[jboss-cvs] Picketlink SVN: r799 - federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Mar 8 17:42:15 EST 2011 

Author: sguilhen at redhat.com
Date: 2011-03-08 17:42:15 -0500 (Tue, 08 Mar 2011)
New Revision: 799

Modified:
   federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java
Log:
PLFED-136: SAML2STSLoginModule now accepts properties that can be used to configure the Dispatch instance that will be used to send requests to the STS.

Modified: federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java
===================================================================
--- federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java	2011-03-08 07:37:27 UTC (rev 798)
+++ federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.java	2011-03-08 22:42:15 UTC (rev 799)
@@ -33,6 +33,8 @@
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginException;
 import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.transform.Source;
+import javax.xml.ws.Dispatch;
 
 import org.jboss.security.SecurityConstants;
 import org.jboss.security.auth.callback.ObjectCallback;
@@ -64,7 +66,7 @@
  * and included in the {@code Group} returned by the {@code getRoleSets} method.
  * </p>
  * <p>
- * This module defines module options:
+ * This module defines the following module options:
  * <li>
  *  <ul>configFile - this property identifies the properties file that will be used to establish communication with
  *  the external security token service.
@@ -75,6 +77,14 @@
  *  if the cache.invalidation option is configured.
  *  </ul>
  * </li>
+ * </p>
+ * <p>
+ * Any properties specified besides the above properties are assumed to be used to configure how the {@code STSClient}
+ * will connect to the STS. For example, the JBossWS {@code StubExt.PROPERTY_SOCKET_FACTORY} can be specified in order
+ * to inform the socket factory that must be used to connect to the STS. All properties will be set in the request
+ * context of the {@code Dispatch} instance used by the {@code STSClient} to send requests to the STS.  
+ * </p>
+ * <p>
  * An example of a {@code configFile} can be seen bellow:
  * <pre>
  * serviceName=PicketLinkSTS
@@ -110,6 +120,8 @@
    
    protected String securityDomain = null;
    
+   protected Map<String, ?> options = null;
+   
    /*
     * (non-Javadoc)
     * @see org.jboss.security.auth.spi.AbstractServerLoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)
@@ -119,18 +131,19 @@
          Map<String, ?> options)
    {
       super.initialize(subject, callbackHandler, sharedState, options);
-      // check if the options contain the name of the STS configuration file.
-      this.stsConfigurationFile = (String) options.get("configFile");
-      
-      String cacheInvalidation = (String) options.get( "cache.invalidation" );
+      this.options = options;
+
+      // save the config file and cache validation options, removing them from the map - all remainig properties will
+      // be set in the request context of the Dispatch instance used to send requests to the STS.
+      this.stsConfigurationFile = (String) this.options.remove("configFile");
+      String cacheInvalidation = (String) this.options.remove( "cache.invalidation" );
       if( cacheInvalidation != null && !cacheInvalidation.isEmpty() )
       {
-         enableCacheInvalidation = Boolean.parseBoolean( cacheInvalidation );
-         securityDomain = (String) options.get( SecurityConstants.SECURITY_DOMAIN_OPTION );
-         if( securityDomain == null || securityDomain.isEmpty() )
+         this.enableCacheInvalidation = Boolean.parseBoolean( cacheInvalidation );
+         this.securityDomain = (String) this.options.remove( SecurityConstants.SECURITY_DOMAIN_OPTION );
+         if( this.securityDomain == null || this.securityDomain.isEmpty() )
             throw new RuntimeException( "Please configure option:" + SecurityConstants.SECURITY_DOMAIN_OPTION );
       }
-      
    }
 
    /*
@@ -339,6 +352,15 @@
    protected STSClient getSTSClient()
    {
       Builder builder = new Builder(this.stsConfigurationFile);
-      return new STSClient(builder.build());
+      STSClient client = new STSClient(builder.build());
+      // if the login module options map still contains any properties, assume they are for configuring the connection
+      // to the STS and set them in the Dispatch request context.
+      if (!this.options.isEmpty())
+      {
+         Dispatch<Source> dispatch = client.getDispatch();
+         for (Map.Entry<String, ?> entry : this.options.entrySet())
+            dispatch.getRequestContext().put(entry.getKey(), entry.getValue());
+      }
+      return client;
    }
 }
\ No newline at end of file

More information about the jboss-cvs-commits mailing list