[jboss-cvs] Picketlink SVN: r611 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml and 10 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Dec 20 16:58:56 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-12-20 16:58:55 -0500 (Mon, 20 Dec 2010)
New Revision: 611
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SAMLXACMLUtil.java
Modified:
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/InteropEndpointDebugTestCase.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/SOAPSAMLXACMLServletUnitTestCase.java
federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
Log:
saml xacml
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/InteropEndpointDebugTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/InteropEndpointDebugTestCase.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/InteropEndpointDebugTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -31,14 +31,15 @@
import junit.framework.TestCase;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
-//import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+//import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.w3c.dom.Document;
import org.jboss.security.xacml.core.model.context.DecisionType;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResultType;
@@ -78,31 +79,19 @@
}
}
- public void testHimss() throws Exception
- {
- if(endpoint != null)
- {
- JAXBElement<?> jb = getResponse("xacml/requests/himss-soap-request.xml");
- Envelope env = (Envelope) jb.getValue();
- Marshaller marshaller = JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage());
- marshaller.setProperty( Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE );
- marshaller.marshal(jb, System.out);
-
- check(env, false);
- }
- }
-
public void testSAMLXACML() throws Exception
{
//Read the saml request from the file
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream is = tcl.getResourceAsStream("xacml/requests/samlxacml.xml");
- Unmarshaller um = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
+ Document doc = DocumentUtil.getDocument(is);
+
+ /*Unmarshaller um = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
um.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
- JAXBElement<?> obj = (JAXBElement<?>) um.unmarshal(is);
- XACMLAuthzDecisionQueryType xat = (XACMLAuthzDecisionQueryType) obj.getValue();
+ JAXBElement<?> obj = (JAXBElement<?>) um.unmarshal(is);*/
+ XACMLAuthzDecisionQueryType xat = SOAPSAMLXACMLUtil.getXACMLQueryType(doc.getDocumentElement() );
assertNotNull(xat);
RequestType requestType = xat.getRequest();
assertTrue(requestType.getEnvironment().getAttribute().size() > 0);
@@ -134,7 +123,8 @@
private JAXBElement<?> getResponse(String fileName) throws Exception
{
- //Read the saml request from the file
+ throw new RuntimeException( "FIX" );
+ /*//Read the saml request from the file
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream is = tcl.getResourceAsStream(fileName);
@@ -149,6 +139,6 @@
m.marshal(soapRequest, System.out);
m.marshal(soapRequest, conn.getOutputStream());
- return (JAXBElement<?>) um.unmarshal(conn.getInputStream());
+ return (JAXBElement<?>) um.unmarshal(conn.getInputStream()); */
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/SOAPSAMLXACMLServletUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/SOAPSAMLXACMLServletUnitTestCase.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/SOAPSAMLXACMLServletUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -21,6 +21,10 @@
*/
package org.picketlink.test.identity.federation.bindings.servlets;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
@@ -29,91 +33,107 @@
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
-import junit.framework.TestCase;
-
+import org.jboss.security.xacml.core.model.context.DecisionType;
+import org.jboss.security.xacml.core.model.context.ResultType;
+import org.junit.Test;
import org.picketlink.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
-//import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.jboss.security.xacml.core.model.context.DecisionType;
-import org.jboss.security.xacml.core.model.context.ResultType;
-import org.junit.Ignore;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
/**
* Unit Test the SOAP SAML XACML Servlet
* @author Anil.Saldhana at redhat.com
* @since Jan 28, 2009
- */
- at Ignore
-public class SOAPSAMLXACMLServletUnitTestCase extends TestCase
+ */
+public class SOAPSAMLXACMLServletUnitTestCase
{
+ @Test
public void testPermit() throws Exception
{
- validate("xacml/requests/XacmlRequest-01-01.xml", DecisionType.PERMIT.value());
+ validate("xacml/requests/XacmlRequest-01-01.xml", DecisionType.PERMIT.value(), true );
- validate("xacml/requests/XacmlRequest-format2-01-01.xml", DecisionType.PERMIT.value());
+ validate("xacml/requests/XacmlRequest-format2-01-01.xml", DecisionType.PERMIT.value(), true );
}
+ @Test
public void testDeny() throws Exception
{
- validate("xacml/requests/XacmlRequest-01-02.xml", DecisionType.DENY.value());
+ validate("xacml/requests/XacmlRequest-01-02.xml", DecisionType.DENY.value(), true );
}
-
- @SuppressWarnings("unchecked")
+
+ @Test
public void testIncorrectInput() throws Exception
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
- String garbage = "fdfdsfdfk";
+ String garbage = "<fdfdsfdfk/>";
ByteArrayInputStream bis = new ByteArrayInputStream(garbage.getBytes());
SOAPSAMLXACMLServlet servlet = new SOAPSAMLXACMLServlet();
servlet.init(new TestServletConfig(getServletContext()));
- ServletRequest sreq = new TestServletRequest(bis);
+ ServletRequest sreq = new TestServletRequest( getSOAPStream( bis ));
ServletResponse sresp = new TestServletResponse(baos);
servlet.service(sreq, sresp);
sresp.flushBuffer(); //Flush the servlet response ServletOutputStream to our baos
bis = new ByteArrayInputStream(baos.toByteArray());
- Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
+
+ SOAPMessage soapMessage = SOAPSAMLXACMLUtil.getSOAPMessage(bis);
+ Node xacmlNode = soapMessage.getSOAPBody().getChildNodes().item(0);
+ assertTrue( xacmlNode instanceof Element );
+ Element xacmlElement = (Element) xacmlNode;
+ assertTrue( xacmlElement.getLocalName().equals( "Fault" ) );
+ /*Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
JAXBElement<Envelope> jax = (JAXBElement<Envelope>) un.unmarshal(bis);
Envelope envelope = jax.getValue();
assertNotNull("Envelope is not null", envelope);
JAXBElement<?> fault = (JAXBElement<?>) envelope.getBody().getAny().get(0);
- assertTrue(fault.getValue() instanceof Fault);
+ assertTrue(fault.getValue() instanceof Fault);*/
}
+ @Test
public void testInteropSOAPRequest() throws Exception
{
- validate("xacml/requests/interop-request.xml", DecisionType.PERMIT.value());
+ validate("xacml/requests/interop-request.xml", DecisionType.PERMIT.value(), false );
}
-
- @SuppressWarnings("unchecked")
- private void validate(String requestFile, String value) throws Exception
- {
- throw new RuntimeException();
- /*ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ private void validate(String requestFile, String value, boolean needSOAPWrapping ) throws Exception
+ {
+ InputStream is = getInputStream(requestFile);
+ if(is == null)
+ throw new IllegalArgumentException("Input Stream to request file is null");
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
SOAPSAMLXACMLServlet servlet = new SOAPSAMLXACMLServlet();
servlet.init(new TestServletConfig(getServletContext()));
- InputStream is = getInputStream(requestFile);
- if(is == null)
- throw new IllegalArgumentException("Input Stream to request file is null");
- ServletRequest sreq = new TestServletRequest(is);
+
+ if( needSOAPWrapping )
+ is = getSOAPStream( is );
+
+ ServletRequest sreq = new TestServletRequest( is );
ServletResponse sresp = new TestServletResponse(baos);
servlet.service(sreq, sresp);
sresp.flushBuffer(); //Flush the servlet response ServletOutputStream to our baos
+
+ ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+
+ SOAPMessage soapMessage = SOAPSAMLXACMLUtil.getSOAPMessage(bis);
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
- Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
+ Node xacmlNode = soapMessage.getSOAPBody().getChildNodes().item(0);
+ XACMLAuthzDecisionStatementType xacmlStatement = SOAPSAMLXACMLUtil.getDecisionStatement( xacmlNode );
+ /*Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
JAXBElement<Envelope> jax = (JAXBElement<Envelope>) un.unmarshal(bis);
Envelope envelope = jax.getValue();
assertNotNull("Envelope is not null", envelope);
@@ -124,12 +144,14 @@
assertNotNull("ResponseType is not null", responseType);
AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
XACMLAuthzDecisionStatementType xacmlStatement = (XACMLAuthzDecisionStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
+ */
+
assertNotNull("XACML Authorization Statement is not null", xacmlStatement);
org.jboss.security.xacml.core.model.context.ResponseType xacmlResponse = xacmlStatement.getResponse();
ResultType resultType = xacmlResponse.getResult().get(0);
DecisionType decision = resultType.getDecision();
assertNotNull("Decision is not null", decision);
- assertEquals(value, decision.value());*/
+ assertEquals(value, decision.value());
}
private ServletContext getServletContext()
@@ -144,4 +166,22 @@
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
return tcl.getResourceAsStream(requestFileLoc);
}
+
+ private InputStream getSOAPStream( InputStream dataStream ) throws Exception
+ {
+ MessageFactory messageFactory = MessageFactory.newInstance();
+ SOAPMessage message = messageFactory.createMessage();
+ SOAPPart soapPart = message.getSOAPPart();
+ SOAPEnvelope envelope = soapPart.getEnvelope();
+ SOAPBody body = envelope.getBody();
+
+ body.addDocument( DocumentUtil.getDocument(dataStream));
+ message.saveChanges();
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ message.writeTo(baos);
+
+ System.out.println( new String( baos.toByteArray() ) );
+ return new ByteArrayInputStream( baos.toByteArray() );
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java
===================================================================
--- federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/servlets/TestServletRequest.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -74,14 +74,12 @@
}
public String getHeader(String name)
- {
-
+ {
return null;
}
public Enumeration getHeaderNames()
- {
-
+ {
return null;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -21,6 +21,9 @@
*/
package org.picketlink.identity.federation.core.parsers.saml;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
@@ -29,6 +32,8 @@
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -46,6 +51,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.EncryptedAssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.w3c.dom.Element;
/**
@@ -156,6 +162,37 @@
AttributeStatementType attributeStatementType = SAMLParserUtil.parseAttributeStatement( xmlEventReader );
assertion.addStatement(attributeStatementType);
}
+ else if( JBossSAMLConstants.STATEMENT.get().equalsIgnoreCase( tag ) )
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+
+ String xsiTypeValue = StaxParserUtil.getXSITypeValue(startElement);
+ if( xsiTypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_STATEMENT_TYPE.get() ))
+ {
+ XACMLAuthzDecisionStatementType authZStat = new XACMLAuthzDecisionStatementType();
+
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ tag = StaxParserUtil.getStartElementName(startElement);
+
+ if( tag.contains( JBossSAMLConstants.RESPONSE.get() ) )
+ {
+ authZStat.setResponse( getXACMLResponse( xmlEventReader ));
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ //There may be request also
+ tag = StaxParserUtil.getStartElementName(startElement);
+ if( tag.contains( JBossSAMLConstants.REQUEST.get() ) )
+ {
+ authZStat.setRequest( getXACMLRequest( xmlEventReader ));
+ }
+ }
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATEMENT.get() );
+ assertion.addStatement(authZStat);
+ }
+ else
+ throw new RuntimeException( "Unknown xsi:type=" + xsiTypeValue );
+ }
else throw new RuntimeException( "SAMLAssertionParser:: unknown: " + tag );
}
return assertion;
@@ -186,4 +223,44 @@
return new AssertionType( id, issueInstant, version );
}
+
+ @SuppressWarnings("unchecked")
+ private ResponseType getXACMLResponse( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ Element xacmlResponse = StaxParserUtil.getDOMElement(xmlEventReader);
+ //xacml request
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ try
+ {
+ JAXBContext jaxb = JAXBContext.newInstance( xacmlPath );
+ Unmarshaller un = jaxb.createUnmarshaller();
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+ JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) un.unmarshal( DocumentUtil.getNodeAsStream(xacmlResponse));
+ return jaxbResponseType.getValue();
+ }
+ catch ( Exception e)
+ {
+ throw new ParsingException( e );
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ private RequestType getXACMLRequest( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ Element xacmlRequest = StaxParserUtil.getDOMElement(xmlEventReader);
+ //xacml request
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ try
+ {
+ JAXBContext jaxb = JAXBContext.newInstance( xacmlPath );
+ Unmarshaller un = jaxb.createUnmarshaller();
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+ JAXBElement<RequestType> jaxbRequestType = (JAXBElement<RequestType>) un.unmarshal( DocumentUtil.getNodeAsStream(xacmlRequest));
+ return jaxbRequestType.getValue();
+ }
+ catch ( Exception e)
+ {
+ throw new ParsingException( e );
+ }
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLRequestAbstractParser.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -85,6 +85,8 @@
protected void parseCommonElements( StartElement startElement, XMLEventReader xmlEventReader,
RequestAbstractType request ) throws ParsingException
{
+ if( startElement == null )
+ throw new IllegalArgumentException( " startElement is null" );
String elementName = StaxParserUtil.getStartElementName( startElement );
if( JBossSAMLConstants.ISSUER.get().equals( elementName ))
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/xacml/SAMLXACMLRequestParser.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -65,7 +65,7 @@
return parseXACMLAuthzDecisionQuery(startElement, xmlEventReader);
}
- return null;
+ throw new RuntimeException( "Parsing Failed: Unknown Tag=" + tag );
}
public boolean supports(QName qname)
@@ -106,6 +106,8 @@
break;
}
startElement = StaxParserUtil.peekNextStartElement( xmlEventReader );
+ if( startElement == null )
+ break;
super.parseCommonElements(startElement, xmlEventReader, xacmlQuery);
String tag = StaxParserUtil.getStartElementName(startElement);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -142,7 +142,7 @@
throw new ParsingException( e );
}
}
-
+
/**
* Get the element text.
* @param xmlEventReader
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -102,6 +102,7 @@
SIGNATURE_SHA1_WITH_RSA("http://www.w3.org/2000/09/xmldsig#rsa-sha1"),
SINGLE_SIGNON_SERVICE( "SingleSignOnService" ),
SINGLE_LOGOUT_SERVICE( "SingleLogoutService" ),
+ STATEMENT( "Statement" ),
STATUS( "Status" ),
STATUS_CODE( "StatusCode" ),
STATUS_DETAIL( "StatusDetail" ),
@@ -117,6 +118,7 @@
WANT_AUTHN_REQUESTS_SIGNED( "WantAuthnRequestsSigned" ),
XACML_AUTHZ_DECISION_QUERY( "XACMLAuthzDecisionQuery" ),
XACML_AUTHZ_DECISION_QUERY_TYPE( "XACMLAuthzDecisionQueryType" ),
+ XACML_AUTHZ_DECISION_STATEMENT_TYPE( "XACMLAuthzDecisionStatementType" ),
HTTP_POST_BINDING("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
private String val;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -104,6 +104,8 @@
X500_PREFIX("x500"),
X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
+ XACML_SAML_NSURI( "urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os" ),
+ XACML_SAML_PROTO_NSURI( "urn:oasis:xacml:2.0:saml:protocol:schema:os" ),
XML( "http://www.w3.org/XML/1998/namespace" ),
XMLSCHEMA_NSURI("http://www.w3.org/2001/XMLSchema"),
XMLDSIG_NSURI("http://www.w3.org/2000/09/xmldsig#"),
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SAMLXACMLUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SAMLXACMLUtil.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -0,0 +1,88 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.saml.v2.util;
+
+import java.io.ByteArrayOutputStream;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.transform.stream.StreamResult;
+
+import org.jboss.security.xacml.core.model.context.ObjectFactory;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.util.TransformerUtil;
+import org.w3c.dom.Document;
+
+/**
+ * Utility for SAML and XACML
+ * @author Anil.Saldhana at redhat.com
+ * @since Dec 20, 2010
+ */
+public class SAMLXACMLUtil
+{
+ public final static String XACML_PKG_PATH = "org.jboss.security.xacml.core.model.context";
+
+ public static JAXBContext getJAXBContext() throws JAXBException
+ {
+ return JAXBContext.newInstance( XACML_PKG_PATH );
+ }
+
+ public static Document getXACMLResponse( ResponseType responseType ) throws ProcessingException
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ JAXBElement<?> jaxb = (new ObjectFactory()).createResponse( responseType );
+
+ StreamResult result = new StreamResult( baos );
+
+ try
+ {
+ TransformerUtil.transform( SAMLXACMLUtil.getJAXBContext(), jaxb, result);
+ return DocumentUtil.getDocument( new String( baos.toByteArray() ));
+ }
+ catch ( Exception e )
+ {
+ throw new ProcessingException( e );
+ }
+ }
+
+ public static Document getXACMLRequest( RequestType requestType ) throws ProcessingException
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Marshaller marshaller = getMarshaller();
+ JAXBElement<?> jaxb = (new ObjectFactory()).createRequest( requestType );
+
+ StreamResult result = new StreamResult( baos );
+
+ try
+ {
+ TransformerUtil.transform( getJAXBContext(), jaxb, result);
+ return DocumentUtil.getDocument( new String( baos.toByteArray() ));
+ }
+ catch ( Exception e )
+ {
+ throw new ProcessingException( e );
+ }
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -21,21 +21,32 @@
*/
package org.picketlink.identity.federation.core.saml.v2.util;
-import java.io.StringReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+import java.util.Set;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.stream.XMLEventReader;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.parsers.saml.xacml.SAMLXACMLRequestParser;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.ObjectFactory;
-import org.w3c.dom.Element;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
+import org.w3c.dom.Node;
/**
* Utility associated with SOAP 1.1 Envelope,
@@ -44,60 +55,75 @@
* @since Jan 28, 2009
*/
public class SOAPSAMLXACMLUtil
-{
- private static String SOAP_PKG = "org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope";
- private static String SAML_PROTO_PKG = "org.picketlink.identity.federation.saml.v2.protocol";
- private static String XACML_CTX_PKG = "org.jboss.security.xacml.core.model.context";
- private static String XACML_SAMLPROTO_PKG = "org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol";
- private static String XACML_SAMLASSERT_PKG = "org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion";
-
- private static String COLON = ":";
-
- private static String collectivePackage = getPackage();
-
- private static org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.ObjectFactory
- queryTypeObjectFactory = new org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.ObjectFactory();
-
- private static ObjectFactory statementObjectFactory = new ObjectFactory();
-
+{
/**
* Parse the XACML Authorization Decision Query from the Dom Element
* @param samlRequest
* @return
- * @throws TransformerException
- * @throws TransformerFactoryConfigurationError
- * @throws JAXBException
+ * @throws ProcessingException
+ * @throws ConfigurationException
+ * @throws ParsingException
*/
- public static XACMLAuthzDecisionQueryType getXACMLQueryType(Element samlRequest)
- throws ConfigurationException, ProcessingException, JAXBException
+ public static XACMLAuthzDecisionQueryType getXACMLQueryType( Node samlRequest )
+ throws ParsingException, ConfigurationException, ProcessingException
{
//We reparse it because the document may have issues with namespaces
- String elementString = DocumentUtil.getDOMElementAsString(samlRequest);
- Unmarshaller um = JAXBUtil.getUnmarshaller(collectivePackage);
+ //String elementString = DocumentUtil.getDOMElementAsString(samlRequest);
+
+ XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader( DocumentUtil.getNodeAsStream( samlRequest ));
+ SAMLXACMLRequestParser samlXACMLRequestParser = new SAMLXACMLRequestParser();
+ return (XACMLAuthzDecisionQueryType) samlXACMLRequestParser.parse(xmlEventReader);
+
+ /*Unmarshaller um = JAXBUtil.getUnmarshaller(collectivePackage);
um.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
JAXBElement<?> obj = (JAXBElement<?>) um.unmarshal(new StringReader(elementString));
Object xacmlObject = obj.getValue();
if(xacmlObject instanceof XACMLAuthzDecisionQueryType == false)
throw new RuntimeException("Unsupported type:" + xacmlObject);
- return (XACMLAuthzDecisionQueryType)xacmlObject;
+ return (XACMLAuthzDecisionQueryType)xacmlObject; */
}
- public static Marshaller getMarshaller() throws JAXBException
+ public static XACMLAuthzDecisionStatementType getDecisionStatement( Node samlResponse ) throws ConfigurationException, ProcessingException, ParsingException
{
- return JAXBUtil.getMarshaller(getPackage());
+ XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader( DocumentUtil.getNodeAsStream( samlResponse ));
+ SAMLParser samlParser = new SAMLParser();
+ ResponseType response = (ResponseType) samlParser.parse( xmlEventReader );
+ List<RTChoiceType> choices = response.getAssertions();
+ for( RTChoiceType rst: choices )
+ {
+ AssertionType assertion = rst.getAssertion();
+ if( assertion == null )
+ continue;
+ Set<StatementAbstractType> stats = assertion.getStatements();
+ for( StatementAbstractType stat: stats )
+ {
+ if( stat instanceof XACMLAuthzDecisionStatementType )
+ {
+ return (XACMLAuthzDecisionStatementType) stat;
+ }
+ }
+ }
+
+ throw new RuntimeException( "Not found XACMLAuthzDecisionStatementType" );
}
- public static Unmarshaller getUnmarshaller() throws JAXBException
+ public static SOAPMessage getSOAPMessage( InputStream is ) throws IOException, SOAPException
{
- return JAXBUtil.getUnmarshaller(getPackage());
+ MessageFactory messageFactory = MessageFactory.newInstance();
+ return messageFactory.createMessage(null, is );
}
- public static String getPackage()
+ public static SOAPMessage createFault( String message ) throws SOAPException
{
- StringBuffer buf = new StringBuffer();
- buf.append(SOAP_PKG).append(COLON).append(SAML_PROTO_PKG).append(COLON);
- buf.append(XACML_CTX_PKG).append(COLON).append(XACML_SAMLPROTO_PKG).append(COLON).append(XACML_SAMLASSERT_PKG);
- return buf.toString();
+ MessageFactory messageFactory = MessageFactory.newInstance();
+ SOAPMessage msg = messageFactory.createMessage() ;
+ SOAPEnvelope envelope = msg.getSOAPPart().getEnvelope();
+ SOAPBody body = envelope.getBody();
+ SOAPFault fault = body.addFault();
+ fault.setFaultCode("Server");
+ fault.setFaultActor( "urn:picketlink" );
+ fault.setFaultString( message );
+ return msg;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -49,6 +49,9 @@
{
protected static String PROTOCOL_PREFIX = "samlp";
protected static String ASSERTION_PREFIX = "saml";
+ protected static String XACML_SAML_PREFIX = "xacml-saml";
+ protected static String XACML_SAML_PROTO_PREFIX = "xacml-samlp";
+ protected static String XSI_PREFIX = "xsi";
protected XMLStreamWriter writer = null;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -27,8 +27,12 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.SAMLXACMLUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.wstrust.WSTrustConstants;
@@ -56,9 +60,11 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType.STSubType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.URIType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509CertificateType;
import org.picketlink.identity.xmlsec.w3.xmldsig.X509DataType;
+import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -159,7 +165,11 @@
{
write((AttributeStatementType) statement);
}
- else
+ else if (statement instanceof XACMLAuthzDecisionStatementType )
+ {
+ write((XACMLAuthzDecisionStatementType) statement);
+ }
+ else
throw new RuntimeException("unknown statement type=" + statement.getClass().getName());
}
}
@@ -215,8 +225,7 @@
*/
public void write(AuthnStatementType authnStatement) throws ProcessingException
{
- StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get(), ASSERTION_NSURI
- .get());
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_STATEMENT.get(), ASSERTION_NSURI.get());
XMLGregorianCalendar authnInstant = authnStatement.getAuthnInstant();
if (authnInstant != null)
@@ -231,7 +240,73 @@
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
+
+ public void write( XACMLAuthzDecisionStatementType xacmlStat ) throws ProcessingException
+ {
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.STATEMENT.get(), ASSERTION_NSURI.get());
+
+ StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ASSERTION_NSURI.get());
+ StaxUtil.writeNameSpace(writer, XACML_SAML_PREFIX, JBossSAMLURIConstants.XACML_SAML_NSURI.get());
+ StaxUtil.writeNameSpace(writer, XACML_SAML_PROTO_PREFIX, JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get());
+ StaxUtil.writeNameSpace(writer, XSI_PREFIX, JBossSAMLURIConstants.XSI_NSURI.get());
+
+ StaxUtil.writeAttribute( writer,
+ new QName( JBossSAMLURIConstants.XSI_NSURI.get(),JBossSAMLConstants.TYPE.get(), XSI_PREFIX),
+ XACMLAuthzDecisionStatementType.XSI_TYPE );
+
+ ResponseType responseType = xacmlStat.getResponse();
+ if( responseType == null )
+ throw new RuntimeException( " XACML response is null" );
+
+ Document doc = SAMLXACMLUtil.getXACMLResponse(responseType);
+ StaxUtil.writeDOMElement(writer, doc.getDocumentElement() );
+
+ /*try
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Marshaller marshaller = getMarshaller();
+ JAXBElement<?> jaxb = (new ObjectFactory()).createResponse(responseType);
+
+ StreamResult result = new StreamResult( baos );
+
+ TransformerUtil.transform( SAMLXACMLUtil.getJAXBContext(), jaxb, result);
+ Document doc = DocumentUtil.getDocument( new String( baos.toByteArray() ));
+ StaxUtil.writeDOMNode(writer, doc.getDocumentElement() );
+ //marshaller.marshal(jaxb, writer);
+ }
+ catch ( Exception e)
+ {
+ throw new ProcessingException( e );
+ }*/
+
+ RequestType requestType = xacmlStat.getRequest();
+ if( requestType != null )
+ {
+ StaxUtil.writeDOMNode(writer, SAMLXACMLUtil.getXACMLRequest(requestType).getDocumentElement() );
+
+ /*try
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Marshaller marshaller = getMarshaller();
+ JAXBElement<?> jaxb = (new ObjectFactory()).createRequest( requestType );
+
+ StreamResult result = new StreamResult( baos );
+
+ TransformerUtil.transform( getJAXBContext(), jaxb, result);
+ Document doc = DocumentUtil.getDocument( new String( baos.toByteArray() ));
+ StaxUtil.writeDOMNode(writer, doc.getDocumentElement() );
+ //marshaller.marshal( jaxb, writer );
+ }
+ catch ( Exception e )
+ {
+ throw new ProcessingException( e );
+ }*/
+ }
+ StaxUtil.writeEndElement(writer);
+ StaxUtil.flush(writer);
+ }
+
/**
* Write an {@code AuthnContextType} to stream
*
@@ -241,8 +316,7 @@
*/
public void write(AuthnContextType authContext) throws ProcessingException
{
- StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get(), ASSERTION_NSURI
- .get());
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT.get(), ASSERTION_NSURI.get());
AuthnContextTypeSequence sequence = authContext.getSequence();
if (sequence != null)
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -460,7 +460,7 @@
}
catch (XMLStreamException e)
{
- throw new ProcessingException(e);
+ //throw new ProcessingException(e);
}
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/TransformerUtil.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -25,9 +25,14 @@
import java.util.Properties;
import java.util.Stack;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.util.JAXBSource;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.Characters;
+import javax.xml.stream.events.Comment;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.Namespace;
import javax.xml.stream.events.StartElement;
@@ -115,7 +120,22 @@
throw new ParsingException( e );
}
}
+
+ public static void transform( JAXBContext context, JAXBElement<?> jaxb, Result result ) throws ParsingException
+ {
+ try
+ {
+ Transformer transformer = getTransformer();
+ JAXBSource jaxbSource = new JAXBSource(context, jaxb );
+ transformer.transform( jaxbSource , result );
+ }
+ catch ( Exception e )
+ {
+ throw new ParsingException( e );
+ }
+ }
+
/**
* Custom Project {@code Transformer} that can take in a {@link StAXSource}
* and transform into {@link DOMResult}
@@ -169,7 +189,12 @@
Element docStartElement = handleStartElement(xmlEventReader, startElement, holder );
Node el = doc.importNode(docStartElement, true);
- Node top = stack.peek();
+ Node top = null;
+
+ if( !stack.isEmpty())
+ {
+ top = stack.peek();
+ }
if( !holder.encounteredTextNode )
{
@@ -310,13 +335,25 @@
}
XMLEvent nextEvent = StaxParserUtil.peek(xmlEventReader);
- if( nextEvent.getEventType() == XMLEvent.CHARACTERS )
- {
- holder.encounteredTextNode = true;
- String text = StaxParserUtil.getElementText(xmlEventReader);
- Node textNode = doc.createTextNode( text );
- textNode = doc.importNode(textNode, true);
- el.appendChild( textNode );
+ if( nextEvent instanceof Comment )
+ {
+ Comment commentEvent = (Comment) nextEvent;
+ Node commentNode = doc.createComment( commentEvent.getText() );
+ commentNode = doc.importNode(commentNode, true);
+ el.appendChild(commentNode);
+ }
+ else if( nextEvent.getEventType() == XMLEvent.CHARACTERS )
+ {
+ Characters characterEvent = (Characters) nextEvent;
+ String trimmedData = characterEvent.getData().trim();
+ if( trimmedData != null && trimmedData.length() > 0 )
+ {
+ holder.encounteredTextNode = true;
+ String text = StaxParserUtil.getElementText(xmlEventReader);
+ Node textNode = doc.createTextNode( text );
+ textNode = doc.importNode(textNode, true);
+ el.appendChild( textNode );
+ }
}
return el;
}
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -47,6 +47,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationDataType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectConfirmationType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.StatusType;
@@ -177,10 +178,10 @@
AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatements().iterator().next();
- List<org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes();
+ List<AttributeStatementType.ASTChoiceType> attributes = attributeStatement.getAttributes();
assertEquals( 2, attributes.size() );
- for( org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType attr: attributes )
+ for( AttributeStatementType.ASTChoiceType attr: attributes )
{
AttributeType attribute = attr.getAttribute();
assertEquals( "role", attribute.getFriendlyName() );
@@ -192,59 +193,27 @@
String str = (String ) attributeValues.get( 0 );
if( ! ( str.equals( "employee") || str.equals( "manager" )))
throw new RuntimeException( "attrib value not found" );
- }
+ }
+ }
+
+ @Test
+ public void testXACMLDecisionStatements() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream( "saml-xacml/saml-xacml-response-1.xml" );
- /*List<JAXBElement<?>> content = subject.getContent();
+ SAMLParser parser = new SAMLParser();
+ ResponseType response = ( ResponseType ) parser.parse(configStream);
+ assertNotNull( "ResponseType is not null", response );
- int size = content.size();
+ //Get the assertion
+ AssertionType assertion = (AssertionType) response.getAssertions().get(0).getAssertion();
+ assertEquals( "ID_response-id:1", assertion.getID() );
+ assertEquals( XMLTimeUtil.parse( "2008-03-19T22:17:13Z" ), assertion.getIssueInstant() );
+ assertEquals( "2.0", assertion.getVersion() );
- for( int i = 0 ; i < size; i++ )
- {
- JAXBElement<?> node = content.get(i);
- Class<?> clazz = node.getDeclaredType();
-
- if( clazz.equals( NameIDType.class ))
- {
- NameIDType subjectNameID = (NameIDType) node.getValue();
-
- assertEquals( "anil", subjectNameID.getValue() );
- assertEquals( "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", subjectNameID.getFormat() );
- }
-
- else if( clazz.equals( SubjectConfirmationType.class ))
- {
- SubjectConfirmationType subjectConfirmation = (SubjectConfirmationType) node.getValue();
- assertEquals( "urn:oasis:names:tc:SAML:2.0:cm:bearer", subjectConfirmation.getMethod() );
-
- SubjectConfirmationDataType subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
- assertEquals( "ID_04ded476-d73c-48af-b3a9-232a52905ffb", subjectConfirmationData.getInResponseTo() );
- assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-11-04T00:19:16.842-05:00" ), subjectConfirmationData.getNotOnOrAfter() );
- assertEquals( "http://localhost:8080/employee/", subjectConfirmationData.getRecipient());
- }
-
- else if( clazz.equals( AttributeStatementType.class ))
- {
- AttributeStatementType attributeStatement = (AttributeStatementType) node.getValue();
- List<Object> attributes = attributeStatement.getAttributeOrEncryptedAttribute();
- assertEquals( 2, attributes.size() );
-
- for( Object attr: attributes )
- {
- AttributeType attribute = (AttributeType) attr;
- assertEquals( "role", attribute.getFriendlyName() );
- assertEquals( "role", attribute.getName() );
- assertEquals( "role", attribute.getNameFormat() );
- List<Object> attributeValues = attribute.getAttributeValue();
- assertEquals( 1, attributeValues.size() );
-
- String str = (String ) attributeValues.get( 0 );
- if( ! ( str.equals( "employee") || str.equals( "manager" )))
- throw new RuntimeException( "attrib value not found" );
- }
- }
- else
- throw new RuntimeException( "unknown" );
- } */
+ XACMLAuthzDecisionStatementType xacmlStat = (XACMLAuthzDecisionStatementType) assertion.getStatements().iterator().next();
+ assertNotNull( xacmlStat.getRequest() );
+ assertNotNull( xacmlStat.getResponse() );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -34,6 +34,8 @@
/**
* Read a SAML-XACML request
+ *
+ * @see {@code SAMLResponseParserTestCase#testXACMLDecisionStatements()}
* @author Anil.Saldhana at redhat.com
* @since Jan 8, 2009
*/
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/newmodel/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -49,6 +49,7 @@
public class XACMLAuthzDecisionStatementType
extends StatementAbstractType
{
+ public static final String XSI_TYPE = "xacml-samlp:XACMLAuthzDecisionStatementType";
protected ResponseType response;
protected RequestType request;
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-12-16 23:05:03 UTC (rev 610)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2010-12-20 21:58:55 UTC (rev 611)
@@ -21,6 +21,8 @@
*/
package org.picketlink.identity.federation.web.servlets.saml;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -33,38 +35,44 @@
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.bind.helpers.DefaultValidationEventHandler;
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.stream.XMLStreamWriter;
import org.apache.log4j.Logger;
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.core.JBossRequestContext;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.jboss.security.xacml.core.model.context.ResultType;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.ResponseContext;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
-import org.picketlink.identity.federation.core.factories.SOAPFactory;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
-import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
-import org.picketlink.identity.federation.core.util.JAXBUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.newmodel.saml.v2.protocol.RequestAbstractType;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
-import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
-import org.jboss.security.xacml.core.JBossPDP;
-import org.jboss.security.xacml.core.JBossRequestContext;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResponseType;
-import org.jboss.security.xacml.core.model.context.ResultType;
-import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.ResponseContext;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
/**
* Servlet that can read SOAP 1.1 messages that contain
@@ -76,16 +84,16 @@
{
private static Logger log = Logger.getLogger(SOAPSAMLXACMLServlet.class);
private boolean trace = log.isTraceEnabled();
-
+
private static final long serialVersionUID = 1L;
-
+
private String policyConfigFileName = null;
-
+
private String issuerId = null;
private String issuer = null;
-
+
boolean debug = false;
-
+
private transient PolicyDecisionPoint pdp = null;
public void init(ServletConfig config) throws ServletException
@@ -93,15 +101,15 @@
issuerId = config.getInitParameter("issuerID");
if(issuerId == null)
issuerId = "issue-id:1";
-
+
issuer = config.getInitParameter("issuer");
if(issuer == null)
issuer = "urn:jboss-identity";
-
+
policyConfigFileName = config.getInitParameter("policyConfigFileName");
if(policyConfigFileName == null)
policyConfigFileName = "policyConfig.xml";
-
+
String debugStr = config.getInitParameter("debug");
try
{
@@ -111,19 +119,19 @@
{
debug = false;
}
-
+
if(trace)
{
log.trace("Issuer=" + issuer + " :: issuerID=" + issuerId);
log.trace("PolicyConfig File:" + policyConfigFileName);
log.trace("Debug="+debug);
}
-
+
if(debug)
{
SecurityActions.setSystemProperty("jaxb.debug", "true");
}
-
+
try
{
pdp = this.getPDP();
@@ -136,29 +144,74 @@
super.init(config);
}
-
- @SuppressWarnings("unchecked")
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
- throw new RuntimeException( "FIX" );
- /*JAXBElement<RequestAbstractType> jaxbRequestType = null;
-
+ XACMLAuthzDecisionQueryType xacmlRequest = null;
+ MessageFactory messageFactory = null;
+ SOAPMessage returnSOAPMessage = null;
+ try
+ {
+ try
+ {
+ messageFactory = MessageFactory.newInstance();
+ SOAPMessage soapMessage = messageFactory.createMessage( null, req.getInputStream() );
+ SOAPEnvelope soapEnvelope = soapMessage.getSOAPPart().getEnvelope();
+ SOAPBody soapBody = soapEnvelope.getBody();
+ NodeList nl = soapBody.getChildNodes();
+ Node node = null;
+
+ int length = nl != null ? nl.getLength() : 0;
+ for( int i = 0; i < length; i++ )
+ {
+ Node n = nl.item(i);
+ String localName = n.getLocalName();
+ if( localName != null && ( localName.contains( JBossSAMLConstants.XACML_AUTHZ_DECISION_QUERY.get() )
+ || localName.contains( JBossSAMLConstants.REQUEST_ABSTRACT.get() )))
+ {
+ node = n;
+ break;
+ }
+ }
+ if( node == null )
+ throw new ServletException( "Did not find XACML query nodes" );
+ xacmlRequest = SOAPSAMLXACMLUtil.getXACMLQueryType( node );
+ }
+ catch (SOAPException e)
+ {
+ e.printStackTrace();
+ throw new ServletException( e );
+ }
+ catch (ParsingException e)
+ {
+ throw new ServletException( e );
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ServletException( e );
+ }
+ catch (ProcessingException e)
+ {
+ throw new ServletException( e );
+ }
+
+ /*JAXBElement<RequestAbstractType> jaxbRequestType = null;
+
Envelope envelope = null;
XACMLAuthzDecisionQueryType xacmlRequest = null;
-
+
try
{
Document inputDoc = DocumentUtil.getDocument(req.getInputStream());
if(debug && trace)
log.trace("Received SOAP:"+DocumentUtil.asString(inputDoc));
-
+
Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
if(debug)
un.setEventHandler(new DefaultValidationEventHandler());
Object unmarshalledObject = un.unmarshal(DocumentUtil.getNodeAsStream(inputDoc));
-
+
if(unmarshalledObject instanceof JAXBElement)
{
JAXBElement<?> jaxbElement = (JAXBElement<?>) unmarshalledObject;
@@ -185,57 +238,82 @@
xacmlRequest = (XACMLAuthzDecisionQueryType) element;
}
}
+
+ */
+
+
if(xacmlRequest == null)
throw new IOException("XACML Request not parsed");
RequestType requestType = xacmlRequest.getRequest();
-
+
RequestContext requestContext = new JBossRequestContext();
requestContext.setRequest(requestType);
-
+
//pdp evaluation is thread safe
ResponseContext responseContext = pdp.evaluate(requestContext);
-
+
ResponseType responseType = new ResponseType();
ResultType resultType = responseContext.getResult();
responseType.getResult().add(resultType);
XACMLAuthzDecisionStatementType xacmlStatement =
XACMLContextFactory.createXACMLAuthzDecisionStatementType(requestType, responseType);
-
+
//Place the xacml statement in an assertion
//Then the assertion goes inside a SAML Response
-
+
String ID = IDGenerator.create("ID_");
SAML2Response saml2Response = new SAML2Response();
IssuerInfoHolder issuerInfo = new IssuerInfoHolder(this.issuer);
-
+
List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
statements.add(xacmlStatement);
-
+
AssertionType assertion = SAMLAssertionFactory.createAssertion(ID,
issuerInfo.getIssuer(),
XMLTimeUtil.getIssueInstant(),
null,
null,
statements);
-
- JAXBElement<?> jaxbResponse = JAXBElementMappingUtil.get(saml2Response.createResponseType(ID, issuerInfo, assertion));
-
+
+ org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType = saml2Response.createResponseType(ID, issuerInfo, assertion);
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
+
+ SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter( xmlStreamWriter );
+ samlResponseWriter.write( samlResponseType );
+ Document responseDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+
+ returnSOAPMessage = messageFactory.createMessage();
+ SOAPBody returnSOAPBody = returnSOAPMessage.getSOAPBody();
+ returnSOAPBody.addDocument( responseDocument );
+
+ /*JAXBElement<?> jaxbResponse = JAXBElementMappingUtil.get();
+
//Create a SOAP Envelope to hold the SAML response
- envelope = this.createEnvelope(jaxbResponse);
+ envelope = this.createEnvelope(jaxbResponse); */
}
- catch (JAXBException e)
+ /*catch (JAXBException e)r
{
String id = IDGenerator.create();
log.error(id + "::Exception parsing SOAP:", e);
envelope = this.createEnvelope(this.createFault("Parsing Error. Reference::" + id));
- }
- catch (Exception e)
+ } */
+ catch ( Exception e )
{
+ e.printStackTrace();
String id = IDGenerator.create();
log.error(id + "::Exception:", e);
- envelope = this.createEnvelope(this.createFault("Server Error. Reference::" + id));
+ try
+ {
+ returnSOAPMessage = SOAPSAMLXACMLUtil.createFault( "Server Error" );
+ }
+ catch (SOAPException e1)
+ {
+ }
+ //envelope = this.createEnvelope(this.createFault("Server Error. Reference::" + id));
}
finally
{
@@ -243,19 +321,22 @@
OutputStream os = resp.getOutputStream();
try
{
- if(envelope == null)
+ if( returnSOAPMessage == null )
+ throw new RuntimeException( "SOAPMessage for return is null" );
+ returnSOAPMessage.writeTo( os );
+ /*if(envelope == null)
throw new IllegalStateException("SOAPEnvelope is null");
JAXBElement<?> jaxbEnvelope = JAXBElementMappingUtil.get(envelope);
Marshaller marshaller = JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage());
- marshaller.marshal(jaxbEnvelope, os);
+ marshaller.marshal(jaxbEnvelope, os); */
}
- catch (JAXBException e)
+ catch ( Exception e )
{
log("marshalling exception",e);
}
- } */
+ }
}
-
+
private PolicyDecisionPoint getPDP() throws PrivilegedActionException
{
ClassLoader tcl = SecurityActions.getContextClassLoader();
@@ -263,21 +344,5 @@
if(is == null)
throw new IllegalStateException(policyConfigFileName + " could not be located");
return new JBossPDP(is);
- }
-
- private Envelope createEnvelope(Object obj)
- {
- Envelope envelope = SOAPFactory.getObjectFactory().createEnvelope();
- Body body = SOAPFactory.getObjectFactory().createBody();
- body.getAny().add(obj);
- envelope.setBody(body);
- return envelope;
- }
-
- private JAXBElement<Fault> createFault(String msg)
- {
- Fault fault = SOAPFactory.getObjectFactory().createFault();
- fault.setFaultstring(msg);
- return SOAPFactory.getObjectFactory().createFault(fault);
- }
+ }
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list