You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/06/19 18:30:59 UTC
[2/4] [FEDIZ-7] - Largish refactor of Fediz code to accomadate other
protocols
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
new file mode 100644
index 0000000..6ebe954
--- /dev/null
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -0,0 +1,648 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.processor;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.servlet.http.HttpServletRequest;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import org.apache.cxf.fediz.core.FederationConstants;
+import org.apache.cxf.fediz.core.TokenValidator;
+import org.apache.cxf.fediz.core.TokenValidatorRequest;
+import org.apache.cxf.fediz.core.TokenValidatorResponse;
+import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.config.KeyManager;
+import org.apache.cxf.fediz.core.config.SAMLProtocol;
+import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.exception.ProcessingException.TYPE;
+import org.apache.cxf.fediz.core.metadata.MetadataWriter;
+import org.apache.cxf.fediz.core.samlsso.AuthnRequestBuilder;
+import org.apache.cxf.fediz.core.samlsso.CompressionUtils;
+import org.apache.cxf.fediz.core.samlsso.DefaultAuthnRequestBuilder;
+import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.util.DOMUtils;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.saml.OpenSAMLUtil;
+import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSDataRef;
+import org.apache.wss4j.dom.WSDocInfo;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.WSSecurityEngine;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.processor.EncryptedDataProcessor;
+import org.apache.wss4j.dom.processor.Processor;
+import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
+import org.apache.xml.security.utils.Base64;
+import org.joda.time.DateTime;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class SAMLProcessorImpl implements FedizProcessor {
+
+ private static final Logger LOG = LoggerFactory.getLogger(SAMLProcessorImpl.class);
+
+ /**
+ * Default constructor
+ */
+ public SAMLProcessorImpl() {
+ super();
+ }
+
+ @Override
+ public FedizResponse processRequest(FedizRequest request,
+ FedizContext config)
+ throws ProcessingException {
+
+ if (!(config.getProtocol() instanceof SAMLProtocol)) {
+ LOG.error("Unsupported protocol");
+ throw new IllegalStateException("Unsupported protocol");
+ }
+ FedizResponse response = null;
+ if (FederationConstants.ACTION_SIGNIN.equals(request.getWa())) {
+ response = this.processSignInRequest(request, config);
+ } else {
+ LOG.error("Invalid action '" + request.getWa() + "'");
+ throw new ProcessingException(TYPE.INVALID_REQUEST);
+ }
+ return response;
+ }
+
+
+ public Document getMetaData(FedizContext config) throws ProcessingException {
+ return new MetadataWriter().getMetaData(config);
+ }
+
+ protected FedizResponse processSignInRequest(
+ FedizRequest request, FedizContext config)
+ throws ProcessingException {
+
+ byte[] wresult = request.getWresult().getBytes();
+
+ Document doc = null;
+ Element el = null;
+ try {
+ doc = DOMUtils.readXml(new ByteArrayInputStream(wresult));
+ el = doc.getDocumentElement();
+
+ } catch (Exception e) {
+ LOG.warn("Failed to parse wresult: " + e.getMessage());
+ throw new ProcessingException(TYPE.INVALID_REQUEST);
+ }
+
+ if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
+ el = DOMUtils.getFirstElement(el);
+ }
+ if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
+ LOG.warn("Unexpected root element of wresult: '" + el.getLocalName() + "'");
+ throw new ProcessingException(TYPE.INVALID_REQUEST);
+ }
+ el = DOMUtils.getFirstElement(el);
+ Element rst = null;
+ Element lifetimeElem = null;
+ String tt = null;
+
+ while (el != null) {
+ String ln = el.getLocalName();
+ if (FederationConstants.WS_TRUST_13_NS.equals(el.getNamespaceURI())
+ || FederationConstants.WS_TRUST_2005_02_NS.equals(el.getNamespaceURI())) {
+ if ("Lifetime".equals(ln)) {
+ lifetimeElem = el;
+ } else if ("RequestedSecurityToken".equals(ln)) {
+ rst = DOMUtils.getFirstElement(el);
+ } else if ("TokenType".equals(ln)) {
+ tt = DOMUtils.getContent(el);
+ }
+ }
+ el = DOMUtils.getNextElement(el);
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RST: " + ((rst != null) ? rst.toString() : "null"));
+ LOG.debug("Lifetime: "
+ + ((lifetimeElem != null) ? lifetimeElem.toString()
+ : "null"));
+ LOG.debug("Tokentype: " + ((tt != null) ? tt.toString() : "null"));
+ }
+ if (rst == null) {
+ LOG.warn("RequestedSecurityToken element not found in wresult");
+ throw new ProcessingException(TYPE.BAD_REQUEST);
+ }
+ LifeTime lifeTime = null;
+ if (lifetimeElem != null) {
+ lifeTime = processLifeTime(lifetimeElem);
+ }
+
+ if (config.isDetectExpiredTokens() && lifeTime != null) {
+ Date currentDate = new Date();
+ if (currentDate.after(lifeTime.getExpires())) {
+ LOG.warn("RSTR Lifetime expired");
+ throw new ProcessingException(TYPE.TOKEN_EXPIRED);
+ }
+ DateTime currentTime = new DateTime();
+ DateTime validFrom = new DateTime(lifeTime.created);
+ currentTime = currentTime.plusSeconds(config.getMaximumClockSkew().intValue());
+ if (validFrom.isAfter(currentTime)) {
+ LOG.debug("RSTR Lifetime not yet valid");
+ throw new ProcessingException(TYPE.TOKEN_INVALID);
+ }
+ }
+
+ // Check to see if RST is encrypted
+ if ("EncryptedData".equals(rst.getLocalName())
+ && WSConstants.ENC_NS.equals(rst.getNamespaceURI())) {
+ Element decryptedRST = decryptEncryptedRST(rst, config);
+ if (decryptedRST != null) {
+ rst = decryptedRST;
+ }
+ }
+
+ TokenValidatorResponse validatorResponse = null;
+ List<TokenValidator> validators = ((FederationProtocol)config.getProtocol()).getTokenValidators();
+ for (TokenValidator validator : validators) {
+ boolean canHandle = false;
+ if (tt != null) {
+ canHandle = validator.canHandleTokenType(tt);
+ } else {
+ canHandle = validator.canHandleToken(rst);
+ }
+ if (canHandle) {
+ try {
+ TokenValidatorRequest validatorRequest =
+ new TokenValidatorRequest(rst, request.getCerts());
+ validatorResponse = validator.validateAndProcessToken(validatorRequest, config);
+ } catch (ProcessingException ex) {
+ throw ex;
+ } catch (Exception ex) {
+ LOG.warn("Failed to validate token", ex);
+ throw new ProcessingException(TYPE.TOKEN_INVALID);
+ }
+ break;
+ } else {
+ LOG.warn("No security token validator found for '" + tt + "'");
+ throw new ProcessingException(TYPE.BAD_REQUEST);
+ }
+ }
+
+ // Check whether token already used for signin
+ if (validatorResponse.getUniqueTokenId() != null
+ && config.isDetectReplayedTokens()) {
+ // Check whether token has already been processed once, prevent
+ // replay attack
+ if (!config.getTokenReplayCache().contains(validatorResponse.getUniqueTokenId())) {
+ // not cached
+ Date expires = null;
+ if (lifeTime != null && lifeTime.getExpires() != null) {
+ expires = lifeTime.getExpires();
+ } else {
+ expires = validatorResponse.getExpires();
+ }
+ if (expires != null) {
+ Date currentTime = new Date();
+ long ttl = expires.getTime() - currentTime.getTime();
+ config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId(), ttl / 1000L);
+ } else {
+ config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId());
+ }
+ } else {
+ LOG.error("Replay attack with token id: " + validatorResponse.getUniqueTokenId());
+ throw new ProcessingException("Replay attack with token id: "
+ + validatorResponse.getUniqueTokenId(), TYPE.TOKEN_REPLAY);
+ }
+ }
+
+ FedizResponse fedResponse = new FedizResponse(
+ validatorResponse.getUsername(), validatorResponse.getIssuer(),
+ validatorResponse.getRoles(), validatorResponse.getClaims(),
+ validatorResponse.getAudience(),
+ (lifeTime != null) ? lifeTime.getCreated() : null,
+ (lifeTime != null) ? lifeTime.getExpires() : null, rst,
+ validatorResponse.getUniqueTokenId());
+
+ return fedResponse;
+ }
+
+ private Element decryptEncryptedRST(
+ Element encryptedRST,
+ FedizContext config
+ ) throws ProcessingException {
+
+ KeyManager decryptionKeyManager = config.getDecryptionKey();
+ if (decryptionKeyManager == null || decryptionKeyManager.getCrypto() == null) {
+ LOG.debug(
+ "We must have a decryption Crypto instance configured to decrypt encrypted tokens"
+ );
+ throw new ProcessingException(TYPE.BAD_REQUEST);
+ }
+ String keyPassword = decryptionKeyManager.getKeyPassword();
+ if (keyPassword == null) {
+ LOG.debug(
+ "We must have a decryption key password to decrypt encrypted tokens"
+ );
+ throw new ProcessingException(TYPE.BAD_REQUEST);
+ }
+
+ EncryptedDataProcessor proc = new EncryptedDataProcessor();
+ WSDocInfo docInfo = new WSDocInfo(encryptedRST.getOwnerDocument());
+ RequestData data = new RequestData();
+
+ // Disable WSS4J processing of the (decrypted) SAML Token
+ WSSConfig wssConfig = WSSConfig.getNewInstance();
+ wssConfig.setProcessor(WSSecurityEngine.SAML_TOKEN, new NOOpProcessor());
+ wssConfig.setProcessor(WSSecurityEngine.SAML2_TOKEN, new NOOpProcessor());
+ data.setWssConfig(wssConfig);
+
+ data.setDecCrypto(decryptionKeyManager.getCrypto());
+ data.setCallbackHandler(new DecryptionCallbackHandler(keyPassword));
+ try {
+ List<WSSecurityEngineResult> result =
+ proc.handleToken(encryptedRST, data, docInfo);
+ if (result.size() > 0) {
+ @SuppressWarnings("unchecked")
+ List<WSDataRef> dataRefs =
+ (List<WSDataRef>)result.get(result.size() - 1).get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+ if (dataRefs != null && dataRefs.size() > 0) {
+ return dataRefs.get(0).getProtectedElement();
+ }
+ }
+ } catch (WSSecurityException e) {
+ LOG.debug(e.getMessage(), e);
+ throw new ProcessingException(TYPE.TOKEN_INVALID);
+ }
+ return null;
+ }
+
+ private LifeTime processLifeTime(Element lifetimeElem) throws ProcessingException {
+ try {
+ Element createdElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+ WSConstants.WSU_NS, WSConstants.CREATED_LN);
+ DateFormat zulu = new XmlSchemaDateFormat();
+
+ Date created = zulu.parse(DOMUtils.getContent(createdElem));
+
+ Element expiresElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+ WSConstants.WSU_NS, WSConstants.EXPIRES_LN);
+ Date expires = zulu.parse(DOMUtils.getContent(expiresElem));
+
+ return new LifeTime(created, expires);
+
+ } catch (ParseException e) {
+ LOG.error("Failed to parse lifetime element in wresult: " + e.getMessage());
+ throw new ProcessingException(TYPE.BAD_REQUEST);
+ }
+ }
+
+ public class LifeTime {
+
+ private Date created;
+ private Date expires;
+
+ public LifeTime(Date created, Date expires) {
+ this.created = created;
+ this.expires = expires;
+ }
+
+ public Date getCreated() {
+ return created;
+ }
+
+ public Date getExpires() {
+ return expires;
+ }
+
+ }
+
+ @Override
+ public String createSignInRequest(HttpServletRequest request, FedizContext config)
+ throws ProcessingException {
+
+ String redirectURL = null;
+ try {
+ if (!(config.getProtocol() instanceof SAMLProtocol)) {
+ LOG.error("Unsupported protocol");
+ throw new IllegalStateException("Unsupported protocol");
+ }
+
+ String issuerURL = resolveIssuer(request, config);
+ LOG.info("Issuer url: " + issuerURL);
+ if (issuerURL != null && issuerURL.length() > 0) {
+ redirectURL = issuerURL;
+ }
+
+ AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder();
+
+ Document doc = DOMUtils.createDocument();
+ doc.appendChild(doc.createElement("root"));
+
+ // Create the AuthnRequest
+ AuthnRequest authnRequest =
+ authnRequestBuilder.createAuthnRequest(
+ "http://issuer.com", "http://issuer2.com"
+ );
+ Element authnRequestElement = OpenSAMLUtil.toDom(authnRequest, doc);
+ String authnRequestEncoded = encodeAuthnRequest(authnRequestElement);
+
+ //SamlRequestInfo info = new SamlRequestInfo();
+ //info.setSamlRequest(authnRequestEncoded);
+
+ String relayState = URLEncoder.encode(UUID.randomUUID().toString(), "UTF-8");
+
+ String urlEncodedRequest =
+ URLEncoder.encode(authnRequestEncoded, "UTF-8");
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("SAMLRequest").append('=').append(urlEncodedRequest);
+ sb.append("RelayState").append('=').append(relayState);
+
+ /*
+ String contextCookie = createCookie(SSOConstants.RELAY_STATE,
+ info.getRelayState(),
+ info.getWebAppContext(),
+ info.getWebAppDomain());
+
+ context.abortWith(Response.seeOther(ub.build())
+ .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store")
+ .header("Pragma", "no-cache")
+ .header(HttpHeaders.SET_COOKIE, contextCookie)
+ .build());
+ */
+
+ redirectURL = redirectURL + "?" + sb.toString();
+ } catch (Exception ex) {
+ LOG.error("Failed to create SignInRequest", ex);
+ throw new ProcessingException("Failed to create SignInRequest");
+ }
+ return redirectURL;
+ }
+
+ protected String encodeAuthnRequest(Element authnRequest) throws IOException {
+ String requestMessage = DOM2Writer.nodeToString(authnRequest);
+
+ byte[] deflatedBytes = CompressionUtils.deflate(requestMessage.getBytes("UTF-8"));
+
+ return Base64.encode(deflatedBytes);
+ }
+
+ @Override
+ public String createSignOutRequest(HttpServletRequest request, FedizContext config)
+ throws ProcessingException {
+
+ String redirectURL = null;
+ try {
+ if (!(config.getProtocol() instanceof FederationProtocol)) {
+ LOG.error("Unsupported protocol");
+ throw new IllegalStateException("Unsupported protocol");
+ }
+
+ String issuerURL = resolveIssuer(request, config);
+ LOG.info("Issuer url: " + issuerURL);
+ if (issuerURL != null && issuerURL.length() > 0) {
+ redirectURL = issuerURL;
+ }
+
+ StringBuilder sb = new StringBuilder();
+ sb.append(FederationConstants.PARAM_ACTION).append('=').append(FederationConstants.ACTION_SIGNOUT);
+
+ String logoutRedirectTo = config.getLogoutRedirectTo();
+ if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
+
+ if (logoutRedirectTo.startsWith("/")) {
+ logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
+ } else {
+ logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
+ }
+
+ LOG.debug("wreply=" + logoutRedirectTo);
+
+ sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
+ sb.append(URLEncoder.encode(logoutRedirectTo, "UTF-8"));
+ }
+
+ redirectURL = redirectURL + "?" + sb.toString();
+ } catch (Exception ex) {
+ LOG.error("Failed to create SignInRequest", ex);
+ throw new ProcessingException("Failed to create SignInRequest");
+ }
+ return redirectURL;
+ }
+/*
+ private String resolveSignInQuery(HttpServletRequest request, FedizContext config)
+ throws IOException, UnsupportedCallbackException, UnsupportedEncodingException {
+ Object signInQueryObj = ((FederationProtocol)config.getProtocol()).getSignInQuery();
+ String signInQuery = null;
+ if (signInQueryObj != null) {
+ if (signInQueryObj instanceof String) {
+ signInQuery = (String)signInQueryObj;
+ } else if (signInQueryObj instanceof CallbackHandler) {
+ CallbackHandler frCB = (CallbackHandler)signInQueryObj;
+ SignInQueryCallback callback = new SignInQueryCallback(request);
+ frCB.handle(new Callback[] {callback});
+ Map<String, String> signInQueryMap = callback.getSignInQueryParamMap();
+ StringBuilder sbQuery = new StringBuilder();
+ for (String key : signInQueryMap.keySet()) {
+ if (sbQuery.length() > 0) {
+ sbQuery.append("&");
+ }
+ sbQuery.append(key).append('=').
+ append(URLEncoder.encode(signInQueryMap.get(key), "UTF-8"));
+ }
+ signInQuery = sbQuery.toString();
+
+ }
+ }
+ return signInQuery;
+ }
+
+ private String resolveFreshness(HttpServletRequest request, FedizContext config) throws IOException,
+ UnsupportedCallbackException {
+ Object freshnessObj = ((FederationProtocol)config.getProtocol()).getFreshness();
+ String freshness = null;
+ if (freshnessObj != null) {
+ if (freshnessObj instanceof String) {
+ freshness = (String)freshnessObj;
+ } else if (freshnessObj instanceof CallbackHandler) {
+ CallbackHandler frCB = (CallbackHandler)freshnessObj;
+ FreshnessCallback callback = new FreshnessCallback(request);
+ frCB.handle(new Callback[] {callback});
+ freshness = callback.getFreshness();
+ }
+ }
+ return freshness;
+ }
+
+ private String resolveHomeRealm(HttpServletRequest request, FedizContext config) throws IOException,
+ UnsupportedCallbackException {
+ Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
+ String homeRealm = null;
+ if (homeRealmObj != null) {
+ if (homeRealmObj instanceof String) {
+ homeRealm = (String)homeRealmObj;
+ } else if (homeRealmObj instanceof CallbackHandler) {
+ CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
+ HomeRealmCallback callback = new HomeRealmCallback(request);
+ hrCB.handle(new Callback[] {callback});
+ homeRealm = callback.getHomeRealm();
+ }
+ }
+ return homeRealm;
+ }
+
+ private String resolveAuthenticationType(HttpServletRequest request, FedizContext config)
+ throws IOException, UnsupportedCallbackException {
+ Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
+ String wAuth = null;
+ if (wAuthObj != null) {
+ if (wAuthObj instanceof String) {
+ wAuth = (String)wAuthObj;
+ } else if (wAuthObj instanceof CallbackHandler) {
+ CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
+ WAuthCallback callback = new WAuthCallback(request);
+ wauthCB.handle(new Callback[] {callback});
+ wAuth = callback.getWauth();
+ }
+ }
+ return wAuth;
+ }
+
+ private String resolveRequest(HttpServletRequest request, FedizContext config)
+ throws IOException, UnsupportedCallbackException {
+ Object wReqObj = ((FederationProtocol)config.getProtocol()).getRequest();
+ String wReq = null;
+ if (wReqObj != null) {
+ if (wReqObj instanceof String) {
+ wReq = (String)wReqObj;
+ } else if (wReqObj instanceof CallbackHandler) {
+ CallbackHandler wauthCB = (CallbackHandler)wReqObj;
+ WReqCallback callback = new WReqCallback(request);
+ wauthCB.handle(new Callback[] {callback});
+ wReq = callback.getWreq();
+ }
+ }
+ return wReq;
+ }
+*/
+ private String resolveIssuer(HttpServletRequest request, FedizContext config) throws IOException,
+ UnsupportedCallbackException {
+ Object issuerObj = config.getProtocol().getIssuer();
+ String issuerURL = null;
+ if (issuerObj instanceof String) {
+ issuerURL = (String)issuerObj;
+ } else if (issuerObj instanceof CallbackHandler) {
+ CallbackHandler issuerCB = (CallbackHandler)issuerObj;
+ IDPCallback callback = new IDPCallback(request);
+ issuerCB.handle(new Callback[] {callback});
+ issuerURL = callback.getIssuerUrl().toString();
+ }
+ return issuerURL;
+ }
+/*
+ private String resolveWTRealm(HttpServletRequest request, FedizContext config) throws IOException,
+ UnsupportedCallbackException {
+ Object wtRealmObj = ((FederationProtocol)config.getProtocol()).getRealm();
+ String wtRealm = null;
+ if (wtRealmObj != null) {
+ if (wtRealmObj instanceof String) {
+ wtRealm = (String)wtRealmObj;
+ } else if (wtRealmObj instanceof CallbackHandler) {
+ CallbackHandler hrCB = (CallbackHandler)wtRealmObj;
+ RealmCallback callback = new RealmCallback(request);
+ hrCB.handle(new Callback[] {callback});
+ wtRealm = callback.getRealm();
+ }
+ } else {
+ wtRealm = extractFullContextPath(request); //default value
+ }
+ return wtRealm;
+ }
+
+*/
+ private String extractFullContextPath(HttpServletRequest request) throws MalformedURLException {
+ String result = null;
+ String contextPath = request.getContextPath();
+ String requestUrl = request.getRequestURL().toString();
+ String requestPath = new URL(requestUrl).getPath();
+ // Cut request path of request url and add context path if not ROOT
+ if (requestPath != null && requestPath.length() > 0) {
+ int lastIndex = requestUrl.lastIndexOf(requestPath);
+ result = requestUrl.substring(0, lastIndex);
+ } else {
+ result = requestUrl;
+ }
+ if (contextPath != null && contextPath.length() > 0) {
+ // contextPath contains starting slash
+ result = result + contextPath + "/";
+ } else {
+ result = result + "/";
+ }
+ return result;
+ }
+
+ private static class DecryptionCallbackHandler implements CallbackHandler {
+
+ private final String password;
+
+ public DecryptionCallbackHandler(String password) {
+ this.password = password;
+ }
+
+ @Override
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof WSPasswordCallback) {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+ pc.setPassword(password);
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+ }
+ }
+ }
+
+ }
+
+ private static class NOOpProcessor implements Processor {
+
+ @Override
+ public List<WSSecurityEngineResult> handleToken(Element arg0, RequestData arg1, WSDocInfo arg2)
+ throws WSSecurityException {
+ return new ArrayList<WSSecurityEngineResult>();
+ }
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
index 30dcf53..b643a4e 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
@@ -29,7 +29,6 @@ import java.util.Map;
import java.util.StringTokenizer;
import org.w3c.dom.Element;
-
import org.apache.cxf.fediz.core.Claim;
import org.apache.cxf.fediz.core.ClaimCollection;
import org.apache.cxf.fediz.core.ClaimTypes;
@@ -37,8 +36,8 @@ import org.apache.cxf.fediz.core.TokenValidator;
import org.apache.cxf.fediz.core.TokenValidatorRequest;
import org.apache.cxf.fediz.core.TokenValidatorResponse;
import org.apache.cxf.fediz.core.config.CertificateValidationMethod;
-import org.apache.cxf.fediz.core.config.FederationContext;
-import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.config.Protocol;
import org.apache.cxf.fediz.core.config.TrustManager;
import org.apache.cxf.fediz.core.config.TrustedIssuer;
import org.apache.cxf.fediz.core.exception.ProcessingException;
@@ -88,7 +87,7 @@ public class SAMLTokenValidator implements TokenValidator {
}
public TokenValidatorResponse validateAndProcessToken(TokenValidatorRequest request,
- FederationContext config) throws ProcessingException {
+ FedizContext config) throws ProcessingException {
Element token = request.getToken();
try {
@@ -215,12 +214,12 @@ public class SAMLTokenValidator implements TokenValidator {
}
}
- protected List<String> parseRoles(FederationContext config, List<Claim> claims) {
+ protected List<String> parseRoles(FedizContext config, List<Claim> claims) {
List<String> roles = null;
- FederationProtocol fp = (FederationProtocol)config.getProtocol();
- if (fp.getRoleURI() != null) {
- URI roleURI = URI.create(fp.getRoleURI());
- String delim = fp.getRoleDelimiter();
+ Protocol protocol = config.getProtocol();
+ if (protocol.getRoleURI() != null) {
+ URI roleURI = URI.create(protocol.getRoleURI());
+ String delim = protocol.getRoleDelimiter();
for (Claim c : claims) {
if (roleURI.equals(c.getClaimType())) {
Object oValue = c.getValue();
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/resources/schemas/FedizConfig.xsd
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/resources/schemas/FedizConfig.xsd b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
index c9e670c..72f19f2 100644
--- a/plugins/core/src/main/resources/schemas/FedizConfig.xsd
+++ b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
@@ -94,9 +94,6 @@
<xs:extension base="protocolType">
<xs:sequence>
<xs:element ref="realm" />
- <xs:element ref="issuer" />
- <xs:element ref="roleDelimiter" />
- <xs:element ref="roleURI" />
<xs:element ref="authenticationType" />
<xs:element ref="homeRealm" />
<xs:element ref="freshness" />
@@ -111,6 +108,17 @@
</xs:extension>
</xs:complexContent>
</xs:complexType>
+
+ <xs:complexType name="samlProtocolType">
+ <xs:complexContent>
+ <xs:extension base="protocolType">
+ <xs:sequence>
+ <xs:element ref="realm" />
+ </xs:sequence>
+ <xs:attribute name="version" use="required" type="xs:string" />
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
<xs:element name="roleDelimiter" type="xs:string" />
<xs:element name="roleURI" type="xs:string" />
@@ -118,8 +126,13 @@
<xs:element name="applicationServiceURL" type="xs:string" />
-
- <xs:complexType name="protocolType" abstract="true" />
+ <xs:complexType name="protocolType" abstract="true">
+ <xs:sequence>
+ <xs:element ref="roleDelimiter" />
+ <xs:element ref="roleURI" />
+ <xs:element ref="issuer" />
+ </xs:sequence>
+ </xs:complexType>
<xs:complexType name="CallbackType">
<xs:simpleContent>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
index 72ac643..f67edae 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
@@ -20,7 +20,7 @@
package org.apache.cxf.fediz.core;
import org.w3c.dom.Element;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizContext;
public class CustomValidator implements TokenValidator {
@@ -38,7 +38,7 @@ public class CustomValidator implements TokenValidator {
@Override
public TokenValidatorResponse validateAndProcessToken(
TokenValidatorRequest request,
- FederationContext config
+ FedizContext config
) {
return new TokenValidatorResponse(null,
FederationProcessorTest.TEST_USER,
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
index dd29b80..150eb08 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
@@ -25,13 +25,13 @@ import java.net.URL;
import javax.xml.transform.TransformerException;
import org.w3c.dom.Document;
-
import org.apache.cxf.fediz.common.SecurityTestUtil;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
import org.apache.cxf.fediz.core.util.DOMUtils;
-
import org.junit.AfterClass;
import org.junit.Assert;
@@ -46,14 +46,14 @@ public class FederationMetaDataTest {
}
- private FederationContext loadConfig(String context) {
+ private FedizContext loadConfig(String context) {
try {
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
final URL resource = Thread.currentThread().getContextClassLoader()
.getResource(CONFIG_FILE);
File f = new File(resource.toURI());
configurator.loadConfig(f);
- return configurator.getFederationContext(context);
+ return configurator.getFedizContext(context);
} catch (Exception e) {
e.printStackTrace();
return null;
@@ -64,9 +64,9 @@ public class FederationMetaDataTest {
@org.junit.Test
public void validateMetaDataWithAlias() throws ProcessingException {
- FederationContext config = loadConfig("ROOT");
+ FedizContext config = loadConfig("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
Document doc = wfProc.getMetaData(config);
Assert.assertNotNull(doc);
@@ -82,9 +82,9 @@ public class FederationMetaDataTest {
public void validateMetaDataNoAlias() throws ProcessingException {
try {
- FederationContext config = loadConfig("ROOT_NO_KEY");
+ FedizContext config = loadConfig("ROOT_NO_KEY");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
Document doc;
doc = wfProc.getMetaData(config);
@@ -99,9 +99,9 @@ public class FederationMetaDataTest {
@org.junit.Test
public void validateMetaDataNoSigningKey() throws ProcessingException {
- FederationContext config = loadConfig("ROOT_NO_SIGNINGKEY");
+ FedizContext config = loadConfig("ROOT_NO_SIGNINGKEY");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
Document doc = wfProc.getMetaData(config);
Assert.assertNotNull(doc);
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
index d4b7061..80c17e6 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
@@ -33,13 +33,12 @@ import javax.security.auth.callback.UnsupportedCallbackException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-
import org.apache.cxf.fediz.common.STSUtil;
import org.apache.cxf.fediz.common.SecurityTestUtil;
import org.apache.cxf.fediz.core.AbstractSAMLCallbackHandler.MultiValue;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
@@ -51,6 +50,10 @@ import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
import org.apache.cxf.fediz.core.exception.ProcessingException;
import org.apache.cxf.fediz.core.exception.ProcessingException.TYPE;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -83,7 +86,7 @@ public class FederationProcessorTest {
private static Crypto crypto;
private static CallbackHandler cbPasswordHandler;
- private static FederationConfigurator configurator;
+ private static FedizConfigurator configurator;
@BeforeClass
@@ -105,12 +108,12 @@ public class FederationProcessorTest {
}
- private static FederationConfigurator getFederationConfigurator() {
+ private static FedizConfigurator getFederationConfigurator() {
if (configurator != null) {
return configurator;
}
try {
- configurator = new FederationConfigurator();
+ configurator = new FedizConfigurator();
final URL resource = Thread.currentThread().getContextClassLoader()
.getResource(CONFIG_FILE);
File f = new File(resource.toURI());
@@ -130,14 +133,14 @@ public class FederationProcessorTest {
public void validateRSTRWithoutToken() throws Exception {
Document doc = STSUtil.toSOAPPart(STSUtil.SAMPLE_RSTR_COLL_MSG);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(DOM2Writer.nodeToString(doc));
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
fail("Failure expected on missing security token in RSTR");
@@ -155,14 +158,14 @@ public class FederationProcessorTest {
public void validateRequestUnknownAction() throws Exception {
Document doc = STSUtil.toSOAPPart(STSUtil.SAMPLE_RSTR_COLL_MSG);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa("gugus");
wfReq.setWresult(DOM2Writer.nodeToString(doc));
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
fail("Failure expected due to invalid action");
@@ -178,14 +181,14 @@ public class FederationProcessorTest {
*/
@org.junit.Test
public void validateSignInInvalidWResult() throws Exception {
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult("gugus");
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
fail("Failure expected due to invalid wresult");
@@ -225,15 +228,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -268,15 +271,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_MSG);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -308,15 +311,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -348,15 +351,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+ FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -388,15 +391,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+ FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -427,16 +430,16 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
((FederationProtocol)config.getProtocol()).setRoleURI(null);
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -467,15 +470,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -508,15 +511,15 @@ public class FederationProcessorTest {
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_2005_02_MSG);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -549,15 +552,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -590,17 +593,17 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
FederationProtocol fp = (FederationProtocol)config.getProtocol();
fp.setRoleDelimiter(",");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -636,16 +639,16 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
// Load and update the config to enforce an error
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
config.getTrustedIssuers().get(0).setSubject("wrong-issuer-name");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
Assert.fail("Processing must fail because of untrusted issuer configured");
@@ -679,15 +682,15 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", false);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
// Load and update the config to enforce an error
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
Assert.fail("Processing must fail because of missing signature");
@@ -721,15 +724,15 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -769,16 +772,16 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
// Load and update the config to enforce an error
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT2");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT2");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -810,16 +813,16 @@ public class FederationProcessorTest {
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
// Load and update the config to enforce an error
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT3");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT3");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -856,14 +859,14 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
fail("Failure expected on expired SAML token");
@@ -903,16 +906,16 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
config.setMaximumClockSkew(BigInteger.valueOf(60));
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -944,20 +947,20 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("CUSTTOK");
+ FedizContext config = getFederationConfigurator().getFedizContext("CUSTTOK");
FederationProtocol fp = (FederationProtocol)config.getProtocol();
List<TokenValidator> validators = fp.getTokenValidators();
Assert.assertEquals("Two validators must be found", 2, validators.size());
Assert.assertEquals("First validator must be custom validator",
CustomValidator.class.getName(), validators.get(0).getClass().getName());
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -987,15 +990,15 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("NOCLOCKSKEW");
+ FedizContext config = getFederationConfigurator().getFedizContext("NOCLOCKSKEW");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -1028,16 +1031,16 @@ public class FederationProcessorTest {
String rstr = encryptAndSignToken(assertion);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config =
- getFederationConfigurator().getFederationContext("ROOT_DECRYPTION");
+ FedizContext config =
+ getFederationConfigurator().getFedizContext("ROOT_DECRYPTION");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -1095,15 +1098,15 @@ public class FederationProcessorTest {
String rstr = DOM2Writer.nodeToString(doc);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config =
- getFederationConfigurator().getFederationContext("ROOT_DECRYPTION");
+ FedizContext config =
+ getFederationConfigurator().getFedizContext("ROOT_DECRYPTION");
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
try {
wfProc.processRequest(wfReq, config);
fail("Failure expected on missing client certs");
@@ -1152,7 +1155,7 @@ public class FederationProcessorTest {
protocol.setRoleURI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
- FederationContext fedContext = new FederationContext(config);
+ FedizContext fedContext = new FedizContext(config);
fedContext.init();
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
@@ -1172,12 +1175,12 @@ public class FederationProcessorTest {
String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_MSG);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, fedContext);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, fedContext);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
index 9349057..8c6d8e5 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
@@ -33,8 +33,12 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.apache.cxf.fediz.common.STSUtil;
import org.apache.cxf.fediz.common.SecurityTestUtil;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -62,7 +66,7 @@ public class SAMLTokenValidatorOldTest {
private static Crypto crypto;
private static CallbackHandler cbPasswordHandler;
- private static FederationConfigurator configurator;
+ private static FedizConfigurator configurator;
@BeforeClass
@@ -84,12 +88,12 @@ public class SAMLTokenValidatorOldTest {
}
- private static FederationConfigurator getFederationConfigurator() {
+ private static FedizConfigurator getFederationConfigurator() {
if (configurator != null) {
return configurator;
}
try {
- configurator = new FederationConfigurator();
+ configurator = new FedizConfigurator();
final URL resource = Thread.currentThread().getContextClassLoader()
.getResource(CONFIG_FILE);
File f = new File(resource.toURI());
@@ -128,15 +132,15 @@ public class SAMLTokenValidatorOldTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
@@ -175,15 +179,15 @@ public class SAMLTokenValidatorOldTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+ FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -218,15 +222,15 @@ public class SAMLTokenValidatorOldTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+ FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -262,15 +266,15 @@ public class SAMLTokenValidatorOldTest {
String rstr = createSamlToken(assertion, "mystskey", true);
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(FederationConstants.ACTION_SIGNIN);
wfReq.setWresult(rstr);
configurator = null;
- FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
- FederationProcessor wfProc = new FederationProcessorImpl();
- FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
Assert.assertEquals("Principal name wrong", TEST_USER,
wfRes.getUsername());
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
index 05b6e0e..382c953 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
@@ -217,10 +217,10 @@ public class CallbackHandlerTest {
jaxbContext.createMarshaller().marshal(configOut, writer);
StringReader reader = new StringReader(writer.toString());
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
configurator.loadConfig(reader);
- FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+ FedizContext ctx = configurator.getFedizContext(CONFIG_NAME);
FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
@@ -285,10 +285,10 @@ public class CallbackHandlerTest {
jaxbContext.createMarshaller().marshal(configOut, writer);
StringReader reader = new StringReader(writer.toString());
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
configurator.loadConfig(reader);
- FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+ FedizContext ctx = configurator.getFedizContext(CONFIG_NAME);
FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
index eb0bb7e..6e4fc61 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
@@ -231,7 +231,7 @@ public class FedizConfigurationTest {
jaxbContext.createMarshaller().marshal(configOut, writer);
StringReader reader = new StringReader(writer.toString());
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
configurator.loadConfig(reader);
File f = new File(CONFIG_FILE);
@@ -239,7 +239,7 @@ public class FedizConfigurationTest {
configurator.saveConfiguration(f);
- configurator = new FederationConfigurator();
+ configurator = new FedizConfigurator();
f = new File(CONFIG_FILE);
configurator.loadConfig(f);
}
@@ -250,7 +250,7 @@ public class FedizConfigurationTest {
final JAXBContext jaxbContext = JAXBContext
.newInstance(FedizConfig.class);
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
FedizConfig configOut = createConfiguration();
StringWriter writer = new StringWriter();
jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -302,10 +302,10 @@ public class FedizConfigurationTest {
jaxbContext.createMarshaller().marshal(config, writer);
StringReader reader = new StringReader(writer.toString());
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
configurator.loadConfig(reader);
- FederationContext fedContext = configurator.getFederationContext(CONFIG_NAME);
+ FedizContext fedContext = configurator.getFedizContext(CONFIG_NAME);
Assert.assertNotNull(fedContext);
return fedContext.getTokenReplayCache();
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
index e68c0e9..7a7f604 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
@@ -216,7 +216,7 @@ public class FedizConfigurationWriterTest {
final JAXBContext jaxbContext = JAXBContext
.newInstance(FedizConfig.class);
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
FedizConfig configOut = createConfiguration();
StringWriter writer = new StringWriter();
jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -228,7 +228,7 @@ public class FedizConfigurationWriterTest {
configurator.saveConfiguration(f);
- configurator = new FederationConfigurator();
+ configurator = new FedizConfigurator();
f = new File(CONFIG_FILE);
configurator.loadConfig(f);
}
@@ -243,7 +243,7 @@ public class FedizConfigurationWriterTest {
* Test JAXB part
*/
- FederationConfigurator configurator = new FederationConfigurator();
+ FedizConfigurator configurator = new FedizConfigurator();
FedizConfig configOut = createConfiguration();
StringWriter writer = new StringWriter();
jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -263,7 +263,7 @@ public class FedizConfigurationWriterTest {
/**
* Check Runtime configuration
*/
- FederationContext fedContext = configurator.getFederationContext(CONFIG_NAME);
+ FedizContext fedContext = configurator.getFedizContext(CONFIG_NAME);
Protocol protocol = fedContext.getProtocol();
Assert.assertTrue(protocol instanceof FederationProtocol);
FederationProtocol fedProtocol = (FederationProtocol) protocol;
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
----------------------------------------------------------------------
diff --git a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
index 24bdddb..635d375 100644
--- a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
+++ b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
@@ -34,13 +34,13 @@ import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBException;
import org.apache.cxf.fediz.core.FederationConstants;
-import org.apache.cxf.fediz.core.FederationProcessor;
-import org.apache.cxf.fediz.core.FederationProcessorImpl;
-import org.apache.cxf.fediz.core.FederationRequest;
-import org.apache.cxf.fediz.core.FederationResponse;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
import org.eclipse.jetty.http.HttpMethods;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.security.ServerAuthException;
@@ -83,7 +83,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
private static final String SECURITY_TOKEN_ATTR = "org.apache.fediz.SECURITY_TOKEN";
private String configFile;
- private FederationConfigurator configurator;
+ private FedizConfigurator configurator;
private String encoding = "UTF-8";
public FederationAuthenticator() {
@@ -106,7 +106,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
f = new File(jettyHome.concat(File.separator + getConfigFile()));
}
}
- configurator = new FederationConfigurator();
+ configurator = new FedizConfigurator();
configurator.loadConfig(f);
LOG.debug("Fediz configuration read from " + f.getAbsolutePath());
} catch (JAXBException e) {
@@ -170,7 +170,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
// Handle a request for authentication.
if (wa != null) {
- FederationResponse wfRes = null;
+ FedizResponse wfRes = null;
if (wa.equals(FederationConstants.ACTION_SIGNIN)) {
if (LOG.isDebugEnabled()) {
LOG.debug("SignIn request found");
@@ -184,7 +184,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
return Authentication.SEND_FAILURE;
} else {
- FederationRequest wfReq = new FederationRequest();
+ FedizRequest wfReq = new FedizRequest();
wfReq.setWa(wa);
wfReq.setWresult(wresult);
@@ -198,7 +198,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
if (contextName == null || contextName.isEmpty()) {
contextName = "/";
}
- FederationContext fedConfig = getContextConfiguration(contextName);
+ FedizContext fedConfig = getContextConfiguration(contextName);
FederationLoginService fedLoginService = (FederationLoginService)this._loginService;
UserIdentity user = fedLoginService.login(null, wfReq, fedConfig);
@@ -287,13 +287,13 @@ public class FederationAuthenticator extends LoginAuthenticator {
if (contextName == null || contextName.isEmpty()) {
contextName = "/";
}
- FederationContext fedConfig = getContextConfiguration(contextName);
+ FedizContext fedConfig = getContextConfiguration(contextName);
String logoutUrl = fedConfig.getLogoutURL();
if (logoutUrl != null && !logoutUrl.isEmpty() && uri.equals(contextName + logoutUrl)) {
session.invalidate();
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
signOutRedirectToIssuer(request, response, wfProc);
return Authentication.SEND_CONTINUE;
@@ -359,7 +359,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
}
}
- FederationProcessor wfProc = new FederationProcessorImpl();
+ FedizProcessor wfProc = new FederationProcessorImpl();
signInRedirectToIssuer(request, response, wfProc);
return Authentication.SEND_CONTINUE;
@@ -394,7 +394,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
* {@link HttpServletResponse#sendError(int, String)} throws an
* {@link IOException}
*/
- protected void signInRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FederationProcessor processor)
+ protected void signInRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FedizProcessor processor)
throws IOException {
//Not supported in jetty 7.6
@@ -403,7 +403,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
if (contextName == null || contextName.isEmpty()) {
contextName = "/";
}
- FederationContext fedCtx = this.configurator.getFederationContext(contextName);
+ FedizContext fedCtx = this.configurator.getFedizContext(contextName);
String redirectURL = null;
try {
redirectURL = processor.createSignInRequest(request, fedCtx);
@@ -422,7 +422,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
}
- protected void signOutRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FederationProcessor processor)
+ protected void signOutRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FedizProcessor processor)
throws IOException {
//Not supported in jetty 7.6
@@ -431,7 +431,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
if (contextName == null || contextName.isEmpty()) {
contextName = "/";
}
- FederationContext fedCtx = this.configurator.getFederationContext(contextName);
+ FedizContext fedCtx = this.configurator.getFedizContext(contextName);
String redirectURL = null;
try {
redirectURL = processor.createSignOutRequest(request, fedCtx);
@@ -449,11 +449,11 @@ public class FederationAuthenticator extends LoginAuthenticator {
}
}
- private FederationContext getContextConfiguration(String contextName) {
+ private FedizContext getContextConfiguration(String contextName) {
if (configurator == null) {
throw new IllegalStateException("No Fediz configuration available");
}
- FederationContext config = configurator.getFederationContext(contextName);
+ FedizContext config = configurator.getFedizContext(contextName);
if (config == null) {
throw new IllegalStateException("No Fediz configuration for context :" + contextName);
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
----------------------------------------------------------------------
diff --git a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
index 18110cf..c1c53c8 100644
--- a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
+++ b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
@@ -80,7 +80,7 @@ public class FederationIdentityService implements IdentityService {
try {
FederationUserPrincipal fup = (FederationUserPrincipal)userPrincipal;
- return new FederationUserIdentity(subject, userPrincipal, roles, fup.getFederationResponse());
+ return new FederationUserIdentity(subject, userPrincipal, roles, fup.getFedizResponse());
} catch (ClassCastException ex) {
LOG.warn("Principal must be instance of FederationUserPrincipal");
throw new IllegalStateException("Principal must be instance of FederationUserPrincipal");