You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/04/16 18:34:28 UTC
cxf git commit: Add a separate way of configuring the RACS
Repository: cxf
Updated Branches:
refs/heads/master f76371ed2 -> 6da8e6298
Add a separate way of configuring the RACS
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6da8e629
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6da8e629
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6da8e629
Branch: refs/heads/master
Commit: 6da8e62985666f0063e6c2057a3fbcf07aa70552
Parents: f76371e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Apr 16 17:34:01 2015 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Apr 16 17:34:01 2015 +0100
----------------------------------------------------------------------
.../rs/security/saml/sso/MetadataService.java | 22 +++++++++++++++-----
.../rs/security/saml/sso/MetadataWriter.java | 9 ++++----
.../jaxrs/security/samlsso/metadata-server.xml | 2 ++
3 files changed, 24 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/6da8e629/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
index 266518b..63619c3 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
@@ -18,7 +18,6 @@
*/
package org.apache.cxf.rs.security.saml.sso;
-import java.net.URI;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ResourceBundle;
@@ -46,6 +45,7 @@ public class MetadataService extends AbstractSSOSpHandler {
protected static final ResourceBundle BUNDLE = BundleUtils.getBundle(MetadataService.class);
private String serviceAddress;
+ private String assertionConsumerServiceAddress;
private String logoutServiceAddress;
private boolean addEndpointAddressToContext;
@@ -90,15 +90,17 @@ public class MetadataService extends AbstractSSOSpHandler {
if (addEndpointAddressToContext) {
Message message = JAXRSUtils.getCurrentMessage();
- String httpBasePath = (String)message.get("http.base.path");
- String rawPath = URI.create(httpBasePath).getRawPath();
+ String rawPath = (String)message.get("http.base.path");
return metadataWriter.getMetaData(rawPath + serviceAddress,
+ rawPath + assertionConsumerServiceAddress,
rawPath + logoutServiceAddress,
privateKey, issuerCerts[0],
true);
} else {
- return metadataWriter.getMetaData(serviceAddress, logoutServiceAddress, privateKey, issuerCerts[0],
- true);
+ return metadataWriter.getMetaData(serviceAddress, assertionConsumerServiceAddress,
+ logoutServiceAddress,
+ privateKey, issuerCerts[0],
+ true);
}
} catch (Exception ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
@@ -132,4 +134,14 @@ public class MetadataService extends AbstractSSOSpHandler {
public void setAddEndpointAddressToContext(boolean add) {
addEndpointAddressToContext = add;
}
+
+
+ public String getAssertionConsumerServiceAddress() {
+ return assertionConsumerServiceAddress;
+ }
+
+
+ public void setAssertionConsumerServiceAddress(String assertionConsumerServiceAddress) {
+ this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/6da8e629/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
index 27c8d10..9bb1f16 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
@@ -73,6 +73,7 @@ public class MetadataWriter {
//CHECKSTYLE:OFF
public Document getMetaData(
String serviceURL,
+ String assertionConsumerServiceURL,
String logoutURL,
Key signingKey,
X509Certificate signingCert,
@@ -95,7 +96,7 @@ public class MetadataWriter {
writer.writeNamespace("wsa", SSOConstants.WS_ADDRESSING_NS);
writer.writeNamespace("xsi", SSOConstants.SCHEMA_INSTANCE_NS);
- writeSAMLMetadata(writer, serviceURL, logoutURL, signingCert, wantRequestsSigned);
+ writeSAMLMetadata(writer, assertionConsumerServiceURL, logoutURL, signingCert, wantRequestsSigned);
writer.writeEndElement(); // EntityDescriptor
@@ -121,7 +122,7 @@ public class MetadataWriter {
private void writeSAMLMetadata(
XMLStreamWriter writer,
- String serviceURL,
+ String assertionConsumerServiceURL,
String logoutURL,
X509Certificate signingCert,
boolean wantRequestsSigned
@@ -142,14 +143,14 @@ public class MetadataWriter {
}
writer.writeStartElement("md", "AssertionConsumerService", SSOConstants.SAML2_METADATA_NS);
- writer.writeAttribute("Location", serviceURL);
+ writer.writeAttribute("Location", assertionConsumerServiceURL);
writer.writeAttribute("index", "0");
writer.writeAttribute("isDefault", "true");
writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
writer.writeEndElement(); // AssertionConsumerService
writer.writeStartElement("md", "AssertionConsumerService", SSOConstants.SAML2_METADATA_NS);
- writer.writeAttribute("Location", serviceURL);
+ writer.writeAttribute("Location", assertionConsumerServiceURL);
writer.writeAttribute("index", "1");
writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-REDIRECT");
writer.writeEndElement(); // AssertionConsumerService
http://git-wip-us.apache.org/repos/asf/cxf/blob/6da8e629/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
index 4560069..e130b3c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
@@ -41,6 +41,8 @@ under the License.
<bean id="metadataBean" class="org.apache.cxf.rs.security.saml.sso.MetadataService">
<property name="serviceAddress"
value="https://localhost:${testutil.ports.jaxrs-saml}/saml-roles"/>
+ <property name="assertionConsumerServiceAddress"
+ value="https://localhost:${testutil.ports.jaxrs-saml}/saml-roles"/>
<property name="logoutServiceAddress"
value="https://localhost:${testutil.ports.jaxrs-saml}/sso/logout"/>
<property name="signatureUsername" value="alice"/>