Example 11 with IDPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement in project OpenAM by OpenRock.
the class IDFFModelImpl method updateIDPAuthenticationContexts.
/**
* update IDP Authentication Contexts
*
* @param realm Realm of Entity
* @param entityName Name of Entity Descriptor.
* @param cxt IDFFAuthContexts object contains IDP
* Authentication Contexts values
*/
public void updateIDPAuthenticationContexts(String realm, String entityName, IDFFAuthContexts cxt) throws AMConsoleException {
List list = cxt.toIDPAuthContextInfo();
String[] params = { realm, entityName, "IDFF", "IDP-updateIDPAuthenticationContexts" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
try {
IDFFMetaManager idffMetaMgr = getIDFFMetaManager();
EntityConfigElement entityConfig = idffMetaMgr.getEntityConfig(realm, entityName);
if (entityConfig == null) {
throw new AMConsoleException("invalid.entity.name");
}
IDPDescriptorConfigElement idpDecConfigElement = idffMetaMgr.getIDPDescriptorConfig(realm, entityName);
if (idpDecConfigElement == null) {
throw new AMConsoleException("invalid.config.element");
} else {
updateAttrInConfig(idpDecConfigElement, ATTR_IDP_AUTHN_CONTEXT_MAPPING, list);
}
//saves the attributes by passing the new entityConfig object
idffMetaMgr.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (IDFFMetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "IDFF", "IDP-updateIDPAuthenticationContexts", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
return;
}
Also used :
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ArrayList(java.util.ArrayList)
List(java.util.List)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
EntityConfigElement(com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)
Example 12 with IDPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement in project OpenAM by OpenRock.
the class FSDefaultRealmAttributePlugin method getAttributeStatements.
/**
* Returns list of <code>AttributeStatement</code>s by using attribute
* map defined in the configuration.
* @param realm The realm under which the entity resides.
* @param hostEntityId Hosted identity provider entity id.
* @param remoteEntityID Remote provider's entity id
* @param subject Subject subject of the authenticated principal.
* @param token user's session.
* @return list of SAML <code>AttributeStatement<code>s.
*/
public List getAttributeStatements(String realm, String hostEntityId, String remoteEntityID, FSSubject subject, Object token) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttributeStatements");
Map attributeMap = null;
try {
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
if (metaManager != null) {
IDPDescriptorConfigElement idpConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
if (idpConfig != null) {
Map attributes = IDFFMetaUtils.getAttributes(idpConfig);
attributeMap = FSServiceUtils.parseAttributeConfig((List) attributes.get(IFSConstants.IDP_ATTRIBUTE_MAP));
}
}
} catch (IDFFMetaException me) {
FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" + "Statements: meta exception.", me);
return null;
}
if (attributeMap == null || attributeMap.isEmpty()) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: Attribute map configuration is empty.");
}
return null;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: Attribute map configuration: " + attributeMap);
}
}
List statements = new ArrayList();
List attributes = new ArrayList();
try {
Iterator iter = attributeMap.entrySet().iterator();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
String attributeName = (String) entry.getKey();
String attributeValue = getAttributeValue(token, (String) entry.getValue());
if (attributeValue != null) {
Attribute attr = new Attribute(attributeName, SAMLConstants.assertionSAMLNameSpaceURI, attributeValue);
attributes.add(attr);
}
}
AttributeStatement statement = new AttributeStatement(subject, attributes);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: attribute statement: " + statement.toString());
}
statements.add(statement);
return statements;
} catch (SAMLException ex) {
FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" + "Statements: SAML Exception", ex);
}
return new ArrayList();
}
Also used :
Attribute(com.sun.identity.saml.assertion.Attribute)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ArrayList(java.util.ArrayList)
SAMLException(com.sun.identity.saml.common.SAMLException)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Map(java.util.Map)
Example 13 with IDPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement in project OpenAM by OpenRock.
the class ImportEntityModelImpl method createIDFFEntity.
private void createIDFFEntity() throws AMConsoleException {
try {
IDFFMetaManager metaManager = new IDFFMetaManager(null);
com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement configElt = null;
if (extendedMetaData != null) {
configElt = getIDFFEntityConfigElement();
if ((configElt != null) && configElt.isHosted()) {
IDPDescriptorConfigElement idpConfig = IDFFMetaUtils.getIDPDescriptorConfig(configElt);
if (idpConfig != null) {
SAML2MetaUtils.getRealmByMetaAlias(idpConfig.getMetaAlias());
} else {
SPDescriptorConfigElement spConfig = IDFFMetaUtils.getSPDescriptorConfig(configElt);
if (spConfig != null) {
SAML2MetaUtils.getRealmByMetaAlias(spConfig.getMetaAlias());
}
}
}
}
importIDFFMetaData(metaManager);
if (configElt != null) {
metaManager.createEntityConfig(realm, configElt);
}
} catch (IDFFMetaException e) {
throw new AMConsoleException(e);
}
}
Also used :
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 14 with IDPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement in project OpenAM by OpenRock.
the class IDFFMetaManager method isTrustedProvider.
/**
* Checks whether two entities are in the same circle of trust.
*
* @param realm The realm under which the entity resides.
* @param hostedEntityID the hosted entity identifier.
* @param entityID the identifier of the entity to be checked for trust.
* @return true if both providers are in the same circle of trust.
*/
public boolean isTrustedProvider(String realm, String hostedEntityID, String entityID) {
String classMethod = "IDFFMetaManager:isTrustedProvider";
boolean isTrusted = false;
try {
SPDescriptorConfigElement spConfig = getSPDescriptorConfig(realm, entityID);
if (spConfig != null) {
isTrusted = isSameCircleOfTrust(spConfig, realm, entityID);
} else {
IDPDescriptorConfigElement idpConfig = getIDPDescriptorConfig(realm, entityID);
if (idpConfig != null) {
isTrusted = isSameCircleOfTrust(idpConfig, realm, entityID);
}
}
} catch (IDFFMetaException ide) {
debug.error(classMethod + "Error retrieving trust relationship" + "between " + hostedEntityID + "with " + entityID);
}
return isTrusted;
}
Also used :
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Example 15 with IDPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement in project OpenAM by OpenRock.
the class IDFFMetaManager method getEntityIDBySuccinctID.
/**
* Returns entity ID associated with the succinct ID.
*
* @param realm The realm under which the entity resides.
* @param succinctId Succinct ID of a IDP contained in the entity
* to be retrieved.
* @return Entity ID associated with the succinct ID, or null if could
* not be found.
* @throws IDFFMetaException if unable to retrieve the entity ID.
*/
public String getEntityIDBySuccinctID(String realm, String succinctId) throws IDFFMetaException {
try {
if (succinctId == null || succinctId.length() == 0) {
return null;
}
// check cache first
String entityId = IDFFMetaCache.getEntityBySuccinctID(succinctId);
if (entityId != null) {
if (debug.messageEnabled()) {
debug.message("IDFFMetaManager.getEntityIDBySuccinctID :" + " found entity in cache, succinctId=" + succinctId + ", ID=" + entityId);
}
return entityId;
}
if ((realm == null) || (realm.length() == 0)) {
realm = ROOT_REALM;
}
Set entityIds = idffMetaConfigInstance.getAllConfigurationNames(realm);
if (entityIds == null || entityIds.isEmpty()) {
return null;
}
for (Iterator iter = entityIds.iterator(); iter.hasNext(); ) {
String tmpId = (String) iter.next();
if (debug.messageEnabled()) {
debug.message("IDFFMetaManager.getEntityIDBySuccinctID :" + " process entity cache for succinctID=" + succinctId + ", ID=" + tmpId);
}
IDPDescriptorConfigElement idpconfig = getIDPDescriptorConfig(realm, tmpId);
if (idpconfig != null) {
String tmpSuccinctId = FSUtils.generateSourceID(tmpId);
if ((tmpSuccinctId != null) && (succinctId.equals(tmpSuccinctId))) {
// remember this and continue to process others,
entityId = tmpId;
}
IDFFMetaCache.setEntitySuccinctIDMapping(tmpSuccinctId, tmpId);
if (debug.messageEnabled()) {
debug.message("IDFFMetaManager.getEntityBySuccinctID" + ": update cache, succinctId=" + tmpSuccinctId + ", entity ID=" + tmpId);
}
}
}
return entityId;
} catch (ConfigurationException e) {
debug.error("IDFFMetaManager.getEntityIDBySuccinctID:", e);
throw new IDFFMetaException(e);
}
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
ConfigurationException(com.sun.identity.plugin.configuration.ConfigurationException)
Iterator(java.util.Iterator)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Aggregations
IDPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)16
SPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)8
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)8
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)8
Iterator (java.util.Iterator)6
List (java.util.List)5
Map (java.util.Map)4
Set (java.util.Set)4
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)3
EntityConfigElement (com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)3
ArrayList (java.util.ArrayList)3
HashSet (java.util.HashSet)3
CLIException (com.sun.identity.cli.CLIException)2
CircleOfTrustManager (com.sun.identity.cot.CircleOfTrustManager)2
ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)2
Attribute (com.sun.identity.saml.assertion.Attribute)2
AttributeStatement (com.sun.identity.saml.assertion.AttributeStatement)2
SAMLException (com.sun.identity.saml.common.SAMLException)2
HashMap (java.util.HashMap)2
COTException (com.sun.identity.cot.COTException)1
