use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class SAMLClient method artifactQueryHandler.
/**
* This method is designed to get a list of assertion based on the input
* <code>AssertionArtifact</code>(s).
*
* @param arti An array of String
* @return a List object representing a list of Assertions
* @exception IOException if an input or output exception occurs when
* connecting to SAML service <code>URL</code>
* @exception SAMLException if SAML error occurs during the process
*/
public static List artifactQueryHandler(String[] arti, String connecto) throws IOException, SAMLException {
if ((arti == null) || (arti.length == 0)) {
SAMLUtils.debug.message("artifactQueryHandler: null input.");
throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
}
String firstSourceID = null;
com.sun.identity.saml.common.SAMLServiceManager.SOAPEntry dest = null;
Response samlresponse = null;
List al = new ArrayList();
List artl = new ArrayList();
AssertionArtifact firstArtifact = new AssertionArtifact(arti[0]);
firstSourceID = firstArtifact.getSourceID();
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("Artifact") + " " + 0, arti[0] };
LogUtils.access(java.util.logging.Level.INFO, LogUtils.ARTIFACT_TO_SEND, data);
}
artl.add(firstArtifact);
al.add(arti[0]);
AssertionArtifact assertArtifact = null;
String destination = null;
for (int k = 1; k < arti.length; k++) {
// check if all Artifact come from the same source id
assertArtifact = new AssertionArtifact(arti[k]);
destination = assertArtifact.getSourceID();
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("SourceID within the Artifact is " + destination);
}
if (!destination.equals(firstSourceID)) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Received multiple Artifacts " + "have different source id.");
}
throw new SAMLException(SAMLUtils.bundle.getString("sourceidDifferent"));
}
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("Artifact") + " " + k, arti[k] };
LogUtils.access(java.util.logging.Level.FINE, LogUtils.ARTIFACT_TO_SEND, data);
}
artl.add(assertArtifact);
al.add(arti[k]);
}
try {
//Retrieve the soap-receiver-url using the sourceid inside of
//the AssertionArtifact
String to = null;
Map soaps = (Map) SAMLServiceManager.getAttribute(SAMLConstants.PARTNER_URLS);
if (soaps == null) {
SAMLUtils.debug.error(SAMLUtils.bundle.getString("nullPartnerUrl"));
throw new SAMLException(SAMLUtils.bundle.getString("nullPartnerUrl"));
}
String urlEndpoint = null;
if (soaps.containsKey(firstSourceID)) {
dest = (SAMLServiceManager.SOAPEntry) soaps.get(firstSourceID);
to = dest.getSOAPUrl();
if (to == null) {
if (connecto == null || connecto.length() == 0) {
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("wrongPartnerSOAPUrl") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.WRONG_SOAP_URL, data);
}
throw new SAMLException(SAMLUtils.bundle.getString("wrongPartnerSOAPUrl"));
} else {
urlEndpoint = connecto;
}
} else {
urlEndpoint = createSOAPReceiverUrl(dest, to);
}
} else {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("SAMLClient:artifactQueryHandler: " + "Failed to locate SOAP-Receiver-URL " + "using the source id from AssertionArtifact.");
}
if (connecto == null || connecto.length() == 0) {
throw new SAMLException(SAMLUtils.bundle.getString("failedLocateSOAPUrl"));
} else {
urlEndpoint = connecto;
}
}
if (urlEndpoint == null) {
SAMLUtils.debug.error("SAMLClient:artifactQueryHandler:" + "createSOAPReceiverURL Error!");
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("wrongPartnerSOAPUrl") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.WRONG_SOAP_URL, data);
}
throw new SAMLException(SAMLUtils.bundle.getString("wrongPartnerSOAPUrl"));
}
//generate SAML Request
Request req = new Request(null, artl);
String ver = dest.getVersion();
if (ver != null) {
StringTokenizer st = new StringTokenizer(ver, ".");
if (st.countTokens() == 2) {
req.setMajorVersion(Integer.parseInt(st.nextToken().trim()));
req.setMinorVersion(Integer.parseInt(st.nextToken().trim()));
}
}
if (((Boolean) SAMLServiceManager.getAttribute(SAMLConstants.SIGN_REQUEST)).booleanValue()) {
req.signXML();
}
// SOAPMessage msg = createSOAPMessage(req);
String xmlString = createSOAPMessage(req);
// Send the message to the provider using the connection.
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("SENDING message: \n " + xmlString);
}
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("sendingSAMLRequest"), xmlString };
LogUtils.access(java.util.logging.Level.FINE, LogUtils.SAML_ARTIFACT_QUERY, data);
}
// SOAPMessage reply = con.call(msg, urlEndpoint);
String[] urls = { urlEndpoint };
SOAPClient client = new SOAPClient(urls);
InputStream inbuf = client.call(xmlString, null, null);
StringBuffer reply = new StringBuffer();
String line;
BufferedReader reader = new BufferedReader(new InputStreamReader(inbuf, "UTF-8"));
while ((line = reader.readLine()) != null) {
reply.append(line).append("\n");
}
//reply should contain SAML response
if (reply == null) {
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("noReplyfromSOAPReceiver") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.NO_REPLY_FROM_SOAP_RECEIVER, data);
}
throw new SAMLException(SAMLUtils.bundle.getString("noReplyfromSOAPReceiver"));
}
// check the SOAP message for any SOAP related errors
// before passing control to SAML processor
xmlString = reply.toString();
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("REPLIED message: \n " + xmlString);
}
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("repliedSOAPMessage"), xmlString };
LogUtils.access(java.util.logging.Level.FINE, LogUtils.REPLIED_SOAP_MESSAGE, data);
}
samlresponse = getSAMLResponse(xmlString);
if (samlresponse == null) {
SAMLUtils.debug.error("SAMLClient:artifactQueryHandler:" + "No SAML Response contained in SOAPMessage.");
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("noSAMLResponse") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.NULL_SAML_RESPONSE, data);
}
throw new SAMLException(SAMLUtils.bundle.getString("noSAMLResponse"));
}
} catch (Exception e) {
SAMLUtils.debug.error("SAMLClient:artifactQueryHandler", e);
throw new SAMLException(e.getMessage());
}
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("Start to process SAML Response...");
}
// Process saml Response
if (!samlresponse.isSignatureValid()) {
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("cannotVerifyResponse") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.INVALID_RESPONSE_SIGNATURE, data);
}
throw new SAMLException(SAMLUtils.bundle.getString("cannotVerifyResponse"));
}
try {
String statuscode = samlresponse.getStatus().getStatusCode().getValue();
int idex = 0;
if ((idex = statuscode.indexOf(":")) == -1) {
throw new SAMLException(SAMLUtils.bundle.getString("wrongformatStatusCode"));
}
if (!(statuscode.substring(idex).equals(":Success"))) {
SAMLUtils.debug.error("Error:SAML StatusCode is not Success");
throw new SAMLException(SAMLUtils.displayXML(samlresponse.getStatus().toString()));
}
} catch (Exception e) {
if (SystemConfigurationUtil.isServerMode()) {
String[] data = { SAMLUtils.bundle.getString("errorSAMLStatusCode") };
LogUtils.error(java.util.logging.Level.INFO, LogUtils.ERROR_RESPONSE_STATUS, data);
}
throw new SAMLException(e.getMessage());
}
// retrieve SAML Assertion
List asserts = new ArrayList();
asserts = getAssertionList(samlresponse, al);
return asserts;
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class DJLDAPv3Repo method initialize.
/**
* Initializes the IdRepo instance, basically within this method we process
* the configuration settings and set up the connection factories that will
* be used later in the lifetime of the IdRepo plugin.
*
* @param configParams The IdRepo configuration as defined in the service
* configurations.
* @throws IdRepoException Shouldn't be thrown.
*/
@Override
public void initialize(Map<String, Set<String>> configParams) throws IdRepoException {
if (DEBUG.messageEnabled()) {
DEBUG.message("initialize invoked");
}
super.initialize(configParams);
String hostServerId = null;
String hostSiteId = "";
try {
hostServerId = WebtopNaming.getAMServerID();
hostSiteId = WebtopNaming.getSiteID(hostServerId);
} catch (ServerEntryNotFoundException senfe) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("ServerEntryNotFoundException, hostServerId=" + hostServerId + ", hostSiteId=" + hostSiteId);
}
}
dnCacheEnabled = CollectionHelper.getBooleanMapAttr(configMap, LDAP_DNCACHE_ENABLED, true);
if (dnCacheEnabled) {
dnCache = new Cache(CollectionHelper.getIntMapAttr(configParams, LDAP_DNCACHE_SIZE, 1500, DEBUG));
}
ldapServers = LDAPUtils.prioritizeServers(configParams.get(LDAP_SERVER_LIST), hostServerId, hostSiteId);
defaultSizeLimit = CollectionHelper.getIntMapAttr(configParams, LDAP_MAX_RESULTS, 100, DEBUG);
defaultTimeLimit = CollectionHelper.getIntMapAttr(configParams, LDAP_TIME_LIMIT, 5, DEBUG);
int maxPoolSize = CollectionHelper.getIntMapAttr(configParams, LDAP_CONNECTION_POOL_MAX_SIZE, 10, DEBUG);
String username = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_USER_NAME);
char[] password = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_PASSWORD, "").toCharArray();
heartBeatInterval = CollectionHelper.getIntMapAttr(configParams, LDAP_SERVER_HEARTBEAT_INTERVAL, "10", DEBUG);
heartBeatTimeUnit = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_HEARTBEAT_TIME_UNIT, "SECONDS");
String connectionMode = CollectionHelper.getMapAttr(configParams, LDAP_CONNECTION_MODE);
useStartTLS = LDAP_CONNECTION_MODE_STARTTLS.equalsIgnoreCase(connectionMode);
isSecure = LDAP_CONNECTION_MODE_LDAPS.equalsIgnoreCase(connectionMode) || useStartTLS;
bindConnectionFactory = createConnectionFactory(null, null, maxPoolSize);
connectionFactory = createConnectionFactory(username, password, maxPoolSize);
supportedTypesAndOperations = IdRepoUtils.parseSupportedTypesAndOperations(configParams.get(LDAP_SUPPORTED_TYPES_AND_OPERATIONS));
userStatusAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_STATUS_ATTR_NAME);
if (userStatusAttr == null || userStatusAttr.isEmpty()) {
alwaysActive = true;
userStatusAttr = DEFAULT_USER_STATUS_ATTR;
}
activeValue = CollectionHelper.getMapAttr(configParams, LDAP_STATUS_ACTIVE, STATUS_ACTIVE);
inactiveValue = CollectionHelper.getMapAttr(configParams, LDAP_STATUS_INACTIVE, STATUS_INACTIVE);
creationAttributeMapping = IdRepoUtils.parseAttributeMapping(configParams.get(LDAP_CREATION_ATTR_MAPPING));
userNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_NAMING_ATTR);
groupNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_NAMING_ATTR);
roleNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_NAMING_ATTR);
filteredRoleNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_FILTERED_ROLE_NAMING_ATTR);
userSearchAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_SEARCH_ATTR);
userAttributesAllowed = new CaseInsensitiveHashSet();
Set<String> allowAttrs = configParams.get(LDAP_USER_ATTRS);
if (allowAttrs != null) {
userAttributesAllowed.addAll(allowAttrs);
}
groupAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_GROUP_ATTRS);
if (allowAttrs != null) {
groupAttributesAllowed.addAll(allowAttrs);
}
roleAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_ROLE_ATTRS);
if (allowAttrs != null) {
roleAttributesAllowed.addAll(allowAttrs);
}
filteredRoleAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_FILTERED_ROLE_ATTRS);
if (allowAttrs != null) {
filteredRoleAttributesAllowed.addAll(allowAttrs);
}
userObjectClasses = getNonNullSettingValues(LDAP_USER_OBJECT_CLASS);
groupObjectClasses = getNonNullSettingValues(LDAP_GROUP_OBJECT_CLASS);
roleObjectClasses = getNonNullSettingValues(LDAP_ROLE_OBJECT_CLASS);
filteredRoleObjectClasses = getNonNullSettingValues(LDAP_FILTERED_ROLE_OBJECT_CLASS);
defaultGroupMember = CollectionHelper.getMapAttr(configParams, LDAP_DEFAULT_GROUP_MEMBER);
uniqueMemberAttr = CollectionHelper.getMapAttr(configParams, LDAP_UNIQUE_MEMBER, UNIQUE_MEMBER_ATTR);
memberURLAttr = CollectionHelper.getMapAttr(configParams, LDAP_MEMBER_URL);
memberOfAttr = CollectionHelper.getMapAttr(configParams, LDAP_MEMBER_OF);
peopleContainerName = CollectionHelper.getMapAttr(configParams, LDAP_PEOPLE_CONTAINER_NAME);
peopleContainerValue = CollectionHelper.getMapAttr(configParams, LDAP_PEOPLE_CONTAINER_VALUE);
groupContainerName = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_CONTAINER_NAME);
groupContainerValue = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_CONTAINER_VALUE);
roleAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_ATTR, ROLE_ATTR);
roleDNAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_DN_ATTR, ROLE_DN_ATTR);
roleFilterAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_FILTER_ATTR, ROLE_FILTER_ATTR);
rootSuffix = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_ROOT_SUFFIX);
userSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_USER_SEARCH_FILTER), Filter.objectClassPresent());
groupSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_GROUP_SEARCH_FILTER), Filter.objectClassPresent());
roleSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_ROLE_SEARCH_FILTER), DEFAULT_ROLE_SEARCH_FILTER);
filteredRoleSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_FILTERED_ROLE_SEARCH_FILTER), DEFAULT_FILTERED_ROLE_SEARCH_FILTER);
String serviceInfo = CollectionHelper.getMapAttr(configParams, LDAP_SERVICE_ATTRS);
serviceMap = new HashMap<String, Map<String, Set<String>>>(new SOAPClient("dummy").decodeMap(serviceInfo));
defaultScope = LDAPUtils.getSearchScope(CollectionHelper.getMapAttr(configParams, LDAP_SEARCH_SCOPE), SearchScope.WHOLE_SUBTREE);
roleScope = LDAPUtils.getSearchScope(CollectionHelper.getMapAttr(configParams, LDAP_ROLE_SEARCH_SCOPE), SearchScope.WHOLE_SUBTREE);
if (configParams.containsKey(LDAP_ADAM_TYPE)) {
helper = new ADAMHelper();
} else if (configParams.containsKey(LDAP_AD_TYPE)) {
helper = new ADHelper();
} else {
helper = new DirectoryHelper();
}
if (DEBUG.messageEnabled()) {
DEBUG.message("IdRepo configuration:\n" + IdRepoUtils.getAttrMapWithoutPasswordAttrs(configMap, asSet(LDAP_SERVER_PASSWORD)));
}
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class AssertionManagerClient method getRemoteStub.
private static SOAPClient getRemoteStub() throws SAMLException {
SOAPClient remoteStub = null;
try {
// Get a valid server from JAXRPCUtil. This throws
// Exception if no servers are found
URL u = new URL(JAXRPCHelper.getValidURL(SERVICE_NAME));
remoteStub = getServiceEndPoint(u.getProtocol(), u.getHost(), Integer.toString(u.getPort()), u.getPath());
// The following call will check if the JVM contains the
// the service instance also. If this is a server instance also
// "short-circuit" will be performed.
remoteStub.send("checkForLocal", null, null, null);
} catch (Exception ee) {
if (SAMLUtils.debug.warningEnabled()) {
SAMLUtils.debug.warning("AMC:getRemoteStub: generic error: ", ee);
}
throw (new SAMLException(ee.getMessage()));
}
return (remoteStub);
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class FilesRepo method writeFile.
void writeFile(File file, Map values) throws IdRepoException {
// Convert Map to AttributeValuePairs and write to file
PrintWriter pw = null;
String fileName = file.getAbsolutePath();
try {
SOAPClient client = new SOAPClient();
String encodedMap = client.encodeMap("result", values);
pw = new PrintWriter(new FileOutputStream(fileName));
pw.println(encodedMap);
// update the cache
identityCache.put(fileName, values);
identityTimeCache.put(fileName, new Long(file.lastModified()));
identityCache.put(fileName.toLowerCase(), values);
if (debug.messageEnabled()) {
debug.message("FilesRepo:writeFile-Identity Cache " + identityCache);
}
} catch (IOException e) {
if (debug.messageEnabled()) {
debug.message("FilesRepo.writeFile: file = " + fileName, e);
}
String[] args = { NAME, fileName };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_FIND_ENTRY, args);
} finally {
if (pw != null) {
pw.close();
}
}
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class SecurityTokenManagerClient method getServiceEndPoint.
// Private method to get the service endpoint URL
private static SOAPClient getServiceEndPoint(String protocol, String hostname, String port, String uri) throws Exception {
// Obtain the URL for the service endpoint
int intPort = Integer.parseInt(port);
URL weburl = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, protocol, hostname, intPort, uri);
String iurl = weburl.toString();
if (SecurityTokenManager.debug.messageEnabled()) {
SecurityTokenManager.debug.message("SecurityTokenManagerClient with URL: " + iurl);
}
String[] urls = { iurl };
return new SOAPClient(urls);
}
Aggregations