use of com.sun.identity.saml2.jaxb.xmlsig in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method savepostMni.
/**
* Saves the Post ManageNameID Service.
*
* @param mnipostLocation is the location url.
* @param mnipostRespLocation is the response location url.
* @param manageNameIdList the live list to be updated.
* @param objFact the Object Factory class.
* @throws JAXBException if save fails.
*/
private void savepostMni(String mnipostLocation, String mnipostRespLocation, List manageNameIdList, com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact) throws JAXBException {
if (mnipostLocation != null && mnipostLocation.length() > 0) {
ManageNameIDServiceElement slsElemPost = objFact.createManageNameIDServiceElement();
slsElemPost.setBinding(httpPostBinding);
slsElemPost.setLocation(mnipostLocation);
slsElemPost.setResponseLocation(mnipostRespLocation);
manageNameIdList.add(slsElemPost);
}
}
use of com.sun.identity.saml2.jaxb.xmlsig in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setStdAttributeAuthorityValues.
/**
* Saves the standard attribute values for Attribute Authority.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrAuthValues Map which contains standard attribute auth values.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setStdAttributeAuthorityValues(String realm, String entityName, Map attrAuthValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Std" };
com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
logEvent("ATTEMPT_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
AttributeAuthorityDescriptorElement attrauthDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
attrauthDescriptor = samlManager.getAttributeAuthorityDescriptor(realm, entityName);
if (attrauthDescriptor != null) {
//save attribute Service
String defLocation = getResult(attrAuthValues, ATTR_SEFVICE_DEFAULT_LOCATION);
boolean is509 = setToBoolean(attrAuthValues, SUPPORTS_X509);
String x509Location = getResult(attrAuthValues, ATTR_SEFVICE_LOCATION);
AttributeServiceElement key1 = objFact.createAttributeServiceElement();
AttributeServiceElement key2 = objFact.createAttributeServiceElement();
key1.setBinding(soapBinding);
key1.setLocation("");
key2.setBinding(soapBinding);
key2.setSupportsX509Query(false);
key2.setLocation("");
if (defLocation != null && defLocation.length() > 0) {
key1.setLocation(defLocation);
}
if (x509Location != null && x509Location.length() > 0) {
key2.setLocation(x509Location);
key2.setSupportsX509Query(is509);
}
attrauthDescriptor.getAttributeService().clear();
attrauthDescriptor.getAttributeService().add(key1);
attrauthDescriptor.getAttributeService().add(key2);
//save assertion ID request
String soapLocation = getResult(attrAuthValues, ASSERTION_ID_SAOP_LOC);
String uriLocation = getResult(attrAuthValues, ASSERTION_ID_URI_LOC);
AssertionIDRequestServiceElement elem1 = objFact.createAssertionIDRequestServiceElement();
AssertionIDRequestServiceElement elem2 = objFact.createAssertionIDRequestServiceElement();
elem1.setBinding(soapBinding);
elem2.setBinding(uriBinding);
if (soapLocation != null) {
elem1.setLocation(soapLocation);
}
if (uriLocation != null) {
elem2.setLocation(uriLocation);
}
attrauthDescriptor.getAssertionIDRequestService().clear();
attrauthDescriptor.getAssertionIDRequestService().add(elem1);
attrauthDescriptor.getAssertionIDRequestService().add(elem2);
//save attribute profile
String attrProfile = getResult(attrAuthValues, ATTRIBUTE_PROFILE);
List attrProfileList = attrauthDescriptor.getAttributeProfile();
if (!attrProfileList.isEmpty()) {
attrauthDescriptor.getAttributeProfile().clear();
}
attrauthDescriptor.getAttributeProfile().add(attrProfile);
samlManager.setEntityDescriptor(realm, entityDescriptor);
}
logEvent("SUCCEED_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
} catch (JAXBException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeAuthorityValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
}
}
use of com.sun.identity.saml2.jaxb.xmlsig in project OpenAM by OpenRock.
the class RequestedAuthnContextImpl method toXMLString.
/**
* Converts into an XML String.
*
* @param includeNSPrefix Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A string containing the valid XML for this element
* @throws com.sun.identity.saml2.common.SAML2Exception
* if unable to get the XML string.
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
StringBuffer xml = new StringBuffer();
String NS = "";
String NSP = "";
String assertNS = "";
String assertNSP = "";
if (declareNS) {
NS = SAML2Constants.PROTOCOL_DECLARE_STR;
assertNS = SAML2Constants.ASSERTION_DECLARE_STR;
}
if (includeNSPrefix) {
NSP = SAML2Constants.PROTOCOL_PREFIX;
assertNSP = SAML2Constants.ASSERTION_PREFIX;
}
xml.append("<").append(NSP).append(elementName);
xml.append(NS).append(" ");
if (comparison == null) {
comparison = "exact";
}
xml.append("Comparison=\"");
xml.append(comparison);
xml.append("\">");
if ((authnContextClassRef != null) && (authnContextDeclRef != null)) {
throw new SAML2Exception("");
}
if ((authnContextClassRef != null) && (authnContextClassRef != Collections.EMPTY_LIST)) {
Iterator it = authnContextClassRef.iterator();
while (it.hasNext()) {
String element = (String) it.next();
xml.append("<").append(assertNSP);
xml.append("AuthnContextClassRef").append(assertNS).append(">");
xml.append(element);
xml.append("</").append(assertNSP);
xml.append("AuthnContextClassRef").append(">");
}
}
if ((authnContextDeclRef != null) && (authnContextDeclRef != Collections.EMPTY_LIST)) {
Iterator it = authnContextDeclRef.iterator();
while (it.hasNext()) {
String element = (String) it.next();
xml.append("<").append(assertNSP);
xml.append("AuthnContextDeclRef").append(assertNS).append(">");
xml.append(element);
xml.append("</").append(assertNSP);
xml.append("AuthnContextDeclRef").append(">");
}
}
xml.append("</").append(NSP).append(elementName).append(">");
return xml.toString();
}
use of com.sun.identity.saml2.jaxb.xmlsig in project OpenAM by OpenRock.
the class XACMLRequestProcessor method processRequest.
/**
* Processes an XACML context Request and returns an XACML context
* Response.
*
* @param xacmlRequest XACML context Request. This describes the
* Resource(s), Subject(s), Action, Environment of the request
* and corresponds to XACML context schema element Request.
* One would contruct this Request object using XACML client SDK.
*
* @param pdpEntityId EntityID of PDP
* @param pepEntityId EntityID of PEP
* @return XACML context Response. This corresponds to
* XACML context schema element Response
* @exception XACMLException if request could not be processed
*/
public Response processRequest(Request xacmlRequest, String pdpEntityId, String pepEntityId) throws XACMLException, SAML2Exception {
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("XACMLRequestProcessor.processRequest(), entering" + ":pdpEntityId=" + pdpEntityId + ":pepEntityId=" + pepEntityId + ":xacmlRequest=\n" + xacmlRequest.toXMLString(true, true));
}
XACMLAuthzDecisionQuery samlpQuery = createXACMLAuthzDecisionQuery(xacmlRequest);
//set InputContextOnly
samlpQuery.setInputContextOnly(true);
//set ReturnContext
samlpQuery.setReturnContext(true);
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("XACMLRequestProcessor.processRequest()," + "samlpQuery=\n" + samlpQuery.toXMLString(true, true));
}
com.sun.identity.saml2.protocol.Response samlpResponse = QueryClient.processXACMLQuery(samlpQuery, pepEntityId, pdpEntityId);
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("XACMLRequestProcessor.processRequest()," + ":samlpResponse=\n" + samlpResponse.toXMLString(true, true));
}
Response xacmlResponse = null;
List assertions = samlpResponse.getAssertion();
if (assertions != null) {
Assertion assertion = (Assertion) (assertions.get(0));
if (assertion != null) {
List statements = assertion.getStatements();
if (statements.size() > 0) {
String statementString = (String) (statements.get(0));
if (statementString != null) {
XACMLAuthzDecisionStatement statement = ContextFactory.getInstance().createXACMLAuthzDecisionStatement(statementString);
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("XACMLRequestProcessor.processRequest()," + ":xacmlAuthzDecisionStatement=\n" + statement.toXMLString(true, true));
}
if (statement != null) {
xacmlResponse = statement.getResponse();
if (xacmlResponse != null) {
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("XACMLRequestProcessor.processRequest()" + ",returning :xacmlResponse=\n" + xacmlResponse.toXMLString(true, true));
}
return xacmlResponse;
}
}
}
}
}
}
return null;
}
Aggregations