[jboss-cvs] Picketlink SVN: r1047 - in federation/trunk: picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util and 9 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jun 30 19:50:06 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-06-30 19:50:05 -0400 (Thu, 30 Jun 2011)
New Revision: 1047
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SchemaManagerUtil.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/AbstractParserTest.java
federation/trunk/picketlink-fed-model/src/main/resources/schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd
federation/trunk/picketlink-xmlsec-model/src/main/resources/schema/w3c/xmlschema/xml.xsd
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/IDFedLSInputResolver.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SecurityActions.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-logout-request.xml
federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml
federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
Log:
PLFED-188: jaxp schema validation
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLSloRequestParser.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -31,9 +31,11 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
/**
@@ -64,11 +66,23 @@
parseCommonElements(startElement, xmlEventReader, logoutRequest);
+ startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ break;
+ elementName = StaxParserUtil.getStartElementName(startElement);
+
if (JBossSAMLConstants.SESSION_INDEX.get().equals(elementName))
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
logoutRequest.getSessionIndex().add(StaxParserUtil.getElementText(xmlEventReader));
}
+ else if (JBossSAMLConstants.NAMEID.get().equals(elementName))
+ {
+ NameIDType nameID = SAMLParserUtil.parseNameIDType(xmlEventReader);
+ logoutRequest.setNameID(nameID);
+ }
+ else
+ throw new RuntimeException("unknown " + elementName);
}
return logoutRequest;
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -21,8 +21,8 @@
*/
package org.picketlink.identity.federation.core.parsers.util;
+import java.io.IOException;
import java.io.InputStream;
-import java.net.URL;
import javax.xml.namespace.QName;
import javax.xml.stream.Location;
@@ -33,13 +33,9 @@
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
-import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.stax.StAXSource;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import org.apache.log4j.Logger;
@@ -48,13 +44,12 @@
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.JAXPValidationUtil;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.util.TransformerUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.xml.sax.ErrorHandler;
import org.xml.sax.SAXException;
-import org.xml.sax.SAXParseException;
/**
* Utility for the stax based parser
@@ -470,82 +465,8 @@
throw new RuntimeException("Expecting </" + tag + ">. Found </" + elementTag + ">");
}
- public static Validator getSchemaValidator()
+ public static Validator getSchemaValidator() throws SAXException, IOException
{
- if (validator == null)
- {
- try
- {
- final Class<?> clazz = StaxParserUtil.class;
-
- URL saml1Assertion = SecurityActions.loadResource(clazz, "schema/saml/v1/saml-schema-assertion-1.0.xsd");
- URL saml1Protocol = SecurityActions.loadResource(clazz, "schema/saml/v1/saml-schema-protocol-1.1.xsd");
- URL dsig = SecurityActions.loadResource(clazz, "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
- URL xmlenc = SecurityActions.loadResource(clazz, "schema/w3c/xmlenc/xenc-schema.xsd");
-
- if (saml1Assertion == null)
- throw new RuntimeException("SAML11 Assertion Schema not found");
-
- if (saml1Protocol == null)
- throw new RuntimeException("SAML11 Protocol Schema not found");
-
- if (dsig == null)
- throw new RuntimeException("XML DSIG Schema not found");
-
- if (xmlenc == null)
- throw new RuntimeException("XML Enc Schema not found");
-
- Source[] sources = new Source[]
- {new StreamSource(dsig.openStream()), new StreamSource(xmlenc.openStream()),
- new StreamSource(saml1Assertion.openStream()), new StreamSource(saml1Protocol.openStream())};
-
- /* URL schemaURL = tcl.getResource(schemaFile);
- if (schemaURL == null)
- throw new RuntimeException("Cannot find schema :" + schemaFile);*/
- SchemaFactory schemaFactory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
- Schema schemaGrammar = schemaFactory.newSchema(sources);
-
- validator = schemaGrammar.newValidator();
- validator.setErrorHandler(new ErrorHandler()
- {
-
- public void error(SAXParseException ex) throws SAXException
- {
- logException(ex);
- throw ex;
- }
-
- public void fatalError(SAXParseException ex) throws SAXException
- {
- logException(ex);
- throw ex;
- }
-
- public void warning(SAXParseException ex) throws SAXException
- {
- logException(ex);
- }
-
- private void logException(SAXParseException sax)
- {
- StringBuilder builder = new StringBuilder();
-
- if (trace)
- {
- builder.append("[").append(sax.getLineNumber()).append(",").append(sax.getColumnNumber())
- .append("]");
- builder.append(":").append(sax.getLocalizedMessage());
- log.trace(builder.toString());
- }
- }
- });
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- return validator;
+ return JAXPValidationUtil.validator();
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -111,7 +111,7 @@
X500_PREFIX("x500"),
X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
XACML_NSURI( "urn:oasis:names:tc:xacml:2.0:context:schema:os" ),
- XACML_SAML_NSURI( "urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os" ),
+ XACML_SAML_NSURI( "urn:oasis:xacml:2.0:saml:assertion:schema:os" ),
XACML_SAML_PROTO_NSURI( "urn:oasis:xacml:2.0:saml:protocol:schema:os" ),
XML( "http://www.w3.org/XML/1998/namespace" ),
XMLSCHEMA_NSURI("http://www.w3.org/2001/XMLSchema"),
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -76,6 +76,8 @@
{
StaxUtil.writeStartElement(writer, tag.getPrefix(), tag.getLocalPart(), tag.getNamespaceURI());
+ StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, ASSERTION_NSURI.get());
+
URI format = nameIDType.getFormat();
if (format != null)
{
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -102,6 +102,10 @@
if (issuer != null)
write(issuer, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ Element sig = assertion.getSignature();
+ if (sig != null)
+ StaxUtil.writeDOMElement(writer, sig);
+
SubjectType subject = assertion.getSubject();
if (subject != null)
{
@@ -174,10 +178,6 @@
}
}
- Element sig = assertion.getSignature();
- if (sig != null)
- StaxUtil.writeDOMElement(writer, sig);
-
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
@@ -369,6 +369,32 @@
}
}
+ Set<URIType> uriTypes = authContext.getURIType();
+ for (URIType uriType : uriTypes)
+ {
+ if (uriType instanceof AuthnContextClassRefType)
+ {
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_CLASS_REF.get(),
+ ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, uriType.getValue().toString());
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (uriType instanceof AuthnContextDeclRefType)
+ {
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX,
+ JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION_REF.get(), ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, uriType.getValue().toString());
+ StaxUtil.writeEndElement(writer);
+ }
+ else if (uriType instanceof AuthnContextDeclType)
+ {
+ StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.AUTHN_CONTEXT_DECLARATION.get(),
+ ASSERTION_NSURI.get());
+ StaxUtil.writeCharacters(writer, uriType.getValue().toString());
+ StaxUtil.writeEndElement(writer);
+ }
+ }
+
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -175,6 +175,12 @@
NameIDType issuer = logOutRequest.getIssuer();
write(issuer, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ NameIDType nameID = logOutRequest.getNameID();
+ if (nameID != null)
+ {
+ write(nameID, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX));
+ }
+
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -77,7 +77,10 @@
writeBaseAttributes(response);
NameIDType issuer = response.getIssuer();
- write(issuer, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ if (issuer != null)
+ {
+ write(issuer, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get()));
+ }
StatusType status = response.getStatus();
write(status);
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/IDFedLSInputResolver.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/IDFedLSInputResolver.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/IDFedLSInputResolver.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -23,9 +23,12 @@
import java.io.InputStream;
import java.io.Reader;
+import java.util.Collection;
import java.util.HashMap;
+import java.util.LinkedHashMap;
import java.util.Map;
+import org.apache.log4j.Logger;
import org.w3c.dom.ls.LSInput;
import org.w3c.dom.ls.LSResourceResolver;
@@ -36,15 +39,58 @@
*/
public class IDFedLSInputResolver implements LSResourceResolver
{
+ protected static Logger log = Logger.getLogger(IDFedLSInputResolver.class);
+
private static Map<String, LSInput> lsmap = new HashMap<String, LSInput>();
- private static Map<String, String> schemaLocationMap = new HashMap<String, String>();
+ private static Map<String, String> schemaLocationMap = new LinkedHashMap<String, String>();
static
{
+ //XML Schema/DTD
+ schemaLocationMap.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd");
+ schemaLocationMap.put("XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
+ schemaLocationMap.put("http://www.w3.org/2001/xml.xsd", "schema/w3c/xmlschema/xml.xsd");
+
+ //XML DSIG
+ schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
+ schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
+ "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
+
+ //XML Enc
+ schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd");
+ schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
+ "schema/w3c/xmlenc/xenc-schema.xsd");
+
+ //XACML
+ schemaLocationMap.put("access_control-xacml-2.0-context-schema-os.xsd",
+ "schema/access_control-xacml-2.0-context-schema-os.xsd");
+ schemaLocationMap.put("access_control-xacml-2.0-policy-schema-os.xsd",
+ "schema/access_control-xacml-2.0-policy-schema-os.xsd");
+
//SAML
+
schemaLocationMap.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
+ schemaLocationMap.put("saml-schema-protocol-2.0.xsd", "schema/saml/v2/saml-schema-protocol-2.0.xsd");
+ schemaLocationMap.put("saml-schema-metadata-2.0.xsd", "schema/saml/v2/saml-schema-metadata-2.0.xsd");
+ schemaLocationMap.put("saml-schema-x500-2.0.xsd", "schema/saml/v2/saml-schema-x500-2.0.xsd");
+ schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
+ schemaLocationMap.put("saml-schema-xacml-2.0.xsd", "schema/saml/v2/saml-schema-xacml-2.0.xsd");
+ schemaLocationMap.put("saml-schema-authn-context-2.0.xsd", "schema/saml/v2/saml-schema-authn-context-2.0.xsd");
+ schemaLocationMap.put("saml-schema-authn-context-types-2.0.xsd",
+ "schema/saml/v2/saml-schema-authn-context-types-2.0.xsd");
+ schemaLocationMap.put("saml-schema-assertion-1.0.xsd", "schema/saml/v1/saml-schema-assertion-1.0.xsd");
+ schemaLocationMap.put("oasis-sstc-saml-schema-assertion-1.1.xsd",
+ "schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd");
+ schemaLocationMap.put("saml-schema-protocol-1.1.xsd", "schema/saml/v1/saml-schema-protocol-1.1.xsd");
+
+ schemaLocationMap.put("access_control-xacml-2.0-saml-assertion-schema-os.xsd",
+ "schema/saml/v2/access_control-xacml-2.0-saml-assertion-schema-os.xsd");
+
+ schemaLocationMap.put("access_control-xacml-2.0-saml-protocol-schema-os.xsd",
+ "schema/saml/v2/access_control-xacml-2.0-saml-protocol-schema-os.xsd");
+
//WS-T
schemaLocationMap.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512", "schema/wstrust/v1_3/ws-trust-1.3.xsd");
schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
@@ -53,36 +99,30 @@
"schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd");
schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy", "schema/wstrust/v1_3/ws-policy.xsd");
schemaLocationMap.put("http://www.w3.org/2005/08/addressing", "schema/wstrust/v1_3/ws-addr.xsd");
+ }
- //XML DSIG
- schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
- schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
- "schema/w3c/xmldsig/xmldsig-core-schema.xsd");
-
- //XML Enc
- schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd");
- schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
- "schema/w3c/xmlenc/xenc-schema.xsd");
-
- //XML Schema/DTD
- schemaLocationMap.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd");
- schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd", "schema/w3c/xmlschema/XMLSchema.dtd");
+ public static Collection<String> schemas()
+ {
+ Collection<String> schemaValues = schemaLocationMap.values();
+ schemaValues.remove("schema/w3c/xmlschema/datatypes.dtd");
+ schemaValues.remove("schema/w3c/xmlschema/XMLSchema.dtd");
+ log.info("Considered the schemas:" + schemaValues);
+ return schemaValues;
}
public LSInput resolveResource(String type, String namespaceURI, final String publicId, final String systemId,
final String baseURI)
{
+ if (systemId == null)
+ throw new RuntimeException("systemid null");
LSInput lsi = lsmap.get(systemId);
if (lsi == null)
{
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- String loc = schemaLocationMap.get(systemId);
+ final ClassLoader tcl = SecurityActions.getContextClassLoader();
+ final String loc = schemaLocationMap.get(systemId);
if (loc == null)
return null;
- final InputStream is = tcl.getResourceAsStream(loc);
- if (is == null)
- throw new RuntimeException("inputstream is null for " + loc);
lsi = new LSInput()
{
public String getBaseURI()
@@ -92,6 +132,9 @@
public InputStream getByteStream()
{
+ final InputStream is = tcl.getResourceAsStream(loc);
+ if (is == null)
+ throw new RuntimeException("inputstream is null for " + loc);
return is;
}
@@ -162,5 +205,4 @@
}
return lsi;
}
-
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/JAXPValidationUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -0,0 +1,152 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.List;
+
+import javax.xml.XMLConstants;
+import javax.xml.transform.Source;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+import javax.xml.validation.Validator;
+
+import org.apache.log4j.Logger;
+import org.xml.sax.ErrorHandler;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+/**
+ * Utility class associated with JAXP Validation
+ * @author Anil.Saldhana at redhat.com
+ * @since Jun 30, 2011
+ */
+public class JAXPValidationUtil
+{
+ protected static Logger log = Logger.getLogger(JAXPValidationUtil.class);
+
+ protected static boolean trace = log.isTraceEnabled();
+
+ protected static Validator validator;
+
+ protected static SchemaFactory schemaFactory;
+
+ public static void validate(String str) throws SAXException, IOException
+ {
+ validator().validate(new StreamSource(str));
+ }
+
+ public static void validate(InputStream stream) throws SAXException, IOException
+ {
+ validator().validate(new StreamSource(stream));
+ }
+
+ public static Validator validator() throws SAXException, IOException
+ {
+ String schemaFactoryProperty = "javax.xml.validation.SchemaFactory:" + XMLConstants.W3C_XML_SCHEMA_NS_URI;
+ SecurityActions.setSystemProperty(schemaFactoryProperty, "org.apache.xerces.jaxp.validation.XMLSchemaFactory");
+
+ if (validator == null)
+ {
+ Schema schema = getSchema();
+ if (schema == null)
+ throw new RuntimeException("Could not get all the schemas");
+
+ validator = schema.newValidator();
+ validator.setErrorHandler(new CustomErrorHandler());
+ }
+ return validator;
+ }
+
+ private static Schema getSchema() throws IOException
+ {
+ schemaFactory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
+
+ schemaFactory.setResourceResolver(new IDFedLSInputResolver());
+ schemaFactory.setErrorHandler(new CustomErrorHandler());
+ Schema schemaGrammar = null;
+ try
+ {
+ schemaGrammar = schemaFactory.newSchema(sources());
+ }
+ catch (SAXException e)
+ {
+ log.error("Cannot get schema", e);
+ }
+ return schemaGrammar;
+ }
+
+ private static Source[] sources() throws IOException
+ {
+ List<String> schemas = SchemaManagerUtil.getSchemas();
+
+ Source[] sourceArr = new Source[schemas.size()];
+
+ int i = 0;
+ for (String schema : schemas)
+ {
+ URL url = SecurityActions.loadResource(JAXPValidationUtil.class, schema);
+ if (url == null)
+ throw new RuntimeException(schema + " is not available");
+ sourceArr[i++] = new StreamSource(url.openStream());
+ }
+ return sourceArr;
+ }
+
+ private static class CustomErrorHandler implements ErrorHandler
+ {
+ public void error(SAXParseException ex) throws SAXException
+ {
+ logException(ex);
+ if (ex.getMessage().contains("null") == false)
+ {
+ throw ex;
+ }
+ }
+
+ public void fatalError(SAXParseException ex) throws SAXException
+ {
+ logException(ex);
+ throw ex;
+ }
+
+ public void warning(SAXParseException ex) throws SAXException
+ {
+ logException(ex);
+ }
+
+ private void logException(SAXParseException sax)
+ {
+ StringBuilder builder = new StringBuilder();
+
+ if (trace)
+ {
+ builder.append("[").append(sax.getLineNumber()).append(",").append(sax.getColumnNumber()).append("]");
+ builder.append(":").append(sax.getLocalizedMessage());
+ log.trace(builder.toString());
+ }
+ }
+ };
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SchemaManagerUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SchemaManagerUtil.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SchemaManagerUtil.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -0,0 +1,117 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.util;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Manages the schemas for PicketLink
+ * @author Anil.Saldhana at redhat.com
+ * @since Jun 30, 2011
+ */
+public class SchemaManagerUtil
+{
+ public static List<String> getXMLSchemas()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/w3c/xmlschema/xml.xsd");
+ return list;
+ }
+
+ public static List<String> getXMLDSig()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/w3c/xmldsig/xmldsig-core-schema.xsd");
+ return list;
+ }
+
+ public static List<String> getXMLEnc()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/w3c/xmlenc/xenc-schema.xsd");
+ return list;
+ }
+
+ public static List<String> getXACMLSchemas()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/access_control-xacml-2.0-policy-schema-os.xsd");
+ list.add("schema/access_control-xacml-2.0-context-schema-os.xsd");
+ return list;
+ }
+
+ public static List<String> getSAML2Schemas()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/saml/v2/saml-schema-assertion-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-protocol-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-metadata-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-x500-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-authn-context-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-authn-context-types-2.0.xsd");
+ list.add("schema/saml/v2/saml-schema-xacml-2.0.xsd");
+ list.add("schema/saml/v2/access_control-xacml-2.0-saml-assertion-schema-os.xsd");
+ list.add("schema/saml/v2/access_control-xacml-2.0-saml-protocol-schema-os.xsd");
+ return list;
+ }
+
+ public static List<String> getSAML11Schemas()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/saml/v1/saml-schema-assertion-1.0.xsd");
+ list.add("schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd");
+ list.add("schema/saml/v1/saml-schema-protocol-1.1.xsd");
+ return list;
+ }
+
+ public static List<String> getWSTrustSchemas()
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add("schema/wstrust/v1_3/ws-trust-1.3.xsd");
+ list.add("schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd");
+ list.add("schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd");
+ list.add("schema/wstrust/v1_3/ws-policy.xsd");
+ list.add("schema/wstrust/v1_3/ws-addr.xsd");
+ return list;
+ }
+
+ public static List<String> getSchemas()
+ {
+ List<String> list = new ArrayList<String>();
+ list.addAll(getXMLSchemas());
+ list.addAll(getXMLDSig());
+ list.addAll(getXMLEnc());
+ list.addAll(getSAML2Schemas());
+ list.addAll(getSAML11Schemas());
+ list.addAll(getXACMLSchemas());
+ list.addAll(getWSTrustSchemas());
+ return list;
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SecurityActions.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SecurityActions.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/SecurityActions.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.core.util;
+import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
@@ -45,7 +46,7 @@
}
});
}
-
+
/**
* Set the system property
* @param key
@@ -63,7 +64,7 @@
}
});
}
-
+
/**
* Get the system property
* @param key
@@ -80,4 +81,32 @@
}
});
}
-}
+
+ /**
+ * Load a resource based on the passed {@link Class} classloader.
+ * Failing which try with the Thread Context CL
+ * @param clazz
+ * @param resourceName
+ * @return
+ */
+ static URL loadResource(final Class<?> clazz, final String resourceName)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<URL>()
+ {
+ public URL run()
+ {
+ URL url = null;
+ ClassLoader clazzLoader = clazz.getClassLoader();
+ url = clazzLoader.getResource(resourceName);
+
+ if (url == null)
+ {
+ clazzLoader = Thread.currentThread().getContextClassLoader();
+ url = clazzLoader.getResource(resourceName);
+ }
+
+ return url;
+ }
+ });
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/AbstractParserTest.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/AbstractParserTest.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/AbstractParserTest.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.parser.saml;
+
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+import java.io.StringReader;
+
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.validation.Validator;
+
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+
+/**
+ * Base class for the parser unit tests
+ * @author Anil.Saldhana at redhat.com
+ * @since Jun 30, 2011
+ */
+public class AbstractParserTest
+{
+ public void validateSchema(String value) throws Exception
+ {
+ System.setProperty("jaxp.debug", "true");
+ Validator validator = StaxParserUtil.getSchemaValidator();
+ assertNotNull(validator);
+ validator.validate(new StreamSource(new StringReader(value)));
+ }
+
+ public void validateSchema(InputStream is) throws Exception
+ {
+ System.setProperty("jaxp.debug", "true");
+ Validator validator = StaxParserUtil.getSchemaValidator();
+ assertNotNull(validator);
+ validator.validate(new StreamSource(is));
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11AssertionParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -27,16 +27,11 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import java.io.StringReader;
import java.net.URI;
import java.util.List;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Validator;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
-import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v1.writers.SAML11AssertionWriter;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -59,7 +54,7 @@
* @author Anil.Saldhana at redhat.com
* @since Jun 21, 2011
*/
-public class SAML11AssertionParserTestCase
+public class SAML11AssertionParserTestCase extends AbstractParserTest
{
@Test
public void testSAML11Assertion() throws Exception
@@ -101,10 +96,7 @@
writer.write(assertion);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -169,10 +161,7 @@
writer.write(assertion);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -202,10 +191,7 @@
writer.write(assertion);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -284,10 +270,7 @@
writer.write(assertion);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -330,9 +313,6 @@
writer.write(assertion);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11RequestParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -27,15 +27,10 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import java.io.StringReader;
import java.util.List;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Validator;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
-import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v1.SAML11Constants;
import org.picketlink.identity.federation.core.saml.v1.writers.SAML11RequestWriter;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
@@ -53,7 +48,7 @@
* @author Anil.Saldhana at redhat.com
* @since Jun 24, 2011
*/
-public class SAML11RequestParserTestCase
+public class SAML11RequestParserTestCase extends AbstractParserTest
{
@Test
public void testSAML11RequestWithAuthQuery() throws Exception
@@ -84,10 +79,7 @@
writer.write(request);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -119,10 +111,7 @@
writer.write(request);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -163,10 +152,7 @@
writer.write(request);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -192,10 +178,7 @@
writer.write(request);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
@Test
@@ -221,9 +204,6 @@
writer.write(request);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAML11ResponseParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -26,16 +26,11 @@
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
-import java.io.StringReader;
import java.util.List;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Validator;
-
import org.junit.Test;
import org.picketlink.identity.federation.core.parsers.saml.SAML11ResponseParser;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
-import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
import org.picketlink.identity.federation.core.saml.v1.writers.SAML11ResponseWriter;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.StaxUtil;
@@ -49,7 +44,7 @@
* @author Anil.Saldhana at redhat.com
* @since Jun 23, 2011
*/
-public class SAML11ResponseParserTestCase
+public class SAML11ResponseParserTestCase extends AbstractParserTest
{
@Test
public void testSAML11Response() throws Exception
@@ -83,9 +78,6 @@
writer.write(response);
String writtenString = new String(baos.toByteArray());
System.out.println(writtenString);
-
- Validator validator = StaxParserUtil.getSchemaValidator();
- assertNotNull(validator);
- validator.validate(new StreamSource(new StringReader(writtenString)));
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAssertionParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -60,7 +60,7 @@
* @author Anil.Saldhana at redhat.com
* @since Oct 12, 2010
*/
-public class SAMLAssertionParserTestCase
+public class SAMLAssertionParserTestCase extends AbstractParserTest
{
@Test
public void testSAMLAssertionParsing() throws Exception
@@ -89,29 +89,13 @@
assertEquals(XMLTimeUtil.parse("2010-09-30T19:13:37.869Z"), conditions.getNotBefore());
assertEquals(XMLTimeUtil.parse("2010-09-30T21:13:37.869Z"), conditions.getNotOnOrAfter());
- /*List<JAXBElement<?>> content = subject.getContent();
-
- int size = content.size();
-
- for( int i = 0 ; i < size; i++ )
- {
- JAXBElement<?> node = content.get(i);
- if( node.getDeclaredType().equals( NameIDType.class ))
- {
- NameIDType subjectNameID = (NameIDType) node.getValue();
-
- assertEquals( "jduke", subjectNameID.getValue() );
- assertEquals( "urn:picketlink:identity-federation", subjectNameID.getNameQualifier() );
- }
-
- if( node.getDeclaredType().equals( ConditionsType.class ))
- {
- //Conditions
- ConditionsType conditions = (ConditionsType) node.getValue();
- assertEquals( XMLTimeUtil.parse( "2010-09-30T19:13:37.869Z" ) , conditions.getNotBefore() );
- assertEquals( XMLTimeUtil.parse( "2010-09-30T21:13:37.869Z" ) , conditions.getNotOnOrAfter() );
- }
- } */
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(assertion);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
/**
@@ -154,6 +138,13 @@
assertEquals(1, audienceRestrictionType.getAudience().size());
assertEquals("http://services.testcorp.org/provider2", audienceRestrictionType.getAudience().get(0)
.toASCIIString());
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(assertion);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
@Test
@@ -228,7 +219,12 @@
SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos));
writer.write(assertion);
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+ byte[] bytes = baos.toByteArray();
+ ByteArrayInputStream bis = new ByteArrayInputStream(bytes);
DocumentUtil.getDocument(bis); //throws exceptions
+
+ String writtenString = new String(bytes);
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLAuthnRequestParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -42,7 +42,7 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 2, 2010
*/
-public class SAMLAuthnRequestParserTestCase
+public class SAMLAuthnRequestParserTestCase extends AbstractParserTest
{
@Test
public void testSAMLAuthnRequestParse() throws Exception
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLResponseParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -58,7 +58,7 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 2, 2010
*/
-public class SAMLResponseParserTestCase
+public class SAMLResponseParserTestCase extends AbstractParserTest
{
@Test
public void testSAMLResponseParse() throws Exception
@@ -128,6 +128,14 @@
ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
DocumentUtil.getDocument(bis); //throws exceptions
+
+ baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
@Test
@@ -196,6 +204,14 @@
if (!(str.equals("employee") || str.equals("manager")))
throw new RuntimeException("attrib value not found");
}
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
@Test
@@ -203,14 +219,15 @@
{
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
InputStream configStream = tcl.getResourceAsStream("saml-xacml/saml-xacml-response-1.xml");
-
+ validateSchema(configStream);
+ configStream = tcl.getResourceAsStream("saml-xacml/saml-xacml-response-1.xml");
SAMLParser parser = new SAMLParser();
ResponseType response = (ResponseType) parser.parse(configStream);
assertNotNull("ResponseType is not null", response);
//Get the assertion
AssertionType assertion = response.getAssertions().get(0).getAssertion();
- assertEquals("ID_response-id:1", assertion.getID());
+ assertEquals("ID_response-id_1", assertion.getID());
assertEquals(XMLTimeUtil.parse("2008-03-19T22:17:13Z"), assertion.getIssueInstant());
assertEquals("2.0", assertion.getVersion());
@@ -218,5 +235,13 @@
.iterator().next();
assertNotNull(xacmlStat.getRequest());
assertNotNull(xacmlStat.getResponse());
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloRequestParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -41,7 +41,7 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 3, 2010
*/
-public class SAMLSloRequestParserTestCase
+public class SAMLSloRequestParserTestCase extends AbstractParserTest
{
@Test
public void testSAMLLogOutRequestParsing() throws Exception
@@ -66,5 +66,13 @@
ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
DocumentUtil.getDocument(bis); //throws exceptions
+
+ baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(lotRequest);
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/SAMLSloResponseParserTestCase.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -46,7 +46,7 @@
* @author Anil.Saldhana at redhat.com
* @since Nov 3, 2010
*/
-public class SAMLSloResponseParserTestCase
+public class SAMLSloResponseParserTestCase extends AbstractParserTest
{
@Test
public void testSAMLResponseParse() throws Exception
@@ -79,6 +79,13 @@
ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
DocumentUtil.getDocument(bis); //throws exceptions
+ baos = new ByteArrayOutputStream();
+ //Lets do the writing
+ writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(baos));
+ writer.write(response, new QName(PROTOCOL_NSURI.get(), LOGOUT_RESPONSE.get(), "samlp"));
+ String writtenString = new String(baos.toByteArray());
+ System.out.println(writtenString);
+ validateSchema(writtenString);
}
@Test
Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-assertion-x500attrib.xml 2011-06-30 23:50:05 UTC (rev 1047)
@@ -6,8 +6,38 @@
Version="2.0"
IssueInstant="2004-12-05T09:22:05Z">
<saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
- <ds:Signature
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"></ds:Signature>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod
+ Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmlds#rsa-sha1" />
+ <ds:Reference URI="#ID_ab0392ef-b557-4453-95a8-a7e168da8ac5">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmlds#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmlds#sha1" />
+ <ds:DigestValue>0Y9QM5c5qCShz5UWmbFzBmbuTus=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>
+ se/flQ2htUQ0IUYieVkXNn9cfjnfgv6H99nFarsTNTpRI9xuSlw5OTai/2PYdZI2Va9+QzzBf99m
+ VFyigfFdfrqug6aKFhF0lsujzlFfPfmXBbDRiTFX+4SkBeV71uuy7rOUI/jRiitEA0QrKqs0e/pV
+ +C8PoaariisK96Mtt7A=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:KeyValue>
+ <ds:RSAKeyValue>
+ <ds:Modulus>
+ suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1
+ dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw
+ lYGGtrP5VQv00dfNPbs=
+ </ds:Modulus>
+ <ds:Exponent>AQAB</ds:Exponent>
+ </ds:RSAKeyValue>
+ </ds:KeyValue>
+ </ds:KeyInfo>
+ </ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">
Modified: federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-logout-request.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-logout-request.xml 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-logout-request.xml 2011-06-30 23:50:05 UTC (rev 1047)
@@ -6,4 +6,11 @@
IssueInstant="2010-07-29T13:46:20.647-05:00"
Version="2.0" >
<Issuer>http://localhost:8080/sales/</Issuer>
+ <saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ NameQualifier="urn:jboss:1.0"
+ SPNameQualifier="http://jboss.org"
+ Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
+ YgolvKBPsL4ABSrdOpilovLnVq+X
+ </saml:NameID>
+
</ns3:LogoutRequest>
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml/saml-xacml-response-1.xml 2011-06-30 23:50:05 UTC (rev 1047)
@@ -1,18 +1,18 @@
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
- ID="response-id:1" Version="2.0" IssueInstant="2008-03-19T22:17:13Z">
- <samlp:Status xmlns:samlp="urn:oasixacml-context:s:names:tc:SAML:2.0:protocol">
+ ID="response-id_1" Version="2.0" IssueInstant="2008-03-19T22:17:13Z">
+ <samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
Value="urn:oasis:names:tc:xacml:1.0:status:ok">
</samlp:StatusCode>
</samlp:Status>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- Version="2.0" ID="ID_response-id:1" IssueInstant="2008-03-19T22:17:13Z">
+ Version="2.0" ID="ID_response-id_1" IssueInstant="2008-03-19T22:17:13Z">
<saml:Issuer>issuer-1</saml:Issuer>
<saml:Statement xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xsi:type="xacml-samlp:XACMLAuthzDecisionStatementType"
+ xsi:type="xacml-saml:XACMLAuthzDecisionStatementType"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os"
- xmlns:xacml-saml="urn:oasis:names:tc:xacml:2.0:saml:assertion:schema:os">
+ xmlns:xacml-saml="urn:oasis:xacml:2.0:saml:assertion:schema:os">
<xacml-context:Response
xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os">
<xacml-context:Result>
@@ -36,7 +36,7 @@
<xacml-context:Request
xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
<xacml-context:Subject
Modified: federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2011-06-30 14:45:36 UTC (rev 1046)
+++ federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/saml/v2/profiles/xacml/assertion/XACMLAuthzDecisionStatementType.java 2011-06-30 23:50:05 UTC (rev 1047)
@@ -25,7 +25,6 @@
import org.jboss.security.xacml.core.model.context.ResponseType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
-
/**
* <p>Java class for XACMLAuthzDecisionStatementType complex type.
*
@@ -45,13 +44,15 @@
* </pre>
*
*
- */
-public class XACMLAuthzDecisionStatementType
-extends StatementAbstractType
-{
+ */
+public class XACMLAuthzDecisionStatementType extends StatementAbstractType
+{
private static final long serialVersionUID = 1L;
- public static final String XSI_TYPE = "xacml-samlp:XACMLAuthzDecisionStatementType";
+
+ public static final String XSI_TYPE = "xacml-saml:XACMLAuthzDecisionStatementType";
+
protected ResponseType response;
+
protected RequestType request;
/**
@@ -62,7 +63,8 @@
* {@link ResponseType }
*
*/
- public ResponseType getResponse() {
+ public ResponseType getResponse()
+ {
return response;
}
@@ -74,7 +76,8 @@
* {@link ResponseType }
*
*/
- public void setResponse(ResponseType value) {
+ public void setResponse(ResponseType value)
+ {
this.response = value;
}
@@ -86,7 +89,8 @@
* {@link RequestType }
*
*/
- public RequestType getRequest() {
+ public RequestType getRequest()
+ {
return request;
}
@@ -98,7 +102,8 @@
* {@link RequestType }
*
*/
- public void setRequest(RequestType value) {
+ public void setRequest(RequestType value)
+ {
this.request = value;
}
}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-model/src/main/resources/schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd
===================================================================
--- federation/trunk/picketlink-fed-model/src/main/resources/schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd (rev 0)
+++ federation/trunk/picketlink-fed-model/src/main/resources/schema/saml/v1/oasis-sstc-saml-schema-assertion-1.1.xsd 2011-06-30 23:50:05 UTC (rev 1047)
@@ -0,0 +1,222 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
+ <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <annotation>
+ <documentation>
+ Document identifier: oasis-sstc-saml-schema-assertion-1.1
+ Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+ Revision history:
+ V1.0 (November, 2002):
+ Initial standard schema.
+ V1.1 (September, 2003):
+ * Note that V1.1 of this schema has the same XML namespace as V1.0.
+ Rebased ID content directly on XML Schema types
+ Added DoNotCacheCondition element and DoNotCacheConditionType
+ </documentation>
+ </annotation>
+ <simpleType name="DecisionType">
+ <restriction base="string">
+
+ <enumeration value="Permit"/>
+ <enumeration value="Deny"/>
+ <enumeration value="Indeterminate"/>
+ </restriction>
+ </simpleType>
+ <element name="AssertionIDReference" type="NCName"/>
+ <element name="Assertion" type="saml:AssertionType"/>
+ <complexType name="AssertionType">
+ <sequence>
+
+ <element ref="saml:Conditions" minOccurs="0"/>
+ <element ref="saml:Advice" minOccurs="0"/>
+ <choice maxOccurs="unbounded">
+ <element ref="saml:Statement"/>
+ <element ref="saml:SubjectStatement"/>
+ <element ref="saml:AuthenticationStatement"/>
+ <element ref="saml:AuthorizationDecisionStatement"/>
+ <element ref="saml:AttributeStatement"/>
+ </choice>
+
+ <element ref="ds:Signature" minOccurs="0"/>
+ </sequence>
+ <attribute name="MajorVersion" type="integer" use="required"/>
+ <attribute name="MinorVersion" type="integer" use="required"/>
+ <attribute name="AssertionID" type="ID" use="required"/>
+ <attribute name="Issuer" type="string" use="required"/>
+ <attribute name="IssueInstant" type="dateTime" use="required"/>
+ </complexType>
+ <element name="Conditions" type="saml:ConditionsType"/>
+
+ <complexType name="ConditionsType">
+ <choice minOccurs="0" maxOccurs="unbounded">
+ <element ref="saml:AudienceRestrictionCondition"/>
+ <element ref="saml:DoNotCacheCondition"/>
+ <element ref="saml:Condition"/>
+ </choice>
+ <attribute name="NotBefore" type="dateTime" use="optional"/>
+ <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+ </complexType>
+
+ <element name="Condition" type="saml:ConditionAbstractType"/>
+ <complexType name="ConditionAbstractType" abstract="true"/>
+ <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
+ <complexType name="AudienceRestrictionConditionType">
+ <complexContent>
+ <extension base="saml:ConditionAbstractType">
+ <sequence>
+ <element ref="saml:Audience" maxOccurs="unbounded"/>
+ </sequence>
+
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Audience" type="anyURI"/>
+ <element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType"/>
+ <complexType name="DoNotCacheConditionType">
+ <complexContent>
+ <extension base="saml:ConditionAbstractType"/>
+ </complexContent>
+
+ </complexType>
+ <element name="Advice" type="saml:AdviceType"/>
+ <complexType name="AdviceType">
+ <choice minOccurs="0" maxOccurs="unbounded">
+ <element ref="saml:AssertionIDReference"/>
+ <element ref="saml:Assertion"/>
+ <any namespace="##other" processContents="lax"/>
+ </choice>
+ </complexType>
+
+ <element name="Statement" type="saml:StatementAbstractType"/>
+ <complexType name="StatementAbstractType" abstract="true"/>
+ <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
+ <complexType name="SubjectStatementAbstractType" abstract="true">
+ <complexContent>
+ <extension base="saml:StatementAbstractType">
+ <sequence>
+ <element ref="saml:Subject"/>
+ </sequence>
+
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Subject" type="saml:SubjectType"/>
+ <complexType name="SubjectType">
+ <choice>
+ <sequence>
+ <element ref="saml:NameIdentifier"/>
+ <element ref="saml:SubjectConfirmation" minOccurs="0"/>
+
+ </sequence>
+ <element ref="saml:SubjectConfirmation"/>
+ </choice>
+ </complexType>
+ <element name="NameIdentifier" type="saml:NameIdentifierType"/>
+ <complexType name="NameIdentifierType">
+ <simpleContent>
+ <extension base="string">
+ <attribute name="NameQualifier" type="string" use="optional"/>
+
+ <attribute name="Format" type="anyURI" use="optional"/>
+ </extension>
+ </simpleContent>
+ </complexType>
+ <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+ <complexType name="SubjectConfirmationType">
+ <sequence>
+ <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
+ <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+
+ <element ref="ds:KeyInfo" minOccurs="0"/>
+ </sequence>
+ </complexType>
+ <element name="SubjectConfirmationData" type="anyType"/>
+ <element name="ConfirmationMethod" type="anyURI"/>
+ <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
+ <complexType name="AuthenticationStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+
+ <sequence>
+ <element ref="saml:SubjectLocality" minOccurs="0"/>
+ <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
+ <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+ <complexType name="SubjectLocalityType">
+ <attribute name="IPAddress" type="string" use="optional"/>
+ <attribute name="DNSAddress" type="string" use="optional"/>
+ </complexType>
+ <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
+ <complexType name="AuthorityBindingType">
+ <attribute name="AuthorityKind" type="QName" use="required"/>
+ <attribute name="Location" type="anyURI" use="required"/>
+
+ <attribute name="Binding" type="anyURI" use="required"/>
+ </complexType>
+ <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
+ <complexType name="AuthorizationDecisionStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+ <sequence>
+ <element ref="saml:Action" maxOccurs="unbounded"/>
+ <element ref="saml:Evidence" minOccurs="0"/>
+
+ </sequence>
+ <attribute name="Resource" type="anyURI" use="required"/>
+ <attribute name="Decision" type="saml:DecisionType" use="required"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Action" type="saml:ActionType"/>
+ <complexType name="ActionType">
+ <simpleContent>
+
+ <extension base="string">
+ <attribute name="Namespace" type="anyURI"/>
+ </extension>
+ </simpleContent>
+ </complexType>
+ <element name="Evidence" type="saml:EvidenceType"/>
+ <complexType name="EvidenceType">
+ <choice maxOccurs="unbounded">
+ <element ref="saml:AssertionIDReference"/>
+
+ <element ref="saml:Assertion"/>
+ </choice>
+ </complexType>
+ <element name="AttributeStatement" type="saml:AttributeStatementType"/>
+ <complexType name="AttributeStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+ <sequence>
+ <element ref="saml:Attribute" maxOccurs="unbounded"/>
+
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
+ <complexType name="AttributeDesignatorType">
+ <attribute name="AttributeName" type="string" use="required"/>
+ <attribute name="AttributeNamespace" type="anyURI" use="required"/>
+ </complexType>
+
+ <element name="Attribute" type="saml:AttributeType"/>
+ <complexType name="AttributeType">
+ <complexContent>
+ <extension base="saml:AttributeDesignatorType">
+ <sequence>
+ <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
+ </sequence>
+ </extension>
+ </complexContent>
+
+ </complexType>
+ <element name="AttributeValue" type="anyType"/>
+</schema>
Added: federation/trunk/picketlink-xmlsec-model/src/main/resources/schema/w3c/xmlschema/xml.xsd
===================================================================
--- federation/trunk/picketlink-xmlsec-model/src/main/resources/schema/w3c/xmlschema/xml.xsd (rev 0)
+++ federation/trunk/picketlink-xmlsec-model/src/main/resources/schema/w3c/xmlschema/xml.xsd 2011-06-30 23:50:05 UTC (rev 1047)
@@ -0,0 +1,120 @@
+<?xml version='1.0'?>
+<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" >
+<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:xs="http://www.w3.org/2001/XMLSchema" xml:lang="en">
+
+ <xs:annotation>
+ <xs:documentation>
+ See http://www.w3.org/XML/1998/namespace.html and
+ http://www.w3.org/TR/REC-xml for information about this namespace.
+
+ This schema document describes the XML namespace, in a form
+ suitable for import by other schema documents.
+
+ Note that local names in this namespace are intended to be defined
+ only by the World Wide Web Consortium or its subgroups. The
+ following names are currently defined in this namespace and should
+ not be used with conflicting semantics by any Working Group,
+ specification, or document instance:
+
+ base (as an attribute name): denotes an attribute whose value
+ provides a URI to be used as the base for interpreting any
+ relative URIs in the scope of the element on which it
+ appears; its value is inherited. This name is reserved
+ by virtue of its definition in the XML Base specification.
+
+ lang (as an attribute name): denotes an attribute whose value
+ is a language code for the natural language of the content of
+ any element; its value is inherited. This name is reserved
+ by virtue of its definition in the XML specification.
+
+ space (as an attribute name): denotes an attribute whose
+ value is a keyword indicating what whitespace processing
+ discipline is intended for the content of the element; its
+ value is inherited. This name is reserved by virtue of its
+ definition in the XML specification.
+
+ Father (in any context at all): denotes Jon Bosak, the chair of
+ the original XML Working Group. This name is reserved by
+ the following decision of the W3C XML Plenary and
+ XML Coordination groups:
+
+ In appreciation for his vision, leadership and dedication
+ the W3C XML Plenary on this 10th day of February, 2000
+ reserves for Jon Bosak in perpetuity the XML name
+ xml:Father
+ </xs:documentation>
+ </xs:annotation>
+
+ <xs:annotation>
+ <xs:documentation>This schema defines attributes and an attribute group
+ suitable for use by
+ schemas wishing to allow xml:base, xml:lang or xml:space attributes
+ on elements they define.
+
+ To enable this, such a schema must import this schema
+ for the XML namespace, e.g. as follows:
+ <schema . . .>
+ . . .
+ <import namespace="http://www.w3.org/XML/1998/namespace"
+ schemaLocation="http://www.w3.org/2001/03/xml.xsd"/>
+
+ Subsequently, qualified reference to any of the attributes
+ or the group defined below will have the desired effect, e.g.
+
+ <type . . .>
+ . . .
+ <attributeGroup ref="xml:specialAttrs"/>
+
+ will define a type which will schema-validate an instance
+ element with any of those attributes</xs:documentation>
+
+ </xs:annotation>
+
+ <xs:annotation>
+ <xs:documentation>In keeping with the XML Schema WG's standard versioning
+ policy, this schema document will persist at
+ http://www.w3.org/2001/03/xml.xsd.
+ At the date of issue it can also be found at
+ http://www.w3.org/2001/xml.xsd.
+ The schema document at that URI may however change in the future,
+ in order to remain compatible with the latest version of XML Schema
+ itself. In other words, if the XML Schema namespace changes, the version
+ of this document at
+ http://www.w3.org/2001/xml.xsd will change
+ accordingly; the version at
+ http://www.w3.org/2001/03/xml.xsd will not change.
+ </xs:documentation>
+ </xs:annotation>
+
+ <xs:attribute name="lang" type="xs:language">
+ <xs:annotation>
+ <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter
+ codes as the enumerated possible values . . .</xs:documentation>
+
+ </xs:annotation>
+ </xs:attribute>
+
+ <xs:attribute name="space" default="preserve">
+ <xs:simpleType>
+ <xs:restriction base="xs:NCName">
+ <xs:enumeration value="default"/>
+ <xs:enumeration value="preserve"/>
+ </xs:restriction>
+
+ </xs:simpleType>
+ </xs:attribute>
+
+ <xs:attribute name="base" type="xs:anyURI">
+ <xs:annotation>
+ <xs:documentation>See http://www.w3.org/TR/xmlbase/ for
+ information about this attribute.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+
+ <xs:attributeGroup name="specialAttrs">
+ <xs:attribute ref="xml:base"/>
+ <xs:attribute ref="xml:lang"/>
+ <xs:attribute ref="xml:space"/>
+ </xs:attributeGroup>
+
+</xs:schema>
More information about the jboss-cvs-commits
mailing list