Example 1 with RelationshipResolver
use of org.apache.cxf.sts.token.realm.RelationshipResolver in project cxf by apache.
the class AbstractOperation method processValidToken.
protected void processValidToken(TokenProviderParameters providerParameters, ReceivedToken validatedToken, TokenValidatorResponse tokenResponse) {
// Map the principal (if it exists)
Principal responsePrincipal = tokenResponse.getPrincipal();
if (responsePrincipal != null) {
String targetRealm = providerParameters.getRealm();
String sourceRealm = tokenResponse.getTokenRealm();
if (sourceRealm != null && targetRealm != null && !sourceRealm.equals(targetRealm)) {
RelationshipResolver relRes = stsProperties.getRelationshipResolver();
Relationship relationship = null;
if (relRes != null) {
relationship = relRes.resolveRelationship(sourceRealm, targetRealm);
if (relationship != null) {
tokenResponse.getAdditionalProperties().put(Relationship.class.getName(), relationship);
}
}
if (relationship == null || relationship.getType().equals(Relationship.FED_TYPE_IDENTITY)) {
// federate identity
IdentityMapper identityMapper = null;
if (relationship == null) {
identityMapper = stsProperties.getIdentityMapper();
} else {
identityMapper = relationship.getIdentityMapper();
}
if (identityMapper != null) {
Principal targetPrincipal = identityMapper.mapPrincipal(sourceRealm, responsePrincipal, targetRealm);
validatedToken.setPrincipal(targetPrincipal);
} else {
LOG.log(Level.SEVERE, "No IdentityMapper configured in STSProperties or Relationship");
throw new STSException("Error in providing a token", STSException.REQUEST_FAILED);
}
} else if (relationship.getType().equals(Relationship.FED_TYPE_CLAIMS)) {
// federate claims
// Claims are transformed at the time when the claims are required to create a token
// (ex. ClaimsAttributeStatementProvider)
// principal remains unchanged
} else {
LOG.log(Level.SEVERE, "Unknown federation type: " + relationship.getType());
throw new STSException("Error in providing a token", STSException.BAD_REQUEST);
}
}
}
}
Also used :
RelationshipResolver(org.apache.cxf.sts.token.realm.RelationshipResolver)
IdentityMapper(org.apache.cxf.sts.IdentityMapper)
Relationship(org.apache.cxf.sts.token.realm.Relationship)
STSException(org.apache.cxf.ws.security.sts.provider.STSException)
Principal(java.security.Principal)
Example 2 with RelationshipResolver
use of org.apache.cxf.sts.token.realm.RelationshipResolver in project ddf by codice.
the class StaticStsProperties method setRelationships.
public void setRelationships(List<Relationship> relationships) {
this.relationships = relationships;
this.relationshipResolver = new RelationshipResolver(this.relationships);
}
Also used :
RelationshipResolver(org.apache.cxf.sts.token.realm.RelationshipResolver)
Example 3 with RelationshipResolver
use of org.apache.cxf.sts.token.realm.RelationshipResolver in project cxf by apache.
the class StaticSTSProperties method setRelationships.
public void setRelationships(List<Relationship> relationships) {
this.relationships = relationships;
this.relationshipResolver = new RelationshipResolver(this.relationships);
}
Also used :
RelationshipResolver(org.apache.cxf.sts.token.realm.RelationshipResolver)
Aggregations
RelationshipResolver (org.apache.cxf.sts.token.realm.RelationshipResolver)3
Principal (java.security.Principal)1
IdentityMapper (org.apache.cxf.sts.IdentityMapper)1
Relationship (org.apache.cxf.sts.token.realm.Relationship)1
STSException (org.apache.cxf.ws.security.sts.provider.STSException)1
