Search in sources :

Example 1 with AuthMechType

use of com.tremolosecurity.config.xml.AuthMechType in project OpenUnison by TremoloSecurity.

the class LoadAuthChainsFromK8s method createAuthChain.

private AuthChainType createAuthChain(JSONObject item, String name) throws Exception {
    AuthChainType act = new AuthChainType();
    act.setName(name);
    JSONObject spec = (JSONObject) item.get("spec");
    act.setLevel(((Long) spec.get("level")).intValue());
    Boolean finishOnRequiredSucess = (Boolean) spec.get("finishOnRequiredSucess");
    if (finishOnRequiredSucess != null) {
        act.setFinishOnRequiredSucess(finishOnRequiredSucess);
    } else {
        act.setFinishOnRequiredSucess(false);
    }
    String root = (String) spec.get("root");
    if (root != null) {
        act.setRoot(root);
    }
    JSONObject jsonCompliance = (JSONObject) spec.get("compliance");
    if (jsonCompliance != null) {
        AuthLockoutType alt = new AuthLockoutType();
        alt.setEnabled((Boolean) jsonCompliance.get("enabled"));
        alt.setMaxFailedAttempts(((Integer) jsonCompliance.get("maxLockoutTime")));
        alt.setNumFailedAttribute((String) jsonCompliance.get("numFailedAttribute"));
        alt.setLastFailedAttribute((String) jsonCompliance.get("lastFailedAttribute"));
        alt.setLastSucceedAttribute((String) jsonCompliance.get("lastSucceedAttribute"));
        alt.setUpdateAttributesWorkflow((String) jsonCompliance.get("updateAttributesWorkflow"));
        alt.setUidAttributeName((String) jsonCompliance.get("uidAttributeName"));
        act.setCompliance(alt);
    }
    JSONArray mechs = (JSONArray) spec.get("authMechs");
    for (Object o : mechs) {
        JSONObject mech = (JSONObject) o;
        AuthMechType amt = new AuthMechType();
        amt.setName((String) mech.get("name"));
        amt.setRequired((String) mech.get("required"));
        amt.setParams(new AuthMechParamType());
        JSONObject jsonObj = (JSONObject) mech.get("params");
        for (Object ok : jsonObj.keySet()) {
            String paramName = (String) ok;
            Object val = jsonObj.get(paramName);
            if (val instanceof String) {
                ParamWithValueType pt = new ParamWithValueType();
                pt.setName(paramName);
                pt.setValue((String) val);
                amt.getParams().getParam().add(pt);
            } else {
                JSONArray vals = (JSONArray) val;
                for (Object ov : vals) {
                    ParamWithValueType pt = new ParamWithValueType();
                    pt.setName(paramName);
                    pt.setValue((String) ov);
                    amt.getParams().getParam().add(pt);
                }
            }
        }
        JSONArray secretParams = (JSONArray) mech.get("secretParams");
        if (secretParams != null) {
            HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
            String token = this.k8sWatch.getK8s().getAuthToken();
            try {
                for (Object ox : secretParams) {
                    JSONObject secretParam = (JSONObject) ox;
                    String paramName = (String) secretParam.get("name");
                    String secretName = (String) secretParam.get("secretName");
                    String secretKey = (String) secretParam.get("secretKey");
                    String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
                    ParamWithValueType pt = new ParamWithValueType();
                    pt.setName(paramName);
                    pt.setValue(secretValue);
                    amt.getParams().getParam().add(pt);
                }
            } finally {
                nonwatchHttp.getHttp().close();
                nonwatchHttp.getBcm().close();
            }
        }
        act.getAuthMech().add(amt);
    }
    return act;
}
Also used : AuthLockoutType(com.tremolosecurity.config.xml.AuthLockoutType) AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) JSONObject(org.json.simple.JSONObject) JSONArray(org.json.simple.JSONArray) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) JSONObject(org.json.simple.JSONObject) ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType) AuthChainType(com.tremolosecurity.config.xml.AuthChainType)

Example 2 with AuthMechType

use of com.tremolosecurity.config.xml.AuthMechType in project OpenUnison by TremoloSecurity.

the class RegisterPasswordResetAuth method doGet.

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    HttpSession session = ((HttpServletRequest) request).getSession();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    AuthController ac = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL));
    AuthInfo au = ac.getAuthInfo();
    Attribute uid = au.getAttribs().get(this.uidAttribute);
    if (uid == null) {
        logger.warn("Attribute : '" + this.uidAttribute + "' does not exist");
        as.setSuccess(false);
    } else {
        ResetUserPasswordOnLogout logoutHandler = new ResetUserPasswordOnLogout(this.workflowName, this.uidAttribute, uid.getValues().get(0));
        LogoutUtil.insertFirstLogoutHandler(request, logoutHandler);
        as.setSuccess(true);
    }
    holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
}
Also used : AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) AuthController(com.tremolosecurity.proxy.auth.AuthController) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) AuthChainType(com.tremolosecurity.config.xml.AuthChainType)

Example 3 with AuthMechType

use of com.tremolosecurity.config.xml.AuthMechType in project OpenUnison by TremoloSecurity.

the class OpenUnisonUtils method exportSPMetaData.

private static void exportSPMetaData(Options options, CommandLine cmd, TremoloType tt, KeyStore ks) throws Exception, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateEncodingException, MarshallingException {
    logger.info("Finding mechanism...");
    String mechanismName = loadOption(cmd, "mechanismName", options);
    MechanismType saml2Mech = loadMechanismType(mechanismName, tt);
    logger.info("...found");
    logger.info("Finding chain...");
    String chainName = loadOption(cmd, "chainName", options);
    AuthChainType act = loadChainType(chainName, tt);
    logger.info("Looking for correct mechanism on the chain...");
    AuthMechType currentMechanism = null;
    for (AuthMechType amt : act.getAuthMech()) {
        if (amt.getName().equalsIgnoreCase(mechanismName)) {
            currentMechanism = amt;
            break;
        }
    }
    if (currentMechanism == null) {
        System.err.println("Unknown chain on mechanism");
        System.exit(1);
    }
    InitializationService.initialize();
    logger.info("loading url base");
    String urlBase = loadOption(cmd, "urlBase", options);
    String url = urlBase + saml2Mech.getUri();
    SecureRandom random = new SecureRandom();
    byte[] idBytes = new byte[20];
    random.nextBytes(idBytes);
    String id = "f" + Hex.encodeHexString(idBytes);
    EntityDescriptorBuilder edb = new EntityDescriptorBuilder();
    EntityDescriptorImpl ed = (EntityDescriptorImpl) edb.buildObject();
    ed.setID(id);
    ed.setEntityID(url);
    SPSSODescriptorBuilder spb = new SPSSODescriptorBuilder();
    SPSSODescriptorImpl sp = (SPSSODescriptorImpl) spb.buildObject();
    ed.getRoleDescriptors().add(sp);
    HashMap<String, ParamWithValueType> params = new HashMap<String, ParamWithValueType>();
    for (ParamWithValueType pt : currentMechanism.getParams().getParam()) {
        params.put(pt.getName(), pt);
    }
    boolean assertionsSigned = params.get("assertionsSigned") != null && params.get("assertionsSigned").getValue().equalsIgnoreCase("true");
    sp.setWantAssertionsSigned(assertionsSigned);
    sp.addSupportedProtocol("urn:oasis:names:tc:SAML:2.0:protocol");
    SingleLogoutServiceBuilder slsb = new SingleLogoutServiceBuilder();
    SingleLogoutService sls = slsb.buildObject();
    sls.setLocation(url);
    sls.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
    sp.getSingleLogoutServices().add(sls);
    sls = slsb.buildObject();
    sls.setLocation(url);
    sls.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
    sp.getSingleLogoutServices().add(sls);
    AssertionConsumerServiceBuilder acsb = new AssertionConsumerServiceBuilder();
    AssertionConsumerService acs = acsb.buildObject();
    acs.setLocation(url);
    acs.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
    acs.setIndex(0);
    acs.setIsDefault(true);
    sp.getAssertionConsumerServices().add(acs);
    acs = acsb.buildObject();
    acs.setLocation(url);
    acs.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
    acs.setIndex(1);
    sp.getAssertionConsumerServices().add(acs);
    if (params.get("spSigKey") != null && !params.get("spSigKey").getValue().isEmpty()) {
        String alias = params.get("spSigKey").getValue();
        X509Certificate certFromKS = (X509Certificate) ks.getCertificate(alias);
        if (certFromKS == null) {
            throw new Exception("Certificate '" + params.get("spSigKey").getValue() + "' not found");
        }
        PrivateKey keyFromKS = (PrivateKey) ks.getKey(alias, tt.getKeyStorePassword().toCharArray());
        KeyDescriptorBuilder kdb = new KeyDescriptorBuilder();
        KeyDescriptor kd = kdb.buildObject();
        kd.setUse(UsageType.SIGNING);
        KeyInfoBuilder kib = new KeyInfoBuilder();
        KeyInfo ki = kib.buildObject();
        X509DataBuilder x509b = new X509DataBuilder();
        X509Data x509 = x509b.buildObject();
        X509CertificateBuilder certb = new X509CertificateBuilder();
        org.opensaml.xmlsec.signature.X509Certificate cert = certb.buildObject();
        cert.setValue(new String(Base64.encode(certFromKS.getEncoded())));
        x509.getX509Certificates().add(cert);
        ki.getX509Datas().add(x509);
        kd.setKeyInfo(ki);
        sp.getKeyDescriptors().add(kd);
    }
    if (params.get("spEncKey") != null && !params.get("spEncKey").getValue().isEmpty()) {
        String alias = params.get("spEncKey").getValue();
        X509Certificate certFromKS = (X509Certificate) ks.getCertificate(alias);
        if (certFromKS == null) {
            throw new Exception("Certificate '" + params.get("spEncKey").getValue() + "' not found");
        }
        PrivateKey keyFromKS = (PrivateKey) ks.getKey(alias, tt.getKeyStorePassword().toCharArray());
        KeyDescriptorBuilder kdb = new KeyDescriptorBuilder();
        KeyDescriptor kd = kdb.buildObject();
        kd.setUse(UsageType.ENCRYPTION);
        KeyInfoBuilder kib = new KeyInfoBuilder();
        KeyInfo ki = kib.buildObject();
        X509DataBuilder x509b = new X509DataBuilder();
        X509Data x509 = x509b.buildObject();
        X509CertificateBuilder certb = new X509CertificateBuilder();
        org.opensaml.xmlsec.signature.X509Certificate cert = certb.buildObject();
        cert.setValue(new String(Base64.encode(certFromKS.getEncoded())));
        x509.getX509Certificates().add(cert);
        ki.getX509Datas().add(x509);
        kd.setKeyInfo(ki);
        sp.getKeyDescriptors().add(kd);
    }
    EntityDescriptorMarshaller marshaller = new EntityDescriptorMarshaller();
    // Marshall the Subject
    Element assertionElement = marshaller.marshall(ed);
    String xml = net.shibboleth.utilities.java.support.xml.SerializeSupport.prettyPrintXML(assertionElement);
    logger.info(xml);
}
Also used : PrivateKey(java.security.PrivateKey) SPSSODescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorBuilder) HashMap(java.util.HashMap) KeyInfoBuilder(org.opensaml.xmlsec.signature.impl.KeyInfoBuilder) KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) EntityDescriptorMarshaller(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorMarshaller) X509Data(org.opensaml.xmlsec.signature.X509Data) EntityDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorBuilder) X509DataBuilder(org.opensaml.xmlsec.signature.impl.X509DataBuilder) KeyInfo(org.opensaml.xmlsec.signature.KeyInfo) SingleLogoutServiceBuilder(org.opensaml.saml.saml2.metadata.impl.SingleLogoutServiceBuilder) MechanismType(com.tremolosecurity.config.xml.MechanismType) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) EntityDescriptorImpl(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorImpl) SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService) AssertionConsumerServiceBuilder(org.opensaml.saml.saml2.metadata.impl.AssertionConsumerServiceBuilder) X509CertificateBuilder(org.opensaml.xmlsec.signature.impl.X509CertificateBuilder) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) SecureRandom(java.security.SecureRandom) X509Certificate(java.security.cert.X509Certificate) KeyStoreException(java.security.KeyStoreException) SignatureException(org.opensaml.xmlsec.signature.support.SignatureException) SecurityException(org.opensaml.security.SecurityException) UnmarshallingException(org.opensaml.core.xml.io.UnmarshallingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException) MarshallingException(org.opensaml.core.xml.io.MarshallingException) IOException(java.io.IOException) Base64DecodingException(org.apache.xml.security.exceptions.Base64DecodingException) ServletException(javax.servlet.ServletException) PropertyException(javax.xml.bind.PropertyException) JAXBException(javax.xml.bind.JAXBException) FileNotFoundException(java.io.FileNotFoundException) SAXException(org.xml.sax.SAXException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) CertificateException(java.security.cert.CertificateException) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) SPSSODescriptorImpl(org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorImpl) KeyDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.KeyDescriptorBuilder)

Example 4 with AuthMechType

use of com.tremolosecurity.config.xml.AuthMechType in project OpenUnison by TremoloSecurity.

the class OpenUnisonUtils method importMetaData.

private static void importMetaData(Options options, CommandLine cmd, String unisonXMLFile, TremoloType ttRead, TremoloType ttWrite, String ksPath, KeyStore ks) throws Exception, Base64DecodingException, CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, FileNotFoundException, JAXBException, PropertyException {
    logger.info("Finding mechanism...");
    String mechanismName = loadOption(cmd, "mechanismName", options);
    MechanismType saml2Mech = loadMechanismType(mechanismName, ttWrite);
    logger.info("...found");
    logger.info("Finding chain...");
    String chainName = loadOption(cmd, "chainName", options);
    AuthChainType act = loadChainType(chainName, ttWrite);
    boolean createDefault = cmd.hasOption("createDefault");
    logger.info("Create default configuration? : " + createDefault);
    logger.info("Loading metadata...");
    String pathToMetaData = loadOption(cmd, "pathToMetaData", options);
    logger.info("...loaded");
    EntityDescriptor ed = loadIdPMetaData(pathToMetaData, ks, ttRead);
    IDPSSODescriptor idp = ed.getIDPSSODescriptor("urn:oasis:names:tc:SAML:2.0:protocol");
    logger.info("Looking for correct mechanism on the chain...");
    AuthMechType currentMechanism = null;
    for (AuthMechType amt : act.getAuthMech()) {
        if (amt.getName().equalsIgnoreCase(mechanismName)) {
            currentMechanism = amt;
            break;
        }
    }
    boolean newMech = true;
    if (currentMechanism != null) {
        logger.info("Updating existing mechanism");
        newMech = false;
    } else {
        logger.info("Creating new mechanism");
        currentMechanism = new AuthMechType();
        currentMechanism.setName(mechanismName);
        currentMechanism.setRequired("required");
        currentMechanism.setParams(new AuthMechParamType());
        act.getAuthMech().add(currentMechanism);
        newMech = true;
    }
    HashMap<String, ParamWithValueType> params = new HashMap<String, ParamWithValueType>();
    for (ParamWithValueType pt : currentMechanism.getParams().getParam()) {
        params.put(pt.getName(), pt);
    }
    importMetaData(ks, ed, idp, currentMechanism, params);
    if (newMech && createDefault) {
        setDefaults(ks, ed, idp, currentMechanism, params);
    }
    storeMethod(unisonXMLFile, ttWrite, ksPath, ks);
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) HashMap(java.util.HashMap) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) MechanismType(com.tremolosecurity.config.xml.MechanismType) ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType) AuthChainType(com.tremolosecurity.config.xml.AuthChainType)

Example 5 with AuthMechType

use of com.tremolosecurity.config.xml.AuthMechType in project OpenUnison by TremoloSecurity.

the class UnisonConfigManagerImpl method loadAuthMechs.

/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.ConfigManager#loadAuthMechs()
	 */
/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.UnisonConfigManager#loadAuthMechs()
	 */
@Override
public void loadAuthMechs() throws ServletException {
    try {
        this.mechs = new HashMap<String, AuthMechanism>();
        // UnisonConfigManagerImpl tremoloCfg = (UnisonConfigManagerImpl) ctx.getAttribute(ConfigFilter.TREMOLO_CONFIG);
        if (getCfg().getAuthMechs() != null) {
            Iterator<MechanismType> mechs = getCfg().getAuthMechs().getMechanism().iterator();
            while (mechs.hasNext()) {
                MechanismType mt = mechs.next();
                initializeAuthenticationMechanism(mt);
            }
        }
    } catch (Exception e) {
        throw new ServletException("Could not initialize Auth Mechanism Filter", e);
    }
    for (String key : this.authChains.keySet()) {
        AuthChainType act = this.authChains.get(key);
        if (act.getLevel() == 0) {
            this.anonAct = act;
            String mechName = act.getAuthMech().get(0).getName();
            this.anonAuthMech = (AnonAuth) this.getAuthMech(this.authMechs.get(mechName).getUri());
        }
    }
    if (this.anonAuthMech == null) {
        this.anonAct = new AuthChainType();
        this.anonAct.setFinishOnRequiredSucess(true);
        this.anonAct.setLevel(0);
        this.anonAct.setName("anon");
        this.anonAuthMech = new AnonAuth();
    }
    if (this.alwaysFailAuth == null) {
        this.alwaysFailAuth = new AlwaysFail();
        String failAuthUri = this.ctxPath + "/fail";
        this.mechs.put(failAuthUri, alwaysFailAuth);
        MechanismType fmt = new MechanismType();
        fmt.setClassName("com.tremolosecurity.proxy.auth.AlwaysFail");
        fmt.setInit(new ConfigType());
        fmt.setParams(new ParamListType());
        fmt.setName("fail");
        fmt.setUri(failAuthUri);
        if (this.cfg.getAuthMechs() == null) {
            this.cfg.setAuthMechs(new AuthMechTypes());
        }
        this.cfg.getAuthMechs().getMechanism().add(fmt);
        this.alwaysFailAuthMech = fmt;
    }
    for (String key : this.authChains.keySet()) {
        AuthChainType act = this.authChains.get(key);
        for (AuthMechType amt : act.getAuthMech()) {
            if (amt.getName().equals(this.alwaysFailAuthMech.getName())) {
                this.authFailChain = act;
                break;
            }
        }
    }
    if (this.authFailChain == null) {
        this.authFailChain = new AuthChainType();
        this.authFailChain.setLevel(0);
        this.authFailChain.setName("alwaysfail");
        AuthMechType amt = new AuthMechType();
        amt.setName(this.alwaysFailAuthMech.getName());
        amt.setRequired("required");
        amt.setParams(new AuthMechParamType());
        this.authFailChain.getAuthMech().add(amt);
    }
    try {
        if (this.getCfg().getAuthMechs() != null && this.getCfg().getAuthMechs().getDynamicAuthMechs() != null && this.getCfg().getAuthMechs().getDynamicAuthMechs().isEnabled()) {
            DynamicPortalUrlsType dynamicAuthMechs = this.getCfg().getAuthMechs().getDynamicAuthMechs();
            String className = dynamicAuthMechs.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicAuthMechs.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicAuthMechs dynCustomAuMechs = (DynamicAuthMechs) Class.forName(className).newInstance();
            dynCustomAuMechs.loadDynamicAuthMechs(this, this.getProvisioningEngine(), cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException | ProvisioningException e) {
        throw new ServletException("Could not initialize authentication mechanisms", e);
    }
}
Also used : AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) AnonAuth(com.tremolosecurity.proxy.auth.AnonAuth) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) ServletException(javax.servlet.ServletException) DynamicAuthMechs(com.tremolosecurity.proxy.dynamicloaders.DynamicAuthMechs) AuthMechanism(com.tremolosecurity.proxy.auth.AuthMechanism) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) MechanismType(com.tremolosecurity.config.xml.MechanismType) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) ConfigType(com.tremolosecurity.config.xml.ConfigType) ParamListType(com.tremolosecurity.config.xml.ParamListType) AuthMechTypes(com.tremolosecurity.config.xml.AuthMechTypes) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) KeyStoreException(java.security.KeyStoreException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) KeyManagementException(java.security.KeyManagementException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) LDAPException(com.novell.ldap.LDAPException) AzException(com.tremolosecurity.proxy.az.AzException) IOException(java.io.IOException) ServletException(javax.servlet.ServletException) JAXBException(javax.xml.bind.JAXBException) FileNotFoundException(java.io.FileNotFoundException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) CertificateException(java.security.cert.CertificateException) AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) ParamType(com.tremolosecurity.config.xml.ParamType) AlwaysFail(com.tremolosecurity.proxy.auth.AlwaysFail) DynamicPortalUrlsType(com.tremolosecurity.config.xml.DynamicPortalUrlsType)

Aggregations

AuthMechType (com.tremolosecurity.config.xml.AuthMechType)35 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)34 HashMap (java.util.HashMap)28 UrlHolder (com.tremolosecurity.config.util.UrlHolder)26 HttpSession (javax.servlet.http.HttpSession)24 Attribute (com.tremolosecurity.saml.Attribute)23 HttpServletRequest (javax.servlet.http.HttpServletRequest)23 ServletException (javax.servlet.ServletException)22 IOException (java.io.IOException)15 LDAPAttribute (com.novell.ldap.LDAPAttribute)14 LDAPException (com.novell.ldap.LDAPException)12 AuthController (com.tremolosecurity.proxy.auth.AuthController)11 RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)10 ParamWithValueType (com.tremolosecurity.config.xml.ParamWithValueType)8 MechanismType (com.tremolosecurity.config.xml.MechanismType)7 MyVDConnection (com.tremolosecurity.proxy.myvd.MyVDConnection)7 ArrayList (java.util.ArrayList)7 ConfigManager (com.tremolosecurity.config.util.ConfigManager)6 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)5 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)5