[jboss-svn-commits] JBL Code SVN: r29454 - in labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta: src/org/jboss/soa/esb/services/security/auth/login and 1 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Sep 24 08:59:36 EDT 2009
Author: beve
Date: 2009-09-24 08:59:36 -0400 (Thu, 24 Sep 2009)
New Revision: 29454
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
Log:
Clean up.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-09-24 12:58:53 UTC (rev 29453)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/actions/security/JBossSTSAction.java 2009-09-24 12:59:36 UTC (rev 29454)
@@ -34,7 +34,6 @@
import org.jboss.soa.esb.actions.ActionProcessingException;
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.message.Message;
-import org.jboss.soa.esb.message.MessagePayloadProxy;
import org.jboss.soa.esb.services.security.PublicCryptoUtil;
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
@@ -47,7 +46,33 @@
/**
* This action support issueing SAML Assertions using JBossSTS (Security Token Service).
+ * <p/>
*
+ * Usage:
+ * <pre>{@code
+ * <action name="issueToken" class="org.jboss.soa.esb.actions.security.JBossSTSAction">
+ * <property name="configFile" value="jboss-sts-client.properties"/>
+ * <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
+ * <property name="addToEsbAuthRequest" value="true"/>
+ * </action>
+ * }</pre>
+ *
+ * Options:
+ * <lu>
+ * <li>configFile - The configuration for the WSTrustClient from JBoss Identity that we are using.</li>
+ * <li>tokenType - The the type of token that we would like to have issued from JBoss STS.</li>
+ * <li>addToEsbAuthRequest - Tells the ESB make this assertion available to the ESB authentication mechanism.</li>
+ * </lu>
+ *
+ * <h3>WSTrustClient configuration file example</h3>
+ * <pre>
+ * serviceName=JBossSTS
+ * portName=JBossSTSPort
+ * endpointAddress=http://localhost:8080/jboss-sts/JBossSTS
+ * username=admin
+ * password=admin
+ * </pre>
+ *
* @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
*
*/
@@ -61,16 +86,12 @@
private WSTrustClientConfig wsTrustConfig;
private final String tokenType;
-
- private final MessagePayloadProxy payloadProxy;
-
private boolean addAssertionToEsbAuthRequest;
public JBossSTSAction(final ConfigTree config) throws ConfigurationException
{
wsTrustConfig = new WSTrustClientConfig.Builder().build(config.getRequiredAttribute(STS_CONFIG));
tokenType = config.getRequiredAttribute(TOKEN_TYPE_OPTION);
- payloadProxy = new MessagePayloadProxy(config);
addAssertionToEsbAuthRequest = config.getBooleanAttribute(ADD_TO_ESB_AUTH_REQUEST, false);
}
@@ -82,7 +103,10 @@
final WSTrustClient wsTrustClient = createWSTrustClient(message);
final Element assertion = wsTrustClient.issueToken(tokenType);
- log.info("SecurityToken valid : " + wsTrustClient.validateToken(assertion));
+ if (log.isDebugEnabled())
+ {
+ log.debug("SecurityToken valid : " + wsTrustClient.validateToken(assertion));
+ }
SamlContext.setContext(new SamlPrincipal(assertion));
@@ -90,7 +114,6 @@
{
addToEsbAuthRequest(assertion, message);
}
-
}
catch (final WSTrustException e)
{
@@ -101,14 +124,11 @@
private void addToEsbAuthRequest(final Element assertion, final Message message) throws ActionProcessingException
{
- // create an AuthenticationRequest
-
final SamlPrincipal samlPrincipal = new SamlPrincipal(assertion);
final AuthenticationRequest authRequest = new AuthenticationRequestImpl.Builder(samlPrincipal).build();
try
{
- // set the authentication request on the message
- log.info("Adding SamlPrincipal to ESB Context as an AuthenticationRequest");
+ log.debug("Adding SamlPrincipal to ESB Context as an AuthenticationRequest");
message.getContext().setContext(SecurityService.AUTH_REQUEST, PublicCryptoUtil.INSTANCE.encrypt((Serializable) authRequest));
}
catch (final SecurityServiceException e)
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-24 12:58:53 UTC (rev 29453)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-24 12:59:36 UTC (rev 29454)
@@ -208,28 +208,19 @@
public boolean commit() throws LoginException
{
- try
+ if (success)
{
- if (success)
- {
- AssertionType samlTokenType = SAMLUtil.fromElement(samlToken);
- logger.info("Successfully validated Assertion. ");
+ logger.debug("Successfully validated Assertion. ");
- // Add the SamlToken to the authenticated Subjects principals
- subject.getPrincipals().add(new SamlPrincipal(samlToken));
+ // Add the SamlToken to the authenticated Subjects principals
+ subject.getPrincipals().add(new SamlPrincipal(samlToken));
- return true;
- }
- else
- {
- subject.getPrincipals().clear();
- return false;
- }
+ return true;
}
- catch (final JAXBException e)
+ else
{
- logger.error("Cound not parse the RSTR Token : ", e);
- throw new LoginException("Cound not parse the RSTR Token : " + e.getMessage());
+ subject.getPrincipals().clear();
+ return false;
}
}
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-24 12:58:53 UTC (rev 29453)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-24 12:59:36 UTC (rev 29454)
@@ -137,8 +137,6 @@
private WSTrustClient client;
- public MockSTSLoginModule() {}
-
public MockSTSLoginModule(final WSTrustClient client)
{
this.client = client;
More information about the jboss-svn-commits
mailing list