use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.
the class AssertionIDRequestUtil method getRoleDescriptorAndLocation.
private static RoleDescriptorType getRoleDescriptorAndLocation(String samlAuthorityEntityID, String role, String realm, String binding, StringBuffer location) throws SAML2Exception {
List aIDReqServices = null;
RoleDescriptorType roled = null;
try {
if (role == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
} else if (role.equals(SAML2Constants.IDP_ROLE)) {
IDPSSODescriptorElement idpd = metaManager.getIDPSSODescriptor(realm, samlAuthorityEntityID);
if (idpd == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("idpNotFound"));
}
aIDReqServices = idpd.getAssertionIDRequestService();
roled = idpd;
} else if (role.equals(SAML2Constants.AUTHN_AUTH_ROLE)) {
AuthnAuthorityDescriptorElement attrd = metaManager.getAuthnAuthorityDescriptor(realm, samlAuthorityEntityID);
if (attrd == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("authnAuthorityNotFound"));
}
aIDReqServices = attrd.getAssertionIDRequestService();
roled = attrd;
} else if (role.equals(SAML2Constants.ATTR_AUTH_ROLE)) {
AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor(realm, samlAuthorityEntityID);
if (aad == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
}
aIDReqServices = aad.getAssertionIDRequestService();
roled = aad;
} else {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
}
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error("AssertionIDRequest.getRoleDescriptorAndLocation:", sme);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
if (binding == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
if ((aIDReqServices == null) || (aIDReqServices.isEmpty())) {
throw new SAML2Exception(SAML2Utils.bundle.getString("aIDReqServiceNotFound"));
}
for (Iterator iter = aIDReqServices.iterator(); iter.hasNext(); ) {
AssertionIDRequestServiceElement aIDReqService = (AssertionIDRequestServiceElement) iter.next();
if (binding.equalsIgnoreCase(aIDReqService.getBinding())) {
location.append(aIDReqService.getLocation());
break;
}
}
if (location.length() == 0) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
return roled;
}
use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getStandardAuthnAuthorityAttributes.
/**
* Returns a map with standard AuthnAuthority attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with AuthnAuthority values.
* @throws AMConsoleException if unable to retrieve std AuthnAuthority
* values based on the realm and entityName passed.
*/
public Map getStandardAuthnAuthorityAttributes(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AuthnAuthority-Std" };
logEvent("ATTEMPT_GET_AUTHN_AUTH_ATTR_VALUES", params);
Map map = new HashMap();
AuthnAuthorityDescriptorElement authnauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
authnauthDescriptor = samlManager.getAuthnAuthorityDescriptor(realm, entityName);
if (authnauthDescriptor != null) {
map.put(AUTHN_QUERY_SERVICE, Collections.EMPTY_SET);
List authQueryServiceList = authnauthDescriptor.getAuthnQueryService();
if (!authQueryServiceList.isEmpty()) {
AuthnQueryServiceElement key = (AuthnQueryServiceElement) authQueryServiceList.get(0);
map.put(AUTHN_QUERY_SERVICE, returnEmptySetIfValueIsNull(key.getLocation()));
}
map.put(ASSERTION_ID_SAOP_LOC, Collections.EMPTY_SET);
map.put(ASSERTION_ID_URI_LOC, Collections.EMPTY_SET);
List assertionIDReqList = authnauthDescriptor.getAssertionIDRequestService();
for (int i = 0; i < assertionIDReqList.size(); i++) {
AssertionIDRequestServiceElement elem1 = (AssertionIDRequestServiceElement) assertionIDReqList.get(i);
if (elem1.getBinding().contains("SOAP")) {
map.put(ASSERTION_ID_SAOP_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
} else if (elem1.getBinding().contains("URI")) {
map.put(ASSERTION_ID_URI_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
}
}
}
logEvent("SUCCEED_GET_AUTHN_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getStandardAuthnAuthorityAttributes:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_GET_AUTHN_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return map;
}
use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setStdAuthnAuthorityValues.
/**
* Saves the standard attribute values for Authn Authority.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param authnAuthValues Map which contains standard authn authority values.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setStdAuthnAuthorityValues(String realm, String entityName, Map authnAuthValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AuthnAuthority-Std" };
logEvent("ATTEMPT_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
AuthnAuthorityDescriptorElement authnauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
authnauthDescriptor = samlManager.getAuthnAuthorityDescriptor(realm, entityName);
if (authnauthDescriptor != null) {
String queryService = getResult(authnAuthValues, AUTHN_QUERY_SERVICE);
//save query service
List authQueryServiceList = authnauthDescriptor.getAuthnQueryService();
if (!authQueryServiceList.isEmpty()) {
authnauthDescriptor.getAuthnQueryService().clear();
}
AuthnQueryServiceElement key = objFact.createAuthnQueryServiceElement();
key.setBinding(soapBinding);
key.setLocation(queryService);
authnauthDescriptor.getAuthnQueryService().add(key);
//save assertion ID request
String soapLocation = getResult(authnAuthValues, ASSERTION_ID_SAOP_LOC);
String uriLocation = getResult(authnAuthValues, ASSERTION_ID_URI_LOC);
List assertionIDReqList = authnauthDescriptor.getAssertionIDRequestService();
if (!assertionIDReqList.isEmpty()) {
assertionIDReqList.clear();
}
AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
elem1.setBinding(soapBinding);
AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
elem2.setBinding(uriBinding);
if (soapLocation != null) {
elem1.setLocation(soapLocation);
}
if (uriLocation != null) {
elem2.setLocation(uriLocation);
}
authnauthDescriptor.getAssertionIDRequestService().add(elem1);
authnauthDescriptor.getAssertionIDRequestService().add(elem2);
samlManager.setEntityDescriptor(realm, entityDescriptor);
}
logEvent("SUCCEED_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.setStdAuthnAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
}
}
use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getStandardAttributeAuthorityAttributes.
/**
* Returns a map with standard AttributeAuthority attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with AttributeAuthority values.
* @throws AMConsoleException if unable to retrieve std AttributeAuthority
* values based on the realm and entityName passed.
*/
public Map getStandardAttributeAuthorityAttributes(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
logEvent("ATTEMPT_GET_ATTR_AUTH_ATTR_VALUES", params);
Map map = new HashMap();
AttributeAuthorityDescriptorElement attrauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
map.put(ATTR_SEFVICE_DEFAULT_LOCATION, Collections.EMPTY_SET);
map.put(SUPPORTS_X509, Collections.EMPTY_SET);
map.put(ATTR_SEFVICE_LOCATION, Collections.EMPTY_SET);
if (attrauthDescriptor != null) {
List artServiceList = attrauthDescriptor.getAttributeService();
for (int i = 0; i < artServiceList.size(); i++) {
AttributeServiceElement key = (AttributeServiceElement) artServiceList.get(i);
if ((key.getLocation() != null) && (key.isSupportsX509Query())) {
map.put(SUPPORTS_X509, returnEmptySetIfValueIsNull(key.isSupportsX509Query()));
map.put(ATTR_SEFVICE_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
} else if ((key.getLocation() != null) && (key.getLocation().length() > 0)) {
map.put(ATTR_SEFVICE_DEFAULT_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
}
}
map.put(ASSERTION_ID_SAOP_LOC, Collections.EMPTY_SET);
map.put(ASSERTION_ID_URI_LOC, Collections.EMPTY_SET);
List assertionIDReqList = attrauthDescriptor.getAssertionIDRequestService();
for (int i = 0; i < assertionIDReqList.size(); i++) {
AssertionIDRequestServiceElement elem1 = (AssertionIDRequestServiceElement) assertionIDReqList.get(i);
if (elem1.getBinding().contains("SOAP")) {
map.put(ASSERTION_ID_SAOP_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
} else if (elem1.getBinding().contains("URI")) {
map.put(ASSERTION_ID_URI_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
}
}
map.put(ATTRIBUTE_PROFILE, Collections.EMPTY_SET);
List attrProfileList = attrauthDescriptor.getAttributeProfile();
if (!attrProfileList.isEmpty()) {
String key = (String) attrProfileList.get(0);
map.put(ATTRIBUTE_PROFILE, returnEmptySetIfValueIsNull(key));
}
}
logEvent("SUCCEED_GET_ATTR_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getStandardAttributeAuthorityAttributes:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_GET_ATTR_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return map;
}
use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setStdAttributeAuthorityValues.
/**
* Saves the standard attribute values for Attribute Authority.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrAuthValues Map which contains standard attribute auth values.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setStdAttributeAuthorityValues(String realm, String entityName, Map attrAuthValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
logEvent("ATTEMPT_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
AttributeAuthorityDescriptorElement attrauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
if (attrauthDescriptor != null) {
//save attribute Service
String defLocation = getResult(attrAuthValues, ATTR_SEFVICE_DEFAULT_LOCATION);
boolean is509 = setToBoolean(attrAuthValues, SUPPORTS_X509);
String x509Location = getResult(attrAuthValues, ATTR_SEFVICE_LOCATION);
AttributeServiceElement key1 = objFact.createAttributeServiceElement();
AttributeServiceElement key2 = objFact.createAttributeServiceElement();
key1.setBinding(soapBinding);
key1.setLocation("");
key2.setBinding(soapBinding);
key2.setSupportsX509Query(false);
key2.setLocation("");
if (defLocation != null && defLocation.length() > 0) {
key1.setLocation(defLocation);
}
if (x509Location != null && x509Location.length() > 0) {
key2.setLocation(x509Location);
key2.setSupportsX509Query(is509);
}
attrauthDescriptor.getAttributeService().clear();
attrauthDescriptor.getAttributeService().add(key1);
attrauthDescriptor.getAttributeService().add(key2);
//save assertion ID request
String soapLocation = getResult(attrAuthValues, ASSERTION_ID_SAOP_LOC);
String uriLocation = getResult(attrAuthValues, ASSERTION_ID_URI_LOC);
AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
elem1.setBinding(soapBinding);
elem2.setBinding(uriBinding);
if (soapLocation != null) {
elem1.setLocation(soapLocation);
}
if (uriLocation != null) {
elem2.setLocation(uriLocation);
}
attrauthDescriptor.getAssertionIDRequestService().clear();
attrauthDescriptor.getAssertionIDRequestService().add(elem1);
attrauthDescriptor.getAssertionIDRequestService().add(elem2);
//save attribute profile
String attrProfile = getResult(attrAuthValues, ATTRIBUTE_PROFILE);
List attrProfileList = attrauthDescriptor.getAttributeProfile();
if (!attrProfileList.isEmpty()) {
attrauthDescriptor.getAttributeProfile().clear();
}
attrauthDescriptor.getAttributeProfile().add(attrProfile);
samlManager.setEntityDescriptor(realm, entityDescriptor);
}
logEvent("SUCCEED_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
}
}
Aggregations