Search in sources :

Example 1 with AssertionIDRequestServiceElement

use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.

the class AssertionIDRequestUtil method getRoleDescriptorAndLocation.

private static RoleDescriptorType getRoleDescriptorAndLocation(String samlAuthorityEntityID, String role, String realm, String binding, StringBuffer location) throws SAML2Exception {
    List aIDReqServices = null;
    RoleDescriptorType roled = null;
    try {
        if (role == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
        } else if (role.equals(SAML2Constants.IDP_ROLE)) {
            IDPSSODescriptorElement idpd = metaManager.getIDPSSODescriptor(realm, samlAuthorityEntityID);
            if (idpd == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("idpNotFound"));
            }
            aIDReqServices = idpd.getAssertionIDRequestService();
            roled = idpd;
        } else if (role.equals(SAML2Constants.AUTHN_AUTH_ROLE)) {
            AuthnAuthorityDescriptorElement attrd = metaManager.getAuthnAuthorityDescriptor(realm, samlAuthorityEntityID);
            if (attrd == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("authnAuthorityNotFound"));
            }
            aIDReqServices = attrd.getAssertionIDRequestService();
            roled = attrd;
        } else if (role.equals(SAML2Constants.ATTR_AUTH_ROLE)) {
            AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor(realm, samlAuthorityEntityID);
            if (aad == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
            }
            aIDReqServices = aad.getAssertionIDRequestService();
            roled = aad;
        } else {
            throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
        }
    } catch (SAML2MetaException sme) {
        SAML2Utils.debug.error("AssertionIDRequest.getRoleDescriptorAndLocation:", sme);
        throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
    }
    if (binding == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    if ((aIDReqServices == null) || (aIDReqServices.isEmpty())) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("aIDReqServiceNotFound"));
    }
    for (Iterator iter = aIDReqServices.iterator(); iter.hasNext(); ) {
        AssertionIDRequestServiceElement aIDReqService = (AssertionIDRequestServiceElement) iter.next();
        if (binding.equalsIgnoreCase(aIDReqService.getBinding())) {
            location.append(aIDReqService.getLocation());
            break;
        }
    }
    if (location.length() == 0) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    return roled;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) RoleDescriptorType(com.sun.identity.saml2.jaxb.metadata.RoleDescriptorType) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 2 with AssertionIDRequestServiceElement

use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getStandardAuthnAuthorityAttributes.

/**
     * Returns a map with standard AuthnAuthority attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with AuthnAuthority values.
     * @throws AMConsoleException if unable to retrieve std AuthnAuthority
     *       values based on the realm and entityName passed.
     */
public Map getStandardAuthnAuthorityAttributes(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AuthnAuthority-Std" };
    logEvent("ATTEMPT_GET_AUTHN_AUTH_ATTR_VALUES", params);
    Map map = new HashMap();
    AuthnAuthorityDescriptorElement authnauthDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        authnauthDescriptor = samlManager.getAuthnAuthorityDescriptor(realm, entityName);
        if (authnauthDescriptor != null) {
            map.put(AUTHN_QUERY_SERVICE, Collections.EMPTY_SET);
            List authQueryServiceList = authnauthDescriptor.getAuthnQueryService();
            if (!authQueryServiceList.isEmpty()) {
                AuthnQueryServiceElement key = (AuthnQueryServiceElement) authQueryServiceList.get(0);
                map.put(AUTHN_QUERY_SERVICE, returnEmptySetIfValueIsNull(key.getLocation()));
            }
            map.put(ASSERTION_ID_SAOP_LOC, Collections.EMPTY_SET);
            map.put(ASSERTION_ID_URI_LOC, Collections.EMPTY_SET);
            List assertionIDReqList = authnauthDescriptor.getAssertionIDRequestService();
            for (int i = 0; i < assertionIDReqList.size(); i++) {
                AssertionIDRequestServiceElement elem1 = (AssertionIDRequestServiceElement) assertionIDReqList.get(i);
                if (elem1.getBinding().contains("SOAP")) {
                    map.put(ASSERTION_ID_SAOP_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
                } else if (elem1.getBinding().contains("URI")) {
                    map.put(ASSERTION_ID_URI_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
                }
            }
        }
        logEvent("SUCCEED_GET_AUTHN_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getStandardAuthnAuthorityAttributes:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_GET_AUTHN_AUTH_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) HashMap(java.util.HashMap) List(java.util.List) ArrayList(java.util.ArrayList) AuthnQueryServiceElement(com.sun.identity.saml2.jaxb.metadata.AuthnQueryServiceElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 3 with AssertionIDRequestServiceElement

use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setStdAuthnAuthorityValues.

/**
     * Saves the standard attribute values for Authn Authority.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param authnAuthValues Map which contains standard authn authority values.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setStdAuthnAuthorityValues(String realm, String entityName, Map authnAuthValues) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AuthnAuthority-Std" };
    logEvent("ATTEMPT_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
    com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
    AuthnAuthorityDescriptorElement authnauthDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
        authnauthDescriptor = samlManager.getAuthnAuthorityDescriptor(realm, entityName);
        if (authnauthDescriptor != null) {
            String queryService = getResult(authnAuthValues, AUTHN_QUERY_SERVICE);
            //save query service
            List authQueryServiceList = authnauthDescriptor.getAuthnQueryService();
            if (!authQueryServiceList.isEmpty()) {
                authnauthDescriptor.getAuthnQueryService().clear();
            }
            AuthnQueryServiceElement key = objFact.createAuthnQueryServiceElement();
            key.setBinding(soapBinding);
            key.setLocation(queryService);
            authnauthDescriptor.getAuthnQueryService().add(key);
            //save assertion ID request
            String soapLocation = getResult(authnAuthValues, ASSERTION_ID_SAOP_LOC);
            String uriLocation = getResult(authnAuthValues, ASSERTION_ID_URI_LOC);
            List assertionIDReqList = authnauthDescriptor.getAssertionIDRequestService();
            if (!assertionIDReqList.isEmpty()) {
                assertionIDReqList.clear();
            }
            AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
            elem1.setBinding(soapBinding);
            AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
            elem2.setBinding(uriBinding);
            if (soapLocation != null) {
                elem1.setLocation(soapLocation);
            }
            if (uriLocation != null) {
                elem2.setLocation(uriLocation);
            }
            authnauthDescriptor.getAssertionIDRequestService().add(elem1);
            authnauthDescriptor.getAssertionIDRequestService().add(elem2);
            samlManager.setEntityDescriptor(realm, entityDescriptor);
        }
        logEvent("SUCCEED_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.setStdAuthnAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    } catch (JAXBException e) {
        debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
    }
}
Also used : AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) JAXBException(javax.xml.bind.JAXBException) AuthnQueryServiceElement(com.sun.identity.saml2.jaxb.metadata.AuthnQueryServiceElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 4 with AssertionIDRequestServiceElement

use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getStandardAttributeAuthorityAttributes.

/**
     * Returns a map with standard AttributeAuthority attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with AttributeAuthority values.
     * @throws AMConsoleException if unable to retrieve std AttributeAuthority
     *       values based on the realm and entityName passed.
     */
public Map getStandardAttributeAuthorityAttributes(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
    logEvent("ATTEMPT_GET_ATTR_AUTH_ATTR_VALUES", params);
    Map map = new HashMap();
    AttributeAuthorityDescriptorElement attrauthDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
        map.put(ATTR_SEFVICE_DEFAULT_LOCATION, Collections.EMPTY_SET);
        map.put(SUPPORTS_X509, Collections.EMPTY_SET);
        map.put(ATTR_SEFVICE_LOCATION, Collections.EMPTY_SET);
        if (attrauthDescriptor != null) {
            List artServiceList = attrauthDescriptor.getAttributeService();
            for (int i = 0; i < artServiceList.size(); i++) {
                AttributeServiceElement key = (AttributeServiceElement) artServiceList.get(i);
                if ((key.getLocation() != null) && (key.isSupportsX509Query())) {
                    map.put(SUPPORTS_X509, returnEmptySetIfValueIsNull(key.isSupportsX509Query()));
                    map.put(ATTR_SEFVICE_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
                } else if ((key.getLocation() != null) && (key.getLocation().length() > 0)) {
                    map.put(ATTR_SEFVICE_DEFAULT_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
                }
            }
            map.put(ASSERTION_ID_SAOP_LOC, Collections.EMPTY_SET);
            map.put(ASSERTION_ID_URI_LOC, Collections.EMPTY_SET);
            List assertionIDReqList = attrauthDescriptor.getAssertionIDRequestService();
            for (int i = 0; i < assertionIDReqList.size(); i++) {
                AssertionIDRequestServiceElement elem1 = (AssertionIDRequestServiceElement) assertionIDReqList.get(i);
                if (elem1.getBinding().contains("SOAP")) {
                    map.put(ASSERTION_ID_SAOP_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
                } else if (elem1.getBinding().contains("URI")) {
                    map.put(ASSERTION_ID_URI_LOC, returnEmptySetIfValueIsNull(elem1.getLocation()));
                }
            }
            map.put(ATTRIBUTE_PROFILE, Collections.EMPTY_SET);
            List attrProfileList = attrauthDescriptor.getAttributeProfile();
            if (!attrProfileList.isEmpty()) {
                String key = (String) attrProfileList.get(0);
                map.put(ATTRIBUTE_PROFILE, returnEmptySetIfValueIsNull(key));
            }
        }
        logEvent("SUCCEED_GET_ATTR_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getStandardAttributeAuthorityAttributes:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ATTR_AUTH_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : AttributeServiceElement(com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) HashMap(java.util.HashMap) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 5 with AssertionIDRequestServiceElement

use of com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setStdAttributeAuthorityValues.

/**
     * Saves the standard attribute values for Attribute Authority.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param attrAuthValues Map which contains standard attribute auth values.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setStdAttributeAuthorityValues(String realm, String entityName, Map attrAuthValues) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
    com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
    logEvent("ATTEMPT_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
    AttributeAuthorityDescriptorElement attrauthDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
        attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
        if (attrauthDescriptor != null) {
            //save attribute Service
            String defLocation = getResult(attrAuthValues, ATTR_SEFVICE_DEFAULT_LOCATION);
            boolean is509 = setToBoolean(attrAuthValues, SUPPORTS_X509);
            String x509Location = getResult(attrAuthValues, ATTR_SEFVICE_LOCATION);
            AttributeServiceElement key1 = objFact.createAttributeServiceElement();
            AttributeServiceElement key2 = objFact.createAttributeServiceElement();
            key1.setBinding(soapBinding);
            key1.setLocation("");
            key2.setBinding(soapBinding);
            key2.setSupportsX509Query(false);
            key2.setLocation("");
            if (defLocation != null && defLocation.length() > 0) {
                key1.setLocation(defLocation);
            }
            if (x509Location != null && x509Location.length() > 0) {
                key2.setLocation(x509Location);
                key2.setSupportsX509Query(is509);
            }
            attrauthDescriptor.getAttributeService().clear();
            attrauthDescriptor.getAttributeService().add(key1);
            attrauthDescriptor.getAttributeService().add(key2);
            //save assertion ID request
            String soapLocation = getResult(attrAuthValues, ASSERTION_ID_SAOP_LOC);
            String uriLocation = getResult(attrAuthValues, ASSERTION_ID_URI_LOC);
            AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
            AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
            elem1.setBinding(soapBinding);
            elem2.setBinding(uriBinding);
            if (soapLocation != null) {
                elem1.setLocation(soapLocation);
            }
            if (uriLocation != null) {
                elem2.setLocation(uriLocation);
            }
            attrauthDescriptor.getAssertionIDRequestService().clear();
            attrauthDescriptor.getAssertionIDRequestService().add(elem1);
            attrauthDescriptor.getAssertionIDRequestService().add(elem2);
            //save attribute profile
            String attrProfile = getResult(attrAuthValues, ATTRIBUTE_PROFILE);
            List attrProfileList = attrauthDescriptor.getAttributeProfile();
            if (!attrProfileList.isEmpty()) {
                attrauthDescriptor.getAttributeProfile().clear();
            }
            attrauthDescriptor.getAttributeProfile().add(attrProfile);
            samlManager.setEntityDescriptor(realm, entityDescriptor);
        }
        logEvent("SUCCEED_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    } catch (JAXBException e) {
        debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
    }
}
Also used : AttributeServiceElement(com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) JAXBException(javax.xml.bind.JAXBException) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Aggregations

AssertionIDRequestServiceElement (com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement)5 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5 ArrayList (java.util.ArrayList)5 List (java.util.List)5 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)4 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)4 AttributeAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)3 AuthnAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)3 ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)2 AttributeServiceElement (com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement)2 AuthnQueryServiceElement (com.sun.identity.saml2.jaxb.metadata.AuthnQueryServiceElement)2 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 JAXBException (javax.xml.bind.JAXBException)2 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)1 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1 RoleDescriptorType (com.sun.identity.saml2.jaxb.metadata.RoleDescriptorType)1 Iterator (java.util.Iterator)1