Examples with SoapSTSKeystoreConfig org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig used on opensource projects

Search in sources :

Example 1 with SoapSTSKeystoreConfig

use of org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig in project OpenAM by OpenRock.

the class SoapSTSInstanceStateServiceListenerTest method createInstanceConfig.

private SoapSTSInstanceConfig createInstanceConfig(String amDeploymentUrl) throws UnsupportedEncodingException {
    AuthTargetMapping mapping = AuthTargetMapping.builder().addMapping(TokenType.USERNAME, "service", "ldap").build();
    SoapDeploymentConfig deploymentConfig = SoapDeploymentConfig.builder().portQName(AMSTSConstants.STANDARD_STS_PORT_QNAME).serviceQName(AMSTSConstants.STANDARD_STS_SERVICE_NAME).wsdlLocation("wsdl_loc").realm("realm").amDeploymentUrl(amDeploymentUrl).uriElement(DEPLOYMENT_URL_ELEMENT).authTargetMapping(mapping).build();
    SoapSTSKeystoreConfig keystoreConfig = SoapSTSKeystoreConfig.builder().keystoreFileName("stsstore.jks").keystorePassword("stsspass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).encryptionKeyAlias("mystskey").signatureKeyAlias("mystskey").encryptionKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).signatureKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).build();
    Map<String, String> attributes = new HashMap<>();
    attributes.put("email", "mail");
    SAML2Config saml2Config = SAML2Config.builder().attributeMap(attributes).nameIdFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent").spEntityId("http://host.com/sp/entity/id").idpId("da_idp").build();
    SoapSTSInstanceConfig.SoapSTSInstanceConfigBuilderBase<?> builder = SoapSTSInstanceConfig.builder();
    builder.addSecurityPolicyTokenValidationConfiguration(TokenType.OPENAM, false);
    builder.addIssueTokenType(TokenType.SAML2);
    return builder.deploymentConfig(deploymentConfig).soapSTSKeystoreConfig(keystoreConfig).saml2Config(saml2Config).build();
}
Also used : SoapSTSKeystoreConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig) SAML2Config(org.forgerock.openam.sts.config.user.SAML2Config) SoapSTSInstanceConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSInstanceConfig) AuthTargetMapping(org.forgerock.openam.sts.config.user.AuthTargetMapping) HashMap(java.util.HashMap) SoapDeploymentConfig(org.forgerock.openam.sts.soap.config.user.SoapDeploymentConfig)

Example 2 with SoapSTSKeystoreConfig

use of org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig in project OpenAM by OpenRock.

the class TokenDelegationHandlersProviderTest method createInstanceConfig.

private SoapSTSInstanceConfig createInstanceConfig(boolean delegationValidatorsSpecified, boolean customDelegationHandler) throws UnsupportedEncodingException {
    AuthTargetMapping mapping = AuthTargetMapping.builder().addMapping(TokenType.USERNAME, "service", "ldap").build();
    SoapDeploymentConfig deploymentConfig = SoapDeploymentConfig.builder().portQName(AMSTSConstants.STANDARD_STS_PORT_QNAME).serviceQName(AMSTSConstants.STANDARD_STS_SERVICE_NAME).wsdlLocation("wsdl_loc").realm("realm").amDeploymentUrl("http://host.com/am:443").uriElement("inst1222").authTargetMapping(mapping).build();
    SoapSTSKeystoreConfig keystoreConfig;
    keystoreConfig = SoapSTSKeystoreConfig.builder().keystoreFileName("stsstore.jks").keystorePassword("stsspass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).encryptionKeyAlias("mystskey").signatureKeyAlias("mystskey").encryptionKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).signatureKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).build();
    SoapSTSInstanceConfig.SoapSTSInstanceConfigBuilderBase<?> builder = SoapSTSInstanceConfig.builder();
    builder.addSecurityPolicyTokenValidationConfiguration(TokenType.OPENAM, false);
    builder.addIssueTokenType(TokenType.SAML2);
    Map<String, String> attributeMap = new HashMap<>();
    attributeMap.put("mail", "email");
    attributeMap.put("uid", "id");
    SAML2Config saml2Config = SAML2Config.builder().nameIdFormat("transient").tokenLifetimeInSeconds(500000).spEntityId("http://host.com/saml2/sp/entity/id").encryptAssertion(true).signAssertion(true).encryptionAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc").encryptionKeyAlias("test").signatureKeyAlias("test").signatureKeyPassword("super.secret".getBytes()).encryptionAlgorithmStrength(128).keystoreFile("da/directory/file").keystorePassword("super.secret".getBytes()).attributeMap(attributeMap).idpId("da_idp").build();
    boolean delegationRelationshipsSupported = customDelegationHandler || delegationValidatorsSpecified;
    if (delegationRelationshipsSupported) {
        SoapDelegationConfig.SoapDelegationConfigBuilder delegationConfigBuilder = SoapDelegationConfig.builder();
        if (delegationValidatorsSpecified) {
            delegationConfigBuilder.addValidatedDelegationTokenType(TokenType.USERNAME, true).addValidatedDelegationTokenType(TokenType.OPENAM, false);
        }
        if (customDelegationHandler) {
            delegationConfigBuilder.addCustomDelegationTokenHandler("org.forgerock.openam.sts.soap.token.delegation.DefaultTokenDelegationHandler");
        }
        builder.soapDelegationConfig(delegationConfigBuilder.build());
    }
    return builder.deploymentConfig(deploymentConfig).soapSTSKeystoreConfig(keystoreConfig).saml2Config(saml2Config).delegationRelationshipsSupported(delegationRelationshipsSupported).build();
}
Also used : SoapSTSKeystoreConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig) SAML2Config(org.forgerock.openam.sts.config.user.SAML2Config) SoapSTSInstanceConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSInstanceConfig) SoapDelegationConfig(org.forgerock.openam.sts.soap.config.user.SoapDelegationConfig) AuthTargetMapping(org.forgerock.openam.sts.config.user.AuthTargetMapping) HashMap(java.util.HashMap) SoapDeploymentConfig(org.forgerock.openam.sts.soap.config.user.SoapDeploymentConfig)

Example 3 with SoapSTSKeystoreConfig

use of org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig in project OpenAM by OpenRock.

the class SoapSTSInstanceStateProviderTest method createInstanceConfig.

private SoapSTSInstanceConfig createInstanceConfig() throws UnsupportedEncodingException {
    AuthTargetMapping mapping = AuthTargetMapping.builder().addMapping(TokenType.USERNAME, "service", "ldap").build();
    SoapDeploymentConfig deploymentConfig = SoapDeploymentConfig.builder().portQName(AMSTSConstants.STANDARD_STS_PORT_QNAME).serviceQName(AMSTSConstants.STANDARD_STS_SERVICE_NAME).wsdlLocation("wsdl_loc").realm("realm").amDeploymentUrl(AM_DEPLOYMENT_URL).uriElement(DEPLOYMENT_URL_ELEMENT).authTargetMapping(mapping).build();
    SoapSTSKeystoreConfig keystoreConfig = SoapSTSKeystoreConfig.builder().keystoreFileName("stsstore.jks").keystorePassword("stsspass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).encryptionKeyAlias("mystskey").signatureKeyAlias("mystskey").encryptionKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).signatureKeyPassword("stskpass".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).build();
    Map<String, String> attributes = new HashMap<>();
    attributes.put("email", "mail");
    SAML2Config saml2Config = SAML2Config.builder().attributeMap(attributes).nameIdFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent").spEntityId("http://host.com/sp/entity/id").idpId("da_idp").build();
    return SoapSTSInstanceConfig.builder().addIssueTokenType(TokenType.SAML2).addSecurityPolicyTokenValidationConfiguration(TokenType.OPENAM, false).deploymentConfig(deploymentConfig).soapSTSKeystoreConfig(keystoreConfig).saml2Config(saml2Config).build();
}
Also used : SoapSTSKeystoreConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig) SAML2Config(org.forgerock.openam.sts.config.user.SAML2Config) AuthTargetMapping(org.forgerock.openam.sts.config.user.AuthTargetMapping) HashMap(java.util.HashMap) SoapDeploymentConfig(org.forgerock.openam.sts.soap.config.user.SoapDeploymentConfig)

Example 4 with SoapSTSKeystoreConfig

use of org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig in project OpenAM by OpenRock.

the class SoapSTSInstancePublisherImplTest method createInstanceConfig.

private SoapSTSInstanceConfig createInstanceConfig(String uriElement, String amDeploymentUrl) throws UnsupportedEncodingException {
    AuthTargetMapping mapping = AuthTargetMapping.builder().addMapping(TokenType.USERNAME, "service", "ldap").build();
    SoapDeploymentConfig deploymentConfig = SoapDeploymentConfig.builder().portQName(AMSTSConstants.STANDARD_STS_PORT_QNAME).serviceQName(AMSTSConstants.STANDARD_STS_SERVICE_NAME).wsdlLocation("wsdl_loc").realm("realm").amDeploymentUrl(amDeploymentUrl).uriElement(uriElement).authTargetMapping(mapping).build();
    SoapSTSKeystoreConfig keystoreConfig = SoapSTSKeystoreConfig.builder().keystoreFileName("stsstore.jks").keystorePassword("frstssrvkspw".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).encryptionKeyAlias("frstssrval").encryptionKeyPassword("frstssrvpw".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).signatureKeyAlias("frstssrval").signatureKeyPassword("frstssrvpw".getBytes(AMSTSConstants.UTF_8_CHARSET_ID)).build();
    SoapSTSInstanceConfig.SoapSTSInstanceConfigBuilderBase<?> builder = SoapSTSInstanceConfig.builder();
    builder.addSecurityPolicyTokenValidationConfiguration(TokenType.OPENAM, false);
    builder.addSecurityPolicyTokenValidationConfiguration(TokenType.USERNAME, true);
    builder.addIssueTokenType(TokenType.SAML2);
    Map<String, String> attributeMap = new HashMap<>();
    attributeMap.put("mail", "email");
    attributeMap.put("uid", "id");
    SAML2Config saml2Config = SAML2Config.builder().nameIdFormat("transient").tokenLifetimeInSeconds(500000).spEntityId("http://host.com/saml2/sp/entity/id").encryptAssertion(true).signAssertion(true).encryptionAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc").encryptionKeyAlias("test").signatureKeyAlias("test").signatureKeyPassword("super.secret".getBytes()).encryptionAlgorithmStrength(128).keystoreFile("da/directory/file").keystorePassword("super.secret".getBytes()).attributeMap(attributeMap).idpId("da_idp").build();
    return builder.deploymentConfig(deploymentConfig).soapSTSKeystoreConfig(keystoreConfig).saml2Config(saml2Config).build();
}
Also used : SoapSTSKeystoreConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig) SAML2Config(org.forgerock.openam.sts.config.user.SAML2Config) SoapSTSInstanceConfig(org.forgerock.openam.sts.soap.config.user.SoapSTSInstanceConfig) AuthTargetMapping(org.forgerock.openam.sts.config.user.AuthTargetMapping) HashMap(java.util.HashMap) SoapDeploymentConfig(org.forgerock.openam.sts.soap.config.user.SoapDeploymentConfig)

Aggregations

HashMap (java.util.HashMap)4 AuthTargetMapping (org.forgerock.openam.sts.config.user.AuthTargetMapping)4 SAML2Config (org.forgerock.openam.sts.config.user.SAML2Config)4 SoapDeploymentConfig (org.forgerock.openam.sts.soap.config.user.SoapDeploymentConfig)4 SoapSTSKeystoreConfig (org.forgerock.openam.sts.soap.config.user.SoapSTSKeystoreConfig)4 SoapSTSInstanceConfig (org.forgerock.openam.sts.soap.config.user.SoapSTSInstanceConfig)3 SoapDelegationConfig (org.forgerock.openam.sts.soap.config.user.SoapDelegationConfig)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial