Example 6 with Subject
use of com.sun.identity.xacml.context.Subject in project OpenAM by OpenRock.
the class FMSubjectMapperTest method testMapToNativeSubject.
@Test(groups = { "xacml" })
public void testMapToNativeSubject() throws XACMLException, URISyntaxException {
FMSubjectMapper subjectMapper = new FMSubjectMapper();
Subject subject1 = ContextFactory.getInstance().createSubject();
//supported category for id
//urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
subject1.setSubjectCategory(new URI("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"));
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setIssuer("sampleIssuer1");
//key attribute id
//urn:oasis:names:tc:xacml:1.0:subject:subject-id
attribute.setAttributeId(new URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id"));
//supported data type for id
//urn:oasis:names:tc:xacml:1.0:data-type:x500Name
//urn:sun:names:xacml:2.0:data-type:opensso-session-id
//urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
attribute.setDataType(new URI("urn:sun:names:xacml:2.0:data-type:opensso-session-id"));
List<String> valueList = new ArrayList<String>();
AuthContext lc = null;
String[] callbacks = { "amadmin", "admin123" };
SSOToken ssot = null;
try {
lc = new AuthContext("/");
AuthContext.IndexType indexType = AuthContext.IndexType.MODULE_INSTANCE;
String indexName = "DataStore";
log(Level.INFO, "testMapToNativeSubject():\n", " LDAPLogin: Obtained login context");
lc.login(indexType, indexName, callbacks);
if (lc.getStatus() == AuthContext.Status.SUCCESS) {
log(Level.INFO, "testMapToNativeSubject():\n", " Login success!!");
}
ssot = lc.getSSOToken();
} catch (Exception le) {
le.printStackTrace();
log(Level.INFO, "testMapToNativeSubject():\n", " Login failed!!");
}
String sid = ssot.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " sid = " + sid);
valueList.add(sid);
attribute.setAttributeStringValues(valueList);
List<Attribute> attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
subject1.setAttributes(attributeList);
Subject[] subjects = { subject1 };
List<Subject> subjectsList = new ArrayList<Subject>();
subjectsList.add(subject1);
SSOToken retSSOToken = (SSOToken) subjectMapper.mapToNativeSubject(subjectsList);
String retSid = retSSOToken.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " return sid = " + retSid);
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
Attribute(com.sun.identity.xacml.context.Attribute)
ArrayList(java.util.ArrayList)
AuthContext(com.sun.identity.authentication.AuthContext)
URI(java.net.URI)
Subject(com.sun.identity.xacml.context.Subject)
URISyntaxException(java.net.URISyntaxException)
XACMLException(com.sun.identity.xacml.common.XACMLException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Test(org.testng.annotations.Test)
Example 7 with Subject
use of com.sun.identity.xacml.context.Subject in project OpenAM by OpenRock.
the class RequestImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("RequestImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("RequestImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.REQUEST)) {
XACMLSDKUtils.debug.error("RequestImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes < 1) {
XACMLSDKUtils.debug.error("RequestImpl.processElement(): request has no subelements");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_subelements"));
}
ContextFactory factory = ContextFactory.getInstance();
List children = new ArrayList();
int i = 0;
Node child;
while (i < numOfNodes) {
child = (Node) nodes.item(i);
if (child.getNodeType() == Node.ELEMENT_NODE) {
children.add(child);
}
i++;
}
if (children.isEmpty()) {
XACMLSDKUtils.debug.error("RequestImpl.processElement():" + " request has no subelements");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_subelements"));
}
child = (Node) children.get(0);
// The first subelement should be <Subject>
String childName = child.getLocalName();
if ((childName == null) || (!childName.equals(XACMLConstants.SUBJECT))) {
XACMLSDKUtils.debug.error("RequestImpl.processElement():" + " the first element is not <Subject>");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_subelement_subject"));
}
Subject subject = factory.getInstance().createSubject((Element) child);
if (!supportedSubjectCategory.contains(subject.getSubjectCategory().toString())) {
XACMLSDKUtils.debug.error("RequestImpl.processElement():subject " + "category in subject not supported");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("unsupported_subject_category"));
}
subjects.add(subject);
boolean resourceFound = false;
boolean actionFound = false;
boolean envFound = false;
for (int j = 1; j < children.size(); j++) {
child = (Node) children.get(j);
// so far <Resource> is not encountered
// Go through next sub elements for <Subject> and <Resource>
// The next subelement may be <Resource> or <Subject>
childName = child.getLocalName();
if ((childName != null) && (childName.equals(XACMLConstants.RESOURCE) || childName.equals(XACMLConstants.SUBJECT))) {
if (resourceFound) {
if (childName.equals(XACMLConstants.SUBJECT)) {
// all <Subject> should be before <Resource>
XACMLSDKUtils.debug.error("RequestImpl." + "processElement(): <Subject> should be " + "before <Resource>");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("element_out_of_place"));
} else {
// found another resource
Resource resource = factory.getInstance().createResource((Element) child);
resources.add(resource);
}
} else if (childName.equals(XACMLConstants.SUBJECT)) {
subject = factory.getInstance().createSubject((Element) child);
subjects.add(subject);
} else {
// childname is resource
resourceFound = true;
Resource resource = factory.getInstance().createResource((Element) child);
resources.add(resource);
}
} else if ((childName != null) && (childName.equals(XACMLConstants.ACTION))) {
if (!resourceFound) {
XACMLSDKUtils.debug.error("RequestImpl." + "processElement(): <Resource> should be " + "before <Action>");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("element_out_of_place"));
} else {
actionFound = true;
action = factory.createAction((Element) child);
}
} else if ((childName != null) && (childName.equals(XACMLConstants.ENVIRONMENT))) {
if (!resourceFound || !actionFound) {
XACMLSDKUtils.debug.error("RequestImpl." + "processElement(): <Resource> and " + "Action should be before <Environment>");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("element_out_of_place"));
} else {
envFound = true;
env = factory.createEnvironment((Element) child);
}
}
}
if (XACMLSDKUtils.debug.messageEnabled()) {
XACMLSDKUtils.debug.message("resourceFound:" + resourceFound);
XACMLSDKUtils.debug.message("actionFound:" + actionFound);
XACMLSDKUtils.debug.message("envFound:" + envFound);
}
if (!resourceFound || !actionFound || !envFound) {
XACMLSDKUtils.debug.error("RequestImpl.processElement(): Some" + "of required elements are missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_subelements"));
}
}
Also used :
ContextFactory(com.sun.identity.xacml.context.ContextFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Resource(com.sun.identity.xacml.context.Resource)
NodeList(org.w3c.dom.NodeList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Subject(com.sun.identity.xacml.context.Subject)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Aggregations
Subject (com.sun.identity.xacml.context.Subject)7
Attribute (com.sun.identity.xacml.context.Attribute)5
Resource (com.sun.identity.xacml.context.Resource)5
URI (java.net.URI)5
ArrayList (java.util.ArrayList)5
List (java.util.List)4
XACMLException (com.sun.identity.xacml.common.XACMLException)3
Action (com.sun.identity.xacml.context.Action)3
Environment (com.sun.identity.xacml.context.Environment)3
Request (com.sun.identity.xacml.context.Request)3
SSOException (com.iplanet.sso.SSOException)2
SSOToken (com.iplanet.sso.SSOToken)2
URISyntaxException (java.net.URISyntaxException)2
Element (org.w3c.dom.Element)2
SSOTokenManager (com.iplanet.sso.SSOTokenManager)1
AuthContext (com.sun.identity.authentication.AuthContext)1
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1
SessionException (com.sun.identity.plugin.session.SessionException)1
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)1
ContextFactory (com.sun.identity.xacml.context.ContextFactory)1
