[jboss-svn-commits] JBL Code SVN: r29265 - labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Wed Sep 9 01:31:19 EDT 2009
Author: beve
Date: 2009-09-09 01:31:19 -0400 (Wed, 09 Sep 2009)
New Revision: 29265
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
Log:
Fixed line formatting.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-08 21:29:17 UTC (rev 29264)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-09 05:31:19 UTC (rev 29265)
@@ -53,7 +53,7 @@
public class JBossSTSLoginModule implements LoginModule
{
private Logger logger = Logger.getLogger(JBossSTSLoginModule.class);
-
+
/**
* Options for this login module
*/
@@ -64,84 +64,91 @@
public static String USERNAME_OPTION = "username";
public static String PASSWORD_OPTION = "password";
public static String SAML_TOKEN_TYPE_OPTION = "samlTokenType";
-
+
/**
* The subject to be populated.
*/
private Subject subject;
-
+
/**
* Callback handler used to gather information from the caller.
*/
private CallbackHandler callbackHandler;
-
+
/**
* WS-Trust SAML Assertion element.
*/
private Element samlToken;
-
+
/**
* Client that takes care of invoking the SecurityTokenService.
*/
private WSTrustClient wsTrustClient;
/**
- * The type of SAML Token that this LoginModule can handle.
- * This is set through the options configuration.
+ * The type of SAML Token that this LoginModule can handle. This is set
+ * through the options configuration.
*/
private String samlTokenType;
-
+
/**
* The outcome of the authentication process.
*/
private boolean success;
/**
- * Initialized this login module. Simple stores the passed in fields and also validates the options.
- *
- * @param subject The subject to authenticate/populate.
- * @param callbackHandler The callbackhandler that will gather information required by this login module.
- * @param sharedState State that is shared with other login modules. Used when modules are chained/stacked.
- * @param options The options that were specified for this login module. See "Usage" section of this types javadoc.
+ * Initialized this login module. Simple stores the passed in fields and
+ * also validates the options.
+ *
+ * @param subject
+ * The subject to authenticate/populate.
+ * @param callbackHandler
+ * The callbackhandler that will gather information required by
+ * this login module.
+ * @param sharedState
+ * State that is shared with other login modules. Used when
+ * modules are chained/stacked.
+ * @param options
+ * The options that were specified for this login module. See
+ * "Usage" section of this types javadoc.
*/
public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map<String, ?> sharedState, final Map<String, ?> options)
{
this.subject = subject;
this.callbackHandler = callbackHandler;
this.options = options;
-
- final String stsServiceName = getRequiredOption(options, SERVICE_NAME_OPTION);
- final String stsPortName = getRequiredOption(options, PORT_NAME_OPTION);
- final String endpointAddress = getRequiredOption(options, ENDPOINT_ADDRESS_OPTION);
-
- final String stsUserName = getRequiredOption(options, USERNAME_OPTION);
- final String stsPassword = getRequiredOption(options, PASSWORD_OPTION);
- samlTokenType = getRequiredOption(options, SAML_TOKEN_TYPE_OPTION);
-
- if (wsTrustClient == null)
- {
- try
- {
- wsTrustClient = new WSTrustClient(stsServiceName, stsPortName, endpointAddress, new SecurityInfo(stsUserName, stsPassword));
- }
- catch (final ParsingException e)
- {
- throw new IllegalStateException("Could not create WSTrustClient:", e);
- }
- }
+
+ final String stsServiceName = getRequiredOption(options, SERVICE_NAME_OPTION);
+ final String stsPortName = getRequiredOption(options, PORT_NAME_OPTION);
+ final String endpointAddress = getRequiredOption(options, ENDPOINT_ADDRESS_OPTION);
+
+ final String stsUserName = getRequiredOption(options, USERNAME_OPTION);
+ final String stsPassword = getRequiredOption(options, PASSWORD_OPTION);
+ samlTokenType = getRequiredOption(options, SAML_TOKEN_TYPE_OPTION);
+
+ if (wsTrustClient == null)
+ {
+ try
+ {
+ wsTrustClient = new WSTrustClient(stsServiceName, stsPortName, endpointAddress, new SecurityInfo(stsUserName, stsPassword));
+ } catch (final ParsingException e)
+ {
+ throw new IllegalStateException("Could not create WSTrustClient:", e);
+ }
+ }
}
-
+
private String getRequiredOption(final Map<String, ?> options, final String optionName)
{
- final String option = (String) options.get(optionName);
- if (option != null)
- {
- return option;
- }
-
- throw new IllegalArgumentException("Required option '" + optionName + "' was missing from the login modules configuration");
+ final String option = (String) options.get(optionName);
+ if (option != null)
+ {
+ return option;
+ }
+
+ throw new IllegalArgumentException("Required option '" + optionName + "' was missing from the login modules configuration");
}
-
+
void setWSTrustClient(final WSTrustClient wsTrustClient)
{
this.wsTrustClient = wsTrustClient;
@@ -149,50 +156,50 @@
/**
* @return true If the login was successful otherwise false.
- * @throws LoginException If an error occurs while trying to perform the authentication.
+ * @throws LoginException
+ * If an error occurs while trying to perform the
+ * authentication.
*/
public boolean login() throws LoginException
{
try
{
// See if the Subject already has a Saml Token associated with it.
- samlToken = getSamlTokenFromCaller();
- if (samlToken == null)
- {
- // Retrieve the Saml Token from the authentiation request.
- samlToken = wsTrustClient.issueToken(samlTokenType);
- }
-
- // Verify that the Saml Token is still valid.
- success = wsTrustClient.validateToken(samlToken);
- if (success == false)
- {
- // Throw an exception as returing false only says that this login module should be ignored.
- throw new LoginException("Could not validate the SAML Security Token :" + samlToken);
- }
-
- return success;
- }
- catch (WSTrustException e)
+ samlToken = getSamlTokenFromCaller();
+ if (samlToken == null)
+ {
+ // Retrieve the Saml Token from the authentiation request.
+ samlToken = wsTrustClient.issueToken(samlTokenType);
+ }
+
+ // Verify that the Saml Token is still valid.
+ success = wsTrustClient.validateToken(samlToken);
+ if (success == false)
+ {
+ // Throw an exception as returing false only says that this
+ // login module should be ignored.
+ throw new LoginException("Could not validate the SAML Security Token :" + samlToken);
+ }
+
+ return success;
+ } catch (WSTrustException e)
{
throw new LoginException("WSTrustException : " + e.getMessage());
- }
- catch (final IOException e)
+ } catch (final IOException e)
{
throw new LoginException("IOException : " + e.getMessage());
- }
- catch (final UnsupportedCallbackException e)
+ } catch (final UnsupportedCallbackException e)
{
throw new LoginException("UnsupportedCallbackException : " + e.getMessage());
}
}
-
+
private Element getSamlTokenFromCaller() throws UnsupportedCallbackException, LoginException, IOException
{
final ObjectCallback objectCallback = new ObjectCallback("SamlToken: ");
- // Retrieve information from callback.
- callbackHandler.handle(new Callback[]{objectCallback});
-
+ // Retrieve information from callback.
+ callbackHandler.handle(new Callback[] { objectCallback });
+
final AuthenticationRequest authRequest = (AuthenticationRequest) objectCallback.getCredential();
final Principal principal = authRequest.getPrincipal();
if (principal instanceof SamlPrincipal)
@@ -200,7 +207,7 @@
final SamlPrincipal samlPrincipal = (SamlPrincipal) principal;
return samlPrincipal.getSamlToken();
}
-
+
throw new LoginException("Could not locate a SamplPrincipal in the AuthenticationRequest.");
}
@@ -210,28 +217,26 @@
{
if (success)
{
- AssertionType samlTokenType = SAMLUtil.fromElement(samlToken);
- logger.info("Token : " + samlTokenType);
-
- // Use info to populate Subject.
- SubjectType subjectType = samlTokenType.getSubject();
-
- // Add the SamlToken to the authenticated Subjects principals
- subject.getPrincipals().add(new SamlPrincipal(samlToken));
-
- return true;
- }
- else
+ AssertionType samlTokenType = SAMLUtil.fromElement(samlToken);
+ logger.info("Token : " + samlTokenType);
+
+ // Use info to populate Subject.
+ SubjectType subjectType = samlTokenType.getSubject();
+
+ // Add the SamlToken to the authenticated Subjects principals
+ subject.getPrincipals().add(new SamlPrincipal(samlToken));
+
+ return true;
+ } else
{
subject.getPrincipals().clear();
return false;
}
- }
- catch (final JAXBException e)
+ } catch (final JAXBException e)
{
logger.error("Cound not parse the RSTR Token : ", e);
throw new LoginException("Cound not parse the RSTR Token : " + e.getMessage());
- }
+ }
}
/**
@@ -249,11 +254,11 @@
clearState();
return true;
}
-
+
private void clearState()
{
samlToken = null;
subject.getPrincipals().clear();
}
-
+
}
More information about the jboss-svn-commits
mailing list