[jboss-cvs] Picketlink SVN: r663 - in federation/trunk: picketlink-fed-core and 7 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jan 26 21:58:50 EST 2011
Author: anil.saldhana at jboss.com
Date: 2011-01-26 21:58:50 -0500 (Wed, 26 Jan 2011)
New Revision: 663
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
Modified:
federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
federation/trunk/picketlink-fed-core/pom.xml
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
federation/trunk/picketlink-webapps/assembly/bin.xml
Log:
PLFED-121: SOAPSAMLXACMLPDP is a jaxws ws
Modified: federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java
===================================================================
--- federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/soap/SOAPSAMLXACML.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -34,6 +34,7 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.log4j.Logger;
import org.jboss.security.xacml.core.model.context.DecisionType;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResultType;
@@ -67,6 +68,8 @@
*/
public class SOAPSAMLXACML
{
+ protected Logger log = Logger.getLogger( SOAPSAMLXACML.class );
+
/**
* Given an xacml request
* @param endpoint
@@ -92,10 +95,7 @@
NameIDType nameIDType = new NameIDType();
nameIDType.setValue(issuer);
queryType.setIssuer(nameIDType);
-
-
-
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage soapMessage = messageFactory.createMessage();
@@ -105,8 +105,14 @@
SAMLRequestWriter samlRequestWriter = new SAMLRequestWriter( xmlStreamWriter );
samlRequestWriter.write( queryType );
-
- Document reqDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+
+ if( log.isDebugEnabled() )
+ {
+ log.debug( "Sending::" + new String( baos.toByteArray() ) );
+ }
+
+ Document reqDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+
soapMessage.getSOAPBody().addDocument(reqDocument);
Modified: federation/trunk/picketlink-fed-core/pom.xml
===================================================================
--- federation/trunk/picketlink-fed-core/pom.xml 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/pom.xml 2011-01-27 02:58:50 UTC (rev 663)
@@ -75,6 +75,12 @@
<scope>compile</scope>
</dependency>
<dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.4</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jbosssx</artifactId>
<version>2.0.4</version>
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -0,0 +1,128 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.pdp;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.PrivilegedActionException;
+
+import javax.annotation.Resource;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.ws.Provider;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.WebServiceProvider;
+
+import org.apache.log4j.Logger;
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
+import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
+import org.picketlink.identity.federation.core.util.StaxUtil;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+
+/**
+ * SOAP 1.2 based XACML PDP that accepts SAML requests
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 24, 2011
+ */
+ at WebServiceProvider(serviceName="SOAPSAMLXACMLPDP",portName="SOAPSAMLXACMLPort",
+ targetNamespace="urn:picketlink:identity-federation:pdp",wsdlLocation="WEB-INF/wsdl/SOAPSAMLXACMLPDP.wsdl")
+public class SOAPSAMLXACMLPDP implements Provider<Source>
+{
+ protected Logger log = Logger.getLogger( SOAPSAMLXACMLPDP.class );
+
+ @Resource
+ WebServiceContext context;
+
+ protected String policyConfigFileName = "policyConfig.xml";
+
+ protected PolicyDecisionPoint pdp;
+
+ protected String issuer = "PicketLinkPDP";
+
+ public SOAPSAMLXACMLPDP()
+ {
+ try
+ {
+ pdp = getPDP();
+ }
+ catch (PrivilegedActionException e)
+ {
+ throw new RuntimeException( e );
+ }
+ }
+
+ public Source invoke(Source request)
+ {
+ try
+ {
+ Document doc = (Document) DocumentUtil.getNodeFromSource( request );
+ if( log.isDebugEnabled() )
+ {
+ log.debug( "Received Message::" + DocumentUtil.asString(doc) );
+ }
+ XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc);
+ ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
+
+ SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter( xmlStreamWriter );
+ samlResponseWriter.write( samlResponseType );
+ Document responseDocument = DocumentUtil.getDocument( new ByteArrayInputStream( baos.toByteArray() ));
+
+ return new DOMSource( responseDocument.getDocumentElement());
+ }
+ catch ( Exception e )
+ {
+ throw new RuntimeException( e) ;
+ }
+ }
+
+ private PolicyDecisionPoint getPDP() throws PrivilegedActionException
+ {
+ SecurityActions.setSystemProperty( "org.jboss.security.xacml.schema.validation", "false" );
+
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ URL url = tcl.getResource( policyConfigFileName );
+ if( url == null)
+ throw new IllegalStateException(policyConfigFileName + " could not be located");
+
+ InputStream is;
+ try
+ {
+ is = url.openStream();
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException( e );
+ }
+ return new JBossPDP(is);
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.pdp;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 17, 2009
+ */
+class SecurityActions
+{
+ static void setSystemProperty( final String key, final String value)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty(key, value);
+ return null;
+ }
+ });
+ }
+
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+}
\ No newline at end of file
Property changes on: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/pdp/SecurityActions.java
___________________________________________________________________
Name: svn:executable
+ *
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -102,8 +102,10 @@
TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"),
+ XSI_PREFIX( "xsi" ),
X500_PREFIX("x500"),
X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
+ XACML_NSURI( "urn:oasis:names:tc:xacml:2.0:context:schema:os" ),
XACML_SAML_NSURI( "urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os" ),
XACML_SAML_PROTO_NSURI( "urn:oasis:xacml:2.0:saml:protocol:schema:os" ),
XML( "http://www.w3.org/XML/1998/namespace" ),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/SOAPSAMLXACMLUtil.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -23,6 +23,7 @@
import java.io.IOException;
import java.io.InputStream;
+import java.util.ArrayList;
import java.util.List;
import java.util.Set;
@@ -34,17 +35,28 @@
import javax.xml.soap.SOAPMessage;
import javax.xml.stream.XMLEventReader;
+import org.jboss.security.xacml.core.JBossRequestContext;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResponseType;
+import org.jboss.security.xacml.core.model.context.ResultType;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.ResponseContext;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
import org.picketlink.identity.federation.core.parsers.saml.xacml.SAMLXACMLRequestParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
+import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
-import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
-import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType.RTChoiceType;
import org.w3c.dom.Node;
@@ -88,7 +100,8 @@
{
XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader( DocumentUtil.getNodeAsStream( samlResponse ));
SAMLParser samlParser = new SAMLParser();
- ResponseType response = (ResponseType) samlParser.parse( xmlEventReader );
+ org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType response =
+ (org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType) samlParser.parse( xmlEventReader );
List<RTChoiceType> choices = response.getAssertions();
for( RTChoiceType rst: choices )
{
@@ -126,4 +139,51 @@
fault.setFaultString( message );
return msg;
}
+
+ public synchronized static org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType handleXACMLQuery(
+ PolicyDecisionPoint pdp, String issuer, XACMLAuthzDecisionQueryType xacmlRequest ) throws ProcessingException, ConfigurationException
+ {
+ RequestType requestType = xacmlRequest.getRequest();
+
+ RequestContext requestContext = new JBossRequestContext();
+ try
+ {
+ requestContext.setRequest(requestType);
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException( e );
+ }
+
+ //pdp evaluation is thread safe
+ ResponseContext responseContext = pdp.evaluate(requestContext);
+
+ ResponseType responseType = new ResponseType();
+ ResultType resultType = responseContext.getResult();
+ responseType.getResult().add(resultType);
+
+ XACMLAuthzDecisionStatementType xacmlStatement =
+ XACMLContextFactory.createXACMLAuthzDecisionStatementType(requestType, responseType);
+
+ //Place the xacml statement in an assertion
+ //Then the assertion goes inside a SAML Response
+
+ String ID = IDGenerator.create("ID_");
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder( issuer );
+
+ List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+ statements.add(xacmlStatement);
+
+ AssertionType assertion = SAMLAssertionFactory.createAssertion(ID,
+ issuerInfo.getIssuer(),
+ XMLTimeUtil.getIssueInstant(),
+ null,
+ null,
+ statements);
+
+ org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType = JBossSAMLAuthnResponseFactory.createResponseType( ID, issuerInfo, assertion );
+
+
+ return samlResponseType;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -176,7 +176,7 @@
{
StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.ATTRIBUTE_VALUE.get(), ASSERTION_NSURI.get());
- StaxUtil.writeNameSpace(writer, "xsi", JBossSAMLURIConstants.XSI_NSURI.get());
+ StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type", "xs:string");
StaxUtil.writeCharacters(writer, attributeValue );
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -24,13 +24,23 @@
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.ASSERTION_NSURI;
import static org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants.PROTOCOL_NSURI;
+import java.io.StringWriter;
import java.net.URI;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
+import org.jboss.security.xacml.core.model.context.ObjectFactory;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
@@ -38,6 +48,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.AuthnRequestType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.LogoutRequestType;
import org.picketlink.identity.federation.newmodel.saml.v2.protocol.NameIDPolicyType;
+import org.w3c.dom.Document;
/**
* Writes a SAML2 Request Type to Stream
@@ -162,6 +173,73 @@
public void write( XACMLAuthzDecisionQueryType xacmlQuery ) throws ProcessingException
{
- throw new RuntimeException( "NYI" );
+ StaxUtil.writeStartElement( writer, PROTOCOL_PREFIX, JBossSAMLConstants.REQUEST_ABSTRACT.get(), PROTOCOL_NSURI.get() );
+ StaxUtil.writeNameSpace( writer, PROTOCOL_PREFIX, PROTOCOL_NSURI.get() );
+ StaxUtil.writeNameSpace(writer, XACML_SAML_PROTO_PREFIX, JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get() );
+ StaxUtil.writeDefaultNameSpace( writer, JBossSAMLURIConstants.XACML_NSURI.get() );
+
+ //Attributes
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ID.get(), xacmlQuery.getID() );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.VERSION.get(), xacmlQuery.getVersion() );
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.ISSUE_INSTANT.get(), xacmlQuery.getIssueInstant().toString() );
+
+ StaxUtil.writeAttribute( writer, new QName( JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get(),
+ JBossSAMLConstants.INPUT_CONTEXT_ONLY.get() , XACML_SAML_PROTO_PREFIX ), "true" );
+
+ StaxUtil.writeAttribute( writer, new QName( JBossSAMLURIConstants.XACML_SAML_PROTO_NSURI.get(),
+ JBossSAMLConstants.RETURN_CONTEXT.get(), XACML_SAML_PROTO_PREFIX ), "true" );
+
+ StaxUtil.writeNameSpace(writer, JBossSAMLURIConstants.XSI_PREFIX.get(), JBossSAMLURIConstants.XSI_NSURI.get());
+ StaxUtil.writeNameSpace(writer, "xs", JBossSAMLURIConstants.XMLSCHEMA_NSURI.get());
+
+ StaxUtil.writeAttribute(writer, JBossSAMLURIConstants.XSI_NSURI.get(), "type",
+ "xacml-samlp:XACMLAuthzDecisionQueryType" );
+
+ URI destination = xacmlQuery.getDestination();
+ if( destination != null )
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString() );
+
+ String consent = xacmlQuery.getConsent();
+ if( StringUtil.isNotNull( consent ))
+ StaxUtil.writeAttribute( writer, JBossSAMLConstants.CONSENT.get(), consent );
+
+
+ NameIDType issuer = xacmlQuery.getIssuer();
+ if( issuer != null )
+ {
+ write( issuer, new QName( ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ }
+
+ RequestType xacmlRequest = xacmlQuery.getRequest();
+
+ ObjectFactory of = new ObjectFactory();
+
+ StringWriter sw = new StringWriter();
+ try
+ {
+ Marshaller m = JAXBUtil.getMarshaller( RequestType.class.getPackage().getName() );
+ m.marshal( of.createRequest(xacmlRequest), sw );
+ }
+ catch (JAXBException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ try
+ {
+ Document xacmlDoc = DocumentUtil.getDocument( sw.toString() );
+ StaxUtil.writeDOMNode(writer, xacmlDoc.getDocumentElement() );
+ }
+ catch (ConfigurationException e)
+ {
+ throw new ProcessingException(e);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ StaxUtil.writeEndElement( writer);
+ StaxUtil.flush( writer );
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java
===================================================================
--- federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.java 2011-01-27 02:58:50 UTC (rev 663)
@@ -27,8 +27,6 @@
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivilegedActionException;
-import java.util.ArrayList;
-import java.util.List;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -44,30 +42,16 @@
import org.apache.log4j.Logger;
import org.jboss.security.xacml.core.JBossPDP;
-import org.jboss.security.xacml.core.JBossRequestContext;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResponseType;
-import org.jboss.security.xacml.core.model.context.ResultType;
import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.ResponseContext;
-import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
-import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
-import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
-import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
-import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.saml.v2.writers.SAMLResponseWriter;
import org.picketlink.identity.federation.core.util.StaxUtil;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
-import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
-import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.federation.newmodel.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
@@ -243,8 +227,11 @@
if(xacmlRequest == null)
throw new IOException("XACML Request not parsed");
+
+ org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType =
+ SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlRequest);
- RequestType requestType = xacmlRequest.getRequest();
+ /*RequestType requestType = xacmlRequest.getRequest();
RequestContext requestContext = new JBossRequestContext();
requestContext.setRequest(requestType);
@@ -277,7 +264,7 @@
statements);
org.picketlink.identity.federation.newmodel.saml.v2.protocol.ResponseType samlResponseType = saml2Response.createResponseType(ID, issuerInfo, assertion);
-
+*/
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos);
Modified: federation/trunk/picketlink-webapps/assembly/bin.xml
===================================================================
--- federation/trunk/picketlink-webapps/assembly/bin.xml 2011-01-27 02:55:46 UTC (rev 662)
+++ federation/trunk/picketlink-webapps/assembly/bin.xml 2011-01-27 02:58:50 UTC (rev 663)
@@ -60,6 +60,11 @@
<fileMode>0444</fileMode>
</file>
<file>
+ <source>${basedir}/../pdp/target/pdp.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
<source>${basedir}/src/main/resources/picketlink-sp-jboss-beans.xml</source>
<outputDirectory>picketlink</outputDirectory>
<fileMode>0444</fileMode>
More information about the jboss-cvs-commits
mailing list