use of com.sun.identity.saml2.assertion.Attribute in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getPEPConfig.
/**
* Returns a <code>Map</code> containing the extended metadata for the PEP.
*
* @param realm where entity exists.
* @param entityName name of entity descriptor.
* @param location if the entity is remote or hosted.
* @return key-value pair Map of PEP config data.
* @throws AMConsoleException if unable to retrieve the PEP
* extended metadata attribute
*/
public Map getPEPConfig(String realm, String entityName, String location) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PEP" };
logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
String role = EntityModel.POLICY_ENFORCEMENT_POINT_DESCRIPTOR;
Map data = null;
List configList = null;
String metaAlias = null;
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
XACMLAuthzDecisionQueryConfigElement xacmlAuthzConfigElement = saml2Manager.getPolicyEnforcementPointConfig(realm, entityName);
if (xacmlAuthzConfigElement != null) {
data = new HashMap();
configList = xacmlAuthzConfigElement.getAttribute();
metaAlias = xacmlAuthzConfigElement.getMetaAlias();
int size = configList.size();
for (int i = 0; i < size; i++) {
AttributeType atype = (AttributeType) configList.get(i);
String name = atype.getName();
java.util.List value = atype.getValue();
data.put(atype.getName(), returnEmptySetIfValueIsNull(atype.getValue()));
}
data.put("metaAlias", metaAlias);
} else {
createExtendedObject(realm, entityName, location, role);
}
logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
} catch (JAXBException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PEP", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PEP", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return (data != null) ? data : Collections.EMPTY_MAP;
}
use of com.sun.identity.saml2.assertion.Attribute in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method updatePDPDescriptor.
/**
* Save standard metadata for PDP descriptor.
*
* @param realm realm of Entity.
* @param entityName entity name of Entity Descriptor.
* @param attrValues key-value pair Map of PDP standed data.
* @throws AMConsoleException if fails to modify/save the PDP
* standard metadata attribute
*/
public void updatePDPDescriptor(String realm, String entityName, Map attrValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = saml2Manager.getEntityDescriptor(realm, entityName);
XACMLPDPDescriptorElement pdpDescriptor = saml2Manager.getPolicyDecisionPointDescriptor(realm, entityName);
if (pdpDescriptor != null) {
List authzServiceList = pdpDescriptor.getXACMLAuthzService();
if (authzServiceList.size() != 0) {
XACMLAuthzServiceElement authzService = (XACMLAuthzServiceElement) authzServiceList.get(0);
authzService.setLocation((String) AMAdminUtils.getValue((Set) attrValues.get(ATTR_XACML_AUTHZ_SERVICE_LOCATION)));
}
}
saml2Manager.setEntityDescriptor(realm, entityDescriptor);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
}
use of com.sun.identity.saml2.assertion.Attribute in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setStdAttributeAuthorityValues.
/**
* Saves the standard attribute values for Attribute Authority.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrAuthValues Map which contains standard attribute auth values.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setStdAttributeAuthorityValues(String realm, String entityName, Map attrAuthValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
logEvent("ATTEMPT_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
AttributeAuthorityDescriptorElement attrauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
if (attrauthDescriptor != null) {
//save attribute Service
String defLocation = getResult(attrAuthValues, ATTR_SEFVICE_DEFAULT_LOCATION);
boolean is509 = setToBoolean(attrAuthValues, SUPPORTS_X509);
String x509Location = getResult(attrAuthValues, ATTR_SEFVICE_LOCATION);
AttributeServiceElement key1 = objFact.createAttributeServiceElement();
AttributeServiceElement key2 = objFact.createAttributeServiceElement();
key1.setBinding(soapBinding);
key1.setLocation("");
key2.setBinding(soapBinding);
key2.setSupportsX509Query(false);
key2.setLocation("");
if (defLocation != null && defLocation.length() > 0) {
key1.setLocation(defLocation);
}
if (x509Location != null && x509Location.length() > 0) {
key2.setLocation(x509Location);
key2.setSupportsX509Query(is509);
}
attrauthDescriptor.getAttributeService().clear();
attrauthDescriptor.getAttributeService().add(key1);
attrauthDescriptor.getAttributeService().add(key2);
//save assertion ID request
String soapLocation = getResult(attrAuthValues, ASSERTION_ID_SAOP_LOC);
String uriLocation = getResult(attrAuthValues, ASSERTION_ID_URI_LOC);
AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
elem1.setBinding(soapBinding);
elem2.setBinding(uriBinding);
if (soapLocation != null) {
elem1.setLocation(soapLocation);
}
if (uriLocation != null) {
elem2.setLocation(uriLocation);
}
attrauthDescriptor.getAssertionIDRequestService().clear();
attrauthDescriptor.getAssertionIDRequestService().add(elem1);
attrauthDescriptor.getAssertionIDRequestService().add(elem2);
//save attribute profile
String attrProfile = getResult(attrAuthValues, ATTRIBUTE_PROFILE);
List attrProfileList = attrauthDescriptor.getAttributeProfile();
if (!attrProfileList.isEmpty()) {
attrauthDescriptor.getAttributeProfile().clear();
}
attrauthDescriptor.getAttributeProfile().add(attrProfile);
samlManager.setEntityDescriptor(realm, entityDescriptor);
}
logEvent("SUCCEED_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
}
}
use of com.sun.identity.saml2.assertion.Attribute in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method updatePDPConfig.
/**
* Save extended metadata for PDP Config.
*
* @param realm realm of Entity.
* @param entityName entity name of Entity Descriptor.
* @param location entity is remote or hosted.
* @param attrValues key-value pair Map of PDP extended config.
* @throws AMConsoleException if fails to modify/save the PDP
* extended metadata attribute
*/
public void updatePDPConfig(String realm, String entityName, String location, Map attrValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
String role = EntityModel.POLICY_DECISION_POINT_DESCRIPTOR;
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
//entityConfig is the extended entity configuration object
EntityConfigElement entityConfig = saml2Manager.getEntityConfig(realm, entityName);
if (entityConfig == null) {
throw new AMConsoleException("invalid.xacml.configuration");
}
XACMLPDPConfigElement pdpEntityConfig = saml2Manager.getPolicyDecisionPointConfig(realm, entityName);
if (pdpEntityConfig == null) {
throw new AMConsoleException("invalid.xacml.configuration");
} else {
updateBaseConfig(pdpEntityConfig, attrValues, role);
}
//saves the attributes by passing the new entityConfig object
saml2Manager.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
}
use of com.sun.identity.saml2.assertion.Attribute in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getPDPDescriptor.
/**
* Returns a Map of PDP descriptor data.(Standard Metadata)
*
* @param realm realm of Entity
* @param entityName entity name of Entity Descriptor.
* @return key-value pair Map of PDP descriptor data.
* @throws AMConsoleException if unable to retrieve the PDP
* standard metadata attribute
*/
public Map getPDPDescriptor(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
Map data = null;
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
XACMLPDPDescriptorElement xacmlPDPDescriptor = saml2Manager.getPolicyDecisionPointDescriptor(realm, entityName);
if (xacmlPDPDescriptor != null) {
data = new HashMap(10);
//ProtocolSupportEnum
data.put(ATTR_TXT_PROTOCOL_SUPPORT_ENUM, returnEmptySetIfValueIsNull(xacmlPDPDescriptor.getProtocolSupportEnumeration()));
List authzServiceList = xacmlPDPDescriptor.getXACMLAuthzService();
if (authzServiceList.size() != 0) {
XACMLAuthzServiceElement authzService = (XACMLAuthzServiceElement) authzServiceList.get(0);
data.put(ATTR_XACML_AUTHZ_SERVICE_BINDING, returnEmptySetIfValueIsNull(authzService.getBinding()));
data.put(ATTR_XACML_AUTHZ_SERVICE_LOCATION, returnEmptySetIfValueIsNull(authzService.getLocation()));
}
}
logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return (data != null) ? data : Collections.EMPTY_MAP;
}
Aggregations