Search in sources :

Example 1 with XACMLPDPConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getPDPConfig.

/**
     * Returns a Map of PDP Config data. (Extended Metadata)
     *
     * @param realm realm of Entity
     * @param entityName entity name of Entity Descriptor
     * @param location location of entity(hosted or remote)
     * @return key-value pair Map of PPP config data.
     * @throws AMConsoleException if unable to retrieve the PDP
     *         extended metadata attribute
     */
public Map getPDPConfig(String realm, String entityName, String location) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    String role = EntityModel.POLICY_DECISION_POINT_DESCRIPTOR;
    Map data = null;
    List configList = null;
    String metaAlias = null;
    try {
        SAML2MetaManager saml2Manager = getSAML2MetaManager();
        XACMLPDPConfigElement xacmlPDPConfigElement = saml2Manager.getPolicyDecisionPointConfig(realm, entityName);
        if (xacmlPDPConfigElement != null) {
            data = new HashMap();
            configList = xacmlPDPConfigElement.getAttribute();
            metaAlias = xacmlPDPConfigElement.getMetaAlias();
            int size = configList.size();
            for (int i = 0; i < size; i++) {
                AttributeType atype = (AttributeType) configList.get(i);
                String name = atype.getName();
                java.util.List value = atype.getValue();
                data.put(atype.getName(), returnEmptySetIfValueIsNull(atype.getValue()));
            }
            data.put("metaAlias", metaAlias);
        } else {
            createExtendedObject(realm, entityName, location, role);
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (JAXBException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    } catch (SAML2MetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return (data != null) ? data : Collections.EMPTY_MAP;
}
Also used : HashMap(java.util.HashMap) JAXBException(javax.xml.bind.JAXBException) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) List(java.util.List) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 2 with XACMLPDPConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.

the class SAML2Utils method getAttributeValueFromXACMLConfig.

/**
     * Returns the value of attribute from entity configuration.
     *
     * @param realm      the realm of the entity.
     * @param entityRole role of the entity (PEP or PDP).
     * @param entityID   identity of the entity.
     * @param attrName   name of attribute whose value is to be retreived.
     * @return value of the attribute.
     */
public static String getAttributeValueFromXACMLConfig(String realm, String entityRole, String entityID, String attrName) {
    String method = "SAML2Utils:getAttributeValueFromXACMLConfig : ";
    if (debug.messageEnabled()) {
        debug.message(method + "realm - " + realm);
        debug.message(method + "entityRole - " + entityRole);
        debug.message(method + "EntityId - " + entityID);
        debug.message(method + "attrName - " + attrName);
    }
    String result = null;
    try {
        XACMLAuthzDecisionQueryConfigElement pepConfig = null;
        XACMLPDPConfigElement pdpConfig = null;
        Map attrs = null;
        if (entityRole.equalsIgnoreCase(SAML2Constants.PEP_ROLE)) {
            pepConfig = saml2MetaManager.getPolicyEnforcementPointConfig(realm, entityID);
            if (pepConfig != null) {
                attrs = SAML2MetaUtils.getAttributes(pepConfig);
            }
        } else {
            pdpConfig = saml2MetaManager.getPolicyDecisionPointConfig(realm, entityID);
            if (pdpConfig != null) {
                attrs = SAML2MetaUtils.getAttributes(pdpConfig);
            }
        }
        if (attrs != null) {
            List value = (List) attrs.get(attrName);
            if (value != null && value.size() != 0) {
                result = (String) value.get(0);
            }
        }
    } catch (SAML2MetaException e) {
        debug.message("Retreiving XACML Config failed:", e);
    }
    if (debug.messageEnabled()) {
        debug.message("Attribute value is : " + result);
    }
    return result;
}
Also used : XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) XACMLAuthzDecisionQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement) ArrayList(java.util.ArrayList) List(java.util.List) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 3 with XACMLPDPConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.

the class QueryClient method getPDPConfig.

/**
     * Returns the extended Policy Decision Point Configuration.
     *
     * @param realm the realm of the entity.
     * @param pdpEntityId identifier of the PDP.
     * @return the <code>XACMLPDPConfigElement</code> object.
     * @exception <code>SAML2Exception</code> if there is an error retreiving
     *            the extended configuration.
     */
private static XACMLPDPConfigElement getPDPConfig(String realm, String pdpEntityID) throws SAML2Exception {
    XACMLPDPConfigElement pdpConfig = null;
    String classMethod = "QueryClient:getPDPConfig";
    if (saml2MetaManager != null) {
        try {
            pdpConfig = saml2MetaManager.getPolicyDecisionPointConfig(realm, pdpEntityID);
        } catch (SAML2MetaException sme) {
            if (debug.messageEnabled()) {
                debug.message(classMethod + "Error retreiving PDP meta", sme);
            }
            String[] args = { pdpEntityID };
            LogUtil.error(Level.INFO, LogUtil.PEP_METADATA_ERROR, args);
            throw new SAML2Exception(SAML2SDKUtils.BUNDLE_NAME, "pdpMetaRetreivalError", args);
        }
    }
    return pdpConfig;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 4 with XACMLPDPConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.

the class SAML2MetaManager method getPolicyDecisionPointConfig.

/**
     * Returns first policy decision point configuration in an entity under
     * the realm.
     * @param realm The realm under which the entity resides.
     * @param entityId ID of the entity to be retrieved.
     * @return policy decision point configuration or null if it is not found.
     * @throws SAML2MetaException if unable to retrieve the configuration.
     */
public XACMLPDPConfigElement getPolicyDecisionPointConfig(String realm, String entityId) throws SAML2MetaException {
    XACMLPDPConfigElement elm = null;
    EntityConfigElement eConfig = getEntityConfig(realm, entityId);
    if (eConfig != null) {
        List list = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
        for (Iterator i = list.iterator(); i.hasNext() && (elm == null); ) {
            Object obj = i.next();
            if (obj instanceof XACMLPDPConfigElement) {
                elm = (XACMLPDPConfigElement) obj;
            }
        }
    }
    return elm;
}
Also used : Iterator(java.util.Iterator) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) ArrayList(java.util.ArrayList) List(java.util.List) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 5 with XACMLPDPConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method updatePDPConfig.

/**
     * Save extended metadata for PDP Config.
     *
     * @param realm realm of Entity.
     * @param entityName entity name of Entity Descriptor.
     * @param location entity is remote or hosted.
     * @param attrValues key-value pair Map of PDP extended config.
     * @throws AMConsoleException if fails to modify/save the PDP
     *         extended metadata attribute
     */
public void updatePDPConfig(String realm, String entityName, String location, Map attrValues) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "XACML PDP" };
    logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
    String role = EntityModel.POLICY_DECISION_POINT_DESCRIPTOR;
    try {
        SAML2MetaManager saml2Manager = getSAML2MetaManager();
        //entityConfig is the extended entity configuration object
        EntityConfigElement entityConfig = saml2Manager.getEntityConfig(realm, entityName);
        if (entityConfig == null) {
            throw new AMConsoleException("invalid.xacml.configuration");
        }
        XACMLPDPConfigElement pdpEntityConfig = saml2Manager.getPolicyDecisionPointConfig(realm, entityName);
        if (pdpEntityConfig == null) {
            throw new AMConsoleException("invalid.xacml.configuration");
        } else {
            updateBaseConfig(pdpEntityConfig, attrValues, role);
        }
        //saves the attributes by passing the new entityConfig object
        saml2Manager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
    } catch (SAML2MetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    } catch (JAXBException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PDP", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    }
}
Also used : JAXBException(javax.xml.bind.JAXBException) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

XACMLPDPConfigElement (com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement)9 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5 XACMLAuthzDecisionQueryConfigElement (com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement)4 ArrayList (java.util.ArrayList)4 List (java.util.List)4 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)2 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)2 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)2 SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)2 HashMap (java.util.HashMap)2 Iterator (java.util.Iterator)2 Map (java.util.Map)2 JAXBException (javax.xml.bind.JAXBException)2 CLIRequest (com.sun.identity.cli.CLIRequest)1 Issuer (com.sun.identity.saml2.assertion.Issuer)1 AttributeType (com.sun.identity.saml2.jaxb.entityconfig.AttributeType)1 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)1 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1