Example 1 with AttributeQueryConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement in project OpenAM by OpenRock.
the class SAML2MetaManager method getAttributeQueryConfig.
/**
* Returns first attribute query configuration in an entity under
* the realm.
* @param realm The realm under which the entity resides.
* @param entityId ID of the entity to be retrieved.
* @return <code>AttributeQueryConfigElement</code> for the entity or
* null if not found.
* @throws SAML2MetaException if unable to retrieve the first attribute
* query configuration.
*/
public AttributeQueryConfigElement getAttributeQueryConfig(String realm, String entityId) throws SAML2MetaException {
EntityConfigElement eConfig = getEntityConfig(realm, entityId);
if (eConfig == null) {
return null;
}
List list = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
for (Iterator iter = list.iterator(); iter.hasNext(); ) {
Object obj = iter.next();
if (obj instanceof AttributeQueryConfigElement) {
return (AttributeQueryConfigElement) obj;
}
}
return null;
}
Also used :
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Example 2 with AttributeQueryConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getExtendedAttrQueryAttributes.
/**
* Returns a map with extended AttrQuery attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with extended AttrQuery values.
* @throws AMConsoleException if unable to retrieve ext AttrQuery
* attributes based on the realm and entityName passed.
*/
public Map getExtendedAttrQueryAttributes(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttrQuery-Ext" };
logEvent("ATTEMPT_GET_ATTR_QUERY_ATTR_VALUES", params);
Map map = null;
AttributeQueryConfigElement attrQueryConfig = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
attrQueryConfig = samlManager.getAttributeQueryConfig(realm, entityName);
if (attrQueryConfig != null) {
BaseConfigType baseConfig = (BaseConfigType) attrQueryConfig;
map = SAML2MetaUtils.getAttributes(baseConfig);
}
logEvent("SUCCEED_GET_ATTR_QUERY_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getExtendedAttrQueryAttributes:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttrQuery-Ext", strError };
logEvent("FEDERATION_EXCEPTION_GET_ATTR_QUERY_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return (map != null) ? map : Collections.EMPTY_MAP;
}
Also used :
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 3 with AttributeQueryConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setExtAttributeQueryValues.
/**
* Saves the extended attribute values for Attribute Query.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrQueryExtValues Map which contains the extended values.
* @param location has the information whether remote or hosted.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setExtAttributeQueryValues(String realm, String entityName, Map attrQueryExtValues, String location) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribQuery-Ext" };
logEvent("ATTEMPT_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
String role = EntityModel.SAML_ATTRQUERY;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
//entityConfig is the extended entity configuration object
EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityName);
//for remote cases
if (entityConfig == null) {
createExtendedObject(realm, entityName, location, role);
entityConfig = samlManager.getEntityConfig(realm, entityName);
}
AttributeQueryConfigElement attrQueryConfig = samlManager.getAttributeQueryConfig(realm, entityName);
if (attrQueryConfig != null) {
updateBaseConfig(attrQueryConfig, attrQueryExtValues, role);
}
//saves the attributes by passing the new entityConfig object
samlManager.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Ext", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
} catch (JAXBException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Extended", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
} catch (AMConsoleException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Ext", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
}
}
Also used :
JAXBException(javax.xml.bind.JAXBException)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Example 4 with AttributeQueryConfigElement
use of com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement in project OpenAM by OpenRock.
the class AttributeQueryUtil method getAttributesForFedlet.
/**
* Sends the AttributeQuery to specified attribute authority,
* validates the response and returns the attribute map
* <code>Map<String, Set<String>></code> to the Fedlet
*
* @param spEntityID SP entity ID
* @param idpEntityID IDP entity ID
* @param nameIDValue NameID value
* @param attrsList The list of attributes whose values need to be
* fetched from IDP
* @param attrQueryProfileAlias Attribute Query Profile Alias
* @param subjectDN Attribute name which contains X.509 subject DN
*
* @return the <code>Map</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static Map<String, Set<String>> getAttributesForFedlet(String spEntityID, String idpEntityID, String nameIDValue, List<String> attrsList, String attrQueryProfileAlias, String subjectDN) throws SAML2Exception {
final String classMethod = "AttributeQueryUtil.getAttributesForFedlet: ";
AttributeQueryConfigElement attrQueryConfig = metaManager.getAttributeQueryConfig("/", spEntityID);
if (attrQueryConfig == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Attribute Query Config is null");
}
return null;
}
String attrqMetaAlias = attrQueryConfig.getMetaAlias();
if (attrqMetaAlias == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Attribute Query MetaAlias is null");
}
return null;
}
boolean wantNameIDEncrypted = SAML2Utils.getWantNameIDEncrypted("/", spEntityID, SAML2Constants.ATTR_QUERY_ROLE);
AttributeQuery attrQuery = constructAttrQueryForFedlet(spEntityID, idpEntityID, nameIDValue, attrsList, attrqMetaAlias, attrQueryProfileAlias, subjectDN, wantNameIDEncrypted);
String attrQueryProfile = null;
if (attrQueryProfileAlias.equals(SAML2Constants.DEFAULT_ATTR_QUERY_PROFILE_ALIAS)) {
attrQueryProfile = SAML2Constants.DEFAULT_ATTR_QUERY_PROFILE;
} else if (attrQueryProfileAlias.equals(SAML2Constants.X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS)) {
attrQueryProfile = SAML2Constants.X509_SUBJECT_ATTR_QUERY_PROFILE;
}
Response samlResp = sendAttributeQuery(attrQuery, idpEntityID, "/", attrQueryProfile, SAML2Constants.BASIC_ATTRIBUTE_PROFILE, SAML2Constants.SOAP);
// Validate the response
boolean validResp = validateSAMLResponseForFedlet(samlResp, spEntityID, wantNameIDEncrypted);
Map<String, Set<String>> attrMap = new HashMap<String, Set<String>>();
if (validResp) {
// Return back the AttributeMap
if (samlResp != null) {
List<Object> assertions;
if (wantNameIDEncrypted) {
assertions = samlResp.getEncryptedAssertion();
} else {
assertions = samlResp.getAssertion();
}
for (Object currentAssertion : assertions) {
Assertion assertion;
if (wantNameIDEncrypted) {
assertion = getDecryptedAssertion((EncryptedAssertion) currentAssertion, spEntityID);
} else {
assertion = (Assertion) currentAssertion;
}
if (assertion != null) {
List<AttributeStatement> statements = assertion.getAttributeStatements();
if (statements != null && statements.size() > 0) {
for (AttributeStatement statement : statements) {
List<Attribute> attributes = statement.getAttribute();
attrMap.putAll(mapAttributes("/", spEntityID, idpEntityID, nameIDValue, attributes));
}
} else {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Empty Statement present in SAML response");
}
}
} else {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Empty Assertion present in SAML response");
}
}
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "attributes received from Attribute Query: " + attrMap);
}
}
} else {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Invalid response obtained from Attribute Authority");
}
}
// Return the attribute map and to the fedlet
return attrMap;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
Attribute(com.sun.identity.saml2.assertion.Attribute)
EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion)
Assertion(com.sun.identity.saml2.assertion.Assertion)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
Response(com.sun.identity.saml2.protocol.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery)
EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion)
AttributeStatement(com.sun.identity.saml2.assertion.AttributeStatement)
Aggregations
AttributeQueryConfigElement (com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)4
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2
EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)2
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)2
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)2
HashMap (java.util.HashMap)2
Assertion (com.sun.identity.saml2.assertion.Assertion)1
Attribute (com.sun.identity.saml2.assertion.Attribute)1
AttributeStatement (com.sun.identity.saml2.assertion.AttributeStatement)1
EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)1
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)1
AttributeQuery (com.sun.identity.saml2.protocol.AttributeQuery)1
Response (com.sun.identity.saml2.protocol.Response)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
Iterator (java.util.Iterator)1
List (java.util.List)1
Map (java.util.Map)1
Set (java.util.Set)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
