Example 1 with ResourceIDMapper
use of com.sun.identity.liberty.ws.interfaces.ResourceIDMapper in project OpenAM by OpenRock.
the class FSDiscoveryBootStrap method getResourceOffering.
/**
* Gets the discovery bootstrap resource offering for the user.
* @return Document Discovery Resource Offering in an attribute statement
* @exception FSException if there's any failure.
*/
private Document getResourceOffering(FSSubject libSubject, AuthnContext authnContext, String userID, String wscID, String realm) throws FSException {
FSUtils.debug.message("FSDiscoveryBootStrap.getResourceOffering:Init");
StringBuffer sb = new StringBuffer(300);
sb.append("<").append(SAMLConstants.ASSERTION_PREFIX).append("AttributeValue").append(SAMLConstants.assertionDeclareStr).append(">").append(SAMLConstants.NL);
DiscoEntryElement discoEntry = DiscoServiceManager.getBootstrappingDiscoEntry();
if (discoEntry == null) {
throw new FSException("nullDiscoveryOffering", null);
}
try {
ResourceOfferingType offering = discoEntry.getResourceOffering();
ServiceInstanceType serviceInstance = offering.getServiceInstance();
String providerID = serviceInstance.getProviderID();
if (!DiscoServiceManager.useImpliedResource()) {
ResourceIDMapper idMapper = DiscoServiceManager.getResourceIDMapper(providerID);
if (idMapper == null) {
idMapper = DiscoServiceManager.getDefaultResourceIDMapper();
}
ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
ResourceIDType resourceID = fac.createResourceIDType();
String resourceIDValue = idMapper.getResourceID(providerID, userID);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDiscoveryBootStrap.getResource" + "Offering: ResourceID Value:" + resourceIDValue);
}
resourceID.setValue(resourceIDValue);
offering.setResourceID(resourceID);
} else {
ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
ResourceIDType resourceID = fac.createResourceIDType();
resourceID.setValue(DiscoConstants.IMPLIED_RESOURCE);
offering.setResourceID(resourceID);
}
List discoEntryList = new ArrayList();
discoEntryList.add(discoEntry);
SessionSubject sessionSubject = null;
if (DiscoServiceManager.encryptNIinSessionContext()) {
sessionSubject = new SessionSubject(EncryptedNameIdentifier.getEncryptedNameIdentifier(libSubject.getNameIdentifier(), realm, providerID), libSubject.getSubjectConfirmation(), libSubject.getIDPProvidedNameIdentifier());
} else {
sessionSubject = new SessionSubject(libSubject.getNameIdentifier(), libSubject.getSubjectConfirmation(), libSubject.getIDPProvidedNameIdentifier());
}
SessionContext invocatorSession = new SessionContext(sessionSubject, authnContext, providerID);
Map map = DiscoUtils.checkPolicyAndHandleDirectives(userID, null, discoEntryList, null, invocatorSession, wscID, _ssoToken);
List offerings = (List) map.get(DiscoUtils.OFFERINGS);
if (offerings.isEmpty()) {
FSUtils.debug.message("FSDiscoBootStrap.getResourceOffering:no ResourceOffering");
throw new FSException("nullDiscoveryOffering", null);
}
ResourceOffering resourceOffering = (ResourceOffering) offerings.get(0);
_assertions = (List) map.get(DiscoUtils.CREDENTIALS);
if ((_assertions != null) && (_assertions.size() != 0)) {
_hasCredentials = true;
}
sb.append(resourceOffering.toString());
sb.append("</").append(SAMLConstants.ASSERTION_PREFIX).append("AttributeValue>");
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDiscoveryBootStap.getResourceOffering:Resource Offering:" + sb.toString());
}
return XMLUtils.toDOMDocument(sb.toString(), null);
} catch (Exception ex) {
FSUtils.debug.error("FSDiscoveryBootStrap.getResourceOffering:" + "Exception while creating resource offering.", ex);
throw new FSException(ex);
}
}
Also used :
ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering)
ArrayList(java.util.ArrayList)
DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)
FSException(com.sun.identity.federation.common.FSException)
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
FSException(com.sun.identity.federation.common.FSException)
ArrayList(java.util.ArrayList)
List(java.util.List)
Map(java.util.Map)
Example 2 with ResourceIDMapper
use of com.sun.identity.liberty.ws.interfaces.ResourceIDMapper in project OpenAM by OpenRock.
the class PersonalProfile method isResourceIDValid.
/**
* Checks if the resource id is valid.
* @param resourceID resource id.
* @return true if the resource id is valid.
*/
public boolean isResourceIDValid(String resourceID) {
IDPPUtils.debug.message("PersonalProfile:isResourceIDValid:Init");
ResourceIDMapper resourceIDMapper = serviceManager.getResourceIDMapper();
if (resourceIDMapper == null) {
if (IDPPUtils.debug.warningEnabled()) {
IDPPUtils.debug.warning("PersonalProfile.isResourceIDValid." + "unable to get resoureid mapper");
}
return false;
}
String userID = resourceIDMapper.getUserID(serviceManager.getProviderID(), resourceID);
if (IDPPUtils.debug.messageEnabled()) {
IDPPUtils.debug.message("PersonalProfile.isResourceIDValid." + userID);
}
return IDPPUtils.isUserExists(userID);
}
Also used :
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
Example 3 with ResourceIDMapper
use of com.sun.identity.liberty.ws.interfaces.ResourceIDMapper in project OpenAM by OpenRock.
the class PersonalProfile method getUserDN.
/**
* Gets the user dn for a specified resource id.
* @param resourceID resource id
* @return String userDN.
*/
public String getUserDN(String resourceID) {
IDPPUtils.debug.message("PersonalProfile:getUserDN:Init");
ResourceIDMapper resourceIDMapper = serviceManager.getResourceIDMapper();
if (resourceIDMapper == null) {
return null;
}
return resourceIDMapper.getUserID(serviceManager.getProviderID(), resourceID);
}
Also used :
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
Example 4 with ResourceIDMapper
use of com.sun.identity.liberty.ws.interfaces.ResourceIDMapper in project OpenAM by OpenRock.
the class IDPPUtils method getResourceID.
/**
* Gets the resource id for a given user id
* @param userID ID of a user
* @return String Resource ID
*/
public static String getResourceID(String userID) {
IDPPServiceManager serviceManager = IDPPServiceManager.getInstance();
ResourceIDMapper mapper = serviceManager.getResourceIDMapper();
return mapper.getResourceID(serviceManager.getProviderID(), userID);
}
Also used :
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
Example 5 with ResourceIDMapper
use of com.sun.identity.liberty.ws.interfaces.ResourceIDMapper in project OpenAM by OpenRock.
the class DiscoServiceManager method setValues.
/**
* Updates discovery service cache.
*/
private static synchronized void setValues() {
try {
Map attrsMap = ci.getConfiguration(null, null);
// self provider id
selfProviderID = CollectionHelper.getMapAttr(attrsMap, ATTR_PROVIDER_ID);
// supported security mech id
authnMechs = (Set) attrsMap.get(ATTR_SUPPORTED_AUTHN_MECHS);
// supported directives
supportedDirectives = (Set) attrsMap.get(ATTR_SUPPORTED_DIRECTIVE);
policyEvalLookup = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_LOOKUP_NEED_POLICY, LOOKUP_NEED_POLICY_DEFAULT)).booleanValue();
policyEvalUpdate = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_UPDATE_NEED_POLICY, UPDATE_NEED_POLICY_DEFAULT)).booleanValue();
authorizer = null;
// authorizer
String authorizerName = CollectionHelper.getMapAttr(attrsMap, ATTR_AUTHORIZER);
if ((authorizerName != null) && (authorizerName.length() != 0)) {
try {
authorizer = (Authorizer) Class.forName(authorizerName).newInstance();
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.error("DiscoServiceManager.setValues: " + "Exception when instantiating authorizer. Using " + "default Authorizer. Exception", e);
}
}
}
// entry handler
String handlerName = CollectionHelper.getMapAttr(attrsMap, ATTR_ENTRY_HANDLER);
if ((handlerName != null) && (handlerName.length() != 0)) {
try {
entryHandler = (DiscoEntryHandler) Class.forName(handlerName).newInstance();
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.error("DiscoServiceManager.setValues: " + "Exception when instantiating entry handler:", e);
}
}
}
String globalHandler = CollectionHelper.getMapAttr(attrsMap, ATTR_GLOBAL_ENTRY_HANDLER);
if ((globalHandler != null) && (globalHandler.length() != 0)) {
try {
globalEntryHandler = (DiscoEntryHandler) Class.forName(globalHandler).newInstance();
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.error("DiscoServiceManager.setValues: Exception" + " when instantiating global entry handler:", e);
}
}
}
// Name Identifier Mapper
String niMapperName = CollectionHelper.getMapAttr(attrsMap, ATTR_NAMEID_MAPPER);
if ((niMapperName != null) && (niMapperName.length() != 0)) {
try {
if (debug.messageEnabled()) {
debug.message("DiscoServiceManager.setValues: " + "disco name id mapper=" + niMapperName);
}
nameIdMapper = (NameIdentifierMapper) Class.forName(niMapperName).newInstance();
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.error("DiscoServiceManager.setValues: " + "Exception when instantiating nameid mapper:", e);
}
}
}
// the syntax for each set value is:
// providerid=<providerid>|idmapper=<the class for ResourceIDMapper>
Set values = (Set) attrsMap.get(ATTR_ID_MAPPER);
Map newIDMapper = new HashMap();
if (values != null) {
for (Iterator iter = values.iterator(); iter.hasNext(); ) {
String value = (String) iter.next();
StringTokenizer stz = new StringTokenizer(value, "|");
if (stz.countTokens() == 2) {
String providerID = null;
ResourceIDMapper mapper = null;
while (stz.hasMoreTokens()) {
String token = stz.nextToken();
int pos = -1;
// ignore the attribute if it doesn't include "="
if ((pos = token.indexOf("=")) == -1) {
debug.error("DiscoServiceManager.set" + "Values: illegal format for ResourceIDMapper:" + token);
break;
}
// ignore the attribute if it is like "providerid="
int nextpos = pos + 1;
if (nextpos >= token.length()) {
debug.error("DiscoServiceManager.set" + "Values: illegal format of ResourceIDMapper:" + token);
break;
}
String key = token.substring(0, pos);
if (key.equalsIgnoreCase(KEY_PROVIDER_ID)) {
providerID = token.substring(nextpos);
} else if (key.equalsIgnoreCase(KEY_IDMAPPER)) {
try {
mapper = (ResourceIDMapper) Class.forName(token.substring(nextpos)).newInstance();
} catch (Exception e) {
debug.error("DiscoServiceManager" + ".setValues: couldn't instantiate " + "ResourceIDMapper: " + token + ":", e);
break;
}
} else {
debug.error("DiscoServiceManager.set" + "Values: illegal format of ResourceIDMapper:" + token);
break;
}
}
if ((providerID == null) || (mapper == null)) {
debug.error("DiscoServiceManager.set" + "Values: Invalid syntax for " + "ResourceIDMapper:" + value);
} else {
newIDMapper.put(providerID, mapper);
}
} else {
if (debug.warningEnabled()) {
debug.warning("DiscoServiceManager.set" + "Values: Invalid syntax for ResourceIDMapper:" + value);
}
}
}
}
idMappers = newIDMapper;
// disco resource offering for bootstrapping
bootDiscoEntryStr = CollectionHelper.getMapAttr(attrsMap, ATTR_BOOTSTRAPPING_DISCO_ENTRY);
tagswapBootDiscoEntry();
requireSessionContextStmt = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_BOOTSTRAPPING_SESSION_CONTEXT, NEED_SESSION_CONTEXT_DEFAULT)).booleanValue();
if (debug.messageEnabled()) {
debug.message("DiscoServiceManager.setValues: need Session " + "Context Statement?" + requireSessionContextStmt);
}
encryptNI = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_BOOTSTRAPPING_ENCRYPT_NI, ENCRYPT_NI_DEFAULT)).booleanValue();
if (debug.messageEnabled()) {
debug.message("DiscoServiceManager.setValues: encrypt NI in " + "Session Context?" + encryptNI);
}
useImpliedRes = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_BOOTSTRAPPING_IMPLIED_RESOURCE, USE_IMPLIED_RESOURCE_DEFAULT)).booleanValue();
if (debug.messageEnabled()) {
debug.message("DiscoServiceManager.setValues: use implied " + "resource?" + useImpliedRes);
}
useRespAuth = Boolean.valueOf(CollectionHelper.getMapAttr(attrsMap, ATTR_OPTION_SECURITY_RESPONSE, USE_RESPONSE_AUTHENTICATION_DEFAULT)).booleanValue();
if (debug.messageEnabled()) {
debug.message("DiscoServiceManager.setValues: use response " + "authentication?" + useRespAuth);
}
} catch (Exception e) {
debug.error("DiscoServiceManager.setValues: Exception", e);
}
}
Also used :
StringTokenizer(java.util.StringTokenizer)
Default64ResourceIDMapper(com.sun.identity.liberty.ws.disco.plugins.Default64ResourceIDMapper)
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
Set(java.util.Set)
HashMap(java.util.HashMap)
Iterator(java.util.Iterator)
HashMap(java.util.HashMap)
Map(java.util.Map)
ConfigurationException(com.sun.identity.plugin.configuration.ConfigurationException)
Aggregations
ResourceIDMapper (com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)7
Map (java.util.Map)4
ResourceOffering (com.sun.identity.liberty.ws.disco.ResourceOffering)3
DiscoEntryElement (com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)3
ArrayList (java.util.ArrayList)3
List (java.util.List)3
ObjectFactory (com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory)2
ResourceIDType (com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType)2
ResourceOfferingType (com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType)2
ServiceInstanceType (com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType)2
Iterator (java.util.Iterator)2
FSException (com.sun.identity.federation.common.FSException)1
AuthnContext (com.sun.identity.federation.message.common.AuthnContext)1
EncryptedNameIdentifier (com.sun.identity.federation.message.common.EncryptedNameIdentifier)1
IDPProvidedNameIdentifier (com.sun.identity.federation.message.common.IDPProvidedNameIdentifier)1
Default64ResourceIDMapper (com.sun.identity.liberty.ws.disco.plugins.Default64ResourceIDMapper)1
SecurityAssertion (com.sun.identity.liberty.ws.security.SecurityAssertion)1
SessionContext (com.sun.identity.liberty.ws.security.SessionContext)1
SessionSubject (com.sun.identity.liberty.ws.security.SessionSubject)1
ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)1
