void globalLogoutSucceeded(); + void globalLogoutSucceeded(ResponseHolder responseHolder); /** * <p> @@ -96,7 +96,7 @@ * couldn't perform a successful logout, while the others could. * </p> */ - void globalLogoutFailed(String statusCode); + void globalLogoutFailed(String statusCode, ResponseHolder responseHolder); /** * When the service provider receives a logout request from an identity Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationContext.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationContext.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationContext.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -21,46 +21,51 @@ */ package org.jboss.seam.security.external.virtualapplications; +import java.lang.annotation.Annotation; + +import javax.enterprise.context.ContextNotActiveException; +import javax.enterprise.context.spi.Context; +import javax.enterprise.context.spi.Contextual; +import javax.enterprise.context.spi.CreationalContext; import javax.servlet.ServletContext; +import org.jboss.seam.security.external.contexts.ContextualInstanceImpl; +import org.jboss.seam.security.external.contexts.HashMapBeanStore; import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped; -import org.jboss.weld.context.AbstractMapContext; -import org.jboss.weld.context.api.BeanStore; -import org.jboss.weld.context.beanstore.HashMapBeanStore; +import org.jboss.weld.context.api.ContextualInstance; /** * @author Marcel Kolsteren * */ -public class VirtualApplicationContext extends AbstractMapContext +public class VirtualApplicationContext implements Context { private static final String BEAN_STORE_ATTRIBUTE_NAME_PREFIX = "virtualApplicationContextBeanStore"; + private ServletContext servletContext; + private final ThreadLocal<String> hostNameThreadLocal; public VirtualApplicationContext() { - super(VirtualApplicationScoped.class); hostNameThreadLocal = new ThreadLocal<String>(); } - @Override - protected BeanStore getBeanStore() + protected HashMapBeanStore getBeanStore() { return getBeanStore(hostNameThreadLocal.get()); } - private BeanStore getBeanStore(String hostName) + private HashMapBeanStore getBeanStore(String hostName) { - BeanStore beanStore = (BeanStore) servletContext.getAttribute(getAttributeName(hostName)); + HashMapBeanStore beanStore = (HashMapBeanStore) servletContext.getAttribute(getAttributeName(hostName)); return beanStore; } - private BeanStore createBeanStore(String hostName) + private void createBeanStore(String hostName) { - BeanStore beanStore = new HashMapBeanStore(); + HashMapBeanStore beanStore = new HashMapBeanStore(); servletContext.setAttribute(getAttributeName(hostName), beanStore); - return beanStore; } private void removeBeanStore(String hostName) @@ -73,13 +78,6 @@ return BEAN_STORE_ATTRIBUTE_NAME_PREFIX + "_" + hostName; } - @Override - protected boolean isCreationLockRequired() - { - // TODO: find out whether the creation lock is required - return false; - } - public void initialize(ServletContext servletContext) { this.servletContext = servletContext; @@ -98,6 +96,7 @@ public void remove() { + getBeanStore().clear(); removeBeanStore(this.hostNameThreadLocal.get()); detach(); } @@ -110,12 +109,52 @@ public void attach(String hostName) { this.hostNameThreadLocal.set(hostName); - setActive(true); } public void detach() { this.hostNameThreadLocal.set(null); - setActive(false); } + + public <T> T get(Contextual<T> contextual, CreationalContext<T> creationalContext) + { + if (!isActive()) + { + throw new ContextNotActiveException(); + } + ContextualInstance<T> beanInstance = getBeanStore().get(contextual); + if (beanInstance != null) + { + return beanInstance.getInstance(); + } + else if (creationalContext != null) + { + T instance = contextual.create(creationalContext); + if (instance != null) + { + beanInstance = new ContextualInstanceImpl<T>(contextual, creationalContext, instance); + getBeanStore().put(contextual, beanInstance); + } + return instance; + } + else + { + return null; + } + } + + public <T> T get(Contextual<T> contextual) + { + return get(contextual, null); + } + + public Class<? extends Annotation> getScope() + { + return VirtualApplicationScoped.class; + } + + public boolean isActive() + { + return hostNameThreadLocal.get() != null; + } } Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java =================================================================== --- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/virtualapplications/VirtualApplicationManager.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -64,7 +64,7 @@ protected void servletInitialized(@Observes @Initialized final ServletContextEvent e) { log.trace("Servlet initialized with event {}", e); - virtualApplicationContextExtension.getVirtualApplicationContext().initialize(e.getServletContext()); + getVirtualApplicationContext().initialize(e.getServletContext()); AfterVirtualApplicationManagerCreation afterVirtualApplicationManagerCreation = new AfterVirtualApplicationManagerCreation(); beanManager.fireEvent(afterVirtualApplicationManagerCreation); @@ -72,10 +72,10 @@ for (String hostName : afterVirtualApplicationManagerCreation.getHostNames()) { hostNames.add(hostName); - virtualApplicationContextExtension.getVirtualApplicationContext().create(hostName); + getVirtualApplicationContext().create(hostName); virtualApplication.get().setHostName(hostName); beanManager.fireEvent(new AfterVirtualApplicationCreation()); - virtualApplicationContextExtension.getVirtualApplicationContext().detach(); + getVirtualApplicationContext().detach(); } beanManager.fireEvent(new AfterVirtualApplicationsCreation()); } @@ -85,10 +85,10 @@ log.trace("Servlet destroyed with event {}", e); for (String hostName : hostNames) { - if (virtualApplicationContextExtension.getVirtualApplicationContext().isExistingVirtualApplication(hostName)) + if (getVirtualApplicationContext().isExistingVirtualApplication(hostName)) { attach(hostName); - virtualApplicationContextExtension.getVirtualApplicationContext().destroy(); + getVirtualApplicationContext().destroy(); } } } @@ -97,28 +97,39 @@ { log.trace("Servlet request initialized with event {}", e); String hostName = e.getServletRequest().getServerName(); - attach(hostName); + if (getVirtualApplicationContext().isExistingVirtualApplication(hostName)) + { + attach(hostName); + } } protected void requestDestroyed(@Observes @Destroyed final ServletRequestEvent e) { log.trace("Servlet request destroyed with event {}", e); - detach(); + if (getVirtualApplicationContext().isActive()) + { + detach(); + } } public void attach(String hostName) { - virtualApplicationContextExtension.getVirtualApplicationContext().attach(hostName); + getVirtualApplicationContext().attach(hostName); virtualApplication.get().setHostName(hostName); } public void detach() { - virtualApplicationContextExtension.getVirtualApplicationContext().detach(); + getVirtualApplicationContext().detach(); } public Set<String> getHostNames() { return hostNames; } + + private VirtualApplicationContext getVirtualApplicationContext() + { + return virtualApplicationContextExtension.getVirtualApplicationContext(); + } } Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -27,6 +27,7 @@ import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.regex.Matcher; @@ -60,8 +61,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.google.common.collect.Maps; - @RunWith(Arquillian.class) @Run(RunModeType.AS_CLIENT) public class IntegrationTest @@ -106,7 +105,7 @@ @Test public void samlTest() { - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "loadMetaData"); sendMessageToApplication("www.sp1.com", "sp", params); sendMessageToApplication("www.sp2.com", "sp", params); @@ -157,7 +156,7 @@ String opIdentifier = "http://localhost:8080/op/openid/OP/XrdsService"; String userName = "john_doe"; - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "login"); params.put("identifier", opIdentifier); params.put("fetchEmail", "false"); @@ -165,7 +164,7 @@ checkApplicationMessage("Please login."); - params = Maps.newHashMap(); + params = new HashMap<String, String>(); params.put("command", "authenticate"); params.put("userName", userName); sendMessageToApplication("localhost", "op", params); @@ -183,7 +182,7 @@ String userName = "jane_doe"; String claimedId = "http://localhost:8080/op/users/" + userName; - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "login"); params.put("identifier", claimedId); params.put("fetchEmail", "true"); @@ -191,14 +190,14 @@ checkApplicationMessage("Please provide the password for " + userName + "."); - params = Maps.newHashMap(); + params = new HashMap<String, String>(); params.put("command", "authenticate"); params.put("userName", userName); sendMessageToApplication("localhost", "op", params); checkApplicationMessage("Please provide your email."); - params = Maps.newHashMap(); + params = new HashMap<String, String>(); params.put("command", "setAttribute"); String email = "jane_doe(a)op.com"; params.put("email", email); @@ -213,7 +212,7 @@ private void checkNrOfSessions(String serverName, String spOrIdp, int expectedNumber) { - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "getNrOfSessions"); sendMessageToApplication(serverName, spOrIdp, params); checkApplicationMessage(Integer.toString(expectedNumber)); @@ -221,14 +220,14 @@ private void samlSignOn(String spHostName, String idpEntityId, String userName) { - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "login"); params.put("idpEntityId", idpEntityId); sendMessageToApplication(spHostName, "sp", params); checkApplicationMessage("Please login"); - params = Maps.newHashMap(); + params = new HashMap<String, String>(); params.put("command", "authenticate"); params.put("userName", userName); sendMessageToApplication("www.idp.com", "idp", params); @@ -263,7 +262,7 @@ private void checkDialogueTermination(String serverName, String spOrIdp) { - Map<String, String> params = Maps.newHashMap(); + Map<String, String> params = new HashMap<String, String>(); params.put("command", "getNrOfDialogues"); sendMessageToApplication(serverName, spOrIdp, params); checkApplicationMessage("0"); Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -10,8 +10,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.ResponseHolder; - @WebServlet(name = "OpTestServlet", urlPatterns = { "/testservlet" }) public class OpTestServlet extends HttpServlet { @@ -20,23 +18,19 @@ @Inject private OpenIdProviderApplicationMock openIdProviderApplicationMock; - @Inject - private ResponseHolder responseHolder; - @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - responseHolder.setResponse(response); String command = request.getParameter("command"); if (command.equals("authenticate")) { String userName = request.getParameter("userName"); - openIdProviderApplicationMock.handleLogin(userName); + openIdProviderApplicationMock.handleLogin(userName, response); } else if (command.equals("setAttribute")) { String email = request.getParameter("email"); - openIdProviderApplicationMock.setAttribute("email", email); + openIdProviderApplicationMock.setAttribute("email", email, response); } else if (command.equals("getNrOfDialogues")) { Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -27,6 +27,7 @@ import javax.enterprise.context.ApplicationScoped; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.OpenIdProviderApi; import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; @@ -42,9 +43,6 @@ public class OpenIdProviderApplicationMock implements OpenIdProviderSpi { @Inject - private ResponseHolder responseHolder; - - @Inject private OpenIdProviderApi opApi; private String dialogueId; @@ -55,36 +53,36 @@ @Inject private DialogueManager dialogueManager; - public void handleLogin(String userName) + public void handleLogin(String userName, HttpServletResponse response) { dialogueManager.attachDialogue(dialogueId); - opApi.authenticationSucceeded(userName); + opApi.authenticationSucceeded(userName, response); dialogueManager.detachDialogue(); } - public void setAttribute(String alias, String value) + public void setAttribute(String alias, String value, HttpServletResponse response) { dialogueManager.attachDialogue(dialogueId); Map<String, List<String>> attributes = Maps.newHashMap(); attributes.put(alias, Lists.newArrayList(value)); - opApi.setAttributes(attributes); + opApi.setAttributes(attributes, response); dialogueManager.detachDialogue(); } - public void authenticate(String realm, String userName, boolean immediate) + public void authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder) { if (userName == null) { - writeMessageToResponse("Please login."); + writeMessageToResponse("Please login.", responseHolder); } else { - writeMessageToResponse("Please provide the password for " + userName + "."); + writeMessageToResponse("Please provide the password for " + userName + ".", responseHolder); } dialogueId = dialogue.getDialogueId(); } - private void writeMessageToResponse(String message) + private void writeMessageToResponse(String message, ResponseHolder responseHolder) { try { @@ -101,9 +99,9 @@ return true; } - public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes) + public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder) { - writeMessageToResponse("Please provide your " + requestedAttributes.get(0).getAlias() + "."); + writeMessageToResponse("Please provide your " + requestedAttributes.get(0).getAlias() + ".", responseHolder); dialogueId = dialogue.getDialogueId(); } } Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -24,6 +24,7 @@ import java.io.IOException; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; @@ -37,44 +38,41 @@ public class OpenIdRpApplicationMock implements OpenIdRelyingPartySpi { @Inject - private ResponseHolder responseHolder; - - @Inject private OpenIdRelyingPartyApi rpApi; @Dialogued - public void login(String identifier, boolean fetchEmail) + public void login(String identifier, boolean fetchEmail, HttpServletResponse response) { if (fetchEmail) { OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1); - rpApi.login(identifier, Lists.newArrayList(requestedAttribute)); + rpApi.login(identifier, Lists.newArrayList(requestedAttribute), response); } else { - rpApi.login(identifier, null); + rpApi.login(identifier, null, response); } } - public void loginFailed(String message) + public void loginFailed(String message, ResponseHolder responseHolder) { - writeMessageToResponse("Login failed: " + message); + writeMessageToResponse("Login failed: " + message, responseHolder); } - public void loginSucceeded(OpenIdPrincipal principal) + public void loginSucceeded(OpenIdPrincipal principal, ResponseHolder responseHolder) { if (principal.getAttributeValues() != null) { String email = (String) principal.getAttribute("email"); - writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ", email " + email + ")"); + writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ", email " + email + ")", responseHolder); } else { - writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ")"); + writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ")", responseHolder); } } - private void writeMessageToResponse(String message) + private void writeMessageToResponse(String message, ResponseHolder responseHolder) { try { Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -10,8 +10,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.ResponseHolder; - @WebServlet(name = "RpTestServlet", urlPatterns = { "/testservlet" }) public class RpTestServlet extends HttpServlet { @@ -20,19 +18,15 @@ @Inject private OpenIdRpApplicationMock openIdRpApplicationMock; - @Inject - private ResponseHolder responseHolder; - @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - responseHolder.setResponse(response); String command = request.getParameter("command"); if (command.equals("login")) { String identifier = request.getParameter("identifier"); boolean fetchEmail = Boolean.parseBoolean(request.getParameter("fetchEmail")); - openIdRpApplicationMock.login(identifier, fetchEmail); + openIdRpApplicationMock.login(identifier, fetchEmail, response); } else if (command.equals("getNrOfDialogues")) { Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -10,7 +10,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.externaltest.integration.MetaDataLoader; @WebServlet(name = "IdpTestServlet", urlPatterns = { "/testservlet" }) @@ -22,23 +21,19 @@ private SamlIdpApplicationMock samlIdpApplicationMock; @Inject - private ResponseHolder responseHolder; - - @Inject private MetaDataLoader metaDataLoader; @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - responseHolder.setResponse(response); String command = request.getParameter("command"); if (command.equals("authenticate")) { - samlIdpApplicationMock.handleLogin(request.getParameter("userName")); + samlIdpApplicationMock.handleLogin(request.getParameter("userName"), response); } else if (command.equals("singleLogout")) { - samlIdpApplicationMock.handleSingleLogout(); + samlIdpApplicationMock.handleSingleLogout(response); } else if (command.equals("getNrOfSessions")) { Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -26,6 +26,7 @@ import javax.enterprise.context.ApplicationScoped; import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.api.SamlMultiUserIdentityProviderApi; @@ -41,9 +42,6 @@ public class SamlIdpApplicationMock implements SamlIdentityProviderSpi { @Inject - private ResponseHolder responseHolder; - - @Inject private DialogueManager dialogueManager; @Inject @@ -57,7 +55,7 @@ @Inject private Logger log; - public void authenticate() + public void authenticate(ResponseHolder responseHolder) { dialogueId = dialogue.getDialogueId(); try @@ -70,11 +68,11 @@ } } - public void handleLogin(String userName) + public void handleLogin(String userName, HttpServletResponse response) { SamlIdpSession session = idpApi.get().localLogin(new SamlNameId(userName, null, null), null); dialogueManager.attachDialogue(dialogueId); - idpApi.get().authenticationSucceeded(session); + idpApi.get().authenticationSucceeded(session, response); dialogueManager.detachDialogue(); } @@ -83,7 +81,7 @@ return idpApi.get().getSessions().size(); } - public void singleLogoutFailed() + public void singleLogoutFailed(ResponseHolder responseHolder) { try { @@ -95,7 +93,7 @@ } } - public void singleLogoutSucceeded() + public void singleLogoutSucceeded(ResponseHolder responseHolder) { try { @@ -108,9 +106,9 @@ } @Dialogued - public void handleSingleLogout() + public void handleSingleLogout(HttpServletResponse response) { - idpApi.get().globalLogout(idpApi.get().getSessions().iterator().next()); + idpApi.get().globalLogout(idpApi.get().getSessions().iterator().next(), response); } public void loggedOut(SamlIdpSession session) Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -25,6 +25,7 @@ import javax.enterprise.inject.Instance; import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.external.api.SamlMultiUserServiceProviderApi; @@ -41,43 +42,40 @@ private Instance<SamlMultiUserServiceProviderApi> spApi; @Inject - private ResponseHolder responseHolder; - - @Inject private Logger log; @Dialogued - public void login(String idpEntityId) + public void login(String idpEntityId, HttpServletResponse response) { - spApi.get().login(idpEntityId); + spApi.get().login(idpEntityId, response); } - public void loginFailed() + public void loginFailed(ResponseHolder responseHolder) { - writeMessageToResponse("login failed"); + writeMessageToResponse("login failed", responseHolder); } - public void loginSucceeded(SamlSpSession session) + public void loginSucceeded(SamlSpSession session, ResponseHolder responseHolder) { - writeMessageToResponse("Login succeeded (" + session.getPrincipal().getNameId().getValue() + ")"); + writeMessageToResponse("Login succeeded (" + session.getPrincipal().getNameId().getValue() + ")", responseHolder); } - public void globalLogoutFailed(String statusCode) + public void globalLogoutFailed(String statusCode, ResponseHolder responseHolder) { - writeMessageToResponse("Single logout failed"); + writeMessageToResponse("Single logout failed", responseHolder); } - public void globalLogoutSucceeded() + public void globalLogoutSucceeded(ResponseHolder responseHolder) { - writeMessageToResponse("Single logout succeeded"); + writeMessageToResponse("Single logout succeeded", responseHolder); } - public void loggedIn(SamlSpSession session, String url) + public void loggedIn(SamlSpSession session, String url, ResponseHolder responseHolder) { - writeMessageToResponse("Logged in unsolicited"); + writeMessageToResponse("Logged in unsolicited", responseHolder); } - private void writeMessageToResponse(String message) + private void writeMessageToResponse(String message, ResponseHolder responseHolder) { try { @@ -95,10 +93,10 @@ } @Dialogued - public void handleGlobalLogout() + public void handleGlobalLogout(HttpServletResponse response) { SamlSpSession session = spApi.get().getSessions().iterator().next(); - spApi.get().globalLogout(session); + spApi.get().globalLogout(session, response); } public void loggedOut(SamlSpSession session) Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java =================================================================== --- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java 2010-09-21 10:28:15 UTC (rev 13770) +++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java 2010-09-21 12:35:01 UTC (rev 13771) @@ -10,7 +10,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.jboss.seam.security.external.api.ResponseHolder; import org.jboss.seam.security.externaltest.integration.MetaDataLoader; @WebServlet(name = "SpTestServlet", urlPatterns = { "/testservlet" }) @@ -24,22 +23,18 @@ @Inject private MetaDataLoader metaDataLoader; - @Inject - private ResponseHolder responseHolder; - @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - responseHolder.setResponse(response); String command = request.getParameter("command"); if (command.equals("login")) { String idpEntityId = request.getParameter("idpEntityId"); - samlSpApplicationMock.login(idpEntityId); + samlSpApplicationMock.login(idpEntityId, response); } else if (command.equals("singleLogout")) { - samlSpApplicationMock.handleGlobalLogout(); + samlSpApplicationMock.handleGlobalLogout(response); } else if (command.equals("getNrOfSessions")) {

14 years, 3 months

1
0
0 / 0

[pmuir/ticket-monster] 71974a: Merge remote branch 'upstream/master'

by noreply＠github.com

Branch: refs/heads/master Home: http://github.com/pmuir/ticket-monster Commit: 71974ab4ddf433bd4745cb49dcf648af3b93fce3 http://github.com/pmuir/ticket-monster/commit/71974ab4ddf433bd4745cb49dcf... Author: Shane Bryzak <shane.bryzak(a)jboss.com> Date: 2010-09-14 (Tue, 14 Sep 2010) Changed paths: M gwt-ui/pom.xml Log Message: ----------- Merge remote branch 'upstream/master' Commit: 0f7e449b8788b09bc4c8c701686c95e0ffd4515a http://github.com/pmuir/ticket-monster/commit/0f7e449b8788b09bc4c8c701686... Author: Shane Bryzak <shane.bryzak(a)jboss.com> Date: 2010-09-20 (Mon, 20 Sep 2010) Changed paths: M core/pom.xml A core/src/main/java/org/jboss/seam/example/ticketmonster/BookingManager.java A core/src/main/java/org/jboss/seam/example/ticketmonster/action/CacheConfig.java M core/src/main/java/org/jboss/seam/example/ticketmonster/action/EventDetail.java A core/src/main/java/org/jboss/seam/example/ticketmonster/dto/RowAllocation.java A core/src/main/java/org/jboss/seam/example/ticketmonster/qualifier/RowCache.java Log Message: ----------- started adding infinispan support for ticket bookings Commit: 944c968be22f22fdeaa11c02cd0696deadb0acf0 http://github.com/pmuir/ticket-monster/commit/944c968be22f22fdeaa11c02cd0... Author: Pete Muir <pmuir(a)bleepbleep.org.uk> Date: 2010-09-21 (Tue, 21 Sep 2010) Changed paths: M .gitignore Log Message: ----------- ignores Commit: bc455617db82fb842c7beab3de9ae2d7da0c2644 http://github.com/pmuir/ticket-monster/commit/bc455617db82fb842c7beab3de9... Author: Pete Muir <pmuir(a)bleepbleep.org.uk> Date: 2010-09-21 (Tue, 21 Sep 2010) Changed paths: M README.md Log Message: ----------- minor Commit: 61058085a708ae3b6dd862681ff86426a05029a9 http://github.com/pmuir/ticket-monster/commit/61058085a708ae3b6dd862681ff... Author: Pete Muir <pmuir(a)bleepbleep.org.uk> Date: 2010-09-21 (Tue, 21 Sep 2010) Changed paths: M core/src/main/java/org/jboss/seam/example/ticketmonster/action/CacheConfig.java Log Message: ----------- whitespace Commit: 22e723c86817a6a7b5c028fba074159f80ae8772 http://github.com/pmuir/ticket-monster/commit/22e723c86817a6a7b5c028fba07... Author: Pete Muir <pmuir(a)bleepbleep.org.uk> Date: 2010-09-21 (Tue, 21 Sep 2010) Changed paths: M jsf-ui/pom.xml M pom.xml Log Message: ----------- Don't deploy slf4j on eap

14 years, 3 months

1
0
0 / 0

Seam SVN: r13770 - modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence.

by seam-commits＠lists.jboss.org

Author: swd847 Date: 2010-09-21 06:28:15 -0400 (Tue, 21 Sep 2010) New Revision: 13770 Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java Log: minor Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java 2010-09-21 10:06:33 UTC (rev 13769) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java 2010-09-21 10:28:15 UTC (rev 13770) @@ -25,10 +25,8 @@ import java.lang.reflect.Type; import java.util.ArrayList; import java.util.Collections; -import java.util.HashMap; import java.util.HashSet; import java.util.List; -import java.util.Map; import java.util.Set; import javax.annotation.Resource; @@ -82,8 +80,6 @@ private static final Logger log = LoggerFactory.getLogger(ManagedPersistenceContextExtension.class); - private Map<String, Bean<EntityManagerFactory>> emfBeans = new HashMap<String, Bean<EntityManagerFactory>>(); - public void beforeBeanDiscovery(@Observes BeforeBeanDiscovery event) { ServiceLoader<SeamPersistenceProvider> providers = ServiceLoader.load(SeamPersistenceProvider.class); @@ -111,7 +107,7 @@ boolean bootstrapped = false; for (AnnotatedField<? super T> f : event.getAnnotatedType().getFields()) { - if (f.isAnnotationPresent(PersistenceUnit.class) && f.isAnnotationPresent(Produces.class) && EnvironmentUtils.isEEEnvironment()) + if (f.isAnnotationPresent(PersistenceUnit.class) && f.isAnnotationPresent(Produces.class) && !EnvironmentUtils.isEEEnvironment()) { bootstrapped = true; final String unitName = f.getAnnotation(PersistenceUnit.class).unitName();

14 years, 3 months

1
0
0 / 0

Seam SVN: r13769 - in modules/persistence/trunk/impl: src/main/java/org/jboss/seam/persistence and 2 other directories.

by seam-commits＠lists.jboss.org

Author: swd847 Date: 2010-09-21 06:06:33 -0400 (Tue, 21 Sep 2010) New Revision: 13769 Modified: modules/persistence/trunk/impl/pom.xml modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextBeanLifecycle.java modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextProxyHandler.java modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EjbSynchronizations.java modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EntityTransaction.java modules/persistence/trunk/impl/src/main/resources/META-INF/services/javax.enterprise.inject.spi.Extension Log: work on making seam-persistence work in SE environments Modified: modules/persistence/trunk/impl/pom.xml =================================================================== --- modules/persistence/trunk/impl/pom.xml 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/pom.xml 2010-09-21 10:06:33 UTC (rev 13769) @@ -116,6 +116,7 @@ <artifactId>hibernate-search</artifactId> <version>3.2.1.Final</version> <optional>true</optional> + <scope>provided</scope> </dependency> <dependency> Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextBeanLifecycle.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextBeanLifecycle.java 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextBeanLifecycle.java 2010-09-21 10:06:33 UTC (rev 13769) @@ -27,6 +27,7 @@ import java.lang.reflect.InvocationHandler; import java.lang.reflect.Proxy; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; import java.util.Set; @@ -111,9 +112,10 @@ entityManager = getPersistenceProvider(entityManager).proxyEntityManager(entityManager); ManagedPersistenceContextProxyHandler handler = new ManagedPersistenceContextProxyHandler(entityManager, manager, bean.getQualifiers(), getPersistenceContexts(), getPersistenceProvider(entityManager)); EntityManager proxy = (EntityManager) proxyConstructor.newInstance(handler); + arg0.push(proxy); getPersistenceProvider(entityManager).setFlushMode(proxy, getPersistenceContexts().getFlushMode()); manager.fireEvent(new SeamManagedPersistenceContextCreated(proxy), qualifiers); - + return proxy; } catch (Exception e) @@ -124,7 +126,7 @@ public void destroy(Bean<EntityManager> bean, EntityManager em, CreationalContext<EntityManager> arg1) { - ((ManagedPersistenceContext)em).closeAfterTransaction(); + ((ManagedPersistenceContext) em).closeAfterTransaction(); arg1.release(); try { @@ -177,7 +179,7 @@ Bean<EntityManagerFactory> bean = (Bean) manager.resolve(manager.getBeans(EntityManagerFactory.class, qualifiers)); if (bean == null) { - throw new RuntimeException("Could not find EntityManagerFactory bean with qualifiers" + qualifiers); + throw new RuntimeException("Could not find EntityManagerFactory bean with qualifiers" + Arrays.toString(qualifiers)); } CreationalContext<EntityManagerFactory> ctx = manager.createCreationalContext(bean); emf = (EntityManagerFactory) manager.getReference(bean, EntityManagerFactory.class, ctx); Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextExtension.java 2010-09-21 10:06:33 UTC (rev 13769) @@ -22,13 +22,19 @@ package org.jboss.seam.persistence; import java.lang.annotation.Annotation; +import java.lang.reflect.Type; import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; import java.util.HashSet; import java.util.List; +import java.util.Map; import java.util.Set; import javax.annotation.Resource; +import javax.enterprise.context.ApplicationScoped; import javax.enterprise.context.Dependent; +import javax.enterprise.context.spi.CreationalContext; import javax.enterprise.event.Observes; import javax.enterprise.inject.Alternative; import javax.enterprise.inject.Produces; @@ -36,17 +42,22 @@ import javax.enterprise.inject.spi.AnnotatedField; import javax.enterprise.inject.spi.AnnotatedMember; import javax.enterprise.inject.spi.AnnotatedMethod; +import javax.enterprise.inject.spi.AnnotatedType; import javax.enterprise.inject.spi.Bean; import javax.enterprise.inject.spi.BeanManager; import javax.enterprise.inject.spi.BeforeBeanDiscovery; import javax.enterprise.inject.spi.Extension; +import javax.enterprise.inject.spi.InjectionPoint; import javax.enterprise.inject.spi.ProcessAnnotatedType; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; import javax.persistence.PersistenceUnit; +import org.jboss.seam.persistence.util.EnvironmentUtils; import org.jboss.weld.extensions.annotated.AnnotatedTypeBuilder; import org.jboss.weld.extensions.bean.BeanBuilder; +import org.jboss.weld.extensions.bean.Beans; import org.jboss.weld.extensions.literal.AnyLiteral; import org.jboss.weld.extensions.literal.ApplicationScopedLiteral; import org.jboss.weld.extensions.literal.DefaultLiteral; @@ -71,6 +82,8 @@ private static final Logger log = LoggerFactory.getLogger(ManagedPersistenceContextExtension.class); + private Map<String, Bean<EntityManagerFactory>> emfBeans = new HashMap<String, Bean<EntityManagerFactory>>(); + public void beforeBeanDiscovery(@Observes BeforeBeanDiscovery event) { ServiceLoader<SeamPersistenceProvider> providers = ServiceLoader.load(SeamPersistenceProvider.class); @@ -88,12 +101,28 @@ * smpc bean is created and registered. Any scope declaration on the producer * are removed as this is not supported by the spec * + * For non-ee environments this extension also bootstraps @PersistenceUnit + * producer fields + * */ - public <T> void processAnnotatedType(@Observes ProcessAnnotatedType<T> event, BeanManager manager) + public <T> void processAnnotatedType(@Observes final ProcessAnnotatedType<T> event, BeanManager manager) { AnnotatedTypeBuilder<T> modifiedType = null; + boolean bootstrapped = false; for (AnnotatedField<? super T> f : event.getAnnotatedType().getFields()) { + if (f.isAnnotationPresent(PersistenceUnit.class) && f.isAnnotationPresent(Produces.class) && EnvironmentUtils.isEEEnvironment()) + { + bootstrapped = true; + final String unitName = f.getAnnotation(PersistenceUnit.class).unitName(); + final Set<Annotation> qualifiers = Beans.getQualifiers(manager, f.getAnnotations()); + if (qualifiers.isEmpty()) + { + qualifiers.add(DefaultLiteral.INSTANCE); + } + qualifiers.add(AnyLiteral.INSTANCE); + beans.add(createEMFBean(unitName, qualifiers, event.getAnnotatedType())); + } // look for a seam managed persistence unit declaration on EE resource // producer fields if (f.isAnnotationPresent(SeamManaged.class) && (f.isAnnotationPresent(PersistenceUnit.class) || f.isAnnotationPresent(Resource.class)) && f.isAnnotationPresent(Produces.class) && EntityManagerFactory.class.isAssignableFrom(f.getJavaMember().getType())) @@ -127,6 +156,10 @@ { modifiedType.removeFromField(f.getJavaMember(), scope); } + if (bootstrapped) + { + modifiedType.removeFromField(f.getJavaMember(), Produces.class); + } registerManagedPersistenceContext(qualifiers, scope, f.isAnnotationPresent(Alternative.class), manager, event.getAnnotatedType().getJavaClass().getClassLoader(), f); log.info("Configuring Seam Managed Persistence Context from producer field " + f.getDeclaringType().getJavaClass().getName() + "." + f.getJavaMember().getName() + " with qualifiers " + qualifiers); } @@ -179,6 +212,72 @@ } } + private Bean<?> createEMFBean(final String unitName, final Set<Annotation> qualifiers, final AnnotatedType<?> type) + { + return new Bean<EntityManagerFactory>() + { + public Set<Type> getTypes() + { + Set<Type> types = new HashSet<Type>(); + types.add(Object.class); + types.add(EntityManagerFactory.class); + return types; + } + + public Class<? extends Annotation> getScope() + { + return ApplicationScoped.class; + } + + public EntityManagerFactory create(CreationalContext<EntityManagerFactory> ctx) + { + return Persistence.createEntityManagerFactory(unitName); + } + + public void destroy(EntityManagerFactory emf, CreationalContext<EntityManagerFactory> ctx) + { + emf.close(); + ctx.release(); + } + + public Class<?> getBeanClass() + { + return type.getJavaClass(); + } + + public Set<InjectionPoint> getInjectionPoints() + { + return Collections.emptySet(); + } + + public String getName() + { + return null; + } + + public Set<Annotation> getQualifiers() + { + return qualifiers; + } + + public Set<Class<? extends Annotation>> getStereotypes() + { + return Collections.emptySet(); + + } + + public boolean isAlternative() + { + return false; + } + + public boolean isNullable() + { + return false; + } + }; + } + private void registerManagedPersistenceContext(Set<Annotation> qualifiers, Class<? extends Annotation> scope, boolean alternative, BeanManager manager, ClassLoader loader, AnnotatedMember<?> member) { // we need to add all additional interfaces from our @@ -214,6 +313,6 @@ { event.addBean(i); } + } - } Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextProxyHandler.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextProxyHandler.java 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/ManagedPersistenceContextProxyHandler.java 2010-09-21 10:06:33 UTC (rev 13769) @@ -84,11 +84,6 @@ public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { - if (!synchronizationRegistered) - { - joinTransaction(); - } - touch((ManagedPersistenceContext) proxy); if ("changeFlushMode".equals(method.getName()) && method.getParameterTypes().length == 1 && method.getParameterTypes()[0].equals(FlushModeType.class)) { changeFushMode((FlushModeType) args[0]); @@ -111,11 +106,25 @@ closeAfterTransaction(); return null; } + // we do not join the transaction for setFlushMode calls, as this may + // result in an infinite loop, as this is called during SMPC + // initialisation + if (!"setFlushMode".equals(method.getName())) + { + if (!synchronizationRegistered) + { + joinTransaction(); + } + } + + touch((ManagedPersistenceContext) proxy); + return super.invoke(proxy, method, args); } private void joinTransaction() throws SystemException { + synchronizationRegistered = true; SeamTransaction transaction = userTransactionInstance.get(); if (transaction.isActive()) { @@ -123,13 +132,13 @@ try { transaction.registerSynchronization(this); - synchronizationRegistered = true; } catch (Exception e) { // synchronizationRegistered = // PersistenceProvider.instance().registerSynchronization(this, // entityManager); + synchronizationRegistered = false; throw new RuntimeException(e); } } Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EjbSynchronizations.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EjbSynchronizations.java 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EjbSynchronizations.java 2010-09-21 10:06:33 UTC (rev 13769) @@ -35,6 +35,7 @@ import javax.inject.Inject; import javax.transaction.Synchronization; +import org.jboss.weld.extensions.defaultbean.DefaultBean; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -50,6 +51,7 @@ @Stateful @RequestScoped @TransactionAttribute(TransactionAttributeType.SUPPORTS) +@DefaultBean(type = Synchronizations.class) public class EjbSynchronizations implements LocalEjbSynchronizations, SessionSynchronization { private static final Logger log = LoggerFactory.getLogger(EjbSynchronizations.class); Modified: modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EntityTransaction.java =================================================================== --- modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EntityTransaction.java 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/java/org/jboss/seam/persistence/transaction/EntityTransaction.java 2010-09-21 10:06:33 UTC (rev 13769) @@ -138,12 +138,12 @@ public int getStatus() throws SystemException { - if (getDelegate().getRollbackOnly()) + if (getDelegate().isActive()) { - return Status.STATUS_MARKED_ROLLBACK; - } - else if (getDelegate().isActive()) - { + if (getDelegate().getRollbackOnly()) + { + return Status.STATUS_MARKED_ROLLBACK; + } return Status.STATUS_ACTIVE; } else Modified: modules/persistence/trunk/impl/src/main/resources/META-INF/services/javax.enterprise.inject.spi.Extension =================================================================== --- modules/persistence/trunk/impl/src/main/resources/META-INF/services/javax.enterprise.inject.spi.Extension 2010-09-20 11:29:33 UTC (rev 13768) +++ modules/persistence/trunk/impl/src/main/resources/META-INF/services/javax.enterprise.inject.spi.Extension 2010-09-21 10:06:33 UTC (rev 13769) @@ -1,4 +1,3 @@ -org.jboss.seam.persistence.SePersistenceContextExtension org.jboss.seam.persistence.transaction.TransactionExtension org.jboss.seam.persistence.transaction.scope.TransactionScopeExtension org.jboss.seam.persistence.ManagedPersistenceContextExtension \ No newline at end of file

14 years, 3 months

1
0
0 / 0

Seam SVN: r13768 - branches/enterprise/JBPAPP_5_0/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium.

by seam-commits＠lists.jboss.org

Author: mgencur(a)redhat.com Date: 2010-09-20 07:29:33 -0400 (Mon, 20 Sep 2010) New Revision: 13768 Modified: branches/enterprise/JBPAPP_5_0/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java Log: JBPAPP-5103 Modified: branches/enterprise/JBPAPP_5_0/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java =================================================================== --- branches/enterprise/JBPAPP_5_0/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java 2010-09-20 10:18:31 UTC (rev 13767) +++ branches/enterprise/JBPAPP_5_0/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java 2010-09-20 11:29:33 UTC (rev 13768) @@ -24,6 +24,11 @@ import static org.testng.AssertJUnit.assertEquals; import static org.testng.AssertJUnit.assertTrue; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.URL; + import org.jboss.seam.example.common.test.selenium.SeamSeleniumTest; import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; @@ -45,6 +50,7 @@ public static final String CACHE_LINK = "xpath=//a[contains(@href,\"cache\")]"; public static final String VALIDATE_EQUALITY_LINK = "xpath=//a[contains(@href,\"equalityValidator\")]"; public static final String VALIDATE_EQUALITY2_LINK = "xpath=//a[contains(@href,\"equalityValidatorWConvert\")]"; + public static final String RESOURCE_DOWNLOAD_LINK = "xpath=//a[contains(@href,\"resource\")]"; @BeforeMethod @Override @@ -62,7 +68,7 @@ { assertEquals("Unexpected page title.", HOME_PAGE_TITLE, browser.getTitle()); } - + @Test(dependsOnMethods={"homePageLoadTest"}) public void selectItemsTest(){ String title = "Mr."; @@ -93,20 +99,17 @@ assertTrue("Page should contain \"Successfully updated\"", browser.isTextPresent("Successfully updated")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void fragmentTest(){ browser.clickAndWait(FRAGMENT_LINK); assertTrue("Page should contain \"fragment is rendered\"", browser.isTextPresent("This fragment is rendered whilst")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void formattedTextTest(){ browser.clickAndWait(FOTMATTED_TEXT_LINK); assertTrue("Page should contain information about Pete Muir working all the time on Seam", browser.isTextPresent("works on Seam, of course")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void buttonAndLinkTest(){ @@ -129,14 +132,12 @@ assertTrue("Page should contain \"Foo = bar\"", browser.isTextPresent("Foo = bar")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void cacheTest(){ browser.clickAndWait(CACHE_LINK); assertTrue("Page should contain some cached text", browser.isTextPresent("Some cached text")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void validateEqualityTest(){ String name1 = "martin"; @@ -187,11 +188,33 @@ //assertTrue("Page should contain information about Pete Muir working all the time on Seam", browser.isTextPresent("works on Seam, of course")); } - /** - * Resource download cannot be tested automatically because downloading a file needs user interaction - * with a window form - * @Test(dependsOnMethods={"homePageLoadTest"}) - public void resourceDownloadTest(){ - }*/ + public void resourceDownloadTest(){ + String textToFind1 = "abc"; + String textToFind2 = "123"; + browser.clickAndWait(RESOURCE_DOWNLOAD_LINK); + + assertTrue( "File download failed: Restful with s:download \"Text\"", isDownloadWorking("/seam-ui/resources.seam?id=1", textToFind1)); + assertTrue( "File download failed: Restful with s:download \"Numbers\"", isDownloadWorking("/seam-ui/resources.seam?id=2", textToFind2)); + } + + private boolean isDownloadWorking(String pathToFile, String textToFind) + { + try + { + URL downloadUrl = new URL("http://localhost:8080" + pathToFile); + BufferedReader r = new BufferedReader(new InputStreamReader(downloadUrl.openStream())); + String str; + StringBuffer sb = new StringBuffer(); + while ((str = r.readLine()) != null) + { + sb.append(str); + } + return sb.toString().contains(textToFind); + } + catch (IOException e) + { + return false; + } + } }

14 years, 3 months

1
0
0 / 0

Seam SVN: r13767 - branches/community/Seam_2_2/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium.

by seam-commits＠lists.jboss.org

Author: mgencur(a)redhat.com Date: 2010-09-20 06:18:31 -0400 (Mon, 20 Sep 2010) New Revision: 13767 Modified: branches/community/Seam_2_2/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java Log: JBSEAM-4709, func test for resource download link Modified: branches/community/Seam_2_2/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java =================================================================== --- branches/community/Seam_2_2/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java 2010-09-18 11:15:45 UTC (rev 13766) +++ branches/community/Seam_2_2/src/test/ftest/examples/ui/src/org/jboss/seam/example/ui/test/selenium/SeleniumUITest.java 2010-09-20 10:18:31 UTC (rev 13767) @@ -24,6 +24,11 @@ import static org.testng.AssertJUnit.assertEquals; import static org.testng.AssertJUnit.assertTrue; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.URL; + import org.jboss.seam.example.common.test.selenium.SeamSeleniumTest; import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; @@ -45,6 +50,7 @@ public static final String CACHE_LINK = "xpath=//a[contains(@href,\"cache\")]"; public static final String VALIDATE_EQUALITY_LINK = "xpath=//a[contains(@href,\"equalityValidator\")]"; public static final String VALIDATE_EQUALITY2_LINK = "xpath=//a[contains(@href,\"equalityValidatorWConvert\")]"; + public static final String RESOURCE_DOWNLOAD_LINK = "xpath=//a[contains(@href,\"resource\")]"; @BeforeMethod @Override @@ -62,7 +68,7 @@ { assertEquals("Unexpected page title.", HOME_PAGE_TITLE, browser.getTitle()); } - + @Test(dependsOnMethods={"homePageLoadTest"}) public void selectItemsTest(){ String title = "Mr."; @@ -93,20 +99,17 @@ assertTrue("Page should contain \"Successfully updated\"", browser.isTextPresent("Successfully updated")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void fragmentTest(){ browser.clickAndWait(FRAGMENT_LINK); assertTrue("Page should contain \"fragment is rendered\"", browser.isTextPresent("This fragment is rendered whilst")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void formattedTextTest(){ browser.clickAndWait(FOTMATTED_TEXT_LINK); assertTrue("Page should contain information about Pete Muir working all the time on Seam", browser.isTextPresent("works on Seam, of course")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void buttonAndLinkTest(){ @@ -129,14 +132,12 @@ assertTrue("Page should contain \"Foo = bar\"", browser.isTextPresent("Foo = bar")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void cacheTest(){ browser.clickAndWait(CACHE_LINK); assertTrue("Page should contain some cached text", browser.isTextPresent("Some cached text")); } - @Test(dependsOnMethods={"homePageLoadTest"}) public void validateEqualityTest(){ String name1 = "martin"; @@ -187,11 +188,33 @@ //assertTrue("Page should contain information about Pete Muir working all the time on Seam", browser.isTextPresent("works on Seam, of course")); } - /** - * Resource download cannot be tested automatically because downloading a file needs user interaction - * with a window form - * @Test(dependsOnMethods={"homePageLoadTest"}) - public void resourceDownloadTest(){ - }*/ + public void resourceDownloadTest(){ + String textToFind1 = "abc"; + String textToFind2 = "123"; + browser.clickAndWait(RESOURCE_DOWNLOAD_LINK); + + assertTrue( "File download failed: Restful with s:download \"Text\"", isDownloadWorking("/seam-ui/resources.seam?id=1", textToFind1)); + assertTrue( "File download failed: Restful with s:download \"Numbers\"", isDownloadWorking("/seam-ui/resources.seam?id=2", textToFind2)); + } + + private boolean isDownloadWorking(String pathToFile, String textToFind) + { + try + { + URL downloadUrl = new URL("http://localhost:8080" + pathToFile); + BufferedReader r = new BufferedReader(new InputStreamReader(downloadUrl.openStream())); + String str; + StringBuffer sb = new StringBuffer(); + while ((str = r.readLine()) != null) + { + sb.append(str); + } + return sb.toString().contains(textToFind); + } + catch (IOException e) + { + return false; + } + } }

14 years, 3 months

1
0
0 / 0

Seam SVN: r13766 - in modules/security/trunk/examples: openid-op and 23 other directories.

by seam-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2010-09-18 07:15:45 -0400 (Sat, 18 Sep 2010) New Revision: 13766 Added: modules/security/trunk/examples/openid-op/ modules/security/trunk/examples/openid-op/pom.xml modules/security/trunk/examples/openid-op/readme.txt modules/security/trunk/examples/openid-op/src/ modules/security/trunk/examples/openid-op/src/main/ modules/security/trunk/examples/openid-op/src/main/java/ modules/security/trunk/examples/openid-op/src/main/java/org/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java modules/security/trunk/examples/openid-op/src/main/resources/ modules/security/trunk/examples/openid-op/src/main/resources/META-INF/ modules/security/trunk/examples/openid-op/src/main/webapp/ modules/security/trunk/examples/openid-op/src/main/webapp/Attributes.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/AuthenticationFailed.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/Configuration.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/Index.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/Login.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/META-INF/ modules/security/trunk/examples/openid-op/src/main/webapp/META-INF/MANIFEST.MF modules/security/trunk/examples/openid-op/src/main/webapp/Menu.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/PageTemplate.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/SessionManagement.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/UserInfo.xhtml modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/beans.xml modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/context.xml modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/faces-config.xml modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/lib/ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/web.xml modules/security/trunk/examples/openid-op/src/main/webapp/index.jsp modules/security/trunk/examples/openid-op/src/main/webapp/styles.css modules/security/trunk/examples/openid-op/src/test/ modules/security/trunk/examples/openid-op/src/test/java/ modules/security/trunk/examples/openid-op/src/test/java/org/ modules/security/trunk/examples/openid-op/src/test/java/org/jboss/ modules/security/trunk/examples/openid-op/src/test/java/org/jboss/seam/ modules/security/trunk/examples/openid-op/src/test/java/org/jboss/seam/security/ modules/security/trunk/examples/openid-op/src/test/resources/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Login.java Removed: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java Modified: modules/security/trunk/examples/openid-rp/readme.txt modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml Log: - Added OpenID Provider example. - Change in OpenID Relying Party example: added support for logging in with a user-supplied OpenID. - Minor changes in Saml IDP example. Property changes on: modules/security/trunk/examples/openid-op ___________________________________________________________________ Name: svn:ignore + .settings .classpath .project target Added: modules/security/trunk/examples/openid-op/pom.xml =================================================================== --- modules/security/trunk/examples/openid-op/pom.xml (rev 0) +++ modules/security/trunk/examples/openid-op/pom.xml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,107 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.seam.security</groupId> + <artifactId>openid-op</artifactId> + <packaging>war</packaging> + <name>OpenID Relying Party</name> + + <parent> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-parent</artifactId> + <version>3.0.0-SNAPSHOT</version> + <relativePath>../../pom.xml</relativePath> + </parent> + + <properties> + <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> + <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> + <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version> + </properties> + + <build> + <finalName>openid-rp</finalName> + </build> + + <dependencies> + + <dependency> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-external</artifactId> + <version>${project.version}</version> + <exclusions> + <exclusion> + <artifactId>validation-api</artifactId> + <groupId>javax.validation</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.jboss.weld</groupId> + <artifactId>weld-extensions</artifactId> + <version>${weld.extensions.version}</version> + </dependency> + + <dependency> + <groupId>org.jboss.seam.servlet</groupId> + <artifactId>seam-servlet</artifactId> + <version>3.0.0-SNAPSHOT</version> + </dependency> + + <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces-api</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.international</groupId> + <artifactId>seam-international-api</artifactId> + </dependency> + + <dependency> + <groupId>org.jboss.seam.international</groupId> + <artifactId>seam-international</artifactId> + </dependency> + + <dependency> + <groupId>javax.enterprise</groupId> + <artifactId>cdi-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> +  + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <scope>provided</scope> + </dependency> + +  + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> +  + <groupId>org.jboss.spec.javax.servlet</groupId> + <artifactId>jboss-servlet-api_3.0_spec</artifactId> + <scope>provided</scope> + </dependency> + + </dependencies> + +</project> Added: modules/security/trunk/examples/openid-op/readme.txt =================================================================== --- modules/security/trunk/examples/openid-op/readme.txt (rev 0) +++ modules/security/trunk/examples/openid-op/readme.txt 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,44 @@ +OPENID-RP EXAMPLE + + +What is it? +=========== + +This demo web application shows how to turn your application into an OpenID +provider (OP). It makes use of the OpenID submodule of Seam Security. + + +How to deploy it? +================= + +The application is packaged as a war file and should run in any JEE6 +environment. It has been tested on JBoss AS 6. Before deploying the application, +you need to map this host name to the localhost: + +www.openid-op.com + +On Unix based systems, you do this by putting the following lines in +'/etc/hosts': + +127.0.0.1 www.openid-op.com + + +Some background info +==================== + +The Identity Provider is preconfigured to run at port 8080 and to use the http +protocol for communicating with Relying Parties (RPs). These settings are ok +for a test setup, but please be aware that in production, you'd use http on +port 443. In the test application these settings are done programmatically +(by the OpenIdProviderCustomizer). + + +How to use the application +========================== + +Start the application and fetch this URL in your browser: + +http://www.openid-op.com:8080/openid-op + +There you can login and logout locally. If you also install the example OpenID +relying party, you can experience delegated and single logon. \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,51 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; + +public class AttributeVO +{ + private OpenIdRequestedAttribute requestedAttribute; + + private String attributeValue; + + public OpenIdRequestedAttribute getRequestedAttribute() + { + return requestedAttribute; + } + + public void setRequestedAttribute(OpenIdRequestedAttribute requestedAttribute) + { + this.requestedAttribute = requestedAttribute; + } + + public String getAttributeValue() + { + return attributeValue; + } + + public void setAttributeValue(String attributeValue) + { + this.attributeValue = attributeValue; + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/AttributeVO.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,78 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import java.io.Serializable; +import java.util.Arrays; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.OpenIdProviderApi; +import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.dialogues.api.DialogueScoped; + +@Model +@DialogueScoped +public class Attributes implements Serializable +{ + private static final long serialVersionUID = -6945192710223411921L; + + private List<AttributeVO> attributeVOs; + + @Inject + private OpenIdProviderApi providerApi; + + public void setRequestedAttributes(List<OpenIdRequestedAttribute> requestedAttributes) + { + attributeVOs = new LinkedList<AttributeVO>(); + + for (OpenIdRequestedAttribute requestedAttribute : requestedAttributes) + { + AttributeVO attributeVO = new AttributeVO(); + attributeVO.setRequestedAttribute(requestedAttribute); + attributeVOs.add(attributeVO); + } + } + + public List<AttributeVO> getAttributeVOs() + { + return attributeVOs; + } + + public void confirm() + { + Map<String, List<String>> attributeValues = new HashMap<String, List<String>>(); + for (AttributeVO attributeVO : attributeVOs) + { + if (attributeVO.getAttributeValue() != null) + { + attributeValues.put(attributeVO.getRequestedAttribute().getAlias(), Arrays.asList(attributeVO.getAttributeValue())); + } + } + providerApi.setAttributes(attributeValues); + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Attributes.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,44 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; + +@Model +public class Configuration +{ + @Inject + private OpenIdRelyingPartyConfigurationApi confApi; + + public String getRealm() + { + return confApi.getRealm(); + } + + public String getXrdsURL() + { + return confApi.getXrdsURL(); + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Configuration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,87 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import javax.faces.application.ViewHandler; +import javax.faces.application.ViewHandlerWrapper; +import javax.faces.context.FacesContext; +import javax.servlet.ServletContext; + +import org.jboss.seam.security.external.DialogueFilter; +import org.jboss.seam.security.external.dialogues.DialogueBeanProvider; +import org.jboss.seam.security.external.dialogues.api.Dialogue; + +/** + * @author Marcel Kolsteren + * + */ +public class DialogueAwareViewHandler extends ViewHandlerWrapper +{ + private static final String QUERY_STRING_DELIMITER = "?"; + private static final String PARAMETER_PAIR_DELIMITER = "&"; + private static final String PARAMETER_ASSIGNMENT_OPERATOR = "="; + + private ViewHandler delegate; + + public DialogueAwareViewHandler(ViewHandler delegate) + { + this.delegate = delegate; + } + + @Override + public String getActionURL(FacesContext facesContext, String viewId) + { + String actionUrl = super.getActionURL(facesContext, viewId); + ServletContext servletContext = (ServletContext) facesContext.getExternalContext().getContext(); + if (DialogueBeanProvider.dialogueManager(servletContext).isAttached()) + { + Dialogue dialogue = DialogueBeanProvider.dialogue(servletContext); + return appendDialogueIdIfNecessary(actionUrl, facesContext, dialogue.getDialogueId()); + } + else + { + return actionUrl; + } + } + + public String appendDialogueIdIfNecessary(String url, FacesContext facesContext, String cid) + { + String paramName = DialogueFilter.DIALOGUE_ID_PARAM; + int queryStringIndex = url.indexOf(QUERY_STRING_DELIMITER); + if (queryStringIndex < 0 || url.indexOf(paramName + PARAMETER_ASSIGNMENT_OPERATOR, queryStringIndex) < 0) + { + url = new StringBuilder(url).append(queryStringIndex < 0 ? QUERY_STRING_DELIMITER : PARAMETER_PAIR_DELIMITER).append(paramName).append(PARAMETER_ASSIGNMENT_OPERATOR).append(cid).toString(); + } + return url; + + } + + /** + * @see {@link ViewHandlerWrapper#getWrapped()} + */ + @Override + public ViewHandler getWrapped() + { + return delegate; + } + +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialogueAwareViewHandler.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,53 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import javax.enterprise.event.Observes; +import javax.faces.event.PhaseEvent; +import javax.inject.Inject; + +import org.jboss.seam.faces.event.qualifier.Before; +import org.jboss.seam.faces.event.qualifier.RestoreView; +import org.jboss.seam.security.external.dialogues.DialogueManager; +import org.jboss.seam.servlet.http.HttpParam; + +public class DialoguePhaseListener +{ + private static final long serialVersionUID = -3608798865478624561L; + + public final static String DIALOGUE_ID_PARAM = "dialogueId"; + + @Inject + private DialogueManager manager; + + @Inject + @HttpParam("dialogueId") + private String dialogueId; + + public void beforeRestoreView(@Observes @Before @RestoreView PhaseEvent phaseEvent) + { + if (dialogueId != null && !manager.isAttached()) + { + manager.attachDialogue(dialogueId); + } + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/DialoguePhaseListener.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,92 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import java.io.Serializable; + +import javax.enterprise.context.SessionScoped; +import javax.faces.application.FacesMessage; +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.inject.Named; + +import org.jboss.seam.security.external.api.OpenIdProviderApi; + +@SessionScoped +@Named +public class Identity implements Serializable +{ + private static final long serialVersionUID = -7096110154986991513L; + + private String userName; + + @Inject + private OpenIdProviderApi providerApi; + + public void localLogin(String userName) + { + this.userName = userName; + } + + public void logout() + { + if (isLoggedIn()) + { + userName = null; + redirectToViewId("/Index.xhtml"); + } + else + { + FacesMessage facesMessage = new FacesMessage("Not logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public boolean isLoggedIn() + { + return userName != null; + } + + public String getUserName() + { + return userName; + } + + public String getOpLocalIdentifier() + { + return providerApi.getOpLocalIdentifierForUserName(userName); + } + + public void redirectToLoginIfNotLoggedIn() + { + if (!isLoggedIn()) + { + redirectToViewId("/Login.xhtml"); + } + } + + private void redirectToViewId(String viewId) + { + FacesContext facesContext = FacesContext.getCurrentInstance(); + FacesContext.getCurrentInstance().getApplication().getNavigationHandler().handleNavigation(facesContext, null, viewId + "?faces-redirect=true"); + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Identity.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,109 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.OpenIdProviderApi; +import org.jboss.seam.security.external.dialogues.DialogueManager; + +@Model +public class Login +{ + @Inject + private OpenIdProviderApi opApi; + + private String userNameReceivedFromRp; + + private String realm; + + private String userName; + + @Inject + private DialogueManager dialogueManager; + + @Inject + private Identity identity; + + public String getUserName() + { + return userName; + } + + public void setUserName(String userName) + { + this.userName = userName; + } + + public String getUserNameReceivedFromRp() + { + return userNameReceivedFromRp; + } + + public void setUserNameReceivedFromRp(String userNameReceivedFromRp) + { + this.userNameReceivedFromRp = userNameReceivedFromRp; + } + + public String getRealm() + { + return realm; + } + + public void setRealm(String realm) + { + this.realm = realm; + } + + public boolean isDialogueActive() + { + return dialogueManager.isAttached(); + } + + public String login() + { + String userName = userNameReceivedFromRp != null ? userNameReceivedFromRp : this.userName; + identity.localLogin(userName); + if (dialogueManager.isAttached()) + { + opApi.authenticationSucceeded(userName); + return null; + } + else + { + return "LOCAL_LOGIN"; + } + } + + public void cancel() + { + if (dialogueManager.isAttached()) + { + opApi.authenticationFailed(); + } + else + { + throw new IllegalStateException("cancel method can only be called during an OpenID login"); + } + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/Login.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,39 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import javax.enterprise.event.Observes; +import javax.servlet.ServletContextEvent; + +import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi; +import org.jboss.seam.servlet.event.qualifier.Initialized; + +public class OpenIdProviderCustomizer +{ + public void servletInitialized(@Observes @Initialized final ServletContextEvent e, OpenIdProviderConfigurationApi op) + { + op.setHostName("www.openid-op.com"); + op.setPort(8080); + op.setProtocol("http"); + } + +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderCustomizer.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,101 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.openid; + +import java.io.IOException; +import java.net.URLEncoder; +import java.util.List; + +import javax.inject.Inject; +import javax.servlet.ServletContext; + +import org.jboss.seam.security.external.api.OpenIdProviderApi; +import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.spi.OpenIdProviderSpi; + +public class OpenIdProviderSpiImpl implements OpenIdProviderSpi +{ + @Inject + private ResponseHolder responseHolder; + + @Inject + private ServletContext servletContext; + + @Inject + private Identity identity; + + @Inject + private OpenIdProviderApi opApi; + + @Inject + private Dialogue dialogue; + + @Inject + private Attributes attributes; + + public void authenticate(String realm, String userName, boolean immediate) + { + if (identity.isLoggedIn() && userName != null && !userName.equals(identity.getUserName())) + { + opApi.authenticationFailed(); + } + else + { + try + { + StringBuilder url = new StringBuilder(); + url.append(servletContext.getContextPath()); + url.append("/Login.jsf?dialogueId=").append((dialogue.getDialogueId())); + url.append("&realm=").append(URLEncoder.encode(realm, "UTF-8")); + if (userName != null) + { + url.append("&userName=").append(URLEncoder.encode(userName, "UTF-8")); + } + responseHolder.getResponse().sendRedirect(url.toString()); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + } + + public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes) + { + attributes.setRequestedAttributes(requestedAttributes); + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Attributes.jsf?dialogueId=" + dialogue.getDialogueId()); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public boolean userExists(String userName) + { + return true; + } +} Property changes on: modules/security/trunk/examples/openid-op/src/main/java/org/jboss/seam/security/examples/openid/OpenIdProviderSpiImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-op/src/main/webapp/Attributes.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/Attributes.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/Attributes.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,40 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>Attributes</h1> + + <h:form> + <h:dataTable value="#{attributes.attributeVOs}" var="attributeVO"> + <h:column> + <f:facet name="header"> + <h:outputText value="Alias" /> + </f:facet> + <h:outputText value="#{attributeVO.requestedAttribute.alias}" /> + </h:column> + <h:column> + <f:facet name="header"> + <h:outputText value="Required" /> + </f:facet> + <h:selectBooleanCheckbox + value="#{attributeVO.requestedAttribute.required}" disabled="true" /> + </h:column> + <h:column> + <f:facet name="header"> + <h:outputText value="Value" /> + </f:facet> + <h:inputText value="#{attributeVO.attributeValue}" /> + </h:column> + </h:dataTable> + <h:commandButton value="OK" action="#{attributes.confirm}" /> + </h:form> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/AuthenticationFailed.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/AuthenticationFailed.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/AuthenticationFailed.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,10 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + +<body> +<h1>Authentication failed.</h1> +</body> + +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/Configuration.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/Configuration.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/Configuration.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,13 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + <h1>Configuration</h1> + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="XRDS URL" /> + <h:outputText value="#{configuration.xrdsURL}" /> + </h:panelGrid> + + </ui:composition> +</f:view> Added: modules/security/trunk/examples/openid-op/src/main/webapp/Index.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/Index.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/Index.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,7 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/Login.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/Login.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,37 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:viewParam name="realm" value="#{login.realm}" /> + <f:viewParam name="userName" value="#{login.userNameReceivedFromRp}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + <h:messages /> + <c:choose> + <c:when test="#{login.dialogueActive}"> + <h1>Login at #{login.realm}</h1> + </c:when> + <c:otherwise> + <h1>Login</h1> + </c:otherwise> + </c:choose> + <h:form> + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="User name" /> + <c:choose> + <c:when test="#{login.userNameReceivedFromRp == null}"> + <h:inputText value="#{login.userName}" /> + </c:when> + <c:otherwise> + <h:outputText value="#{login.userNameReceivedFromRp}" /> + </c:otherwise> + </c:choose> + </h:panelGrid> + <p><h:commandButton action="#{login.login}" value="Login" /> <h:commandButton + action="#{login.cancel}" value="Cancel" + rendered="#{login.dialogueActive}" /></p> + </h:form> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/META-INF/MANIFEST.MF =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/META-INF/MANIFEST.MF (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/META-INF/MANIFEST.MF 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + Added: modules/security/trunk/examples/openid-op/src/main/webapp/Menu.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/Menu.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/Menu.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,17 @@ +<ui:composition xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + + <h:form> + <h:commandLink value="Login" action="/Login.xhtml" + disabled="#{identity.loggedIn}" /> | + <h:commandLink value="Configuration" action="/Configuration.xhtml" /> | + <h:commandLink value="Session Management" + action="/SessionManagement.xhtml" disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Logout" action="#{identity.logout}" + disabled="#{!identity.loggedIn}" /> + </h:form> + +</ui:composition> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/PageTemplate.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/PageTemplate.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/PageTemplate.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,26 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core" + xmlns:ui="http://java.sun.com/jsf/facelets"> + +<h:body> + <h:panelGroup layout="block" styleClass="page"> + + <h:head> + <link type="text/css" rel="stylesheet" href="styles.css" /> + </h:head> + + <h:panelGroup layout="block" styleClass="menu"> + <ui:include src="/Menu.xhtml" /> + </h:panelGroup> + + <h:messages /> + + <h:panelGroup layout="block" styleClass="content"> + <ui:insert /> + </h:panelGroup> + + </h:panelGroup> +</h:body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/SessionManagement.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/SessionManagement.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/SessionManagement.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>Session Info</h1> + + <h2>Logged in user</h2> + + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="User name" /> + <h:outputText value="#{identity.userName}" /> + <h:outputText value="User's OpenID" /> + <h:outputText value="#{identity.opLocalIdentifier}" /> + </h:panelGrid> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/UserInfo.xhtml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/UserInfo.xhtml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/UserInfo.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>User info</h1> + + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="Verified User Identifier" /> + <h:outputText value="#{identity.openIdPrincipal.identifier}" /> + <h:outputText value="OpenID Provider" /> + <h:outputText value="#{identity.openIdPrincipal.openIdProvider}" /> + <h:outputText value="Email" /> + <h:outputText value="#{identity.openIdPrincipal.attributes.email}" /> + </h:panelGrid> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PROCESS model-entity="JSFProcess"> + <PROCESS-ITEM NAME="rules:#Login.xhtml" PATH="/Login.xhtml" + SHAPE="32,17,0,0" model-entity="JSFProcessGroup"> + <PROCESS-ITEM ID="rules:#Login.xhtml:0" NAME="item" + PATH="/Login.xhtml" model-entity="JSFProcessItem"> + <PROCESS-ITEM-OUTPUT + ID="LOCAL_LOGIN:#{login.login}:#SessionManagement.xhtml" + NAME="output" PATH="/SessionManagement.xhtml" + TARGET="rules:#SessionManagement.xhtml" + TITLE="#{login.login}:LOCAL_LOGIN" model-entity="JSFProcessItemOutput"/> + </PROCESS-ITEM> + </PROCESS-ITEM> + <PROCESS-ITEM NAME="rules:#SessionManagement.xhtml" + PATH="/SessionManagement.xhtml" SHAPE="240,33,0,0" model-entity="JSFProcessGroup"/> +</PROCESS> Added: modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/beans.xml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/beans.xml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/beans.xml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd"> + <alternatives> + <classes>org.jboss.seam.security.external.openid.OpenIdProviderInApplicationScopeProducer</classes> + </alternatives> +</beans> Added: modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/context.xml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/context.xml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/context.xml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Context> +  + <Valve className="org.apache.catalina.valves.RequestDumperValve" /> +</Context> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/faces-config.xml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/faces-config.xml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/faces-config.xml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<faces-config version="2.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"> + + <name>openidop</name> + + <application> + <view-handler>org.jboss.seam.security.examples.openid.DialogueAwareViewHandler</view-handler> + </application> + + <navigation-rule> + <from-view-id>/Login.xhtml</from-view-id> + <navigation-case> + <from-action>#{login.login}</from-action> + <from-outcome>LOCAL_LOGIN</from-outcome> + <to-view-id>/SessionManagement.xhtml</to-view-id> + </navigation-case> + </navigation-rule> + +</faces-config> Added: modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/web.xml =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/web.xml (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/WEB-INF/web.xml 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> + + <context-param> + <param-name>javax.faces.PROJECT_STAGE</param-name> + <param-value>Development</param-value> + </context-param> + + <welcome-file-list> + <welcome-file>index.jsp</welcome-file> + </welcome-file-list> + +</web-app> Added: modules/security/trunk/examples/openid-op/src/main/webapp/index.jsp =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/index.jsp (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/index.jsp 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,8 @@ +<html> + <head> + <title>Initial Redirect Page</title> + </head> + <body> + <% response.sendRedirect("Index.jsf"); %> + </body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-op/src/main/webapp/styles.css =================================================================== --- modules/security/trunk/examples/openid-op/src/main/webapp/styles.css (rev 0) +++ modules/security/trunk/examples/openid-op/src/main/webapp/styles.css 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,31 @@ +.page { + width: 800px; + margin-left: auto; + margin-right: auto; +} + +.menu { + margin-top: 15px; + height: 50px; + background: #d5a5ac; + padding: 5px; +} + +.content { + margin-top: 15px; + top: 100px; + margin-left: auto; + margin-right: auto; + background: white; + padding: 5px; +} + +.propertyName { + padding: 5px; + background-color: #aaaaaa; +} + +.propertyValue { + padding: 5px; + background-color: #dddddd; +} \ No newline at end of file Modified: modules/security/trunk/examples/openid-rp/readme.txt =================================================================== --- modules/security/trunk/examples/openid-rp/readme.txt 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/readme.txt 2010-09-18 11:15:45 UTC (rev 13766) @@ -26,11 +26,11 @@ Some background info ==================== -The Identity Provider is preconfigured to run at port 8080, to use a test key -store which is included in the war file, and to use the http protocol for -communicating with IDPs. These settings are ok for a test setup, but please be -aware that in production, you'd use http on port 443. In the test application -these settings are done programmatically (by the OpenIdRelyingPartyCustomizer). +The Relying Party is preconfigured to run at port 8080, and to use the +http protocol for communicating with OPs. These settings are ok for a test setup, +but please be aware that in production, you'd use http on port 443. In the test +application these settings are done programmatically (by the +OpenIdRelyingPartyCustomizer). How to use the application Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -31,9 +31,9 @@ import javax.inject.Inject; import javax.inject.Named; -import org.jboss.seam.security.external.api.OpenIdAttribute; import org.jboss.seam.security.external.api.OpenIdPrincipal; import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; +import org.jboss.seam.security.external.api.OpenIdRequestedAttribute; @SessionScoped @Named @@ -55,8 +55,8 @@ { if (!isLoggedIn()) { - List<OpenIdAttribute> attributes = new LinkedList<OpenIdAttribute>(); - attributes.add(new OpenIdAttribute("email", "http://schema.openid.net/contact/email", false)); + List<OpenIdRequestedAttribute> attributes = new LinkedList<OpenIdRequestedAttribute>(); + attributes.add(new OpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null)); openIdApi.login(openId, attributes); } else Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Login.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Login.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Login.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -0,0 +1,49 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +@Model +public class Login +{ + private String openId; + + @Inject + private Identity identity; + + public String getOpenId() + { + return openId; + } + + public void setOpenId(String openId) + { + this.openId = openId; + } + + public void login() + { + identity.startLogin(openId); + } +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Login.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Modified: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -54,7 +54,7 @@ } } - public void loginFailed() + public void loginFailed(String message) { try { Deleted: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -1,47 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.examples.id_consumer; - -import javax.enterprise.event.Observes; -import javax.faces.context.ExternalContext; -import javax.faces.context.FacesContext; -import javax.inject.Inject; -import javax.servlet.http.HttpServletResponse; - -import org.jboss.seam.security.external.api.ResponseHolder; -import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; - -public class RequestObserver -{ - @Inject - private ResponseHolder responseHolder; - - public void dialogueCreated(@Observes AfterDialogueActivation event) - { - if (FacesContext.getCurrentInstance() != null) - { - ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); - responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); - } - } - -} Modified: modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -7,17 +7,26 @@ <h1>Login</h1> <h:form> - <h:commandLink - action="#{identity.startLogin('https://www.google.com/accounts/o8/id')}" - value="Login with Google" /> - <br /> - <h:commandLink - action="#{identity.startLogin('https://me.yahoo.com')}" - value="Login with Yahoo" /> - <br /> - <h:commandLink - action="#{identity.startLogin('https://myopenid.com')}" - value="Login with myOpenID" /> + Either choose a pre-configured OpenID provider: + <ul> + <li><h:commandLink + action="#{identity.startLogin('https://www.google.com/accounts/o8/id')}" + value="Google" /></li> + <li><h:commandLink + action="#{identity.startLogin('https://me.yahoo.com')}" + value="Yahoo" /> <br /> + </li> + <li><h:commandLink + action="#{identity.startLogin('https://myopenid.com')}" + value="myOpenID" /> <br /> + </li> + <li><h:commandLink + action="#{identity.startLogin('http://www.openid-op.com:8080/openid-op/openid/OP/XrdsService')}" + value="Seam Sample OpenID Provider" /></li> + </ul> + or use your own OpenID: + <p><h:inputText value="#{login.openId}" /> <h:commandLink + action="#{login.login}" value="login" /></p> </h:form> </ui:composition> Modified: modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -7,7 +7,7 @@ <h:form> <h:commandLink value="Login" action="/Login.xhtml" disabled="#{identity.loggedIn}" /> | - <h:outputText value="User Info" action="/UserInfo.xhtml" + <h:commandLink value="User Info" action="/UserInfo.xhtml" disabled="#{!identity.loggedIn}" /> | <h:commandLink value="Configuration" action="/Configuration.xhtml" /> | <h:commandLink value="Logout" action="#{identity.logout}" Modified: modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -17,7 +17,7 @@ <h:outputText value="OpenID Provider" /> <h:outputText value="#{identity.openIdPrincipal.openIdProvider}" /> <h:outputText value="Email" /> - <h:outputText value="#{identity.openIdPrincipal.attributes.email}" /> + <h:outputText value="#{identity.openIdPrincipal.attributeValues['email']}" /> </h:panelGrid> </ui:composition> Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -27,6 +27,8 @@ import java.net.MalformedURLException; import java.net.URL; import java.net.URLConnection; +import java.util.LinkedList; +import java.util.List; import javax.enterprise.inject.Model; import javax.faces.application.FacesMessage; @@ -84,4 +86,14 @@ { return samlEntityConfig.getMetaDataURL(); } + + public List<String> getSpEntityIds() + { + List<String> entityIds = new LinkedList<String>(); + for (SamlExternalEntity entity : samlEntityConfig.getExternalSamlEntities()) + { + entityIds.add(entity.getEntityId()); + } + return entityIds; + } } Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -35,7 +35,7 @@ private String userName; - private String samlDialogueId; + private String dialogueId; @Inject private DialogueManager dialogueManager; @@ -53,22 +53,22 @@ this.userName = userName; } - public String getSamlDialogueId() + public String getDialogueId() { - return samlDialogueId; + return dialogueId; } - public void setSamlDialogueId(String samlDialogueId) + public void setDialogueId(String dialogueId) { - this.samlDialogueId = samlDialogueId; + this.dialogueId = dialogueId; } public String login() { identity.localLogin(userName); - if (samlDialogueId != null) + if (dialogueId != null) { - dialogueManager.attachDialogue(samlDialogueId); + dialogueManager.attachDialogue(dialogueId); samlIdentityProviderApi.authenticationSucceeded(); dialogueManager.detachDialogue(); return "SAML_LOGIN"; @@ -81,9 +81,9 @@ public void cancel() { - if (samlDialogueId != null) + if (dialogueId != null) { - dialogueManager.attachDialogue(samlDialogueId); + dialogueManager.attachDialogue(dialogueId); samlIdentityProviderApi.authenticationFailed(); dialogueManager.detachDialogue(); } Deleted: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -1,58 +0,0 @@ -/* - * JBoss, Home of Professional Open Source - * Copyright 2010, Red Hat, Inc., and individual contributors - * by the @authors tag. See the copyright.txt in the distribution for a - * full listing of individual contributors. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ -package org.jboss.seam.security.examples.id_provider; - -import java.util.LinkedList; -import java.util.List; - -import javax.enterprise.inject.Model; -import javax.inject.Inject; - -import org.jboss.seam.security.external.api.SamlIdentityProviderApi; -import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; -import org.jboss.seam.security.external.saml.SamlExternalEntity; -import org.jboss.seam.security.external.saml.idp.SamlIdpSession; - -@Model -public class Saml -{ - @Inject - private SamlIdentityProviderApi samlIdp; - - @Inject - private SamlIdentityProviderConfigurationApi samlIdpConfig; - - public List<String> getSpEntityIds() - { - List<String> entityIds = new LinkedList<String>(); - for (SamlExternalEntity entity : samlIdpConfig.getExternalSamlEntities()) - { - entityIds.add(entity.getEntityId()); - } - return entityIds; - } - - public SamlIdpSession getSession() - { - return samlIdp.getSession(); - } -} Modified: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-18 11:15:45 UTC (rev 13766) @@ -63,7 +63,7 @@ { try { - responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf?samlDialogueId=" + dialogue.getDialogueId()); + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf?dialogueId=" + dialogue.getDialogueId()); } catch (IOException e) { Modified: modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -6,7 +6,7 @@ <h1>Configuration</h1> <h:outputText value="Meta Data URL for this SAML entity: #{configuration.metaDataUrl}" /> <h2>Trusted SAML Service Providers</h2> - <p><h:dataTable value="#{saml.spEntityIds}" var="spEntityId" columnClasses="dataTableColumn"> + <p><h:dataTable value="#{configuration.spEntityIds}" var="spEntityId" columnClasses="dataTableColumn"> <h:column> <h:outputText value="#{spEntityId}" /> </h:column> Modified: modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml 2010-09-18 11:03:55 UTC (rev 13765) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml 2010-09-18 11:15:45 UTC (rev 13766) @@ -3,7 +3,7 @@ xmlns:h="http://java.sun.com/jsf/html" xmlns:f="http://java.sun.com/jsf/core"> <f:metadata> - <f:viewParam name="samlDialogueId" value="#{login.samlDialogueId}" /> + <f:viewParam name="dialogueId" value="#{login.dialogueId}" /> </f:metadata> <ui:composition template="/PageTemplate.xhtml"> <h:messages /> @@ -13,7 +13,7 @@ <h:inputText value="#{login.userName}" /> <h:commandButton action="#{login.login}" value="Login" /> <h:commandButton action="#{login.cancel}" value="Cancel" - rendered="#{login.samlDialogueId != null}" /> + rendered="#{login.dialogueId != null}" /> </h:form> </ui:composition> </f:view> \ No newline at end of file

14 years, 3 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
...
13
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

seam-commits September 2010