Example 1 with SPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement in project OpenAM by OpenRock.
the class ImportMetaData method handleIDFFRequest.
private void handleIDFFRequest(RequestContext rc) throws CLIException {
try {
IDFFMetaManager metaManager = new IDFFMetaManager(ssoToken);
String entityID = null;
com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement configElt = null;
if (extendedData != null) {
configElt = getIDFFEntityConfigElement();
/*
* see note at the end of this class for how we decide
* the realm value
*/
if ((configElt != null) && configElt.isHosted()) {
IDPDescriptorConfigElement idpConfig = IDFFMetaUtils.getIDPDescriptorConfig(configElt);
if (idpConfig != null) {
realm = SAML2MetaUtils.getRealmByMetaAlias(idpConfig.getMetaAlias());
} else {
SPDescriptorConfigElement spConfig = IDFFMetaUtils.getSPDescriptorConfig(configElt);
if (spConfig != null) {
realm = SAML2MetaUtils.getRealmByMetaAlias(spConfig.getMetaAlias());
}
}
}
}
if (metadata != null) {
entityID = importIDFFMetaData(realm, metaManager);
}
if (configElt != null) {
String out = (webAccess) ? "web" : extendedData;
Object[] objs = { out };
metaManager.createEntityConfig(realm, configElt);
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("import-entity-succeeded"), objs));
}
if ((cot != null) && (cot.length() > 0) && (entityID != null) && (entityID.length() > 0)) {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
if (!cotManager.isInCircleOfTrust(realm, cot, spec, entityID)) {
cotManager.addCircleOfTrustMember(realm, cot, spec, entityID);
}
}
} catch (IDFFMetaException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (COTException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
COTException(com.sun.identity.cot.COTException)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
CLIException(com.sun.identity.cli.CLIException)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Example 2 with SPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement in project OpenAM by OpenRock.
the class IDFFModelImpl method updateSPEntityConfig.
/**
* Modifies a service provider's extended metadata.
*
* @param realm where entity exists.
* @param entityName name of Entity Descriptor.
* @param attrValues Map of attribute name to set of values.
* @throws AMConsoleException if provider cannot be modified.
* @throws JAXBException if provider cannot be retrieved.
*/
public void updateSPEntityConfig(String realm, String entityName, Map attrValues) throws AMConsoleException {
String[] params = { realm, entityName, "IDFF", "SP-Extended Metadata" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
try {
IDFFMetaManager idffMetaMgr = getIDFFMetaManager();
EntityConfigElement entityConfig = idffMetaMgr.getEntityConfig(realm, entityName);
if (entityConfig == null) {
throw new AMConsoleException("invalid.entity.name");
}
SPDescriptorConfigElement spDecConfigElement = idffMetaMgr.getSPDescriptorConfig(realm, entityName);
if (spDecConfigElement == null) {
throw new AMConsoleException("invalid.config.element");
} else {
// update sp entity config
updateAttrInConfig(spDecConfigElement, attrValues, EntityModel.SERVICE_PROVIDER);
//handle supported sso profile
List supportedSSOProfileList = new ArrayList();
supportedSSOProfileList.add((String) AMAdminUtils.getValue((Set) attrValues.get(ATTR_SUPPORTED_SSO_PROFILE)));
int size = supportedSSOProfileList.size();
for (int i = 0; i < size; i++) {
if (!supportedSSOProfileList.get(i).equals((String) AMAdminUtils.getValue((Set) attrValues.get(ATTR_SUPPORTED_SSO_PROFILE)))) {
supportedSSOProfileList.add(supportedSSOProfileList.get(i));
}
}
updateAttrInConfig(spDecConfigElement, ATTR_SUPPORTED_SSO_PROFILE, supportedSSOProfileList);
}
//saves the attributes by passing the new entityConfig object
idffMetaMgr.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (IDFFMetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "IDFF", "SP-Extended Metadata", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "IDFF", "IDP-Extended Metadata", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
JAXBException(javax.xml.bind.JAXBException)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
EntityConfigElement(com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)
Example 3 with SPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement in project OpenAM by OpenRock.
the class IDFFModelImpl method updateSPAuthenticationContexts.
/**
* update SP Authentication Contexts
*
* @param realm Realm of Entity
* @param entityName Name of Entity Descriptor.
* @param cxt IDFFAuthContexts object contains SP
* Authentication Contexts values
*/
public void updateSPAuthenticationContexts(String realm, String entityName, IDFFAuthContexts cxt) throws AMConsoleException {
List list = cxt.toSPAuthContextInfo();
String[] params = { realm, entityName, "IDFF", "SP-updateSPAuthenticationContexts" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
try {
IDFFMetaManager idffMetaMgr = getIDFFMetaManager();
EntityConfigElement entityConfig = idffMetaMgr.getEntityConfig(realm, entityName);
if (entityConfig == null) {
throw new AMConsoleException("invalid.entity.name");
}
SPDescriptorConfigElement spDecConfigElement = idffMetaMgr.getSPDescriptorConfig(realm, entityName);
if (spDecConfigElement == null) {
throw new AMConsoleException("invalid.config.element");
} else {
// update sp entity config
updateAttrInConfig(spDecConfigElement, ATTR_SP_AUTHN_CONTEXT_MAPPING, list);
}
//saves the attributes by passing the new entityConfig object
idffMetaMgr.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (IDFFMetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "IDFF", "SP-updateSPAuthenticationContexts", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
return;
}
Also used :
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
ArrayList(java.util.ArrayList)
List(java.util.List)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
EntityConfigElement(com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)
Example 4 with SPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement in project OpenAM by OpenRock.
the class ExportMetaData method runIDFFExportMetaSign.
private void runIDFFExportMetaSign() throws CLIException {
PrintWriter pw = null;
String out = (isWebBase) ? "web" : metadata;
Object[] objs = { out };
try {
IDFFMetaManager metaManager = new IDFFMetaManager(ssoToken);
com.sun.identity.liberty.ws.meta.jaxb.EntityDescriptorElement descriptor = metaManager.getEntityDescriptor(realm, entityID);
if (descriptor == null) {
Object[] objs2 = { entityID, realm };
throw new CLIException(MessageFormat.format(getResourceString("export-entity-exception-entity-descriptor-not-exist"), objs2), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
SPDescriptorConfigElement spConfig = metaManager.getSPDescriptorConfig(realm, entityID);
IDPDescriptorConfigElement idpConfig = metaManager.getIDPDescriptorConfig(realm, entityID);
Document doc = null;
/*
* TODO: Signing
* Document doc = SAML2MetaSecurityUtils.sign(
descriptor, spConfig, idpConfig);
*/
if (doc == null) {
runIDFFExportMeta();
return;
} else {
String xmlstr = XMLUtils.print(doc);
if (isWebBase) {
getOutputWriter().printlnMessage(xmlstr);
} else {
pw = new PrintWriter(new FileWriter(metadata));
pw.print(xmlstr);
}
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("export-entity-export-descriptor-succeeded"), objs));
}
} catch (IDFFMetaException e) {
debugError("ExportMetaData.runIDFFExportMetaSign", e);
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (IOException e) {
debugError("ExportMetaData.runIDFFExportMetaSign", e);
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} finally {
if (pw != null) {
pw.close();
}
}
}
Also used :
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FileWriter(java.io.FileWriter)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
IOException(java.io.IOException)
Document(org.w3c.dom.Document)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
CLIException(com.sun.identity.cli.CLIException)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
PrintWriter(java.io.PrintWriter)
Example 5 with SPDescriptorConfigElement
use of com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement in project OpenAM by OpenRock.
the class FSDefaultAttributeMapper method getAttributes.
/**
* Returns the attribute map for the given list of
* <code>AttributeStatement</code>s.
* @param statements list of <code>AttributeStatements</code>s.
* @param hostEntityId Hosted provider entity id.
* @param remoteEntityId Remote provider entity id.
* @param token Single sign-on session token.
* @return map of attribute values. The map will have the key as the
* attribute name and the map value is the attribute value
* that are passed via the single sign-on assertion.
*/
public Map getAttributes(List statements, String hostEntityId, String remoteEntityId, Object token) {
Map map = new HashMap();
if (statements == null || statements.size() == 0) {
return map;
}
Map configMap = null;
try {
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
if (metaManager != null) {
SPDescriptorConfigElement spConfig = metaManager.getSPDescriptorConfig("/", hostEntityId);
if (spConfig != null) {
Map attributes = IDFFMetaUtils.getAttributes(spConfig);
configMap = FSServiceUtils.parseAttributeConfig((List) attributes.get(IFSConstants.SP_ATTRIBUTE_MAP));
}
}
} catch (IDFFMetaException fme) {
FSUtils.debug.error("FSDefaultAttributeMapper.getAttributes:" + " Unable to read configuration map.", fme);
return map;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributeMapper.getAttributeMap: Configured map " + configMap);
}
for (Iterator iter = statements.iterator(); iter.hasNext(); ) {
AttributeStatement statement = (AttributeStatement) iter.next();
List attributes = statement.getAttribute();
if (attributes == null || attributes.size() == 0) {
continue;
}
Iterator iter1 = attributes.iterator();
while (iter1.hasNext()) {
Attribute attribute = (Attribute) iter1.next();
List values = null;
try {
values = attribute.getAttributeValue();
} catch (SAMLException ex) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributeMapper.get" + "Attributes: Exception", ex);
}
continue;
}
if (values == null || values.size() == 0) {
continue;
}
String attributeName = attribute.getAttributeName();
if (configMap != null && !configMap.isEmpty()) {
String realAttrName = (String) configMap.get(attributeName);
if (realAttrName != null && realAttrName.length() > 0) {
attributeName = realAttrName;
}
}
//Retrieve the first only one.
String valueString = XMLUtils.getElementValue((Element) values.get(0));
if (valueString != null && valueString.length() > 0) {
map.put(attributeName, valueString);
}
}
}
return map;
}
Also used :
HashMap(java.util.HashMap)
Attribute(com.sun.identity.saml.assertion.Attribute)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)
Iterator(java.util.Iterator)
List(java.util.List)
HashMap(java.util.HashMap)
Map(java.util.Map)
SAMLException(com.sun.identity.saml.common.SAMLException)
Aggregations
SPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)13
IDPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)8
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)8
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)8
List (java.util.List)5
HashSet (java.util.HashSet)4
Iterator (java.util.Iterator)4
Set (java.util.Set)4
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)3
EntityConfigElement (com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)3
HashMap (java.util.HashMap)3
Map (java.util.Map)3
CLIException (com.sun.identity.cli.CLIException)2
Attribute (com.sun.identity.saml.assertion.Attribute)2
AttributeStatement (com.sun.identity.saml.assertion.AttributeStatement)2
SAMLException (com.sun.identity.saml.common.SAMLException)2
ArrayList (java.util.ArrayList)2
SSOException (com.iplanet.sso.SSOException)1
SSOToken (com.iplanet.sso.SSOToken)1
COTException (com.sun.identity.cot.COTException)1
