[jboss-cvs] Picketlink SVN: r1076 - in federation/trunk: picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp and 9 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jul 7 10:42:14 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-07-07 10:42:13 -0400 (Thu, 07 Jul 2011)
New Revision: 1076
Added:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java
federation/trunk/picketlink-webapps/sales-saml11/
federation/trunk/picketlink-webapps/sales-saml11/pom.xml
federation/trunk/picketlink-webapps/sales-saml11/src/
federation/trunk/picketlink-webapps/sales-saml11/src/main/
federation/trunk/picketlink-webapps/sales-saml11/src/main/resources/
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/lib/
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
federation/trunk/picketlink-webapps/assembly/bin.xml
federation/trunk/picketlink-webapps/pom.xml
Log:
PLFED-200: SAML 1.1 support for IDP and SP
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-07 14:42:13 UTC (rev 1076)
@@ -28,6 +28,7 @@
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
+import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PublicKey;
@@ -52,6 +53,7 @@
import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
+import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.valves.ValveBase;
import org.apache.log4j.Logger;
@@ -100,6 +102,8 @@
import org.picketlink.identity.federation.core.util.SystemPropertiesUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11NameIdentifierType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType.SAML11SubjectTypeChoice;
@@ -416,6 +420,11 @@
session.setNote("SAML11", saml11Assertion);
}
}
+ GenericPrincipal genericPrincipal = (GenericPrincipal) userPrincipal;
+ String[] roles = genericPrincipal.getRoles();
+ SAML11AttributeStatementType attributeStatement = this.createAttributeStatement(Arrays.asList(roles));
+ saml11Assertion.add(attributeStatement);
+
//Send it as SAMLResponse
String id = IDGenerator.create("ID_");
SAML11ResponseType saml11Response = new SAML11ResponseType(id, XMLTimeUtil.getIssueInstant());
@@ -1140,4 +1149,21 @@
*/
response.recycle();
}
+
+ /**
+ * Given a set of roles, create an attribute statement
+ * @param roles
+ * @return
+ */
+ private SAML11AttributeStatementType createAttributeStatement(List<String> roles)
+ {
+ SAML11AttributeStatementType attrStatement = new SAML11AttributeStatementType();
+ for (String role : roles)
+ {
+ SAML11AttributeType attr = new SAML11AttributeType("Role", URI.create("urn:picketlink:role"));
+ attr.add(role);
+ attrStatement.add(attr);
+ }
+ return attrStatement;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-07 14:42:13 UTC (rev 1076)
@@ -78,9 +78,9 @@
*/
public abstract class BaseFormAuthenticator extends FormAuthenticator
{
- private static Logger log = Logger.getLogger(BaseFormAuthenticator.class);
+ protected static Logger log = Logger.getLogger(BaseFormAuthenticator.class);
- private final boolean trace = log.isTraceEnabled();
+ protected final boolean trace = log.isTraceEnabled();
protected SPType spConfiguration = null;
Added: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java (rev 0)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SAML11SPRedirectFormAuthenticator.java 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,155 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.bindings.tomcat.sp;
+
+import static org.picketlink.identity.federation.core.util.StringUtil.isNotNull;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.catalina.Session;
+import org.apache.catalina.authenticator.Constants;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.deploy.LoginConfig;
+import org.picketlink.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AuthenticationStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11SubjectType;
+import org.picketlink.identity.federation.saml.v1.protocol.SAML11ResponseType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
+import org.picketlink.identity.federation.web.util.ServerDetector;
+
+/**
+ * Authenticator for SAML 1.1 processing at the Service Provider
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 7, 2011
+ */
+public class SAML11SPRedirectFormAuthenticator extends SPRedirectFormAuthenticator
+{
+ @Override
+ public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException
+ {
+ String samlResponse = request.getParameter(GeneralConstants.SAML_RESPONSE_KEY);
+
+ Principal principal = request.getUserPrincipal();
+
+ //If we have already authenticated the user and there is no request from IDP or logout from user
+ if (principal != null)
+ return true;
+
+ Session session = request.getSessionInternal(true);
+
+ //See if we got a response from IDP
+ if (isNotNull(samlResponse))
+ {
+ boolean isValid = false;
+ try
+ {
+ isValid = this.validate(request);
+ }
+ catch (Exception e)
+ {
+ log.error("Exception:", e);
+ throw new IOException();
+ }
+ if (!isValid)
+ throw new IOException("Validity check failed");
+
+ try
+ {
+ InputStream base64DecodedResponse = RedirectBindingUtil.base64DeflateDecode(samlResponse);
+ SAMLParser parser = new SAMLParser();
+ SAML11ResponseType saml11Response = (SAML11ResponseType) parser.parse(base64DecodedResponse);
+
+ List<SAML11AssertionType> assertions = saml11Response.get();
+ if (assertions.size() > 1)
+ {
+ if (trace)
+ log.trace("More than one assertion from IDP. Considering the first one.");
+ }
+ String username = null;
+ List<String> roles = new ArrayList<String>();
+ SAML11AssertionType assertion = assertions.get(0);
+ if (assertion != null)
+ {
+ //Get the subject
+ List<SAML11StatementAbstractType> statements = assertion.getStatements();
+ for (SAML11StatementAbstractType statement : statements)
+ {
+ if (statement instanceof SAML11AuthenticationStatementType)
+ {
+ SAML11AuthenticationStatementType subStat = (SAML11AuthenticationStatementType) statement;
+ SAML11SubjectType subject = subStat.getSubject();
+ username = subject.getChoice().getNameID().getValue();
+ }
+ }
+ roles = AssertionUtil.getRoles(assertion, null);
+ }
+
+ String password = ServiceProviderSAMLContext.EMPTY_PASSWORD;
+
+ //Map to JBoss specific principal
+ if ((new ServerDetector()).isJboss() || jbossEnv)
+ {
+ //Push a context
+ ServiceProviderSAMLContext.push(username, roles);
+ principal = context.getRealm().authenticate(username, password);
+ ServiceProviderSAMLContext.clear();
+ }
+ else
+ {
+ //tomcat env
+ SPUtil spUtil = new SPUtil();
+ principal = spUtil.createGenericPrincipal(request, username, roles);
+ }
+
+ session.setNote(Constants.SESS_USERNAME_NOTE, username);
+ session.setNote(Constants.SESS_PASSWORD_NOTE, password);
+ request.setUserPrincipal(principal);
+
+ if (saveRestoreRequest)
+ {
+ this.restoreRequest(request, session);
+ }
+ register(request, response, principal, Constants.FORM_METHOD, username, password);
+
+ return true;
+ }
+ catch (Exception e)
+ {
+ log.error("Processing Exception:", e);
+ }
+ }
+
+ log.error("Falling back on local Form Authentication if available");
+ //fallback
+ return super.authenticate(request, response, loginConfig);
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2011-07-07 14:42:13 UTC (rev 1076)
@@ -77,12 +77,10 @@
*/
public class SPRedirectFormAuthenticator extends BaseFormAuthenticator
{
- private static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
+ protected static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
- private final boolean trace = log.isTraceEnabled();
+ protected boolean jbossEnv = false;
- private boolean jbossEnv = false;
-
private final String logOutPage = GeneralConstants.LOGOUT_PAGE_NAME;
public SPRedirectFormAuthenticator()
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java 2011-07-07 14:42:13 UTC (rev 1076)
@@ -37,7 +37,10 @@
import org.picketlink.identity.federation.core.util.StaxUtil;
import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AssertionType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeStatementType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeType;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11ConditionsType;
+import org.picketlink.identity.federation.saml.v1.assertion.SAML11StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -375,4 +378,51 @@
}
return roles;
}
+
+ /**
+ * Given an assertion, return the list of roles it may have
+ * @param assertion The {@link SAML11AssertionType}
+ * @param roleKeys a list of string values representing the role keys. The list can be null.
+ * @return
+ */
+ public static List<String> getRoles(SAML11AssertionType assertion, List<String> roleKeys)
+ {
+ List<String> roles = new ArrayList<String>();
+ List<SAML11StatementAbstractType> statements = assertion.getStatements();
+ for (SAML11StatementAbstractType statement : statements)
+ {
+ if (statement instanceof SAML11AttributeStatementType)
+ {
+ SAML11AttributeStatementType attributeStatement = (SAML11AttributeStatementType) statement;
+ List<SAML11AttributeType> attributes = attributeStatement.get();
+ for (SAML11AttributeType attr : attributes)
+ {
+ if (roleKeys != null && roleKeys.size() > 0)
+ {
+ if (!roleKeys.contains(attr.getAttributeName()))
+ continue;
+ }
+ List<Object> attributeValues = attr.get();
+ if (attributeValues != null)
+ {
+ for (Object attrValue : attributeValues)
+ {
+ if (attrValue instanceof String)
+ {
+ roles.add((String) attrValue);
+ }
+ else if (attrValue instanceof Node)
+ {
+ Node roleNode = (Node) attrValue;
+ roles.add(roleNode.getFirstChild().getNodeValue());
+ }
+ else
+ throw new RuntimeException("Unknown role object type : " + attrValue);
+ }
+ }
+ }
+ }
+ }
+ return roles;
+ }
}
\ No newline at end of file
Modified: federation/trunk/picketlink-webapps/assembly/bin.xml
===================================================================
--- federation/trunk/picketlink-webapps/assembly/bin.xml 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-webapps/assembly/bin.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -40,6 +40,11 @@
<fileMode>0444</fileMode>
</file>
<file>
+ <source>${basedir}/../sales-saml11/target/sales-saml11.war</source>
+ <outputDirectory>picketlink</outputDirectory>
+ <fileMode>0444</fileMode>
+ </file>
+ <file>
<source>${basedir}/../employee-post-sig/target/employee-post-sig.war</source>
<outputDirectory>picketlink</outputDirectory>
<fileMode>0444</fileMode>
Modified: federation/trunk/picketlink-webapps/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/pom.xml 2011-07-07 13:45:41 UTC (rev 1075)
+++ federation/trunk/picketlink-webapps/pom.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -32,6 +32,7 @@
<module>sales-post-sig</module>
<module>employee-post-sig</module>
<module>sales-standalone</module>
+ <module>sales-saml11</module>
<module>employee-standalone</module>
<module>circleoftrust</module>
<module>idp</module>
Added: federation/trunk/picketlink-webapps/sales-saml11/pom.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/pom.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/pom.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,38 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.picketlink</groupId>
+ <artifactId>picketlink-federation-webapps</artifactId>
+ <version>2.0.0-SNAPSHOT</version>
+ <relativePath>../</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>sales-saml11</artifactId>
+ <packaging>war</packaging>
+ <name>PicketLink Federation Sales</name>
+ <url>http://labs.jboss.org/portal/picketlink/</url>
+ <description>PicketLink Samples contains the samples for Federated Identity Needs.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <warName>sales-saml11</warName>
+ <warSourceExcludes>WEB-INF/lib/*.jar</warSourceExcludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/pom.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,3 @@
+<Context>
+ <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator" />
+</Context>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/META-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,5 @@
+<Context>
+ <!-- log all incoming and outgoing messages. -->
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.SAML11SPRedirectFormAuthenticator" />
+</Context>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/context.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+ <security-domain>sp</security-domain>
+</jboss-web>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/jboss-web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0">
+ <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler"/>
+ <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"/>
+</Handlers>
\ No newline at end of file
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-handlers.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,4 @@
+<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:1.0" ServerEnvironment="tomcat">
+ <IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
+ <ServiceURL>${sales.url::http://localhost:8080/sales/}</ServiceURL>
+</PicketLinkSP>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/picketlink-idfed.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <display-name>Fedbridge Test SALES Application</display-name>
+ <description>
+ Just a Test SP for Fedbridge Project
+ </description>
+
+ <!-- Define a Security Constraint on this Application -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>SALES Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <!-- Define a security constraint that gives unlimted access to freezone -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>freezone</web-resource-name>
+ <url-pattern>/freezone/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+
+ <!-- Define the Login Configuration for this Application -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <realm-name>Tomcat SALES Application</realm-name>
+ <form-login-config>
+ <form-login-page>/jsp/login.jsp</form-login-page>
+ <form-error-page>/jsp/loginerror.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+
+ <!-- Security roles referenced by this web application -->
+ <security-role>
+ <description>
+ The role that is required to log in to the Manager Application
+ </description>
+ <role-name>manager</role-name>
+ </security-role>
+</web-app>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/WEB-INF/web.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,12 @@
+<html> <head> <title>Error!</title></head>
+<body>
+
+<font size='4' color='red'>
+ The username and password you supplied are not valid.
+</p>
+Click <a href='<%= response.encodeURL("login.jsp") %>'>here</a>
+to retry login
+
+</body>
+</form>
+</html>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/error.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,13 @@
+<div align="center">
+<h1>SalesTool</h1>
+<br/>
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%>
+
+<br/>
+Here is your sales chart:
+<br/>
+<img src="piechart.gif"/>
+
+<br/>
+
+</div>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/index.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1,16 @@
+<html><head><title>Login Page</title></head>
+<body>
+<font size='5' color='blue'>Please Login</font><hr>
+
+<form action='j_security_check' method='post'>
+<table>
+ <tr><td>Name:</td>
+ <td><input type='text' name='j_username'></td></tr>
+ <tr><td>Password:</td>
+ <td><input type='password' name='j_password' size='8'></td>
+ </tr>
+</table>
+<br>
+ <input type='submit' value='login'>
+</form></body>
+ </html>
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/login.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
===================================================================
--- federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp (rev 0)
+++ federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp 2011-07-07 14:42:13 UTC (rev 1076)
@@ -0,0 +1 @@
+You are logged out.
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/logout.jsp
___________________________________________________________________
Added: svn:executable
+ *
Added: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
===================================================================
(Binary files differ)
Property changes on: federation/trunk/picketlink-webapps/sales-saml11/src/main/webapp/piechart.gif
___________________________________________________________________
Added: svn:executable
+ *
Added: svn:mime-type
+ application/octet-stream
More information about the jboss-cvs-commits
mailing list