use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class SPACSUtils method getAttributeValueFromSPSSOConfig.
/**
* Retrieves attribute value for a given attribute name from
* <code>SPSSOConfig</code>.
* @param orgName realm or organization name the service provider resides in
* @param hostEntityId hosted service provider's Entity ID.
* @param sm <code>SAML2MetaManager</code> instance to perform meta
* operations.
* @param attrName name of the attribute whose value ot be retrived.
* @return value of the attribute; or <code>null</code> if the attribute
* if not configured, or an error occured in the process.
*/
private static String getAttributeValueFromSPSSOConfig(String orgName, String hostEntityId, SAML2MetaManager sm, String attrName) {
String result = null;
try {
SPSSOConfigElement config = sm.getSPSSOConfig(orgName, hostEntityId);
if (config == null) {
return null;
}
Map attrs = SAML2MetaUtils.getAttributes(config);
List value = (List) attrs.get(attrName);
if (value != null && value.size() != 0) {
result = ((String) value.iterator().next()).trim();
}
} catch (SAML2MetaException sme) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getAttributeValueFromSPSSO" + "Config:", sme);
}
result = null;
}
return result;
}
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class QueryClient method getPDPEndPoint.
/**
* Returns the Policy Decision Point End Point (PDP) URL.
*
* @param pdpEntityID entity Identifier of the PDP.
* @return the PDP endpoint URL.
* @exception if there is an error retreiving the endpoint from the
* configuration.
*/
private static String getPDPEndPoint(String pdpEntityID) throws SAML2Exception {
String endPoint = null;
String classMethod = "QueryClient:getPDPEndPoint";
if (saml2MetaManager != null) {
try {
XACMLPDPDescriptorElement pdpDescriptor = saml2MetaManager.getPolicyDecisionPointDescriptor(null, pdpEntityID);
if (pdpDescriptor != null) {
List xacmlPDP = pdpDescriptor.getXACMLAuthzService();
if (xacmlPDP != null) {
Iterator i = xacmlPDP.iterator();
while (i.hasNext()) {
Object o = (Object) i.next();
if (o instanceof XACMLAuthzServiceElement) {
XACMLAuthzServiceElement xType = (XACMLAuthzServiceElement) o;
endPoint = xType.getLocation();
if (debug.messageEnabled()) {
debug.message(classMethod + "EndPoint :" + endPoint);
}
}
break;
}
}
}
} catch (SAML2MetaException sme) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Error retreiving PDP Meta", sme);
}
String[] args = { pdpEntityID };
LogUtil.error(Level.INFO, LogUtil.PDP_METADATA_ERROR, args);
throw new SAML2Exception(SAML2SDKUtils.BUNDLE_NAME, "pdpMetaRetreivalError", args);
}
}
return endPoint;
}
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class ConfigFedMonitoring method getSAMLv2Roles.
/*
* This is used to determine what 'roles' a particular entity is
* acting as. It will producs a list of role names which can then
* be used by the calling routine for whatever purpose it needs.
*/
private List getSAMLv2Roles(String entity, String realm) {
List roles = new ArrayList();
try {
SAML2MetaManager samlManager = new SAML2MetaManager();
EntityDescriptorElement d = samlManager.getEntityDescriptor(realm, entity);
if (d != null) {
// find out what role this dude is playing
if (SAML2MetaUtils.getSPSSODescriptor(d) != null) {
roles.add(SERVICE_PROVIDER);
}
if (SAML2MetaUtils.getIDPSSODescriptor(d) != null) {
roles.add(IDENTITY_PROVIDER);
}
if (SAML2MetaUtils.getPolicyDecisionPointDescriptor(d) != null) {
roles.add(POLICY_DECISION_POINT_DESCRIPTOR);
}
if (SAML2MetaUtils.getPolicyEnforcementPointDescriptor(d) != null) {
roles.add(POLICY_ENFORCEMENT_POINT_DESCRIPTOR);
}
if (SAML2MetaUtils.getAttributeAuthorityDescriptor(d) != null) {
roles.add(SAML_ATTRAUTHORITY);
}
if (SAML2MetaUtils.getAuthnAuthorityDescriptor(d) != null) {
roles.add(SAML_AUTHNAUTHORITY);
}
if (SAML2MetaUtils.getAttributeQueryDescriptor(d) != null) {
roles.add(SAML_ATTRQUERY);
}
if (samlManager.getAffiliationDescriptor(realm, entity) != null) {
roles.add(AFFILIATE);
}
}
} catch (SAML2MetaException s) {
if (debug.warningEnabled()) {
debug.warning("ConfigFedMonitoring.getSAMLv2Roles() - " + "Couldn't get SAMLMetaManager");
}
}
return (roles != null) ? roles : Collections.EMPTY_LIST;
}
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class ConfigFedMonitoring method getAllRealms.
private void getAllRealms(String startRealm) {
String classMethod = "ConfigFedMonitoring.getAllRealms: ";
// until IDPs/SPs per realm instrum
boolean skipSAML2Entities = true;
StringBuffer sb = new StringBuffer(classMethod);
sb.append("orgnames starting from ").append(startRealm).append(":\n");
sb.append(" ").append(startRealm).append("\n");
List rList = getRealmsList(startRealm);
try {
CircleOfTrustManager cotmgr = new CircleOfTrustManager();
SAML2MetaManager saml2Mgr = new SAML2MetaManager();
IDFFMetaManager idffmgr = new IDFFMetaManager(ssoToken);
for (Iterator it = rList.iterator(); it.hasNext(); ) {
String thisRealm = (String) it.next();
Set cots = getCOTs(thisRealm, cotmgr);
Map s2Ents = null;
if (!skipSAML2Entities) {
s2Ents = getSAML2Entities(thisRealm, saml2Mgr);
}
Map wsEnts = getWSFedEntities(thisRealm);
Map idffentMap = getIDFFEntities(thisRealm, idffmgr);
/*
* getCOTMembers(thisRealm, cot, cotmgr, cotsb)
* can get the members of the COT, but there isn't
* a (MIB) entry that right now.
*/
Map membMap = getCOTMembers(thisRealm, cots, cotmgr);
SSOServerRealmFedInfo srfi = new SSOServerRealmFedInfo.SSOServerRealmFedInfoBuilder(thisRealm).cots(cots).samlv2Entities(s2Ents).wsEntities(wsEnts).idffEntities(idffentMap).membEntities(membMap).build();
Agent.federationConfig(srfi);
}
} catch (SAML2MetaException e) {
debug.error(classMethod + "SAML2 ex: " + e.getMessage());
} catch (COTException e) {
debug.error(classMethod + "COT ex: " + e.getMessage());
} catch (IDFFMetaException e) {
debug.error(classMethod + "IDFF ex: " + e.getMessage());
}
}
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class ConfigFedMonitoring method getSAML2Entities.
private Map getSAML2Entities(String realm, SAML2MetaManager saml2Mgr) {
String classMethod = "ConfigFedMonitoring.getSAML2Entities:";
Set s2Ents = null;
// s2entMap: entity name => Map of ("location", "roles") -> values
// for the SAML2 entities
Map s2entMap = new HashMap();
try {
s2Ents = saml2Mgr.getAllEntities(realm);
List hosted = saml2Mgr.getAllHostedEntities(realm);
for (Iterator it = s2Ents.iterator(); it.hasNext(); ) {
Map wse = new HashMap();
String entId = (String) it.next();
if ((hosted != null) && hosted.contains(entId)) {
wse.put("location", "hosted");
} else {
wse.put("location", "remote");
}
wse.put("roles", listToString(getSAMLv2Roles(entId, realm)));
s2entMap.put(entId, wse);
}
} catch (SAML2MetaException e) {
debug.error(classMethod + "getting SAML2 entity providers for realm " + realm + ": " + e.getMessage());
}
return s2entMap;
}
Aggregations