Author: marcelkolsteren Date: 2010-09-01 17:35:41 -0400 (Wed, 01 Sep 2010) New Revision: 13694 Added: modules/security/trunk/examples/openid-rp/ modules/security/trunk/examples/openid-rp/pom.xml modules/security/trunk/examples/openid-rp/readme.txt modules/security/trunk/examples/openid-rp/src/ modules/security/trunk/examples/openid-rp/src/main/ modules/security/trunk/examples/openid-rp/src/main/java/ modules/security/trunk/examples/openid-rp/src/main/java/org/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java modules/security/trunk/examples/openid-rp/src/main/resources/ modules/security/trunk/examples/openid-rp/src/main/resources/META-INF/ modules/security/trunk/examples/openid-rp/src/main/webapp/ modules/security/trunk/examples/openid-rp/src/main/webapp/AuthenticationFailed.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/Configuration.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/Index.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/META-INF/ modules/security/trunk/examples/openid-rp/src/main/webapp/META-INF/MANIFEST.MF modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/PageTemplate.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/beans.xml modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/context.xml modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/faces-config.xml modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/lib/ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/web.xml modules/security/trunk/examples/openid-rp/src/main/webapp/index.jsp modules/security/trunk/examples/openid-rp/src/main/webapp/styles.css modules/security/trunk/examples/openid-rp/src/test/ modules/security/trunk/examples/openid-rp/src/test/java/ modules/security/trunk/examples/openid-rp/src/test/java/org/ modules/security/trunk/examples/openid-rp/src/test/java/org/jboss/ modules/security/trunk/examples/openid-rp/src/test/java/org/jboss/seam/ modules/security/trunk/examples/openid-rp/src/test/java/org/jboss/seam/security/ modules/security/trunk/examples/openid-rp/src/test/resources/ modules/security/trunk/examples/saml-idp/ modules/security/trunk/examples/saml-idp/pom.xml modules/security/trunk/examples/saml-idp/readme.txt modules/security/trunk/examples/saml-idp/src/ modules/security/trunk/examples/saml-idp/src/main/ modules/security/trunk/examples/saml-idp/src/main/java/ modules/security/trunk/examples/saml-idp/src/main/java/org/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java modules/security/trunk/examples/saml-idp/src/main/resources/ modules/security/trunk/examples/saml-idp/src/main/resources/META-INF/ modules/security/trunk/examples/saml-idp/src/main/resources/test_keystore.jks modules/security/trunk/examples/saml-idp/src/main/webapp/ modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/Index.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/META-INF/ modules/security/trunk/examples/saml-idp/src/main/webapp/META-INF/MANIFEST.MF modules/security/trunk/examples/saml-idp/src/main/webapp/Menu.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/PageTemplate.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/SessionManagement.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/SingleLogoutFailed.xhtml modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/beans.xml modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/context.xml modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/faces-config.xml modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/lib/ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/web.xml modules/security/trunk/examples/saml-idp/src/main/webapp/index.jsp modules/security/trunk/examples/saml-idp/src/main/webapp/styles.css modules/security/trunk/examples/saml-idp/src/test/ modules/security/trunk/examples/saml-idp/src/test/java/ modules/security/trunk/examples/saml-idp/src/test/java/org/ modules/security/trunk/examples/saml-idp/src/test/java/org/jboss/ modules/security/trunk/examples/saml-idp/src/test/java/org/jboss/seam/ modules/security/trunk/examples/saml-idp/src/test/java/org/jboss/seam/security/ modules/security/trunk/examples/saml-idp/src/test/resources/ modules/security/trunk/examples/saml-sp/ modules/security/trunk/examples/saml-sp/pom.xml modules/security/trunk/examples/saml-sp/readme.txt modules/security/trunk/examples/saml-sp/src/ modules/security/trunk/examples/saml-sp/src/main/ modules/security/trunk/examples/saml-sp/src/main/java/ modules/security/trunk/examples/saml-sp/src/main/java/org/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/VirtualApplicationCreator.java modules/security/trunk/examples/saml-sp/src/main/resources/ modules/security/trunk/examples/saml-sp/src/main/resources/META-INF/ modules/security/trunk/examples/saml-sp/src/main/resources/test_keystore.jks modules/security/trunk/examples/saml-sp/src/main/webapp/ modules/security/trunk/examples/saml-sp/src/main/webapp/AuthenticationFailed.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/Configuration.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/GlobalLogoutFailed.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/Index.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/Login.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/META-INF/ modules/security/trunk/examples/saml-sp/src/main/webapp/META-INF/MANIFEST.MF modules/security/trunk/examples/saml-sp/src/main/webapp/Menu.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/PageTemplate.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/UserInfo.xhtml modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/beans.xml modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/context.xml modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/faces-config.xml modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/lib/ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/web.xml modules/security/trunk/examples/saml-sp/src/main/webapp/index.jsp modules/security/trunk/examples/saml-sp/src/main/webapp/styles.css modules/security/trunk/examples/saml-sp/src/test/ modules/security/trunk/examples/saml-sp/src/test/java/ modules/security/trunk/examples/saml-sp/src/test/java/org/ modules/security/trunk/examples/saml-sp/src/test/java/org/jboss/ modules/security/trunk/examples/saml-sp/src/test/java/org/jboss/seam/ modules/security/trunk/examples/saml-sp/src/test/java/org/jboss/seam/security/ modules/security/trunk/examples/saml-sp/src/test/resources/ Log: Added sample applications for external authentication: - openid-rp: OpenID Relying Party application - saml-sp: SAMLv2 Service Provider application - saml-idp: SAMLv2 Identity Provider application Property changes on: modules/security/trunk/examples/openid-rp ___________________________________________________________________ Name: svn:ignore + .settings target .classpath .project Added: modules/security/trunk/examples/openid-rp/pom.xml =================================================================== --- modules/security/trunk/examples/openid-rp/pom.xml (rev 0) +++ modules/security/trunk/examples/openid-rp/pom.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,80 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.seam.security</groupId> + <artifactId>openid-rp</artifactId> + <packaging>war</packaging> + <name>OpenID Relying Party</name> + + <parent> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-parent</artifactId> + <version>3.0.0-SNAPSHOT</version> + <relativePath>../../pom.xml</relativePath> + </parent> + + <properties> + <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> + <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> + </properties> + + <build> + <finalName>openid-rp</finalName> + </build> + + <dependencies> + + <dependency> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-external</artifactId> + <version>${project.version}</version> + <exclusions> + <exclusion> + <artifactId>validation-api</artifactId> + <groupId>javax.validation</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.jboss.seam.servlet</groupId> + <artifactId>seam-servlet</artifactId> + <version>3.0.0-SNAPSHOT</version> + </dependency> + + <dependency> + <groupId>javax.enterprise</groupId> + <artifactId>cdi-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <!-- This is necessary until a new JSF-API is published to central --> + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <scope>provided</scope> + </dependency> + + <!-- + <dependency> <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + <version>${project.version}</version> </dependency> + --> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <!-- Required until the Servlet 3.0 API can be resolved in Central --> + <groupId>org.jboss.spec.javax.servlet</groupId> + <artifactId>jboss-servlet-api_3.0_spec</artifactId> + <scope>provided</scope> + </dependency> + + </dependencies> + +</project> Added: modules/security/trunk/examples/openid-rp/readme.txt =================================================================== --- modules/security/trunk/examples/openid-rp/readme.txt (rev 0) +++ modules/security/trunk/examples/openid-rp/readme.txt 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,60 @@ +OPENID-RP EXAMPLE + + +What is it? +=========== + +This demo shows a web application that uses OpenID to authenticate users (i.e. a +web application that acts as an OpenID Relying Party). + + +How to deploy it? +================= + +The application is packaged as a war file and should run in any JEE6 +environment. It has been tested on JBoss AS 6. Before deploying the application, +you need to map this host name to the localhost: + +www.openid-rp.com + +On Unix based systems, you do this by putting the following lines in +'/etc/hosts': + +127.0.0.1 www.openid-rp.com + + +Some background info +==================== + +The Identity Provider is preconfigured to run at port 8080, to use a test key +store which is included in the war file, and to use the http protocol for +communicating with IDPs. These settings are ok for a test setup, but please be +aware that in production, you'd use http on port 443. In the test application +these settings are done programmatically (by the OpenIdRelyingPartyCustomizer). + + +How to use the application +========================== + +Start the application and fetch this URL in your browser: + +http://www.openid-rp.com:8080/openid-rp + +Go to the login page. There you'll find three OpenID Providers (OPs) to choose +from. Just choose one where you have an account, and you'll be redirected to the +site of that provider. There you authenticate, and there you grant the OpenID +provider to send your OpenID identifier, and your e-mail address, to the relying +party, which is the sample application in this case (which won't do anything +with your e-mail address except from displaying it). + +Some OpenID providers will prove reluctant for sending the e-mail attribute, or +will advice you not to grant permissions to this relying party. In a production +scenario you won't have this, because you would: +- use https instead of http +- use a host name that is registered in DNS +- use an HTML meta-tag in the file https://www.openid-rp.com to refer to the +XRDS file that describes the relying party service endpoint + +You could have a look at the Configuration page to see what is the realm of the +OpenID Relying party (it's derived from the host name). On that page you'll also +find a link to the XRDS file that contains meta data about the relying party. \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,44 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; + +@Model +public class Configuration +{ + @Inject + private OpenIdRelyingPartyConfigurationApi confApi; + + public String getRealm() + { + return confApi.getRealm(); + } + + public String getXrdsURL() + { + return confApi.getXrdsURL(); + } +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,106 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import java.io.Serializable; +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.context.SessionScoped; +import javax.faces.application.FacesMessage; +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.inject.Named; + +import org.jboss.seam.security.external.api.OpenIdAttribute; +import org.jboss.seam.security.external.api.OpenIdPrincipal; +import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi; + +@SessionScoped +@Named +public class Identity implements Serializable +{ + private static final long serialVersionUID = -7096110154986991513L; + + private OpenIdPrincipal openIdPrincipal; + + @Inject + private OpenIdRelyingPartyApi openIdApi; + + public OpenIdPrincipal getOpenIdPrincipal() + { + return openIdPrincipal; + } + + public void startLogin(String openId) + { + if (!isLoggedIn()) + { + List<OpenIdAttribute> attributes = new LinkedList<OpenIdAttribute>(); + attributes.add(new OpenIdAttribute("email", "http://schema.openid.net/contact/email", false)); + openIdApi.login(openId, attributes); + } + else + { + FacesMessage facesMessage = new FacesMessage("Already logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public void finishLogin(OpenIdPrincipal openIdPrincipal) + { + this.openIdPrincipal = openIdPrincipal; + } + + public void logout() + { + if (isLoggedIn()) + { + openIdPrincipal = null; + redirectToViewId("/Index.xhtml"); + } + else + { + FacesMessage facesMessage = new FacesMessage("Not logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public boolean isLoggedIn() + { + return openIdPrincipal != null; + } + + public void redirectToLoginIfNotLoggedIn() + { + if (!isLoggedIn()) + { + redirectToViewId("/Login.xhtml"); + } + } + + private void redirectToViewId(String viewId) + { + FacesContext facesContext = FacesContext.getCurrentInstance(); + FacesContext.getCurrentInstance().getApplication().getNavigationHandler().handleNavigation(facesContext, null, viewId + "?faces-redirect=true"); + } +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,39 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.event.Observes; +import javax.servlet.ServletContextEvent; + +import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi; +import org.jboss.seam.servlet.event.qualifier.Initialized; + +public class OpenIdRelyingPartyCustomizer +{ + public void servletInitialized(@Observes @Initialized final ServletContextEvent e, OpenIdRelyingPartyConfigurationApi rp) + { + rp.setHostName("www.openid-rp.com"); + rp.setPort(8080); + rp.setProtocol("http"); + } + +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartyCustomizer.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,68 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import java.io.IOException; + +import javax.inject.Inject; +import javax.servlet.ServletContext; + +import org.jboss.seam.security.external.api.OpenIdPrincipal; +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi; + +public class OpenIdRelyingPartySpiImpl implements OpenIdRelyingPartySpi +{ + @Inject + private ResponseHolder responseHolder; + + @Inject + private ServletContext servletContext; + + @Inject + private Identity identity; + + public void loginSucceeded(OpenIdPrincipal principal) + { + try + { + identity.finishLogin(principal); + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/UserInfo.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void loginFailed() + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/AuthenticationFailed.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/OpenIdRelyingPartySpiImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,47 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.event.Observes; +import javax.faces.context.ExternalContext; +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; + +public class RequestObserver +{ + @Inject + private ResponseHolder responseHolder; + + public void dialogueCreated(@Observes AfterDialogueActivation event) + { + if (FacesContext.getCurrentInstance() != null) + { + ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); + responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); + } + } + +} Property changes on: modules/security/trunk/examples/openid-rp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/openid-rp/src/main/webapp/AuthenticationFailed.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/AuthenticationFailed.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/AuthenticationFailed.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + +<body> +<h1>Authentication failed.</h1> +</body> + +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/Configuration.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Configuration.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Configuration.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,15 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + <h1>Configuration</h1> + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="XRDS URL" /> + <h:outputText value="#{configuration.xrdsURL}" /> + <h:outputText value="Realm" /> + <h:outputText value="#{configuration.realm}" /> + </h:panelGrid> + + </ui:composition> +</f:view> Added: modules/security/trunk/examples/openid-rp/src/main/webapp/Index.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Index.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Index.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Login.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>Login</h1> + + <h:form> + <h:commandLink + action="#{identity.startLogin('https://www.google.com/accounts/o... + value="Login with Google" /> + <br /> + <h:commandLink + action="#{identity.startLogin('https://me.yahoo.com')}" + value="Login with Yahoo" /> + <br /> + <h:commandLink + action="#{identity.startLogin('https://myopenid.com')}" + value="Login with myOpenID" /> + </h:form> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/META-INF/MANIFEST.MF =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/META-INF/MANIFEST.MF (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/META-INF/MANIFEST.MF 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + Added: modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/Menu.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,17 @@ +<ui:composition xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + + <h:form> + <h:commandLink value="Login" action="/Login.xhtml" + disabled="#{identity.loggedIn}" /> | + <h:outputText value="User Info" action="/UserInfo.xhtml" + disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Configuration" action="/Configuration.xhtml" /> | + <h:commandLink value="Logout" action="#{identity.logout}" + disabled="#{!identity.loggedIn}" /> + </h:form> + +</ui:composition> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/PageTemplate.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/PageTemplate.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/PageTemplate.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,26 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core" + xmlns:ui="http://java.sun.com/jsf/facelets"> + +<h:body> + <h:panelGroup layout="block" styleClass="page"> + + <h:head> + <link type="text/css" rel="stylesheet" href="styles.css" /> + </h:head> + + <h:panelGroup layout="block" styleClass="menu"> + <ui:include src="/Menu.xhtml" /> + </h:panelGroup> + + <h:messages /> + + <h:panelGroup layout="block" styleClass="content"> + <ui:insert /> + </h:panelGroup> + + </h:panelGroup> +</h:body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/UserInfo.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>User info</h1> + + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="Verified User Identifier" /> + <h:outputText value="#{identity.openIdPrincipal.identifier}" /> + <h:outputText value="OpenID Provider" /> + <h:outputText value="#{identity.openIdPrincipal.openIdProvider}" /> + <h:outputText value="Email" /> + <h:outputText value="#{identity.openIdPrincipal.attributes.email}" /> + </h:panelGrid> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PROCESS model-entity="JSFProcess"/> Added: modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/beans.xml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/beans.xml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/beans.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd"> + <alternatives> + <classes>org.jboss.seam.security.external.openid.OpenIdRpInApplicationScopeProducer</classes> + </alternatives> +</beans> Added: modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/context.xml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/context.xml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/context.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Context> + <!-- log all incoming and outgoing messages. --> + <Valve className="org.apache.catalina.valves.RequestDumperValve" /> +</Context> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/faces-config.xml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/faces-config.xml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/faces-config.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<faces-config version="2.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"> + + <name>openidrp</name> + +</faces-config> Added: modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/web.xml =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/web.xml (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/WEB-INF/web.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> + + <context-param> + <param-name>javax.faces.PROJECT_STAGE</param-name> + <param-value>Development</param-value> + </context-param> + + <welcome-file-list> + <welcome-file>index.jsp</welcome-file> + </welcome-file-list> + +</web-app> Added: modules/security/trunk/examples/openid-rp/src/main/webapp/index.jsp =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/index.jsp (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/index.jsp 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,8 @@ +<html> + <head> + <title>Initial Redirect Page</title> + </head> + <body> + <% response.sendRedirect("Index.jsf"); %> + </body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/openid-rp/src/main/webapp/styles.css =================================================================== --- modules/security/trunk/examples/openid-rp/src/main/webapp/styles.css (rev 0) +++ modules/security/trunk/examples/openid-rp/src/main/webapp/styles.css 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,31 @@ +.page { + width: 800px; + margin-left: auto; + margin-right: auto; +} + +.menu { + margin-top: 15px; + height: 50px; + background: #d5a5ac; + padding: 5px; +} + +.content { + margin-top: 15px; + top: 100px; + margin-left: auto; + margin-right: auto; + background: white; + padding: 5px; +} + +.propertyName { + padding: 5px; + background-color: #aaaaaa; +} + +.propertyValue { + padding: 5px; + background-color: #dddddd; +} \ No newline at end of file Property changes on: modules/security/trunk/examples/saml-idp ___________________________________________________________________ Name: svn:ignore + .settings target .classpath .project Added: modules/security/trunk/examples/saml-idp/pom.xml =================================================================== --- modules/security/trunk/examples/saml-idp/pom.xml (rev 0) +++ modules/security/trunk/examples/saml-idp/pom.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,75 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.seam.security</groupId> + <artifactId>saml-idp</artifactId> + <packaging>war</packaging> + <name>SAML Identity Provider</name> + + <parent> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-parent</artifactId> + <version>3.0.0-SNAPSHOT</version> + <relativePath>../../pom.xml</relativePath> + </parent> + + <build> + <finalName>saml-idp</finalName> + </build> + + <dependencies> + + <dependency> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-external</artifactId> + <version>${project.version}</version> + <exclusions> + <exclusion> + <artifactId>validation-api</artifactId> + <groupId>javax.validation</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.jboss.seam.servlet</groupId> + <artifactId>seam-servlet</artifactId> + <version>3.0.0-SNAPSHOT</version> + </dependency> + + <dependency> + <groupId>javax.enterprise</groupId> + <artifactId>cdi-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <!-- This is necessary until a new JSF-API is published to central --> + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <scope>provided</scope> + </dependency> + + <!-- + <dependency> <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + <version>${project.version}</version> </dependency> + --> + + <dependency> + <!-- Required until the Servlet 3.0 API can be resolved in Central --> + <groupId>org.jboss.spec.javax.servlet</groupId> + <artifactId>jboss-servlet-api_3.0_spec</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <scope>provided</scope> + </dependency> + + </dependencies> + +</project> Added: modules/security/trunk/examples/saml-idp/readme.txt =================================================================== --- modules/security/trunk/examples/saml-idp/readme.txt (rev 0) +++ modules/security/trunk/examples/saml-idp/readme.txt 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,75 @@ +SAML-IDP EXAMPLE + + +What is it? +=========== + +This demo web application shows how to turn your application into a SAMLv2 +identity provider (IDP). It makes use of the SAMLv2 submodule of Seam Security. + + +How to deploy it? +================= + +The application is packaged as a war file and should run in any JEE6 +environment. It has been tested on JBoss AS 6. Before deploying the application, +you need to map this two host name to the localhost: + +www.saml-idp.com + +On Unix based systems, you do this by putting the following lines in +'/etc/hosts': + +127.0.0.1 www.saml-idp.com + + +Some background info +==================== + +The Identity Provider is preconfigured to run at port 8080, to use a test key +store which is included in the war file, and to use the http protocol for +communicating with IDPs. These settings are ok for a test setup, but please be +aware that in production, you'd use http on port 443, and you'd use your own +well-secured keystore, probably somewhere on the file system. In the test +application these settings are done programmatically (by the IdpCustomizer). + + +How to use the application +========================== + +Start the application and surf to: + +http://www.saml-idp.com:8080/saml-idp + +First you need to configure the service provider(s) to trust. You have different +options: +- use the seam-sp example application +- install and use your own SAMLv2 compliant service provider +- use an existing SAMLv2 service provider where you have access to (e.g. Google +Applications Premium edition, which can act as a SAMLv2 Service Provider) + +You need to create a trust relationship between the chosen service provider(s) +and the sample application. You do that by exchanging meta data. The menu option +"Configuration" will help you. Note that in a production system you'd definitely +restrict such a configuration page to system administrators! On the +configuration page, you see a link that points out where the meta data of the +current identity provider resides. You use that link for uploading the meta data +to your service provider. The other way around, you find out where your service +provider's meta data is (read your SP manual), and you upload it on the +Configuration page. Repeat this procedure for all service providers. + +Now you are ready to login. Go to the login page by using the menu, and supply +your user name. A real life app will ask for your password to verify your +identity, but for this example we just assume it's ok. When logged in, you can +access the session management page. There you see the name of the current user, +and the service provider sessions that are active. No service provider session +is active at this moment. You can now try to login to your service provider, and +see that you don't have to sign in again, cause you're already logged in at the +identity provider. You can also login to a service provider from the session +management page. This option will open the service provider's application in a +new window, and you'll be logged in there immediately. + +After having experienced single sign on, you can play around with logout +scenarios. A global logout will log you out the session at the IDP and all +participating sessions at the SPs. A local logout at the IDP will remove the IDP +session without informing the service providers that participate in the session. \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,87 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.Reader; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.URLConnection; + +import javax.enterprise.inject.Model; +import javax.faces.application.FacesMessage; +import javax.faces.context.FacesContext; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlEntityConfigurationApi; +import org.jboss.seam.security.external.saml.SamlExternalEntity; + +@Model +public class Configuration +{ + private String spMetaDataUrl; + + @Inject + private SamlEntityConfigurationApi samlEntityConfig; + + public String getSpMetaDataUrl() + { + return spMetaDataUrl; + } + + public void setSpMetaDataUrl(String spMetaDataUrl) + { + this.spMetaDataUrl = spMetaDataUrl; + } + + public void addSamlServiceProvider() + { + try + { + URL url = new URL(spMetaDataUrl); + URLConnection urlConnection = url.openConnection(); + urlConnection.setConnectTimeout(3000); + urlConnection.setReadTimeout(3000); + Reader reader = new InputStreamReader(urlConnection.getInputStream()); + SamlExternalEntity samlEntity = samlEntityConfig.addExternalSamlEntity(reader); + + FacesMessage facesMessage = new FacesMessage("SAML entity " + samlEntity.getEntityId() + " has been added."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + catch (MalformedURLException e) + { + FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Malformed URL.", ""); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + catch (IOException e) + { + FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Metadata could not be read.", ""); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public String getMetaDataUrl() + { + return samlEntityConfig.getMetaDataURL(); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Configuration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,85 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import java.io.Serializable; + +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.inject.Named; + +import org.jboss.seam.security.external.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.api.SamlNameId; +import org.jboss.seam.security.external.saml.idp.SamlIdpSession; + +@Named +public class Identity implements Serializable +{ + private static final long serialVersionUID = 3739296115750412807L; + + @Inject + private SamlIdentityProviderApi samlIdp; + + public void localLogin(String userName) + { + samlIdp.localLogin(new SamlNameId(userName, null, null), null); + } + + public void remoteLogin(String spEntityId) + { + samlIdp.remoteLogin(spEntityId, null); + } + + public void localLogout() + { + samlIdp.localLogout(); + } + + public void globalLogout() + { + samlIdp.globalLogout(); + } + + public boolean isLoggedIn() + { + return samlIdp.getSession() != null; + } + + public void redirectToLoginIfNotLoggedIn() + { + if (!isLoggedIn()) + { + redirectToViewId("/Login.xhtml"); + } + } + + public SamlIdpSession getSamlIdpSession() + { + return samlIdp.getSession(); + } + + private void redirectToViewId(String viewId) + { + FacesContext facesContext = FacesContext.getCurrentInstance(); + FacesContext.getCurrentInstance().getApplication().getNavigationHandler().handleNavigation(facesContext, null, viewId + "?faces-redirect=true"); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Identity.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,95 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.dialogues.DialogueManager; + +@Model +public class Login +{ + @Inject + private SamlIdentityProviderApi samlIdentityProviderApi; + + private String userName; + + private String samlDialogueId; + + @Inject + private DialogueManager dialogueManager; + + @Inject + private Identity identity; + + public String getUserName() + { + return userName; + } + + public void setUserName(String userName) + { + this.userName = userName; + } + + public String getSamlDialogueId() + { + return samlDialogueId; + } + + public void setSamlDialogueId(String samlDialogueId) + { + this.samlDialogueId = samlDialogueId; + } + + public String login() + { + identity.localLogin(userName); + if (samlDialogueId != null) + { + dialogueManager.attachDialogue(samlDialogueId); + samlIdentityProviderApi.authenticationSucceeded(); + dialogueManager.detachDialogue(); + return "SAML_LOGIN"; + } + else + { + return "LOCAL_LOGIN"; + } + } + + public void cancel() + { + if (samlDialogueId != null) + { + dialogueManager.attachDialogue(samlDialogueId); + samlIdentityProviderApi.authenticationFailed(); + dialogueManager.detachDialogue(); + } + else + { + throw new IllegalStateException("cancel method can only be called during a SAML login"); + } + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Login.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,46 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import javax.enterprise.event.Observes; +import javax.faces.context.ExternalContext; +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; + +public class RequestObserver +{ + @Inject + private ResponseHolder responseHolder; + + public void dialogueCreated(@Observes AfterDialogueActivation event) + { + if (FacesContext.getCurrentInstance() != null) + { + ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); + responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); + } + } +} \ No newline at end of file Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/RequestObserver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,58 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.SamlExternalEntity; +import org.jboss.seam.security.external.saml.idp.SamlIdpSession; + +@Model +public class Saml +{ + @Inject + private SamlIdentityProviderApi samlIdp; + + @Inject + private SamlIdentityProviderConfigurationApi samlIdpConfig; + + public List<String> getSpEntityIds() + { + List<String> entityIds = new LinkedList<String>(); + for (SamlExternalEntity entity : samlIdpConfig.getExternalSamlEntities()) + { + entityIds.add(entity.getEntityId()); + } + return entityIds; + } + + public SamlIdpSession getSession() + { + return samlIdp.getSession(); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/Saml.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,103 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import java.io.IOException; + +import javax.inject.Inject; +import javax.servlet.ServletContext; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.dialogues.api.Dialogue; +import org.jboss.seam.security.external.saml.idp.SamlIdpSession; +import org.jboss.seam.security.external.spi.SamlIdentityProviderSpi; +import org.slf4j.Logger; + +public class SamlIdentityProviderSpiImpl implements SamlIdentityProviderSpi +{ + @Inject + private Logger log; + + @Inject + private ResponseHolder responseHolder; + + @Inject + private ServletContext servletContext; + + @Inject + private Dialogue dialogue; + + @Inject + private Identity identity; + + @Inject + private SamlIdentityProviderApi idpApi; + + public void authenticate() + { + if (identity.isLoggedIn()) + { + idpApi.authenticationSucceeded(); + } + else + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf?samlDialogueId=" + dialogue.getDialogueId()); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + } + + public void singleLogoutFailed() + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/SingleLogoutFailed.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void singleLogoutSucceeded() + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void loggedOut(SamlIdpSession session) + { + log.info("Unsolicited logout for user " + session.getPrincipal().getNameId().getValue() + "."); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdentityProviderSpiImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,41 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import javax.enterprise.event.Observes; +import javax.servlet.ServletContextEvent; + +import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.servlet.event.qualifier.Initialized; + +public class SamlIdpCustomizer +{ + public void servletInitialized(@Observes @Initialized final ServletContextEvent e, SamlIdentityProviderConfigurationApi idp) + { + idp.setEntityId("http://www.saml-idp.com"); + idp.setHostName("www.saml-idp.com"); + idp.setProtocol("http"); + idp.setPort(8080); + idp.setSigningKey("classpath:/test_keystore.jks", "store456", "servercert", "pass456"); + idp.setWantSingleLogoutMessagesSigned(false); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SamlIdpCustomizer.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,82 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_provider; + +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.inject.Model; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlIdentityProviderApi; +import org.jboss.seam.security.external.api.SamlIdentityProviderConfigurationApi; +import org.jboss.seam.security.external.saml.idp.SamlExternalServiceProvider; + +@Model +public class SessionManagement +{ + @Inject + private SamlIdentityProviderApi idpApi; + + @Inject + private SamlIdentityProviderConfigurationApi idpConfApi; + + public List<String> getNonParticipatingServiceProviders() + { + List<String> serviceProviders = new LinkedList<String>(); + for (SamlExternalServiceProvider sp : idpConfApi.getServiceProviders()) + { + if (!isSessionParticipant(sp)) + { + serviceProviders.add(sp.getEntityId()); + } + } + return serviceProviders; + } + + public List<String> getParticipatingServiceProviders() + { + List<String> serviceProviders = new LinkedList<String>(); + for (SamlExternalServiceProvider sp : idpConfApi.getServiceProviders()) + { + if (isSessionParticipant(sp)) + { + serviceProviders.add(sp.getEntityId()); + } + } + return serviceProviders; + } + + private boolean isSessionParticipant(SamlExternalServiceProvider sp) + { + return idpApi.getSession().getServiceProviders().contains(sp); + } + + public void samlRemoteLogin(String spEntityId) + { + if (idpApi.getSession() == null) + { + throw new RuntimeException("No local SAML session."); + } + idpApi.remoteLogin(spEntityId, null); + } +} Property changes on: modules/security/trunk/examples/saml-idp/src/main/java/org/jboss/seam/security/examples/id_provider/SessionManagement.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-idp/src/main/resources/test_keystore.jks =================================================================== (Binary files differ) Property changes on: modules/security/trunk/examples/saml-idp/src/main/resources/test_keystore.jks ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Configuration.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + <h1>Configuration</h1> + <h:outputText value="Meta Data URL for this SAML entity: #{configuration.metaDataUrl}" /> + <h2>Trusted SAML Service Providers</h2> + <p><h:dataTable value="#{saml.spEntityIds}" var="spEntityId" columnClasses="dataTableColumn"> + <h:column> + <h:outputText value="#{spEntityId}" /> + </h:column> + </h:dataTable></p> + <h2>Add SAML Service Provider</h2> + <h:form> + <p><h:outputText + value="Here you can add a new trusted Service Provider by uploading the corresponding meta data." /></p> + <p><h:outputText value="Meta Data URL:" /> <h:inputText + value="#{configuration.spMetaDataUrl}" /> <h:commandButton + action="#{configuration.addSamlServiceProvider}" + value="Add SAML Service Provider" /></p> + </h:form> + </ui:composition> +</f:view> Added: modules/security/trunk/examples/saml-idp/src/main/webapp/Index.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Index.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Index.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Login.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,19 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:viewParam name="samlDialogueId" value="#{login.samlDialogueId}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + <h:messages /> + <h1>Login</h1> + <h:form> + <h:outputText value="Username:" /> + <h:inputText value="#{login.userName}" /> + <h:commandButton action="#{login.login}" value="Login" /> + <h:commandButton action="#{login.cancel}" value="Cancel" + rendered="#{login.samlDialogueId != null}" /> + </h:form> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/META-INF/MANIFEST.MF =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/META-INF/MANIFEST.MF (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/META-INF/MANIFEST.MF 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + Added: modules/security/trunk/examples/saml-idp/src/main/webapp/Menu.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/Menu.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/Menu.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,19 @@ +<ui:composition xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + + <h:form> + <h:commandLink value="Login" action="/Login.xhtml" + disabled="#{identity.loggedIn}" /> | + <h:commandLink value="Configuration" action="/Configuration.xhtml" /> | + <h:commandLink value="Session Management" action="/SessionManagement.xhtml" + disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Local Logout" action="#{identity.localLogout}" + disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Global Logout" action="#{identity.globalLogout}" + disabled="#{!identity.loggedIn or identity.samlIdpSession == null}" /> + </h:form> + +</ui:composition> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/PageTemplate.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/PageTemplate.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/PageTemplate.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,26 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core" + xmlns:ui="http://java.sun.com/jsf/facelets"> + +<h:body> + <h:panelGroup layout="block" styleClass="page"> + + <h:head> + <link type="text/css" rel="stylesheet" href="styles.css" /> + </h:head> + + <h:panelGroup layout="block" styleClass="menu"> + <ui:include src="/Menu.xhtml" /> + </h:panelGroup> + + <h:messages /> + + <h:panelGroup layout="block" styleClass="content"> + <ui:insert /> + </h:panelGroup> + + </h:panelGroup> +</h:body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/SessionManagement.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/SessionManagement.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/SessionManagement.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,45 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>Session Info</h1> + + <h2>Logged in user</h2> + + <h:outputText + value="#{identity.samlIdpSession.principal.nameId.value}" /> + + <h2>Session participants</h2> + + <h:dataTable + value="#{sessionManagement.participatingServiceProviders}" var="sp" + columnClasses="dataTableColumn"> + <h:column> + <h:outputText value="#{sp}" /> + </h:column> + </h:dataTable> + + <h2>Login to Other Service Providers</h2> + + <h:form> + <h:dataTable + value="#{sessionManagement.nonParticipatingServiceProviders}" + var="sp" columnClasses="dataTableColumn"> + <h:column> + <h:outputText value="#{sp}" /> + </h:column> + <h:column> + <h:commandLink action="#{identity.remoteLogin(sp)}" value="Login" target="_blank"/> + </h:column> + </h:dataTable> + </h:form> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/SingleLogoutFailed.xhtml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/SingleLogoutFailed.xhtml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/SingleLogoutFailed.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + +<body> +<h1>Single logout failed.</h1> +</body> + +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PROCESS model-entity="JSFProcess"> + <PROCESS-ITEM NAME="rules:#Login.xhtml" PATH="/Login.xhtml" + SHAPE="32,17,0,0" model-entity="JSFProcessGroup"> + <PROCESS-ITEM ID="rules:#Login.xhtml:0" NAME="item" + PATH="/Login.xhtml" model-entity="JSFProcessItem"> + <PROCESS-ITEM-OUTPUT + ID="LOCAL_LOGIN:#{login.login}:#SessionManagement.xhtml" + NAME="output" PATH="/SessionManagement.xhtml" + TARGET="rules:#SessionManagement.xhtml" + TITLE="#{login.login}:LOCAL_LOGIN" model-entity="JSFProcessItemOutput"/> + </PROCESS-ITEM> + </PROCESS-ITEM> + <PROCESS-ITEM NAME="rules:#SessionManagement.xhtml" + PATH="/SessionManagement.xhtml" SHAPE="240,33,0,0" model-entity="JSFProcessGroup"/> +</PROCESS> Added: modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/beans.xml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/beans.xml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/beans.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd"> + <alternatives> + <classes>org.jboss.seam.security.external.saml.idp.SamlIdpInApplicationScopeProducer</classes> + </alternatives> +</beans> Added: modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/context.xml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/context.xml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/context.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Context> + <!-- log all incoming and outgoing messages. --> + <Valve className="org.apache.catalina.valves.RequestDumperValve" /> +</Context> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/faces-config.xml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/faces-config.xml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/faces-config.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<faces-config version="2.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"> + + <name>samlidp</name> + + <navigation-rule> + <from-view-id>/Login.xhtml</from-view-id> + <navigation-case> + <from-action>#{login.login}</from-action> + <from-outcome>LOCAL_LOGIN</from-outcome> + <to-view-id>/SessionManagement.xhtml</to-view-id> + </navigation-case> + </navigation-rule> + +</faces-config> Added: modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/web.xml =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/web.xml (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/WEB-INF/web.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> + + <context-param> + <param-name>javax.faces.PROJECT_STAGE</param-name> + <param-value>Development</param-value> + </context-param> + + <welcome-file-list> + <welcome-file>index.jsp</welcome-file> + </welcome-file-list> + +</web-app> Added: modules/security/trunk/examples/saml-idp/src/main/webapp/index.jsp =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/index.jsp (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/index.jsp 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,8 @@ +<html> + <head> + <title>Initial Redirect Page</title> + </head> + <body> + <% response.sendRedirect("Index.jsf"); %> + </body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-idp/src/main/webapp/styles.css =================================================================== --- modules/security/trunk/examples/saml-idp/src/main/webapp/styles.css (rev 0) +++ modules/security/trunk/examples/saml-idp/src/main/webapp/styles.css 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,36 @@ +.page { + width: 800px; + margin-left: auto; + margin-right: auto; +} + +.menu { + margin-top: 15px; + height: 50px; + background: #a5a5dc; + padding: 5px; +} + +.content { + margin-top: 15px; + top: 100px; + margin-left: auto; + margin-right: auto; + background: white; + padding: 5px; +} + +.propertyName { + padding: 5px; + background-color: #aaaaaa; +} + +.propertyValue { + padding: 5px; + background-color: #dddddd; +} + +.dataTableColumn { + padding: 5px; + background-color: #dddddd; +} \ No newline at end of file Property changes on: modules/security/trunk/examples/saml-sp ___________________________________________________________________ Name: svn:ignore + .settings target .classpath .project Added: modules/security/trunk/examples/saml-sp/pom.xml =================================================================== --- modules/security/trunk/examples/saml-sp/pom.xml (rev 0) +++ modules/security/trunk/examples/saml-sp/pom.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,80 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>org.jboss.seam.security</groupId> + <artifactId>saml-sp</artifactId> + <packaging>war</packaging> + <name>SAML Service Provider</name> + + <parent> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-parent</artifactId> + <version>3.0.0-SNAPSHOT</version> + <relativePath>../../pom.xml</relativePath> + </parent> + + <properties> + <seam.faces.version>3.0.0-SNAPSHOT</seam.faces.version> + <seam.international.version>3.0.0-SNAPSHOT</seam.international.version> + </properties> + + <build> + <finalName>saml-sp</finalName> + </build> + + <dependencies> + + <dependency> + <groupId>org.jboss.seam.security</groupId> + <artifactId>seam-security-external</artifactId> + <version>${project.version}</version> + <exclusions> + <exclusion> + <artifactId>validation-api</artifactId> + <groupId>javax.validation</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.jboss.seam.servlet</groupId> + <artifactId>seam-servlet</artifactId> + <version>3.0.0-SNAPSHOT</version> + </dependency> + + <dependency> + <groupId>javax.enterprise</groupId> + <artifactId>cdi-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <!-- This is necessary until a new JSF-API is published to central --> + <groupId>javax.faces</groupId> + <artifactId>jsf-api</artifactId> + <scope>provided</scope> + </dependency> + + <!-- + <dependency> <groupId>org.jboss.seam.faces</groupId> + <artifactId>seam-faces</artifactId> + <version>${project.version}</version> </dependency> + --> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <!-- Required until the Servlet 3.0 API can be resolved in Central --> + <groupId>org.jboss.spec.javax.servlet</groupId> + <artifactId>jboss-servlet-api_3.0_spec</artifactId> + <scope>provided</scope> + </dependency> + + </dependencies> + +</project> Added: modules/security/trunk/examples/saml-sp/readme.txt =================================================================== --- modules/security/trunk/examples/saml-sp/readme.txt (rev 0) +++ modules/security/trunk/examples/saml-sp/readme.txt 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,101 @@ +SAML-SP EXAMPLE + + +What is it? +=========== + +This demo web application shows how to delegate user authentication and session +management to trusted SAMLv2 identity providers (IDPs). It makes use of the +SAMLv2 submodule of Seam Security. + + +How to deploy it? +================= + +The application is packaged as a war file and should run in any JEE6 +environment. It has been tested on JBoss AS 6. Before deploying the application, +you need to map these two host names to the localhost: + +www.saml-sp1.com +www.saml-sp2.com + +On Unix based systems, you do this by putting the following lines in +'/etc/hosts': + +127.0.0.1 www.saml-sp1.com +127.0.0.1 www.saml-sp2.com + + +Some background info +==================== + +The application contains two "virtual applications": + +http://www.saml-sp1.com:8080/saml-sp +http://www.saml-sp2.com:8080/saml-sp + +Think of it as two web shops hosted by the same SaaS provider, sharing the same +war file, but each having their own SAML Service Provider (SP) configuration, +their own database objects and their own users and user sessions. + +The Service Providers are preconfigured to run at port 8080, to use a test key +store which is included in the war file, and to use the http protocol for +communicating with IDPs. These settings are ok for a test setup, but please be +aware that in production, you'd use http on port 443, and you'd use your own +well-secured keystore, probably somewhere on the file system. In the test +application these settings are done programmatically (by the SpCustomizer). + + +How to use the application +========================== + +Start the application and surf to: + +http://www.saml-sp1.com:8080/saml-sp + +First you need to configure the identity provider(s) to trust. You have +different options: +- install and use your own third-party identity provider (e.g. OpenSSO, +Shibboleth, SimpleSAMLphp, CAS or A-Select) +- use an existing SAMLv2 identity provider where you have an account (you could +create an account for the www.ssocircle.com identity provider, which is open to +everyone) +- use the seam-idp example application + +You need to create a trust relationship between the chosen identity provider(s) +and the sample application. You do that by exchanging meta data. The menu option +"Configuration" will help you. Note that in a production system you'd definitely +restrict such a configuration page to system administrators! On the +configuration page, you see a link that points out where the meta data of the +current service provider resides. You use that link for uploading the meta data +to your identity provider. The other way around, you find out where your +identity provider's meta data is (read your IDP manual), and you upload it on +the Configuration page. You do that for all identity providers (probably only +one). + +Do the configuration not only for the saml-sp1 virtual application, but also for +saml-sp2. Remember that you need to see it as two separate service providers. + +Now you are ready to login. Go to the login page by using the menu. You need to +choose which identity provider you want to use, and click the login link next to +it. By the way, an application that only trusts one identity provider won't have +such a page, and an application that trusts multiple identity providers might +save the user's choice in a cookie so that this page will only be shown once. +You'll be redirected to your identity provider's login page and input your +credentials to log in. After that, you'll be redirected back to the service +provider, and you'll see the info of the logged in user, including any +attributes that have been provided by the identity provider. Normally you'd do +the things where you needed to login for, but this is a kind of hollow sample +application, and we'll move on. + +Now go to the other virtual application and login there. You'll see that you'll +be immediately logged in into that other application without entering your +credentials again. Single sign on in other words. + +The identity provider now manages one user session, with two service providers +participating in the session. You can stop the whole session by choosing "Global +Logout" from the menu in one of the virtual apps. Check that you are logged out +at the other virtual app as well, and also at the identity providers side. That +was a single logout in other words. You can also logout locally. In that case +you just stop using the IDP-managed session at the service provider side, +without informing the identity provider about that. \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,99 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.Reader; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.URLConnection; +import java.util.LinkedList; +import java.util.List; + +import javax.enterprise.inject.Model; +import javax.faces.application.FacesMessage; +import javax.faces.context.FacesContext; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlEntityConfigurationApi; +import org.jboss.seam.security.external.saml.SamlExternalEntity; + +@Model +public class Configuration +{ + private String idpMetaDataUrl; + + @Inject + private SamlEntityConfigurationApi samlEntityConfig; + + public String getIdpMetaDataUrl() + { + return idpMetaDataUrl; + } + + public void setIdpMetaDataUrl(String idpMetaDataUrl) + { + this.idpMetaDataUrl = idpMetaDataUrl; + } + + public void addSamlIdentityProvider() + { + try + { + URL url = new URL(idpMetaDataUrl); + URLConnection urlConnection = url.openConnection(); + urlConnection.setConnectTimeout(3000); + urlConnection.setReadTimeout(3000); + Reader reader = new InputStreamReader(urlConnection.getInputStream()); + SamlExternalEntity samlEntity = samlEntityConfig.addExternalSamlEntity(reader); + + FacesMessage facesMessage = new FacesMessage("SAML entity " + samlEntity.getEntityId() + " has been added."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + catch (MalformedURLException e) + { + FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Malformed URL.", ""); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + catch (IOException e) + { + FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Metadata could not be read.", ""); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public String getMetaDataUrl() + { + return samlEntityConfig.getMetaDataURL(); + } + + public List<String> getIdpEntityIds() + { + List<String> entityIds = new LinkedList<String>(); + for (SamlExternalEntity entity : samlEntityConfig.getExternalSamlEntities()) + { + entityIds.add(entity.getEntityId()); + } + return entityIds; + } +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Configuration.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,108 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.inject.Model; +import javax.faces.application.FacesMessage; +import javax.faces.context.FacesContext; +import javax.inject.Inject; + +import org.jboss.seam.security.external.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.dialogues.api.Dialogued; +import org.jboss.seam.security.external.saml.sp.SamlSpSession; + +@Model +public class Identity +{ + @Inject + private SamlServiceProviderApi samlSpApi; + + @Dialogued + public void login(String idpEntityId) + { + if (!isLoggedIn()) + { + samlSpApi.login(idpEntityId); + } + else + { + FacesMessage facesMessage = new FacesMessage("Already logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public void localLogout() + { + if (isLoggedIn()) + { + if (samlSpApi.getSession() != null) + { + samlSpApi.localLogout(); + } + } + else + { + FacesMessage facesMessage = new FacesMessage("Not logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public void globalLogout() + { + if (isLoggedIn()) + { + if (samlSpApi.getSession() != null) + { + samlSpApi.globalLogout(); + } + } + else + { + FacesMessage facesMessage = new FacesMessage("Not logged in."); + FacesContext.getCurrentInstance().addMessage(null, facesMessage); + } + } + + public boolean isLoggedIn() + { + return samlSpApi.getSession() != null; + } + + public SamlSpSession getSamlSpSession() + { + return samlSpApi.getSession(); + } + + public void redirectToLoginIfNotLoggedIn() + { + if (!isLoggedIn()) + { + redirectToViewId("/Login.xhtml"); + } + } + + private void redirectToViewId(String viewId) + { + FacesContext facesContext = FacesContext.getCurrentInstance(); + FacesContext.getCurrentInstance().getApplication().getNavigationHandler().handleNavigation(facesContext, null, viewId + "?faces-redirect=true"); + } +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/Identity.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,47 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.event.Observes; +import javax.faces.context.ExternalContext; +import javax.faces.context.FacesContext; +import javax.inject.Inject; +import javax.servlet.http.HttpServletResponse; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.dialogues.api.AfterDialogueActivation; + +public class RequestObserver +{ + @Inject + private ResponseHolder responseHolder; + + public void dialogueCreated(@Observes AfterDialogueActivation event) + { + if (FacesContext.getCurrentInstance() != null) + { + ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext(); + responseHolder.setResponse((HttpServletResponse) externalContext.getResponse()); + } + } + +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/RequestObserver.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,120 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import java.io.IOException; + +import javax.inject.Inject; +import javax.servlet.ServletContext; + +import org.jboss.seam.security.external.api.ResponseHolder; +import org.jboss.seam.security.external.api.SamlServiceProviderApi; +import org.jboss.seam.security.external.saml.sp.SamlSpSession; +import org.jboss.seam.security.external.spi.SamlServiceProviderSpi; +import org.slf4j.Logger; + +public class SamlServiceProviderSpiImpl implements SamlServiceProviderSpi +{ + @Inject + SamlServiceProviderApi samlServiceProviderApi; + + @Inject + ResponseHolder responseHolder; + + @Inject + private Logger log; + + @Inject + private ServletContext servletContext; + + public void loginSucceeded(SamlSpSession session) + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/UserInfo.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void loginFailed() + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/AuthenticationFailed.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void globalLogoutFailed(String statusCode) + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/GlobalLogoutFailed.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void globalLogoutSucceeded() + { + try + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/Login.jsf"); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void loggedIn(SamlSpSession session, String url) + { + try + { + if (url != null) + { + responseHolder.getResponse().sendRedirect(url); + } + else + { + responseHolder.getResponse().sendRedirect(servletContext.getContextPath() + "/UserInfo.jsf"); + } + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + public void loggedOut(SamlSpSession session) + { + log.info("User " + session.getPrincipal().getNameId() + " has been logged out."); + } +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlServiceProviderSpiImpl.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,40 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, Red Hat, Inc., and individual contributors + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.event.Observes; + +import org.jboss.seam.security.external.api.SamlServiceProviderConfigurationApi; +import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationCreation; +import org.jboss.seam.security.external.virtualapplications.api.VirtualApplication; + +public class SamlSpCustomizer +{ + public void customize(@Observes AfterVirtualApplicationCreation event, SamlServiceProviderConfigurationApi sp, VirtualApplication virtualApplication) + { + sp.setEntityId("http://" + virtualApplication.getHostName()); + sp.setProtocol("http"); + sp.setPort(8080); + sp.setSigningKey("classpath:/test_keystore.jks", "store456", "servercert", "pass456"); + } + +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/SamlSpCustomizer.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/VirtualApplicationCreator.java =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/VirtualApplicationCreator.java (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/VirtualApplicationCreator.java 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,18 @@ +package org.jboss.seam.security.examples.id_consumer; + +import javax.enterprise.event.Observes; + +import org.jboss.seam.security.external.virtualapplications.api.AfterVirtualApplicationManagerCreation; + +/** + * @author Marcel Kolsteren + * + */ +public class VirtualApplicationCreator +{ + public void virtualApplicationManagerCreated(@Observes final AfterVirtualApplicationManagerCreation event) + { + event.addVirtualApplication("www.saml-sp1.com"); + event.addVirtualApplication("www.saml-sp2.com"); + } +} Property changes on: modules/security/trunk/examples/saml-sp/src/main/java/org/jboss/seam/security/examples/id_consumer/VirtualApplicationCreator.java ___________________________________________________________________ Name: svn + eol-style=native Name: svn:keywords + Revision Author Date Added: modules/security/trunk/examples/saml-sp/src/main/resources/test_keystore.jks =================================================================== (Binary files differ) Property changes on: modules/security/trunk/examples/saml-sp/src/main/resources/test_keystore.jks ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: modules/security/trunk/examples/saml-sp/src/main/webapp/AuthenticationFailed.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/AuthenticationFailed.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/AuthenticationFailed.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + +<body> +<h1>Authentication failed.</h1> +</body> + +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/Configuration.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/Configuration.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/Configuration.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,24 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + <h1>Configuration</h1> + <h:outputText value="Meta Data URL for this SAML entity: #{configuration.metaDataUrl}" /> + <h2>Trusted SAML Identity Providers</h2> + <p><h:dataTable value="#{configuration.idpEntityIds}" var="idpEntityId" columnClasses="dataTableColumn"> + <h:column> + <h:outputText value="#{idpEntityId}" /> + </h:column> + </h:dataTable></p> + <h2>Add SAML Identity Provider</h2> + <h:form> + <p><h:outputText + value="Here you can add a new trusted Identity Provider by uploading the corresponding meta data." /></p> + <p><h:outputText value="Meta Data URL:" /> <h:inputText + value="#{configuration.idpMetaDataUrl}" /> <h:commandButton + action="#{configuration.addSamlIdentityProvider}" + value="Add SAML Identity Provider" /></p> + </h:form> + </ui:composition> +</f:view> Added: modules/security/trunk/examples/saml-sp/src/main/webapp/GlobalLogoutFailed.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/GlobalLogoutFailed.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/GlobalLogoutFailed.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + +<body> +<h1>Global logout failed.</h1> +</body> + +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/Index.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/Index.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/Index.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/Login.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/Login.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/Login.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,22 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core"> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>Login</h1> + <h:form> + <h:dataTable value="#{configuration.idpEntityIds}" var="idpEntityId" + columnClasses="dataTableColumn"> + <h:column> + <h:outputText value="#{idpEntityId}" /> + </h:column> + <h:column> + <h:commandLink action="#{identity.login(idpEntityId)}" + value="Login" /> + </h:column> + </h:dataTable> + </h:form> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/META-INF/MANIFEST.MF =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/META-INF/MANIFEST.MF (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/META-INF/MANIFEST.MF 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + Added: modules/security/trunk/examples/saml-sp/src/main/webapp/Menu.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/Menu.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/Menu.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,19 @@ +<ui:composition xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + + <h:form> + <h:commandLink value="Login" action="/Login.xhtml" + disabled="#{identity.loggedIn}" /> | + <h:commandLink value="Configuration" action="/Configuration.xhtml" /> | + <h:commandLink value="User Info" action="/UserInfo.xhtml" + disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Local Logout" action="#{identity.localLogout}" + disabled="#{!identity.loggedIn}" /> | + <h:commandLink value="Global Logout" action="#{identity.globalLogout}" + disabled="#{!identity.loggedIn}" /> + </h:form> + +</ui:composition> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/PageTemplate.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/PageTemplate.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/PageTemplate.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,26 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:f="http://java.sun.com/jsf/core" + xmlns:ui="http://java.sun.com/jsf/facelets"> + +<h:body> + <h:panelGroup layout="block" styleClass="page"> + + <h:head> + <link type="text/css" rel="stylesheet" href="styles.css" /> + </h:head> + + <h:panelGroup layout="block" styleClass="menu"> + <ui:include src="/Menu.xhtml" /> + </h:panelGroup> + + <h:messages /> + + <h:panelGroup layout="block" styleClass="content"> + <ui:insert /> + </h:panelGroup> + + </h:panelGroup> +</h:body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/UserInfo.xhtml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/UserInfo.xhtml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/UserInfo.xhtml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,43 @@ +<f:view xmlns="http://www.w3.org/1999/xhtml" + xmlns:ui="http://java.sun.com/jsf/facelets" + xmlns:h="http://java.sun.com/jsf/html" + xmlns:c="http://java.sun.com/jsp/jstl/core" + xmlns:f="http://java.sun.com/jsf/core"> + <f:metadata> + <f:event type="preRenderView" + listener="#{identity.redirectToLoginIfNotLoggedIn}" /> + </f:metadata> + <ui:composition template="/PageTemplate.xhtml"> + + <h1>User info</h1> + + <h:panelGrid columns="2" columnClasses="propertyName, propertyValue"> + <h:outputText value="NameID" /> + <h:outputText + value="#{identity.samlSpSession.principal.nameId.value}" /> + <h:outputText value="NameID format" /> + <h:outputText + value="#{identity.samlSpSession.principal.nameId.format}" /> + <h:outputText value="Identity provider" /> + <h:outputText + value="#{identity.samlSpSession.identityProvider.entityId}" /> + <h:outputText value="Attributes" /> + <h:dataTable value="#{identity.samlSpSession.principal.attributes}" + var="attribute"> + <h:column> + <f:facet name="header">Name</f:facet> + <h:outputText value="#{attribute.name}" /> + </h:column> + <h:column> + <f:facet name="header">Friendly name</f:facet> + <h:outputText value="#{attribute.friendlyName}" /> + </h:column> + <h:column> + <f:facet name="header">Value(s)</f:facet> + <h:outputText value="#{attribute.attributeValue}" /> + </h:column> + </h:dataTable> + </h:panelGrid> + + </ui:composition> +</f:view> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/.faces-config.xml.jsfdia 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<PROCESS model-entity="JSFProcess"/> Added: modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/beans.xml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/beans.xml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/beans.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd"> + <alternatives> + <classes>org.jboss.seam.security.external.saml.sp.SamlSpInVirtualApplicationScopeProducer</classes> + </alternatives> +</beans> Added: modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/context.xml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/context.xml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/context.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Context> + <!-- log all incoming and outgoing messages. --> + <Valve className="org.apache.catalina.valves.RequestDumperValve" /> +</Context> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/faces-config.xml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/faces-config.xml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/faces-config.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<faces-config version="2.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"> + + <name>samlsp</name> + +</faces-config> Added: modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/web.xml =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/web.xml (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/WEB-INF/web.xml 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> + + <context-param> + <param-name>javax.faces.PROJECT_STAGE</param-name> + <param-value>Development</param-value> + </context-param> + + <welcome-file-list> + <welcome-file>index.jsp</welcome-file> + </welcome-file-list> + +</web-app> Added: modules/security/trunk/examples/saml-sp/src/main/webapp/index.jsp =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/index.jsp (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/index.jsp 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,8 @@ +<html> + <head> + <title>Initial Redirect Page</title> + </head> + <body> + <% response.sendRedirect("Index.jsf"); %> + </body> +</html> \ No newline at end of file Added: modules/security/trunk/examples/saml-sp/src/main/webapp/styles.css =================================================================== --- modules/security/trunk/examples/saml-sp/src/main/webapp/styles.css (rev 0) +++ modules/security/trunk/examples/saml-sp/src/main/webapp/styles.css 2010-09-01 21:35:41 UTC (rev 13694) @@ -0,0 +1,36 @@ +.page { + width: 800px; + margin-left: auto; + margin-right: auto; +} + +.menu { + margin-top: 15px; + height: 50px; + background: #d5a5ac; + padding: 5px; +} + +.content { + margin-top: 15px; + top: 100px; + margin-left: auto; + margin-right: auto; + background: white; + padding: 5px; +} + +.propertyName { + padding: 5px; + background-color: #aaaaaa; +} + +.propertyValue { + padding: 5px; + background-color: #dddddd; +} + +.dataTableColumn { + padding: 5px; + background-color: #dddddd; +} \ No newline at end of file