Search in sources :

Example 26 with EntityConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement in project OpenAM by OpenRock.

the class CreateHostedSP method execute.

/**
     * Creates hosted service provider.
     *
     * @param locale Locale of the Request
     * @param params Map of creation parameters.
     */
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    String defAttrMappings = getString(params, ParameterKeys.P_DEF_ATTR_MAPPING);
    boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
    String metadata = null;
    String extendedData = null;
    if (hasMetaData) {
        String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
        metadata = getContent(metadataFile, locale);
        extendedData = getContent(extendedDataFile, locale);
    } else {
        String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
        String metaAlias = generateMetaAliasForSP(getString(params, ParameterKeys.P_REALM));
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        map.put(MetaTemplateParameters.P_SP_E_CERT, getString(params, ParameterKeys.P_SP_E_CERT));
        try {
            metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
            //metadata = enableSigning(metadata);
            extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
        } catch (SAML2MetaException e) {
            return e.getMessage();
        }
    }
    String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
    String realm = results[0];
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    List attrMapping = null;
    if (defAttrMappings.equals("true")) {
        attrMapping = new ArrayList(1);
        attrMapping.add("*=*");
    } else {
        attrMapping = getAttributeMapping(params);
    }
    if (!attrMapping.isEmpty()) {
        try {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
            Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
            List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
            mappedAttributes.addAll(attrMapping);
            manager.setEntityConfig(realm, config);
        } catch (SAML2MetaException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    return "done|||realm=" + realm;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 27 with EntityConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement in project OpenAM by OpenRock.

the class CreateRemoteSP method execute.

/**
     * Creates remote service provider.
     *
     * @param locale Locale of the request.
     * @param params Map of creation parameters.
     */
@Override
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String realm = getString(params, ParameterKeys.P_REALM);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    String metadata = getContent(metadataFile, locale);
    String extendedMeta = null;
    List attrMapping = getAttributeMapping(params);
    if (!attrMapping.isEmpty()) {
        try {
            EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
            String eId = e.getEntityID();
            extendedMeta = createExtendedDataTemplate(eId, false);
        } catch (SAML2MetaException ex) {
            throw new WorkflowException(ex.getMessage());
        } catch (JAXBException ex) {
            throw new WorkflowException(ex.getMessage());
        }
    }
    String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    try {
        if (!attrMapping.isEmpty()) {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
            if (ssoConfig != null) {
                ObjectFactory objFactory = new ObjectFactory();
                AttributeType avp = objFactory.createAttributeElement();
                String key = SAML2Constants.ATTRIBUTE_MAP;
                avp.setName(key);
                avp.getValue().addAll(attrMapping);
                ssoConfig.getAttribute().add(avp);
            }
            manager.setEntityConfig(realm, config);
        }
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    } catch (JAXBException e) {
        throw new WorkflowException(e.getMessage());
    }
    return getMessage("sp.configured", locale);
}
Also used : JAXBException(javax.xml.bind.JAXBException) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) List(java.util.List) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 28 with EntityConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setSPExtAttributeValues.

/**
     * Saves the extended attribute values for the Service Provider.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param spExtValues Map which contains the standard attribute values.
     * @param location has the information whether remote or hosted.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setSPExtAttributeValues(String realm, String entityName, Map spExtValues, String location) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "SP-Extended" };
    logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
    String role = EntityModel.SERVICE_PROVIDER;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        //entityConfig is the extended entity configuration object
        EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityName);
        //for remote cases
        if (entityConfig == null) {
            createExtendedObject(realm, entityName, location, role);
            entityConfig = samlManager.getEntityConfig(realm, entityName);
        }
        SPSSOConfigElement spssoConfig = samlManager.getSPSSOConfig(realm, entityName);
        if (spssoConfig != null) {
            updateBaseConfig(spssoConfig, spExtValues, role);
        }
        //saves the attributes by passing the new entityConfig object
        samlManager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
    } catch (SAML2MetaException e) {
        debug.error("SAMLv2ModelImpl.setSPExtAttributeValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
    } catch (JAXBException e) {
        debug.error("SAMLv2ModelImpl.setSPExtAttributeValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
    } catch (AMConsoleException e) {
        debug.error("SAMLv2ModelImpl.setSPExtAttributeValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
    }
}
Also used : JAXBException(javax.xml.bind.JAXBException) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 29 with EntityConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method updatePEPConfig.

/**
     * Save the extended metadata for PEP Config.
     *
     * @param realm realm of Entity
     * @param entityName entity name of Entity Descriptor.
     * @param location entity is remote or hosted
     * @param attrValues key-value pair Map of PEP extended config.
     * @throws AMConsoleException if fails to modify/save the PEP
     *         extended metadata attributes
     */
public void updatePEPConfig(String realm, String entityName, String location, Map attrValues) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "XACML PEP" };
    logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
    String role = EntityModel.POLICY_ENFORCEMENT_POINT_DESCRIPTOR;
    try {
        SAML2MetaManager saml2Manager = getSAML2MetaManager();
        //entityConfig is the extended entity configuration object
        EntityConfigElement entityConfig = saml2Manager.getEntityConfig(realm, entityName);
        if (entityConfig == null) {
            throw new AMConsoleException("invalid.xacml.configuration");
        }
        XACMLAuthzDecisionQueryConfigElement pepEntityConfig = saml2Manager.getPolicyEnforcementPointConfig(realm, entityName);
        if (pepEntityConfig == null) {
            throw new AMConsoleException("invalid.xacml.configuration");
        } else {
            updateBaseConfig(pepEntityConfig, attrValues, role);
        }
        //saves the attributes by passing the new entityConfig object
        saml2Manager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
    } catch (SAML2MetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PEP", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    } catch (JAXBException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PEP", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    }
}
Also used : JAXBException(javax.xml.bind.JAXBException) XACMLAuthzDecisionQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 30 with EntityConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method updateSPAuthenticationContexts.

/**
     * update SP Authentication Contexts
     *
     * @param realm Realm of Entity
     * @param entityName Name of Entity Descriptor.
     * @param cxt SAMLv2AuthContexts object contains SP
     *        Authentication Contexts values
     * @throws AMConsoleException if fails to update SP
     *         Authentication Contexts.
     */
public void updateSPAuthenticationContexts(String realm, String entityName, SAMLv2AuthContexts cxt) throws AMConsoleException {
    List list = cxt.toSPAuthContextInfo();
    String[] params = { realm, entityName, "SAMLv2", "SP-updateSPAuthenticationContexts" };
    logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
    try {
        SAML2MetaManager saml2MetaManager = getSAML2MetaManager();
        EntityConfigElement entityConfig = saml2MetaManager.getEntityConfig(realm, entityName);
        if (entityConfig == null) {
            throw new AMConsoleException("invalid.entity.name");
        }
        SPSSOConfigElement spDecConfigElement = saml2MetaManager.getSPSSOConfig(realm, entityName);
        if (spDecConfigElement == null) {
            throw new AMConsoleException("invalid.config.element");
        } else {
            // update sp entity config
            updateBaseConfig(spDecConfigElement, SP_AUTHN_CONTEXT_CLASS_REF_MAPPING, list);
        }
        //saves the attributes by passing the new entityConfig object
        saml2MetaManager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
    } catch (SAML2MetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP-updateSPAuthenticationContexts", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    }
    return;
}
Also used : SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)44 List (java.util.List)26 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)23 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)22 ArrayList (java.util.ArrayList)21 Iterator (java.util.Iterator)19 JAXBException (javax.xml.bind.JAXBException)18 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)12 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)10 COTException (com.sun.identity.cot.COTException)8 ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)8 Set (java.util.Set)8 Map (java.util.Map)7 SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)6 HashSet (java.util.HashSet)6 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)5 AttributeType (com.sun.identity.saml2.jaxb.entityconfig.AttributeType)4 ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)4 CLIException (com.sun.identity.cli.CLIException)3