Search in sources :

Example 1 with XACMLAuthzDecisionQueryDescriptorElement

use of com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement in project OpenAM by OpenRock.

the class SAML2COTUtils method updateEntityConfig.

/**
     * Updates the entity config to add the circle of turst name to the
     * <code>cotlist</code> attribute. The Service Provider and Identity
     * Provider Configuration are updated.
     *
     * @param realm the realm name where the entity configuration is.
     * @param name the circle of trust name.
     * @param entityId the name of the Entity identifier.
     * @throws SAML2MetaException if there is a configuration error when
     *         updating the configuration.
     * @throws JAXBException is there is an error updating the entity
     *          configuration.
     */
public void updateEntityConfig(String realm, String name, String entityId) throws SAML2MetaException, JAXBException {
    String classMethod = "SAML2COTUtils.updateEntityConfig: ";
    SAML2MetaManager metaManager = null;
    if (callerSession == null) {
        metaManager = new SAML2MetaManager();
    } else {
        metaManager = new SAML2MetaManager(callerSession);
    }
    ObjectFactory objFactory = new ObjectFactory();
    // Check whether the entity id existed in the DS
    EntityDescriptorElement edes = metaManager.getEntityDescriptor(realm, entityId);
    if (edes == null) {
        debug.error(classMethod + "No such entity: " + entityId);
        String[] data = { realm, entityId };
        throw new SAML2MetaException("entityid_invalid", data);
    }
    boolean isAffiliation = false;
    if (metaManager.getAffiliationDescriptor(realm, entityId) != null) {
        isAffiliation = true;
    }
    if (debug.messageEnabled()) {
        debug.message(classMethod + "is " + entityId + " in realm " + realm + " an affiliation? " + isAffiliation);
    }
    EntityConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
    if (eConfig == null) {
        BaseConfigType bctype = null;
        AttributeType atype = objFactory.createAttributeType();
        atype.setName(SAML2Constants.COT_LIST);
        atype.getValue().add(name);
        // add to eConfig
        EntityConfigElement ele = objFactory.createEntityConfigElement();
        ele.setEntityID(entityId);
        ele.setHosted(false);
        if (isAffiliation) {
            // handle affiliation case
            bctype = objFactory.createAffiliationConfigElement();
            bctype.getAttribute().add(atype);
            ele.setAffiliationConfig(bctype);
        } else {
            List ll = ele.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
            // Decide which role EntityDescriptorElement includes
            List list = edes.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor();
            for (Iterator iter = list.iterator(); iter.hasNext(); ) {
                Object obj = iter.next();
                if (obj instanceof SPSSODescriptorElement) {
                    bctype = objFactory.createSPSSOConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof IDPSSODescriptorElement) {
                    bctype = objFactory.createIDPSSOConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof XACMLPDPDescriptorElement) {
                    bctype = objFactory.createXACMLPDPConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof XACMLAuthzDecisionQueryDescriptorElement) {
                    bctype = objFactory.createXACMLAuthzDecisionQueryConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AttributeAuthorityDescriptorElement) {
                    bctype = objFactory.createAttributeAuthorityConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AttributeQueryDescriptorElement) {
                    bctype = objFactory.createAttributeQueryConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                } else if (obj instanceof AuthnAuthorityDescriptorElement) {
                    bctype = objFactory.createAuthnAuthorityConfigElement();
                    bctype.getAttribute().add(atype);
                    ll.add(bctype);
                }
            }
        }
        metaManager.setEntityConfig(realm, ele);
    } else {
        boolean needToSave = true;
        List elist = null;
        if (isAffiliation) {
            AffiliationConfigElement affiliationCfgElm = metaManager.getAffiliationConfig(realm, entityId);
            elist = new ArrayList();
            elist.add(affiliationCfgElm);
        } else {
            elist = eConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
        }
        for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
            boolean foundCOT = false;
            BaseConfigType bConfig = (BaseConfigType) iter.next();
            List list = bConfig.getAttribute();
            for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
                AttributeType avp = (AttributeType) iter2.next();
                if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
                    foundCOT = true;
                    List avpl = avp.getValue();
                    if (avpl.isEmpty() || !containsValue(avpl, name)) {
                        avpl.add(name);
                        needToSave = true;
                        break;
                    }
                }
            }
            // no cot_list in the original entity config
            if (!foundCOT) {
                AttributeType atype = objFactory.createAttributeType();
                atype.setName(SAML2Constants.COT_LIST);
                atype.getValue().add(name);
                list.add(atype);
                needToSave = true;
            }
        }
        if (needToSave) {
            metaManager.setEntityConfig(realm, eConfig);
        }
    }
}
Also used : AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) XACMLPDPDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) ArrayList(java.util.ArrayList) AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 2 with XACMLAuthzDecisionQueryDescriptorElement

use of com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement in project OpenAM by OpenRock.

the class QueryHandlerServlet method processXACMLResponse.

/**
     * Returns the received Response to the Requester.
     * Validates the message signature if signed and invokes the
     * Request Handler to pass the request for futher processing.
     *
     * @param realm realm of the entity.
     * @param pdpEntityID entity identifier of Policy Decision Point (PDP).
     * @param samlRequest the <code>RequestAbstract</code> object.
     * @param request the <code>HttpServletRequest</code> object.
     * @param soapMsg the <code>SOAPMessage</code> object.
     * @exception <code>SAML2Exception</code> if there is an error processing
     *            the request and returning a  response.
     */
Response processXACMLResponse(String realm, String pdpEntityID, RequestAbstract samlRequest, HttpServletRequest request, SOAPMessage soapMsg) throws SAML2Exception {
    String classMethod = "QueryHandlerServlet:processXACMLResponse";
    Response samlResponse = null;
    String path = request.getPathInfo();
    String key = path.substring(path.indexOf(METAALIAS_KEY) + 10);
    String pepEntityID = samlRequest.getIssuer().getValue();
    if (debug.messageEnabled()) {
        debug.message(classMethod + "SOAPMessage KEY . :" + key);
        debug.message(classMethod + "pepEntityID is :" + pepEntityID);
    }
    //Retreive metadata
    boolean pdpWantAuthzQuerySigned = SAML2Utils.getWantXACMLAuthzDecisionQuerySigned(realm, pdpEntityID, SAML2Constants.PDP_ROLE);
    if (debug.messageEnabled()) {
        debug.message(classMethod + "PDP wantAuthzQuerySigned:" + pdpWantAuthzQuerySigned);
    }
    if (pdpWantAuthzQuerySigned) {
        if (samlRequest.isSigned()) {
            XACMLAuthzDecisionQueryDescriptorElement pep = SAML2Utils.getSAML2MetaManager().getPolicyEnforcementPointDescriptor(realm, pepEntityID);
            Set<X509Certificate> verificationCerts = KeyUtil.getPEPVerificationCerts(pep, pepEntityID);
            if (verificationCerts.isEmpty() || !samlRequest.isSignatureValid(verificationCerts)) {
                // error
                debug.error(classMethod + "Invalid signature in message");
                throw new SAML2Exception("invalidQuerySignature");
            } else {
                debug.message(classMethod + "Valid signature found");
            }
        } else {
            debug.error("Request not signed");
            throw new SAML2Exception("nullSig");
        }
    }
    //getRequestHandlerClass
    RequestHandler handler = (RequestHandler) SOAPBindingService.handlers.get(key);
    if (handler != null) {
        if (debug.messageEnabled()) {
            debug.message(classMethod + "Found handler");
        }
        samlResponse = handler.handleQuery(pdpEntityID, pepEntityID, samlRequest, soapMsg);
        // set response attributes
        samlResponse.setID(SAML2Utils.generateID());
        samlResponse.setVersion(SAML2Constants.VERSION_2_0);
        samlResponse.setIssueInstant(new Date());
        Issuer issuer = AssertionFactory.getInstance().createIssuer();
        issuer.setValue(pdpEntityID);
        samlResponse.setIssuer(issuer);
        // end set Response Attributes
        //set Assertion attributes
        List assertionList = samlResponse.getAssertion();
        Assertion assertion = (Assertion) assertionList.get(0);
        assertion.setID(SAML2Utils.generateID());
        assertion.setVersion(SAML2Constants.VERSION_2_0);
        assertion.setIssueInstant(new Date());
        assertion.setIssuer(issuer);
        // end assertion set attributes
        // check if assertion needs to be encrypted,signed.
        String wantAssertionEncrypted = SAML2Utils.getAttributeValueFromXACMLConfig(realm, SAML2Constants.PEP_ROLE, pepEntityID, SAML2Constants.WANT_ASSERTION_ENCRYPTED);
        XACMLAuthzDecisionQueryDescriptorElement pepDescriptor = SAML2Utils.getSAML2MetaManager().getPolicyEnforcementPointDescriptor(realm, pepEntityID);
        EncInfo encInfo = null;
        boolean wantAssertionSigned = pepDescriptor.isWantAssertionsSigned();
        if (debug.messageEnabled()) {
            debug.message(classMethod + " wantAssertionSigned :" + wantAssertionSigned);
        }
        if (wantAssertionSigned) {
            signAssertion(realm, pdpEntityID, assertion);
        }
        if (wantAssertionEncrypted != null && wantAssertionEncrypted.equalsIgnoreCase(SAML2Constants.TRUE)) {
            encInfo = KeyUtil.getPEPEncInfo(pepDescriptor, pepEntityID);
            // encrypt the Assertion
            EncryptedAssertion encryptedAssertion = assertion.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), pepEntityID);
            if (encryptedAssertion == null) {
                debug.error(classMethod + "Assertion encryption failed.");
                throw new SAML2Exception("FailedToEncryptAssertion");
            }
            assertionList = new ArrayList();
            assertionList.add(encryptedAssertion);
            samlResponse.setEncryptedAssertion(assertionList);
            //reset Assertion list
            samlResponse.setAssertion(new ArrayList());
            if (debug.messageEnabled()) {
                debug.message(classMethod + "Assertion encrypted.");
            }
        } else {
            List assertionsList = new ArrayList();
            assertionsList.add(assertion);
            samlResponse.setAssertion(assertionsList);
        }
        signResponse(samlResponse, realm, pepEntityID, pdpEntityID);
    } else {
        // error -  missing request handler.
        debug.error(classMethod + "RequestHandler not found");
        throw new SAML2Exception("missingRequestHandler");
    }
    return samlResponse;
}
Also used : Issuer(com.sun.identity.saml2.assertion.Issuer) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) Assertion(com.sun.identity.saml2.assertion.Assertion) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) Date(java.util.Date) Response(com.sun.identity.saml2.protocol.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) EncInfo(com.sun.identity.saml2.key.EncInfo) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) ArrayList(java.util.ArrayList) List(java.util.List) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)

Example 3 with XACMLAuthzDecisionQueryDescriptorElement

use of com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method createExtendedObject.

/**
     * Creates the extended config object when it does not exist.
     * @param realm the realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param location indicates whether hosted or remote
     * @param role can be SP, IDP or SP/IDP.
     * @throws SAML2MetaException, JAXBException,
     *     AMConsoleException if saving of attribute value fails.
     */
private void createExtendedObject(String realm, String entityName, String location, String role) throws SAML2MetaException, JAXBException, AMConsoleException {
    SAML2MetaManager samlManager = getSAML2MetaManager();
    EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
    ObjectFactory objFactory = new ObjectFactory();
    EntityConfigElement entityConfigElement = objFactory.createEntityConfigElement();
    entityConfigElement.setEntityID(entityName);
    if (location.equals("remote")) {
        entityConfigElement.setHosted(false);
    } else {
        entityConfigElement.setHosted(true);
    }
    List configList = entityConfigElement.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
    BaseConfigType baseConfigIDP = null;
    BaseConfigType baseConfigSP = null;
    BaseConfigType baseConfigAuth = null;
    AttributeAuthorityDescriptorElement attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
    AuthnAuthorityDescriptorElement authnauthDescriptor = samlManager.getAuthnAuthorityDescriptor(realm, entityName);
    AttributeQueryDescriptorElement attrQueryDescriptor = samlManager.getAttributeQueryDescriptor(realm, entityName);
    IDPSSODescriptorElement idpssoDesc = samlManager.getIDPSSODescriptor(realm, entityName);
    SPSSODescriptorElement spssoDesc = samlManager.getSPSSODescriptor(realm, entityName);
    XACMLAuthzDecisionQueryDescriptorElement xacmlAuthzDescriptor = samlManager.getPolicyEnforcementPointDescriptor(realm, entityName);
    XACMLPDPDescriptorElement xacmlPDPDescriptor = samlManager.getPolicyDecisionPointDescriptor(realm, entityName);
    if (isDualRole(entityDescriptor)) {
        baseConfigIDP = objFactory.createIDPSSOConfigElement();
        baseConfigSP = objFactory.createSPSSOConfigElement();
        baseConfigIDP = addAttributeType(extendedMetaIdpMap, baseConfigIDP);
        baseConfigSP = addAttributeType(extendedMetaSpMap, baseConfigSP);
        configList.add(baseConfigIDP);
        configList.add(baseConfigSP);
    } else if (role.equals(EntityModel.IDENTITY_PROVIDER) || (idpssoDesc != null)) {
        baseConfigIDP = objFactory.createIDPSSOConfigElement();
        baseConfigIDP = addAttributeType(extendedMetaIdpMap, baseConfigIDP);
        configList.add(baseConfigIDP);
    } else if (role.equals(EntityModel.SERVICE_PROVIDER) || (spssoDesc != null)) {
        baseConfigSP = objFactory.createSPSSOConfigElement();
        baseConfigSP = addAttributeType(extendedMetaSpMap, baseConfigSP);
        configList.add(baseConfigSP);
    }
    if (role.equals(EntityModel.SAML_ATTRAUTHORITY) || (attrauthDescriptor != null)) {
        baseConfigAuth = objFactory.createAttributeAuthorityConfigElement();
        baseConfigAuth = addAttributeType(extAttrAuthMap, baseConfigAuth);
        configList.add(baseConfigAuth);
    }
    if (role.equals(EntityModel.SAML_AUTHNAUTHORITY) || (authnauthDescriptor != null)) {
        baseConfigAuth = objFactory.createAuthnAuthorityConfigElement();
        baseConfigAuth = addAttributeType(extAuthnAuthMap, baseConfigAuth);
        configList.add(baseConfigAuth);
    }
    if (role.equals(EntityModel.SAML_ATTRQUERY) || (attrQueryDescriptor != null)) {
        baseConfigAuth = objFactory.createAttributeQueryConfigElement();
        baseConfigAuth = addAttributeType(extattrQueryMap, baseConfigAuth);
        configList.add(baseConfigAuth);
    }
    if (role.equals(EntityModel.POLICY_DECISION_POINT_DESCRIPTOR) || (xacmlPDPDescriptor != null)) {
        baseConfigAuth = objFactory.createXACMLPDPConfigElement();
        baseConfigAuth = addAttributeType(xacmlPDPExtendedMeta, baseConfigAuth);
        configList.add(baseConfigAuth);
    }
    if (role.equals(EntityModel.POLICY_ENFORCEMENT_POINT_DESCRIPTOR) || (xacmlAuthzDescriptor != null)) {
        baseConfigAuth = objFactory.createXACMLAuthzDecisionQueryConfigElement();
        baseConfigAuth = addAttributeType(xacmlPEPExtendedMeta, baseConfigAuth);
        configList.add(baseConfigAuth);
    }
    samlManager.setEntityConfig(realm, entityConfigElement);
}
Also used : AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) XACMLPDPDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement) AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) List(java.util.List) ArrayList(java.util.ArrayList) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 4 with XACMLAuthzDecisionQueryDescriptorElement

use of com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getPEPDescriptor.

/**
     * Returns a Map of PEP descriptor data.(Standard Metadata)
     *
     * @param realm realm of Entity
     * @param entityName entity name of Entity Descriptor.
     * @return key-value pair Map of PEP descriptor data.
     * @throws AMConsoleException if unable to retrieve the PEP
     *         standard metadata attributes
     */
public Map getPEPDescriptor(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "XACML PEP" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    Map data = null;
    try {
        SAML2MetaManager saml2Manager = getSAML2MetaManager();
        XACMLAuthzDecisionQueryDescriptorElement xacmlAuthzDescriptor = saml2Manager.getPolicyEnforcementPointDescriptor(realm, entityName);
        if (xacmlAuthzDescriptor != null) {
            data = new HashMap(10);
            //ProtocolSupportEnum
            data.put(ATTR_TXT_PROTOCOL_SUPPORT_ENUM, returnEmptySetIfValueIsNull(xacmlAuthzDescriptor.getProtocolSupportEnumeration()));
            if (xacmlAuthzDescriptor.isWantAssertionsSigned()) {
                data.put(ATTR_WANT_ASSERTION_SIGNED, "true");
            } else {
                data.put(ATTR_WANT_ASSERTION_SIGNED, "false");
            }
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "XACML PEP", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return (data != null) ? data : Collections.EMPTY_MAP;
}
Also used : HashMap(java.util.HashMap) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)

Example 5 with XACMLAuthzDecisionQueryDescriptorElement

use of com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement in project OpenAM by OpenRock.

the class SAML2Test method importEntity.

@Test(groups = { "samlv2", "samlv2op" }, dependsOnMethods = { "createMetaTemplate" })
public void importEntity() throws CLIException, SAML2MetaException {
    entering("importEntity", null);
    String[] args = { "import-entity", CLIConstants.PREFIX_ARGUMENT_LONG + FedCLIConstants.ARGUMENT_METADATA, "meta", CLIConstants.PREFIX_ARGUMENT_LONG + FedCLIConstants.ARGUMENT_EXTENDED_DATA, "extended", CLIConstants.PREFIX_ARGUMENT_LONG + FedCLIConstants.ARGUMENT_COT, NAME_COT, CLIConstants.PREFIX_ARGUMENT_LONG + FedCLIConstants.SPECIFICATION_VERSION, FedCLIConstants.SAML2_SPECIFICATION };
    CLIRequest req = new CLIRequest(null, args, getAdminSSOToken());
    cmdManager.addToRequestQueue(req);
    cmdManager.serviceRequestQueue();
    SAML2MetaManager mgr = new SAML2MetaManager();
    EntityDescriptorElement entity = mgr.getEntityDescriptor("/", NAME_IDP);
    assert (entity != null);
    SPSSODescriptorElement spElt = mgr.getSPSSODescriptor("/", NAME_IDP);
    assert (spElt != null);
    IDPSSODescriptorElement idpElt = mgr.getIDPSSODescriptor("/", NAME_IDP);
    assert (idpElt != null);
    XACMLPDPDescriptorElement pdpElt = mgr.getPolicyDecisionPointDescriptor("/", NAME_IDP);
    assert (pdpElt != null);
    XACMLAuthzDecisionQueryDescriptorElement pepElt = mgr.getPolicyEnforcementPointDescriptor("/", NAME_IDP);
    assert (pepElt != null);
    IDPSSOConfigElement idpConfig = mgr.getIDPSSOConfig("/", NAME_IDP);
    assert (idpConfig != null);
    SPSSOConfigElement spConfig = mgr.getSPSSOConfig("/", NAME_IDP);
    assert (spConfig != null);
    XACMLPDPConfigElement pdpConfig = mgr.getPolicyDecisionPointConfig("/", NAME_IDP);
    assert (pdpConfig != null);
    XACMLAuthzDecisionQueryConfigElement pepConfig = mgr.getPolicyEnforcementPointConfig("/", NAME_IDP);
    assert (pepConfig != null);
    exiting("importEntity");
}
Also used : SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) XACMLPDPDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) CLIRequest(com.sun.identity.cli.CLIRequest) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) XACMLAuthzDecisionQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement) XACMLAuthzDecisionQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

XACMLAuthzDecisionQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLAuthzDecisionQueryDescriptorElement)5 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)3 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)3 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)3 XACMLPDPDescriptorElement (com.sun.identity.saml2.jaxb.metadata.XACMLPDPDescriptorElement)3 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)3 ArrayList (java.util.ArrayList)3 List (java.util.List)3 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)2 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)2 ObjectFactory (com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory)2 AttributeAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)2 AuthnAuthorityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)2 AttributeQueryDescriptorElement (com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)2 CLIRequest (com.sun.identity.cli.CLIRequest)1 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)1 Assertion (com.sun.identity.saml2.assertion.Assertion)1 EncryptedAssertion (com.sun.identity.saml2.assertion.EncryptedAssertion)1 Issuer (com.sun.identity.saml2.assertion.Issuer)1 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)1