use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class IdRepoListener method setServiceAttributes.
/**
* Stores service's dynamic attributes within the IdRepo plugin
* configuration. In the current implementation changes to dynamic
* attributes to LDAPv3Repo restart the plugin, since it triggers
* a configuration change notification.
*
* @param sName service name for which attributes are being set
* @param attrs service synamic attributes
* @throws com.sun.identity.idm.IdRepoException
*/
public void setServiceAttributes(String sName, Map attrs) throws IdRepoException {
String realm = (String) configMap.get("realm");
String pluginName = (String) configMap.get("plugin-name");
if (realm == null || pluginName == null) {
AMIdentityRepository.debug.error("IdRepoListener.setServiveAttribute: realm or plugin name" + " is null");
Object[] args = { sName, IdType.ROLE.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
}
try {
SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
ServiceConfigManager scm = new ServiceConfigManager(token, IdConstants.REPO_SERVICE, "1.0");
ServiceConfig sc = scm.getOrganizationConfig(realm, null);
if (sc == null) {
return;
}
ServiceConfig subConfig = sc.getSubConfig(pluginName);
if (subConfig == null) {
return;
}
Map attributes = subConfig.getAttributes();
Set vals = (Set) attributes.get(IdConstants.SERVICE_ATTRS);
if (vals == null || vals == Collections.EMPTY_SET) {
vals = new HashSet();
}
if (sclient == null) {
sclient = new SOAPClient("dummy");
}
String mapStr = sclient.encodeMap("result", attrs);
vals = new HashSet();
vals.add(mapStr);
attributes.put(IdConstants.SERVICE_ATTRS, vals);
subConfig.setAttributes(attributes);
} catch (SMSException smse) {
AMIdentityRepository.debug.error("IdRepoListener: Unable to set service attributes", smse);
Object[] args = { sName, IdType.ROLE.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
} catch (SSOException ssoe) {
AMIdentityRepository.debug.error("IdRepoListener: Unable to set service attributes", ssoe);
Object[] args = { sName, IdType.ROLE.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICE_ALREADY_ASSIGNED, args);
}
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class FSAssertionManagerClient method getServiceEndPoint.
// Private method to get the service endpoint URL
private static SOAPClient getServiceEndPoint(String protocol, String hostname, int port, String uri) throws Exception {
// Obtain the URL for the service endpoint
URL weburl = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, protocol, hostname, port, uri);
String iurl = weburl.toString();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManagerClient with URL: " + iurl);
}
// Obtaining the stub for JAX-RPC and setting the endpoint URL
String[] urls = { iurl };
return new SOAPClient(urls);
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class QueryClient method processXACMLQuery.
/**
* Returns SAMLv2 <code>Response</code>.
* SAMLv2 request is sent enclosed in the body of a SOAP Message
* to a SOAP endpoint.
* Prior to sending the request query, attributes required for completeness
* of the SAMLv2 Request will be set (eg. Issuer) if not already set.
* Message will be signed if signing is enabled.
* SAMLv2 Query Request will be enclosed in the SOAP Body to create a SOAP
* message to send to the server.
*
* @param request the SAMLv2 <code>RequestAbstract</code> object.
* @param pepEntityID entity identifier of the hosted query requester.
* @param pdpEntityID entity identifier of the remote server.
* @return SAMLv2 <code>Response</code> received from the
* Query Responder.
* @throws SAML2Exception if there is an error processing the query.
*/
public static Response processXACMLQuery(RequestAbstract request, String pepEntityID, String pdpEntityID) throws SAML2Exception {
String classMethod = "QueryClient:processXACMLQuery";
String realm = "/";
Response samlResponse = null;
Response response = null;
// retreive pepEntityID metadata
if (pepEntityID == null || pepEntityID.length() == 0) {
debug.error(classMethod + "PEP Identifier is null");
String[] data = { pepEntityID };
LogUtil.error(Level.INFO, LogUtil.INVALID_PEP_ID, data);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullPEP"));
}
// retreive pdpEntityID metadata
if (pdpEntityID == null || pdpEntityID.length() == 0) {
debug.error(classMethod + "PDP Identifier is null");
String[] data = { pdpEntityID };
LogUtil.error(Level.INFO, LogUtil.INVALID_PDP_ID, data);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullPDP"));
}
if (request != null) {
// set properties in the request.
XACMLAuthzDecisionQuery xacmlQuery = (XACMLAuthzDecisionQuery) request;
if (xacmlQuery != null) {
// set Issuer
Issuer issuer = createIssuer(pepEntityID);
xacmlQuery.setIssuer(issuer);
//generate ID
String requestID = SAML2SDKUtils.generateID();
xacmlQuery.setID(requestID);
xacmlQuery.setVersion(SAML2Constants.VERSION_2_0);
xacmlQuery.setIssueInstant(new Date());
XACMLPDPConfigElement pdpConfig = getPDPConfig(realm, pdpEntityID);
if (pdpConfig != null) {
String wantQuerySigned = getAttributeValueFromPDPConfig(pdpConfig, "wantXACMLAuthzDecisionQuerySigned");
if (wantQuerySigned != null && wantQuerySigned.equals("true")) {
signAttributeQuery(xacmlQuery, realm, pepEntityID, false);
}
}
String xmlString = xacmlQuery.toXMLString(true, true);
if (debug.messageEnabled()) {
debug.message(classMethod + "XACML Query XML String :" + xmlString);
}
// retrieve endpoint from meta data
String endPoint = null;
XACMLAuthzDecisionQueryConfigElement pepConfig = getPEPConfig(realm, pepEntityID);
endPoint = getPDPEndPoint(pdpEntityID);
if (debug.messageEnabled()) {
debug.message(classMethod + " ResponseLocation is :" + endPoint);
}
// create SOAP message
try {
String soapMessage = SAML2SDKUtils.createSOAPMessageString(xmlString);
endPoint = SAML2SDKUtils.fillInBasicAuthInfo(pepConfig, endPoint);
String[] urls = { endPoint };
SOAPClient soapClient = new SOAPClient(urls);
if (debug.messageEnabled()) {
debug.message(classMethod + "soapMessage :" + soapMessage);
}
InputStream soapIn = soapClient.call(soapMessage, null, null);
StringBuffer reply = new StringBuffer();
String line;
BufferedReader reader = new BufferedReader(new InputStreamReader(soapIn, "UTF-8"));
while ((line = reader.readLine()) != null) {
reply.append(line).append("\n");
}
// check the SOAP message for any SOAP related errors
// before passing control to SAML processor
xmlString = reply.toString();
if (debug.messageEnabled()) {
debug.message("Response Message:\n" + xmlString);
}
samlResponse = getSAMLResponse(xmlString);
issuer = samlResponse.getIssuer();
String issuerID = null;
if (issuer != null) {
issuerID = issuer.getValue().trim();
}
boolean isTrusted = verifyResponseIssuer(realm, pepEntityID, issuerID);
if (!isTrusted) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Issuer in Request is not valid.");
}
String[] args = { realm, pepEntityID, pdpEntityID };
LogUtil.error(Level.INFO, LogUtil.INVALID_ISSUER_IN_PEP_REQUEST, args);
throw new SAML2Exception("invalidIssuerInRequest");
}
if (samlResponse != null) {
xmlString = samlResponse.toXMLString(true, true);
if (debug.messageEnabled()) {
debug.message(classMethod + "Response: " + xmlString);
}
response = verifyResponse(realm, pepEntityID, samlResponse);
if (debug.messageEnabled()) {
debug.message(classMethod + "Response with decrypted Assertion: " + response.toXMLString(true, true));
}
}
} catch (SOAPException soae) {
if (debug.messageEnabled()) {
debug.message(classMethod + "SOAPException :", soae);
}
throw new SAML2Exception(soae.getMessage());
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Exception ", e);
}
throw new SAML2Exception(e.getMessage());
}
}
}
return response;
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class SecurityTokenManagerClient method getServiceEndPoint.
// Private method to get the service endpoint URL
private static SOAPClient getServiceEndPoint(String protocol, String hostname, String port, String uri) throws Exception {
// Obtain the URL for the service endpoint
int intPort = Integer.parseInt(port);
URL weburl = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, protocol, hostname, intPort, uri);
String iurl = weburl.toString();
if (SecurityTokenManager.debug.messageEnabled()) {
SecurityTokenManager.debug.message("SecurityTokenManagerClient with URL: " + iurl);
}
String[] urls = { iurl };
return new SOAPClient(urls);
}
use of com.sun.identity.shared.jaxrpc.SOAPClient in project OpenAM by OpenRock.
the class SecurityTokenManagerClient method getRemoteStub.
private static SOAPClient getRemoteStub() throws SecurityTokenException {
boolean foundServer = false;
Exception ee = null;
SOAPClient remoteStub = null;
try {
// Get the list of platform servers
Iterator serverList = SystemConfigurationUtil.getServerList().iterator();
// Get a server that is responding
while (serverList.hasNext() && !foundServer) {
URL u = new URL((String) serverList.next());
remoteStub = getServiceEndPoint(u.getProtocol(), u.getHost(), Integer.toString(u.getPort()), u.getPath());
// Check if the server is active
try {
// this call will throw an exception if server is down
remoteStub.send("checkForLocal", null, null, null);
if (SecurityTokenManager.debug.messageEnabled()) {
SecurityTokenManager.debug.message("STMC(): Using the remote URL: " + u.toString());
}
foundServer = true;
if (SecurityTokenManager.debug.warningEnabled()) {
SecurityTokenManager.debug.warning("STMC:getRemoteStub: remote server being used: " + u.toString());
}
} catch (Exception e) {
ee = e;
if (SecurityTokenManager.debug.warningEnabled()) {
SecurityTokenManager.debug.warning("STMC:getRemoteStub: server (" + u.toString() + ") error: ", e);
}
}
}
} catch (Exception f) {
ee = f;
if (SecurityTokenManager.debug.warningEnabled()) {
SecurityTokenManager.debug.warning("STMC:getRemoteStub: generic error: ", f);
}
}
if (!foundServer) {
// No valid server found. Return the last exception
if (ee != null) {
throw (new SecurityTokenException(ee.getMessage()));
} else {
throw (new SecurityTokenException(bundle.getString("serverNotFound")));
}
}
return (remoteStub);
}
Aggregations