Search in sources :

Example 1 with PartnerAccountMapper

use of com.sun.identity.saml.plugins.PartnerAccountMapper in project OpenAM by OpenRock.

the class SAMLServiceManager method setValues.

// implemented as synchronized to preserve the event handling order.
private static synchronized void setValues() {
    if (ci == null) {
        // set the values as default
        Map newMap = new HashMap();
        newMap.put(SAMLConstants.ARTIFACT_TIMEOUT_NAME, new Integer(SAMLConstants.ARTIFACT_TIMEOUT_DEFAULT));
        newMap.put(SAMLConstants.ASSERTION_TIMEOUT_NAME, new Integer(SAMLConstants.ASSERTION_TIMEOUT_DEFAULT));
        newMap.put(SAMLConstants.ARTIFACT_NAME, SAMLConstants.ARTIFACT_NAME_DEFAULT);
        newMap.put(SAMLConstants.TARGET_SPECIFIER, SAMLConstants.TARGET_SPECIFIER_DEFAULT);
        newMap.put(SAMLConstants.ASSERTION_MAX_NUMBER_NAME, new Integer(SAMLConstants.ASSERTION_MAX_NUMBER_DEFAULT));
        newMap.put(SAMLConstants.CLEANUP_INTERVAL_NAME, new Integer(SAMLConstants.CLEANUP_INTERVAL_DEFAULT));
        newMap.put(SAMLConstants.SIGN_REQUEST, Boolean.valueOf(SAMLConstants.SIGN_REQUEST_DEFAULT));
        newMap.put(SAMLConstants.SIGN_RESPONSE, Boolean.valueOf(SAMLConstants.SIGN_RESPONSE_DEFAULT));
        newMap.put(SAMLConstants.SIGN_ASSERTION, Boolean.valueOf(SAMLConstants.SIGN_ASSERTION_DEFAULT));
        map = newMap;
    } else {
        // set the values
        try {
            Map newMap = new HashMap();
            Map attrs = ci.getConfiguration(null, null);
            // retrieve not before time skew period 
            Set values = (Set) attrs.get(SAMLConstants.NOTBEFORE_TIMESKEW_NAME);
            int value = SAMLConstants.NOTBEFORE_TIMESKEW_DEFAULT;
            if ((values != null) && (values.size() == 1)) {
                try {
                    value = Integer.parseInt((String) values.iterator().next());
                } catch (NumberFormatException nfe) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " not before time skew period value: " + value + ", using default.", nfe);
                    value = SAMLConstants.NOTBEFORE_TIMESKEW_DEFAULT;
                }
                if (value <= 0) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " not before time skew period value=" + value + ", using default.");
                    value = SAMLConstants.NOTBEFORE_TIMESKEW_DEFAULT;
                }
            }
            Integer newValue = new Integer(value);
            newMap.put(SAMLConstants.NOTBEFORE_TIMESKEW_NAME, newValue);
            // retrieve artifact timeout
            values = (Set) attrs.get(SAMLConstants.ARTIFACT_TIMEOUT_NAME);
            value = SAMLConstants.ARTIFACT_TIMEOUT_DEFAULT;
            if ((values != null) && (values.size() == 1)) {
                try {
                    value = Integer.parseInt((String) values.iterator().next());
                } catch (NumberFormatException nfe) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " artifact timeout value: " + value + ", using default.", nfe);
                    value = SAMLConstants.ARTIFACT_TIMEOUT_DEFAULT;
                }
                if (value <= 0) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " artifact timeout value=" + value + ", using default.");
                    value = SAMLConstants.ARTIFACT_TIMEOUT_DEFAULT;
                }
            }
            newValue = new Integer(value);
            newMap.put(SAMLConstants.ARTIFACT_TIMEOUT_NAME, newValue);
            // retrieve assertion timeout
            values = (Set) attrs.get(SAMLConstants.ASSERTION_TIMEOUT_NAME);
            value = SAMLConstants.ASSERTION_TIMEOUT_DEFAULT;
            if ((values != null) && (values.size() == 1)) {
                try {
                    value = Integer.parseInt((String) values.iterator().next());
                } catch (NumberFormatException nfe) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " assertion timeout value: " + value + ", using default.", nfe);
                    value = SAMLConstants.ASSERTION_TIMEOUT_DEFAULT;
                }
                if (value <= 0) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " assertion timeout value=" + value + ", using default.");
                    value = SAMLConstants.ASSERTION_TIMEOUT_DEFAULT;
                }
            }
            newValue = new Integer(value);
            newMap.put(SAMLConstants.ASSERTION_TIMEOUT_NAME, newValue);
            values = (Set) attrs.get(SAMLConstants.ASSERTION_MAX_NUMBER_NAME);
            value = SAMLConstants.ASSERTION_MAX_NUMBER_DEFAULT;
            if ((values != null) && (values.size() == 1)) {
                try {
                    value = Integer.parseInt((String) values.iterator().next());
                } catch (NumberFormatException nfe) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " assertion max number value: " + value + ", using default.", nfe);
                    value = SAMLConstants.ASSERTION_MAX_NUMBER_DEFAULT;
                }
                if (value < 0) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " assertion max number value=" + value + ", using default.");
                    value = SAMLConstants.ASSERTION_MAX_NUMBER_DEFAULT;
                }
            }
            newValue = new Integer(value);
            newMap.put(SAMLConstants.ASSERTION_MAX_NUMBER_NAME, newValue);
            values = (Set) attrs.get(SAMLConstants.CLEANUP_INTERVAL_NAME);
            value = SAMLConstants.CLEANUP_INTERVAL_DEFAULT;
            if ((values != null) && (values.size() == 1)) {
                try {
                    value = Integer.parseInt((String) values.iterator().next());
                } catch (NumberFormatException nfe) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " cleanup interval value: " + value + ", using default.", nfe);
                    value = SAMLConstants.CLEANUP_INTERVAL_DEFAULT;
                }
                if (value <= 0) {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager:invalid" + " cleanup interval value=" + value + ", using default.");
                    value = SAMLConstants.CLEANUP_INTERVAL_DEFAULT;
                }
            }
            newValue = new Integer(value);
            newMap.put(SAMLConstants.CLEANUP_INTERVAL_NAME, newValue);
            // retrieve the Artifact Name from the SAML saml config file 
            String artifactName = CollectionHelper.getMapAttr(attrs, SAMLConstants.ARTIFACT_NAME, SAMLConstants.ARTIFACT_NAME_DEFAULT);
            newMap.put(SAMLConstants.ARTIFACT_NAME, artifactName);
            values = (Set) attrs.get(SAMLConstants.NAME_ID_FORMAT_MAP);
            Map nameIDFormatAttrMap = null;
            if ((values != null) && (!values.isEmpty())) {
                for (Iterator iter = values.iterator(); iter.hasNext(); ) {
                    String str = (String) iter.next();
                    int index = str.indexOf("=");
                    if (index != -1) {
                        String nameIDFormat = str.substring(0, index).trim();
                        String attrName = str.substring(index + 1).trim();
                        if ((nameIDFormat.length() != 0) && (attrName.length() != 0)) {
                            if (nameIDFormatAttrMap == null) {
                                nameIDFormatAttrMap = new HashMap();
                            }
                            nameIDFormatAttrMap.put(nameIDFormat, attrName);
                        }
                    }
                }
                newMap.put(SAMLConstants.NAME_ID_FORMAT_MAP, nameIDFormatAttrMap);
            }
            values = (Set) attrs.get(SAMLConstants.ATTRIBUTE_MAP);
            Map attrMap = null;
            if ((values != null) && (!values.isEmpty())) {
                for (Iterator iter = values.iterator(); iter.hasNext(); ) {
                    String str = (String) iter.next();
                    int index = str.indexOf("=");
                    if (index != -1) {
                        String samlAttr = str.substring(0, index).trim();
                        String localAttr = str.substring(index + 1).trim();
                        if ((samlAttr.length() != 0) && (localAttr.length() != 0)) {
                            if (attrMap == null) {
                                attrMap = new HashMap();
                            }
                            attrMap.put(samlAttr, localAttr);
                        }
                    }
                }
                newMap.put(SAMLConstants.ATTRIBUTE_MAP, attrMap);
            }
            // get the targets which accept POST
            Set targets = (Set) attrs.get(SAMLConstants.POST_TO_TARGET_URLS);
            if ((targets == null) || (targets.size() == 0)) {
                SAMLUtilsCommon.debug.message("SAMLServiceManager: No POST " + "to targets found");
            } else {
                Set targetsNoProtocol = Collections.synchronizedSet(new HashSet());
                // strip off protocol from the URL
                Iterator it = targets.iterator();
                String targetString = null;
                while (it.hasNext()) {
                    try {
                        targetString = (String) it.next();
                        URL url = new URL(targetString);
                        String targetNoProtocol = new StringBuffer(url.getHost().toLowerCase()).append(":").append(String.valueOf(url.getPort())).append("/").append(url.getPath()).toString();
                        targetsNoProtocol.add(targetNoProtocol);
                    } catch (MalformedURLException me) {
                        SAMLUtilsCommon.debug.error("SAMLServiceManager: " + "Malformed Url in the POST to target " + "list, skipping entry:" + targetString);
                    }
                }
                if (targetsNoProtocol.size() > 0) {
                    newMap.put(SAMLConstants.POST_TO_TARGET_URLS, targetsNoProtocol);
                } else {
                    SAMLUtilsCommon.debug.error("SAMLServiceManager: All" + " POST to target URLs malformed");
                }
            }
            // retrieve site id and site issuer name list
            // get my server host and port info
            serverProtocol = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_PROTOCOL);
            serverHost = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_HOST);
            serverPort = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_PORT);
            serverURI = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_URI);
            String legacyId = serverProtocol + "://" + serverHost + ":" + serverPort;
            serverURL = legacyId + serverURI;
            String sb = serverURL;
            Map siteidMap = new HashMap();
            Map issuerNameMap = new HashMap();
            Map instanceMap = new HashMap();
            Set siteIDNameList = (Set) attrs.get(SAMLConstants.SITE_ID_ISSUER_NAME_LIST);
            if (siteIDNameList.size() == 0) {
                SAMLUtilsCommon.debug.error("SAMLServiceManager: No Site ID" + " or Issuer Name in the SAML service config.");
            } else {
                String entry = null;
                StringTokenizer tok1 = null;
                String instanceID = null;
                String siteID = null;
                String issuerName = null;
                String element = null;
                String key = null;
                Iterator iter = siteIDNameList.iterator();
                while (iter.hasNext()) {
                    entry = (String) iter.next();
                    // reset
                    instanceID = null;
                    siteID = null;
                    issuerName = null;
                    tok1 = new StringTokenizer(entry, "|");
                    while (tok1.hasMoreElements()) {
                        element = tok1.nextToken();
                        int pos = -1;
                        if ((pos = element.indexOf("=")) == -1) {
                            SAMLUtilsCommon.debug.error("SAMLSManager: " + "wrong format: " + element);
                            break;
                        }
                        int nextpos = pos + 1;
                        if (nextpos >= element.length()) {
                            SAMLUtilsCommon.debug.error("SAMLSManager: " + "wrong format: " + element);
                            break;
                        }
                        key = element.substring(0, pos);
                        if (key.equalsIgnoreCase(SAMLConstants.INSTANCEID)) {
                            instanceID = element.substring(nextpos);
                        } else if (key.equalsIgnoreCase(SAMLConstants.SITEID)) {
                            siteID = element.substring(nextpos);
                        } else if (key.equalsIgnoreCase(SAMLConstants.ISSUERNAME)) {
                            issuerName = element.substring(nextpos);
                        } else {
                            SAMLUtilsCommon.debug.error("SAMLSManager: " + "wrong format: " + element);
                        }
                    }
                    if (instanceID == null) {
                        SAMLUtilsCommon.debug.error("SAMLServiceManager: " + "missing instanceID:" + entry);
                        break;
                    }
                    boolean thisSite = instanceID.equalsIgnoreCase(sb) || instanceID.equalsIgnoreCase(legacyId);
                    if (siteID != null) {
                        siteID = SAMLUtilsCommon.getDecodedSourceIDString(siteID);
                        if (siteID != null) {
                            siteidMap.put(instanceID, siteID);
                            instanceMap.put(siteID, instanceID);
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("SAMLSMangr: " + "add instanceID: " + instanceID + ", serverURL=" + sb + ", legacy serverURL=" + legacyId + ", isthissite=" + thisSite);
                            }
                            if (thisSite) {
                                newMap.put(SAMLConstants.SITE_ID, siteID);
                            }
                        }
                    }
                    if (issuerName != null) {
                        issuerNameMap.put(instanceID, issuerName);
                        if (thisSite) {
                            newMap.put(SAMLConstants.ISSUER_NAME, issuerName);
                        }
                    }
                }
            // end of looping all the entries in the list
            }
            // set default site id
            if (!siteidMap.containsKey(sb) && !siteidMap.containsKey(legacyId)) {
                String siteID = SAMLSiteID.generateSourceID(sb);
                if (SAMLUtilsCommon.debug.warningEnabled()) {
                    SAMLUtilsCommon.debug.warning("SAMLSManager: site " + sb + " not configured, create new " + siteID);
                }
                if (siteID != null) {
                    siteID = SAMLUtilsCommon.getDecodedSourceIDString(siteID);
                    if (siteID != null) {
                        siteidMap.put(sb, siteID);
                        instanceMap.put(siteID, sb);
                        newMap.put(SAMLConstants.SITE_ID, siteID);
                    } else {
                        SAMLUtilsCommon.debug.error("Missing Site ID.");
                    }
                }
            }
            // set default issuer name
            if (!issuerNameMap.containsKey(sb) && !issuerNameMap.containsKey(legacyId)) {
                if (SAMLUtilsCommon.debug.warningEnabled()) {
                    SAMLUtilsCommon.debug.warning("SAMLSManager:issuer for " + sb + " not configured, set to " + sb);
                }
                issuerNameMap.put(sb, sb);
                newMap.put(SAMLConstants.ISSUER_NAME, sb);
            }
            newMap.put(SAMLConstants.SITE_ID_LIST, siteidMap);
            newMap.put(SAMLConstants.INSTANCE_LIST, instanceMap);
            newMap.put(SAMLConstants.ISSUER_NAME_LIST, issuerNameMap);
            Boolean signRequest = Boolean.valueOf(CollectionHelper.getMapAttr(attrs, SAMLConstants.SIGN_REQUEST, SAMLConstants.SIGN_REQUEST_DEFAULT));
            newMap.put(SAMLConstants.SIGN_REQUEST, signRequest);
            Boolean signResponse = Boolean.valueOf(CollectionHelper.getMapAttr(attrs, SAMLConstants.SIGN_RESPONSE, SAMLConstants.SIGN_RESPONSE_DEFAULT));
            newMap.put(SAMLConstants.SIGN_RESPONSE, signResponse);
            Boolean signAssertion = Boolean.valueOf(CollectionHelper.getMapAttr(attrs, SAMLConstants.SIGN_ASSERTION, SAMLConstants.SIGN_ASSERTION_DEFAULT));
            newMap.put(SAMLConstants.SIGN_ASSERTION, signAssertion);
            //retrieve target name 
            String targetName = CollectionHelper.getMapAttr(attrs, SAMLConstants.TARGET_SPECIFIER, SAMLConstants.TARGET_SPECIFIER_DEFAULT);
            newMap.put(SAMLConstants.TARGET_SPECIFIER, targetName);
            //retrieve the partner URL list 
            Set soapRevList = Collections.synchronizedSet(new HashSet());
            soapRevList = (Set) attrs.get(SAMLConstants.PARTNER_URLS);
            if (soapRevList.size() == 0) {
                if (SAMLUtilsCommon.debug.messageEnabled()) {
                    SAMLUtilsCommon.debug.message("SAMLServiceManager: " + "No entry in partner url config!");
                }
            } else {
                Set _Sites = Collections.synchronizedSet(new HashSet());
                Map _Soaps = Collections.synchronizedMap(new HashMap());
                Object[] soapObjects = soapRevList.toArray();
                int size = soapObjects.length;
                String e = null;
                String element = null;
                for (int i = 0; i < size; i++) {
                    String _siteID = null;
                    String _samlUrl = null;
                    String postUrl = null;
                    String host = null;
                    int port = -1;
                    String _destID = null;
                    String _soapRevUrl = null;
                    String _authType = null;
                    String _user = null;
                    String basic_auth_user = null;
                    String basic_auth_passwd = null;
                    String _certAlias = null;
                    String preferVersion = null;
                    PartnerAccountMapper _partnerAccountMapper = null;
                    SiteAttributeMapper _siteAttributeMapper = null;
                    PartnerSiteAttributeMapper _partnerSiteAttributeMapper = null;
                    ConsumerSiteAttributeMapper consumerSiteAttrMapper = null;
                    NameIdentifierMapper niMapper = null;
                    AttributeMapper attrMapper = null;
                    ActionMapper actionMapper = null;
                    String _issuer = null;
                    Set hostSet = null;
                    Set origHostSet = null;
                    e = (String) soapObjects[i];
                    // retrieve the trusted server list
                    if (e.toUpperCase().indexOf(SAMLConstants.SOURCEID) == -1) {
                        SAMLUtilsCommon.debug.error("Ignore this trusted " + "site since SourceID is absent:" + e);
                        continue;
                    }
                    StringTokenizer tok1 = new StringTokenizer(e, "|");
                    while (tok1.hasMoreElements()) {
                        // break on "|"
                        element = tok1.nextToken();
                        if (SAMLUtilsCommon.debug.messageEnabled()) {
                            SAMLUtilsCommon.debug.message("SAMLSManager:" + " PartnerUrl List:" + element);
                        }
                        //manually break on "=" since sourceid may contain "="
                        int pos = -1;
                        //ignore the attribute which not include "="
                        if ((pos = element.indexOf("=")) == -1) {
                            SAMLUtilsCommon.debug.error("SAMLSManager:" + " illegal format of PartnerUrl:" + element);
                            break;
                        }
                        int nextpos = pos + 1;
                        //ignore the attribute which is like "SOAPUrl="  
                        if (nextpos >= element.length()) {
                            break;
                        }
                        String key = element.substring(0, pos);
                        if (key.equalsIgnoreCase(SAMLConstants.SOURCEID)) {
                            _destID = SAMLUtilsCommon.getDecodedSourceIDString(element.substring(nextpos));
                        } else if (key.equalsIgnoreCase(SAMLConstants.TARGET)) {
                            _siteID = element.substring(nextpos);
                        } else if (key.equalsIgnoreCase(SAMLConstants.SAMLURL)) {
                            _samlUrl = element.substring(nextpos).trim();
                        } else if (key.equalsIgnoreCase(SAMLConstants.POSTURL)) {
                            postUrl = element.substring(nextpos).trim();
                        } else if (key.equalsIgnoreCase(SAMLConstants.SOAPUrl)) {
                            _soapRevUrl = element.substring(nextpos).trim();
                        } else if (key.equalsIgnoreCase(SAMLConstants.AUTHTYPE)) {
                            _authType = element.substring(nextpos);
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("authtype =" + _authType);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.UID)) {
                            _user = element.substring(nextpos);
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("user = " + _user);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.AUTH_UID)) {
                            basic_auth_user = element.substring(nextpos);
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("basic auth user=" + basic_auth_user);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.AUTH_PASSWORD)) {
                            basic_auth_passwd = SAMLUtilsCommon.decodePassword(element.substring(nextpos));
                        } else if (key.equalsIgnoreCase(SAMLConstants.ACCOUNTMAPPER)) {
                            try {
                                Object temp = Class.forName(element.substring(nextpos)).newInstance();
                                if (temp instanceof PartnerAccountMapper) {
                                    _partnerAccountMapper = (PartnerAccountMapper) temp;
                                } else {
                                    SAMLUtilsCommon.debug.error("SAMLServiceManager:Invalid account " + "mapper");
                                }
                            } catch (InstantiationException ie) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ie);
                            } catch (IllegalAccessException ae) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ae);
                            } catch (ClassNotFoundException ce) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ce);
                                _partnerAccountMapper = null;
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.PARTNERACCOUNTMAPPER)) {
                            // for backward compatibility
                            try {
                                _partnerAccountMapper = (PartnerAccountMapper) Class.forName(element.substring(nextpos)).newInstance();
                            } catch (InstantiationException ie) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ie);
                            } catch (IllegalAccessException ae) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ae);
                            } catch (ClassNotFoundException ce) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ce);
                                _partnerAccountMapper = null;
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.CERTALIAS)) {
                            _certAlias = element.substring(nextpos);
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("certAlias = " + _certAlias);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.SITEATTRIBUTEMAPPER)) {
                            try {
                                Object temp = Class.forName(element.substring(nextpos)).newInstance();
                                if (temp instanceof SiteAttributeMapper) {
                                    _siteAttributeMapper = (SiteAttributeMapper) temp;
                                } else if (temp instanceof PartnerSiteAttributeMapper) {
                                    _partnerSiteAttributeMapper = (PartnerSiteAttributeMapper) temp;
                                } else if (temp instanceof ConsumerSiteAttributeMapper) {
                                    consumerSiteAttrMapper = (ConsumerSiteAttributeMapper) temp;
                                } else {
                                    SAMLUtilsCommon.debug.error("SAMLServiceManager:Invalid site " + "attribute mapper");
                                }
                            } catch (InstantiationException ie) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ie);
                            } catch (IllegalAccessException ae) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ae);
                            } catch (ClassNotFoundException ce) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ce);
                                _siteAttributeMapper = null;
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.PARTNERSITEATTRIBUTEMAPPER)) {
                            try {
                                Object temp = Class.forName(element.substring(nextpos)).newInstance();
                                if (temp instanceof PartnerSiteAttributeMapper) {
                                    _partnerSiteAttributeMapper = (PartnerSiteAttributeMapper) temp;
                                } else if (temp instanceof ConsumerSiteAttributeMapper) {
                                    consumerSiteAttrMapper = (ConsumerSiteAttributeMapper) temp;
                                } else {
                                    SAMLUtilsCommon.debug.error("SAMLServiceManager:Invalid site " + "partner attribute mapper");
                                }
                            } catch (InstantiationException ie) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ie);
                            } catch (IllegalAccessException ae) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ae);
                            } catch (ClassNotFoundException ce) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ce);
                                _partnerSiteAttributeMapper = null;
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.NAMEIDENTIFIERMAPPER)) {
                            try {
                                niMapper = (NameIdentifierMapper) Class.forName(element.substring(nextpos)).newInstance();
                            } catch (Exception ex) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:", ex);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.ATTRIBUTEMAPPER)) {
                            try {
                                attrMapper = (AttributeMapper) Class.forName(element.substring(nextpos)).newInstance();
                            } catch (Exception ex) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ex);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.ACTIONMAPPER)) {
                            try {
                                actionMapper = (ActionMapper) Class.forName(element.substring(nextpos)).newInstance();
                            } catch (Exception ex) {
                                SAMLUtilsCommon.debug.error("SAMLSManager:" + ex);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.ISSUER)) {
                            _issuer = element.substring(nextpos).trim();
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("issuer = " + _issuer);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.HOST_LIST)) {
                            origHostSet = new HashSet();
                            hostSet = new HashSet();
                            /* calling InetAddress.getAllByName here has
                                    two purposes:
                                        - emmit any errors if there is any
                                        - call the getAllByName method to init
                                        the jvm caching
                                */
                            StringTokenizer st = new StringTokenizer(element.substring(nextpos), ",");
                            InetAddress[] addr = null;
                            while (st.hasMoreTokens()) {
                                String token = st.nextToken().trim();
                                try {
                                    addr = InetAddress.getAllByName(token);
                                    for (int m = 0, length = addr.length; m < length; m++) {
                                        hostSet.add(addr[m].getHostAddress());
                                    }
                                } catch (Exception ne) {
                                    if (SAMLUtilsCommon.debug.warningEnabled()) {
                                        SAMLUtilsCommon.debug.warning("SAML Service" + " Manager: possible wrong " + "hostname in the host list.");
                                    }
                                }
                                //add here anyways, since
                                // it could be an alias name too
                                hostSet.add(token);
                                origHostSet.add(token);
                            }
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("hostSet = " + hostSet);
                            }
                        } else if (key.equalsIgnoreCase(SAMLConstants.VERSION)) {
                            preferVersion = element.substring(nextpos);
                        }
                    }
                    //provide default auth type 
                    if (_authType == null) {
                        _authType = SAMLConstants.NOAUTH;
                    }
                    // provide default AccountMapper
                    if (_partnerAccountMapper == null) {
                        try {
                            _partnerAccountMapper = (PartnerAccountMapper) Class.forName(DEFAULT_PARTNER_ACCOUNT_MAPPER).newInstance();
                        } catch (Exception ex0) {
                        // ignore
                        }
                    }
                    // provide default AttributeMapper
                    if (attrMapper == null) {
                        attrMapper = new DefaultAttributeMapper();
                    }
                    // default version 
                    if (preferVersion == null || preferVersion.length() == 0) {
                        try {
                            preferVersion = SystemConfigurationUtil.getProperty(SAMLConstants.SAML_PROTOCOL_VERSION).trim();
                        } catch (Exception pe) {
                            preferVersion = SAMLConstants.PROTOCOL_VERSION_1_0;
                        }
                    }
                    // create truseted server set 
                    if (_destID == null || _destID.length() == 0) {
                        SAMLUtilsCommon.debug.error("Ignore this trusted " + "site since SourceID is misconfigured: " + e);
                    } else {
                        if (_siteID == null || _siteID.length() == 0 || ((_samlUrl == null || _samlUrl.length() == 0) && (postUrl == null || postUrl.length() == 0))) {
                            SAMLUtilsCommon.debug.warning("Target or both" + " SAMLUrl and POSTUrl are misconfigured:" + e);
                        }
                        if (_siteID != null && _siteID.length() != 0) {
                            StringTokenizer tok2 = new StringTokenizer(_siteID, ",");
                            while (tok2.hasMoreElements()) {
                                String el = tok2.nextToken();
                                if (SAMLUtilsCommon.debug.messageEnabled()) {
                                    SAMLUtilsCommon.debug.message("SAMLServiceManager:target= " + el);
                                }
                                // break the target url to host and port 
                                StringTokenizer pt = new StringTokenizer(el, ":");
                                if (pt.countTokens() == 2) {
                                    host = pt.nextToken().trim();
                                    port = Integer.parseInt(pt.nextToken().trim());
                                } else {
                                    host = el;
                                    port = -1;
                                }
                            }
                            SiteEntry server = new SiteEntry(host, port, _destID, _samlUrl, postUrl, preferVersion);
                            _Sites.add(server);
                        }
                        // create the soap receiver map                      
                        SOAPEntry server = new SOAPEntry(_destID, _soapRevUrl, _authType, _user, basic_auth_user, basic_auth_passwd, _certAlias, _partnerAccountMapper, _siteAttributeMapper, _partnerSiteAttributeMapper, consumerSiteAttrMapper, niMapper, attrMapper, actionMapper, _issuer, origHostSet, preferVersion);
                        _Soaps.put(_destID, server);
                        if (_issuer != null) {
                            _Soaps.put(_issuer, server);
                        }
                    }
                }
                newMap.put(SAMLConstants.TRUSTED_SERVER_LIST, _Sites);
                newMap.put(SAMLConstants.PARTNER_URLS, _Soaps);
            }
            map = newMap;
        } catch (Exception e) {
            SAMLUtilsCommon.debug.error("SAMLServiceManager.setValues:" + " Exception:", e);
        }
    }
}
Also used : MalformedURLException(java.net.MalformedURLException) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) URL(java.net.URL) ActionMapper(com.sun.identity.saml.plugins.ActionMapper) Iterator(java.util.Iterator) PartnerAccountMapper(com.sun.identity.saml.plugins.PartnerAccountMapper) DefaultAttributeMapper(com.sun.identity.saml.plugins.DefaultAttributeMapper) DefaultNameIdentifierMapper(com.sun.identity.saml.plugins.DefaultNameIdentifierMapper) NameIdentifierMapper(com.sun.identity.saml.plugins.NameIdentifierMapper) ConsumerSiteAttributeMapper(com.sun.identity.saml.plugins.ConsumerSiteAttributeMapper) SiteAttributeMapper(com.sun.identity.saml.plugins.SiteAttributeMapper) PartnerSiteAttributeMapper(com.sun.identity.saml.plugins.PartnerSiteAttributeMapper) HashSet(java.util.HashSet) PartnerSiteAttributeMapper(com.sun.identity.saml.plugins.PartnerSiteAttributeMapper) NumberFormatException(java.lang.NumberFormatException) ConfigurationException(com.sun.identity.plugin.configuration.ConfigurationException) MalformedURLException(java.net.MalformedURLException) DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException) NumberFormatException(java.lang.NumberFormatException) StringTokenizer(java.util.StringTokenizer) ConsumerSiteAttributeMapper(com.sun.identity.saml.plugins.ConsumerSiteAttributeMapper) SiteAttributeMapper(com.sun.identity.saml.plugins.SiteAttributeMapper) AttributeMapper(com.sun.identity.saml.plugins.AttributeMapper) DefaultAttributeMapper(com.sun.identity.saml.plugins.DefaultAttributeMapper) PartnerSiteAttributeMapper(com.sun.identity.saml.plugins.PartnerSiteAttributeMapper) ConsumerSiteAttributeMapper(com.sun.identity.saml.plugins.ConsumerSiteAttributeMapper) HashMap(java.util.HashMap) Map(java.util.Map) InetAddress(java.net.InetAddress)

Example 2 with PartnerAccountMapper

use of com.sun.identity.saml.plugins.PartnerAccountMapper in project OpenAM by OpenRock.

the class SAMLUtils method getAttributeMap.

/**
     * Gets Attribute Map to be set in the Session.
     * @param partnerdest <code>SOAPEntry</code> object
     * @param assertions List of <code>Assertion</code>s
     * @param subject <code>Subject</code> object
     * @param target target of final SSO
     * @return Map which contains name and attributes.
     * @exception Exception if an error occurrs.
     */
public static Map getAttributeMap(SAMLServiceManager.SOAPEntry partnerdest, List assertions, com.sun.identity.saml.assertion.Subject subject, String target) throws Exception {
    String srcID = partnerdest.getSourceID();
    String name = null;
    String org = null;
    Map attrMap = new HashMap();
    PartnerAccountMapper paMapper = partnerdest.getPartnerAccountMapper();
    if (paMapper != null) {
        Map map = paMapper.getUser(assertions, srcID, target);
        name = (String) map.get(PartnerAccountMapper.NAME);
        org = (String) map.get(PartnerAccountMapper.ORG);
        attrMap = (Map) map.get(PartnerAccountMapper.ATTRIBUTE);
    }
    if (attrMap == null) {
        attrMap = new HashMap();
    }
    attrMap.put(SAMLConstants.USER_NAME, name);
    if ((org != null) && (org.length() != 0)) {
        attrMap.put(SessionProvider.REALM, org);
    } else {
        attrMap.put(SessionProvider.REALM, "/");
    }
    if (debug.messageEnabled()) {
        debug.message("getAttributeMap : " + "name = " + name + ", realm=" + org + ", attrMap = " + attrMap);
    }
    return attrMap;
}
Also used : HashMap(java.util.HashMap) PartnerAccountMapper(com.sun.identity.saml.plugins.PartnerAccountMapper) Map(java.util.Map) HashMap(java.util.HashMap)

Aggregations

PartnerAccountMapper (com.sun.identity.saml.plugins.PartnerAccountMapper)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)1 DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)1 ActionMapper (com.sun.identity.saml.plugins.ActionMapper)1 AttributeMapper (com.sun.identity.saml.plugins.AttributeMapper)1 ConsumerSiteAttributeMapper (com.sun.identity.saml.plugins.ConsumerSiteAttributeMapper)1 DefaultAttributeMapper (com.sun.identity.saml.plugins.DefaultAttributeMapper)1 DefaultNameIdentifierMapper (com.sun.identity.saml.plugins.DefaultNameIdentifierMapper)1 NameIdentifierMapper (com.sun.identity.saml.plugins.NameIdentifierMapper)1 PartnerSiteAttributeMapper (com.sun.identity.saml.plugins.PartnerSiteAttributeMapper)1 SiteAttributeMapper (com.sun.identity.saml.plugins.SiteAttributeMapper)1 NumberFormatException (java.lang.NumberFormatException)1 InetAddress (java.net.InetAddress)1 MalformedURLException (java.net.MalformedURLException)1 URL (java.net.URL)1 HashSet (java.util.HashSet)1 Iterator (java.util.Iterator)1 Set (java.util.Set)1