[jboss-cvs] Picketlink SVN: r1076 - in federation/trunk: picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp and 9 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Jul 7 10:42:14 EDT 2011


Author: anil.saldhana at jboss.com
Date: 2011-07-07 10:42:13 -0400 (Thu, 07 Jul 2011)
New Revision: 1076

Added:
   federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java
   federation/trunk/picketlink-webapps/sales-saml11/
   federation/trunk/picketlink-webapps/sales-saml11/pom.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/resources/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/lib/
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
   federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
Modified:
   federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
   federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
   federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
   federation/trunk/picketlink-webapps/assembly/bin.xml
   federation/trunk/picketlink-webapps/pom.xml
Log:
PLFED-200: SAML 1.1 support for IDP and SP

Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java	2011-07-07 14:42:13 UTC (rev 1076)
@@ -28,6 +28,7 @@
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
+import java.net.URI;
 import java.security.GeneralSecurityException;
 import java.security.Principal;
 import java.security.PublicKey;
@@ -52,6 +53,7 @@
 import org.apache.catalina.Session;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.util.LifecycleSupport;
 import org.apache.catalina.valves.ValveBase;
 import org.apache.log4j.Logger;
@@ -100,6 +102,8 @@
 import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
 import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeType;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
@@ -416,6 +420,11 @@
                session.setNote("SAML11", saml11Assertion);
             }
          }
+         GenericPrincipal genericPrincipal = (GenericPrincipal) userPrincipal;
+         String[] roles = genericPrincipal.getRoles();
+         SAML11AttributeStatementType attributeStatement = this.createAttributeStatement(Arrays.asList(roles));
+         saml11Assertion.add(attributeStatement);
+
          //Send it as SAMLResponse
          String id = IDGenerator.create("ID_");
          SAML11ResponseType saml11Response = new SAML11ResponseType(id, XMLTimeUtil.getIssueInstant());
@@ -1140,4 +1149,21 @@
        */
       response.recycle();
    }
+
+   /**
+    * Given a set of roles, create an attribute statement
+    * @param roles
+    * @return
+    */
+   private SAML11AttributeStatementType createAttributeStatement(List<String> roles)
+   {
+      SAML11AttributeStatementType attrStatement = new SAML11AttributeStatementType();
+      for (String role : roles)
+      {
+         SAML11AttributeType attr = new SAML11AttributeType("Role", URI.create("urn:picketlink:role"));
+         attr.add(role);
+         attrStatement.add(attr);
+      }
+      return attrStatement;
+   }
 }
\ No newline at end of file

Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java	2011-07-07 14:42:13 UTC (rev 1076)
@@ -78,9 +78,9 @@
  */
 public abstract class BaseFormAuthenticator extends FormAuthenticator
 {
-   private static Logger log = Logger.getLogger(BaseFormAuthenticator.class);
+   protected static Logger log = Logger.getLogger(BaseFormAuthenticator.class);
 
-   private final boolean trace = log.isTraceEnabled();
+   protected final boolean trace = log.isTraceEnabled();
 
    protected SPType spConfiguration = null;
 

Added: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java	                        (rev 0)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,155 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors. 
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.bindings.tomcat.sp;
+
+import static org.picketlink.identity.federation.core.util.StringUtil.isNotNull;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.catalina.Session;
+import org.apache.catalina.authenticator.Constants;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.deploy.LoginConfig;
+import org.picketlink.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
+import org.picketlink.identity.federation.web.util.ServerDetector;
+
+/**
+ * Authenticator for SAML 1.1 processing at the Service Provider
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 7, 2011
+ */
+public class SAML11SPRedirectFormAuthenticator extends SPRedirectFormAuthenticator
+{
+   @Override
+   public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException
+   {
+      String samlResponse = request.getParameter(GeneralConstants.SAML_RESPONSE_KEY);
+
+      Principal principal = request.getUserPrincipal();
+
+      //If we have already authenticated the user and there is no request from IDP or logout from user
+      if (principal != null)
+         return true;
+
+      Session session = request.getSessionInternal(true);
+
+      //See if we got a response from IDP
+      if (isNotNull(samlResponse))
+      {
+         boolean isValid = false;
+         try
+         {
+            isValid = this.validate(request);
+         }
+         catch (Exception e)
+         {
+            log.error("Exception:", e);
+            throw new IOException();
+         }
+         if (!isValid)
+            throw new IOException("Validity check failed");
+
+         try
+         {
+            InputStream base64DecodedResponse = RedirectBindingUtil.base64DeflateDecode(samlResponse);
+            SAMLParser parser = new SAMLParser();
+            SAML11ResponseType saml11Response = (SAML11ResponseType) parser.parse(base64DecodedResponse);
+
+            List<SAML11AssertionType> assertions = saml11Response.get();
+            if (assertions.size() > 1)
+            {
+               if (trace)
+                  log.trace("More than one assertion from IDP. Considering the first one.");
+            }
+            String username = null;
+            List<String> roles = new ArrayList<String>();
+            SAML11AssertionType assertion = assertions.get(0);
+            if (assertion != null)
+            {
+               //Get the subject
+               List<SAML11StatementAbstractType> statements = assertion.getStatements();
+               for (SAML11StatementAbstractType statement : statements)
+               {
+                  if (statement instanceof SAML11AuthenticationStatementType)
+                  {
+                     SAML11AuthenticationStatementType subStat = (SAML11AuthenticationStatementType) statement;
+                     SAML11SubjectType subject = subStat.getSubject();
+                     username = subject.getChoice().getNameID().getValue();
+                  }
+               }
+               roles = AssertionUtil.getRoles(assertion, null);
+            }
+
+            String password = ServiceProviderSAMLContext.EMPTY_PASSWORD;
+
+            //Map to JBoss specific principal
+            if ((new ServerDetector()).isJboss() || jbossEnv)
+            {
+               //Push a context
+               ServiceProviderSAMLContext.push(username, roles);
+               principal = context.getRealm().authenticate(username, password);
+               ServiceProviderSAMLContext.clear();
+            }
+            else
+            {
+               //tomcat env   
+               SPUtil spUtil = new SPUtil();
+               principal = spUtil.createGenericPrincipal(request, username, roles);
+            }
+
+            session.setNote(Constants.SESS_USERNAME_NOTE, username);
+            session.setNote(Constants.SESS_PASSWORD_NOTE, password);
+            request.setUserPrincipal(principal);
+
+            if (saveRestoreRequest)
+            {
+               this.restoreRequest(request, session);
+            }
+            register(request, response, principal, Constants.FORM_METHOD, username, password);
+
+            return true;
+         }
+         catch (Exception e)
+         {
+            log.error("Processing Exception:", e);
+         }
+      }
+
+      log.error("Falling back on local Form Authentication if available");
+      //fallback
+      return super.authenticate(request, response, loginConfig);
+   }
+}
\ No newline at end of file

Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java	2011-07-07 14:42:13 UTC (rev 1076)
@@ -77,12 +77,10 @@
  */
 public class SPRedirectFormAuthenticator extends BaseFormAuthenticator
 {
-   private static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
+   protected static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
 
-   private final boolean trace = log.isTraceEnabled();
+   protected boolean jbossEnv = false;
 
-   private boolean jbossEnv = false;
-
    private final String logOutPage = GeneralConstants.LOGOUT_PAGE_NAME;
 
    public SPRedirectFormAuthenticator()

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java	2011-07-07 14:42:13 UTC (rev 1076)
@@ -37,7 +37,10 @@
 import org.picketlink.identity.federation.core.util.StaxUtil;
 import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeType;
 import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
 import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
 import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
 import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -375,4 +378,51 @@
       }
       return roles;
    }
+
+   /**
+    * Given an assertion, return the list of roles it may have
+    * @param assertion The {@link SAML11AssertionType} 
+    * @param roleKeys a list of string values representing the role keys. The list can be null.
+    * @return
+    */
+   public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys)
+   {
+      List<String> roles = new ArrayList<String>();
+      List<SAML11StatementAbstractType> statements = assertion.getStatements();
+      for (SAML11StatementAbstractType statement : statements)
+      {
+         if (statement instanceof SAML11AttributeStatementType)
+         {
+            SAML11AttributeStatementType attributeStatement = (SAML11AttributeStatementType) statement;
+            List<SAML11AttributeType> attributes = attributeStatement.get();
+            for (SAML11AttributeType attr : attributes)
+            {
+               if (roleKeys != null && roleKeys.size() > 0)
+               {
+                  if (!roleKeys.contains(attr.getAttributeName()))
+                     continue;
+               }
+               List<Object> attributeValues = attr.get();
+               if (attributeValues != null)
+               {
+                  for (Object attrValue : attributeValues)
+                  {
+                     if (attrValue instanceof String)
+                     {
+                        roles.add((String) attrValue);
+                     }
+                     else if (attrValue instanceof Node)
+                     {
+                        Node roleNode = (Node) attrValue;
+                        roles.add(roleNode.getFirstChild().getNodeValue());
+                     }
+                     else
+                        throw new RuntimeException("Unknown role object type : " + attrValue);
+                  }
+               }
+            }
+         }
+      }
+      return roles;
+   }
 }
\ No newline at end of file

Modified: federation/trunk/picketlink-webapps/assembly/bin.xml
===================================================================
--- federation/trunk/picketlink-webapps/assembly/bin.xml	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-webapps/assembly/bin.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -40,6 +40,11 @@
       <fileMode>0444</fileMode>
     </file>
     <file>
+      <source>${basedir}/../sales-saml11/target/sales-saml11.war</source>
+      <outputDirectory>picketlink</outputDirectory>
+      <fileMode>0444</fileMode>
+    </file>
+    <file>
       <source>${basedir}/../employee-post-sig/target/employee-post-sig.war</source>
       <outputDirectory>picketlink</outputDirectory>
       <fileMode>0444</fileMode>

Modified: federation/trunk/picketlink-webapps/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/pom.xml	2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-webapps/pom.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -32,6 +32,7 @@
 		<module>sales-post-sig</module>
 		<module>employee-post-sig</module>
 		<module>sales-standalone</module>
+		<module>sales-saml11</module>
 		<module>employee-standalone</module>
 		<module>circleoftrust</module>
 		<module>idp</module>

Added: federation/trunk/picketlink-webapps/sales-saml11/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/pom.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/pom.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,38 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <parent>
+    <groupId>org.picketlink</groupId>
+    <artifactId>picketlink-federation-webapps</artifactId>
+    <version>2.0.0-SNAPSHOT</version>
+    <relativePath>../</relativePath>
+  </parent>
+
+   <modelVersion>4.0.0</modelVersion>
+   <artifactId>sales-saml11</artifactId>
+   <packaging>war</packaging>
+   <name>PicketLink Federation Sales</name>
+   <url>http://labs.jboss.org/portal/picketlink/</url>
+   <description>PicketLink Samples contains the samples for Federated Identity Needs.</description>
+   <licenses>
+      <license>
+         <name>lgpl</name>
+         <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+      </license>
+   </licenses>
+   <organization>
+      <name>JBoss Inc.</name>
+      <url>http://www.jboss.org</url>
+   </organization>
+   <build>
+     <plugins>
+        <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-war-plugin</artifactId>
+          <version>2.0.2</version>
+          <configuration>
+            <warName>sales-saml11</warName>
+            <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+          </configuration>
+        </plugin>
+     </plugins>
+  </build>
+</project>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/pom.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,3 @@
+<Context>
+  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator" />
+</Context>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,5 @@
+<Context>
+    <!--  log all incoming and outgoing messages. -->
+    <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+    <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator" />
+</Context>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+   <security-domain>sp</security-domain>
+</jboss-web>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0"> 
+  <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/> 
+  <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>   
+</Handlers>
\ No newline at end of file


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0" ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${sales.url::http://localhost:8080/sales/}</ServiceURL>
+</PicketLinkSP>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+   version="2.5"> 
+
+  <display-name>Fedbridge Test SALES Application</display-name>
+  <description>
+    Just a Test SP for Fedbridge Project
+  </description>
+
+  <!-- Define a Security Constraint on this Application -->
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>SALES Application</web-resource-name>
+      <url-pattern>/*</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+       <role-name>manager</role-name>
+    </auth-constraint>
+  </security-constraint>
+
+  <!-- Define a security constraint that gives unlimted access to freezone -->
+  <security-constraint>
+    <web-resource-collection>
+     <web-resource-name>freezone</web-resource-name>
+     <url-pattern>/freezone/*</url-pattern>
+    </web-resource-collection>
+  </security-constraint>
+
+  <!-- Define the Login Configuration for this Application -->
+  <login-config>
+    <auth-method>FORM</auth-method>
+    <realm-name>Tomcat SALES Application</realm-name>
+    <form-login-config>
+       <form-login-page>/jsp/login.jsp</form-login-page>
+       <form-error-page>/jsp/loginerror.jsp</form-error-page>
+    </form-login-config>
+  </login-config>
+
+  <!-- Security roles referenced by this web application -->
+  <security-role>
+    <description>
+      The role that is required to log in to the Manager Application
+    </description>
+    <role-name>manager</role-name>
+  </security-role>
+</web-app>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+  The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp") %>'>here</a> 
+to retry login
+
+</body>
+</form>
+</html>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+
+</div>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+   <td><input type='text' name='j_username'></td></tr>
+ <tr><td>Password:</td> 
+   <td><input type='password' name='j_password' size='8'></td>
+ </tr>
+</table>
+<br>
+  <input type='submit' value='login'> 
+</form></body>
+ </html>


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp	                        (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp	2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1 @@
+You are logged out.


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
   + *

Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
===================================================================
(Binary files differ)


Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
___________________________________________________________________
Added: svn:executable
   + *
Added: svn:mime-type
   + application/octet-stream



More information about the jboss-cvs-commits mailing list