Example 16 with FederationElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement in project OpenAM by OpenRock.
the class WSFedPropertiesModelImpl method setIDPSTDAttributeValues.
/**
* Saves the standard attribute values for the IDP.
*
* @param entityName is entityid.
* @param idpStdValues contain standard attribute values of idp.
* @param realm to which the entity belongs.
* @param idpExtValues contain extended attribute values.
* @param location the information whether remote or hosted.
* @throws AMConsoleException if saving of attribute value fails.
*/
public void setIDPSTDAttributeValues(String entityName, Map idpStdValues, String realm, Map idpExtValues, String location) throws AMConsoleException {
FederationElement fedElem = getEntityDesc(realm, entityName);
List claimList = null;
ClaimType claimType = null;
DisplayNameType displayName = null;
String value = null;
UriNamedClaimTypesOfferedElement UriNamedclaimTypes = null;
try {
UriNamedclaimTypes = getWSFederationMetaManager().getUriNamedClaimTypesOffered(fedElem);
} catch (WSFederationMetaException we) {
UriNamedclaimTypes = null;
}
if (UriNamedclaimTypes != null) {
int iClaim = 0;
claimList = UriNamedclaimTypes.getClaimType();
for (iClaim = 0; iClaim < claimList.size(); iClaim += 1) {
claimType = (ClaimType) claimList.get(iClaim);
displayName = claimType.getDisplayName();
}
}
HashSet set = (HashSet) idpStdValues.get(WSFedPropertiesModel.TFCLAIM_TYPES);
Iterator i = set.iterator();
while ((i != null) && (i.hasNext())) {
value = (String) i.next();
}
if ((value.toString()).equals(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_COMMONNAME])) {
displayName.setValue(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_COMMONNAME]);
claimType.setUri(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_COMMONNAME]);
} else if (value.toString().equals(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_EMAILADDRESS])) {
displayName.setValue(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_EMAILADDRESS]);
claimType.setUri(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_EMAILADDRESS]);
} else if (value.toString().equals(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_UPN])) {
displayName.setValue(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_UPN]);
claimType.setUri(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN]);
}
try {
if (location.equals("hosted")) {
String idp_certalias = getResult(idpExtValues, TFSIGNCERT_ALIAS);
WSFederationMetaSecurityUtils.updateProviderKeyInfo(realm, entityName, idp_certalias, true);
}
getWSFederationMetaManager().setFederation(realm, fedElem);
} catch (WSFederationMetaException e) {
debug.warning("WSFedPropertiesModelImpl.setIDPSTDAttributeValues", e);
throw new AMConsoleException(e.getMessage());
}
}
Also used :
UriNamedClaimTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)
Iterator(java.util.Iterator)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
DisplayNameType(com.sun.identity.wsfederation.jaxb.wsfederation.DisplayNameType)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
ClaimType(com.sun.identity.wsfederation.jaxb.wsfederation.ClaimType)
HashSet(java.util.HashSet)
Example 17 with FederationElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement in project OpenAM by OpenRock.
the class WSFedPropertiesModelImpl method createExtendedObject.
/**
* Creates the extended config object when it does not exist.
* @param realm to which the entity belongs.
* @param fedId is the entity id.
* @param location is either hosted or remote
* @param role is SP, IDP or SP/IDP.
* @param keys which contain all extended attribute keys.
* @throws WSFederationMetaException, JAXBException,
* AMConsoleException if saving of attribute value fails.
*/
private void createExtendedObject(String realm, String fedId, String location, String role, Map keys) throws WSFederationMetaException, JAXBException, AMConsoleException {
try {
ObjectFactory objFactory = new ObjectFactory();
WSFederationMetaManager metaManager = getWSFederationMetaManager();
FederationElement edes = metaManager.getEntityDescriptor(realm, fedId);
if (edes == null) {
if (debug.warningEnabled()) {
debug.warning("WSFedPropertiesModelImpl.createExtendedObject: " + "No such entity: " + fedId);
}
String[] data = { realm, fedId };
throw new WSFederationMetaException("fedId_invalid", data);
}
FederationConfigElement eConfig = metaManager.getEntityConfig(realm, fedId);
if (eConfig == null) {
BaseConfigType bctype = null;
FederationConfigElement ele = objFactory.createFederationConfigElement();
ele.setFederationID(fedId);
if (location.equals("remote")) {
ele.setHosted(false);
}
List ll = ele.getIDPSSOConfigOrSPSSOConfig();
// Right now, it is either an SP or an IdP or dual role
if (isDualRole(edes)) {
//for dual role create both idp and sp config objects
BaseConfigType bctype_idp = null;
BaseConfigType bctype_sp = null;
bctype_idp = objFactory.createIDPSSOConfigElement();
bctype_idp = createAttributeElement(keys, bctype_idp);
bctype_sp = objFactory.createSPSSOConfigElement();
bctype_sp = createAttributeElement(keys, bctype_sp);
ll.add(bctype_idp);
ll.add(bctype_sp);
} else if (role.equals(IDENTITY_PROVIDER)) {
bctype = objFactory.createIDPSSOConfigElement();
//bctype.getAttribute().add(atype);
bctype = createAttributeElement(keys, bctype);
ll.add(bctype);
} else if (role.equals(SERVICE_PROVIDER)) {
bctype = objFactory.createSPSSOConfigElement();
bctype = createAttributeElement(keys, bctype);
ll.add(bctype);
}
metaManager.setEntityConfig(realm, ele);
}
} catch (JAXBException e) {
debug.warning("WSFedPropertiesModelImpl.createExtendedObject", e);
throw new AMConsoleException(getErrorString(e));
} catch (WSFederationMetaException e) {
debug.warning("WSFedPropertiesModelImpl.createExtendedObject", e);
throw new AMConsoleException(getErrorString(e));
}
}
Also used :
BaseConfigType(com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
ObjectFactory(com.sun.identity.wsfederation.jaxb.entityconfig.ObjectFactory)
JAXBException(javax.xml.bind.JAXBException)
FederationConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
Example 18 with FederationElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement in project OpenAM by OpenRock.
the class IPRPSignoutRequest method process.
/**
* Processes the sign-out request, returning a response via the
* HttpServletResponse passed to the constructor.
*/
public void process() throws IOException, WSFederationException {
String classMethod = "IPRPSignoutRequest.process: ";
String metaAlias = WSFederationMetaUtils.getMetaAliasByUri(request.getRequestURI());
if ((metaAlias == null) || (metaAlias.trim().length() == 0)) {
debug.error(classMethod + "Unable to get meta alias from request");
throw new WSFederationException(WSFederationUtils.bundle.getString("MetaAliasNotFound"));
}
String realm = WSFederationMetaUtils.getRealmByMetaAlias(metaAlias);
if ((realm == null) || (realm.trim().length() == 0)) {
debug.error(classMethod + "Unable to get realm from request");
throw new WSFederationException(WSFederationUtils.bundle.getString("nullRealm"));
}
WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
// retrieve entity id from meta alias
String entityId = metaManager.getEntityByMetaAlias(metaAlias);
if ((entityId == null) || (entityId.trim().length() == 0)) {
debug.error(classMethod + "Unable to get Entity ID from metaAlias" + metaAlias);
throw new WSFederationException(WSFederationUtils.bundle.getString("nullEntityID"));
}
Object session = null;
try {
session = WSFederationUtils.sessionProvider.getSession(request);
} catch (SessionException se) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Session exception" + se.getLocalizedMessage());
}
// Don't care too much about session exceptions here - usual cause
// is trying to log out after the session has expired
}
try {
// Strategy here is to do logouts in parallel via iframes, provide a
// link to wreply, if any
BaseConfigType config = metaManager.getBaseConfig(realm, entityId);
String displayName = WSFederationMetaUtils.getAttribute(config, WSFederationConstants.DISPLAY_NAME);
if (displayName == null || displayName.length() == 0) {
displayName = entityId;
}
request.setAttribute(WSFederationConstants.LOGOUT_DISPLAY_NAME, displayName);
request.setAttribute(WSFederationConstants.LOGOUT_WREPLY, wreply);
request.setAttribute(WSFederationConstants.REALM_PARAM, realm);
request.setAttribute(WSFederationConstants.ENTITYID_PARAM, entityId);
LinkedHashMap<String, String> providerList = new LinkedHashMap<String, String>();
if (session != null) {
String[] idpList = WSFederationUtils.sessionProvider.getProperty(session, WSFederationConstants.SESSION_IDP);
if (idpList != null && idpList.length > 0 && idpList[0] != null && idpList[0].length() > 0) {
FederationElement fed = metaManager.getEntityDescriptor(realm, idpList[0]);
String endpoint = metaManager.getTokenIssuerEndpoint(fed);
String url = endpoint + "?wa=" + WSFederationConstants.WSIGNOUT10;
config = metaManager.getBaseConfig(realm, idpList[0]);
displayName = WSFederationMetaUtils.getAttribute(config, WSFederationConstants.DISPLAY_NAME);
if (displayName == null) {
displayName = idpList[0];
}
if (debug.messageEnabled()) {
debug.message(classMethod + "sending signout to " + url);
}
providerList.put(url, displayName);
}
String[] spList = WSFederationUtils.sessionProvider.getProperty(session, WSFederationConstants.SESSION_SP_LIST);
if (spList != null && spList.length > 0 && spList[0] != null && spList[0].length() > 0) {
for (int i = 0; i < spList.length; i++) {
config = metaManager.getBaseConfig(realm, spList[i]);
displayName = WSFederationMetaUtils.getAttribute(config, WSFederationConstants.DISPLAY_NAME);
if (displayName == null) {
displayName = spList[i];
}
FederationElement fed = metaManager.getEntityDescriptor(realm, spList[i]);
String endpoint = metaManager.getTokenIssuerEndpoint(fed);
String url = endpoint + "?wa=" + WSFederationConstants.WSIGNOUT10;
if (debug.messageEnabled()) {
debug.message(classMethod + "sending signout to " + url);
}
providerList.put(url, displayName);
}
// Can't remove a session property, so just set it to
// an empty string
String[] empty = { "" };
WSFederationUtils.sessionProvider.setProperty(session, WSFederationConstants.SESSION_SP_LIST, empty);
}
if (debug.messageEnabled()) {
debug.message(classMethod + "destroying session " + session);
}
MultiProtocolUtils.invalidateSession(session, request, response, SingleLogoutManager.WS_FED);
}
request.setAttribute(WSFederationConstants.LOGOUT_PROVIDER_LIST, providerList);
request.getRequestDispatcher("/wsfederation/jsp/logout.jsp").forward(request, response);
} catch (ServletException se) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Servlet exception" + se.getLocalizedMessage());
}
throw new WSFederationException(se);
} catch (SessionException se) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Session exception" + se.getLocalizedMessage());
}
throw new WSFederationException(se);
}
// Can't pass session, since we just invalidated it!
String[] data = { wreply };
LogUtil.access(Level.INFO, LogUtil.SLO_SUCCESSFUL, data, null);
}
Also used :
BaseConfigType(com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)
ServletException(javax.servlet.ServletException)
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
SessionException(com.sun.identity.plugin.session.SessionException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
LinkedHashMap(java.util.LinkedHashMap)
Example 19 with FederationElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement in project OpenAM by OpenRock.
the class WSFederationCOTUtils method updateEntityConfig.
/**
* Updates the entity config to add the circle of trust name to the
* <code>cotlist</code> attribute. The Service Provider and Identity
* Provider Configuration are updated.
*
* @param realm the realm name where the entity configuration is.
* @param name the circle of trust name.
* @param entityId the name of the Entity identifier.
* @throws WSFederationMetaException if there is a configuration error when
* updating the configuration.
* @throws JAXBException is there is an error updating the entity
* configuration.
*/
public void updateEntityConfig(String realm, String name, String entityId) throws WSFederationMetaException, JAXBException {
String classMethod = "WSFederationCOTUtils.updateEntityConfig: ";
WSFederationMetaManager metaManager = null;
if (callerSession != null) {
metaManager = new WSFederationMetaManager(callerSession);
} else {
metaManager = new WSFederationMetaManager();
}
ObjectFactory objFactory = new ObjectFactory();
// Check whether the entity id existed in the DS
FederationElement edes = metaManager.getEntityDescriptor(realm, entityId);
if (edes == null) {
debug.error(classMethod + "No such entity: " + entityId);
String[] data = { realm, entityId };
throw new WSFederationMetaException("entityid_invalid", data);
}
FederationConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
if (eConfig == null) {
BaseConfigType bctype = null;
AttributeType atype = objFactory.createAttributeType();
atype.setName(SAML2Constants.COT_LIST);
atype.getValue().add(name);
// add to eConfig
FederationConfigElement ele = objFactory.createFederationConfigElement();
ele.setFederationID(entityId);
ele.setHosted(false);
List ll = ele.getIDPSSOConfigOrSPSSOConfig();
// IdP will have UriNamedClaimTypesOffered
if (metaManager.getUriNamedClaimTypesOffered(edes) != null) {
bctype = objFactory.createIDPSSOConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
} else {
bctype = objFactory.createSPSSOConfigElement();
bctype.getAttribute().add(atype);
ll.add(bctype);
}
metaManager.setEntityConfig(realm, ele);
} else {
List elist = eConfig.getIDPSSOConfigOrSPSSOConfig();
for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
BaseConfigType bConfig = (BaseConfigType) iter.next();
List list = bConfig.getAttribute();
boolean foundCOT = false;
for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
AttributeType avp = (AttributeType) iter2.next();
if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
foundCOT = true;
List avpl = avp.getValue();
if (avpl.isEmpty() || !containsValue(avpl, name)) {
avpl.add(name);
metaManager.setEntityConfig(realm, eConfig);
break;
}
}
}
// no cot_list in the original entity config
if (!foundCOT) {
AttributeType atype = objFactory.createAttributeType();
atype.setName(SAML2Constants.COT_LIST);
atype.getValue().add(name);
list.add(atype);
metaManager.setEntityConfig(realm, eConfig);
}
}
}
}
Also used :
BaseConfigType(com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)
ObjectFactory(com.sun.identity.wsfederation.jaxb.entityconfig.ObjectFactory)
AttributeType(com.sun.identity.wsfederation.jaxb.entityconfig.AttributeType)
Iterator(java.util.Iterator)
FederationConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement)
List(java.util.List)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
Example 20 with FederationElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement in project OpenAM by OpenRock.
the class WSFederationCOTUtils method removeFromEntityConfig.
/**
* Removes the circle of trust name passed from the <code>cotlist</code>
* attribute in the Entity Config. The Service Provider and Identity
* Provider Entity Configuration are updated.
*
* @param realm the realm of the provider
* @param name the circle of trust name to be removed.
* @param entityId the entity identifier of the provider.
* @throws WSFederationMetaException if there is an error updating the
* entity config.
* @throws JAXBException if there is an error updating the entity config.
*/
public void removeFromEntityConfig(String realm, String name, String entityId) throws WSFederationMetaException, JAXBException {
String classMethod = "WSFederationCOTUtils.removeFromEntityConfig: ";
WSFederationMetaManager metaManager = null;
if (callerSession != null) {
metaManager = new WSFederationMetaManager(callerSession);
} else {
metaManager = new WSFederationMetaManager();
}
// Check whether the entity id existed in the DS
FederationElement edes = metaManager.getEntityDescriptor(realm, entityId);
if (edes == null) {
debug.error(classMethod + "No such entity: " + entityId);
String[] data = { realm, entityId };
throw new WSFederationMetaException("entityid_invalid", data);
}
FederationConfigElement eConfig = metaManager.getEntityConfig(realm, entityId);
if (eConfig != null) {
List elist = eConfig.getIDPSSOConfigOrSPSSOConfig();
for (Iterator iter = elist.iterator(); iter.hasNext(); ) {
BaseConfigType bConfig = (BaseConfigType) iter.next();
List list = bConfig.getAttribute();
for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
AttributeType avp = (AttributeType) iter2.next();
if (avp.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
List avpl = avp.getValue();
if (avpl != null && !avpl.isEmpty() && containsValue(avpl, name)) {
avpl.remove(name);
metaManager.setEntityConfig(realm, eConfig);
break;
}
}
}
}
}
}
Also used :
BaseConfigType(com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)
AttributeType(com.sun.identity.wsfederation.jaxb.entityconfig.AttributeType)
Iterator(java.util.Iterator)
FederationConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement)
List(java.util.List)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
Aggregations
FederationElement (com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)23
WSFederationMetaManager (com.sun.identity.wsfederation.meta.WSFederationMetaManager)12
WSFederationMetaException (com.sun.identity.wsfederation.meta.WSFederationMetaException)10
List (java.util.List)8
Iterator (java.util.Iterator)7
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)6
HashSet (java.util.HashSet)6
JAXBException (javax.xml.bind.JAXBException)6
FederationConfigElement (com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement)5
BaseConfigType (com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)4
TokenIssuerEndpointElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)4
CLIException (com.sun.identity.cli.CLIException)3
WSFederationException (com.sun.identity.wsfederation.common.WSFederationException)3
UriNamedClaimTypesOfferedElement (com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)3
ArrayList (java.util.ArrayList)3
Set (java.util.Set)3
WSFedPropertiesModel (com.sun.identity.console.federation.model.WSFedPropertiesModel)2
ConfigurationException (com.sun.identity.plugin.configuration.ConfigurationException)2
AttributeType (com.sun.identity.wsfederation.jaxb.entityconfig.AttributeType)2
ObjectFactory (com.sun.identity.wsfederation.jaxb.entityconfig.ObjectFactory)2
