[jboss-cvs] Picketlink SVN: r260 - in federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core: wstrust and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed May 26 00:50:42 EDT 2010
Author: anil.saldhana at jboss.com
Date: 2010-05-26 00:50:41 -0400 (Wed, 26 May 2010)
New Revision: 260
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java
Log:
PLFED-73: password mask feature for PLFed config files
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2010-05-26 04:31:28 UTC (rev 259)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2010-05-26 04:50:41 UTC (rev 260)
@@ -34,9 +34,11 @@
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.config.AuthPropertyType;
+import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
import org.picketlink.identity.federation.core.config.KeyProviderType;
import org.picketlink.identity.federation.core.config.KeyValueType;
import org.picketlink.identity.federation.core.config.ProviderType;
+import org.picketlink.identity.federation.core.config.TokenProviderType;
import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
@@ -141,6 +143,40 @@
}
/**
+ * Given a {@code TokenProviderType}, return the list of properties that have been decrypted for
+ * any masked property value
+ * @param tokenProviderType
+ * @return
+ * @throws GeneralSecurityException
+ */
+ @SuppressWarnings("unchecked")
+ public static List<KeyValueType> getProperties( TokenProviderType tokenProviderType ) throws GeneralSecurityException
+ {
+ List<KeyValueType> keyValueTypeList = tokenProviderType.getProperty();
+ if( decryptionNeeded( keyValueTypeList ))
+ keyValueTypeList = decryptPasswords( keyValueTypeList );
+
+ return keyValueTypeList;
+ }
+
+ /**
+ * Given a {@code ClaimsProcessorType}, return the list of properties that have been decrypted for
+ * any masked property value
+ * @param claimsProcessorType
+ * @return
+ * @throws GeneralSecurityException
+ */
+ @SuppressWarnings("unchecked")
+ public static List<KeyValueType> getProperties( ClaimsProcessorType claimsProcessorType ) throws GeneralSecurityException
+ {
+ List<KeyValueType> keyValueTypeList = claimsProcessorType.getProperty();
+ if( decryptionNeeded( keyValueTypeList ))
+ keyValueTypeList = decryptPasswords( keyValueTypeList );
+
+ return keyValueTypeList;
+ }
+
+ /**
* Given a key value list, check if decrypt of any properties is needed.
* Unless one of the keys is "salt", we cannot figure out is decrypt is needed
* @param keyValueList
@@ -173,7 +209,7 @@
* @throws Exception
*/
@SuppressWarnings("unchecked")
- public static List decryptPasswords( List keyValueList ) throws GeneralSecurityException
+ private static List decryptPasswords( List keyValueList ) throws GeneralSecurityException
{
String pbeAlgo = PicketLinkFederationConstants.PBE_ALGORITHM;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java 2010-05-26 04:31:28 UTC (rev 259)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTSConfiguration.java 2010-05-26 04:50:41 UTC (rev 260)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.core.wstrust;
+import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.cert.Certificate;
@@ -47,6 +48,7 @@
* </p>
*
* @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @author <a href="mailto:asaldhan at redhat.com">Anil Saldhana</a>
*/
public class PicketLinkSTSConfiguration implements STSConfiguration
{
@@ -82,8 +84,7 @@
* </p>
*
* @param config a reference to the object that holds the configuration of the STS.
- */
- @SuppressWarnings("unchecked")
+ */
public PicketLinkSTSConfiguration(STSType config)
{
this.delegate = config;
@@ -100,24 +101,19 @@
// get the properties that have been configured for the token provider.
Map<String, String> properties = new HashMap<String, String>();
- List<KeyValueType> providerPropertiesList = provider.getProperty();
-
- //Decode any passwords
+ List<KeyValueType> providerPropertiesList;
try
{
- if( CoreConfigUtil.decryptionNeeded( providerPropertiesList ))
- providerPropertiesList = (List<KeyValueType>) CoreConfigUtil.decryptPasswords( providerPropertiesList );
-
- for (KeyValueType propertyType : providerPropertiesList )
- properties.put(propertyType.getKey(), propertyType.getValue());
+ providerPropertiesList = CoreConfigUtil.getProperties( provider );
}
- catch (Exception e)
+ catch (GeneralSecurityException e)
{
- throw new RuntimeException( e );
+ throw new RuntimeException( e );
}
- /*
- for (KeyValueType propertyType : provider.getProperty())
- properties.put(propertyType.getKey(), propertyType.getValue());*/
+
+ for (KeyValueType propertyType : providerPropertiesList )
+ properties.put(propertyType.getKey(), propertyType.getValue());
+
// create and initialize the token provider.
SecurityTokenProvider tokenProvider = WSTrustServiceFactory.getInstance().createTokenProvider(
provider.getProviderClass(), properties);
@@ -136,21 +132,19 @@
{
// get the properties that have been configured for the claims processor.
Map<String, String> properties = new HashMap<String, String>();
- List<KeyValueType> processorPropertiesList = processor.getProperty();
-
- //Decode any passwords
+ List<KeyValueType> processorPropertiesList;
try
{
- if( CoreConfigUtil.decryptionNeeded( processorPropertiesList ))
- processorPropertiesList = (List<KeyValueType>) CoreConfigUtil.decryptPasswords( processorPropertiesList );
-
- for (KeyValueType propertyType : processorPropertiesList )
- properties.put(propertyType.getKey(), propertyType.getValue());
+ processorPropertiesList = CoreConfigUtil.getProperties( processor );
}
- catch (Exception e)
+ catch (GeneralSecurityException e)
{
- throw new RuntimeException( e );
- }
+ throw new RuntimeException( e );
+ }
+
+ for (KeyValueType propertyType : processorPropertiesList )
+ properties.put(propertyType.getKey(), propertyType.getValue());
+
// create and initialize the claims processor.
ClaimsProcessor claimsProcessor = WSTrustServiceFactory.getInstance().createClaimsProcessor(
processor.getProcessorClass(), properties);
More information about the jboss-cvs-commits
mailing list