Search in sources :

Example 1 with AffiliationConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getExtendedAffiliationyAttributes.

/**
     * Returns a map with extended Affiliation attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with extended Affiliation values.
     * @throws AMConsoleException if unable to retrieve ext Affiliation
     *     attributes based on the realm and entityName passed.
     */
public Map getExtendedAffiliationyAttributes(String realm, String entityName) throws AMConsoleException {
    ;
    String[] params = { realm, entityName, "SAMLv2", "Affiliation-Ext" };
    logEvent("ATTEMPT_GET_AFFILIATION_ATTR_VALUES", params);
    Map map = null;
    AffiliationConfigElement atffilConfig = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        atffilConfig = samlManager.getAffiliationConfig(realm, entityName);
        if (atffilConfig != null) {
            BaseConfigType baseConfig = (BaseConfigType) atffilConfig;
            map = SAML2MetaUtils.getAttributes(baseConfig);
            Iterator it = map.entrySet().iterator();
            while (it.hasNext()) {
                Map.Entry pairs = (Map.Entry) it.next();
            }
            String metalias = baseConfig.getMetaAlias();
            List list = new ArrayList();
            list.add(metalias);
            map.put("metaAlias", list);
        }
        logEvent("SUCCEED_GET_AFFILIATION_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getExtendedAffiliationyAttributes:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "Affiliation-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_GET_AFFILIATION_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return (map != null) ? map : Collections.EMPTY_MAP;
}
Also used : ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 2 with AffiliationConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.

the class SAML2COTUtils method updateEntityConfig.

/**
     * Updates the entity config to add the circle of turst name to the
     * <code>cotlist</code> attribute. The Service Provider and Identity
     * Provider Configuration are updated.
     *
     * @param realm the realm name where the entity configuration is.
     * @param name the circle of trust name.
     * @param entityId the name of the Entity identifier.
     * @throws SAML2MetaException if there is a configuration error when
     *         updating the configuration.
     * @throws JAXBException is there is an error updating the entity
     *          configuration.
     */
public void updateEntityConfig(String realm, String name, String entityId) throws SAML2MetaException, JAXBException {
    String classMethod = "SAML2COTUtils.updateEntityConfig: ";
    SAML2MetaManager metaManager = null;
    if (callerSession == null) {
        metaManager = new SAML2MetaManager();
    } else {
        metaManager = new SAML2MetaManager(callerSession);
    }
    ObjectFactory objFactory = new ObjectFactory();
    // Check whether the entity id existed in the DS
    EntityDescriptorElement edes = metaManager.getEntityDescriptor(realm, entityId);
    if (edes == null) {
        debug.error(classMethod + "No such entity: " + entityId);
        String[] data = { realm, entityId };
        throw new SAML2MetaException("entityid_invalid", data);
    }
    boolean isAffiliation = false;
    if (metaManager.getAffiliationDescriptor(realm, entityId) != null) {
        isAffiliation = true;
    }
    if (debug.messageEnabled()) {
        debug.message(classMethod + "is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
    }
    EntityConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
    if (eConfig == null) {
        BaseConfigType bctype = null;
        AttributeType atype = objFactory.createAttributeType();
        atype.setName(SAML2Constants.COT_LIST);
        atype.getValue().add(name);
        // add to eConfig
        EntityConfigElement ele = objFactory.createEntityConfigElement();
        ele.setEntityID(entityId);
        ele.setHosted(false);
        if (isAffiliation) {
            // handle affiliation case
            bctype = objFactory.createAffiliationConfigElement();
            bctype.getAttribute().add(atype);
            ele.setAffiliationConfig(bctype);
        } else {
            List ll = ele.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
            // Decide which role EntityDescriptorElement includes
            List list = edes.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor();
            for (Iterator iter = list.iterator(); iter.hasNext(); ) {
                Object obj = iter.next();
                if (obj instanceof SPSSODescriptorElement) {
                    bctype = objFactory.createSPSSOConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof IDPSSODescriptorElement) {
                    bctype = objFactory.createIDPSSOConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof XACMLPDPDescriptorElement) {
                    bctype = objFactory.createXACMLPDPConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof XACMLAuthzDecisionQueryDescriptorElement) {
                    bctype = objFactory.createXACMLAuthzDecisionQueryConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AttributeAuthorityDescriptorElement) {
                    bctype = objFactory.createAttributeAuthorityConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AttributeQueryDescriptorElement) {
                    bctype = objFactory.createAttributeQueryConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AuthnAuthorityDescriptorElement) {
                    bctype = objFactory.createAuthnAuthorityConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                }
            }
        }
        metaManager.setEntityConfig(realm, ele);
    } else {
        boolean needToSave = true;
        List elist = null;
        if (isAffiliation) {
            AffiliationConfigElement affiliationCfgElm = metaManager.getAffiliationConfig(realm, entityId);
            elist = new ArrayList();
            elist.add(affiliationCfgElm);
        } else {
            elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
        }
        for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
            boolean foundCOT = false;
            BaseConfigType bConfig = (BaseConfigType) iter.next();
            List list = bConfig.getAttribute();
            for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
                AttributeType avp = (AttributeType) iter2.next();
                if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
                    foundCOT = true;
                    List avpl = avp.getValue();
                    if (avpl.isEmpty() || !containsValue(avpl, name)) {
                        avpl.add(name);
                        needToSave = true;
                        break;
                    }
                }
            }
            // no cot_list in the original entity config
            if (!foundCOT) {
                AttributeType atype = objFactory.createAttributeType();
                atype.setName(SAML2Constants.COT_LIST);
                atype.getValue().add(name);
                list.add(atype);
                needToSave = true;
            }
        }
        if (needToSave) {
            metaManager.setEntityConfig(realm, eConfig);
        }
    }
}
Also used : AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) XACMLPDPDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) ArrayList(java.util.ArrayList) AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 3 with AffiliationConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.

the class SAML2MetaManager method removeFromCircleOfTrust.

private void removeFromCircleOfTrust(String realm, String entityId) {
    try {
        EntityConfigElement eConfig = getEntityConfig(realm, entityId);
        boolean isAffiliation = false;
        if (getAffiliationDescriptor(realm, entityId) != null) {
            isAffiliation = true;
        }
        if (debug.messageEnabled()) {
            debug.message("SAML2MetaManager.removeFromCircleOfTrust is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
        }
        if (eConfig != null) {
            List elist = null;
            if (isAffiliation) {
                AffiliationConfigElement affiliationCfgElm = getAffiliationConfig(realm, entityId);
                elist = new ArrayList();
                elist.add(affiliationCfgElm);
            } else {
                elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
            }
            // use first one to delete the entity from COT
            BaseConfigType config = (BaseConfigType) elist.iterator().next();
            Map attr = SAML2MetaUtils.getAttributes(config);
            List cotAttr = (List) attr.get(SAML2Constants.COT_LIST);
            List cotList = new ArrayList(cotAttr);
            if ((cotList != null) && !cotList.isEmpty()) {
                for (Iterator iter = cotList.iterator(); iter.hasNext(); ) {
                    String cotName = ((String) iter.next()).trim();
                    if ((cotName != null) && (!cotName.equals(""))) {
                        cotm.removeCircleOfTrustMember(realm, cotName, COTConstants.SAML2, entityId, false);
                    }
                }
            }
        }
    } catch (Exception e) {
        debug.error("SAML2MetaManager.removeFromCircleOfTrust:" + "Error while removing entity" + entityId + "from COT.", e);
    }
}
Also used : BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) Map(java.util.Map) COTException(com.sun.identity.cot.COTException) ConfigurationException(com.sun.identity.plugin.configuration.ConfigurationException) JAXBException(javax.xml.bind.JAXBException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 4 with AffiliationConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.

the class SAML2COTUtils method removeFromEntityConfig.

/**
     * Removes the circle trust name passed from the <code>cotlist</code>
     * attribute in the Entity Config. The Service Provider and Identity
     * Provider Entity Configuration are updated.
     *
     * @param name the circle of trust name to be removed.
     * @param entityId the entity identifier of the provider.
     * @throws SAML2MetaException if there is an error updating the entity
     *          config.
     * @throws JAXBException if there is an error updating the entity config.
     */
public void removeFromEntityConfig(String realm, String name, String entityId) throws SAML2MetaException, JAXBException {
    String classMethod = "SAML2COTUtils.removeFromEntityConfig: ";
    SAML2MetaManager metaManager = null;
    if (callerSession == null) {
        metaManager = new SAML2MetaManager();
    } else {
        metaManager = new SAML2MetaManager(callerSession);
    }
    // Check whether the entity id existed in the DS
    EntityDescriptorElement edes = metaManager.getEntityDescriptor(realm, entityId);
    if (edes == null) {
        debug.error(classMethod + "No such entity: " + entityId);
        String[] data = { realm, entityId };
        throw new SAML2MetaException("entityid_invalid", data);
    }
    EntityConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
    boolean isAffiliation = false;
    if (metaManager.getAffiliationDescriptor(realm, entityId) != null) {
        isAffiliation = true;
    }
    if (debug.messageEnabled()) {
        debug.message(classMethod + "is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
    }
    if (eConfig != null) {
        List elist = null;
        if (isAffiliation) {
            AffiliationConfigElement affiliationCfgElm = metaManager.getAffiliationConfig(realm, entityId);
            elist = new ArrayList();
            elist.add(affiliationCfgElm);
        } else {
            elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
        }
        boolean needToSave = false;
        for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
            BaseConfigType bConfig = (BaseConfigType) iter.next();
            List list = bConfig.getAttribute();
            for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
                AttributeType avp = (AttributeType) iter2.next();
                if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
                    List avpl = avp.getValue();
                    if (avpl != null && !avpl.isEmpty() && containsValue(avpl, name)) {
                        avpl.remove(name);
                        needToSave = true;
                        break;
                    }
                }
            }
        }
        if (needToSave) {
            metaManager.setEntityConfig(realm, eConfig);
        }
    }
}
Also used : ArrayList(java.util.ArrayList) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

AffiliationConfigElement (com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)4 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)4 ArrayList (java.util.ArrayList)4 Iterator (java.util.Iterator)4 List (java.util.List)4 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)3 AttributeType (com.sun.identity.saml2.jaxb.entityconfig.AttributeType)2 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)2 Map (java.util.Map)2 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)1 COTException (com.sun.identity.cot.COTException)1 ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)1 ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)1 AttributeAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)1 AuthnAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)1 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)1 XACMLAuthzDecisionQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)1 XACMLPDPDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement)1 AttributeQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)1