Examples with KeyDescriptorElement com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement used on opensource projects

Search in sources :

Example 1 with KeyDescriptorElement

use of com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement in project OpenAM by OpenRock.

the class IDFFMetaSecurityUtils method updateProviderKeyInfo.

/**
     * Updates signing or encryption key info for SP or IDP. 
     * This will update both signing/encryption alias on extended metadata and
     * certificates in standard metadata. 
     * @param realm Realm the entity resides.
     * @param entityID ID of the entity to be updated.  
     * @param certAlias Alias of the certificate to be set to the entity. If
     *        null, will remove existing key information from the SP or IDP.
     * @param isSigning true if this is signing certificate alias, false if 
     *        this is encryption certification alias.
     * @param isIDP true if this is for IDP signing/encryption alias, false
     *        if this is for SP signing/encryption alias
     * @param encAlgo Encryption algorithm URI, this is applicable for
     *        encryption cert only.
     * @param keySize Encryption key size, this is applicable for
     *        encryption cert only. 
     * @throws IDFFMetaException if failed to update the certificate alias for 
     *        the entity.
     */
public static void updateProviderKeyInfo(String realm, String entityID, String certAlias, boolean isSigning, boolean isIDP, String encAlgo, int keySize) throws IDFFMetaException {
    IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
    EntityConfigElement config = metaManager.getEntityConfig(realm, entityID);
    if (!config.isHosted()) {
        String[] args = { entityID, realm };
        throw new IDFFMetaException("entityNotHosted", args);
    }
    EntityDescriptorElement desp = metaManager.getEntityDescriptor(realm, entityID);
    if (isIDP) {
        IDPDescriptorConfigElement idpConfig = IDFFMetaUtils.getIDPDescriptorConfig(config);
        IDPDescriptorType idpDesp = IDFFMetaUtils.getIDPDescriptor(desp);
        if ((idpConfig == null) || (idpDesp == null)) {
            String[] args = { entityID, realm };
            throw new IDFFMetaException("entityNotIDP", args);
        }
        // update standard metadata
        if ((certAlias == null) || (certAlias.length() == 0)) {
            // remove key info
            removeKeyDescriptor(idpDesp, isSigning);
            if (isSigning) {
                setExtendedAttributeValue(idpConfig, IFSConstants.SIGNING_CERT_ALIAS, null);
            } else {
                setExtendedAttributeValue(idpConfig, IFSConstants.ENCRYPTION_CERT_ALIAS, null);
            }
        } else {
            KeyDescriptorElement kde = getKeyDescriptor(certAlias, isSigning, encAlgo, keySize);
            updateKeyDescriptor(idpDesp, kde);
            // update extended metadata
            Set value = new HashSet();
            value.add(certAlias);
            if (isSigning) {
                setExtendedAttributeValue(idpConfig, IFSConstants.SIGNING_CERT_ALIAS, value);
            } else {
                setExtendedAttributeValue(idpConfig, IFSConstants.ENCRYPTION_CERT_ALIAS, value);
            }
        }
        metaManager.setEntityDescriptor(realm, desp);
        metaManager.setEntityConfig(realm, config);
    } else {
        SPDescriptorConfigElement spConfig = IDFFMetaUtils.getSPDescriptorConfig(config);
        SPDescriptorType spDesp = IDFFMetaUtils.getSPDescriptor(desp);
        if ((spConfig == null) || (spDesp == null)) {
            String[] args = { entityID, realm };
            throw new IDFFMetaException("entityNotSP", args);
        }
        // update standard metadata
        if ((certAlias == null) || (certAlias.length() == 0)) {
            // remove key info
            removeKeyDescriptor(spDesp, isSigning);
            if (isSigning) {
                setExtendedAttributeValue(spConfig, IFSConstants.SIGNING_CERT_ALIAS, null);
            } else {
                setExtendedAttributeValue(spConfig, IFSConstants.ENCRYPTION_CERT_ALIAS, null);
            }
        } else {
            KeyDescriptorElement kde = getKeyDescriptor(certAlias, isSigning, encAlgo, keySize);
            updateKeyDescriptor(spDesp, kde);
            // update extended metadata
            Set value = new HashSet();
            value.add(certAlias);
            if (isSigning) {
                setExtendedAttributeValue(spConfig, IFSConstants.SIGNING_CERT_ALIAS, value);
            } else {
                setExtendedAttributeValue(spConfig, IFSConstants.ENCRYPTION_CERT_ALIAS, value);
            }
        }
        metaManager.setEntityDescriptor(realm, desp);
        metaManager.setEntityConfig(realm, config);
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) SPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement) SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType) EntityDescriptorElement(com.sun.identity.liberty.ws.meta.jaxb.EntityDescriptorElement) IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType) IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement) KeyDescriptorElement(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement) EntityConfigElement(com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement) HashSet(java.util.HashSet)

Example 2 with KeyDescriptorElement

use of com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement in project OpenAM by OpenRock.

the class IDFFMetaSecurityUtils method removeKeyDescriptor.

private static void removeKeyDescriptor(ProviderDescriptorType desp, boolean isSigningUse) {
    List keys = desp.getKeyDescriptor();
    String keyUse = "encryption";
    if (isSigningUse) {
        keyUse = "signing";
    }
    for (Iterator iter = keys.iterator(); iter.hasNext(); ) {
        KeyDescriptorElement key = (KeyDescriptorElement) iter.next();
        if (key.getUse().equalsIgnoreCase(keyUse)) {
            iter.remove();
        }
    }
}
Also used : Iterator(java.util.Iterator) List(java.util.List) KeyDescriptorElement(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement)

Example 3 with KeyDescriptorElement

use of com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement in project OpenAM by OpenRock.

the class IDFFMetaSecurityUtils method updateKeyDescriptor.

private static void updateKeyDescriptor(ProviderDescriptorType desp, KeyDescriptorElement newKey) {
    // NOTE : we only support one signing and one encryption key right now
    // the code need to be change if we need to support multiple signing
    // and/or encryption keys in one entity
    List keys = desp.getKeyDescriptor();
    for (Iterator iter = keys.iterator(); iter.hasNext(); ) {
        KeyDescriptorElement key = (KeyDescriptorElement) iter.next();
        if (key.getUse().equalsIgnoreCase(newKey.getUse())) {
            iter.remove();
        }
    }
    desp.getKeyDescriptor().add(newKey);
}
Also used : Iterator(java.util.Iterator) List(java.util.List) KeyDescriptorElement(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement)

Aggregations

KeyDescriptorElement (com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorElement)3 Iterator (java.util.Iterator)2 List (java.util.List)2 EntityConfigElement (com.sun.identity.federation.jaxb.entityconfig.EntityConfigElement)1 IDPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)1 SPDescriptorConfigElement (com.sun.identity.federation.jaxb.entityconfig.SPDescriptorConfigElement)1 EntityDescriptorElement (com.sun.identity.liberty.ws.meta.jaxb.EntityDescriptorElement)1 IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)1 SPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)1 HashSet (java.util.HashSet)1 Set (java.util.Set)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial