Example 31 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class QueryClient method getPEPConfig.
/**
* Returns the extended Policy Enforcement Point Configuration.
*
* @param realm the realm of the entity.
* @param pepEntityId identifier of the PEP.
* @return the <code>XACMLAuthzDecisionQueryConfigElement</code> object.
* @exception <code>SAML2Exception</code> if there is an error retreiving
* the extended configuration.
*/
private static XACMLAuthzDecisionQueryConfigElement getPEPConfig(String realm, String pepEntityID) throws SAML2Exception {
XACMLAuthzDecisionQueryConfigElement pepConfig = null;
String classMethod = "QueryClient:getPEPConfig";
if (saml2MetaManager != null) {
try {
pepConfig = saml2MetaManager.getPolicyEnforcementPointConfig(realm, pepEntityID);
} catch (SAML2MetaException sme) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Error retreiving PEP meta", sme);
}
String[] args = { pepEntityID };
LogUtil.error(Level.INFO, LogUtil.PEP_METADATA_ERROR, args);
throw new SAML2Exception(SAML2SDKUtils.BUNDLE_NAME, "pepMetaRetreivalError", args);
}
}
return pepConfig;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
XACMLAuthzDecisionQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 32 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class QueryClient method getPDPConfig.
/**
* Returns the extended Policy Decision Point Configuration.
*
* @param realm the realm of the entity.
* @param pdpEntityId identifier of the PDP.
* @return the <code>XACMLPDPConfigElement</code> object.
* @exception <code>SAML2Exception</code> if there is an error retreiving
* the extended configuration.
*/
private static XACMLPDPConfigElement getPDPConfig(String realm, String pdpEntityID) throws SAML2Exception {
XACMLPDPConfigElement pdpConfig = null;
String classMethod = "QueryClient:getPDPConfig";
if (saml2MetaManager != null) {
try {
pdpConfig = saml2MetaManager.getPolicyDecisionPointConfig(realm, pdpEntityID);
} catch (SAML2MetaException sme) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Error retreiving PDP meta", sme);
}
String[] args = { pdpEntityID };
LogUtil.error(Level.INFO, LogUtil.PEP_METADATA_ERROR, args);
throw new SAML2Exception(SAML2SDKUtils.BUNDLE_NAME, "pdpMetaRetreivalError", args);
}
}
return pdpConfig;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 33 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class CreateMetaDataModelImpl method createSAMLv2Provider.
/**
* Creates a SAMLv2 provider.
*
* @param realm Realm Name.
* @param entityId Entity Id.
* @param values Map of property name to values.
*
* @throws AMConsoleException if duplicate metaAliases provided or unable to create or import metadata.
*/
public void createSAMLv2Provider(String realm, String entityId, Map values) throws AMConsoleException {
try {
// validate hosted entities to check that metaAliases are unique
List<String> metaAliases = getFederationAlias(values, MetaTemplateParameters.P_SAML_ALIASES);
Set<String> duplicateCheck = new HashSet<String>(metaAliases);
if (duplicateCheck.size() < metaAliases.size()) {
throw new AMConsoleException(getLocalizedString("federation.create.provider.duplicate.metaAlias"));
}
SAML2MetaManager mgr = new SAML2MetaManager();
mgr.validateMetaAliasForNewEntity(realm, metaAliases);
String metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, values, requestURL);
String extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, values, requestURL);
ImportSAML2MetaData.importData(realm, metadata, extendedData);
} catch (WorkflowException ex) {
throw new AMConsoleException(getErrorString(ex));
} catch (SAML2MetaException ex) {
throw new AMConsoleException(getErrorString(ex));
}
}
Also used :
WorkflowException(com.sun.identity.workflow.WorkflowException)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
HashSet(java.util.HashSet)
Example 34 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class EntityModelImpl method isAffiliate.
/**
* Returns true if entity descriptor is an affiliate.
*
* @param protocol the Protocol to which entity belongs.
* @param realm the realm in which the entity resides.
* @param name Name of entity descriptor.
* @return true if entity descriptor is an affiliate.
*/
public boolean isAffiliate(String protocol, String realm, String name) throws AMConsoleException {
boolean isAffiliate = false;
com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType idff_ad = null;
com.sun.identity.saml2.jaxb.metadata.AffiliationDescriptorType samlv2_sd = null;
try {
if (protocol.equals(IDFF)) {
IDFFMetaManager idffManager = new IDFFMetaManager(null);
idff_ad = (com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType) idffManager.getAffiliationDescriptor(realm, name);
} else if (protocol.equals(SAMLV2)) {
SAML2MetaManager samlManager = new SAML2MetaManager();
samlv2_sd = (com.sun.identity.saml2.jaxb.metadata.AffiliationDescriptorType) samlManager.getAffiliationDescriptor(realm, name);
}
if (idff_ad != null || samlv2_sd != null) {
isAffiliate = true;
}
} catch (IDFFMetaException e) {
if (debug.warningEnabled()) {
debug.warning("EntityModelImpl.isAffiliate", e);
}
throw new AMConsoleException(getErrorString(e));
} catch (SAML2MetaException s) {
if (debug.warningEnabled()) {
debug.warning("EntityModel.isAffiliate() - " + "Couldn't get SAMLMetaManager");
}
throw new AMConsoleException(getErrorString(s));
}
return isAffiliate;
}
Also used :
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AffiliationDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
AffiliationDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 35 with SAML2MetaManager
use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.
the class EntityModelImpl method getSAMLv2Roles.
/*
* This is used to determine what 'roles' a particular entity is
* acting as. It will producs a list of role names which can then
* be used by the calling routine for whatever purpose it needs.
*/
public List getSAMLv2Roles(String entity, String realm) {
List roles = new ArrayList();
try {
SAML2MetaManager samlManager = new SAML2MetaManager();
EntityDescriptorElement d = samlManager.getEntityDescriptor(realm, entity);
if (d != null) {
// find out what role this dude is playing
if (SAML2MetaUtils.getSPSSODescriptor(d) != null) {
roles.add(SERVICE_PROVIDER);
}
if (SAML2MetaUtils.getIDPSSODescriptor(d) != null) {
roles.add(IDENTITY_PROVIDER);
}
if (SAML2MetaUtils.getPolicyDecisionPointDescriptor(d) != null) {
roles.add(POLICY_DECISION_POINT_DESCRIPTOR);
}
if (SAML2MetaUtils.getPolicyEnforcementPointDescriptor(d) != null) {
roles.add(POLICY_ENFORCEMENT_POINT_DESCRIPTOR);
}
if (SAML2MetaUtils.getAttributeAuthorityDescriptor(d) != null) {
roles.add(SAML_ATTRAUTHORITY);
}
if (SAML2MetaUtils.getAuthnAuthorityDescriptor(d) != null) {
roles.add(SAML_AUTHNAUTHORITY);
}
if (SAML2MetaUtils.getAttributeQueryDescriptor(d) != null) {
roles.add(SAML_ATTRQUERY);
}
if (samlManager.getAffiliationDescriptor(realm, entity) != null) {
roles.add(AFFILIATE);
}
}
} catch (SAML2MetaException s) {
if (debug.warningEnabled()) {
debug.warning("EntityModel.getSAMLv2Roles() - " + "Couldn't get SAMLMetaManager");
}
}
return (roles != null) ? roles : Collections.EMPTY_LIST;
}
Also used :
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)100
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)93
List (java.util.List)67
ArrayList (java.util.ArrayList)48
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)46
Map (java.util.Map)33
HashMap (java.util.HashMap)31
Iterator (java.util.Iterator)28
EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)27
EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)23
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)22
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)21
JAXBException (javax.xml.bind.JAXBException)20
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)19
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)17
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)16
IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)15
Set (java.util.Set)10
CLIException (com.sun.identity.cli.CLIException)9
COTException (com.sun.identity.cot.COTException)9
