Search in sources :

Example 6 with SOAPClient

use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.

the class IdRepoListener method setServiceAttributes.

/**
     * Stores service's dynamic attributes within the IdRepo plugin
     * configuration. In the current implementation changes to dynamic
     * attributes to LDAPv3Repo restart the plugin, since it triggers
     * a configuration change notification.
     * 
     * @param sName service name for which attributes are being set
     * @param attrs service synamic attributes
     * @throws com.sun.identity.idm.IdRepoException
     */
public void setServiceAttributes(String sName, Map attrs) throws IdRepoException {
    String realm = (String) configMap.get("realm");
    String pluginName = (String) configMap.get("plugin-name");
    if (realm == null || pluginName == null) {
        AMIdentityRepository.debug.error("IdRepoListener.setServiveAttribute: realm or plugin name" + " is null");
        Object[] args = { sName, IdType.ROLE.getName() };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
    }
    try {
        SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        ServiceConfigManager scm = new ServiceConfigManager(token, IdConstants.REPO_SERVICE, "1.0");
        ServiceConfig sc = scm.getOrganizationConfig(realm, null);
        if (sc == null) {
            return;
        }
        ServiceConfig subConfig = sc.getSubConfig(pluginName);
        if (subConfig == null) {
            return;
        }
        Map attributes = subConfig.getAttributes();
        Set vals = (Set) attributes.get(IdConstants.SERVICE_ATTRS);
        if (vals == null || vals == Collections.EMPTY_SET) {
            vals = new HashSet();
        }
        if (sclient == null) {
            sclient = new SOAPClient("dummy");
        }
        String mapStr = sclient.encodeMap("result", attrs);
        vals = new HashSet();
        vals.add(mapStr);
        attributes.put(IdConstants.SERVICE_ATTRS, vals);
        subConfig.setAttributes(attributes);
    } catch (SMSException smse) {
        AMIdentityRepository.debug.error("IdRepoListener: Unable to set service attributes", smse);
        Object[] args = { sName, IdType.ROLE.getName() };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
    } catch (SSOException ssoe) {
        AMIdentityRepository.debug.error("IdRepoListener: Unable to set service attributes", ssoe);
        Object[] args = { sName, IdType.ROLE.getName() };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) SMSException(com.sun.identity.sm.SMSException) SSOException(com.iplanet.sso.SSOException) SOAPClient(com.sun.identity.shared.jaxrpc.SOAPClient) ServiceConfig(com.sun.identity.sm.ServiceConfig) Map(java.util.Map) ServiceConfigManager(com.sun.identity.sm.ServiceConfigManager) HashSet(java.util.HashSet)

Example 7 with SOAPClient

use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.

the class FSAssertionManagerClient method getServiceEndPoint.

// Private method to get the service endpoint URL
private static SOAPClient getServiceEndPoint(String protocol, String hostname, int port, String uri) throws Exception {
    // Obtain the URL for the service endpoint
    URL weburl = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, protocol, hostname, port, uri);
    String iurl = weburl.toString();
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("FSAssertionManagerClient with URL: " + iurl);
    }
    // Obtaining the stub for JAX-RPC and setting the endpoint URL
    String[] urls = { iurl };
    return new SOAPClient(urls);
}
Also used : SOAPClient(com.sun.identity.shared.jaxrpc.SOAPClient) URL(java.net.URL)

Example 8 with SOAPClient

use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.

the class QueryClient method processXACMLQuery.

/**
     * Returns SAMLv2 <code>Response</code>.
     * SAMLv2 request is sent enclosed in the body of a  SOAP Message
     * to a SOAP endpoint.
     * Prior to sending the request query, attributes required for completeness
     * of the SAMLv2 Request will be set (eg. Issuer) if not already set.
     * Message will be signed if signing is enabled.
     * SAMLv2 Query Request will be enclosed in the SOAP Body to create a SOAP
     * message to send to the server.
     *
     * @param request the SAMLv2 <code>RequestAbstract</code> object.
     * @param pepEntityID entity identifier of the hosted query requester.
     * @param pdpEntityID entity identifier of the remote server.
     * @return SAMLv2 <code>Response</code> received from the
     *         Query Responder.
     * @throws SAML2Exception if there is an error processing the query.
     */
public static Response processXACMLQuery(RequestAbstract request, String pepEntityID, String pdpEntityID) throws SAML2Exception {
    String classMethod = "QueryClient:processXACMLQuery";
    String realm = "/";
    Response samlResponse = null;
    Response response = null;
    // retreive pepEntityID metadata
    if (pepEntityID == null || pepEntityID.length() == 0) {
        debug.error(classMethod + "PEP Identifier is null");
        String[] data = { pepEntityID };
        LogUtil.error(Level.INFO, LogUtil.INVALID_PEP_ID, data);
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullPEP"));
    }
    // retreive pdpEntityID metadata
    if (pdpEntityID == null || pdpEntityID.length() == 0) {
        debug.error(classMethod + "PDP Identifier is null");
        String[] data = { pdpEntityID };
        LogUtil.error(Level.INFO, LogUtil.INVALID_PDP_ID, data);
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullPDP"));
    }
    if (request != null) {
        // set properties in the request.
        XACMLAuthzDecisionQuery xacmlQuery = (XACMLAuthzDecisionQuery) request;
        if (xacmlQuery != null) {
            // set Issuer
            Issuer issuer = createIssuer(pepEntityID);
            xacmlQuery.setIssuer(issuer);
            //generate ID
            String requestID = SAML2SDKUtils.generateID();
            xacmlQuery.setID(requestID);
            xacmlQuery.setVersion(SAML2Constants.VERSION_2_0);
            xacmlQuery.setIssueInstant(new Date());
            XACMLPDPConfigElement pdpConfig = getPDPConfig(realm, pdpEntityID);
            if (pdpConfig != null) {
                String wantQuerySigned = getAttributeValueFromPDPConfig(pdpConfig, "wantXACMLAuthzDecisionQuerySigned");
                if (wantQuerySigned != null && wantQuerySigned.equals("true")) {
                    signAttributeQuery(xacmlQuery, realm, pepEntityID, false);
                }
            }
            String xmlString = xacmlQuery.toXMLString(true, true);
            if (debug.messageEnabled()) {
                debug.message(classMethod + "XACML Query XML String :" + xmlString);
            }
            // retrieve endpoint from meta data
            String endPoint = null;
            XACMLAuthzDecisionQueryConfigElement pepConfig = getPEPConfig(realm, pepEntityID);
            endPoint = getPDPEndPoint(pdpEntityID);
            if (debug.messageEnabled()) {
                debug.message(classMethod + " ResponseLocation is :" + endPoint);
            }
            // create SOAP message
            try {
                String soapMessage = SAML2SDKUtils.createSOAPMessageString(xmlString);
                endPoint = SAML2SDKUtils.fillInBasicAuthInfo(pepConfig, endPoint);
                String[] urls = { endPoint };
                SOAPClient soapClient = new SOAPClient(urls);
                if (debug.messageEnabled()) {
                    debug.message(classMethod + "soapMessage :" + soapMessage);
                }
                InputStream soapIn = soapClient.call(soapMessage, null, null);
                StringBuffer reply = new StringBuffer();
                String line;
                BufferedReader reader = new BufferedReader(new InputStreamReader(soapIn, "UTF-8"));
                while ((line = reader.readLine()) != null) {
                    reply.append(line).append("\n");
                }
                // check the SOAP message for any SOAP related errors
                // before passing control to SAML processor
                xmlString = reply.toString();
                if (debug.messageEnabled()) {
                    debug.message("Response Message:\n" + xmlString);
                }
                samlResponse = getSAMLResponse(xmlString);
                issuer = samlResponse.getIssuer();
                String issuerID = null;
                if (issuer != null) {
                    issuerID = issuer.getValue().trim();
                }
                boolean isTrusted = verifyResponseIssuer(realm, pepEntityID, issuerID);
                if (!isTrusted) {
                    if (debug.messageEnabled()) {
                        debug.message(classMethod + "Issuer in Request is not valid.");
                    }
                    String[] args = { realm, pepEntityID, pdpEntityID };
                    LogUtil.error(Level.INFO, LogUtil.INVALID_ISSUER_IN_PEP_REQUEST, args);
                    throw new SAML2Exception("invalidIssuerInRequest");
                }
                if (samlResponse != null) {
                    xmlString = samlResponse.toXMLString(true, true);
                    if (debug.messageEnabled()) {
                        debug.message(classMethod + "Response: " + xmlString);
                    }
                    response = verifyResponse(realm, pepEntityID, samlResponse);
                    if (debug.messageEnabled()) {
                        debug.message(classMethod + "Response with decrypted Assertion: " + response.toXMLString(true, true));
                    }
                }
            } catch (SOAPException soae) {
                if (debug.messageEnabled()) {
                    debug.message(classMethod + "SOAPException :", soae);
                }
                throw new SAML2Exception(soae.getMessage());
            } catch (Exception e) {
                if (debug.messageEnabled()) {
                    debug.message(classMethod + "Exception ", e);
                }
                throw new SAML2Exception(e.getMessage());
            }
        }
    }
    return response;
}
Also used : InputStreamReader(java.io.InputStreamReader) Issuer(com.sun.identity.saml2.assertion.Issuer) InputStream(java.io.InputStream) XACMLPDPConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLPDPConfigElement) Date(java.util.Date) SOAPException(javax.xml.soap.SOAPException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) IOException(java.io.IOException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Response(com.sun.identity.saml2.protocol.Response) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) SOAPClient(com.sun.identity.shared.jaxrpc.SOAPClient) SOAPException(javax.xml.soap.SOAPException) BufferedReader(java.io.BufferedReader) XACMLAuthzDecisionQuery(com.sun.identity.xacml.saml2.XACMLAuthzDecisionQuery) XACMLAuthzDecisionQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.XACMLAuthzDecisionQueryConfigElement)

Example 9 with SOAPClient

use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.

the class SecurityTokenManagerClient method getServiceEndPoint.

// Private method to get the service endpoint URL
private static SOAPClient getServiceEndPoint(String protocol, String hostname, String port, String uri) throws Exception {
    // Obtain the URL for the service endpoint
    int intPort = Integer.parseInt(port);
    URL weburl = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, protocol, hostname, intPort, uri);
    String iurl = weburl.toString();
    if (SecurityTokenManager.debug.messageEnabled()) {
        SecurityTokenManager.debug.message("SecurityTokenManagerClient with URL: " + iurl);
    }
    String[] urls = { iurl };
    return new SOAPClient(urls);
}
Also used : SOAPClient(com.sun.identity.shared.jaxrpc.SOAPClient) URL(java.net.URL)

Example 10 with SOAPClient

use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.

the class SecurityTokenManagerClient method getRemoteStub.

private static SOAPClient getRemoteStub() throws SecurityTokenException {
    boolean foundServer = false;
    Exception ee = null;
    SOAPClient remoteStub = null;
    try {
        // Get the list of platform servers
        Iterator serverList = SystemConfigurationUtil.getServerList().iterator();
        // Get a server that is responding
        while (serverList.hasNext() && !foundServer) {
            URL u = new URL((String) serverList.next());
            remoteStub = getServiceEndPoint(u.getProtocol(), u.getHost(), Integer.toString(u.getPort()), u.getPath());
            // Check if the server is active
            try {
                // this call will throw an exception if server is down
                remoteStub.send("checkForLocal", null, null, null);
                if (SecurityTokenManager.debug.messageEnabled()) {
                    SecurityTokenManager.debug.message("STMC(): Using the remote URL: " + u.toString());
                }
                foundServer = true;
                if (SecurityTokenManager.debug.warningEnabled()) {
                    SecurityTokenManager.debug.warning("STMC:getRemoteStub: remote server being used: " + u.toString());
                }
            } catch (Exception e) {
                ee = e;
                if (SecurityTokenManager.debug.warningEnabled()) {
                    SecurityTokenManager.debug.warning("STMC:getRemoteStub: server (" + u.toString() + ") error: ", e);
                }
            }
        }
    } catch (Exception f) {
        ee = f;
        if (SecurityTokenManager.debug.warningEnabled()) {
            SecurityTokenManager.debug.warning("STMC:getRemoteStub: generic error: ", f);
        }
    }
    if (!foundServer) {
        // No valid server found. Return the last exception
        if (ee != null) {
            throw (new SecurityTokenException(ee.getMessage()));
        } else {
            throw (new SecurityTokenException(bundle.getString("serverNotFound")));
        }
    }
    return (remoteStub);
}
Also used : SOAPClient(com.sun.identity.shared.jaxrpc.SOAPClient) Iterator(java.util.Iterator) SOAPException(javax.xml.soap.SOAPException) ServerException(java.rmi.ServerException) SAMLException(com.sun.identity.saml.common.SAMLException) RemoteException(java.rmi.RemoteException) URL(java.net.URL)

Aggregations

SOAPClient (com.sun.identity.shared.jaxrpc.SOAPClient)11 URL (java.net.URL)5 IOException (java.io.IOException)3 Map (java.util.Map)3 CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)2 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)2 IdRepoException (com.sun.identity.idm.IdRepoException)2 SessionException (com.sun.identity.plugin.session.SessionException)2 SAMLException (com.sun.identity.saml.common.SAMLException)2 BufferedReader (java.io.BufferedReader)2 HashMap (java.util.HashMap)2 HashSet (java.util.HashSet)2 Iterator (java.util.Iterator)2 Set (java.util.Set)2 SOAPException (javax.xml.soap.SOAPException)2 Cache (com.iplanet.am.util.Cache)1 ServerEntryNotFoundException (com.iplanet.services.naming.ServerEntryNotFoundException)1 SSOException (com.iplanet.sso.SSOException)1 SSOToken (com.iplanet.sso.SSOToken)1 SystemConfigurationException (com.sun.identity.common.SystemConfigurationException)1