Search in sources :

Example 6 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method savehttpRedMni.

/**
     * Saves the Http-Redirect ManageNameID Service.
     *
     * @param mnihttpLocation is the location url.
     * @param mnihttpRespLocation is the response location url.
     * @param manageNameIdList the live list to be updated.
     * @param objFact the Object Factory class.
     * @throws JAXBException if save fails.
     */
private void savehttpRedMni(String mnihttpLocation, String mnihttpRespLocation, List manageNameIdList, com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact) throws JAXBException {
    if (mnihttpLocation != null && mnihttpLocation.length() > 0) {
        ManageNameIDServiceElement slsElemRed = objFact.createManageNameIDServiceElement();
        slsElemRed.setBinding(httpRedirectBinding);
        slsElemRed.setLocation(mnihttpLocation);
        slsElemRed.setResponseLocation(mnihttpRespLocation);
        manageNameIdList.add(slsElemRed);
    }
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)

Example 7 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method savesoapMni.

/**
     * Saves the Soap ManageNameID Service.
     *
     * @param mnisoapLocation is the location url.
     * @param manageNameIdList the live list to be updated.
     * @param objFact the Object Factory class.
     * @throws JAXBException if save fails.
     */
private void savesoapMni(String mnisoapLocation, List manageNameIdList, com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact) throws JAXBException {
    if (mnisoapLocation != null && mnisoapLocation.length() > 0) {
        ManageNameIDServiceElement slsElemSoap = objFact.createManageNameIDServiceElement();
        slsElemSoap.setBinding(soapBinding);
        slsElemSoap.setLocation(mnisoapLocation);
        manageNameIdList.add(slsElemSoap);
    }
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)

Example 8 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getStandardIdentityProviderAttributes.

/**
     * Returns a map with standard identity provider attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with standard attribute values of Identity Provider.
     * @throws AMConsoleException if unable to retrieve the Identity Provider
     *     attrubutes based on the realm and entityName passed.
     */
public Map getStandardIdentityProviderAttributes(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "IDP-Standard" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    Map map = new HashMap();
    IDPSSODescriptorElement idpssoDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        idpssoDescriptor = samlManager.getIDPSSODescriptor(realm, entityName);
        if (idpssoDescriptor != null) {
            // retrieve WantAuthnRequestsSigned
            map.put(WANT_AUTHN_REQ_SIGNED, returnEmptySetIfValueIsNull(idpssoDescriptor.isWantAuthnRequestsSigned()));
            //retrieve ArtifactResolutionService
            map.put(ART_RES_LOCATION, Collections.EMPTY_SET);
            map.put(ART_RES_INDEX, Collections.EMPTY_SET);
            map.put(ART_RES_ISDEFAULT, Collections.EMPTY_SET);
            List artList = idpssoDescriptor.getArtifactResolutionService();
            if (!artList.isEmpty()) {
                ArtifactResolutionServiceElement key = (ArtifactResolutionServiceElement) artList.get(0);
                map.put(ART_RES_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
                map.put(ART_RES_INDEX, returnEmptySetIfValueIsNull(Integer.toString(key.getIndex())));
                map.put(ART_RES_ISDEFAULT, returnEmptySetIfValueIsNull(key.isIsDefault()));
            }
            //retrieve SingleLogoutService
            map.put(SINGLE_LOGOUT_HTTP_LOCATION, Collections.EMPTY_SET);
            map.put(SINGLE_LOGOUT_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
            map.put(SLO_POST_LOC, Collections.EMPTY_SET);
            map.put(SLO_POST_RESPLOC, Collections.EMPTY_SET);
            map.put(SINGLE_LOGOUT_SOAP_LOCATION, Collections.EMPTY_SET);
            map.put(SINGLE_LOGOUT_DEFAULT, Collections.EMPTY_SET);
            List logoutList = idpssoDescriptor.getSingleLogoutService();
            for (int i = 0; i < logoutList.size(); i++) {
                SingleLogoutServiceElement spslsElem = (SingleLogoutServiceElement) logoutList.get(i);
                String tmp = spslsElem.getBinding();
                if (i == 0) {
                    map.put(SINGLE_LOGOUT_DEFAULT, returnEmptySetIfValueIsNull(tmp));
                }
                if (tmp.contains(httpRedirect)) {
                    map.put(SINGLE_LOGOUT_HTTP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                    map.put(SINGLE_LOGOUT_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
                } else if (tmp.contains(httpPost)) {
                    map.put(SLO_POST_LOC, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                    map.put(SLO_POST_RESPLOC, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
                } else if (tmp.contains(soap)) {
                    map.put(SINGLE_LOGOUT_SOAP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                }
            }
            //retrieve ManageNameIDService
            map.put(MANAGE_NAMEID_HTTP_LOCATION, Collections.EMPTY_SET);
            map.put(MANAGE_NAMEID_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
            map.put(MNI_POST_LOC, Collections.EMPTY_SET);
            map.put(MNI_POST_RESPLOC, Collections.EMPTY_SET);
            map.put(MANAGE_NAMEID_SOAP_LOCATION, Collections.EMPTY_SET);
            map.put(SINGLE_MANAGE_NAMEID_DEFAULT, Collections.EMPTY_SET);
            List manageNameIdList = idpssoDescriptor.getManageNameIDService();
            for (int i = 0; i < manageNameIdList.size(); i++) {
                ManageNameIDServiceElement mniElem = (ManageNameIDServiceElement) manageNameIdList.get(i);
                String tmp = mniElem.getBinding();
                if (i == 0) {
                    map.put(SINGLE_MANAGE_NAMEID_DEFAULT, returnEmptySetIfValueIsNull(tmp));
                }
                if (tmp.contains(httpRedirect)) {
                    map.put(MANAGE_NAMEID_HTTP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                    map.put(MANAGE_NAMEID_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
                } else if (tmp.contains(httpPost)) {
                    map.put(MNI_POST_LOC, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                    map.put(MNI_POST_RESPLOC, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
                } else if (tmp.contains(soap)) {
                    map.put(MANAGE_NAMEID_SOAP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                }
            }
            //retrieve nameid mapping service
            map.put(NAME_ID_MAPPPING, Collections.EMPTY_SET);
            List nameIDmappingList = idpssoDescriptor.getNameIDMappingService();
            if (!nameIDmappingList.isEmpty()) {
                NameIDMappingServiceElement namidElem1 = (NameIDMappingServiceElement) nameIDmappingList.get(0);
                map.put(NAME_ID_MAPPPING, returnEmptySetIfValueIsNull(namidElem1.getLocation()));
            }
            //retrieve nameid format
            map.put(NAMEID_FORMAT, (OrderedSet) convertListToSet(idpssoDescriptor.getNameIDFormat()));
            //retrieve single sign on service
            map.put(SINGLE_SIGNON_HTTP_LOCATION, Collections.EMPTY_SET);
            map.put(SINGLE_SIGNON_SOAP_LOCATION, Collections.EMPTY_SET);
            map.put(SSO_SOAPS_LOC, Collections.EMPTY_SET);
            List signonList = idpssoDescriptor.getSingleSignOnService();
            for (int i = 0; i < signonList.size(); i++) {
                SingleSignOnServiceElement signElem = (SingleSignOnServiceElement) signonList.get(i);
                String tmp = signElem.getBinding();
                if (tmp.contains(httpRedirect)) {
                    map.put(SINGLE_SIGNON_HTTP_LOCATION, returnEmptySetIfValueIsNull(signElem.getLocation()));
                } else if (tmp.contains(httpPost)) {
                    map.put(SINGLE_SIGNON_SOAP_LOCATION, returnEmptySetIfValueIsNull(signElem.getLocation()));
                } else if (tmp.contains(soap)) {
                    map.put(SSO_SOAPS_LOC, returnEmptySetIfValueIsNull(signElem.getLocation()));
                }
            }
            //retrieve key descriptor encryption details if present
            map.put(TF_KEY_NAME, Collections.EMPTY_SET);
            map.put(TF_ALGORITHM, Collections.EMPTY_SET);
            if (idpssoDescriptor.getKeyDescriptor() != null) {
                getKeyandAlgorithm(idpssoDescriptor, map);
            }
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getIdentityProviderAttributes:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "IDP-Standard", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) HashMap(java.util.HashMap) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) SingleSignOnServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleSignOnServiceElement) ArtifactResolutionServiceElement(com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement) NameIDMappingServiceElement(com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement) SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 9 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method getMNIServiceElement.

private static ManageNameIDServiceElement getMNIServiceElement(String realm, String entityID, String hostEntityRole, String binding) throws SAML2MetaException, SessionException, SAML2Exception {
    ManageNameIDServiceElement mniService = null;
    String method = "getMNIServiceElement: ";
    if (debug.messageEnabled()) {
        debug.message(method + "Realm : " + realm);
        debug.message(method + "Entity ID : " + entityID);
        debug.message(method + "Host Entity Role : " + hostEntityRole);
    }
    if (hostEntityRole.equalsIgnoreCase(SAML2Constants.SP_ROLE)) {
        mniService = getIDPManageNameIDConfig(realm, entityID, binding);
    } else if (hostEntityRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
        mniService = getSPManageNameIDConfig(realm, entityID, binding);
    } else {
        logError("nullHostEntityRole", LogUtil.MISSING_ENTITY_ROLE, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullHostEntityRole"));
    }
    return mniService;
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)

Example 10 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method getIDPManageNameIDConfig.

/**
     * Returns first ManageNameID configuration in an entity under
     * the realm.
     * @param realm The realm under which the entity resides.
     * @param entityId ID of the entity to be retrieved.
     * @param binding bind type need to has to be matched.
     * @return <code>ManageNameIDServiceElement</code> for the entity or null
     * @throws SAML2MetaException if unable to retrieve the first identity
     *                            provider's SSO configuration.
     * @throws SessionException invalid or expired single-sign-on session
     */
public static ManageNameIDServiceElement getIDPManageNameIDConfig(String realm, String entityId, String binding) throws SAML2MetaException, SessionException {
    ManageNameIDServiceElement mni = null;
    IDPSSODescriptorElement idpSSODesc = metaManager.getIDPSSODescriptor(realm, entityId);
    if (idpSSODesc == null) {
        debug.error(SAML2Utils.bundle.getString("noIDPEntry"));
        return null;
    }
    List list = idpSSODesc.getManageNameIDService();
    if ((list != null) && !list.isEmpty()) {
        if (binding == null) {
            return (ManageNameIDServiceElement) list.get(0);
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            mni = (ManageNameIDServiceElement) it.next();
            if (binding.equalsIgnoreCase(mni.getBinding())) {
                break;
            }
        }
    }
    return mni;
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) Iterator(java.util.Iterator) List(java.util.List) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Aggregations

ManageNameIDServiceElement (com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)13 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)5 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5 List (java.util.List)5 SessionException (com.sun.identity.plugin.session.SessionException)3 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)3 ManageNameIDRequest (com.sun.identity.saml2.protocol.ManageNameIDRequest)3 Iterator (java.util.Iterator)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2 NameIDMappingServiceElement (com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement)2 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)2 SingleLogoutServiceElement (com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)2 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)2 ManageNameIDResponse (com.sun.identity.saml2.protocol.ManageNameIDResponse)2 IOException (java.io.IOException)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)1 ArtifactResolutionServiceElement (com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)1