[jboss-cvs] Picketlink SVN: r439 - in trust/trunk: jbossws-native and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Oct 7 11:13:04 EDT 2010
Author: mmoyses
Date: 2010-10-07 11:13:03 -0400 (Thu, 07 Oct 2010)
New Revision: 439
Added:
trust/trunk/README.txt
Modified:
trust/trunk/jbossws-native/pom.xml
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/SAML2Constants.java
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java
Log:
adding README
Added: trust/trunk/README.txt
===================================================================
--- trust/trunk/README.txt (rev 0)
+++ trust/trunk/README.txt 2010-10-07 15:13:03 UTC (rev 439)
@@ -0,0 +1,5 @@
+PicketLink Trust was created to house modules that deal with trust among external projects, especially using tokens provided by PicketLink STS.
+
+Modules:
+
+- jbossws-native: Provides handlers for integration of JBoss WS Native stack with SAML v2 tokens.
Modified: trust/trunk/jbossws-native/pom.xml
===================================================================
--- trust/trunk/jbossws-native/pom.xml 2010-10-07 12:21:45 UTC (rev 438)
+++ trust/trunk/jbossws-native/pom.xml 2010-10-07 15:13:03 UTC (rev 439)
@@ -57,7 +57,27 @@
<groupId>org.picketlink</groupId>
<artifactId>picketlink-bindings-jboss</artifactId>
<version>2.0.0-SNAPSHOT</version>
+ <exclusions>
+ <exclusion>
+ <artifactId>jboss-security-spi</artifactId>
+ <groupId>org.jboss.security</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>jbosssx</artifactId>
+ <groupId>org.jboss.security</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
+ <dependency>
+ <groupId>org.picketbox</groupId>
+ <artifactId>jboss-security-spi</artifactId>
+ <version>3.0.0.CR2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.picketbox</groupId>
+ <artifactId>jbosssx</artifactId>
+ <version>3.0.0.CR2</version>
+ </dependency>
</dependencies>
<reporting>
Modified: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/SAML2Constants.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/SAML2Constants.java 2010-10-07 12:21:45 UTC (rev 438)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/SAML2Constants.java 2010-10-07 15:13:03 UTC (rev 439)
@@ -21,6 +21,12 @@
*/
package org.picketlink.trust.jbossws;
+/**
+ * Constants for the SAML2 profile.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
public interface SAML2Constants
{
Modified: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java 2010-10-07 12:21:45 UTC (rev 438)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java 2010-10-07 15:13:03 UTC (rev 439)
@@ -33,6 +33,14 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+/**
+ * A client side WS handler.
+ * It expects a {@link SamlCredential} as the value of the {@link SAML2Constants#SAML2_ASSERTION_PROPERTY} property.
+ * The assertion contained in the credential is then included in the SOAP payload.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
public class SAML2HandlerClient extends WSSecurityHandlerServer
{
Modified: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java 2010-10-07 12:21:45 UTC (rev 438)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java 2010-10-07 15:13:03 UTC (rev 439)
@@ -21,23 +21,28 @@
*/
package org.picketlink.trust.jbossws.handler;
+import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.ws.handler.MessageContext;
+import org.jboss.security.SecurityContext;
import org.jboss.ws.core.CommonMessageContext;
import org.jboss.ws.core.soap.SOAPMessageImpl;
import org.jboss.ws.extensions.security.Util;
import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer;
-import org.jboss.wsf.spi.SPIProvider;
-import org.jboss.wsf.spi.SPIProviderResolver;
-import org.jboss.wsf.spi.invocation.SecurityAdaptor;
-import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
import org.picketlink.identity.federation.core.wstrust.SamlCredential;
import org.picketlink.trust.jbossws.SAML2Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+/**
+ * A server side WS handler.
+ * Retrieves the SAML assertion from the SOAP payload and lets invocation go to JAAS for validation.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
public class SAML2HandlerServer extends WSSecurityHandlerServer
{
@@ -56,10 +61,10 @@
Element subject = Util.findElement(assertion, new QName(SAML2Constants.SAML2_ASSERTION_URI, "Subject"));
Element nameID = Util.findElement(subject, new QName(SAML2Constants.SAML2_ASSERTION_URI, "NameID"));
String username = nameID.getNodeValue();
- SPIProvider spiProvider = SPIProviderResolver.getInstance().getProvider();
- SecurityAdaptor securityAdaptor = spiProvider.getSPI(SecurityAdaptorFactory.class).newSecurityAdapter();
- securityAdaptor.setPrincipal(new PicketLinkPrincipal(username));
- securityAdaptor.setCredential(credential);
+ // set SecurityContext
+ Subject s = new Subject();
+ SecurityContext sc = SecurityActions.createSecurityContext(new PicketLinkPrincipal(username), credential, s);
+ SecurityActions.setSecurityContext(sc);
}
return true;
More information about the jboss-cvs-commits
mailing list