use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class InumService method containsTrustRelationship.
public boolean containsTrustRelationship(String inum, String gluuInum) {
GluuSAMLTrustRelationship tRelation = new GluuSAMLTrustRelationship();
tRelation.setBaseDn(String.format("inum=%s,ou=trustRelationships,inum=%s,o=gluu", inum, gluuInum));
return ldapEntryManager.contains(tRelation);
}
use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class UpdateTrustRelationshipAction method save.
public String save() {
synchronized (svnSyncTimer) {
if (StringHelper.isEmpty(this.trustRelationship.getInum())) {
this.inum = trustService.generateInumForNewTrustRelationship();
this.trustRelationship.setInum(this.inum);
} else {
this.inum = this.trustRelationship.getInum();
if (this.trustRelationship.getSpMetaDataFN() == null)
update = true;
}
boolean updateShib3Configuration = appConfiguration.isConfigGeneration();
switch(trustRelationship.getSpMetaDataSourceType()) {
case GENERATE:
String certificate = getCertForGeneratedSP();
GluuStatus status = StringHelper.isNotEmpty(certificate) ? GluuStatus.ACTIVE : GluuStatus.INACTIVE;
this.trustRelationship.setStatus(status);
if (generateSpMetaDataFile(certificate)) {
setEntityId();
} else {
log.error("Failed to generate SP meta-data file");
return OxTrustConstants.RESULT_FAILURE;
}
break;
case FILE:
if (saveSpMetaDataFileSourceTypeFile()) {
//update = true;
updateSpMetaDataCert(certWrapper);
// setEntityId();
if (!update) {
this.trustRelationship.setStatus(GluuStatus.ACTIVE);
}
} else {
log.error("Failed to save SP meta-data file {}", fileWrapper);
return OxTrustConstants.RESULT_FAILURE;
}
break;
case URI:
try {
//if (saveSpMetaDataFileSourceTypeURI()) {
// setEntityId();
boolean result = shibboleth3ConfService.existsResourceUri(trustRelationship.getSpMetaDataURL());
if (result) {
newThreadSaveSpMetaDataFileSourceTypeURI();
} else {
log.info("There is no resource found Uri : {}", trustRelationship.getSpMetaDataURL());
}
if (!update) {
this.trustRelationship.setStatus(GluuStatus.ACTIVE);
}
/*} else {
log.error("Failed to save SP meta-data file {}", fileWrapper);
return OxTrustConstants.RESULT_FAILURE;
}*/
} catch (Exception e) {
return "unable_download_metadata";
}
break;
case FEDERATION:
if (!update) {
this.trustRelationship.setStatus(GluuStatus.ACTIVE);
}
if (this.trustRelationship.getEntityId() == null) {
return "invalid_entity_id";
}
break;
default:
break;
}
trustService.updateReleasedAttributes(this.trustRelationship);
boolean federation = shibboleth3ConfService.isFederation(this.trustRelationship);
this.trustRelationship.setFederation(federation);
trustContactsAction.saveContacts();
if (update) {
try {
saveTR(update);
} catch (LdapMappingException ex) {
log.error("Failed to update trust relationship {}", ex, inum);
return OxTrustConstants.RESULT_FAILURE;
}
} else {
String dn = trustService.getDnForTrustRelationShip(this.inum);
// Save trustRelationship
this.trustRelationship.setDn(dn);
try {
saveTR(update);
} catch (LdapMappingException ex) {
log.error("Failed to add new trust relationship {}", ex, this.trustRelationship.getInum());
return OxTrustConstants.RESULT_FAILURE;
}
this.update = true;
}
if (updateShib3Configuration) {
List<GluuSAMLTrustRelationship> trustRelationships = trustService.getAllActiveTrustRelationships();
updateShibboleth3Configuration(trustRelationships);
}
}
return OxTrustConstants.RESULT_SUCCESS;
}
use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class SvnSyncTimer method commitShibboleth3Configuration.
private void commitShibboleth3Configuration(List<GluuSAMLTrustRelationship> trustRelationships) {
synchronized (this) {
List<SubversionFile> subversionFiles = new ArrayList<SubversionFile>();
try {
subversionFiles = subversionService.getDifferentFiles(shibboleth3ConfService.getConfigurationFilesForSubversion(trustRelationships));
} catch (IOException e) {
log.error("Failed to prepare files list to be persisted in svn", e);
}
List<SubversionFile> removeSubversionFiles = new ArrayList<SubversionFile>();
while (!removedTrustRelationship.isEmpty()) {
Pair<GluuSAMLTrustRelationship, String> removedRelationship = removedTrustRelationship.poll();
SubversionFile file = shibboleth3ConfService.getConfigurationFileForSubversion(removedRelationship.getValue0());
if (file != null) {
removeSubversionFiles.add(file);
}
}
String idpSvnComment = "";
// Find all TRs modified not by user.
for (SubversionFile file : subversionFiles) {
String filename = file.getLocalFile();
if (filename.matches(".*/DA[0-9A-F]*-sp-metadata\\.xml")) {
boolean found = false;
String inum = filename.replaceAll("-sp-metadata\\.xml", "").replaceAll(".*/", "");
for (Pair<GluuSAMLTrustRelationship, String> trust : alteredTrustRelations) {
if (StringHelper.removePunctuation(trust.getValue0().getInum()).equals(inum)) {
found = true;
break;
}
}
if (!found) {
GluuSAMLTrustRelationship unknownTrust = trustService.getTrustByUnpunctuatedInum(inum);
if (unknownTrust != null) {
idpSvnComment += "Trust relationship '" + unknownTrust.getDisplayName() + "' was updated automatically\n";
} else {
idpSvnComment += "Appliance have no information about '" + filename + "'. Please report this issue to appliance admin.\n";
}
}
}
}
log.debug("Files to be persisted in repository: " + StringHelper.toString(subversionFiles.toArray(new SubversionFile[] {})));
log.debug("Files to be removed from repository: " + StringHelper.toString(removeSubversionFiles.toArray(new SubversionFile[] {})));
if (!subversionService.commitShibboleth3ConfigurationFiles(organizationService.getOrganization(), subversionFiles, removeSubversionFiles, svnComment + idpSvnComment)) {
log.error("Failed to commit Shibboleth3 configuration to SVN repository");
} else {
svnComment = "";
alteredTrustRelations.clear();
log.info("Shibboleth3 configuration commited successfully to SVN repository");
}
}
}
use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class TrustService method getAllActiveTrustRelationships.
public List<GluuSAMLTrustRelationship> getAllActiveTrustRelationships() {
GluuSAMLTrustRelationship trustRelationship = new GluuSAMLTrustRelationship();
trustRelationship.setBaseDn(getDnForTrustRelationShip(null));
trustRelationship.setStatus(GluuStatus.ACTIVE);
return ldapEntryManager.findEntries(trustRelationship);
}
use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class TrustService method addTrustRelationship.
public void addTrustRelationship(GluuSAMLTrustRelationship trustRelationship) {
log.info("Creating TR " + trustRelationship.getInum());
String[] clusterMembers = appConfiguration.getClusteredInums();
String applianceInum = appConfiguration.getApplianceInum();
if (clusterMembers == null || clusterMembers.length == 0) {
log.debug("there is no cluster configuration. Assuming standalone appliance.");
clusterMembers = new String[] { applianceInum };
}
String dn = trustRelationship.getDn();
for (String clusterMember : clusterMembers) {
String clusteredDN = StringHelper.replaceLast(dn, applianceInum, clusterMember);
trustRelationship.setDn(clusteredDN);
GluuSAMLTrustRelationship tr = new GluuSAMLTrustRelationship();
tr.setDn(trustRelationship.getDn());
if (!containsTrustRelationship(tr)) {
log.debug("Adding TR" + clusteredDN);
OrganizationalUnit ou = new OrganizationalUnit();
ou.setDn(getDnForTrustRelationShip(null));
if (!ldapEntryManager.contains(ou)) {
ldapEntryManager.persist(ou);
}
ldapEntryManager.persist(trustRelationship);
} else {
ldapEntryManager.merge(trustRelationship);
}
}
trustRelationship.setDn(dn);
}
Aggregations