[jboss-cvs] Picketlink SVN: r612 - in federation/trunk: picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/metadata and 8 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Dec 20 17:20:16 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-12-20 17:20:13 -0500 (Mon, 20 Dec 2010)
New Revision: 612
Added:
federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml
Modified:
federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML20TokenProviderUnitTestCase.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/util/KeyUtil.java
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/w3/xmldsig/KeyInfoBuilder.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilderUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/MetaDataBuilderUnitTestCase.java
federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/KeyUtilUnitTestCase.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/md/providers/MetaDataBuilderDelegate.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java
Log:
saml, xacml, metadata changes
Modified: federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML20TokenProviderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML20TokenProviderUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/auth/SAML20TokenProviderUnitTestCase.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -28,9 +28,6 @@
import java.util.Map;
import javax.security.auth.Subject;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
import junit.framework.TestCase;
@@ -40,12 +37,14 @@
import org.jboss.security.SimplePrincipal;
import org.jboss.security.plugins.JBossSecurityContext;
import org.picketlink.identity.federation.bindings.jboss.auth.SAML20TokenRoleAttributeProvider;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.StandardSecurityToken;
import org.picketlink.identity.federation.core.wstrust.WSTrustRequestContext;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
-import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
+import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -116,14 +115,19 @@
SecurityContextAssociation.clearSecurityContext();
- JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
+ Element assertionElement = (Element) context.getSecurityToken().getTokenValue();
+
+ SAMLParser samlParser = new SAMLParser();
+ AssertionType assertion = (AssertionType) samlParser.parse( DocumentUtil.getNodeAsStream(assertionElement));
+
+ /*JAXBContext jaxbContext = JAXBContext.newInstance("org.picketlink.identity.federation.saml.v2.assertion");
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
JAXBElement<?> parsedElement = (JAXBElement<?>) unmarshaller.unmarshal((Element) context.getSecurityToken()
.getTokenValue());
assertNotNull("Unexpected null element", parsedElement);
assertEquals("Unexpected element type", AssertionType.class, parsedElement.getDeclaredType());
- AssertionType assertion = (AssertionType) parsedElement.getValue();
+ AssertionType assertion = (AssertionType) parsedElement.getValue();*/
StandardSecurityToken securityToken = (StandardSecurityToken) context.getSecurityToken();
assertEquals("Unexpected token id", securityToken.getTokenID(), assertion.getID());
assertEquals("Unexpected token issuer", "PicketLinkSTS", assertion.getIssuer().getValue());
@@ -142,7 +146,7 @@
assertNotNull("Unexpected null audience list", restrictionType.getAudience());
assertEquals("Unexpected number of audience elements", 1, restrictionType.getAudience().size());
assertEquals("Unexpected audience value", "http://services.testcorp.org/provider2", restrictionType.getAudience()
- .get(0));
+ .get(0).toString() );
// check the contents of the assertion subject.
SubjectType subject = assertion.getSubject();
@@ -162,8 +166,10 @@
assertFalse("Unexpected empty list of attributes", attributes.isEmpty());
assertEquals("Unexpected number of attributes", 1, attributes.size());
Object attributeObject = attributes.iterator().next();
- assertTrue("Unexpected type instead of AttributeStatement: " + attributeObject.getClass().getSimpleName(), attributeObject instanceof AttributeType);
- AttributeType attribute = (AttributeType)attributeObject;
+ ASTChoiceType astChoice = (ASTChoiceType) attributeObject;
+ AttributeType attribute = astChoice.getAttribute();
+ /*assertTrue("Unexpected type instead of AttributeStatement: " + attributeObject.getClass().getSimpleName(), attributeObject instanceof AttributeType);
+ AttributeType attribute = (AttributeType)attributeObject;*/
assertEquals("Unexpected name for the role attribute", "roleAttributeName", attribute.getName() );
assertEquals("Unexpected number of roles", 1, attribute.getAttributeValue().size());
assertEquals("Unexpected user role", "myTestRole", attribute.getAttributeValue().get(0));
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilder.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -27,8 +27,8 @@
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyDescriptorType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyTypes;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmlenc.EncryptionMethodType;
+import org.w3c.dom.Element;
/**
* MetaDataBuilder for the KeyDescriptor
@@ -41,7 +41,7 @@
* Create a Key Descriptor Type
* @return
*/
- public static KeyDescriptorType createKeyDescriptor(KeyInfoType keyInfo,
+ public static KeyDescriptorType createKeyDescriptor( Element keyInfo,
String algorithm, int keySize,
boolean isSigningKey, boolean isEncryptionKey)
{
@@ -69,9 +69,8 @@
if(isEncryptionKey)
keyDescriptor.setUse(KeyTypes.ENCRYPTION);
- throw new RuntimeException( "We need a dom element as key info" );
- /*keyDescriptor.setKeyInfo(keyInfo);
-
- return keyDescriptor;*/
+ keyDescriptor.setKeyInfo( keyInfo );
+
+ return keyDescriptor;
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/util/KeyUtil.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/util/KeyUtil.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/util/KeyUtil.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.api.util;
-import java.io.StringReader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
@@ -29,15 +28,18 @@
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
-import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.Base64;
import org.picketlink.identity.federation.core.util.JAXBUtil;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
import org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory;
+import org.w3c.dom.Element;
/**
* Utility dealing with PublicKey/Certificates and xml-dsig KeyInfoType
@@ -67,8 +69,12 @@
* @return
* @throws JAXBException
* @throws CertificateException
+ * @throws ProcessingException
+ * @throws ParsingException
+ * @throws ConfigurationException
*/
- public static KeyInfoType getKeyInfo(Certificate certificate) throws JAXBException, CertificateException
+ public static Element getKeyInfo(Certificate certificate)
+ throws CertificateException, ConfigurationException, ParsingException, ProcessingException
{
if(certificate == null)
throw new IllegalArgumentException("certificate is null");
@@ -93,8 +99,7 @@
else
throw new RuntimeException("NYI");
- JAXBElement<?> keyInfoJ = (JAXBElement<?>) getUnmarshaller().unmarshal(new StringReader(builder.toString()));
- return (KeyInfoType) keyInfoJ.getValue();
+ return DocumentUtil.getDocument(builder.toString()).getDocumentElement();
}
/**
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/w3/xmldsig/KeyInfoBuilder.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/w3/xmldsig/KeyInfoBuilder.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/w3/xmldsig/KeyInfoBuilder.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -21,8 +21,13 @@
*/
package org.picketlink.identity.federation.api.w3.xmldsig;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.xmlsec.w3.xmldsig.ObjectFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
/**
@@ -38,12 +43,20 @@
* Create a KeyInfoType
* @return
*/
- public static KeyInfoType createKeyInfo(String id)
+ public static Element createKeyInfo( String id )
{
- KeyInfoType keyInfo = oFact.createKeyInfoType();
-
- keyInfo.setId(id);
- return keyInfo;
+ Document doc = null;
+ try
+ {
+ doc = DocumentUtil.createDocument();
+ }
+ catch (ConfigurationException e)
+ {
+ throw new RuntimeException( e );
+ }
+ Element keyInfoEl = doc.createElementNS( JBossSAMLURIConstants.XMLDSIG_NSURI.get(), JBossSAMLConstants.KEY_INFO.get() );
+ keyInfoEl.setAttribute( "Id", id );
+ return keyInfoEl;
}
/**
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilderUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/KeyDescriptorMetaDataBuilderUnitTestCase.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -23,11 +23,11 @@
import static org.junit.Assert.assertNotNull;
+import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder;
-import org.picketlink.identity.federation.api.w3.xmldsig.KeyInfoBuilder;
+import org.picketlink.identity.federation.api.w3.xmldsig.KeyInfoBuilder;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyDescriptorType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
-import org.junit.Test;
+import org.w3c.dom.Element;
/**
@@ -40,7 +40,7 @@
@Test
public void testCreateKeyDescriptor()
{
- KeyInfoType keyInfo = KeyInfoBuilder.createKeyInfo("testKey");
+ Element keyInfo = KeyInfoBuilder.createKeyInfo("testKey");
String algorithm = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/MetaDataBuilderUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/MetaDataBuilderUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/metadata/MetaDataBuilderUnitTestCase.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -27,14 +27,19 @@
import java.util.ArrayList;
import java.util.List;
+import org.junit.Test;
import org.picketlink.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder;
import org.picketlink.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
import org.picketlink.identity.federation.api.w3.xmldsig.KeyInfoBuilder;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
-import org.picketlink.identity.federation.newmodel.saml.v2.metadata.*;
-//import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
-import org.junit.Test;
+import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EndpointType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntityDescriptorType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyDescriptorType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.OrganizationType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.SPSSODescriptorType;
+import org.w3c.dom.Element;
/**
* Unit test the MetaDataBuilder API
@@ -97,17 +102,16 @@
String id = "test-key";
//TODO: improve keyinfo
- KeyInfoType keyInfo = KeyInfoBuilder.createKeyInfo(id);
+ Element keyInfo = KeyInfoBuilder.createKeyInfo(id);
String algorithm = null;
KeyDescriptorType keyDescriptorType =
KeyDescriptorMetaDataBuilder.createKeyDescriptor(keyInfo,
algorithm, 0, true, false);
+
+ List<AttributeType> attributes = new ArrayList<AttributeType>();
- throw new RuntimeException();
- /*List<AttributeType> attributes = new ArrayList<AttributeType>();
-
EndpointType sloEndPoint = MetaDataBuilder.createEndpoint(
JBossSAMLURIConstants.METADATA_HTTP_REDIRECT_BINDING.get(),
"https://SProvider.com/SAML/SLO/Browser",
@@ -118,7 +122,7 @@
sloEndPoint,
attributes,
createJBossOrganization(lang));
- return sp;*/
+ return sp;
}
private OrganizationType createJBossOrganization(String language)
@@ -134,17 +138,16 @@
String id = "test-key";
//TODO: improve keyinfo
- KeyInfoType keyInfo = KeyInfoBuilder.createKeyInfo(id);
+ Element keyInfo = KeyInfoBuilder.createKeyInfo(id);
String algorithm = null;
KeyDescriptorType keyDescriptorType =
KeyDescriptorMetaDataBuilder.createKeyDescriptor(keyInfo,
algorithm, 0, true, false);
+
- throw new RuntimeException();
-
- /*List<AttributeType> attributes = new ArrayList<AttributeType>();
+ List<AttributeType> attributes = new ArrayList<AttributeType>();
EndpointType ssoEndPoint = MetaDataBuilder.createEndpoint(
JBossSAMLURIConstants.METADATA_HTTP_REDIRECT_BINDING.get(),
@@ -161,7 +164,6 @@
ssoEndPoint,
sloEndPoint,
attributes,
- createJBossOrganization(lang));*/
-
+ createJBossOrganization(lang));
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/KeyUtilUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/KeyUtilUnitTestCase.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/util/KeyUtilUnitTestCase.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -28,7 +28,7 @@
import junit.framework.TestCase;
import org.picketlink.identity.federation.api.util.KeyUtil;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.w3c.dom.Element;
/**
* Unit test the Key Util
@@ -66,7 +66,7 @@
Certificate cert = ks.getCertificate(alias);
assertNotNull("Cert not null", cert);
- KeyInfoType keyInfo = KeyUtil.getKeyInfo(cert);
+ Element keyInfo = KeyUtil.getKeyInfo(cert);
assertNotNull(keyInfo);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/md/providers/MetaDataBuilderDelegate.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/md/providers/MetaDataBuilderDelegate.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/md/providers/MetaDataBuilderDelegate.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -115,10 +115,9 @@
EDTChoiceType choiceType = new EDTChoiceType(edtList);
- throw new RuntimeException( "Unknown entity id" );
- /*EntityDescriptorType entity = new EntityDescriptorType( " ");
+ EntityDescriptorType entity = new EntityDescriptorType( " ");
entity.addChoiceType(choiceType);
- return entity; */
+ return entity;
}
/**
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -67,6 +67,7 @@
ISSUE_INSTANT( "IssueInstant" ),
ISSUER( "Issuer" ),
KEY_DESCRIPTOR( "KeyDescriptor" ),
+ KEY_INFO( "KeyInfo" ),
LANG( "lang" ),
LANG_EN("en"),
LOCATION( "Location" ),
Added: federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml 2010-12-20 22:20:13 UTC (rev 612)
@@ -0,0 +1,82 @@
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ ID="response-id:1" Version="2.0" IssueInstant="2008-03-19T22:17:13Z">
+ <samlp:Status xmlns:samlp="urn:oasixacml-context:s:names:tc:SAML:2.0:protocol">
+ <samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ Value="urn:oasis:names:tc:xacml:1.0:status:ok">
+ </samlp:StatusCode>
+ </samlp:Status>
+ <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ Version="2.0" ID="ID_response-id:1" IssueInstant="2008-03-19T22:17:13Z">
+ <saml:Issuer>issuer-1</saml:Issuer>
+ <saml:Statement xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ xsi:type="xacml-samlp:XACMLAuthzDecisionStatementType"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os"
+ xmlns:xacml-saml="urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os">
+ <xacml-context:Response
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os">
+ <xacml-context:Result>
+ <xacml-context:Decision>Permit</xacml-context:Decision>
+ <xacml-context:Status>
+ <xacml-context:StatusCode Value="urn:oasis:names:tc:xacml:1.0:status:ok"></xacml-context:StatusCode>
+ <xacml-context:StatusMessage>ok</xacml-context:StatusMessage>
+ </xacml-context:Status>
+ <xacml:Obligations xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os">
+ <xacml:Obligation ObligationId="obligation-10"
+ FulfillOn="Permit">
+ </xacml:Obligation>
+ <xacml:Obligation ObligationId="obligation-20"
+ FulfillOn="Permit">
+ <xacml:AttributeAssignment AttributeId="a-120"
+ DataType="http://www.w3.org/2001/XMLSchema#string" xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" />
+ </xacml:Obligation>
+ </xacml:Obligations>
+ </xacml-context:Result>
+ </xacml-context:Response>
+
+ <xacml-context:Request
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
+http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
+ <xacml-context:Subject
+ SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
+ <xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>100001</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute AttributeId="urn:va:names:xacml:2.0:subject:role"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Chief Resident</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>Doctor</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute AttributeId="urn:va:names:xacml:2.0:subject:hl7permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>PRD-017</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>PRD-003</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>PRD-010</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>PRD-006</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute AttributeId="urn:va:names:xacml:2.0:subject:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Facility A</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Subject>
+ <xacml-context:Resource>
+ <xacml-context:Attribute AttributeId="urn:va:names:xacml:2.0:record_type"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>patientchart</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Resource>
+ <xacml-context:Action>
+ <xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>read</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Action>
+ <xacml-context:Environment></xacml-context:Environment>
+ </xacml-context:Request>
+
+ </saml:Statement>
+ </saml:Assertion>
+</samlp:Response>
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java 2010-12-20 21:58:55 UTC (rev 611)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/MetadataServlet.java 2010-12-20 22:20:13 UTC (rev 612)
@@ -57,7 +57,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.RoleDescriptorType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
-import org.picketlink.identity.xmlsec.w3.xmldsig.KeyInfoType;
+import org.w3c.dom.Element;
/**
* Metadata servlet for the IDP/SP
@@ -145,7 +145,7 @@
keyManager.setAuthProperties( authProperties );
Certificate cert = keyManager.getCertificate(signingAlias);
- KeyInfoType keyInfo = KeyUtil.getKeyInfo(cert);
+ Element keyInfo = KeyUtil.getKeyInfo(cert);
//TODO: Assume just signing key for now
KeyDescriptorType keyDescriptor = KeyDescriptorMetaDataBuilder.createKeyDescriptor(keyInfo,
More information about the jboss-cvs-commits
mailing list