use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getPDPConfig.
/**
* Returns a Map of PDP Config data. (Extended Metadata)
*
* @param realm realm of Entity
* @param entityName entity name of Entity Descriptor
* @param location location of entity(hosted or remote)
* @return key-value pair Map of PPP config data.
* @throws AMConsoleException if unable to retrieve the PDP
* extended metadata attribute
*/
public Map getPDPConfig(String realm, String entityName, String location) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
String role = EntityModel.POLICY_DECISION_POINT_DESCRIPTOR;
Map data = null;
List configList = null;
String metaAlias = null;
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
XACMLPDPConfigElement xacmlPDPConfigElement = saml2Manager.getPolicyDecisionPointConfig(realm, entityName);
if (xacmlPDPConfigElement != null) {
data = new HashMap();
configList = xacmlPDPConfigElement.getAttribute();
metaAlias = xacmlPDPConfigElement.getMetaAlias();
int size = configList.size();
for (int i = 0; i < size; i++) {
AttributeType atype = (AttributeType) configList.get(i);
String name = atype.getName();
java.util.List value = atype.getValue();
data.put(atype.getName(), returnEmptySetIfValueIsNull(atype.getValue()));
}
data.put("metaAlias", metaAlias);
} else {
createExtendedObject(realm, entityName, location, role);
}
logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
} catch (JAXBException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return (data != null) ? data : Collections.EMPTY_MAP;
}
use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.
the class SAML2Utils method getAttributeValueFromXACMLConfig.
/**
* Returns the value of attribute from entity configuration.
*
* @param realm the realm of the entity.
* @param entityRole role of the entity (PEP or PDP).
* @param entityID identity of the entity.
* @param attrName name of attribute whose value is to be retreived.
* @return value of the attribute.
*/
public static String getAttributeValueFromXACMLConfig(String realm, String entityRole, String entityID, String attrName) {
String method = "SAML2Utils:getAttributeValueFromXACMLConfig : ";
if (debug.messageEnabled()) {
debug.message(method + "realm - " + realm);
debug.message(method + "entityRole - " + entityRole);
debug.message(method + "EntityId - " + entityID);
debug.message(method + "attrName - " + attrName);
}
String result = null;
try {
XACMLAuthzDecisionQueryConfigElement pepConfig = null;
XACMLPDPConfigElement pdpConfig = null;
Map attrs = null;
if (entityRole.equalsIgnoreCase(SAML2Constants.PEP_ROLE)) {
pepConfig = saml2MetaManager.getPolicyEnforcementPointConfig(realm, entityID);
if (pepConfig != null) {
attrs = SAML2MetaUtils.getAttributes(pepConfig);
}
} else {
pdpConfig = saml2MetaManager.getPolicyDecisionPointConfig(realm, entityID);
if (pdpConfig != null) {
attrs = SAML2MetaUtils.getAttributes(pdpConfig);
}
}
if (attrs != null) {
List value = (List) attrs.get(attrName);
if (value != null && value.size() != 0) {
result = (String) value.get(0);
}
}
} catch (SAML2MetaException e) {
debug.message("Retreiving XACML Config failed:", e);
}
if (debug.messageEnabled()) {
debug.message("Attribute value is : " + result);
}
return result;
}
use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.
the class QueryClient method getPDPConfig.
/**
* Returns the extended Policy Decision Point Configuration.
*
* @param realm the realm of the entity.
* @param pdpEntityId identifier of the PDP.
* @return the <code>XACMLPDPConfigElement</code> object.
* @exception <code>SAML2Exception</code> if there is an error retreiving
* the extended configuration.
*/
private static XACMLPDPConfigElement getPDPConfig(String realm, String pdpEntityID) throws SAML2Exception {
XACMLPDPConfigElement pdpConfig = null;
String classMethod = "QueryClient:getPDPConfig";
if (saml2MetaManager != null) {
try {
pdpConfig = saml2MetaManager.getPolicyDecisionPointConfig(realm, pdpEntityID);
} catch (SAML2MetaException sme) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Error retreiving PDP meta", sme);
}
String[] args = { pdpEntityID };
LogUtil.error(Level.INFO, LogUtil.PEP_METADATA_ERROR, args);
throw new SAML2Exception(SAML2SDKUtils.BUNDLE_NAME, "pdpMetaRetreivalError", args);
}
}
return pdpConfig;
}
use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.
the class SAML2MetaManager method getPolicyDecisionPointConfig.
/**
* Returns first policy decision point configuration in an entity under
* the realm.
* @param realm The realm under which the entity resides.
* @param entityId ID of the entity to be retrieved.
* @return policy decision point configuration or null if it is not found.
* @throws SAML2MetaException if unable to retrieve the configuration.
*/
public XACMLPDPConfigElement getPolicyDecisionPointConfig(String realm, String entityId) throws SAML2MetaException {
XACMLPDPConfigElement elm = null;
EntityConfigElement eConfig = getEntityConfig(realm, entityId);
if (eConfig != null) {
List list = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
for (Iterator i = list.iterator(); i.hasNext() && (elm == null); ) {
Object obj = i.next();
if (obj instanceof XACMLPDPConfigElement) {
elm = (XACMLPDPConfigElement) obj;
}
}
}
return elm;
}
use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method updatePDPConfig.
/**
* Save extended metadata for PDP Config.
*
* @param realm realm of Entity.
* @param entityName entity name of Entity Descriptor.
* @param location entity is remote or hosted.
* @param attrValues key-value pair Map of PDP extended config.
* @throws AMConsoleException if fails to modify/save the PDP
* extended metadata attribute
*/
public void updatePDPConfig(String realm, String entityName, String location, Map attrValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
String role = EntityModel.POLICY_DECISION_POINT_DESCRIPTOR;
try {
SAML2MetaManager saml2Manager = getSAML2MetaManager();
//entityConfig is the extended entity configuration object
EntityConfigElement entityConfig = saml2Manager.getEntityConfig(realm, entityName);
if (entityConfig == null) {
throw new AMConsoleException("invalid.xacml.configuration");
}
XACMLPDPConfigElement pdpEntityConfig = saml2Manager.getPolicyDecisionPointConfig(realm, entityName);
if (pdpEntityConfig == null) {
throw new AMConsoleException("invalid.xacml.configuration");
} else {
updateBaseConfig(pdpEntityConfig, attrValues, role);
}
//saves the attributes by passing the new entityConfig object
saml2Manager.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
} catch (SAML2MetaException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
throw new AMConsoleException(strError);
}
}
Aggregations