Examples with IdentityMapper org.apache.cxf.sts.IdentityMapper used on opensource projects

Search in sources :

Example 1 with IdentityMapper

use of org.apache.cxf.sts.IdentityMapper in project cxf by apache.

the class AbstractOperation method processValidToken.

protected void processValidToken(TokenProviderParameters providerParameters, ReceivedToken validatedToken, TokenValidatorResponse tokenResponse) {
    // Map the principal (if it exists)
    Principal responsePrincipal = tokenResponse.getPrincipal();
    if (responsePrincipal != null) {
        String targetRealm = providerParameters.getRealm();
        String sourceRealm = tokenResponse.getTokenRealm();
        if (sourceRealm != null && targetRealm != null && !sourceRealm.equals(targetRealm)) {
            RelationshipResolver relRes = stsProperties.getRelationshipResolver();
            Relationship relationship = null;
            if (relRes != null) {
                relationship = relRes.resolveRelationship(sourceRealm, targetRealm);
                if (relationship != null) {
                    tokenResponse.getAdditionalProperties().put(Relationship.class.getName(), relationship);
                }
            }
            if (relationship == null || relationship.getType().equals(Relationship.FED_TYPE_IDENTITY)) {
                // federate identity
                IdentityMapper identityMapper = null;
                if (relationship == null) {
                    identityMapper = stsProperties.getIdentityMapper();
                } else {
                    identityMapper = relationship.getIdentityMapper();
                }
                if (identityMapper != null) {
                    Principal targetPrincipal = identityMapper.mapPrincipal(sourceRealm, responsePrincipal, targetRealm);
                    validatedToken.setPrincipal(targetPrincipal);
                } else {
                    LOG.log(Level.SEVERE, "No IdentityMapper configured in STSProperties or Relationship");
                    throw new STSException("Error in providing a token", STSException.REQUEST_FAILED);
                }
            } else if (relationship.getType().equals(Relationship.FED_TYPE_CLAIMS)) {
            // federate claims
            // Claims are transformed at the time when the claims are required to create a token
            // (ex. ClaimsAttributeStatementProvider)
            // principal remains unchanged
            } else {
                LOG.log(Level.SEVERE, "Unknown federation type: " + relationship.getType());
                throw new STSException("Error in providing a token", STSException.BAD_REQUEST);
            }
        }
    }
}
Also used : RelationshipResolver(org.apache.cxf.sts.token.realm.RelationshipResolver) IdentityMapper(org.apache.cxf.sts.IdentityMapper) Relationship(org.apache.cxf.sts.token.realm.Relationship) STSException(org.apache.cxf.ws.security.sts.provider.STSException) Principal(java.security.Principal)

Example 2 with IdentityMapper

use of org.apache.cxf.sts.IdentityMapper in project cxf by apache.

the class EhCacheIdentityCacheTest method testTwoDistinctAndTwoRelatedMapping.

@org.junit.Test
public void testTwoDistinctAndTwoRelatedMapping() {
    IdentityMapper mapper = new CacheIdentityMapper();
    Bus bus = BusFactory.getDefaultBus();
    EHCacheIdentityCache cache = new EHCacheIdentityCache(mapper, bus);
    cache.mapPrincipal("REALM_A", new CustomTokenPrincipal("user_aaa"), "REALM_B");
    cache.mapPrincipal("REALM_D", new CustomTokenPrincipal("user_ddd"), "REALM_E");
    assertEquals(4, cache.size());
    // No Mapping occured between A,B and D,E (C not involved at all)
    assertEquals(2, cache.get("user_aaa", "REALM_A").size());
    assertEquals(2, cache.get("user_bbb", "REALM_B").size());
    assertEquals(2, cache.get("user_ddd", "REALM_D").size());
    assertEquals(2, cache.get("user_eee", "REALM_E").size());
    cache.mapPrincipal("REALM_B", new CustomTokenPrincipal("user_bbb"), "REALM_C");
    assertEquals(5, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    assertNotNull(cache.get("user_ccc", "REALM_C"));
    assertNotNull(cache.get("user_ddd", "REALM_D"));
    assertNotNull(cache.get("user_eee", "REALM_E"));
    assertEquals(3, cache.get("user_aaa", "REALM_A").size());
    assertEquals(3, cache.get("user_bbb", "REALM_B").size());
    assertEquals(3, cache.get("user_ccc", "REALM_C").size());
    // No mapping occurred between A,B,C and D,E -> distinct
    assertEquals(2, cache.get("user_ddd", "REALM_D").size());
    assertEquals(2, cache.get("user_eee", "REALM_E").size());
    cache.mapPrincipal("REALM_C", new CustomTokenPrincipal("user_ccc"), "REALM_E");
    // All mappings are known now
    assertEquals(5, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    assertNotNull(cache.get("user_ccc", "REALM_C"));
    assertNotNull(cache.get("user_ddd", "REALM_D"));
    assertNotNull(cache.get("user_eee", "REALM_E"));
    assertEquals(5, cache.get("user_aaa", "REALM_A").size());
    assertEquals(5, cache.get("user_bbb", "REALM_B").size());
    assertEquals(5, cache.get("user_ccc", "REALM_C").size());
    assertEquals(5, cache.get("user_ddd", "REALM_D").size());
    assertEquals(5, cache.get("user_eee", "REALM_E").size());
    cache.close();
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Bus(org.apache.cxf.Bus) IdentityMapper(org.apache.cxf.sts.IdentityMapper)

Example 3 with IdentityMapper

use of org.apache.cxf.sts.IdentityMapper in project cxf by apache.

the class EhCacheIdentityCacheTest method testOneMapping.

// tests TokenStore apis for storing in the cache.
@org.junit.Test
public void testOneMapping() throws Exception {
    IdentityMapper mapper = new CacheIdentityMapper();
    Bus bus = BusFactory.getDefaultBus();
    EHCacheIdentityCache cache = new EHCacheIdentityCache(mapper, bus);
    cache.mapPrincipal("REALM_A", new CustomTokenPrincipal("user_aaa"), "REALM_B");
    assertEquals(2, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    cache.close();
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Bus(org.apache.cxf.Bus) IdentityMapper(org.apache.cxf.sts.IdentityMapper)

Example 4 with IdentityMapper

use of org.apache.cxf.sts.IdentityMapper in project cxf by apache.

the class MemoryIdentityCacheTest method testTwoDistinctAndTwoRelatedMapping.

@org.junit.Test
public void testTwoDistinctAndTwoRelatedMapping() {
    IdentityMapper mapper = new CacheIdentityMapper();
    MemoryIdentityCache cache = new MemoryIdentityCache(mapper);
    cache.mapPrincipal("REALM_A", new CustomTokenPrincipal("user_aaa"), "REALM_B");
    cache.mapPrincipal("REALM_D", new CustomTokenPrincipal("user_ddd"), "REALM_E");
    assertEquals(4, cache.size());
    // No Mapping occured between A,B and D,E (C not involved at all)
    assertEquals(2, cache.get("user_aaa", "REALM_A").size());
    assertEquals(2, cache.get("user_bbb", "REALM_B").size());
    assertEquals(2, cache.get("user_ddd", "REALM_D").size());
    assertEquals(2, cache.get("user_eee", "REALM_E").size());
    cache.mapPrincipal("REALM_B", new CustomTokenPrincipal("user_bbb"), "REALM_C");
    assertEquals(5, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    assertNotNull(cache.get("user_ccc", "REALM_C"));
    assertNotNull(cache.get("user_ddd", "REALM_D"));
    assertNotNull(cache.get("user_eee", "REALM_E"));
    assertEquals(3, cache.get("user_aaa", "REALM_A").size());
    assertEquals(3, cache.get("user_bbb", "REALM_B").size());
    assertEquals(3, cache.get("user_ccc", "REALM_C").size());
    // No mapping occurred between A,B,C and D,E -> distinct
    assertEquals(2, cache.get("user_ddd", "REALM_D").size());
    assertEquals(2, cache.get("user_eee", "REALM_E").size());
    cache.mapPrincipal("REALM_C", new CustomTokenPrincipal("user_ccc"), "REALM_E");
    // All mappings are known now
    assertEquals(5, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    assertNotNull(cache.get("user_ccc", "REALM_C"));
    assertNotNull(cache.get("user_ddd", "REALM_D"));
    assertNotNull(cache.get("user_eee", "REALM_E"));
    assertEquals(5, cache.get("user_aaa", "REALM_A").size());
    assertEquals(5, cache.get("user_bbb", "REALM_B").size());
    assertEquals(5, cache.get("user_ccc", "REALM_C").size());
    assertEquals(5, cache.get("user_ddd", "REALM_D").size());
    assertEquals(5, cache.get("user_eee", "REALM_E").size());
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) IdentityMapper(org.apache.cxf.sts.IdentityMapper)

Example 5 with IdentityMapper

use of org.apache.cxf.sts.IdentityMapper in project cxf by apache.

the class EhCacheIdentityCacheTest method testTwoDistinctAndOneRelatedMapping.

@org.junit.Test
public void testTwoDistinctAndOneRelatedMapping() {
    IdentityMapper mapper = new CacheIdentityMapper();
    Bus bus = BusFactory.getDefaultBus();
    EHCacheIdentityCache cache = new EHCacheIdentityCache(mapper, bus);
    cache.mapPrincipal("REALM_A", new CustomTokenPrincipal("user_aaa"), "REALM_B");
    cache.mapPrincipal("REALM_C", new CustomTokenPrincipal("user_ccc"), "REALM_D");
    cache.mapPrincipal("REALM_A", new CustomTokenPrincipal("user_aaa"), "REALM_D");
    // now, mapping from A -> D and B -> D are cached as well
    assertEquals(4, cache.size());
    assertNotNull(cache.get("user_aaa", "REALM_A"));
    assertNotNull(cache.get("user_bbb", "REALM_B"));
    assertNotNull(cache.get("user_ccc", "REALM_C"));
    assertNotNull(cache.get("user_ddd", "REALM_D"));
    assertEquals(4, cache.get("user_aaa", "REALM_A").size());
    assertEquals(4, cache.get("user_bbb", "REALM_B").size());
    assertEquals(4, cache.get("user_ccc", "REALM_C").size());
    assertEquals(4, cache.get("user_ddd", "REALM_D").size());
    cache.close();
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Bus(org.apache.cxf.Bus) IdentityMapper(org.apache.cxf.sts.IdentityMapper)

Aggregations

IdentityMapper (org.apache.cxf.sts.IdentityMapper)9 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)8 Bus (org.apache.cxf.Bus)4 Principal (java.security.Principal)1 Relationship (org.apache.cxf.sts.token.realm.Relationship)1 RelationshipResolver (org.apache.cxf.sts.token.realm.RelationshipResolver)1 STSException (org.apache.cxf.ws.security.sts.provider.STSException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial