use of com.sun.identity.liberty.ws.disco.Description in project OpenAM by OpenRock.
the class DSTClient method parseResourceOffering.
/**
* Parses the given discovery resource offering for the Data service.
* @param offering ResourceOffering
* @exception DSTException.
*/
private void parseResourceOffering(ResourceOffering offering) throws DSTException {
//Try for the encrypted resource offering first;
encryptedResourceID = offering.getEncryptedResourceID();
if (encryptedResourceID != null) {
isEncryptedResourceID = true;
} else {
ResourceID resID = offering.getResourceID();
if (resID == null) {
DSTUtils.debug.error("DSTClient:parseResourceOffering: " + "No ResourceID");
throw new DSTException(DSTUtils.bundle.getString("noResourceID"));
}
resourceID = resID.getResourceID();
}
ServiceInstance serviceInstance = offering.getServiceInstance();
// providerID = serviceInstance.getProviderID();
if (serviceInstance == null) {
DSTUtils.debug.error("DSTClient:parseResourceOffering: " + "No service instance.");
throw new DSTException(DSTUtils.bundle.getString("noServiceInstance"));
}
serviceType = serviceInstance.getServiceType();
if (serviceType == null) {
DSTUtils.debug.error("DSTClient:parseResourceOffering: " + "service type is null.");
throw new DSTException(DSTUtils.bundle.getString("noServiceType"));
}
List descriptions = serviceInstance.getDescription();
if (descriptions == null || descriptions.isEmpty()) {
DSTUtils.debug.error("DSTClient:parseResourceOffering: " + "descriptions are null.");
throw new DSTException(DSTUtils.bundle.getString("noDescriptions"));
}
// A service instance can have mutiple descriptions. In this case,
// we will try to use a valid description.
Iterator iter = descriptions.iterator();
while (iter.hasNext()) {
Description description = (Description) iter.next();
soapAction = description.getSoapAction();
soapURI = description.getEndpoint();
if (soapURI == null || soapURI.length() == 0) {
continue;
}
List secMechIDs = description.getSecurityMechID();
if (secMechIDs == null || secMechIDs.isEmpty()) {
continue;
}
boolean foundProfile = false;
int size = secMechIDs.size();
for (int i = 0; i < size; i++) {
String secProfile = (String) secMechIDs.get(i);
secProfile = secProfile.trim();
if (secProfile.equals(Message.NULL_NULL) || secProfile.equals(Message.TLS_NULL) || secProfile.equals(Message.CLIENT_TLS_NULL)) {
securityProfile = Message.ANONYMOUS;
if (secProfile.equals(Message.CLIENT_TLS_NULL)) {
clientAuthEnabled = true;
}
foundProfile = true;
break;
} else if (secProfile.equals(Message.NULL_X509) || secProfile.equals(Message.TLS_X509) || secProfile.equals(Message.CLIENT_TLS_X509) || secProfile.equals(Message.NULL_X509_WSF11) || secProfile.equals(Message.TLS_X509_WSF11) || secProfile.equals(Message.CLIENT_TLS_X509_WSF11)) {
securityProfile = Message.X509_TOKEN;
if (secProfile.equals(Message.NULL_X509) || secProfile.equals(Message.TLS_X509) || secProfile.equals(Message.CLIENT_TLS_X509)) {
wsfVersion = SOAPBindingConstants.WSF_10_VERSION;
} else {
wsfVersion = SOAPBindingConstants.WSF_11_VERSION;
}
securityProfile = Message.X509_TOKEN;
if (secProfile.equals(Message.CLIENT_TLS_X509) || secProfile.equals(Message.CLIENT_TLS_X509_WSF11)) {
clientAuthEnabled = true;
}
foundProfile = true;
break;
} else if (secProfile.equals(Message.NULL_SAML) || secProfile.equals(Message.TLS_SAML) || secProfile.equals(Message.CLIENT_TLS_SAML) || secProfile.equals(Message.NULL_SAML_WSF11) || secProfile.equals(Message.TLS_SAML_WSF11) || secProfile.equals(Message.CLIENT_TLS_SAML_WSF11)) {
securityProfile = Message.SAML_TOKEN;
if (secProfile.equals(Message.NULL_SAML) || secProfile.equals(Message.TLS_SAML) || secProfile.equals(Message.CLIENT_TLS_SAML)) {
wsfVersion = SOAPBindingConstants.WSF_10_VERSION;
} else {
wsfVersion = SOAPBindingConstants.WSF_11_VERSION;
}
if (secProfile.equals(Message.CLIENT_TLS_SAML) || secProfile.equals(Message.CLIENT_TLS_SAML_WSF11)) {
clientAuthEnabled = true;
}
foundProfile = true;
break;
} else if (secProfile.equals(Message.NULL_BEARER) || secProfile.equals(Message.TLS_BEARER) || secProfile.equals(Message.CLIENT_TLS_BEARER) || secProfile.equals(Message.NULL_BEARER_WSF11) || secProfile.equals(Message.TLS_BEARER_WSF11) || secProfile.equals(Message.CLIENT_TLS_BEARER_WSF11)) {
securityProfile = Message.BEARER_TOKEN;
if (secProfile.equals(Message.NULL_BEARER) || secProfile.equals(Message.TLS_BEARER) || secProfile.equals(Message.CLIENT_TLS_BEARER)) {
wsfVersion = SOAPBindingConstants.WSF_10_VERSION;
} else {
wsfVersion = SOAPBindingConstants.WSF_11_VERSION;
}
if (secProfile.equals(Message.CLIENT_TLS_BEARER) || secProfile.equals(Message.CLIENT_TLS_BEARER_WSF11)) {
clientAuthEnabled = true;
}
foundProfile = true;
break;
}
}
if (foundProfile) {
break;
}
}
if (soapURI == null) {
DSTUtils.debug.error("DSTClient:parseResourceOffering: " + "SOAP Endpoint or security profile is null");
throw new DSTException(DSTUtils.bundle.getString("invalidResourceOffering"));
}
if (DSTUtils.debug.messageEnabled()) {
DSTUtils.debug.message("DSTClient.parseResourceOffering:" + "soapURI = " + soapURI + "soapAction = " + soapAction + "securityProfile = " + securityProfile);
}
}
use of com.sun.identity.liberty.ws.disco.Description in project OpenAM by OpenRock.
the class DiscoUtils method handleDirectives.
private static void handleDirectives(ResourceOffering current, List directives, String userDN, Message message, SessionContext invoSession, String wscID, Object token, List offerings, List credentials) {
Map descIDDirectiveMap = new HashMap();
BitSet all = new BitSet(SIZE);
if (invoSession != null) {
if (DiscoServiceManager.needSessionContextStatement()) {
all.set(SESSION);
}
}
Iterator iter0 = directives.iterator();
while (iter0.hasNext()) {
Object directive = iter0.next();
List descIDRefs = ((DirectiveType) directive).getDescriptionIDRefs();
if (directive instanceof EncryptResourceIDElement) {
debug.message("DiscoService: has encrypt D");
current = doEncryption(current);
} else if (directive instanceof AuthenticateRequesterElement) {
setMap(descIDRefs, AUTHN, descIDDirectiveMap, all);
} else if (directive instanceof AuthorizeRequesterElement) {
setMap(descIDRefs, AUTHO, descIDDirectiveMap, all);
} else if (directive instanceof AuthenticateSessionContextElement) {
setMap(descIDRefs, SESSION, descIDDirectiveMap, all);
} else if (directive instanceof GenerateBearerTokenElement) {
setMap(descIDRefs, BEARER, descIDDirectiveMap, all);
} else {
if (debug.messageEnabled()) {
debug.message("DiscoUtils.handleDirective: directive not " + "supported.");
}
continue;
}
}
Map directiveCredIDMap = new HashMap();
Map descIDCredIDMap = new HashMap();
Iterator iter2 = descIDDirectiveMap.keySet().iterator();
while (iter2.hasNext()) {
String descID = (String) iter2.next();
BitSet dirs = (BitSet) descIDDirectiveMap.get(descID);
dirs.or(all);
if (directiveCredIDMap.containsKey(dirs)) {
descIDCredIDMap.put(descID, (String) directiveCredIDMap.get(dirs));
} else {
String ref = generateCredential(dirs, current, message, userDN, credentials, invoSession, wscID, token);
if (ref != null) {
directiveCredIDMap.put(dirs, ref);
descIDCredIDMap.put(descID, ref);
}
}
}
// loop though each description to add credIDRefs
Iterator descIter = current.getServiceInstance().getDescription().iterator();
List credIDs = null;
while (descIter.hasNext()) {
credIDs = new ArrayList();
Description desc = (Description) descIter.next();
String id = desc.getId();
if ((id != null) && (id.length() != 0) && (descIDCredIDMap.containsKey(id))) {
if (debug.messageEnabled()) {
debug.message("DiscoUtils.handleDirective: containsKey:" + id);
}
credIDs.add((String) descIDCredIDMap.get(id));
} else {
debug.message("DiscoUtils.handleDirective: not containsKey");
String allCred = (String) descIDCredIDMap.get("all");
if (allCred == null) {
if (directiveCredIDMap.containsKey(all)) {
allCred = (String) directiveCredIDMap.get(all);
descIDCredIDMap.put("all", allCred);
credIDs.add(allCred);
} else {
if (!all.equals(EMPTY_BITSET)) {
allCred = generateCredential(all, current, message, userDN, credentials, invoSession, wscID, token);
if (allCred != null) {
descIDCredIDMap.put("all", allCred);
credIDs.add(allCred);
}
}
}
} else {
credIDs.add(allCred);
}
}
if (!credIDs.isEmpty()) {
desc.setCredentialRef(credIDs);
}
}
// everything is done, add current to offerings
offerings.add(current);
}
use of com.sun.identity.liberty.ws.disco.Description in project OpenAM by OpenRock.
the class MessageProcessor method processResourceOffering.
/**
* Returns security profile after parsing the resource offering.
*/
private String processResourceOffering(ResourceOffering offering) throws SOAPBindingException {
try {
ServiceInstance si = offering.getServiceInstance();
List descriptions = si.getDescription();
if (descriptions == null || descriptions.isEmpty()) {
Utils.debug.error("MessageProcessor:processResourceOffering: " + "descriptions are null.");
throw new SOAPBindingException(Utils.bundle.getString("noDescriptions"));
}
Iterator iter = descriptions.iterator();
while (iter.hasNext()) {
Description desc = (Description) iter.next();
List secMechIDs = desc.getSecurityMechID();
if (secMechIDs == null || secMechIDs.isEmpty()) {
Utils.debug.error("MessageProcessor.processResourceOffering:" + " security Mechs are empty");
throw new SOAPBindingException(Utils.bundle.getString("noSecurityMechs"));
}
return (String) secMechIDs.iterator().next();
}
//It should not come over here.
throw new SOAPBindingException(Utils.bundle.getString("noSecurityMechs"));
} catch (Exception ex) {
Utils.debug.error("MessageProcessor.processResourceOffering: " + "Failed in processing the resource offering.", ex);
throw new SOAPBindingException(Utils.bundle.getString("processOfferingFailed"));
}
}
Aggregations