[jboss-cvs] Picketlink SVN: r663 - in federation/trunk: picketlink-fed-core and 7 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Wed Jan 26 21:58:50 EST 2011


Author: anil.saldhana at jboss.com
Date: 2011-01-26 21:58:50 -0500 (Wed, 26 Jan 2011)
New Revision: 663

Added:
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
Modified:
   federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
   federation/trunk/picketlink-fed-core/pom.xml
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
   federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
   federation/trunk/picketlink-webapps/assembly/bin.xml
Log:
PLFED-121: SOAPSAMLXACMLPDP is a jaxws ws

Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -34,6 +34,7 @@
 import javax.xml.stream.XMLEventReader;
 import javax.xml.stream.XMLStreamWriter;
 
+import org.apache.log4j.Logger;
 import org.jboss.security.xacml.core.model.context.DecisionType;
 import org.jboss.security.xacml.core.model.context.RequestType;
 import org.jboss.security.xacml.core.model.context.ResultType;
@@ -67,6 +68,8 @@
  */
 public class SOAPSAMLXACML
 { 
+   protected Logger log = Logger.getLogger( SOAPSAMLXACML.class );
+   
    /**
     * Given an xacml request
     * @param endpoint
@@ -92,10 +95,7 @@
          NameIDType nameIDType = new NameIDType();
          nameIDType.setValue(issuer);
          queryType.setIssuer(nameIDType);
-          
          
-         
-         
          MessageFactory messageFactory = MessageFactory.newInstance();
          
          SOAPMessage soapMessage = messageFactory.createMessage();
@@ -105,8 +105,14 @@
 
          SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( xmlStreamWriter );
          samlRequestWriter.write( queryType );
-         
-         Document reqDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+       
+         if( log.isDebugEnabled() )
+         {
+            log.debug( "Sending::" + new String( baos.toByteArray() ) );
+         }
+       
+         Document reqDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() )); 
+       
          soapMessage.getSOAPBody().addDocument(reqDocument);
          
          

Modified: federation/trunk/picketlink-fed-core/pom.xml
===================================================================
--- federation/trunk/picketlink-fed-core/pom.xml	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/pom.xml	2011-01-27 02:58:50 UTC (rev 663)
@@ -75,6 +75,12 @@
          <scope>compile</scope>
       </dependency>
       <dependency>
+        <groupId>javax.servlet</groupId>
+        <artifactId>servlet-api</artifactId>
+         <version>2.4</version>
+         <scope>compile</scope>
+      </dependency>
+      <dependency>
          <groupId>org.jboss.security</groupId>
          <artifactId>jbosssx</artifactId>
          <version>2.0.4</version>

Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java	                        (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -0,0 +1,128 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors. 
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.pdp;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.PrivilegedActionException;
+
+import javax.annotation.Resource;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.ws.Provider;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.WebServiceProvider;
+
+import org.apache.log4j.Logger;
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+
+/**
+ * SOAP 1.2 based XACML PDP that accepts SAML requests
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 24, 2011
+ */
+ at WebServiceProvider(serviceName="SOAPSAMLXACMLPDP",portName="SOAPSAMLXACMLPort",
+      targetNamespace="urn:picketlink:identity-federation:pdp",wsdlLocation="WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl") 
+public class SOAPSAMLXACMLPDP implements Provider<Source>
+{  
+   protected Logger log = Logger.getLogger( SOAPSAMLXACMLPDP.class );
+   
+   @Resource
+   WebServiceContext context;
+   
+   protected String policyConfigFileName = "policyConfig.xml";
+   
+   protected PolicyDecisionPoint pdp;
+   
+   protected String issuer = "PicketLinkPDP";
+   
+   public SOAPSAMLXACMLPDP()
+   {
+      try
+      {
+         pdp = getPDP();
+      }
+      catch (PrivilegedActionException e)
+      { 
+         throw new RuntimeException( e );
+      }
+   }
+   
+   public Source invoke(Source request)
+   { 
+      try
+      {
+         Document doc = (Document) DocumentUtil.getNodeFromSource( request );
+         if( log.isDebugEnabled() )
+         {
+            log.debug( "Received Message::" + DocumentUtil.asString(doc) );
+         }
+         XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc);
+         ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery);
+         ByteArrayOutputStream baos = new ByteArrayOutputStream();
+         XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
+
+         SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter( xmlStreamWriter );
+         samlResponseWriter.write( samlResponseType );
+         Document responseDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+         
+         return new DOMSource( responseDocument.getDocumentElement());  
+      }
+      catch ( Exception e )
+      {  
+         throw new RuntimeException( e) ;
+      }  
+   }  
+   
+   private PolicyDecisionPoint getPDP() throws PrivilegedActionException
+   { 
+      SecurityActions.setSystemProperty( "org.jboss.security.xacml.schema.validation", "false" );
+      
+      ClassLoader tcl = SecurityActions.getContextClassLoader();
+      URL url = tcl.getResource( policyConfigFileName );
+      if( url == null)
+         throw new IllegalStateException(policyConfigFileName  + " could not be located");
+      
+      InputStream is;
+      try
+      {
+         is = url.openStream();
+      }
+      catch (IOException e)
+      { 
+         throw new RuntimeException( e );
+      }
+      return new JBossPDP(is); 
+   }  
+}
\ No newline at end of file

Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java	                        (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors. 
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.pdp;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 17, 2009
+ */
+class SecurityActions
+{
+   static void setSystemProperty( final String key, final String value)
+   {
+      AccessController.doPrivileged(new PrivilegedAction<Object>()
+      {
+         public Object run()
+         {
+            System.setProperty(key, value);
+            return null;
+         }
+      }); 
+   }
+   
+   static ClassLoader getContextClassLoader()
+   {
+      return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+      {
+         public ClassLoader run() 
+         {
+            return Thread.currentThread().getContextClassLoader();
+         }
+      });
+   }
+
+}
\ No newline at end of file


Property changes on: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
___________________________________________________________________
Name: svn:executable
   + *

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -102,8 +102,10 @@
    TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"),
    
 
+   XSI_PREFIX( "xsi" ),
    X500_PREFIX("x500"),
    X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
+   XACML_NSURI( "urn:oasis:names:tc:xacml:2.0:context:schema:os" ),
    XACML_SAML_NSURI( "urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os" ),
    XACML_SAML_PROTO_NSURI( "urn:oasis:xacml:2.0:saml:protocol:schema:os" ),
    XML( "http://www.w3.org/XML/1998/namespace" ),

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -23,6 +23,7 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 
@@ -34,17 +35,28 @@
 import javax.xml.soap.SOAPMessage;
 import javax.xml.stream.XMLEventReader;
 
+import org.jboss.security.xacml.core.JBossRequestContext;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.jboss.security.xacml.core.model.context.ResultType;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.ResponseContext;
 import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
 import org.picketlink.identity.federation.core.exceptions.ParsingException;
 import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
 import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
 import org.picketlink.identity.federation.core.parsers.saml.xacml.SAMLXACMLRequestParser;
 import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
+import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
 import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType; 
 import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
 import org.w3c.dom.Node;
 
@@ -88,7 +100,8 @@
    {
       XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader( DocumentUtil.getNodeAsStream( samlResponse ));
       SAMLParser samlParser = new SAMLParser();
-      ResponseType response = (ResponseType) samlParser.parse( xmlEventReader );
+      org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType response = 
+         (org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType) samlParser.parse( xmlEventReader );
       List<RTChoiceType> choices = response.getAssertions();
       for( RTChoiceType rst: choices )
       {
@@ -126,4 +139,51 @@
       fault.setFaultString( message );
       return msg; 
    }
+   
+   public synchronized static org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType handleXACMLQuery( 
+         PolicyDecisionPoint pdp, String issuer, XACMLAuthzDecisionQueryType xacmlRequest ) throws ProcessingException, ConfigurationException
+   {
+      RequestType requestType = xacmlRequest.getRequest();
+
+      RequestContext requestContext = new JBossRequestContext();
+      try
+      {
+         requestContext.setRequest(requestType);
+      }
+      catch (IOException e)
+      {
+         throw new ProcessingException( e );
+      }
+
+      //pdp evaluation is thread safe
+      ResponseContext responseContext = pdp.evaluate(requestContext);  
+
+      ResponseType responseType = new ResponseType();
+      ResultType resultType = responseContext.getResult();
+      responseType.getResult().add(resultType);
+
+      XACMLAuthzDecisionStatementType xacmlStatement = 
+         XACMLContextFactory.createXACMLAuthzDecisionStatementType(requestType, responseType); 
+
+      //Place the xacml statement in an assertion
+      //Then the assertion goes inside a SAML Response
+
+      String ID = IDGenerator.create("ID_"); 
+      IssuerInfoHolder issuerInfo = new IssuerInfoHolder( issuer );
+
+      List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+      statements.add(xacmlStatement);
+
+      AssertionType assertion = SAMLAssertionFactory.createAssertion(ID, 
+            issuerInfo.getIssuer(), 
+            XMLTimeUtil.getIssueInstant(), 
+            null, 
+            null, 
+            statements);
+
+      org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType = JBossSAMLAuthnResponseFactory.createResponseType( ID, issuerInfo, assertion );
+
+  
+      return samlResponseType;
+   }
 }
\ No newline at end of file

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -176,7 +176,7 @@
    {
       StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_VALUE.get(), ASSERTION_NSURI.get());
 
-      StaxUtil.writeNameSpace(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get());
+      StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
       StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
       StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
       StaxUtil.writeCharacters(writer, attributeValue ); 

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -24,13 +24,23 @@
 import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
 import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
 
+import java.io.StringWriter;
 import java.net.URI;
 
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamWriter;
 
+import org.jboss.security.xacml.core.model.context.ObjectFactory;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
 import org.picketlink.identity.federation.core.exceptions.ProcessingException;
 import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXBUtil;
 import org.picketlink.identity.federation.core.util.StaxUtil;
 import org.picketlink.identity.federation.core.util.StringUtil; 
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
@@ -38,6 +48,7 @@
 import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
 import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
 import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
+import org.w3c.dom.Document;
 
 /**
  * Writes a SAML2 Request Type to Stream
@@ -162,6 +173,73 @@
    
    public void write( XACMLAuthzDecisionQueryType xacmlQuery ) throws ProcessingException
    {
-      throw new RuntimeException( "NYI" );
+      StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.REQUEST_ABSTRACT.get(), PROTOCOL_NSURI.get() );
+      StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );   
+      StaxUtil.writeNameSpace(writer, XACML_SAML_PROTO_PREFIX, JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get() );
+      StaxUtil.writeDefaultNameSpace( writer, JBossSAMLURIConstants.XACML_NSURI.get() );
+      
+      //Attributes 
+      StaxUtil.writeAttribute( writer, JBossSAMLConstants.ID.get(), xacmlQuery.getID() );
+      StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), xacmlQuery.getVersion() );
+      StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), xacmlQuery.getIssueInstant().toString() );
+      
+      StaxUtil.writeAttribute( writer, new QName( JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get(),
+             JBossSAMLConstants.INPUT_CONTEXT_ONLY.get() , XACML_SAML_PROTO_PREFIX ),  "true" );
+      
+      StaxUtil.writeAttribute( writer, new QName( JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get(),
+            JBossSAMLConstants.RETURN_CONTEXT.get(), XACML_SAML_PROTO_PREFIX ), "true" );
+
+      StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
+      StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
+      
+      StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type",
+             "xacml-samlp:XACMLAuthzDecisionQueryType" );
+       
+      URI destination = xacmlQuery.getDestination();
+      if( destination != null )
+         StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() ); 
+
+      String consent = xacmlQuery.getConsent();
+      if( StringUtil.isNotNull( consent ))
+         StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
+      
+       
+      NameIDType issuer = xacmlQuery.getIssuer();
+      if( issuer != null )
+      {
+         write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+      } 
+      
+      RequestType xacmlRequest = xacmlQuery.getRequest();
+      
+      ObjectFactory of = new ObjectFactory();
+       
+      StringWriter sw = new StringWriter();
+      try
+      {
+         Marshaller m = JAXBUtil.getMarshaller( RequestType.class.getPackage().getName() );
+         m.marshal( of.createRequest(xacmlRequest), sw );
+      }
+      catch (JAXBException e)
+      { 
+         throw new ProcessingException(e);
+      }
+      
+      try
+      {
+         Document xacmlDoc = DocumentUtil.getDocument( sw.toString() );
+         StaxUtil.writeDOMNode(writer, xacmlDoc.getDocumentElement() );
+      }
+      catch (ConfigurationException e)
+      {
+         throw new ProcessingException(e);
+      }
+      catch (ParsingException e)
+      {
+         throw new ProcessingException(e);
+      }
+
+      StaxUtil.writeEndElement( writer); 
+      StaxUtil.flush( writer ); 
    }
 }
\ No newline at end of file

Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java	2011-01-27 02:58:50 UTC (rev 663)
@@ -27,8 +27,6 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.security.PrivilegedActionException;
-import java.util.ArrayList;
-import java.util.List;
 
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
@@ -44,30 +42,16 @@
 
 import org.apache.log4j.Logger;
 import org.jboss.security.xacml.core.JBossPDP;
-import org.jboss.security.xacml.core.JBossRequestContext;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResponseType;
-import org.jboss.security.xacml.core.model.context.ResultType;
 import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.ResponseContext;
-import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
 import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
 import org.picketlink.identity.federation.core.exceptions.ParsingException;
 import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
 import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
 import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
-import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
 import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
 import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
 import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
 import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
 import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
 import org.w3c.dom.Document;
 import org.w3c.dom.Node;
@@ -243,8 +227,11 @@
 
          if(xacmlRequest == null)
             throw new IOException("XACML Request not parsed"); 
+         
+         org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType =
+                                                     SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlRequest);
 
-         RequestType requestType = xacmlRequest.getRequest();
+         /*RequestType requestType = xacmlRequest.getRequest();
 
          RequestContext requestContext = new JBossRequestContext();
          requestContext.setRequest(requestType);
@@ -277,7 +264,7 @@
                statements);
 
          org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType = saml2Response.createResponseType(ID, issuerInfo, assertion);
-
+*/
          ByteArrayOutputStream baos = new ByteArrayOutputStream();
          XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
 

Modified: federation/trunk/picketlink-webapps/assembly/bin.xml
===================================================================
--- federation/trunk/picketlink-webapps/assembly/bin.xml	2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-webapps/assembly/bin.xml	2011-01-27 02:58:50 UTC (rev 663)
@@ -60,6 +60,11 @@
       <fileMode>0444</fileMode>
     </file>
     <file>
+      <source>${basedir}/../pdp/target/pdp.war</source>
+      <outputDirectory>picketlink</outputDirectory>
+      <fileMode>0444</fileMode>
+    </file>
+    <file>
       <source>${basedir}/src/main/resources/picketlink-sp-jboss-beans.xml</source>
       <outputDirectory>picketlink</outputDirectory>
       <fileMode>0444</fileMode>



More information about the jboss-cvs-commits mailing list