Example 1 with TokenIssuerEndpointElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement in project OpenAM by OpenRock.
the class CreateWSFedMetaDataTemplate method addWSFedIdentityProviderTemplate.
private static void addWSFedIdentityProviderTemplate(String entityId, com.sun.identity.wsfederation.jaxb.wsfederation.ObjectFactory objFactory, FederationElement fed, Map mapParams, String url) throws JAXBException, CertificateEncodingException {
if (url == null) {
url = getHostURL();
}
String idpAlias = (String) mapParams.get(MetaTemplateParameters.P_IDP);
String idpSCertAlias = (String) mapParams.get(MetaTemplateParameters.P_IDP_S_CERT);
String maStr = buildMetaAliasInURI(idpAlias);
if ((idpSCertAlias != null) && idpSCertAlias.length() > 0) {
com.sun.identity.wsfederation.jaxb.wsse.ObjectFactory secextObjFactory = new com.sun.identity.wsfederation.jaxb.wsse.ObjectFactory();
com.sun.identity.wsfederation.jaxb.xmlsig.ObjectFactory dsObjectFactory = new com.sun.identity.wsfederation.jaxb.xmlsig.ObjectFactory();
TokenSigningKeyInfoElement tski = objFactory.createTokenSigningKeyInfoElement();
SecurityTokenReferenceElement str = secextObjFactory.createSecurityTokenReferenceElement();
X509DataElement x509Data = dsObjectFactory.createX509DataElement();
X509Certificate x509Cert = dsObjectFactory.createX509DataTypeX509Certificate();
x509Cert.setValue(KeyUtil.getKeyProviderInstance().getX509Certificate(idpSCertAlias).getEncoded());
x509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(x509Cert);
str.getAny().add(x509Data);
tski.setSecurityTokenReference(str);
fed.getAny().add(tski);
}
TokenIssuerNameElement tin = objFactory.createTokenIssuerNameElement();
tin.setValue(entityId);
fed.getAny().add(tin);
TokenIssuerEndpointElement tie = objFactory.createTokenIssuerEndpointElement();
com.sun.identity.wsfederation.jaxb.wsaddr.ObjectFactory addrObjFactory = new com.sun.identity.wsfederation.jaxb.wsaddr.ObjectFactory();
AttributedURIType auri = addrObjFactory.createAttributedURIType();
auri.setValue(url + "/WSFederationServlet" + maStr);
tie.setAddress(auri);
fed.getAny().add(tie);
TokenTypesOfferedElement tto = objFactory.createTokenTypesOfferedElement();
TokenType tt = objFactory.createTokenType();
tt.setUri(WSFederationConstants.URN_OASIS_NAMES_TC_SAML_11);
tto.getTokenType().add(tt);
fed.getAny().add(tto);
UriNamedClaimTypesOfferedElement uncto = objFactory.createUriNamedClaimTypesOfferedElement();
ClaimType ct = objFactory.createClaimType();
ct.setUri(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN]);
DisplayNameType dnt = objFactory.createDisplayNameType();
dnt.setValue(WSFederationConstants.NAMED_CLAIM_DISPLAY_NAMES[WSFederationConstants.NAMED_CLAIM_UPN]);
ct.setDisplayName(dnt);
uncto.getClaimType().add(ct);
fed.getAny().add(uncto);
}
Also used :
TokenTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenTypesOfferedElement)
AttributedURIType(com.sun.identity.wsfederation.jaxb.wsaddr.AttributedURIType)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
ClaimType(com.sun.identity.wsfederation.jaxb.wsfederation.ClaimType)
TokenType(com.sun.identity.wsfederation.jaxb.wsfederation.TokenType)
X509DataElement(com.sun.identity.wsfederation.jaxb.xmlsig.X509DataElement)
TokenIssuerNameElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerNameElement)
UriNamedClaimTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)
SecurityTokenReferenceElement(com.sun.identity.wsfederation.jaxb.wsse.SecurityTokenReferenceElement)
DisplayNameType(com.sun.identity.wsfederation.jaxb.wsfederation.DisplayNameType)
X509Certificate(com.sun.identity.wsfederation.jaxb.xmlsig.X509DataType.X509Certificate)
TokenSigningKeyInfoElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenSigningKeyInfoElement)
Example 2 with TokenIssuerEndpointElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement in project OpenAM by OpenRock.
the class CreateWSFedMetaDataTemplate method addWSFedServiceProviderTemplate.
private static void addWSFedServiceProviderTemplate(String entityId, com.sun.identity.wsfederation.jaxb.wsfederation.ObjectFactory objFactory, FederationElement fed, Map mapParams, String url) throws JAXBException {
if (url == null) {
url = getHostURL();
}
String spAlias = (String) mapParams.get(MetaTemplateParameters.P_SP);
String maStr = buildMetaAliasInURI(spAlias);
TokenIssuerNameElement tin = objFactory.createTokenIssuerNameElement();
tin.setValue(entityId);
fed.getAny().add(tin);
TokenIssuerEndpointElement tie = objFactory.createTokenIssuerEndpointElement();
com.sun.identity.wsfederation.jaxb.wsaddr.ObjectFactory addrObjFactory = new com.sun.identity.wsfederation.jaxb.wsaddr.ObjectFactory();
AttributedURIType auri = addrObjFactory.createAttributedURIType();
auri.setValue(url + "/WSFederationServlet" + maStr);
tie.setAddress(auri);
fed.getAny().add(tie);
SingleSignOutNotificationEndpointElement ssne = objFactory.createSingleSignOutNotificationEndpointElement();
AttributedURIType ssneUri = addrObjFactory.createAttributedURIType();
ssneUri.setValue(url + "/WSFederationServlet" + maStr);
ssne.setAddress(auri);
fed.getAny().add(ssne);
}
Also used :
AttributedURIType(com.sun.identity.wsfederation.jaxb.wsaddr.AttributedURIType)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
SingleSignOutNotificationEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.SingleSignOutNotificationEndpointElement)
TokenIssuerNameElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerNameElement)
Example 3 with TokenIssuerEndpointElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement in project OpenAM by OpenRock.
the class ConfigFedMonitoring method getWSFedRoles.
public List getWSFedRoles(String entity, String realm) {
List roles = new ArrayList(4);
boolean isSP = true;
int cnt = 0;
try {
WSFederationMetaManager metaManager = new WSFederationMetaManager();
if (metaManager.getIDPSSOConfig(realm, entity) != null) {
roles.add(IDENTITY_PROVIDER);
}
if (metaManager.getSPSSOConfig(realm, entity) != null) {
roles.add(SERVICE_PROVIDER);
}
//to handle dual roles specifically for WSFED
if (roles.isEmpty()) {
FederationElement fedElem = metaManager.getEntityDescriptor(realm, entity);
if (fedElem != null) {
for (Iterator iter = fedElem.getAny().iterator(); iter.hasNext(); ) {
Object o = iter.next();
if (o instanceof UriNamedClaimTypesOfferedElement) {
roles.add(IDENTITY_PROVIDER);
isSP = false;
} else if (o instanceof TokenIssuerEndpointElement) {
cnt++;
}
}
if ((isSP) || (cnt > 1)) {
roles.add(SERVICE_PROVIDER);
}
}
}
} catch (WSFederationMetaException e) {
debug.warning("ConfigFedMonitoring.getWSFedRoles", e);
}
return (roles != null) ? roles : Collections.EMPTY_LIST;
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
UriNamedClaimTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
Example 4 with TokenIssuerEndpointElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement in project OpenAM by OpenRock.
the class IDPSSOUtil method getACSurl.
/**
* Returns the assertion consumer service (ACS) URL for the entity.
* @param entityId entity ID of provider
* @param realm realm of the provider
* @param wreply the ACSURL supplied by the requestor. If supplied, this is
* checked against the URLs registered for the provider.
* @return assertion consumer service (ACS) URL for the entity.
*/
public static String getACSurl(String entityId, String realm, String wreply) throws WSFederationMetaException {
WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
FederationElement sp = metaManager.getEntityDescriptor(realm, entityId);
if (wreply == null) {
// Get first ACS URL for this SP
return metaManager.getTokenIssuerEndpoint(sp);
} else {
// Just return first TokenIssuerEndpoint in the Federation
for (Object o : sp.getAny()) {
if (o instanceof TokenIssuerEndpointElement) {
try {
URL replyUrl = new URL(wreply);
URL thisUrl = new URL(((TokenIssuerEndpointElement) o).getAddress().getValue());
if (replyUrl.equals(thisUrl))
return wreply;
} catch (MalformedURLException mue) {
return null;
}
}
}
}
return null;
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
MalformedURLException(java.net.MalformedURLException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
URL(java.net.URL)
Example 5 with TokenIssuerEndpointElement
use of com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement in project OpenAM by OpenRock.
the class EntityModelImpl method getWSFedRoles.
public List getWSFedRoles(String entity, String realm) {
List roles = new ArrayList(4);
boolean isSP = true;
int cnt = 0;
try {
WSFederationMetaManager metaManager = new WSFederationMetaManager();
if (metaManager.getIDPSSOConfig(realm, entity) != null) {
roles.add(IDENTITY_PROVIDER);
}
if (metaManager.getSPSSOConfig(realm, entity) != null) {
roles.add(SERVICE_PROVIDER);
}
//to handle dual roles specifically for WSFED
if (roles.isEmpty()) {
FederationElement fedElem = metaManager.getEntityDescriptor(realm, entity);
if (fedElem != null) {
for (Iterator iter = fedElem.getAny().iterator(); iter.hasNext(); ) {
Object o = iter.next();
if (o instanceof UriNamedClaimTypesOfferedElement) {
roles.add(IDENTITY_PROVIDER);
isSP = false;
} else if (o instanceof TokenIssuerEndpointElement) {
cnt++;
}
}
if ((isSP) || (cnt > 1)) {
roles.add(SERVICE_PROVIDER);
}
}
}
} catch (WSFederationMetaException e) {
debug.warning("EntityModelImpl.getWSFedRoles", e);
}
return (roles != null) ? roles : Collections.EMPTY_LIST;
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
UriNamedClaimTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
Aggregations
TokenIssuerEndpointElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)7
FederationElement (com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)4
WSFederationMetaManager (com.sun.identity.wsfederation.meta.WSFederationMetaManager)4
Iterator (java.util.Iterator)4
TokenIssuerNameElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerNameElement)3
UriNamedClaimTypesOfferedElement (com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)3
WSFederationMetaException (com.sun.identity.wsfederation.meta.WSFederationMetaException)3
AttributedURIType (com.sun.identity.wsfederation.jaxb.wsaddr.AttributedURIType)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)1
ClaimType (com.sun.identity.wsfederation.jaxb.wsfederation.ClaimType)1
DisplayNameType (com.sun.identity.wsfederation.jaxb.wsfederation.DisplayNameType)1
SingleSignOutNotificationEndpointElement (com.sun.identity.wsfederation.jaxb.wsfederation.SingleSignOutNotificationEndpointElement)1
TokenSigningKeyInfoElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenSigningKeyInfoElement)1
TokenType (com.sun.identity.wsfederation.jaxb.wsfederation.TokenType)1
TokenTypesOfferedElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenTypesOfferedElement)1
SecurityTokenReferenceElement (com.sun.identity.wsfederation.jaxb.wsse.SecurityTokenReferenceElement)1
X509DataElement (com.sun.identity.wsfederation.jaxb.xmlsig.X509DataElement)1
X509Certificate (com.sun.identity.wsfederation.jaxb.xmlsig.X509DataType.X509Certificate)1
