Search in sources :

Example 41 with SAML2MetaManager

use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getExtendedAffiliationyAttributes.

/**
     * Returns a map with extended Affiliation attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with extended Affiliation values.
     * @throws AMConsoleException if unable to retrieve ext Affiliation
     *     attributes based on the realm and entityName passed.
     */
public Map getExtendedAffiliationyAttributes(String realm, String entityName) throws AMConsoleException {
    ;
    String[] params = { realm, entityName, "SAMLv2", "Affiliation-Ext" };
    logEvent("ATTEMPT_GET_AFFILIATION_ATTR_VALUES", params);
    Map map = null;
    AffiliationConfigElement atffilConfig = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        atffilConfig = samlManager.getAffiliationConfig(realm, entityName);
        if (atffilConfig != null) {
            BaseConfigType baseConfig = (BaseConfigType) atffilConfig;
            map = SAML2MetaUtils.getAttributes(baseConfig);
            Iterator it = map.entrySet().iterator();
            while (it.hasNext()) {
                Map.Entry pairs = (Map.Entry) it.next();
            }
            String metalias = baseConfig.getMetaAlias();
            List list = new ArrayList();
            list.add(metalias);
            map.put("metaAlias", list);
        }
        logEvent("SUCCEED_GET_AFFILIATION_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getExtendedAffiliationyAttributes:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "Affiliation-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_GET_AFFILIATION_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return (map != null) ? map : Collections.EMPTY_MAP;
}
Also used : ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) AffiliationConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AffiliationConfigElement) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 42 with SAML2MetaManager

use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setSPStdAttributeValues.

/**
     * Saves the standard attribute values for the Service Provider.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param spStdValues Map which contains the standard attribute values.
     * @param assertionConsumer List with assertion consumer service values.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setSPStdAttributeValues(String realm, String entityName, Map spStdValues, List assertionConsumer) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "SP-Standard" };
    logEvent("ATTEMPT_MODIFY_ENTITY_DESCRIPTOR", params);
    SPSSODescriptorElement spssoDescriptor = null;
    com.sun.identity.saml2.jaxb.metadata.ObjectFactory objFact = new com.sun.identity.saml2.jaxb.metadata.ObjectFactory();
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        EntityDescriptorElement entityDescriptor = samlManager.getEntityDescriptor(realm, entityName);
        spssoDescriptor = samlManager.getSPSSODescriptor(realm, entityName);
        if (spssoDescriptor != null) {
            // save for Single Logout Service - Http-Redirect
            if (spStdValues.keySet().contains(SP_SINGLE_LOGOUT_HTTP_LOCATION)) {
                String lohttpLocation = getResult(spStdValues, SP_SINGLE_LOGOUT_HTTP_LOCATION);
                String lohttpRespLocation = getResult(spStdValues, SP_SINGLE_LOGOUT_HTTP_RESP_LOCATION);
                String lopostLocation = getResult(spStdValues, SP_SLO_POST_LOC);
                String lopostRespLocation = getResult(spStdValues, SP_SLO_POST_RESPLOC);
                String losoapLocation = getResult(spStdValues, SP_SINGLE_LOGOUT_SOAP_LOCATION);
                String priority = getResult(spStdValues, SP_LOGOUT_DEFAULT);
                if (priority.contains("none")) {
                    if (lohttpLocation != null) {
                        priority = httpRedirectBinding;
                    } else if (lopostLocation != null) {
                        priority = httpPostBinding;
                    } else if (losoapLocation != null) {
                        priority = soapBinding;
                    }
                }
                List logList = spssoDescriptor.getSingleLogoutService();
                if (!logList.isEmpty()) {
                    logList.clear();
                }
                if (priority != null && priority.contains("HTTP-Redirect")) {
                    savehttpRedLogout(lohttpLocation, lohttpRespLocation, logList, objFact);
                    savepostLogout(lopostLocation, lopostRespLocation, logList, objFact);
                    savesoapLogout(losoapLocation, logList, objFact);
                } else if (priority != null && priority.contains("HTTP-POST")) {
                    savepostLogout(lopostLocation, lopostRespLocation, logList, objFact);
                    savehttpRedLogout(lohttpLocation, lohttpRespLocation, logList, objFact);
                    savesoapLogout(losoapLocation, logList, objFact);
                } else if (priority != null && priority.contains("SOAP")) {
                    savesoapLogout(losoapLocation, logList, objFact);
                    savehttpRedLogout(lohttpLocation, lohttpRespLocation, logList, objFact);
                    savepostLogout(lopostLocation, lopostRespLocation, logList, objFact);
                }
            }
            // save for Manage Name ID Service
            if (spStdValues.keySet().contains(SP_MANAGE_NAMEID_HTTP_LOCATION)) {
                String mnihttpLocation = getResult(spStdValues, SP_MANAGE_NAMEID_HTTP_LOCATION);
                String mnihttpRespLocation = getResult(spStdValues, SP_MANAGE_NAMEID_HTTP_RESP_LOCATION);
                String mnipostLocation = getResult(spStdValues, SP_MNI_POST_LOC);
                String mnipostRespLocation = getResult(spStdValues, SP_MNI_POST_RESPLOC);
                String mnisoapLocation = getResult(spStdValues, SP_MANAGE_NAMEID_SOAP_LOCATION);
                String mnisoapResLocation = getResult(spStdValues, SP_MANAGE_NAMEID_SOAP_RESP_LOCATION);
                String priority = getResult(spStdValues, SP_MNI_DEFAULT);
                if (priority.contains("none")) {
                    if (mnihttpLocation != null) {
                        priority = httpRedirectBinding;
                    } else if (mnipostLocation != null) {
                        priority = httpPostBinding;
                    } else if (mnisoapLocation != null) {
                        priority = soapBinding;
                    }
                }
                List manageNameIdList = spssoDescriptor.getManageNameIDService();
                if (!manageNameIdList.isEmpty()) {
                    manageNameIdList.clear();
                }
                if (priority != null && priority.contains("HTTP-Redirect")) {
                    savehttpRedMni(mnihttpLocation, mnihttpRespLocation, manageNameIdList, objFact);
                    savepostMni(mnipostLocation, mnipostRespLocation, manageNameIdList, objFact);
                    saveSPsoapMni(mnisoapLocation, mnisoapResLocation, manageNameIdList, objFact);
                } else if (priority != null && priority.contains("HTTP-POST")) {
                    savepostMni(mnipostLocation, mnipostRespLocation, manageNameIdList, objFact);
                    savehttpRedMni(mnihttpLocation, mnihttpRespLocation, manageNameIdList, objFact);
                    saveSPsoapMni(mnisoapLocation, mnisoapResLocation, manageNameIdList, objFact);
                } else if (priority != null && priority.contains("SOAP")) {
                    saveSPsoapMni(mnisoapLocation, mnisoapResLocation, manageNameIdList, objFact);
                    savehttpRedMni(mnihttpLocation, mnihttpRespLocation, manageNameIdList, objFact);
                    savepostMni(mnipostLocation, mnipostRespLocation, manageNameIdList, objFact);
                }
            }
            //save for artifact, post and paos Assertion Consumer Service
            if (!assertionConsumer.isEmpty() && assertionConsumer.size() > 0) {
                List asconsServiceList = spssoDescriptor.getAssertionConsumerService();
                if (!asconsServiceList.isEmpty()) {
                    asconsServiceList.clear();
                }
                asconsServiceList.addAll(assertionConsumer);
            }
            //save nameid format
            if (spStdValues.keySet().contains(NAMEID_FORMAT)) {
                saveNameIdFormat(spssoDescriptor, spStdValues);
            }
            //save AuthnRequestsSigned
            if (spStdValues.keySet().contains(IS_AUTHN_REQ_SIGNED)) {
                boolean authnValue = setToBoolean(spStdValues, IS_AUTHN_REQ_SIGNED);
                spssoDescriptor.setAuthnRequestsSigned(authnValue);
            }
            //save WantAssertionsSigned
            if (spStdValues.keySet().contains(WANT_ASSERTIONS_SIGNED)) {
                boolean assertValue = setToBoolean(spStdValues, WANT_ASSERTIONS_SIGNED);
                spssoDescriptor.setWantAssertionsSigned(assertValue);
            }
            samlManager.setEntityDescriptor(realm, entityDescriptor);
        }
        logEvent("SUCCEED_MODIFY_ENTITY_DESCRIPTOR", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.setSPStdAttributeValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP-Standard", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
        throw new AMConsoleException(strError);
    } catch (JAXBException e) {
        debug.error("SAMLv2ModelImpl.setSPStdAttributeValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP-Standard", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ENTITY_DESCRIPTOR", paramsEx);
    }
}
Also used : SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) JAXBException(javax.xml.bind.JAXBException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) List(java.util.List) ArrayList(java.util.ArrayList) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 43 with SAML2MetaManager

use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setExtauthnAuthValues.

/**
     * Saves the extended attribute values for Authn Authority.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param authnAuthExtValues Map which contains the extended values.
     * @param location has the information whether remote or hosted.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setExtauthnAuthValues(String realm, String entityName, Map authnAuthExtValues, String location) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AuthnAuthority-Ext" };
    logEvent("ATTEMPT_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
    String role = EntityModel.SAML_AUTHNAUTHORITY;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        //entityConfig is the extended entity configuration object
        EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityName);
        //for remote cases
        if (entityConfig == null) {
            createExtendedObject(realm, entityName, location, role);
            entityConfig = samlManager.getEntityConfig(realm, entityName);
        }
        AuthnAuthorityConfigElement authnAuthorityConfig = samlManager.getAuthnAuthorityConfig(realm, entityName);
        if (authnAuthorityConfig != null) {
            updateBaseConfig(authnAuthorityConfig, authnAuthExtValues, role);
        }
        //saves the attributes by passing the new entityConfig object
        samlManager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_AUTHN_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.error("SAMLv2ModelImpl.setExtauthnAuthValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
    } catch (JAXBException e) {
        debug.error("SAMLv2ModelImpl.setExtauthnAuthValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Extended", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
    } catch (AMConsoleException e) {
        debug.error("SAMLv2ModelImpl.setExtauthnAuthValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AuthnAuthority-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_AUTHN_AUTH_ATTR_VALUES", paramsEx);
    }
}
Also used : JAXBException(javax.xml.bind.JAXBException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) AuthnAuthorityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AuthnAuthorityConfigElement) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 44 with SAML2MetaManager

use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getAssertionConsumerServices.

/**
     * Returns a List with Assertion Consumer Service attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return List with Assertion Consumer values of Service Provider.
     * @throws AMConsoleException if unable to retrieve the Service Provider
     *     Assertion Consumer values based on the realm and entityName passed.
     */
public List getAssertionConsumerServices(String realm, String entityName) throws AMConsoleException {
    List asconsServiceList = null;
    SPSSODescriptorElement spssoDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        spssoDescriptor = samlManager.getSPSSODescriptor(realm, entityName);
        if (spssoDescriptor != null) {
            asconsServiceList = spssoDescriptor.getAssertionConsumerService();
        }
    } catch (SAML2MetaException e) {
        if (debug.warningEnabled()) {
            debug.warning("SAMLv2ModelImpl.getAssertionConsumerService", e);
        }
        throw new AMConsoleException(getErrorString(e));
    }
    return asconsServiceList;
}
Also used : SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 45 with SAML2MetaManager

use of com.sun.identity.saml2.meta.SAML2MetaManager in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method setExtAttributeAuthorityValues.

/**
     * Saves the extended attribute values for Attribute Authority.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @param attrAuthExtValues Map which contains the extended values.
     * @param location has the information whether remote or hosted.
     * @throws AMConsoleException if saving of attribute value fails.
     */
public void setExtAttributeAuthorityValues(String realm, String entityName, Map attrAuthExtValues, String location) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "AttribAuthority-Ext" };
    logEvent("ATTEMPT_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
    String role = EntityModel.SAML_ATTRAUTHORITY;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityName);
        //for remote cases
        if (entityConfig == null) {
            createExtendedObject(realm, entityName, location, role);
            entityConfig = samlManager.getEntityConfig(realm, entityName);
        }
        AttributeAuthorityConfigElement attributeAuthorityConfig = samlManager.getAttributeAuthorityConfig(realm, entityName);
        if (attributeAuthorityConfig != null) {
            updateBaseConfig(attributeAuthorityConfig, attrAuthExtValues, role);
        }
        //saves the attributes by passing the new entityConfig object
        samlManager.setEntityConfig(realm, entityConfig);
        logEvent("SUCCEED_MODIFY_ATTR_AUTH_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.error("SAMLv2ModelImpl.setExtAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
    } catch (JAXBException e) {
        debug.error("SAMLv2ModelImpl.setExtAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Extended", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
    } catch (AMConsoleException e) {
        debug.error("SAMLv2ModelImpl.setExtAttributeAuthorityValues:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "AttribAuthority-Ext", strError };
        logEvent("FEDERATION_EXCEPTION_MODIFY_ATTR_AUTH_ATTR_VALUES", paramsEx);
    }
}
Also used : JAXBException(javax.xml.bind.JAXBException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AttributeAuthorityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeAuthorityConfigElement) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)100 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)93 List (java.util.List)67 ArrayList (java.util.ArrayList)48 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)46 Map (java.util.Map)33 HashMap (java.util.HashMap)31 Iterator (java.util.Iterator)28 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)27 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)23 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)22 SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)21 JAXBException (javax.xml.bind.JAXBException)20 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)19 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)17 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)16 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)15 Set (java.util.Set)10 CLIException (com.sun.identity.cli.CLIException)9 COTException (com.sun.identity.cot.COTException)9