Example 1 with AffiliationConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getExtendedAffiliationyAttributes.
/**
* Returns a map with extended Affiliation attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with extended Affiliation values.
* @throws AMConsoleException if unable to retrieve ext Affiliation
* attributes based on the realm and entityName passed.
*/
public Map getExtendedAffiliationyAttributes(String realm, String entityName) throws AMConsoleException {
;
String[] params = { realm, entityName, "SAMLv2", "Affiliation-Ext" };
logEvent("ATTEMPT_GET_AFFILIATION_ATTR_VALUES", params);
Map map = null;
AffiliationConfigElement atffilConfig = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
atffilConfig = samlManager.getAffiliationConfig(realm, entityName);
if (atffilConfig != null) {
BaseConfigType baseConfig = (BaseConfigType) atffilConfig;
map = SAML2MetaUtils.getAttributes(baseConfig);
Iterator it = map.entrySet().iterator();
while (it.hasNext()) {
Map.Entry pairs = (Map.Entry) it.next();
}
String metalias = baseConfig.getMetaAlias();
List list = new ArrayList();
list.add(metalias);
map.put("metaAlias", list);
}
logEvent("SUCCEED_GET_AFFILIATION_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getExtendedAffiliationyAttributes:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "Affiliation-Ext", strError };
logEvent("FEDERATION_EXCEPTION_GET_AFFILIATION_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return (map != null) ? map : Collections.EMPTY_MAP;
}
Also used :
ArrayList(java.util.ArrayList)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)
Iterator(java.util.Iterator)
List(java.util.List)
ArrayList(java.util.ArrayList)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 2 with AffiliationConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.
the class SAML2COTUtils method updateEntityConfig.
/**
* Updates the entity config to add the circle of turst name to the
* <code>cotlist</code> attribute. The Service Provider and Identity
* Provider Configuration are updated.
*
* @param realm the realm name where the entity configuration is.
* @param name the circle of trust name.
* @param entityId the name of the Entity identifier.
* @throws SAML2MetaException if there is a configuration error when
* updating the configuration.
* @throws JAXBException is there is an error updating the entity
* configuration.
*/
public void updateEntityConfig(String realm, String name, String entityId) throws SAML2MetaException, JAXBException {
String classMethod = "SAML2COTUtils.updateEntityConfig: ";
SAML2MetaManager metaManager = null;
if (callerSession == null) {
metaManager = new SAML2MetaManager();
} else {
metaManager = new SAML2MetaManager(callerSession);
}
ObjectFactory objFactory = new ObjectFactory();
// Check whether the entity id existed in the DS
EntityDescriptorElement edes = metaManager.getEntityDescriptor(realm, entityId);
if (edes == null) {
debug.error(classMethod + "No such entity: " + entityId);
String[] data = { realm, entityId };
throw new SAML2MetaException("entityid_invalid", data);
}
boolean isAffiliation = false;
if (metaManager.getAffiliationDescriptor(realm, entityId) != null) {
isAffiliation = true;
}
if (debug.messageEnabled()) {
debug.message(classMethod + "is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
}
EntityConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
if (eConfig == null) {
BaseConfigType bctype = null;
AttributeType atype = objFactory.createAttributeType();
atype.setName(SAML2Constants.COT_LIST);
atype.getValue().add(name);
// add to eConfig
EntityConfigElement ele = objFactory.createEntityConfigElement();
ele.setEntityID(entityId);
ele.setHosted(false);
if (isAffiliation) {
// handle affiliation case
bctype = objFactory.createAffiliationConfigElement();
bctype.getAttribute().add(atype);
ele.setAffiliationConfig(bctype);
} else {
List ll = ele.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
// Decide which role EntityDescriptorElement includes
List list = edes.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor();
for (Iterator iter = list.iterator(); iter.hasNext(); ) {
Object obj = iter.next();
if (obj instanceof SPSSODescriptorElement) {
bctype = objFactory.createSPSSOConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof IDPSSODescriptorElement) {
bctype = objFactory.createIDPSSOConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof XACMLPDPDescriptorElement) {
bctype = objFactory.createXACMLPDPConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof XACMLAuthzDecisionQueryDescriptorElement) {
bctype = objFactory.createXACMLAuthzDecisionQueryConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof AttributeAuthorityDescriptorElement) {
bctype = objFactory.createAttributeAuthorityConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof AttributeQueryDescriptorElement) {
bctype = objFactory.createAttributeQueryConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else if (obj instanceof AuthnAuthorityDescriptorElement) {
bctype = objFactory.createAuthnAuthorityConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
}
}
}
metaManager.setEntityConfig(realm, ele);
} else {
boolean needToSave = true;
List elist = null;
if (isAffiliation) {
AffiliationConfigElement affiliationCfgElm = metaManager.getAffiliationConfig(realm, entityId);
elist = new ArrayList();
elist.add(affiliationCfgElm);
} else {
elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
}
for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
boolean foundCOT = false;
BaseConfigType bConfig = (BaseConfigType) iter.next();
List list = bConfig.getAttribute();
for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
AttributeType avp = (AttributeType) iter2.next();
if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
foundCOT = true;
List avpl = avp.getValue();
if (avpl.isEmpty() || !containsValue(avpl, name)) {
avpl.add(name);
needToSave = true;
break;
}
}
}
// no cot_list in the original entity config
if (!foundCOT) {
AttributeType atype = objFactory.createAttributeType();
atype.setName(SAML2Constants.COT_LIST);
atype.getValue().add(name);
list.add(atype);
needToSave = true;
}
}
if (needToSave) {
metaManager.setEntityConfig(realm, eConfig);
}
}
}
Also used :
AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
XACMLPDPDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
ArrayList(java.util.ArrayList)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)
ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)
AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 3 with AffiliationConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.
the class SAML2MetaManager method removeFromCircleOfTrust.
private void removeFromCircleOfTrust(String realm, String entityId) {
try {
EntityConfigElement eConfig = getEntityConfig(realm, entityId);
boolean isAffiliation = false;
if (getAffiliationDescriptor(realm, entityId) != null) {
isAffiliation = true;
}
if (debug.messageEnabled()) {
debug.message("SAML2MetaManager.removeFromCircleOfTrust is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
}
if (eConfig != null) {
List elist = null;
if (isAffiliation) {
AffiliationConfigElement affiliationCfgElm = getAffiliationConfig(realm, entityId);
elist = new ArrayList();
elist.add(affiliationCfgElm);
} else {
elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
}
// use first one to delete the entity from COT
BaseConfigType config = (BaseConfigType) elist.iterator().next();
Map attr = SAML2MetaUtils.getAttributes(config);
List cotAttr = (List) attr.get(SAML2Constants.COT_LIST);
List cotList = new ArrayList(cotAttr);
if ((cotList != null) && !cotList.isEmpty()) {
for (Iterator iter = cotList.iterator(); iter.hasNext(); ) {
String cotName = ((String) iter.next()).trim();
if ((cotName != null) && (!cotName.equals(""))) {
cotm.removeCircleOfTrustMember(realm, cotName, COTConstants.SAML2, entityId, false);
}
}
}
}
} catch (Exception e) {
debug.error("SAML2MetaManager.removeFromCircleOfTrust:" + "Error while removing entity" + entityId + "from COT.", e);
}
}
Also used :
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
Map(java.util.Map)
COTException(com.sun.identity.cot.COTException)
ConfigurationException(com.sun.identity.plugin.configuration.ConfigurationException)
JAXBException(javax.xml.bind.JAXBException)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Example 4 with AffiliationConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement in project OpenAM by OpenRock.
the class SAML2COTUtils method removeFromEntityConfig.
/**
* Removes the circle trust name passed from the <code>cotlist</code>
* attribute in the Entity Config. The Service Provider and Identity
* Provider Entity Configuration are updated.
*
* @param name the circle of trust name to be removed.
* @param entityId the entity identifier of the provider.
* @throws SAML2MetaException if there is an error updating the entity
* config.
* @throws JAXBException if there is an error updating the entity config.
*/
public void removeFromEntityConfig(String realm, String name, String entityId) throws SAML2MetaException, JAXBException {
String classMethod = "SAML2COTUtils.removeFromEntityConfig: ";
SAML2MetaManager metaManager = null;
if (callerSession == null) {
metaManager = new SAML2MetaManager();
} else {
metaManager = new SAML2MetaManager(callerSession);
}
// Check whether the entity id existed in the DS
EntityDescriptorElement edes = metaManager.getEntityDescriptor(realm, entityId);
if (edes == null) {
debug.error(classMethod + "No such entity: " + entityId);
String[] data = { realm, entityId };
throw new SAML2MetaException("entityid_invalid", data);
}
EntityConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
boolean isAffiliation = false;
if (metaManager.getAffiliationDescriptor(realm, entityId) != null) {
isAffiliation = true;
}
if (debug.messageEnabled()) {
debug.message(classMethod + "is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
}
if (eConfig != null) {
List elist = null;
if (isAffiliation) {
AffiliationConfigElement affiliationCfgElm = metaManager.getAffiliationConfig(realm, entityId);
elist = new ArrayList();
elist.add(affiliationCfgElm);
} else {
elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
}
boolean needToSave = false;
for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
BaseConfigType bConfig = (BaseConfigType) iter.next();
List list = bConfig.getAttribute();
for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
AttributeType avp = (AttributeType) iter2.next();
if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
List avpl = avp.getValue();
if (avpl != null && !avpl.isEmpty() && containsValue(avpl, name)) {
avpl.remove(name);
needToSave = true;
break;
}
}
}
}
if (needToSave) {
metaManager.setEntityConfig(realm, eConfig);
}
}
}
Also used :
ArrayList(java.util.ArrayList)
EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)
AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Aggregations
AffiliationConfigElement (com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement)4
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)4
ArrayList (java.util.ArrayList)4
Iterator (java.util.Iterator)4
List (java.util.List)4
EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)3
AttributeType (com.sun.identity.saml2.jaxb.entityconfig.AttributeType)2
EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)2
Map (java.util.Map)2
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)1
COTException (com.sun.identity.cot.COTException)1
ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)1
ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)1
AttributeAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)1
AuthnAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)1
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)1
XACMLAuthzDecisionQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)1
XACMLPDPDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement)1
AttributeQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)1
