[jboss-cvs] Picketlink SVN: r1496 - in product/trunk/picketlink-core/src: main/java/org/picketlink/identity/federation/api/saml/v2/response and 62 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Mar 12 15:35:16 EDT 2012
Author: anil.saldhana at jboss.com
Date: 2012-03-12 15:35:11 -0400 (Mon, 12 Mar 2012)
New Revision: 1496
Added:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/SerializablePrincipal.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/AbstractSAMLConfigurationProvider.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/integration/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/integration/IdentityServerUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterChain.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletResponse.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java
product/trunk/picketlink-core/src/test/resources/idp-metadata.xml
product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-response-salesforce.xml
product/trunk/picketlink-core/src/test/resources/signatures/
product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml
product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml
product/trunk/picketlink-core/src/test/resources/sp-metadata.xml
Removed:
product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml
product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/IDPType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/KeyValueType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/ProviderType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/SPType.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/factories/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow/
product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml/
product/trunk/picketlink-core/src/test/resources/
product/trunk/picketlink-core/src/test/resources/config/
product/trunk/picketlink-core/src/test/resources/endorsed/
product/trunk/picketlink-core/src/test/resources/jbossws/
product/trunk/picketlink-core/src/test/resources/keystore/
product/trunk/picketlink-core/src/test/resources/log4j.xml
product/trunk/picketlink-core/src/test/resources/logging.properties
product/trunk/picketlink-core/src/test/resources/metadata/
product/trunk/picketlink-core/src/test/resources/openid/
product/trunk/picketlink-core/src/test/resources/parser/
product/trunk/picketlink-core/src/test/resources/parser/saml2/
product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-assertion-subjectconfirmation.xml
product/trunk/picketlink-core/src/test/resources/responseIDP/
product/trunk/picketlink-core/src/test/resources/saml-xacml/
product/trunk/picketlink-core/src/test/resources/saml/
product/trunk/picketlink-core/src/test/resources/saml2/
product/trunk/picketlink-core/src/test/resources/saml2/redirect/
product/trunk/picketlink-core/src/test/resources/sts-client.properties
product/trunk/picketlink-core/src/test/resources/sts/
product/trunk/picketlink-core/src/test/resources/wstrust/
product/trunk/picketlink-core/src/test/resources/xacml/
product/trunk/picketlink-core/src/test/resources/xml/
Log:
merge in community changes until -r1494
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/api:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/api:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api:1152-1154,1159-1173,1192-1228,1362-1494
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/api:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/api:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/api:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1098-1132,1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1098-1132,1152-1154,1159-1173,1192-1228,1362-1494
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/api/saml/v2/response/SAML2Response.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings:1152-1173,1192-1228,1329-1348
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1155-1158
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings:1152-1173,1192-1228,1329-1348,1362-1494
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1155-1158
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss:1362-1494
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173,1192-1228,1329-1348
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1144-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173,1192-1228,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1144-1154,1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/jboss/auth:1362-1494
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/jboss/auth:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1144-1173,1192-1228,1321-1324,1329-1348
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1144-1173,1192-1228,1321-1324,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/tomcat:1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp:1326,1329-1348
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp:1326,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/tomcat/idp:1362-1494
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -116,6 +116,7 @@
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
+import org.picketlink.identity.federation.web.config.AbstractSAMLConfigurationProvider;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityParticipantStack;
@@ -156,7 +157,7 @@
private Boolean ignoreIncomingSignatures = false;
private Boolean signOutgoingMessages = true;
-
+
/**
* Defines how the token's signature will be validated. If true is used the token's issuer, otherwise the request.getRemoteAddr. Default false.
*/
@@ -188,6 +189,13 @@
* A Lock for Handler operations in the chain
*/
private final Lock chainLock = new ReentrantLock();
+
+ /**
+ * SAML Web Browser SSO Profile has a requirement that the IDP does not respond
+ * back in Redirect Binding. Set this to true if you want the IDP to adhere to
+ * this requirement via
+ */
+ private boolean strictPostBinding = false;
//Set a list of attributes we are interested in separated by comma
public void setAttributeList(String attribList)
@@ -216,6 +224,11 @@
}
}
+ public void setStrictPostBinding(Boolean strictPostBinding)
+ {
+ this.strictPostBinding = strictPostBinding;
+ }
+
public Boolean getIgnoreIncomingSignatures()
{
return ignoreIncomingSignatures;
@@ -234,10 +247,10 @@
{
this.validatingAliasToTokenIssuer = validatingAliasToTokenIssuer;
}
-
- public Boolean getValidatingAliasToTokenIssuer()
+
+ public Boolean getValidatingAliasToTokenIssuer()
{
- return validatingAliasToTokenIssuer;
+ return validatingAliasToTokenIssuer;
}
/**
@@ -359,10 +372,10 @@
if (this.signOutgoingMessages)
{
holder.setSupportSignature(true).setPrivateKey(keyManager.getSigningKey());
- webRequestUtil.send(holder);
- //webRequestUtil.send(samlErrorResponse, referer, relayState, response, true,
- //this.keyManager.getSigningKey(), false);
}
+
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
webRequestUtil.send(holder);
}
catch (GeneralSecurityException e)
@@ -530,8 +543,9 @@
{
samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
samlObject = samlDocumentHolder.getSamlObject();
-
- if (!(samlObject instanceof RequestAbstractType)) {
+
+ if (!(samlObject instanceof RequestAbstractType))
+ {
throw new RuntimeException(ErrorCodes.WRONG_TYPE + samlObject.getClass().getName());
}
@@ -577,7 +591,7 @@
log.trace("Remote Host=" + request.getRemoteAddr());
log.trace("Validating Alias=" + tokenSignatureValidatingAlias);
}
-
+
PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager, tokenSignatureValidatingAlias);
requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
requestOptions.put(GeneralConstants.DECRYPTING_KEY, keyManager.getSigningKey());
@@ -648,6 +662,9 @@
holder.setResponseDoc(samlResponse).setDestination(destination).setRelayState(relayState)
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
.setServletResponse(response);
+
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
if (requestedPostProfile != null)
holder.setPostBindingRequested(requestedPostProfile);
@@ -659,6 +676,8 @@
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
}
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
webRequestUtil.send(holder);
}
catch (ParsingException e)
@@ -686,20 +705,22 @@
private String getTokenSignatureValidatingAlias(Request request, String issuer)
{
String issuerHost = request.getRemoteAddr();
-
- if (this.validatingAliasToTokenIssuer) {
+
+ if (this.validatingAliasToTokenIssuer)
+ {
try
{
issuerHost = new URL(issuer).getHost();
}
catch (MalformedURLException e)
{
- if (trace) {
+ if (trace)
+ {
log.trace("Token issuer is not a valid URL: " + issuer + ". Using the requester address instead.", e);
}
}
}
-
+
return issuerHost;
}
@@ -713,7 +734,7 @@
Document samlResponse = null;
String destination = null;
- Boolean requestedPostProfile = null;
+ boolean requestedPostProfile = false;
//Get the SAML Response Message
String samlResponseMessage = (String) session.getNote(GeneralConstants.SAML_RESPONSE_KEY);
@@ -731,18 +752,18 @@
{
samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
samlObject = samlDocumentHolder.getSamlObject();
-
+
if (!(samlObject instanceof StatusResponseType))
{
throw new RuntimeException(ErrorCodes.WRONG_TYPE + samlObject.getClass().getName());
}
-
+
boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
boolean isValid = false;
StatusResponseType statusResponseType = (StatusResponseType) samlObject;
String issuer = statusResponseType.getIssuer().getValue();
String tokenValidatingAlias = getTokenSignatureValidatingAlias(request, issuer);
-
+
if (isPost)
{
//Validate
@@ -827,15 +848,18 @@
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
.setServletResponse(response).setPostBindingRequested(requestedPostProfile);
- if (requestedPostProfile != null)
+ /*if (requestedPostProfile)
holder.setPostBindingRequested(requestedPostProfile);
else
- holder.setPostBindingRequested(postProfile);
+ holder.setPostBindingRequested(postProfile);*/
if (this.signOutgoingMessages)
{
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
}
+
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
webRequestUtil.send(holder);
}
catch (ParsingException e)
@@ -918,6 +942,9 @@
{
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
}
+
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
webRequestUtil.send(holder);
}
catch (ParsingException e1)
@@ -1050,27 +1077,36 @@
}
}
+ String configFile = GeneralConstants.CONFIG_FILE_LOCATION;
+ context = (Context) getContainer();
+
+ InputStream is = context.getServletContext().getResourceAsStream(configFile);
+
//Work on the IDP Configuration
if (configProvider != null)
{
try
{
idpConfiguration = configProvider.getIDPConfiguration();
+
+ //Additionally parse the config file
+ if (is != null && configProvider instanceof AbstractSAMLConfigurationProvider)
+ {
+ ((AbstractSAMLConfigurationProvider) configProvider).setConfigFile(is);
+ }
}
catch (ProcessingException e)
{
throw new RuntimeException(ErrorCodes.PROCESSING_EXCEPTION + e.getLocalizedMessage());
}
+ catch (ParsingException e)
+ {
+ throw new RuntimeException(ErrorCodes.PARSING_ERROR + e.getLocalizedMessage());
+ }
}
- String configFile = GeneralConstants.CONFIG_FILE_LOCATION;
-
- context = (Context) getContainer();
-
if (idpConfiguration == null)
{
-
- InputStream is = context.getServletContext().getResourceAsStream(configFile);
if (is == null)
throw new RuntimeException(ErrorCodes.IDP_WEBBROWSER_VALVE_CONF_FILE_MISSING + configFile);
@@ -1123,9 +1159,9 @@
log.info("Did not find picketlink-sts.xml. We will install default configuration");
sts.installDefaultConfiguration();
}
- else
+ else
sts.installDefaultConfiguration(stsTokenConfigFile.toURI().toString());
-
+
if (this.signOutgoingMessages)
{
KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider();
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1173,1192-1228,1302-1319,1321-1324,1329-1348
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1173,1192-1228,1302-1319,1321-1324,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/jboss/tomcat/sp:1362-1494
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -73,6 +73,7 @@
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.KeyDescriptorType;
+import org.picketlink.identity.federation.web.config.AbstractSAMLConfigurationProvider;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.util.ConfigurationUtil;
import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
@@ -396,6 +397,10 @@
if (configProvider != null)
{
spConfiguration = configProvider.getSPConfiguration();
+ if (configProvider instanceof AbstractSAMLConfigurationProvider)
+ {
+ ((AbstractSAMLConfigurationProvider) configProvider).setConfigFile(is);
+ }
}
else
{
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -80,6 +80,22 @@
protected static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
protected boolean jbossEnv = false;
+
+ /**
+ * The SAML Web Browser SSO Profile says that the IDP cannot send
+ * response back in Redirect Binding. The user should use this
+ * parameter to adhere to that requirement.
+ */
+ protected boolean idpPostBinding = false;
+
+ /**
+ * Set the Authenticator to expect a post response from IDP
+ * @param idpPostBinding
+ */
+ public void setIdpPostBinding(Boolean idpPostBinding)
+ {
+ this.idpPostBinding = idpPostBinding;
+ }
public SPRedirectFormAuthenticator()
{
@@ -237,6 +253,8 @@
{
ServiceProviderSAMLResponseProcessor responseProcessor = new ServiceProviderSAMLResponseProcessor(false,
serviceURL);
+ if(idpPostBinding)
+ responseProcessor.setIdpPostBinding(true);
initializeSAMLProcessor(responseProcessor);
SAML2HandlerResponse saml2HandlerResponse = null;
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core:1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core:1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/ErrorCodes.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -66,6 +66,8 @@
String IDP_WEBBROWSER_VALVE_NOT_STARTED = "PL00024: IDPWebBrowserSSOValve NotStarted";
+ String ILLEGAL_METHOD_CALLED = "PL00020: Illegal Method Called";
+
String INVALID_ASSERTION = "PL00080: Invalid Assertion:";
String INVALID_DIGITAL_SIGNATURE = "PL00009: Invalid Digital Signature:";
Copied: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/SerializablePrincipal.java (from rev 1494, federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/SerializablePrincipal.java)
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/SerializablePrincipal.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/SerializablePrincipal.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * An instance of {@link Principal} that is {@link Serializable}
+ * @author Anil Saldhana
+ * @since Feb 21, 2012
+ */
+public class SerializablePrincipal implements Principal, Serializable
+{
+ private static final long serialVersionUID = -4732505034437816312L;
+
+ private final String name;
+
+ public SerializablePrincipal(String name)
+ {
+ this.name = name;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/IDPType.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/IDPType.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/IDPType.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -21,6 +21,8 @@
*/
package org.picketlink.identity.federation.core.config;
+import org.picketlink.identity.federation.core.util.StringUtil;
+
/**
*
* IDP Type defines the configuration for an Identity
@@ -220,4 +222,26 @@
this.encrypt = value;
}
-}
+ /**
+ * Import values from another {@link IDPType}
+ * @param other
+ */
+ public void importFrom(IDPType other)
+ {
+ super.importFrom(other);
+
+ String attributeManager = other.getAttributeManager();
+ if (StringUtil.isNotNull(attributeManager))
+ {
+ setAttributeManager(attributeManager);
+ }
+ assertionValidity = other.getAssertionValidity();
+
+ encrypt = other.isEncrypt();
+
+ if (StringUtil.isNotNull(other.getRoleGenerator()))
+ {
+ this.roleGenerator = other.getRoleGenerator();
+ }
+ }
+}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/KeyValueType.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/KeyValueType.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/KeyValueType.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -98,4 +98,17 @@
this.value = value;
}
-}
+ /**
+ * Create a new instance
+ * @param key
+ * @param value
+ * @return
+ */
+ public static KeyValueType create(String key, String value)
+ {
+ KeyValueType keyValueType = new KeyValueType();
+ keyValueType.setKey(key);
+ keyValueType.setValue(value);
+ return keyValueType;
+ }
+}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/ProviderType.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/ProviderType.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/ProviderType.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -26,6 +26,8 @@
import javax.xml.crypto.dsig.CanonicalizationMethod;
+import org.picketlink.identity.federation.core.util.StringUtil;
+
/**
* Base Type for IDP and SP
*
@@ -268,4 +270,27 @@
{
return additionalOptions.get(key);
}
+
+ /**
+ * Import values from another {@link IDPType}
+ * @param other
+ */
+ public void importFrom(ProviderType other)
+ {
+ KeyProviderType keyProvider = other.getKeyProvider();
+ if (keyProvider != null)
+ {
+ setKeyProvider(keyProvider);
+ }
+
+ String can = other.getCanonicalizationMethod();
+ if (StringUtil.isNotNull(can))
+ {
+ setCanonicalizationMethod(can);
+ }
+
+ trust = other.getTrust();
+
+ additionalOptions.putAll(other.additionalOptions);
+ }
}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/SPType.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/SPType.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/config/SPType.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -21,6 +21,7 @@
*/
package org.picketlink.identity.federation.core.config;
+
/**
* Service Provider Type
*
@@ -44,7 +45,6 @@
*/
public class SPType extends ProviderType
{
-
protected String serviceURL;
protected String idpMetadataFile;
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/factories
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/factories:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/factories:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/factories:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories:1152-1173,1192-1228,1295-1296,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/factories:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/factories:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/factories:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/factories:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/factories:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories:1152-1173,1192-1228,1295-1296,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/factories:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/factories:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1095-1296,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1095-1296,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/factories/JBossAuthCacheInvalidationFactory.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1173,1192-1228,1327-1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1173,1192-1228,1327-1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLStatusResponseTypeParser.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -129,6 +129,13 @@
//Peek at the next start element to see if it is status code
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
+ if (startElement == null)
+ {
+ // Go to Status code end element.
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate(endElement, JBossSAMLConstants.STATUS_CODE.get());
+ continue;
+ }
elementTag = startElement.getName().getLocalPart();
if (JBossSAMLConstants.STATUS_CODE.get().equals(elementTag))
{
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1095-1096,1152-1173,1192-1228,1327-1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1095-1096,1152-1173,1192-1228,1327-1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1095-1096,1098-1134,1152-1173,1192-1228,1327-1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1095-1096,1098-1134,1152-1173,1192-1228,1327-1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -197,6 +197,11 @@
{
return StaxParserUtil.getElementText(xmlEventReader);
}
+ else if (typeValue.contains(":anyType"))
+ {
+ //TODO: for now assume that it is a text value that can be parsed and set as the attribute value
+ return StaxParserUtil.getElementText(xmlEventReader);
+ }
throw new RuntimeException(UNKNOWN_XSI + typeValue);
}
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1095-1108,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1095-1108,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/parsers/util/SAMLParserUtil.java:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/parsers/util/StaxParserUtil.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -24,7 +24,6 @@
import static org.picketlink.identity.federation.core.ErrorCodes.EXPECTED_END_TAG;
import static org.picketlink.identity.federation.core.ErrorCodes.EXPECTED_TAG;
import static org.picketlink.identity.federation.core.ErrorCodes.EXPECTED_XSI;
-import static org.picketlink.identity.federation.core.ErrorCodes.NULL_INPUT_STREAM;
import java.io.IOException;
import java.io.InputStream;
@@ -44,6 +43,7 @@
import javax.xml.validation.Validator;
import org.apache.log4j.Logger;
+import org.picketlink.identity.federation.core.ErrorCodes;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
@@ -439,8 +439,8 @@
*/
public static final String trim(String str)
{
- if (str == null || str.length() == 0)
- throw new IllegalArgumentException(NULL_INPUT_STREAM);
+ if (str == null)
+ throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT);
return str.trim();
}
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/pdp/SOAPSAMLXACMLPDP.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -60,7 +60,7 @@
protected Logger log = Logger.getLogger(SOAPSAMLXACMLPDP.class);
@Resource
- WebServiceContext context;
+ protected WebServiceContext context;
protected String policyConfigFileName = "policyConfig.xml";
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1133-1137,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1133-1137,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v1/writers/SAML11AssertionWriter.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1173,1192-1228,1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1173,1192-1228,1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1098-1134,1152-1173,1192-1228,1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1098-1134,1152-1173,1192-1228,1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1095-1108,1152-1173,1192-1228,1328,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1095-1108,1152-1173,1192-1228,1328,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1144-1145,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1144-1145,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/exceptions:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1144-1147,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1144-1147,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/interfaces:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1098-1110,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1098-1110,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/util:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1133-1137,1152-1173,1192-1228,1295-1300,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1133-1137,1152-1173,1192-1228,1295-1300,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/BaseWriter.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1095-1109,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1095-1109,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLAssertionWriter.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096,1098-1134,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1095-1096,1098-1134,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLMetadataWriter.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1098-1109,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1098-1109,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLRequestWriter.java:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1098-1109,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1098-1109,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/saml/v2/writers/SAMLResponseWriter.java:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/sts/registry/DefaultTokenRegistry.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -22,8 +22,8 @@
package org.picketlink.identity.federation.core.sts.registry;
import java.io.IOException;
-import java.util.HashMap;
import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
@@ -33,19 +33,19 @@
* @since Jan 4, 2011
*/
public class DefaultTokenRegistry implements SecurityTokenRegistry
-{
- protected Map<String, Object> tokens = new HashMap<String,Object>();
-
+{
+ protected Map<String, Object> tokens = new ConcurrentHashMap<String, Object>();
+
/**
* @see org.picketlink.identity.federation.core.sts.registry.SecurityTokenRegistry#addToken(java.lang.String, java.lang.Object)
*/
public void addToken(String tokenID, Object token) throws IOException
{
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
-
- tokens.put( tokenID, token );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ tokens.put(tokenID, token);
}
/**
@@ -54,20 +54,20 @@
public Object getToken(String tokenID)
{
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
-
- return tokens.get( tokenID );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+
+ return tokens.get(tokenID);
}
/**
* @see org.picketlink.identity.federation.core.sts.registry.SecurityTokenRegistry#removeToken(java.lang.String)
*/
public void removeToken(String tokenID) throws IOException
- {
+ {
SecurityManager sm = System.getSecurityManager();
- if( sm != null )
- sm.checkPermission( PicketLinkCoreSTS.rte );
- tokens.remove( tokenID );
+ if (sm != null)
+ sm.checkPermission(PicketLinkCoreSTS.rte);
+ tokens.remove(tokenID);
}
}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util:1098-1111,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util:1098-1111,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/CoreConfigUtil.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -36,6 +36,7 @@
import org.picketlink.identity.federation.core.ErrorCodes;
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
+import org.picketlink.identity.federation.core.config.IDPType;
import org.picketlink.identity.federation.core.config.KeyProviderType;
import org.picketlink.identity.federation.core.config.KeyValueType;
import org.picketlink.identity.federation.core.config.ProviderType;
@@ -45,11 +46,15 @@
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.saml.v2.metadata.EndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTChoiceType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType.EDTDescriptorChoiceType;
import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IndexedEndpointType;
+import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
/**
* Utility for configuration
@@ -287,8 +292,139 @@
return returningList;
}
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
public static SPType getSPConfiguration(EntityDescriptorType entityDescriptor, String bindingURI)
{
+ SPType spType = new SPType();
+ String identityURL = null;
+ String serviceURL = null;
+
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor(entityDescriptor);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ spType.setIdentityURL(identityURL);
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor(entityDescriptor);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ spType.setServiceURL(serviceURL);
+ }
+ return spType;
+ }
+
+ /**
+ * Given a metadata {@link EntityDescriptorType}, construct the Service provider configuration
+ * @param entityDescriptor
+ * @param bindingURI
+ * @return
+ */
+ public static SPType getSPConfiguration(EntitiesDescriptorType entitiesDescriptor, String bindingURI)
+ {
+ SPType spType = null;
+ String identityURL = null;
+ String serviceURL = null;
+
+ List<Object> list = entitiesDescriptor.getEntityDescriptor();
+ if (list != null)
+ {
+ for (Object theObject : list)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ spType = getSPConfiguration((EntitiesDescriptorType) theObject, bindingURI);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ if (identityURL == null)
+ {
+ IDPSSODescriptorType idpSSO = getIDPDescriptor((EntityDescriptorType) theObject);
+ if (idpSSO != null)
+ {
+ identityURL = getIdentityURL(idpSSO, bindingURI);
+ }
+ if (identityURL != null && spType != null)
+ {
+ spType.setIdentityURL(identityURL);
+ }
+ else if (identityURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setIdentityURL(identityURL);
+ }
+ }
+ if (serviceURL == null)
+ {
+ SPSSODescriptorType spSSO = getSPDescriptor((EntityDescriptorType) theObject);
+ if (spSSO != null)
+ {
+ serviceURL = getServiceURL(spSSO, bindingURI);
+ }
+ if (serviceURL != null && spType != null)
+ {
+ spType.setServiceURL(serviceURL);
+ }
+ else if (serviceURL != null && spType == null)
+ {
+ spType = new SPType();
+ spType.setServiceURL(serviceURL);
+ }
+ }
+ }
+ if (spType != null && !StringUtil.isNullOrEmpty(spType.getIdentityURL())
+ && !StringUtil.isNullOrEmpty(spType.getServiceURL()))
+ break;
+ }
+ }
+ return spType;
+ }
+
+ /**
+ * Get the first metadata descriptor for an IDP
+ * @param entitiesDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntitiesDescriptorType entitiesDescriptor)
+ {
+ IDPSSODescriptorType idp = null;
+ List<Object> entitiesList = entitiesDescriptor.getEntityDescriptor();
+ for (Object theObject : entitiesList)
+ {
+ if (theObject instanceof EntitiesDescriptorType)
+ {
+ idp = getIDPDescriptor((EntitiesDescriptorType) theObject);
+ }
+ else if (theObject instanceof EntityDescriptorType)
+ {
+ idp = getIDPDescriptor((EntityDescriptorType) theObject);
+ }
+ if (idp != null)
+ {
+ break;
+ }
+ }
+ return idp;
+ }
+
+ /**
+ * Get the IDP metadata descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType entityDescriptor)
+ {
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
{
@@ -298,14 +434,19 @@
IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
if (idpSSO != null)
{
- return getSPConfiguration(idpSSO, bindingURI);
+ return idpSSO;
}
}
}
return null;
}
- public static IDPSSODescriptorType getIDPDescriptor(EntityDescriptorType entityDescriptor)
+ /**
+ * Get the SP Descriptor from an entity descriptor
+ * @param entityDescriptor
+ * @return
+ */
+ public static SPSSODescriptorType getSPDescriptor(EntityDescriptorType entityDescriptor)
{
List<EDTChoiceType> edtChoices = entityDescriptor.getChoiceType();
for (EDTChoiceType edt : edtChoices)
@@ -313,21 +454,26 @@
List<EDTDescriptorChoiceType> edtDescriptors = edt.getDescriptors();
for (EDTDescriptorChoiceType edtDesc : edtDescriptors)
{
- IDPSSODescriptorType idpSSO = edtDesc.getIdpDescriptor();
- if (idpSSO != null)
+ SPSSODescriptorType spSSO = edtDesc.getSpDescriptor();
+ if (spSSO != null)
{
- return idpSSO;
+ return spSSO;
}
}
}
return null;
}
- public static SPType getSPConfiguration(IDPSSODescriptorType idp, String bindingURI)
+ /**
+ * Given a binding uri, get the IDP identity url
+ * @param idp
+ * @param bindingURI
+ * @return
+ */
+ public static String getIdentityURL(IDPSSODescriptorType idp, String bindingURI)
{
String identityURL = null;
- SPType sp = new SPType();
List<EndpointType> endpoints = idp.getSingleSignOnService();
for (EndpointType endpoint : endpoints)
{
@@ -338,8 +484,59 @@
}
}
- //get identity url
- sp.setIdentityURL(identityURL);
- return sp;
+ return identityURL;
}
+
+ /**
+ * Get the service url for the SP
+ * @param sp
+ * @param bindingURI
+ * @return
+ */
+ public static String getServiceURL(SPSSODescriptorType sp, String bindingURI)
+ {
+ String serviceURL = null;
+
+ List<IndexedEndpointType> endpoints = sp.getAssertionConsumerService();
+ for (IndexedEndpointType endpoint : endpoints)
+ {
+ if (endpoint.getBinding().toString().equals(bindingURI))
+ {
+ serviceURL = endpoint.getLocation().toString();
+ break;
+ }
+
+ }
+ return serviceURL;
+ }
+
+ /**
+ * Get the IDP Type
+ * @param idpSSODescriptor
+ * @return
+ */
+ public static IDPType getIDPType(IDPSSODescriptorType idpSSODescriptor)
+ {
+ IDPType idp = new IDPType();
+
+ List<EndpointType> endpoints = idpSSODescriptor.getSingleSignOnService();
+
+ if (endpoints != null)
+ {
+ for (EndpointType endpoint : endpoints)
+ {
+ if (endpoint.getBinding().toString().equals(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()))
+ {
+ idp.setIdentityURL(endpoint.getLocation().toString());
+ break;
+ }
+ }
+ }
+
+ if (StringUtil.isNullOrEmpty(idp.getIdentityURL()))
+ {
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + "identity url");
+ }
+ return idp;
+ }
}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1098-1111,1133-1137,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1098-1111,1133-1137,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/util/StaxUtil.java:1152-1173
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/util/StringUtil.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -22,7 +22,9 @@
package org.picketlink.identity.federation.core.util;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -139,8 +141,19 @@
*/
public static List<String> tokenize(String str)
{
+ return tokenize(str, ",");
+ }
+
+ /**
+ * Given a delimited string, get the tokens as a {@link List}
+ * @param str
+ * @param delimiter the delimiter
+ * @return
+ */
+ public static List<String> tokenize(String str, String delimiter)
+ {
List<String> list = new ArrayList<String>();
- StringTokenizer tokenizer = new StringTokenizer(str, ",");
+ StringTokenizer tokenizer = new StringTokenizer(str, delimiter);
while (tokenizer.hasMoreTokens())
{
list.add(tokenizer.nextToken());
@@ -149,6 +162,24 @@
}
/**
+ * Given a string that is comma delimited and contains key-value pairs
+ * @param keyValuePairString
+ * @return
+ */
+ public static Map<String, String> tokenizeKeyValuePair(String keyValuePairString)
+ {
+ Map<String, String> map = new HashMap<String, String>();
+
+ List<String> tokens = tokenize(keyValuePairString);
+ for (String token : tokens)
+ {
+ int location = token.indexOf('=');
+ map.put(token.substring(0, location), token.substring(location + 1));
+ }
+ return map;
+ }
+
+ /**
* Given a masked password {@link String}, decode it
* @param maskedString a password string that is masked
* @param salt Salt
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -217,6 +217,8 @@
*/
protected Source handleTokenRequest(RequestSecurityToken request)
{
+ if (context == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + "WebServiceContext");
if (this.config == null)
try
{
@@ -230,6 +232,9 @@
}
WSTrustRequestHandler handler = this.config.getRequestHandler();
+ if (handler == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + "WSTrustRequestHandler");
+
String requestType = request.getRequestType().toString();
if (logger.isDebugEnabled())
logger.debug("STS received request of type " + requestType);
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/StandardRequestHandler.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -617,8 +617,10 @@
// Set the CanonicalizationMethod if any
XMLSignatureUtil.setCanonicalizationMethodType(configuration.getXMLDSigCanonicalizationMethod());
+ /*rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair, DigestMethod.SHA1,
+ signatureMethod, "#" + tokenElement.getAttribute("ID"));*/
rstrDocument = XMLSignatureUtil.sign(rstrDocument, tokenElement, keyPair, DigestMethod.SHA1,
- signatureMethod, "#" + tokenElement.getAttribute("ID"));
+ signatureMethod, "");
if (trace)
{
try
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1098-1110,1152-1173,1192-1228,1338-1348
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1173
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1098-1110,1152-1173,1192-1228,1338-1348,1362-1494
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/core/wstrust/plugins/saml:1152-1173
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web:1152-1173,1329-1348,1361-1369
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web:1152-1173,1329-1348,1361-1494
Copied: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/AbstractSAMLConfigurationProvider.java (from rev 1494, federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/AbstractSAMLConfigurationProvider.java)
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/AbstractSAMLConfigurationProvider.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/AbstractSAMLConfigurationProvider.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.config.SAMLConfigParser;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * An abstact class to hold the common functionality across providers
+ * @author Anil Saldhana
+ * @since Feb 22, 2012
+ */
+public abstract class AbstractSAMLConfigurationProvider implements SAMLConfigurationProvider
+{
+ public static final String VALIDATING_ALIAS = "ValidatingAlias";
+
+ protected IDPType configParsedIDPType = null;
+
+ protected SPType configParsedSPType = null;
+
+ public void setConfigFile(InputStream is) throws ParsingException
+ {
+ if (is == null)
+ {
+ throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT);
+ }
+
+ SAMLConfigParser parser = new SAMLConfigParser();
+ Object parsedObject = parser.parse(is);
+ if (parsedObject instanceof IDPType)
+ configParsedIDPType = (IDPType) parsedObject;
+ else
+ configParsedSPType = (SPType) parsedObject;
+ }
+
+ public abstract IDPType getIDPConfiguration() throws ProcessingException;
+
+ public abstract SPType getSPConfiguration() throws ProcessingException;
+}
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java (from rev 1494, federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java)
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/IDPMetadataConfigurationProvider.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,110 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the IDP configuration using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a idp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProvider extends AbstractSAMLConfigurationProvider
+ implements
+ SAMLConfigurationProvider
+{
+ public static final String IDP_MD_FILE = "idp-metadata.xml";
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ IDPType idpType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ IDPSSODescriptorType idpSSO = CoreConfigUtil.getIDPDescriptor(entities);
+ if (idpSSO != null)
+ {
+ idpType = CoreConfigUtil.getIDPType(idpSSO);
+ }
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+
+ if (configParsedIDPType != null)
+ {
+ idpType.importFrom(configParsedIDPType);
+ }
+
+ return idpType;
+ }
+
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), IDP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + IDP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java (from rev 1494, federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java)
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPPostMetadataConfigurationProvider.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-POST binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProvider extends AbstractSAMLConfigurationProvider
+ implements
+ SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI = JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+ if (configParsedSPType != null)
+ {
+ spType.importFrom(configParsedSPType);
+ }
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java (from rev 1494, federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java)
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java (rev 0)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/config/SPRedirectMetadataConfigurationProvider.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.web.config;
+
+import java.io.InputStream;
+
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.util.CoreConfigUtil;
+import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
+import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
+
+/**
+ * <p>
+ * An instance of {@link SAMLConfigurationProvider} that can be used to generate
+ * the SP configuration for the HTTP-Redirect binding using SAML2 Metadata.
+ * </p>
+ * <p>
+ * This provider uses the following in sequence whichever is available:
+ * <ol>
+ * <li> a sp-metadata.xml file available in its immediate class path.</li>
+ * <li> </li>
+ * </ol>
+ * </p>
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProvider extends AbstractSAMLConfigurationProvider
+ implements
+ SAMLConfigurationProvider
+{
+ public static final String SP_MD_FILE = "sp-metadata.xml";
+
+ public static final String bindingURI = JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get();
+
+ /**
+ * @see SAMLConfigurationProvider#getIDPConfiguration()
+ */
+ public IDPType getIDPConfiguration() throws ProcessingException
+ {
+ throw new RuntimeException(ErrorCodes.ILLEGAL_METHOD_CALLED);
+ }
+
+ /**
+ * @see SAMLConfigurationProvider#getSPConfiguration()
+ */
+ public SPType getSPConfiguration() throws ProcessingException
+ {
+ SPType spType = null;
+ if (fileAvailable())
+ {
+ try
+ {
+ EntitiesDescriptorType entities = parseMDFile();
+ spType = CoreConfigUtil.getSPConfiguration(entities, bindingURI);
+ }
+ catch (ParsingException e)
+ {
+ throw new ProcessingException(e);
+ }
+ }
+ if (configParsedSPType != null)
+ {
+ spType.importFrom(configParsedSPType);
+ }
+ return spType;
+ }
+
+ private boolean fileAvailable()
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+ return is != null;
+ }
+
+ private EntitiesDescriptorType parseMDFile() throws ParsingException
+ {
+ InputStream is = SecurityActions.loadStream(getClass(), SP_MD_FILE);
+
+ if (is == null)
+ throw new IllegalStateException(ErrorCodes.NULL_VALUE + SP_MD_FILE);
+
+ SAMLParser parser = new SAMLParser();
+ return (EntitiesDescriptorType) parser.parse(is);
+ }
+}
\ No newline at end of file
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -93,6 +93,8 @@
String SAML_SIG_ALG_REQUEST_KEY = "SigAlg";
String SAML_SIGNATURE_REQUEST_KEY = "Signature";
+
+ String SAML_IDP_STRICT_POST_BINDING = "SAML_IDP_STRICT_POST_BINDING";
String DECRYPTING_KEY = "DECRYPTING_KEY";
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1173,1329-1348,1361-1369
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141,1152-1173,1329-1348,1361-1494
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1173,1329-1348,1361-1369
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2:1144-1147,1152-1173,1329-1348,1361-1494
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AttributeHandler.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -91,7 +91,6 @@
}
}
- @SuppressWarnings("unchecked")
@Override
public void initHandlerConfig(SAML2HandlerConfig handlerConfig) throws ConfigurationException
{
@@ -99,9 +98,12 @@
String attribStr = (String) this.handlerConfig.getParameter(GeneralConstants.ATTIBUTE_MANAGER);
this.insantiateAttributeManager(attribStr);
- List<String> ak = (List<String>) this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
- if (ak != null)
- this.attributeKeys.addAll(ak);
+ //Get a list of attributes we are interested in
+ String attribList = (String) this.handlerConfig.getParameter(GeneralConstants.ATTRIBUTE_KEYS);
+ if (StringUtil.isNotNull(attribList))
+ {
+ this.attributeKeys.addAll(StringUtil.tokenize(attribList));
+ }
String chooseFriendlyNameStr = (String) handlerConfig
.getParameter(GeneralConstants.ATTRIBUTE_CHOOSE_FRIENDLY_NAME);
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -21,7 +21,6 @@
*/
package org.picketlink.identity.federation.web.handlers.saml2;
-import java.io.Serializable;
import java.io.StringWriter;
import java.security.Principal;
import java.security.PrivateKey;
@@ -38,6 +37,7 @@
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.SerializablePrincipal;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
@@ -597,21 +597,4 @@
return roles;
}
}
-
- private class SerializablePrincipal implements Principal, Serializable
- {
- private static final long serialVersionUID = 7701951188631723253L;
-
- private String userName;
-
- private SerializablePrincipal(String userName)
- {
- this.userName = userName;
- }
-
- public String getName()
- {
- return userName;
- }
- }
}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1144-1147,1152-1173,1295-1298,1329-1348,1361-1369
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/handlers/saml2/SAML2AuthenticationHandler.java:1144-1147,1152-1173,1295-1298,1329-1348,1361-1494
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/process/ServiceProviderSAMLResponseProcessor.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -67,6 +67,13 @@
public class ServiceProviderSAMLResponseProcessor extends ServiceProviderBaseProcessor
{
private boolean validateSignature = false;
+
+ private boolean idpPostBinding = false;
+
+ public void setIdpPostBinding(boolean idpPostBinding)
+ {
+ this.idpPostBinding = idpPostBinding;
+ }
/**
* Construct
@@ -106,24 +113,22 @@
SAMLDocumentHolder documentHolder = null;
SAML2Object samlObject = null;
- if (this.postBinding)
- {
- //we got a logout request
+ InputStream dataStream = null;
+
+ if (this.postBinding || idpPostBinding )
+ {
//deal with SAML response from IDP
- InputStream is = PostBindingUtil.base64DecodeAsStream(samlResponse);
-
- samlObject = saml2Response.getSAML2ObjectFromStream(is);
- documentHolder = saml2Response.getSamlDocumentHolder();
+ dataStream = PostBindingUtil.base64DecodeAsStream(samlResponse);
}
else
{
//deal with SAML response from IDP
- InputStream base64DecodedResponse = RedirectBindingUtil.base64DeflateDecode(samlResponse);
-
- samlObject = saml2Response.getSAML2ObjectFromStream(base64DecodedResponse);
- documentHolder = saml2Response.getSamlDocumentHolder();
+ dataStream = RedirectBindingUtil.base64DeflateDecode(samlResponse);
}
+ samlObject = saml2Response.getSAML2ObjectFromStream(dataStream);
+ documentHolder = saml2Response.getSamlDocumentHolder();
+
if (this.validateSignature)
try
{
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/servlets/IDPServlet.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -130,7 +130,22 @@
protected transient ServletContext context = null;
protected transient SAML2HandlerChain chain = null;
+
+ //Cater to SAML Web Browser SSO Profile demand that we do not reply in Redirect Binding
+ private boolean strictPostBinding = false;
+
+ public boolean isStrictPostBinding()
+ {
+ return strictPostBinding;
+ }
+
+ public void setStrictPostBinding(boolean strictPostBinding)
+ {
+ this.strictPostBinding = strictPostBinding;
+ }
+
+
/**
* If the user wants to set a particular {@link IdentityParticipantStack}
*/
@@ -163,6 +178,13 @@
throw new RuntimeException(ErrorCodes.PROCESSING_EXCEPTION, e);
}
}
+
+ String strictPostBindingStr = config.getInitParameter(GeneralConstants.SAML_IDP_STRICT_POST_BINDING);
+ if(StringUtil.isNotNull(strictPostBindingStr))
+ {
+ strictPostBinding = Boolean.parseBoolean(strictPostBindingStr);
+ }
+
context = config.getServletContext();
if (idpConfiguration == null)
@@ -572,12 +594,10 @@
if (this.signOutgoingMessages)
{
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
- /*webRequestUtil.send(samlResponse, destination,relayState, response, true,
- this.keyManager.getSigningKey(), willSendRequest);*/
}
- /*
- else
- webRequestUtil.send(samlResponse, destination, relayState, response, false,null, willSendRequest);*/
+
+ if(strictPostBinding)
+ holder.setStrictPostBinding(strictPostBinding);
webRequestUtil.send(holder);
}
catch (ParsingException e)
@@ -614,12 +634,10 @@
if (this.signOutgoingMessages)
{
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
- /*webRequestUtil.send(samlResponse, referrer, relayState, response, true,
- this.keyManager.getSigningKey(), false);*/
}
- /* else
- webRequestUtil.send(samlResponse, referrer, relayState, response, false,null, false);*/
+ if(strictPostBinding)
+ holder.setStrictPostBinding(true);
webRequestUtil.send(holder);
}
catch (ParsingException e1)
Property changes on: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1302-1320,1329-1348,1361-1369
+ /federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-bindings-jboss/src/main/java/org/picketlink/identity/federation/web/util:1159-1173,1192-1228
/federation/trunk/picketlink-fed-api/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1192-1228
/federation/trunk/picketlink-fed-model/src/main/java/org/picketlink/identity/federation/web/util:1152-1154,1159-1173
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/util:1152-1173,1302-1320,1329-1348,1361-1494
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/IDPWebRequestUtil.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -81,6 +81,7 @@
private final TrustKeyManager keyManager;
+
protected String canonicalizationMethod = CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
public IDPWebRequestUtil(HttpServletRequest request, IDPType idp, TrustKeyManager keym)
@@ -232,7 +233,7 @@
boolean sendRequest = holder.isAreWeSendingRequest();
HttpServletResponse response = holder.getServletResponse();
- if (holder.isPostBindingRequested() == false)
+ if (holder.isPostBindingRequested() == false && !holder.isStrictPostBinding())
{
byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");
@@ -432,7 +433,20 @@
private boolean postBindingRequested;
private boolean areWeSendingRequest;
+
+ //Cater to SAML Web Browser SSO Profile demand that we do not reply in Redirect Binding
+ private boolean strictPostBinding = false;
+
+ public boolean isStrictPostBinding()
+ {
+ return strictPostBinding;
+ }
+ public void setStrictPostBinding(boolean strictPostBinding)
+ {
+ this.strictPostBinding = strictPostBinding;
+ }
+
public Document getResponseDoc()
{
return responseDoc;
Modified: product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java
===================================================================
--- product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/util/ServerDetector.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -64,21 +64,26 @@
}
catch (Exception e)
{
- try
+ }
+
+ //If class is null - try the JBossAS7 and beyond
+ try
+ {
+ clazz = SecurityActions.loadClass(me, "org.jboss.as.web.WebServer");
+ if (clazz != null)
{
- clazz = SecurityActions.loadClass(me, "org.jboss.as.server.Bootstrap");
jboss = true;
return;
}
- catch (Exception ee)
- {
- }
}
+ catch (Exception e)
+ {
+ }
//Tomcat
try
{
- clazz = SecurityActions.loadClass(getClass(), "org.apache.cataline.Server");
+ clazz = SecurityActions.loadClass(getClass(), "org.apache.catalina.Server");
if (clazz != null)
{
tomcat = true;
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation:1140-1173
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/api:1140-1173
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api:1192-1228,1362-1494
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/api:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/api:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1109-1137,1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1152-1154,1159-1173,1192-1228
+ /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1109-1137,1192-1228,1362-1494
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/api/saml/v2/SAML2ResponseUnitTestCase.java:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings:1140-1173,1329-1348
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/bindings:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/bindings:1152-1154,1159-1173,1192-1228
+ /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings:1140-1173,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss:1362-1494
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/bindings:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/bindings:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/bindings:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1140-1173,1307-1318,1321-1325,1329-1348
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1152-1154,1159-1173,1192-1228
+ /federation/trunk/picketlink-bindings/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1140-1173,1307-1318,1321-1325,1329-1348,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/java/org/picketlink/test/identity/federation/bindings/jboss/workflow:1362-1494
/federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1152-1154,1159-1173,1192-1228
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/bindings/workflow:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/core/parser/saml:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml:1098-1110,1152-1154,1159-1173,1192-1228,1327-1328
+ /federation/trunk/picketlink-fed-api/src/test/java/org/picketlink/test/identity/federation/core/parser/saml:1192-1228
/federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/parser/saml:1098-1110,1152-1154,1159-1173,1192-1228,1327-1328
/federation/trunk/picketlink-web/src/test/java/org/picketlink/test/identity/federation/core/parser/saml:1362-1494
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/integration/IdentityServerUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/integration/IdentityServerUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/integration/IdentityServerUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.integration;
+
+import javax.servlet.http.HttpSessionEvent;
+
+import junit.framework.TestCase;
+
+import org.picketlink.identity.federation.web.core.IdentityServer;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+
+/**
+ * Unit test the Identity Server
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 27, 2009
+ */
+public class IdentityServerUnitTestCase extends TestCase
+{
+ public void testActiveSessionCount()
+ {
+ IdentityServer server = new IdentityServer();
+ assertEquals(0,server.getActiveSessionCount());
+
+ MockHttpSession session = new MockHttpSession();
+ session.setServletContext(new MockServletContext());
+ HttpSessionEvent event = new HttpSessionEvent(session);
+ server.sessionCreated(event);
+ assertEquals(1,server.getActiveSessionCount());
+
+ server.sessionDestroyed(event);
+ assertEquals(0,server.getActiveSessionCount());
+ //6 sessions created and 1 destroyed
+ server.sessionCreated(event);
+ server.sessionCreated(event);
+ server.sessionCreated(event);
+ server.sessionCreated(event);
+ server.sessionCreated(event);
+ server.sessionCreated(event);
+
+ server.sessionDestroyed(event);
+ assertEquals(5,server.getActiveSessionCount());
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockContextClassLoader.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,82 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.io.InputStream;
+import java.net.URL;
+import java.net.URLClassLoader;
+
+/**
+ * Mock TCL
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+public class MockContextClassLoader extends URLClassLoader
+{
+ private String profile;
+
+ private ClassLoader delegate;
+
+ public MockContextClassLoader(URL[] urls)
+ {
+ super(urls);
+ }
+
+ public void setDelegate(ClassLoader tcl)
+ {
+ this.delegate = tcl;
+ }
+
+ public void setProfile(String profile)
+ {
+ this.profile = profile;
+ }
+
+ @Override
+ public InputStream getResourceAsStream(String name)
+ {
+ if (profile == null)
+ throw new RuntimeException("null profile");
+ InputStream is = super.getResourceAsStream(name);
+ if (is == null)
+ is = delegate.getResourceAsStream(profile + "/" + name);
+ return is;
+ }
+
+ @Override
+ public URL getResource(String name)
+ {
+ if (profile == null)
+ throw new RuntimeException("null profile");
+ URL url = null;
+ try
+ {
+ url = super.getResource(profile + "/" + name);
+ }
+ catch (Exception e)
+ {
+ }
+ if (url == null)
+ url = delegate.getResource(profile + "/" + name);
+ return url;
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterChain.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterChain.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterChain.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+/**
+ * Mock Filter Chain
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 8, 2009
+ */
+public class MockFilterChain implements FilterChain
+{
+ public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException
+ {
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockFilterConfig.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+
+/**
+ * Mock Filter Config
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 8, 2009
+ */
+public class MockFilterConfig implements FilterConfig
+{
+ private Map<String,String> params = new HashMap<String,String>();
+ private ServletContext context = null;
+
+ public MockFilterConfig(ServletContext ctx)
+ {
+ this.context = ctx;
+ }
+
+ public void addInitParameter(String key, String val)
+ {
+ params.put(key, val);
+ }
+
+ public String getFilterName()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getInitParameter(String arg0)
+ {
+ return params.get(arg0);
+ }
+
+ @SuppressWarnings("rawtypes")
+ public Enumeration getInitParameterNames()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public ServletContext getServletContext()
+ {
+ return context;
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletRequest.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,393 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+/**
+ * Mock Http Servlet Request
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+ at SuppressWarnings({ "unchecked", "rawtypes"})
+public class MockHttpServletRequest implements HttpServletRequest
+{
+ private HttpSession session = null;
+ protected Map headers = new HashMap();
+ protected Map parameters = new HashMap();
+ protected Map attribs = new HashMap();
+
+ private String methodType;
+
+ public MockHttpServletRequest(HttpSession session, String methodType)
+ {
+ this.session = session;
+ this.methodType = methodType;
+ }
+
+ public void addHeader(String key, String value)
+ {
+ headers.put(key, value);
+ }
+
+ public void addParameter(String key, String value)
+ {
+ parameters.put(key, value);
+ }
+
+ public String getAuthType()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getContextPath()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public Cookie[] getCookies()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public long getDateHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getHeader(String arg0)
+ {
+ return (String) headers.get(arg0);
+ }
+
+ public Enumeration getHeaderNames()
+ {
+ return new Enumeration()
+ {
+ private Iterator iter = headers.entrySet().iterator();
+
+ public boolean hasMoreElements()
+ {
+ return iter.hasNext();
+ }
+ public Object nextElement()
+ {
+ Entry<String,String> entry = (Entry<String, String>) iter.next();
+ return entry.getValue();
+ }
+ };
+ }
+
+ public Enumeration getHeaders(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public int getIntHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getMethod()
+ {
+ return this.methodType;
+ }
+
+ public String getPathInfo()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getPathTranslated()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getQueryString()
+ {
+ if("POST".equalsIgnoreCase(this.methodType))
+ return null;
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRemoteUser()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRequestURI()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public StringBuffer getRequestURL()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRequestedSessionId()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getServletPath()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public HttpSession getSession()
+ {
+ return session;
+ }
+
+ public HttpSession getSession(boolean arg0)
+ {
+ return getSession();
+ }
+
+ public Principal getUserPrincipal()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public boolean isRequestedSessionIdFromCookie()
+ {
+
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromURL()
+ {
+
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromUrl()
+ {
+
+ return false;
+ }
+
+ public boolean isRequestedSessionIdValid()
+ {
+
+ return false;
+ }
+
+ public boolean isUserInRole(String arg0)
+ {
+
+ return false;
+ }
+
+ public Object getAttribute(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public Enumeration getAttributeNames()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getCharacterEncoding()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public int getContentLength()
+ {
+
+ return 0;
+ }
+
+ public String getContentType()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public ServletInputStream getInputStream() throws IOException
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getLocalAddr()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getLocalName()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public int getLocalPort()
+ {
+
+ return 0;
+ }
+
+ public Locale getLocale()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public Enumeration getLocales()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getParameter(String arg0)
+ {
+ return (String) this.parameters.get(arg0);
+ }
+
+ public Map getParameterMap()
+ {
+ return this.parameters;
+ }
+
+ public Enumeration getParameterNames()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String[] getParameterValues(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getProtocol()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public BufferedReader getReader() throws IOException
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRealPath(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRemoteAddr()
+ {
+ return (String) headers.get("Referer");
+ }
+
+ public String getRemoteHost()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public int getRemotePort()
+ {
+
+ return 0;
+ }
+
+ public RequestDispatcher getRequestDispatcher(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getScheme()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getServerName()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public int getServerPort()
+ {
+
+ return 0;
+ }
+
+ public boolean isSecure()
+ {
+
+ return false;
+ }
+
+ public void removeAttribute(String arg0)
+ {
+ }
+
+ public void setAttribute(String arg0, Object arg1)
+ {
+ this.attribs.put(arg0, arg1);
+ }
+
+ public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException
+ {
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletResponse.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletResponse.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpServletResponse.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,246 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.PrintWriter;
+import java.util.Locale;
+
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Mock Servlet Response
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+public class MockHttpServletResponse implements HttpServletResponse
+{
+ private PrintWriter printWriter;
+
+ public void setOutputStream(final OutputStream os)
+ {
+ this.outputStream = new ServletOutputStream()
+ {
+ @Override
+ public void write(int b) throws IOException
+ {
+ os.write(b);
+ }
+ };
+ }
+
+ public void setWriter(PrintWriter pw)
+ {
+ this.printWriter = pw;
+ }
+
+ private int errorCode;
+ private ServletOutputStream outputStream;
+
+ public void addCookie(Cookie arg0)
+ {
+ }
+
+ public void addDateHeader(String arg0, long arg1)
+ {
+ }
+
+ public void addHeader(String arg0, String arg1)
+ {
+ }
+
+ public void addIntHeader(String arg0, int arg1)
+ {
+ }
+
+ public boolean containsHeader(String arg0)
+ {
+ return false;
+ }
+
+ public String encodeRedirectURL(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String encodeRedirectUrl(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String encodeURL(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String encodeUrl(String arg0)
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public int getError()
+ {
+ return this.errorCode;
+ }
+
+ public void sendError(int arg0) throws IOException
+ {
+ this.errorCode = arg0;
+ }
+
+ public void sendError(int arg0, String arg1) throws IOException
+ {
+ sendError(arg0);
+ }
+
+ public void sendRedirect(String arg0) throws IOException
+ {
+
+
+ }
+
+ public void setDateHeader(String arg0, long arg1)
+ {
+
+
+ }
+
+ public void setHeader(String arg0, String arg1)
+ {
+
+
+ }
+
+ public void setIntHeader(String arg0, int arg1)
+ {
+
+
+ }
+
+ public void setStatus(int arg0)
+ {
+
+
+ }
+
+ public void setStatus(int arg0, String arg1)
+ {
+
+
+ }
+
+ public void flushBuffer() throws IOException
+ {
+
+
+ }
+
+ public int getBufferSize()
+ {
+
+ return 0;
+ }
+
+ public String getCharacterEncoding()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public String getContentType()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public Locale getLocale()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public ServletOutputStream getOutputStream() throws IOException
+ {
+ return this.outputStream;
+ }
+
+ public PrintWriter getWriter() throws IOException
+ {
+ return this.printWriter;
+ }
+
+ public boolean isCommitted()
+ {
+
+ return false;
+ }
+
+ public void reset()
+ {
+
+
+ }
+
+ public void resetBuffer()
+ {
+
+
+ }
+
+ public void setBufferSize(int arg0)
+ {
+
+
+ }
+
+ public void setCharacterEncoding(String arg0)
+ {
+
+
+ }
+
+ public void setContentLength(int arg0)
+ {
+
+
+ }
+
+ public void setContentType(String arg0)
+ {
+
+
+ }
+
+ public void setLocale(Locale arg0)
+ {
+
+
+ }
+
+}
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockHttpSession.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,170 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.UUID;
+import java.util.Map.Entry;
+
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionContext;
+
+/**
+ * Mock HttpSession
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+ at SuppressWarnings({"deprecation", "unchecked", "rawtypes"})
+public class MockHttpSession implements HttpSession
+{
+ private boolean valid = true;
+
+ private Map<String,Object> attribs = new HashMap<String,Object>();
+
+ private String id = UUID.randomUUID().toString();
+
+ private ServletContext context;
+
+ public boolean isInvalidated()
+ {
+ return valid == false;
+ }
+
+ public Object getAttribute(String arg0)
+ {
+ return attribs.get(arg0);
+ }
+
+ public Enumeration getAttributeNames()
+ {
+ return new Enumeration()
+ {
+ private Iterator iter = attribs.entrySet().iterator();
+
+ public boolean hasMoreElements()
+ {
+ return iter.hasNext();
+ }
+
+ public Object nextElement()
+ {
+ Entry<String,Object> entry = (Entry<String, Object>) iter.next();
+ return entry.getValue();
+ }
+ };
+ }
+
+ public long getCreationTime()
+ {
+ return 0;
+ }
+
+ public String getId()
+ {
+ return id;
+ }
+
+ public long getLastAccessedTime()
+ {
+ return 0;
+ }
+
+ public int getMaxInactiveInterval()
+ {
+ return 0;
+ }
+
+ public void setServletContext(ServletContext servletContext)
+ {
+ this.context = servletContext;
+ }
+
+ public ServletContext getServletContext()
+ {
+ return this.context;
+ }
+
+ public HttpSessionContext getSessionContext()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+ public Object getValue(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String[] getValueNames()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public void invalidate()
+ {
+ this.valid = false;
+ }
+
+ public boolean isNew()
+ {
+ if(this.valid == false)
+ throw new IllegalStateException("Session already invalidated");
+
+ return false;
+ }
+
+ public void putValue(String arg0, Object arg1)
+ {
+ if(this.valid == false)
+ throw new IllegalStateException("Session already invalidated");
+ }
+
+ public void removeAttribute(String arg0)
+ {
+ if(this.valid == false)
+ throw new IllegalStateException("Session already invalidated");
+
+ this.attribs.remove(arg0);
+ }
+
+ public void removeValue(String arg0)
+ {
+ if(this.valid == false)
+ throw new IllegalStateException("Session already invalidated");
+ }
+
+ public void setAttribute(String arg0, Object arg1)
+ {
+ if(this.valid == false)
+ throw new IllegalStateException("Session already invalidated");
+
+ this.attribs.put(arg0, arg1);
+ }
+
+ public void setMaxInactiveInterval(int arg0)
+ {
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletConfig.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
+
+/**
+ * Mock Servlet Config
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+ at SuppressWarnings({"unchecked", "rawtypes"})
+public class MockServletConfig implements ServletConfig
+{
+ private ServletContext context;
+
+ private Map<String,String> params = new HashMap<String,String>();
+
+ public MockServletConfig(ServletContext context)
+ {
+ this.context = context;
+ }
+
+ public void addInitParameter(String key, String value)
+ {
+ params.put(key, value);
+ }
+
+ public String getInitParameter(String arg0)
+ {
+ return params.get(arg0);
+ }
+
+ public Enumeration getInitParameterNames()
+ {
+ return new Enumeration()
+ {
+ private Iterator iter = params.entrySet().iterator();
+
+ public boolean hasMoreElements()
+ {
+ return iter.hasNext();
+ }
+
+ public Object nextElement()
+ {
+ Entry<String,String> entry = (Entry<String, String>) iter.next();
+ return entry.getValue();
+ }
+ };
+ }
+
+ public ServletContext getServletContext()
+ {
+ return this.context;
+ }
+
+ public String getServletName()
+ {
+
+ throw new RuntimeException("NYI");
+ }
+
+}
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/mock/MockServletContext.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,212 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.mock;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+import java.util.Map.Entry;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.Servlet;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+/**
+ * Mock Servlet Context
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+ at SuppressWarnings({ "unchecked", "rawtypes"})
+public class MockServletContext implements ServletContext
+{
+ private Map params = new HashMap();
+ private Map attribs = new HashMap();
+
+ public Object getAttribute(String arg0)
+ {
+ return attribs.get(arg0);
+ }
+
+ public Enumeration getAttributeNames()
+ {
+ return new Enumeration()
+ {
+ private Iterator iter = attribs.entrySet().iterator();
+
+ public boolean hasMoreElements()
+ {
+ return iter.hasNext();
+ }
+
+ public Object nextElement()
+ {
+ Entry<String,Object> entry = (Entry<String, Object>) iter.next();
+ return entry.getValue();
+ }
+ };
+ }
+
+ public ServletContext getContext(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getContextPath()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getInitParameter(String arg0)
+ {
+ return (String) params.get(arg0);
+ }
+
+ public Enumeration getInitParameterNames()
+ {
+ return new Enumeration()
+ {
+ private Iterator iter = params.entrySet().iterator();
+
+ public boolean hasMoreElements()
+ {
+ return iter.hasNext();
+ }
+
+ public Object nextElement()
+ {
+ Entry<String,Object> entry = (Entry<String, Object>) iter.next();
+ return entry.getKey();
+ }
+ };
+ }
+
+ public int getMajorVersion()
+ {
+ return 0;
+ }
+
+ public String getMimeType(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public int getMinorVersion()
+ {
+ return 0;
+ }
+
+ public RequestDispatcher getNamedDispatcher(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getRealPath(String arg0)
+ {
+ return null;
+ }
+
+ public RequestDispatcher getRequestDispatcher(String arg0)
+ {
+ return new RequestDispatcher()
+ {
+
+ public void include(ServletRequest arg0, ServletResponse arg1) throws ServletException, IOException
+ {
+ }
+
+ public void forward(ServletRequest arg0, ServletResponse arg1) throws ServletException, IOException
+ {
+ }
+ };
+ }
+
+ public URL getResource(String arg0) throws MalformedURLException
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public InputStream getResourceAsStream(String arg0)
+ {
+ return Thread.currentThread().getContextClassLoader().getResourceAsStream(arg0);
+ }
+
+ public Set getResourcePaths(String arg0)
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getServerInfo()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public Servlet getServlet(String arg0) throws ServletException
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public String getServletContextName()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public Enumeration getServletNames()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public Enumeration getServlets()
+ {
+ throw new RuntimeException("NYI");
+ }
+
+ public void log(String arg0)
+ {
+ }
+
+ public void log(Exception arg0, String arg1)
+ {
+ }
+
+ public void log(String arg0, Throwable arg1)
+ {
+ }
+
+ public void removeAttribute(String arg0)
+ {
+ this.attribs.remove(arg0);
+ }
+
+ public void setAttribute(String arg0, Object arg1)
+ {
+ this.attribs.put(arg0, arg1);
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/IDPMetadataConfigurationProviderUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.TrustType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.IDPMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link IDPMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class IDPMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testIDPType() throws ProcessingException
+ {
+ IDPMetadataConfigurationProvider provider = new IDPMetadataConfigurationProvider();
+ IDPType idp = provider.getIDPConfiguration();
+ assertNotNull(idp);
+ assertEquals("https://idp.testshib.org/idp/profile/SAML2/POST/SSO", idp.getIdentityURL());
+ }
+
+ @Test
+ public void testIDPTypeWithConfig() throws Exception
+ {
+ IDPMetadataConfigurationProvider provider = new IDPMetadataConfigurationProvider();
+ InputStream is = Thread.currentThread().getContextClassLoader()
+ .getResourceAsStream("saml2/logout/idp/WEB-INF/picketlink-idfed.xml");
+ assertNotNull(is);
+ provider.setConfigFile(is);
+
+ IDPType idp = provider.getIDPConfiguration();
+ assertNotNull(idp);
+ assertEquals("https://idp.testshib.org/idp/profile/SAML2/POST/SSO", idp.getIdentityURL());
+
+ TrustType trust = idp.getTrust();
+ assertNotNull(trust);
+ assertEquals("localhost,jboss.com,jboss.org", trust.getDomains());
+
+ assertEquals("org.picketlink.identity.federation.core.impl.EmptyAttributeManager", idp.getAttributeManager());
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPPostMetadataConfigurationProviderUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,64 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.SPPostMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPPostMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPPostMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPPostMetadataConfigurationProvider provider = new SPPostMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://sp.testshib.org/Shibboleth.sso/SAML2/POST", sp.getServiceURL());
+ }
+
+ @Test
+ public void testSPTypeWithConfig() throws Exception
+ {
+ SPPostMetadataConfigurationProvider provider = new SPPostMetadataConfigurationProvider();
+ InputStream is = Thread.currentThread().getContextClassLoader()
+ .getResourceAsStream("saml2/logout/sp/sales/WEB-INF/picketlink-idfed.xml");
+ assertNotNull(is);
+ provider.setConfigFile(is);
+
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://sp.testshib.org/Shibboleth.sso/SAML2/POST", sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/config/SPRedirectMetadataConfigurationProviderUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.web.config.SPRedirectMetadataConfigurationProvider;
+
+/**
+ * Unit test the {@link SPRedirectMetadataConfigurationProvider}
+ * @author Anil Saldhana
+ * @since Feb 15, 2012
+ */
+public class SPRedirectMetadataConfigurationProviderUnitTestCase
+{
+ @Test
+ public void testSPType() throws ProcessingException
+ {
+ SPRedirectMetadataConfigurationProvider provider = new SPRedirectMetadataConfigurationProvider();
+ SPType sp = provider.getSPConfiguration();
+ assertNotNull(sp);
+ assertEquals("https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT", sp.getServiceURL());
+ }
+
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AttributeHandlerUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,188 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.handlers;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.interfaces.AttributeManager;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.util.StatementUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+
+/**
+ * Unit test the {@code SAML2AttributeHandler}
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2AttributeHandlerUnitTestCase
+{
+ private static String name = "anil";
+
+ private static String email = "anil at test";
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void testAttributes() throws Exception
+ {
+ SAML2AttributeHandler handler = new SAML2AttributeHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ IDPType idpType = new IDPType();
+ idpType.setAttributeManager(TestAttributeManager.class.getName());
+ chainOptions.put(GeneralConstants.CONFIGURATION, idpType);
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAML2Object saml2Object = new SAML2Object()
+ {
+ };
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.IDP);
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return name;
+ }
+ });
+ handler.handleRequestType(request, response);
+
+ Map<String, Object> attribs = (Map<String, Object>) session.getAttribute(GeneralConstants.ATTRIBUTES);
+ assertNotNull("Attributes are not null", attribs);
+ assertEquals(email, attribs.get(X500SAMLProfileConstants.EMAIL.getFriendlyName()));
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void testAttribsOnSP() throws Exception
+ {
+ SAML2AttributeHandler handler = new SAML2AttributeHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ SPType spType = new SPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAML2Object saml2Object = new SAML2Object()
+ {
+ };
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.IDP);
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ AssertionType assertion = new AssertionType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
+
+ Map<String, Object> myattr = new HashMap<String, Object>();
+ myattr.put("testKey", "hello");
+ AttributeStatementType attState = StatementUtil.createAttributeStatement(myattr);
+ assertion.addStatement(attState);
+
+ request.addOption(GeneralConstants.ASSERTION, assertion);
+ handler.handleStatusResponseType(request, response);
+
+ Map<String, List<Object>> sessionMap = (Map<String, List<Object>>) session
+ .getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP);
+ assertNotNull(sessionMap);
+ List<Object> values = sessionMap.get("testKey");
+ assertEquals("hello", values.get(0));
+ }
+
+ public static class TestAttributeManager implements AttributeManager
+ {
+ public Map<String, Object> getAttributes(Principal userPrincipal, List<String> attributeKeys)
+ {
+ Map<String, Object> attribs = new HashMap<String, Object>();
+
+ if (name.equals(userPrincipal.getName()))
+ {
+ attribs.put(X500SAMLProfileConstants.EMAIL.getFriendlyName(), email);
+ }
+ return attribs;
+ }
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2AuthenticationHandlerUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,211 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.handlers;
+
+import static org.junit.Assert.assertEquals;
+
+import java.security.KeyPair;
+import java.security.Principal;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import javax.xml.namespace.QName;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.KeyStoreUtil;
+import org.picketlink.identity.federation.core.util.XMLEncryptionUtil;
+import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
+import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
+import org.picketlink.identity.federation.saml.v2.assertion.SubjectType.STSubType;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.NameIDPolicyType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+
+/**
+ * Unit test the {@link SAML2AuthenticationHandler}
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 17, 2011
+ */
+public class SAML2AuthenticationHandlerUnitTestCase
+{
+ @Test
+ public void handleNameIDCustomization() throws Exception
+ {
+ SAML2AuthenticationHandler handler = new SAML2AuthenticationHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+ handlerConfig.addParameter(GeneralConstants.NAMEID_FORMAT, JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ SPType spType = new SPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+ chainOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAML2Object saml2Object = new SAML2Object()
+ {
+ };
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.SP);
+ request.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
+
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+ handler.generateSAMLRequest(request, response);
+
+ Document samlReq = response.getResultingDocument();
+ SAMLParser parser = new SAMLParser();
+ AuthnRequestType authnRequest = (AuthnRequestType) parser.parse(DocumentUtil.getNodeAsStream(samlReq));
+ NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy();
+ assertEquals(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get(), nameIDPolicy.getFormat().toString());
+ }
+
+ @Ignore
+ @Test
+ public void handleEncryptedAssertion() throws Exception
+ {
+ SAML2AuthenticationHandler handler = new SAML2AuthenticationHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ SPType spType = new SPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+ chainOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAML2Object saml2Object = new SAML2Object()
+ {
+ };
+
+ KeyPair keypair = KeyStoreUtil.generateKeyPair("RSA");
+
+ SAML2Response saml2Response = new SAML2Response();
+ IssuerInfoHolder issuerInfoholder = new IssuerInfoHolder("testIssuer");
+
+ AssertionType assertion = AssertionUtil.createAssertion(IDGenerator.create("ID_"), new NameIDType());
+ SubjectType assertionSubject = new SubjectType();
+ STSubType subType = new STSubType();
+ NameIDType anil = new NameIDType();
+ anil.setValue("anil");
+ subType.addBaseID(anil);
+ assertionSubject.setSubType(subType);
+ assertion.setSubject(assertionSubject);
+
+ ResponseType responseType = saml2Response.createResponseType(IDGenerator.create("ID_"), issuerInfoholder,
+ assertion);
+
+ String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
+
+ QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
+ Document responseDoc = saml2Response.convert(responseType);
+
+ byte[] secret = WSTrustUtil.createRandomSecret(128 / 8);
+ SecretKey secretKey = new SecretKeySpec(secret, "AES");
+
+ PublicKey publicKey = keypair.getPublic();
+ XMLEncryptionUtil.encryptElement(new QName(assertionNS, "Assertion", "saml"), responseDoc, publicKey, secretKey,
+ 128, assertionQName, true);
+
+ SAMLParser parser = new SAMLParser();
+ saml2Object = (SAML2Object) parser.parse(DocumentUtil.getNodeAsStream(responseDoc));
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(saml2Object, null);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.SP);
+ request.addOption(GeneralConstants.DECRYPTING_KEY, keypair.getPrivate());
+
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return "Hi";
+ }
+ });
+
+ handler.handleStatusResponseType(request, response);
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2InResponseToVerificationHandlerUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,304 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.picketlink.test.identity.federation.web.saml.handlers;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpSession;
+
+import junit.framework.TestCase;
+
+import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.core.ErrorCodes;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.config.SPType;
+import org.picketlink.identity.federation.core.exceptions.ProcessingException;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.core.IdentityServer;
+import org.picketlink.identity.federation.web.handlers.saml2.BaseSAML2Handler;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2InResponseToVerificationHandler;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+
+/**
+ * Unit test the {@link org.picketlink.identity.federation.web.handlers.saml2.SAML2InResponseToVerificationHandler}
+ *
+ * @author <a href="mailto:mposolda at redhat.com">Marek Posolda</a>
+ */
+public class SAML2InResponseToVerificationHandlerUnitTestCase extends TestCase
+{
+
+ public void testResponseIdVerification() throws Exception
+ {
+ // 1) CONFIGURATION AND INITIALIZATION OF TEST
+
+ // Create handlers
+ SAML2AuthenticationHandler authenticationHandler = new SAML2AuthenticationHandler();
+ SAML2InResponseToVerificationHandler verificationHandler = new SAML2InResponseToVerificationHandler();
+
+ // Create configuration for handlers
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+ handlerConfig.addParameter(GeneralConstants.NAMEID_FORMAT, JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());
+ handlerConfig.addParameter(SAML2Handler.DISABLE_SENDING_ROLES, "true");
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ SPType spType = new SPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, spType);
+ chainOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+ chainConfig.set(chainOptions);
+
+ // Initialize the handlers
+ authenticationHandler.initChainConfig(chainConfig);
+ authenticationHandler.initHandlerConfig(handlerConfig);
+ verificationHandler.initChainConfig(chainConfig);
+ verificationHandler.initHandlerConfig(handlerConfig);
+
+ // Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ // Create handler request and response
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/sales/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), null,
+ SAML2Handler.HANDLER_TYPE.SP);
+ request.setTypeOfRequestToBeGenerated(SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH);
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ // 2) GENERATE SAML AUTHENTICATION REQUEST
+
+ // Generate SAML AuthnRequest with handlers
+ authenticationHandler.generateSAMLRequest(request, response);
+ verificationHandler.generateSAMLRequest(request, response);
+
+ // Parse document and verify that ID is saved in Http session
+ Document samlReqDoc = response.getResultingDocument();
+ SAMLParser parser = new SAMLParser();
+ AuthnRequestType authnRequest = (AuthnRequestType) parser.parse(DocumentUtil.getNodeAsStream(samlReqDoc));
+ assertEquals(authnRequest.getID(), servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID));
+
+ // 3) SEND SAML AUTHENTICATION REQUEST TO IDP
+
+ // Generate request and response for IDP
+ SAML2HandlerResponse handlerResponseFromIdp = sendRequestToIdp(authnRequest, samlReqDoc, httpContext,
+ handlerConfig);
+
+ // Parse SAML response from IDP
+ Document doc2response = handlerResponseFromIdp.getResultingDocument();
+ assertNotNull(doc2response);
+ String responseString = DocumentUtil.asString(doc2response);
+
+ // 4) PROCESS SAML RESPONSE FROM IDP. VERIFICATION OF InResponseId SHOULD BE SUCCESSFUL
+
+ HandlerContext handlerContext = getHandlerRequestAndResponse(httpContext, issuerInfo, responseString);
+
+ // Assert that ID from session is not null
+ String inResponseIdFromSession = (String) servletRequest.getSession().getAttribute(
+ GeneralConstants.AUTH_REQUEST_ID);
+ assertNotNull(inResponseIdFromSession);
+
+ // Handle response from IDP
+ authenticationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response);
+ verificationHandler.handleStatusResponseType(handlerContext.request, handlerContext.response);
+
+ // Verify that Id is not in session anymore. Becaue it was removed by SAML2ResponseIdVerificationHandler
+ assertNull(servletRequest.getSession().getAttribute(GeneralConstants.AUTH_REQUEST_ID));
+
+ // 5) CHANGE InResponseId IN SAML RESPONSE. VALIDATION MUST FAIL NOW.
+
+ // Change InResponseId
+ String responseStringChangedId = responseString.replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"",
+ "InResponseTo=\"ID_101dcb5e-f432-4f45-87cb-47daff92edef\"");
+ HandlerContext handlerContextChangedId = getHandlerRequestAndResponse(httpContext, issuerInfo,
+ responseStringChangedId);
+
+ // Set Id to session again as it was removed in previous processing
+ servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession);
+
+ // Handle response with changed Id. This time it should fail
+ try
+ {
+ authenticationHandler.handleStatusResponseType(handlerContextChangedId.request,
+ handlerContextChangedId.response);
+ verificationHandler
+ .handleStatusResponseType(handlerContextChangedId.request, handlerContextChangedId.response);
+
+ fail("Verification of InResponseTo should fail.");
+ }
+ catch (ProcessingException pe)
+ {
+ assertEquals(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED, pe.getMessage());
+ }
+
+ // 6) REMOVE InResponseId FROM SAML RESPONSE. VALIDATION MUST FAIL NOW.
+
+ // Remove inResponseId
+ String responseStringRemovedId = responseString
+ .replaceAll("InResponseTo=\"" + inResponseIdFromSession + "\"", "");
+ HandlerContext handlerContextRemovedId = getHandlerRequestAndResponse(httpContext, issuerInfo,
+ responseStringRemovedId);
+
+ // Set Id to session again as it was removed in previous processing
+ servletRequest.getSession().setAttribute(GeneralConstants.AUTH_REQUEST_ID, inResponseIdFromSession);
+
+ // Now handle again response from IDP. This time it should also fail as InResponseTo is null
+ try
+ {
+ authenticationHandler.handleStatusResponseType(handlerContextRemovedId.request,
+ handlerContextRemovedId.response);
+ verificationHandler
+ .handleStatusResponseType(handlerContextRemovedId.request, handlerContextRemovedId.response);
+
+ fail("Verification of InResponseTo should fail.");
+ }
+ catch (ProcessingException pe)
+ {
+ assertEquals(ErrorCodes.AUTHN_REQUEST_ID_VERIFICATION_FAILED, pe.getMessage());
+ }
+ }
+
+ /**
+ * Sending SAML Request to IDP and receiving SAML response.
+ *
+ * @param authnRequest Generated SAML Request object
+ * @param samlReqDoc Document for generated SAML Request object
+ * @param httpContext httpContext
+ * @param handlerConfig handlerConfig
+ * @return SAML2HandlerResponse after receiving response from IDP
+ * @throws Exception
+ */
+ private SAML2HandlerResponse sendRequestToIdp(AuthnRequestType authnRequest, Document samlReqDoc,
+ HTTPContext httpContext, SAML2HandlerConfig handlerConfig) throws Exception
+ {
+ // Generate handler request and handler response for IDP
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(authnRequest, samlReqDoc);
+ SAML2HandlerRequest idpHandlerRequest = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(),
+ docHolder, SAML2Handler.HANDLER_TYPE.IDP);
+ idpHandlerRequest.addOption(GeneralConstants.ASSERTIONS_VALIDITY, 10000l);
+ SAML2HandlerResponse idpHandlerResponse = new DefaultSAML2HandlerResponse();
+
+ // Create chainConfig for IDP
+ Map<String, Object> chainOptionsIdp = new HashMap<String, Object>();
+ IDPType idpType = new IDPType();
+ chainOptionsIdp.put(GeneralConstants.CONFIGURATION, idpType);
+ chainOptionsIdp.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "true");
+ SAML2HandlerChainConfig chainConfigIdp = new DefaultSAML2HandlerChainConfig(chainOptionsIdp);
+
+ // Create and init handlers for IDP
+ SAML2AuthenticationHandler authenticationHandlerIdp = new SAML2AuthenticationHandler();
+ SAML2InResponseToVerificationHandler verificationHandlerIdp = new SAML2InResponseToVerificationHandler();
+ authenticationHandlerIdp.initChainConfig(chainConfigIdp);
+ authenticationHandlerIdp.initHandlerConfig(handlerConfig);
+ verificationHandlerIdp.initChainConfig(chainConfigIdp);
+ verificationHandlerIdp.initHandlerConfig(handlerConfig);
+
+ HttpSession session = BaseSAML2Handler.getHttpSession(idpHandlerRequest);
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return "testPrincipal";
+ }
+ });
+
+ // Init Picketlink Core STS
+ PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
+ sts.installDefaultConfiguration();
+
+ // Init identityServer
+ IdentityServer identityServer = new IdentityServer();
+ httpContext.getServletContext().setAttribute(GeneralConstants.IDENTITY_SERVER, identityServer);
+
+ // Handle request by IDP
+ authenticationHandlerIdp.handleRequestType(idpHandlerRequest, idpHandlerResponse);
+ verificationHandlerIdp.handleRequestType(idpHandlerRequest, idpHandlerResponse);
+
+ return idpHandlerResponse;
+ }
+
+ private ResponseType getResponseTypeFromString(String responseString) throws Exception
+ {
+ InputStream is = new ByteArrayInputStream(responseString.getBytes());
+ SAML2Response saml2Response = new SAML2Response();
+ return saml2Response.getResponseType(is);
+ }
+
+ private HandlerContext getHandlerRequestAndResponse(HTTPContext httpContext, IssuerInfoHolder issuerInfo,
+ String responseString) throws Exception
+ {
+ ResponseType responseType = getResponseTypeFromString(responseString);
+ SAML2Response saml2Response = new SAML2Response();
+ Document doc = saml2Response.convert(responseType);
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(responseType, doc);
+
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.SP);
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+ return new HandlerContext(request, response);
+ }
+
+ private class HandlerContext
+ {
+ private final SAML2HandlerRequest request;
+
+ private final SAML2HandlerResponse response;
+
+ private HandlerContext(SAML2HandlerRequest request, SAML2HandlerResponse response)
+ {
+ this.request = request;
+ this.response = response;
+ }
+ }
+
+}
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/saml/handlers/SAML2SignatureHandlerUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,132 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.saml.handlers;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.util.HashMap;
+import java.util.Map;
+
+import junit.framework.TestCase;
+
+import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
+import org.picketlink.identity.federation.core.config.IDPType;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
+import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.impl.DefaultSAML2HandlerResponse;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChainConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerConfig;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest.GENERATE_REQUEST_TYPE;
+import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.HTTPContext;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler;
+import org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureValidationHandler;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+
+/**
+ * Unit test the {@code SAML2SignatureHandler}
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 12, 2009
+ */
+public class SAML2SignatureHandlerUnitTestCase extends TestCase
+{
+ public void testSignatures() throws Exception
+ {
+ SAML2Request saml2Request = new SAML2Request();
+ String id = IDGenerator.create("ID_");
+ String assertionConsumerURL = "http://sp";
+ String destination = "http://idp";
+ String issuerValue = "http://sp";
+ AuthnRequestType authnRequest = saml2Request.createAuthnRequestType(id, assertionConsumerURL, destination,
+ issuerValue);
+
+ Document authDoc = saml2Request.convert(authnRequest);
+
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ KeyPair keypair = kpg.genKeyPair();
+
+ SAML2SignatureGenerationHandler handler = new SAML2SignatureGenerationHandler();
+
+ SAML2HandlerChainConfig chainConfig = new DefaultSAML2HandlerChainConfig();
+ SAML2HandlerConfig handlerConfig = new DefaultSAML2HandlerConfig();
+
+ Map<String, Object> chainOptions = new HashMap<String, Object>();
+ IDPType idpType = new IDPType();
+ chainOptions.put(GeneralConstants.CONFIGURATION, idpType);
+ chainOptions.put(GeneralConstants.KEYPAIR, keypair);
+ chainConfig.set(chainOptions);
+
+ //Initialize the handler
+ handler.initChainConfig(chainConfig);
+ handler.initHandlerConfig(handlerConfig);
+
+ //Create a Protocol Context
+ MockHttpSession session = new MockHttpSession();
+ MockServletContext servletContext = new MockServletContext();
+ MockHttpServletRequest servletRequest = new MockHttpServletRequest(session, "POST");
+ MockHttpServletResponse servletResponse = new MockHttpServletResponse();
+ HTTPContext httpContext = new HTTPContext(servletRequest, servletResponse, servletContext);
+
+ SAMLDocumentHolder docHolder = new SAMLDocumentHolder(authnRequest, authDoc);
+ IssuerInfoHolder issuerInfo = new IssuerInfoHolder("http://localhost:8080/idp/");
+ SAML2HandlerRequest request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), docHolder,
+ SAML2Handler.HANDLER_TYPE.IDP);
+ request.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH);
+
+ SAML2HandlerResponse response = new DefaultSAML2HandlerResponse();
+
+ request.addOption(GeneralConstants.SENDER_PUBLIC_KEY, keypair.getPublic());
+
+ SAML2AuthenticationHandler authHandler = new SAML2AuthenticationHandler();
+ authHandler.initHandlerConfig(handlerConfig);
+ authHandler.generateSAMLRequest(request, response);
+
+ handler.generateSAMLRequest(request, response);
+ Document signedDoc = response.getResultingDocument();
+
+ assertNotNull("Signed Doc is not null", signedDoc);
+ SAMLDocumentHolder signedHolder = new SAMLDocumentHolder(signedDoc);
+ request = new DefaultSAML2HandlerRequest(httpContext, issuerInfo.getIssuer(), signedHolder,
+ SAML2Handler.HANDLER_TYPE.SP);
+
+ request.addOption(GeneralConstants.SENDER_PUBLIC_KEY, keypair.getPublic());
+
+ SAML2SignatureValidationHandler validHandler = new SAML2SignatureValidationHandler();
+ validHandler.initChainConfig(chainConfig);
+ validHandler.initHandlerConfig(handlerConfig);
+
+ validHandler.handleStatusResponseType(request, response);
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2LogoutWorkflowUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,331 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.workflow.saml2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.net.URL;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionEvent;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
+import org.picketlink.identity.federation.saml.v2.SAML2Object;
+import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.IdentityServer;
+import org.picketlink.identity.federation.web.filters.SPFilter;
+import org.picketlink.identity.federation.web.servlets.IDPServlet;
+import org.picketlink.identity.federation.web.util.PostBindingUtil;
+import org.picketlink.test.identity.federation.web.mock.MockContextClassLoader;
+import org.picketlink.test.identity.federation.web.mock.MockFilterChain;
+import org.picketlink.test.identity.federation.web.mock.MockFilterConfig;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletConfig;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+/**
+ * Unit test the SAML2 Logout workflow
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 7, 2009
+ */
+public class SAML2LogoutWorkflowUnitTestCase
+{
+ private final String profile = "saml2/logout";
+
+ private ClassLoader tcl;
+
+ private final String employee = "http://localhost:8080/employee/";
+
+ private final String sales = "http://localhost:8080/sales/";
+
+ /**
+ * Test that the SP web filter generates the logout request
+ * to the IDP when there is a parameter "GLO" set to true
+ * @see {@code GeneralConstants#GLOBAL_LOGOUT}
+ * @throws Exception
+ */
+ @Test
+ public void testSPFilterLogOutRequestGeneration() throws Exception
+ {
+ tcl = Thread.currentThread().getContextClassLoader();
+
+ MockHttpSession session = new MockHttpSession();
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return "anil";
+ }
+ });
+ List<String> rolesList = new ArrayList<String>();
+ rolesList.add("manager");
+ session.setAttribute(GeneralConstants.ROLES_ID, rolesList);
+
+ ServletContext servletContext = new MockServletContext();
+ session.setServletContext(servletContext);
+
+ //Let us feed the LogOutRequest to the SPFilter
+ MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
+ Thread.currentThread().setContextClassLoader(mclSPEmp);
+ SPFilter spEmpl = new SPFilter();
+ MockFilterConfig filterConfig = new MockFilterConfig(servletContext);
+ filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true");
+
+ spEmpl.init(filterConfig);
+
+ MockHttpSession filterSession = new MockHttpSession();
+ MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST");
+ filterRequest.addParameter(GeneralConstants.GLOBAL_LOGOUT, "true");
+
+ MockHttpServletResponse filterResponse = new MockHttpServletResponse();
+ ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
+ filterResponse.setWriter(new PrintWriter(filterbaos));
+
+ spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain());
+
+ String spResponse = new String(filterbaos.toByteArray());
+ Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
+ NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
+ Element inputElement = (Element) nodes.item(0);
+ String logoutRequest = inputElement.getAttributeNode("VALUE").getValue();
+
+ byte[] b64Decoded = PostBindingUtil.base64Decode(logoutRequest);
+ SAML2Request saml2Request = new SAML2Request();
+ LogoutRequestType lor = (LogoutRequestType) saml2Request.getRequestType(new ByteArrayInputStream(b64Decoded));
+ assertEquals("Match Employee URL", employee, lor.getIssuer().getValue());
+ }
+
+ /**
+ * In this test case, we preload the IDP with 2 active participants
+ * namely the Sales app and Employee App. After this, the employee app
+ * issues a logout request. The IDP is supposed to receive this logout request,
+ * a) note that there are 2 session participants
+ * b) issue a logout request to the sales app
+ * c) the sales app invalidates its session
+ * d) the sales app issues a logout response (status response type) to the IDP
+ * e) the IDP sees that we have 1 participant left and because it is the same as the
+ * original logout requestor, invalidates its session and sends the logout success
+ * to the employee app.
+ * f) employee app invalidates its session
+ * @throws Exception
+ */
+ @Test
+ public void testSAML2LogOutFromIDPServlet() throws Exception
+ {
+ tcl = Thread.currentThread().getContextClassLoader();
+ MockHttpSession session = new MockHttpSession();
+
+ MockContextClassLoader mclIDP = setupTCL(profile + "/idp");
+ Thread.currentThread().setContextClassLoader(mclIDP);
+
+ URL url = Thread.currentThread().getContextClassLoader().getResource("roles.properties");
+ assertNotNull("roles.properties visible?", url);
+
+ ServletContext servletContext = new MockServletContext();
+ session.setServletContext(servletContext);
+
+ IdentityServer server = this.getIdentityServer(session);
+ servletContext.setAttribute("IDENTITY_SERVER", server);
+ MockServletConfig servletConfig = new MockServletConfig(servletContext);
+
+ IDPServlet idp = new IDPServlet();
+ //No signing outgoing messages
+ servletConfig.addInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES, "false");
+
+ //Initialize the servlet
+ idp.init(servletConfig);
+
+ //Assume that we already have the principal and roles set in the session
+ session.setAttribute(GeneralConstants.PRINCIPAL_ID, new Principal()
+ {
+ public String getName()
+ {
+ return "anil";
+ }
+ });
+ List<String> rolesList = new ArrayList<String>();
+ rolesList.add("manager");
+ session.setAttribute(GeneralConstants.ROLES_ID, rolesList);
+
+ MockHttpServletRequest request = new MockHttpServletRequest(session, "POST");
+ request.addHeader("Referer", sales);
+
+ String samlMessage = Base64.encodeBytes(createLogOutRequest(sales).getBytes());
+ session.setAttribute("SAMLRequest", samlMessage);
+
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ response.setWriter(new PrintWriter(baos));
+
+ // The IDP is preloaded with 2 participants : "http://localhost:8080/sales/"
+ // and "http://localhost:8080/employee"
+
+ //Lets start the workflow with post
+ idp.testPost(request, response);
+
+ String idpResponse = new String(baos.toByteArray());
+ assertNotNull(idpResponse);
+
+ Document htmlResponse = DocumentUtil.getDocument(idpResponse);
+ assertNotNull(htmlResponse);
+ NodeList nodes = htmlResponse.getElementsByTagName("INPUT");
+ Element inputElement = (Element) nodes.item(0);
+ String logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
+
+ String relayState = null;
+ if (nodes.getLength() > 1)
+ relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ String logoutResponse = new String(Base64.decode(logoutOrigResponse));
+
+ SAML2Request samlRequest = new SAML2Request();
+ ByteArrayInputStream bis = new ByteArrayInputStream(logoutResponse.getBytes());
+ SAML2Object samlObject = samlRequest.getSAML2ObjectFromStream(bis);
+ assertTrue(samlObject instanceof LogoutRequestType);
+
+ //Let us feed the LogOutRequest to the SPFilter
+ MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
+ Thread.currentThread().setContextClassLoader(mclSPEmp);
+ SPFilter spEmpl = new SPFilter();
+ MockFilterConfig filterConfig = new MockFilterConfig(servletContext);
+ filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true");
+
+ spEmpl.init(filterConfig);
+
+ MockHttpSession filterSession = new MockHttpSession();
+ MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST");
+ filterRequest.addParameter("SAMLResponse", logoutOrigResponse);
+ filterRequest.addParameter("RelayState", relayState);
+
+ MockHttpServletResponse filterResponse = new MockHttpServletResponse();
+ ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
+ filterResponse.setWriter(new PrintWriter(filterbaos));
+
+ spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain());
+ String spResponse = new String(filterbaos.toByteArray());
+ Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
+ nodes = spHTMLResponse.getElementsByTagName("INPUT");
+ inputElement = (Element) nodes.item(0);
+ logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
+ relayState = null;
+ if (nodes.getLength() > 1)
+ relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ //Now the SP (employee app) has logged out and sending a status response to IDP
+ Thread.currentThread().setContextClassLoader(mclIDP);
+ session.setAttribute("SAMLResponse", logoutOrigResponse);
+ session.setAttribute("RelayState", relayState);
+
+ idp.testPost(request, response);
+
+ idpResponse = new String(filterbaos.toByteArray());
+ assertNotNull(idpResponse);
+
+ htmlResponse = DocumentUtil.getDocument(idpResponse);
+ assertNotNull(htmlResponse);
+ nodes = htmlResponse.getElementsByTagName("INPUT");
+ inputElement = (Element) nodes.item(0);
+ logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
+
+ relayState = null;
+ if (nodes.getLength() > 1)
+ relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ //Now we should have got a full success report from IDP
+ MockContextClassLoader mclSPSales = setupTCL(profile + "/sp/employee");
+ Thread.currentThread().setContextClassLoader(mclSPSales);
+ SPFilter spSales = new SPFilter();
+
+ spSales.init(filterConfig);
+
+ filterRequest.addParameter("SAMLResponse", logoutOrigResponse);
+ filterRequest.addParameter("RelayState", relayState);
+
+ spSales.doFilter(filterRequest, filterResponse, new MockFilterChain());
+
+ spResponse = new String(filterbaos.toByteArray());
+
+ assertEquals(0, server.stack().getParticipants(session.getId()));
+ assertEquals(0, server.stack().getNumOfParticipantsInTransit(session.getId()));
+
+ spHTMLResponse = DocumentUtil.getDocument(spResponse);
+ nodes = spHTMLResponse.getElementsByTagName("INPUT");
+ inputElement = (Element) nodes.item(0);
+ logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
+ relayState = null;
+ if (nodes.getLength() > 1)
+ relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ //Finally the session should be invalidated
+ assertTrue(filterSession.isInvalidated());
+ }
+
+ private MockContextClassLoader setupTCL(String resource)
+ {
+ URL[] urls = new URL[]
+ {tcl.getResource(resource)};
+
+ MockContextClassLoader mcl = new MockContextClassLoader(urls);
+ mcl.setDelegate(tcl);
+ mcl.setProfile(resource);
+ return mcl;
+ }
+
+ private String createLogOutRequest(String url) throws Exception
+ {
+ SAML2Request samlRequest = new SAML2Request();
+ LogoutRequestType lot = samlRequest.createLogoutRequest(url);
+ StringWriter sw = new StringWriter();
+ samlRequest.marshall(lot, sw);
+ return sw.toString();
+ }
+
+ //Get the Identity server with 2 participants
+ private IdentityServer getIdentityServer(HttpSession session)
+ {
+ IdentityServer server = new IdentityServer();
+ server.sessionCreated(new HttpSessionEvent(session));
+
+ server.stack().register(session.getId(), sales, false);
+ server.stack().register(session.getId(), employee, false);
+ return server;
+ }
+}
\ No newline at end of file
Added: product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java
===================================================================
--- product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java (rev 0)
+++ product/trunk/picketlink-core/src/test/java/org/picketlink/test/identity/federation/web/workflow/saml2/SAML2PostWorkflowUnitTestCase.java 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,187 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.web.workflow.saml2;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.PrintWriter;
+import java.net.URL;
+
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionEvent;
+
+import junit.framework.TestCase;
+
+import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
+import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
+import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
+import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.picketlink.identity.federation.core.util.Base64;
+import org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType;
+import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
+import org.picketlink.identity.federation.web.constants.GeneralConstants;
+import org.picketlink.identity.federation.web.core.IdentityServer;
+import org.picketlink.identity.federation.web.filters.SPFilter;
+import org.picketlink.identity.federation.web.servlets.IDPLoginServlet;
+import org.picketlink.identity.federation.web.servlets.IDPServlet;
+import org.picketlink.identity.federation.web.util.PostBindingUtil;
+import org.picketlink.test.identity.federation.web.mock.MockContextClassLoader;
+import org.picketlink.test.identity.federation.web.mock.MockFilterChain;
+import org.picketlink.test.identity.federation.web.mock.MockFilterConfig;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletRequest;
+import org.picketlink.test.identity.federation.web.mock.MockHttpServletResponse;
+import org.picketlink.test.identity.federation.web.mock.MockHttpSession;
+import org.picketlink.test.identity.federation.web.mock.MockServletConfig;
+import org.picketlink.test.identity.federation.web.mock.MockServletContext;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+/**
+ * Unit test the workflow for SAML2 Post Binding
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 8, 2009
+ */
+public class SAML2PostWorkflowUnitTestCase extends TestCase
+{
+ private String profile = "saml2/post";
+ private ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ private String employee = "http://localhost:8080/employee/";
+ private String identity = "http://localhost:8080/idp/";
+
+ public void testAuthForIDPServletAndSPFilter() throws Exception
+ {
+ String id = IDGenerator.create("ID_");
+ SAML2Request saml2Request = new SAML2Request();
+ AuthnRequestType art = saml2Request.createAuthnRequestType(id,
+ employee, identity, employee);
+
+ ServletContext servletContext = new MockServletContext();
+
+ //First we go to the employee application
+ MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
+ Thread.currentThread().setContextClassLoader(mclSPEmp);
+ SPFilter spEmpl = new SPFilter();
+ MockFilterConfig filterConfig = new MockFilterConfig(servletContext);
+ filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true");
+
+ spEmpl.init(filterConfig);
+
+ MockHttpSession filterSession = new MockHttpSession();
+ MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST");
+
+ MockHttpServletResponse filterResponse = new MockHttpServletResponse();
+ ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
+ filterResponse.setWriter(new PrintWriter(filterbaos));
+
+ spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain());
+ String spResponse = new String(filterbaos.toByteArray());
+ Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
+ NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
+ Element inputElement = (Element)nodes.item(0);
+ String idpResponse = inputElement.getAttributeNode("VALUE").getValue();
+ @SuppressWarnings("unused")
+ String relayState = null;
+ if(nodes.getLength() > 1)
+ relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ //Lets call the IDPServlet
+
+ MockHttpSession session = new MockHttpSession();
+ servletContext = new MockServletContext();
+ session.setServletContext(servletContext);
+ IdentityServer server = this.getIdentityServer(session);
+ servletContext.setAttribute("IDENTITY_SERVER", server);
+ MockServletConfig servletConfig = new MockServletConfig(servletContext);
+
+ MockContextClassLoader mclIDP = setupTCL(profile + "/idp");
+ Thread.currentThread().setContextClassLoader(mclIDP);
+
+ MockHttpServletRequest request = new MockHttpServletRequest(session, "POST");
+ request.addHeader("Referer", "http://localhost:8080/employee/");
+
+ request.addParameter(GeneralConstants.USERNAME_FIELD, "anil");
+ request.addParameter(GeneralConstants.PASS_FIELD, "anil");
+
+
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ response.setWriter(new PrintWriter(baos));
+
+ IDPLoginServlet login = new IDPLoginServlet();
+ login.init(servletConfig);
+
+ String samlAuth = DocumentUtil.getDocumentAsString(saml2Request.convert(art));
+
+ String samlMessage = Base64.encodeBytes(samlAuth.getBytes());
+ session.setAttribute("SAMLRequest", samlMessage);
+
+ login.testPost(request, response);
+
+ IDPServlet idp = new IDPServlet();
+ //No signing outgoing messages
+ servletConfig.addInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES, "false");
+
+ //Initialize the servlet
+ idp.init(servletConfig);
+
+ //Lets start the workflow with post
+ idp.testPost(request, response);
+
+ String idpResponseString = new String(baos.toByteArray());
+ Document idpHTMLResponse = DocumentUtil.getDocument(idpResponseString);
+ nodes = idpHTMLResponse.getElementsByTagName("INPUT");
+ inputElement = (Element)nodes.item(0);
+ idpResponse = inputElement.getAttributeNode("VALUE").getValue();
+ relayState = null;
+ if(nodes.getLength() > 1)
+ relayState = ((Element)nodes.item(1)).getAttributeNode("VALUE").getValue();
+
+ byte[] samlIDPResponse = PostBindingUtil.base64Decode(idpResponse);
+
+ SAML2Response saml2Response = new SAML2Response();
+ ResponseType rt = saml2Response.getResponseType(new ByteArrayInputStream(samlIDPResponse));
+
+ assertEquals("Match Identity URL:" , this.identity, rt.getIssuer().getValue());
+ }
+
+ private MockContextClassLoader setupTCL(String resource)
+ {
+ URL[] urls = new URL[] {tcl.getResource(resource)};
+
+ MockContextClassLoader mcl = new MockContextClassLoader(urls);
+ mcl.setDelegate(tcl);
+ mcl.setProfile(resource);
+ return mcl;
+ }
+
+
+ //Get the Identity server
+ private IdentityServer getIdentityServer(HttpSession session)
+ {
+ IdentityServer server = new IdentityServer();
+ server.sessionCreated(new HttpSessionEvent(session));
+ return server;
+ }
+}
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/test/resources
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources:1302-1318,1329-1337*
+ /federation/trunk/picketlink-bindings/src/test/resources:1302-1318,1329-1337*,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources:1362-1494
/federation/trunk/picketlink-web/src/test/resources:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/config
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/config:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/config:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/config:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/config:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/config:1362-1494
/federation/trunk/picketlink-web/src/test/resources/config:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/endorsed
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/endorsed:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/endorsed:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/endorsed:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/endorsed:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/endorsed:1362-1494
/federation/trunk/picketlink-web/src/test/resources/endorsed:1362-1494
Copied: product/trunk/picketlink-core/src/test/resources/idp-metadata.xml (from rev 1494, federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml)
===================================================================
--- product/trunk/picketlink-core/src/test/resources/idp-metadata.xml (rev 0)
+++ product/trunk/picketlink-core/src/test/resources/idp-metadata.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,141 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk at internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/test/resources/idp-metadata.xml
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-web/src/test/resources/idp-metadata.xml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/jbossws
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/jbossws:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/jbossws:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/jbossws:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/jbossws:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/jbossws:1362-1494
/federation/trunk/picketlink-web/src/test/resources/jbossws:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/keystore
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/keystore:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/keystore:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/keystore:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/keystore:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/keystore:1362-1494
/federation/trunk/picketlink-web/src/test/resources/keystore:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/log4j.xml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/log4j.xml:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/log4j.xml:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/log4j.xml:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/log4j.xml:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/log4j.xml:1362-1494
/federation/trunk/picketlink-web/src/test/resources/log4j.xml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/logging.properties
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/logging.properties:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/logging.properties:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/logging.properties:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/logging.properties:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/logging.properties:1362-1494
/federation/trunk/picketlink-web/src/test/resources/logging.properties:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/metadata
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/metadata:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/metadata:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/metadata:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/metadata:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/metadata:1362-1494
/federation/trunk/picketlink-web/src/test/resources/metadata:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/openid
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/openid:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/openid:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/openid:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/openid:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/openid:1362-1494
/federation/trunk/picketlink-web/src/test/resources/openid:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/parser
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/parser:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/parser:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/parser:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/parser:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/parser:1362-1494
/federation/trunk/picketlink-web/src/test/resources/parser:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/parser/saml2
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/parser/saml2:1302-1318,1329-1337
/federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2:1327-1328
+ /federation/trunk/picketlink-bindings/src/test/resources/parser/saml2:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/parser/saml2:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/parser/saml2:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2:1327-1328,1362-1494
/federation/trunk/picketlink-web/src/test/resources/parser/saml2:1362-1494
Modified: product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-assertion-subjectconfirmation.xml
===================================================================
--- product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-assertion-subjectconfirmation.xml 2012-03-12 18:57:57 UTC (rev 1495)
+++ product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-assertion-subjectconfirmation.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -4,6 +4,7 @@
<saml2:Issuer>TheDUDE</saml2:Issuer>
<saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">A_DUDE</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches">
<saml2:NameID>CN=theDUDE</saml2:NameID>
Copied: product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-response-salesforce.xml (from rev 1494, federation/trunk/picketlink-fed-core/src/test/resources/parser/saml2/saml2-response-salesforce.xml)
===================================================================
--- product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-response-salesforce.xml (rev 0)
+++ product/trunk/picketlink-core/src/test/resources/parser/saml2/saml2-response-salesforce.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<samlp:Response Destination="https://xxx.somecompany.com:8443/elements/elements.jsp" ID="_2bf8c7ab1057d96d2eb494473c31a3881329420450465" InResponseTo="ID_f7fd2a28-b187-46a5-b780-7cf74f68ec06" IssueInstant="2012-02-16T19:27:30.465Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://somecompany.my.salesforce.com</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
+<ds:Reference URI="#_2bf8c7ab1057d96d2eb494473c31a3881329420450465" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ec:InclusiveNamespaces PrefixList="ds saml samlp xs" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transform>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
+<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">B5X6YU82tV6XqasIFohUBCs6AhQ=</ds:DigestValue>
+</ds:Reference>
+</ds:SignedInfo>
+<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+MiBs02QjKgKYhBiks+TIoQDEo6j5KM5DW6Of7edIhG7OgsDPv7siV1luqg/SWrI1uEJF4ycxEH9k
+G0kzIoEKWNPT9q4exVQ6g9RC3a9Goxpg78de709rHhcjnoJB6Ci5zGwPbwv8yIGxMJg+ckLKKM5r
++dTheSjaciQWJ7UrN4RsAT+R5M15TDYqBWHLWIkxkbE3i98Jg6u17Zwma5ai7YYk9D6hsq8bs8d2
+YcMjbtwpgJyKjIW0PTvEcvqcVAn7lcEx4FBV0CCNjLtbfuVfWKq7GZLNOUMxyewVlhRhTUa5Cmmm
+x5Y1at23Wm4FKDorevNRqXNJ7g4bLZFCelzHJA==
+</ds:SignatureValue>
+<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIEazCCA1OgAwIBAgIOATTn7sPeAAAAACJDlbwwDQYJKoZIhvcNAQEFBQAwfDEUMBIGA1UEAwwL
+SW5kaWNlZSBJbmMxGDAWBgNVBAsMDzAwRDcwMDAwMDAwSWdPYjEXMBUGA1UECgwOU2FsZXNmb3Jj
+ZS5jb20xFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xCzAJBgNVBAgMAkNBMQwwCgYDVQQGEwNVU0Ew
+HhcNMTIwMTE2MTkxMTUxWhcNMTQwMTE1MTkxMTUxWjB8MRQwEgYDVQQDDAtJbmRpY2VlIEluYzEY
+MBYGA1UECwwPMDBENzAwMDAwMDBJZ09iMRcwFQYDVQQKDA5TYWxlc2ZvcmNlLmNvbTEWMBQGA1UE
+BwwNU2FuIEZyYW5jaXNjbzELMAkGA1UECAwCQ0ExDDAKBgNVBAYTA1VTQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKe6tpwiqyL8+VYTKBg/x4dnnMt9RIjWKG5XbGkSPlowRh6QQtvY
+CgPfdpcbq/q0vn5/IKlfOTGZ04zVpqjL9rWieTPKUtRBCeBDBoTliJ45SuVZ9ko4Si960b1mFf+W
+F2WcCdPanLzSohXR3opvb8KipiXl6oQUSKkTz9pkmNxo3KR4d+eN0zZoWnoRQnp8p7v4VN4zLcQ4
+Pkhn8iZ72pzy7jTcZ0NC8u7dI7fz8R3DmUJzUz+HGyoikVVF3763kLF1im3zMg9PL7StS6ZEkABa
+T8ahMSZpZSr2RicK7iioLvC/5C4FQ1/Fc0MtLbDvprgHX2fI3BtqmX52qS3WtJ8CAwEAAaOB6jCB
+5zAdBgNVHQ4EFgQUdA5kj6jOy4ky295VS9J/7uSCJ/cwgbQGA1UdIwSBrDCBqYAUdA5kj6jOy4ky
+295VS9J/7uSCJ/ehgYCkfjB8MRQwEgYDVQQDDAtJbmRpY2VlIEluYzEYMBYGA1UECwwPMDBENzAw
+MDAwMDBJZ09iMRcwFQYDVQQKDA5TYWxlc2ZvcmNlLmNvbTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
+bzELMAkGA1UECAwCQ0ExDDAKBgNVBAYTA1VTQYIOATTn7sPgAAAAACJDlbwwDwYDVR0TAQH/BAUw
+AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEALs22H1XQWpI3ZRfHZ7oZDvZkUbdEGRoKpZ82EevzCEz6
+6bV9NzGQ+ygJ5FD2X/DZtvAgq/nq8gv+BL73fMS1Rqd666rDDoddixDq/Dqtdk1jvVvpjRpVlQWz
+iVyYQuRjBFNJ7uL/IyGX424jqFWWd9Io8fsc/dct3ABffkBnEbSjY6Tqyi9YHcOYCIzupGFaE+J2
+nu3AGYihupCkOeErRNuAXH76PGBjaM/Psku5Z8MzI2g4XXbxy7/y0ruwmfD28Itt83JAzIqwbRiF
+GzGV15Vv86ziAPl37b0MApJ9ZloHuFxc8hFysqMrOdVWhSvzbmFybPnM/aHMjHhvj7ZL/g==</ds:X509Certificate>
+</ds:X509Data></ds:KeyInfo></ds:Signature>
+<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
+<saml:Assertion ID="_55a620fd5920a06abed345eecb1b13481329420450465" IssueInstant="2012-02-16T19:27:30.465Z"
+Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://xxx.my.salesforce.com</saml:Issuer>
+<saml:Subject>
+<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">xxx at somecompany.com</saml:NameID>
+<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+<saml:SubjectConfirmationData InResponseTo="ID_f7fd2a28-b187-46a5-b780-7cf74f68ec06"
+NotOnOrAfter="2012-02-16T19:32:30.466Z" Recipient="https://xxx.somecompany.com:8443/elements/elements.jsp"/>
+</saml:SubjectConfirmation>
+</saml:Subject>
+<saml:Conditions NotBefore="2012-02-16T19:27:30.466Z" NotOnOrAfter="2012-02-16T19:32:30.466Z">
+<saml:AudienceRestriction><saml:Audience>https://xxx.somecompany.com:8443/elements/elements.jsp</saml:Audience>
+</saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2012-02-16T19:27:30.465Z">
+<saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext>
+</saml:AuthnStatement>
+<saml:AttributeStatement><saml:Attribute Name="userId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xsi:type="xs:anyType">005700000018Mth</saml:AttributeValue>
+</saml:Attribute>
+<saml:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xsi:type="xs:anyType">xxx at somecompany.com</saml:AttributeValue></saml:Attribute>
+<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xsi:type="xs:anyType">xxx at somecompany.com</saml:AttributeValue></saml:Attribute>
+
+<saml:Attribute Name="is_portal_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xsi:type="xs:anyType">false</saml:AttributeValue>
+</saml:Attribute>
+</saml:AttributeStatement>
+</saml:Assertion>
+</samlp:Response>
Property changes on: product/trunk/picketlink-core/src/test/resources/responseIDP
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/test/resources/responseIDP:1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/responseIDP:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/responseIDP:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/responseIDP:1362-1494
/federation/trunk/picketlink-web/src/test/resources/responseIDP:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/saml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/saml:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/saml:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/saml:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/saml:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/saml:1362-1494
/federation/trunk/picketlink-web/src/test/resources/saml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/saml-xacml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/saml-xacml:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/saml-xacml:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/saml-xacml:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/saml-xacml:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/saml-xacml:1362-1494
/federation/trunk/picketlink-web/src/test/resources/saml-xacml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/saml2
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/saml2:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/saml2:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/saml2:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/saml2:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/saml2:1362-1494
/federation/trunk/picketlink-web/src/test/resources/saml2:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/saml2/redirect
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect:1321-1324,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/saml2/redirect:1321-1324,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/saml2/redirect:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/saml2/redirect:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/saml2/redirect:1362-1494
/federation/trunk/picketlink-web/src/test/resources/saml2/redirect:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/signatures
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-bindings/src/test/resources/signatures:1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/signatures:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/signatures:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/signatures:1362-1494*
/federation/trunk/picketlink-web/src/test/resources/signatures:1362-1494
Deleted: product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/signatures/saml11assertion.xml 2012-03-12 14:26:40 UTC (rev 1494)
+++ product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -1,17 +0,0 @@
-<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
- AssertionID="ID_4756863b-eb25-4572-935f-af4ccc8a34ac" IssueInstant="2012-02-24T15:57:15.975Z"
- Issuer="PicketLinkSTS" MajorVersion="1" MinorVersion="1">
- <saml:Conditions NotBefore="2012-02-24T15:57:15.975Z"
- NotOnOrAfter="2012-02-24T17:57:15.975Z" />
- <saml:AuthenticationStatement
- AuthenticationInstant="2012-02-24T15:57:15.975Z" AuthenticationMethod="urn:picketlink:auth">
- <saml:Subject>
- <saml:NameIdentifier
- Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">admin</saml:NameIdentifier>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
- </saml:ConfirmationMethod>
- </saml:SubjectConfirmation>
- </saml:Subject>
- </saml:AuthenticationStatement>
-</saml:Assertion>
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml (from rev 1494, federation/trunk/picketlink-fed-core/src/test/resources/signatures/saml11assertion.xml)
===================================================================
--- product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml (rev 0)
+++ product/trunk/picketlink-core/src/test/resources/signatures/saml11assertion.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,17 @@
+<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ AssertionID="ID_4756863b-eb25-4572-935f-af4ccc8a34ac" IssueInstant="2012-02-24T15:57:15.975Z"
+ Issuer="PicketLinkSTS" MajorVersion="1" MinorVersion="1">
+ <saml:Conditions NotBefore="2012-02-24T15:57:15.975Z"
+ NotOnOrAfter="2012-02-24T17:57:15.975Z" />
+ <saml:AuthenticationStatement
+ AuthenticationInstant="2012-02-24T15:57:15.975Z" AuthenticationMethod="urn:picketlink:auth">
+ <saml:Subject>
+ <saml:NameIdentifier
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">admin</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+ </saml:ConfirmationMethod>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ </saml:AuthenticationStatement>
+</saml:Assertion>
\ No newline at end of file
Deleted: product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/signatures/wstRequestCollection.xml 2012-03-12 14:26:40 UTC (rev 1494)
+++ product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -1,47 +0,0 @@
-<wst:RequestSecurityTokenResponseCollection
- xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
- <wst:RequestSecurityTokenResponse
- Context="default-context">
- <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
- </wst:TokenType>
- <wst:Lifetime>
- <wsu:Created
- xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-02-24T15:57:15.975Z</wsu:Created>
- <wsu:Expires
- xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-02-24T17:57:15.975Z</wsu:Expires>
- </wst:Lifetime>
- <wst:KeySize>128</wst:KeySize>
- <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer
- </wst:KeyType>
- <wst:RequestedSecurityToken>
- <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
- AssertionID="ID_4756863b-eb25-4572-935f-af4ccc8a34ac" IssueInstant="2012-02-24T15:57:15.975Z"
- Issuer="PicketLinkSTS" MajorVersion="1" MinorVersion="1">
- <saml:Conditions NotBefore="2012-02-24T15:57:15.975Z"
- NotOnOrAfter="2012-02-24T17:57:15.975Z" />
- <saml:AuthenticationStatement
- AuthenticationInstant="2012-02-24T15:57:15.975Z"
- AuthenticationMethod="urn:picketlink:auth">
- <saml:Subject>
- <saml:NameIdentifier
- Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">admin</saml:NameIdentifier>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
- </saml:ConfirmationMethod>
- </saml:SubjectConfirmation>
- </saml:Subject>
- </saml:AuthenticationStatement>
- </saml:Assertion>
- </wst:RequestedSecurityToken>
- <wst:RequestedAttachedReference>
- <wsse:SecurityTokenReference
- xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
- xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
- wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
- <wsse:KeyIdentifier
- ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">#ID_4756863b-eb25-4572-935f-af4ccc8a34ac
- </wsse:KeyIdentifier>
- </wsse:SecurityTokenReference>
- </wst:RequestedAttachedReference>
- </wst:RequestSecurityTokenResponse>
-</wst:RequestSecurityTokenResponseCollection>
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml (from rev 1494, federation/trunk/picketlink-fed-core/src/test/resources/signatures/wstRequestCollection.xml)
===================================================================
--- product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml (rev 0)
+++ product/trunk/picketlink-core/src/test/resources/signatures/wstRequestCollection.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,47 @@
+<wst:RequestSecurityTokenResponseCollection
+ xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+ <wst:RequestSecurityTokenResponse
+ Context="default-context">
+ <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
+ </wst:TokenType>
+ <wst:Lifetime>
+ <wsu:Created
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-02-24T15:57:15.975Z</wsu:Created>
+ <wsu:Expires
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-02-24T17:57:15.975Z</wsu:Expires>
+ </wst:Lifetime>
+ <wst:KeySize>128</wst:KeySize>
+ <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer
+ </wst:KeyType>
+ <wst:RequestedSecurityToken>
+ <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ AssertionID="ID_4756863b-eb25-4572-935f-af4ccc8a34ac" IssueInstant="2012-02-24T15:57:15.975Z"
+ Issuer="PicketLinkSTS" MajorVersion="1" MinorVersion="1">
+ <saml:Conditions NotBefore="2012-02-24T15:57:15.975Z"
+ NotOnOrAfter="2012-02-24T17:57:15.975Z" />
+ <saml:AuthenticationStatement
+ AuthenticationInstant="2012-02-24T15:57:15.975Z"
+ AuthenticationMethod="urn:picketlink:auth">
+ <saml:Subject>
+ <saml:NameIdentifier
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">admin</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+ </saml:ConfirmationMethod>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ </saml:AuthenticationStatement>
+ </saml:Assertion>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference
+ xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+ xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
+ wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
+ <wsse:KeyIdentifier
+ ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">#ID_4756863b-eb25-4572-935f-af4ccc8a34ac
+ </wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ </wst:RequestSecurityTokenResponse>
+</wst:RequestSecurityTokenResponseCollection>
\ No newline at end of file
Copied: product/trunk/picketlink-core/src/test/resources/sp-metadata.xml (from rev 1494, federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml)
===================================================================
--- product/trunk/picketlink-core/src/test/resources/sp-metadata.xml (rev 0)
+++ product/trunk/picketlink-core/src/test/resources/sp-metadata.xml 2012-03-12 19:35:11 UTC (rev 1496)
@@ -0,0 +1,237 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two"
+ xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth">
+ <IDPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">testshib.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution"
+ index="1" />
+ <ArtifactResolutionService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution"
+ index="2" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
+ Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" />
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" />
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEKjCCAxKgAwIBAgIJAIgUuHL4QvkYMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV
+ BAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAV
+ BgNVBAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGli
+ Lm9yZzAeFw0wNzEyMTcxOTE4NDFaFw0xNzEyMTQxOTE4NDFaMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2JAhrk5iafXgDkhh8E
+ SaNUjWrQeWTiqgzPcrIOwslUwwpXKbvd4Ej9dJx+IJAmTpZxEjYLbYNK/jKi/LXy
+ Qusm3XRBQd2AaPD2WoykntzkNNTsN8k+CPlnYNbbE6UoHvYBM+0qwtOxJGJh7j7X
+ e9Qh4lGglg7/sVX1EF9GkzTxZg4sc1I6GM2xg67QMgqgPH/QjdrcSHyZ6RxOqugp
+ inKCwA0uFKzT5YR0s3eteJEfyWIpLNCuJG0agkBdA79D+Q4vqxH3nwuoJVfMrAvH
+ Qef/Z29Mof6I0biRpoDFh4FpOodIoY4oaoruIwAqL1Ge71TgoEhOSKZ+ziMKnfd8
+ 6dsCAwEAAaOB0DCBzTAdBgNVHQ4EFgQUrAUPOvZ4fNyqma+YwK6+P+2/kGswgZ0G
+ A1UdIwSBlTCBkoAUrAUPOvZ4fNyqma+YwK6+P+2/kGuhb6RtMGsxCzAJBgNVBAYT
+ AkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNV
+ BAoTDk15IENvbXBhbnkgTHRkMR0wGwYDVQQDExRpZHAudHdvLnRlc3RzaGliLm9y
+ Z4IJAIgUuHL4QvkYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEti
+ KJki8WO2wGhpJc3oIAF7V0CYBR3303S37iqSodabyN/2nxFXTqd+ZSAdfe+14E/G
+ dyC9Dtbq4VL2lF0fbaNarCzfhMD7DExSANFkOPFk/lz54ccFdfIRHRVeLHvEtGAI
+ UTK+qEqaEl1vjZVKmvNSdDet06EQ+MGZf1MnW6jid4AMrSdboDHFW34qet+tr9gf
+ 5k6bZx6oIiOILgXWHk7hK1ZuxK5w0bpbktNIfO35HoQSPBx6u6wuxt4yN/m6QLiq
+ nGEzsHlzsPFv1Iw+ccdALcqR0zor7GEJrKmp4Gcb/zH3oy1rQNZHUlz29emJhS/1
+ q1og9SGCUU2yRL1tC+Y=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
+ VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
+ MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
+ EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
+ c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
+ AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
+ yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
+ 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
+ NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
+ kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
+ gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
+ A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
+ 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
+ bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
+ aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
+ I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
+ 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
+ /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
+ Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
+ 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery" />
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Identity Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk at internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="https://sp.testshib.org/shibboleth-sp">
+ <SPSSODescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext">
+ <Extensions>
+ <idpdisc:DiscoveryResponse
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ Location="https://sp.testshib.org/Shibboleth.sso/DS" index="1"
+ xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" />
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEPjCCAyagAwIBAgIBADANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJVUzEV
+ MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMSIwIAYD
+ VQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQDEw9zcC50ZXN0
+ c2hpYi5vcmcwHhcNMDYwODMwMjEyNDM5WhcNMTYwODI3MjEyNDM5WjB3MQswCQYD
+ VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1
+ cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQD
+ Ew9zcC50ZXN0c2hpYi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+ AQDJyR6ZP6MXkQ9z6RRziT0AuCabDd3x1m7nLO9ZRPbr0v1LsU+nnC363jO8nGEq
+ sqkgiZ/bSsO5lvjEt4ehff57ERio2Qk9cYw8XCgmYccVXKH9M+QVO1MQwErNobWb
+ AjiVkuhWcwLWQwTDBowfKXI87SA7KR7sFUymNx5z1aoRvk3GM++tiPY6u4shy8c7
+ vpWbVfisfTfvef/y+galxjPUQYHmegu7vCbjYP3On0V7/Ivzr+r2aPhp8egxt00Q
+ XpilNai12LBYV3Nv/lMsUzBeB7+CdXRVjZOHGuQ8mGqEbsj8MBXvcxIKbcpeK5Zi
+ JCVXPfarzuriM1G5y5QkKW+LAgMBAAGjgdQwgdEwHQYDVR0OBBYEFKB6wPDxwYrY
+ StNjU5P4b4AjBVQVMIGhBgNVHSMEgZkwgZaAFKB6wPDxwYrYStNjU5P4b4AjBVQV
+ oXukeTB3MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYD
+ VQQHEwpQaXR0c2J1cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3Zp
+ ZGVyMRgwFgYDVQQDEw9zcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
+ BgkqhkiG9w0BAQUFAAOCAQEAc06Kgt7ZP6g2TIZgMbFxg6vKwvDL0+2dzF11Onpl
+ 5sbtkPaNIcj24lQ4vajCrrGKdzHXo9m54BzrdRJ7xDYtw0dbu37l1IZVmiZr12eE
+ Iay/5YMU+aWP1z70h867ZQ7/7Y4HW345rdiS6EW663oH732wSYNt9kr7/0Uer3KD
+ 9CuPuOidBacospDaFyfsaJruE99Kd6Eu/w5KLAGG+m0iqENCziDGzVA47TngKz2v
+ PVA+aokoOyoz3b53qeti77ijatSEoKjxheBWpO+eoJeGq/e49Um3M2ogIX/JAlMa
+ Inh+vYSYngQB2sx9LGkR9KHaMKNIGCDehk93Xla4pWJx1w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/SOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Redirect" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/POST" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SLO/Artifact" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="1" isDefault="true" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST-SimpleSign"
+ index="2" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML2/Artifact"
+ index="3" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://sp.testshib.org/Shibboleth.sso/SAML/POST" index="4" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.testshib.org/Shibboleth.sso/SAML/Artifact"
+ index="5" />
+ <AssertionConsumerService
+ Binding="http://schemas.xmlsoap.org/ws/2003/07/secext" Location="https://sp.testshib.org/Shibboleth.sso/ADFS"
+ index="6" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.testshib.org/Shibboleth.sso/SAML2/POST"
+ index="7" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/POST" index="8" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://www.testshib.org/Shibboleth.sso/SAML/REDIRECT" index="9" />
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two Service Provider</OrganizationName>
+ <OrganizationDisplayName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">TestShib Two</OrganizationDisplayName>
+ <OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nate</GivenName>
+ <SurName>Klingenstein</SurName>
+ <EmailAddress>ndk at internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
Property changes on: product/trunk/picketlink-core/src/test/resources/sp-metadata.xml
___________________________________________________________________
Added: svn:mergeinfo
+ /federation/trunk/picketlink-web/src/test/resources/sp-metadata.xml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/sts
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/sts:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/sts:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/sts:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/sts:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/sts:1362-1494
/federation/trunk/picketlink-web/src/test/resources/sts:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/sts-client.properties
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/sts-client.properties:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/sts-client.properties:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/sts-client.properties:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/sts-client.properties:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/sts-client.properties:1362-1494
/federation/trunk/picketlink-web/src/test/resources/sts-client.properties:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/wstrust
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/wstrust:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/wstrust:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/wstrust:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/wstrust:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/wstrust:1362-1494
/federation/trunk/picketlink-web/src/test/resources/wstrust:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/xacml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/xacml:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/xacml:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/xacml:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/xacml:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/xacml:1362-1494
/federation/trunk/picketlink-web/src/test/resources/xacml:1362-1494
Property changes on: product/trunk/picketlink-core/src/test/resources/xml
___________________________________________________________________
Modified: svn:mergeinfo
- /federation/trunk/picketlink-bindings/src/test/resources/xml:1302-1318,1329-1337
+ /federation/trunk/picketlink-bindings/src/test/resources/xml:1302-1318,1329-1337,1362-1494
/federation/trunk/picketlink-bindings-jboss/src/test/resources/xml:1362-1494
/federation/trunk/picketlink-fed-api/src/test/resources/xml:1362-1494
/federation/trunk/picketlink-fed-core/src/test/resources/xml:1362-1494
/federation/trunk/picketlink-web/src/test/resources/xml:1362-1494
More information about the jboss-cvs-commits
mailing list