Example 56 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getStandardIdentityProviderAttributes.
/**
* Returns a map with standard identity provider attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with standard attribute values of Identity Provider.
* @throws AMConsoleException if unable to retrieve the Identity Provider
* attrubutes based on the realm and entityName passed.
*/
public Map getStandardIdentityProviderAttributes(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "IDP-Standard" };
logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
Map map = new HashMap();
IDPSSODescriptorElement idpssoDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
idpssoDescriptor = samlManager.getIDPSSODescriptor(realm, entityName);
if (idpssoDescriptor != null) {
// retrieve WantAuthnRequestsSigned
map.put(WANT_AUTHN_REQ_SIGNED, returnEmptySetIfValueIsNull(idpssoDescriptor.isWantAuthnRequestsSigned()));
//retrieve ArtifactResolutionService
map.put(ART_RES_LOCATION, Collections.EMPTY_SET);
map.put(ART_RES_INDEX, Collections.EMPTY_SET);
map.put(ART_RES_ISDEFAULT, Collections.EMPTY_SET);
List artList = idpssoDescriptor.getArtifactResolutionService();
if (!artList.isEmpty()) {
ArtifactResolutionServiceElement key = (ArtifactResolutionServiceElement) artList.get(0);
map.put(ART_RES_LOCATION, returnEmptySetIfValueIsNull(key.getLocation()));
map.put(ART_RES_INDEX, returnEmptySetIfValueIsNull(Integer.toString(key.getIndex())));
map.put(ART_RES_ISDEFAULT, returnEmptySetIfValueIsNull(key.isIsDefault()));
}
//retrieve SingleLogoutService
map.put(SINGLE_LOGOUT_HTTP_LOCATION, Collections.EMPTY_SET);
map.put(SINGLE_LOGOUT_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
map.put(SLO_POST_LOC, Collections.EMPTY_SET);
map.put(SLO_POST_RESPLOC, Collections.EMPTY_SET);
map.put(SINGLE_LOGOUT_SOAP_LOCATION, Collections.EMPTY_SET);
map.put(SINGLE_LOGOUT_DEFAULT, Collections.EMPTY_SET);
List logoutList = idpssoDescriptor.getSingleLogoutService();
for (int i = 0; i < logoutList.size(); i++) {
SingleLogoutServiceElement spslsElem = (SingleLogoutServiceElement) logoutList.get(i);
String tmp = spslsElem.getBinding();
if (i == 0) {
map.put(SINGLE_LOGOUT_DEFAULT, returnEmptySetIfValueIsNull(tmp));
}
if (tmp.contains(httpRedirect)) {
map.put(SINGLE_LOGOUT_HTTP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
map.put(SINGLE_LOGOUT_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
} else if (tmp.contains(httpPost)) {
map.put(SLO_POST_LOC, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
map.put(SLO_POST_RESPLOC, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
} else if (tmp.contains(soap)) {
map.put(SINGLE_LOGOUT_SOAP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
}
}
//retrieve ManageNameIDService
map.put(MANAGE_NAMEID_HTTP_LOCATION, Collections.EMPTY_SET);
map.put(MANAGE_NAMEID_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
map.put(MNI_POST_LOC, Collections.EMPTY_SET);
map.put(MNI_POST_RESPLOC, Collections.EMPTY_SET);
map.put(MANAGE_NAMEID_SOAP_LOCATION, Collections.EMPTY_SET);
map.put(SINGLE_MANAGE_NAMEID_DEFAULT, Collections.EMPTY_SET);
List manageNameIdList = idpssoDescriptor.getManageNameIDService();
for (int i = 0; i < manageNameIdList.size(); i++) {
ManageNameIDServiceElement mniElem = (ManageNameIDServiceElement) manageNameIdList.get(i);
String tmp = mniElem.getBinding();
if (i == 0) {
map.put(SINGLE_MANAGE_NAMEID_DEFAULT, returnEmptySetIfValueIsNull(tmp));
}
if (tmp.contains(httpRedirect)) {
map.put(MANAGE_NAMEID_HTTP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
map.put(MANAGE_NAMEID_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
} else if (tmp.contains(httpPost)) {
map.put(MNI_POST_LOC, returnEmptySetIfValueIsNull(mniElem.getLocation()));
map.put(MNI_POST_RESPLOC, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
} else if (tmp.contains(soap)) {
map.put(MANAGE_NAMEID_SOAP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
}
}
//retrieve nameid mapping service
map.put(NAME_ID_MAPPPING, Collections.EMPTY_SET);
List nameIDmappingList = idpssoDescriptor.getNameIDMappingService();
if (!nameIDmappingList.isEmpty()) {
NameIDMappingServiceElement namidElem1 = (NameIDMappingServiceElement) nameIDmappingList.get(0);
map.put(NAME_ID_MAPPPING, returnEmptySetIfValueIsNull(namidElem1.getLocation()));
}
//retrieve nameid format
map.put(NAMEID_FORMAT, (OrderedSet) convertListToSet(idpssoDescriptor.getNameIDFormat()));
//retrieve single sign on service
map.put(SINGLE_SIGNON_HTTP_LOCATION, Collections.EMPTY_SET);
map.put(SINGLE_SIGNON_SOAP_LOCATION, Collections.EMPTY_SET);
map.put(SSO_SOAPS_LOC, Collections.EMPTY_SET);
List signonList = idpssoDescriptor.getSingleSignOnService();
for (int i = 0; i < signonList.size(); i++) {
SingleSignOnServiceElement signElem = (SingleSignOnServiceElement) signonList.get(i);
String tmp = signElem.getBinding();
if (tmp.contains(httpRedirect)) {
map.put(SINGLE_SIGNON_HTTP_LOCATION, returnEmptySetIfValueIsNull(signElem.getLocation()));
} else if (tmp.contains(httpPost)) {
map.put(SINGLE_SIGNON_SOAP_LOCATION, returnEmptySetIfValueIsNull(signElem.getLocation()));
} else if (tmp.contains(soap)) {
map.put(SSO_SOAPS_LOC, returnEmptySetIfValueIsNull(signElem.getLocation()));
}
}
//retrieve key descriptor encryption details if present
map.put(TF_KEY_NAME, Collections.EMPTY_SET);
map.put(TF_ALGORITHM, Collections.EMPTY_SET);
if (idpssoDescriptor.getKeyDescriptor() != null) {
getKeyandAlgorithm(idpssoDescriptor, map);
}
}
logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getIdentityProviderAttributes:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "IDP-Standard", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return map;
}
Also used :
ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)
HashMap(java.util.HashMap)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
SingleSignOnServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleSignOnServiceElement)
ArtifactResolutionServiceElement(com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)
NameIDMappingServiceElement(com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement)
SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)
List(java.util.List)
ArrayList(java.util.ArrayList)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 57 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setStdAttributeQueryValues.
/**
* Saves the standard attribute values for Attribute Query.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrQueryValues Map which contains standard attribute query values.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setStdAttributeQueryValues(String realm, String entityName, Map attrQueryValues) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribQuery-Std" };
logEvent("ATTEMPT_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
AttributeQueryDescriptorElement attrQueryDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
attrQueryDescriptor = samlManager.getAttributeQueryDescriptor(realm, entityName);
if (attrQueryDescriptor != null) {
//save nameid format
List NameIdFormatList = attrQueryDescriptor.getNameIDFormat();
if (!NameIdFormatList.isEmpty()) {
attrQueryDescriptor.getNameIDFormat().clear();
}
List listtoSave = convertSetToList((Set) attrQueryValues.get(ATTR_NAMEID_FORMAT));
Iterator itt = listtoSave.listIterator();
while (itt.hasNext()) {
String name = (String) itt.next();
attrQueryDescriptor.getNameIDFormat().add(name);
}
samlManager.setEntityDescriptor(realm, entityDescriptor);
}
logEvent("SUCCEED_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.setStdAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Std", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
}
Also used :
Iterator(java.util.Iterator)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 58 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getSPAuthenticationContexts.
/**
* Returns the object of Auththentication Contexts in SP.
*
* @param realm Realm of Entity
* @param entityName Name of Entity Descriptor.
* @return SAMLv2AuthContexts contains SP authContexts values.
* @throws AMConsoleException if unable to retrieve the SP
* Authentication Contexts
*/
public SAMLv2AuthContexts getSPAuthenticationContexts(String realm, String entityName) throws AMConsoleException {
SAMLv2AuthContexts cxt = new SAMLv2AuthContexts();
try {
List tmpList = new ArrayList();
SAML2MetaManager saml2MetaManager = getSAML2MetaManager();
Map map = new HashMap();
BaseConfigType spConfig = saml2MetaManager.getSPSSOConfig(realm, entityName);
if (spConfig != null) {
map = SAML2MetaUtils.getAttributes(spConfig);
} else {
throw new AMConsoleException("invalid.entity.name");
}
List list = (List) map.get(SP_AUTHN_CONTEXT_CLASS_REF_MAPPING);
for (int i = 0; i < list.size(); i++) {
String tmp = (String) list.get(i);
int index = tmp.lastIndexOf("|");
boolean isDefault = false;
String defaultValue = tmp.substring(index + 1);
if (defaultValue.equals("default")) {
isDefault = true;
}
tmp = tmp.substring(0, index);
index = tmp.indexOf("|");
String level = tmp.substring(index + 1);
String name = tmp.substring(0, index);
cxt.put(name, "true", level, isDefault);
}
} catch (SAML2MetaException e) {
throw new AMConsoleException(getErrorString(e));
} catch (AMConsoleException e) {
throw new AMConsoleException(getErrorString(e));
}
return (cxt != null) ? cxt : new SAMLv2AuthContexts();
}
Also used :
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
HashMap(java.util.HashMap)
SAMLv2AuthContexts(com.sun.identity.console.federation.SAMLv2AuthContexts)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 59 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method setExtAttributeQueryValues.
/**
* Saves the extended attribute values for Attribute Query.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @param attrQueryExtValues Map which contains the extended values.
* @param location has the information whether remote or hosted.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setExtAttributeQueryValues(String realm, String entityName, Map attrQueryExtValues, String location) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "AttribQuery-Ext" };
logEvent("ATTEMPT_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
String role = EntityModel.SAML_ATTRQUERY;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
//entityConfig is the extended entity configuration object
EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityName);
//for remote cases
if (entityConfig == null) {
createExtendedObject(realm, entityName, location, role);
entityConfig = samlManager.getEntityConfig(realm, entityName);
}
AttributeQueryConfigElement attrQueryConfig = samlManager.getAttributeQueryConfig(realm, entityName);
if (attrQueryConfig != null) {
updateBaseConfig(attrQueryConfig, attrQueryExtValues, role);
}
//saves the attributes by passing the new entityConfig object
samlManager.setEntityConfig(realm, entityConfig);
logEvent("SUCCEED_MODIFY_ATTR_QUERY_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Ext", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
} catch (JAXBException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Extended", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
} catch (AMConsoleException e) {
debug.error("SAMLv2ModelImpl.setExtAttributeQueryValues:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "AttribQuery-Ext", strError };
logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_QUERY_ATTR_VALUES", paramsEx);
}
}
Also used :
JAXBException(javax.xml.bind.JAXBException)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Example 60 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getIDPAuthenticationContexts.
/**
* Returns the object of Auththentication Contexts in IDP.
*
* @param realm Realm of Entity
* @param entityName Name of Entity Descriptor.
* @return SAMLv2AuthContexts contains IDP authContexts values.
* @throws AMConsoleException if unable to retrieve the IDP
* Authentication Contexts
*/
public SAMLv2AuthContexts getIDPAuthenticationContexts(String realm, String entityName) throws AMConsoleException {
SAMLv2AuthContexts cxt = new SAMLv2AuthContexts();
try {
List tmpList = new ArrayList();
SAML2MetaManager saml2MetaManager = getSAML2MetaManager();
Map map = new HashMap();
BaseConfigType idpConfig = saml2MetaManager.getIDPSSOConfig(realm, entityName);
if (idpConfig != null) {
map = SAML2MetaUtils.getAttributes(idpConfig);
} else {
throw new AMConsoleException("invalid.entity.name");
}
List list = (List) map.get(IDP_AUTHN_CONTEXT_CLASS_REF_MAPPING);
for (int i = 0; i < list.size(); i++) {
String tmp = (String) list.get(i);
int index = tmp.lastIndexOf("|");
boolean isDefault = false;
String defaultValue = tmp.substring(index + 1);
if (defaultValue.equals("default")) {
isDefault = true;
}
tmp = tmp.substring(0, index);
index = tmp.lastIndexOf("|");
String authScheme = tmp.substring(index + 1);
tmp = tmp.substring(0, index);
index = tmp.indexOf("|");
String level = tmp.substring(index + 1);
String name = tmp.substring(0, index);
cxt.put(name, "true", authScheme, level, isDefault);
}
} catch (SAML2MetaException e) {
throw new AMConsoleException(getErrorString(e));
} catch (AMConsoleException e) {
throw new AMConsoleException(getErrorString(e));
}
return (cxt != null) ? cxt : new SAMLv2AuthContexts();
}
Also used :
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
HashMap(java.util.HashMap)
SAMLv2AuthContexts(com.sun.identity.console.federation.SAMLv2AuthContexts)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)100
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)93
List (java.util.List)67
ArrayList (java.util.ArrayList)48
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)46
Map (java.util.Map)33
HashMap (java.util.HashMap)31
Iterator (java.util.Iterator)28
EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)27
EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)23
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)22
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)21
JAXBException (javax.xml.bind.JAXBException)20
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)19
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)17
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)16
IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)15
Set (java.util.Set)10
CLIException (com.sun.identity.cli.CLIException)9
COTException (com.sun.identity.cot.COTException)9
