You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/08/31 14:29:55 UTC
[1/2] syncope git commit: SYNCOPE-1202 - Support IdP Initiated SAML
SSO
Repository: syncope
Updated Branches:
refs/heads/master b3db3b19e -> 58983df16
SYNCOPE-1202 - Support IdP Initiated SAML SSO
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c4261ab1
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c4261ab1
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c4261ab1
Branch: refs/heads/master
Commit: c4261ab150920d84a7f4095ee22331f235ef6813
Parents: b3db3b1
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Aug 31 13:25:19 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Aug 31 13:25:19 2017 +0100
----------------------------------------------------------------------
.../syncope/common/lib/to/SAML2IdPTO.java | 10 +++
.../apache/syncope/core/logic/SAML2SPLogic.java | 34 ++++---
.../core/logic/saml2/SAML2IdPEntity.java | 4 +
.../core/persistence/api/entity/SAML2IdP.java | 4 +
.../persistence/jpa/entity/JPASAML2IdP.java | 15 ++++
.../java/data/SAML2IdPDataBinderImpl.java | 2 +
.../apache/syncope/fit/core/SAML2ITCase.java | 95 +++++++++++++++++---
.../src/test/resources/fediz_realmb.xml | 35 ++++++++
8 files changed, 177 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/common-lib/src/main/java/org/apache/syncope/common/lib/to/SAML2IdPTO.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/common-lib/src/main/java/org/apache/syncope/common/lib/to/SAML2IdPTO.java b/ext/saml2sp/common-lib/src/main/java/org/apache/syncope/common/lib/to/SAML2IdPTO.java
index 7b8b241..b11a530 100644
--- a/ext/saml2sp/common-lib/src/main/java/org/apache/syncope/common/lib/to/SAML2IdPTO.java
+++ b/ext/saml2sp/common-lib/src/main/java/org/apache/syncope/common/lib/to/SAML2IdPTO.java
@@ -51,6 +51,8 @@ public class SAML2IdPTO extends AbstractBaseBean implements EntityTO, ItemContai
private boolean useDeflateEncoding;
+ private boolean supportUnsolicited;
+
private SAML2BindingType bindingType;
private boolean logoutSupported;
@@ -187,4 +189,12 @@ public class SAML2IdPTO extends AbstractBaseBean implements EntityTO, ItemContai
return actionsClassNames;
}
+ public boolean isSupportUnsolicited() {
+ return supportUnsolicited;
+ }
+
+ public void setSupportUnsolicited(final boolean supportUnsolicited) {
+ this.supportUnsolicited = supportUnsolicited;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index e07fc52..755d938 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -113,6 +113,8 @@ import org.springframework.util.ResourceUtils;
@Component
public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
+ private static final String IDP_INITIATED_RELAY_STATE = "idpInitiated";
+
private static final long JWT_RELAY_STATE_DURATION = 60L;
private static final String JWT_CLAIM_IDP_DEFLATE = "IDP_DEFLATE";
@@ -360,17 +362,23 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
if (response.getRelayState() == null) {
throw new IllegalArgumentException("No Relay State was provided");
}
- JwsJwtCompactConsumer relayState = new JwsJwtCompactConsumer(response.getRelayState());
- if (!relayState.verifySignatureWith(jwsSignatureVerifier)) {
- throw new IllegalArgumentException("Invalid signature found in Relay State");
- }
- Long expiryTime = relayState.getJwtClaims().getExpiryTime();
- if (expiryTime == null || (expiryTime * 1000L) < new Date().getTime()) {
- throw new IllegalArgumentException("Relay State is expired");
- }
- Boolean useDeflateEncoding = Boolean.valueOf(
- relayState.getJwtClaims().getClaim(JWT_CLAIM_IDP_DEFLATE).toString());
+ Boolean useDeflateEncoding = false;
+ String requestId = null;
+ if (!IDP_INITIATED_RELAY_STATE.equals(response.getRelayState())) {
+ JwsJwtCompactConsumer relayState = new JwsJwtCompactConsumer(response.getRelayState());
+ if (!relayState.verifySignatureWith(jwsSignatureVerifier)) {
+ throw new IllegalArgumentException("Invalid signature found in Relay State");
+ }
+ useDeflateEncoding = Boolean.valueOf(
+ relayState.getJwtClaims().getClaim(JWT_CLAIM_IDP_DEFLATE).toString());
+ requestId = relayState.getJwtClaims().getSubject();
+
+ Long expiryTime = relayState.getJwtClaims().getExpiryTime();
+ if (expiryTime == null || (expiryTime * 1000L) < new Date().getTime()) {
+ throw new IllegalArgumentException("Relay State is expired");
+ }
+ }
// 2. parse the provided SAML response
if (response.getSamlResponse() == null) {
@@ -400,13 +408,17 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" + idp.getId() + "'");
}
+ if (IDP_INITIATED_RELAY_STATE.equals(response.getRelayState()) && !idp.isSupportUnsolicited()) {
+ throw new IllegalArgumentException("An unsolicited request is not allowed for idp: " + idp.getId());
+ }
+
SSOValidatorResponse validatorResponse = null;
try {
validatorResponse = saml2rw.validate(
samlResponse,
idp,
getAssertionConsumerURL(response.getSpEntityID(), response.getUrlContext()),
- relayState.getJwtClaims().getSubject(),
+ requestId,
response.getSpEntityID());
} catch (Exception e) {
LOG.error("While validating AuthnResponse", e);
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2IdPEntity.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2IdPEntity.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2IdPEntity.java
index 58ccfca..9b4e497 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2IdPEntity.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2IdPEntity.java
@@ -137,6 +137,10 @@ public class SAML2IdPEntity {
return idpTO.isUseDeflateEncoding();
}
+ public boolean isSupportUnsolicited() {
+ return idpTO.isSupportUnsolicited();
+ }
+
public SAML2BindingType getBindingType() {
return idpTO.getBindingType();
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/SAML2IdP.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/SAML2IdP.java b/ext/saml2sp/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/SAML2IdP.java
index 1aa1116..7ef1cec 100644
--- a/ext/saml2sp/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/SAML2IdP.java
+++ b/ext/saml2sp/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/SAML2IdP.java
@@ -49,6 +49,10 @@ public interface SAML2IdP extends Entity {
void setUseDeflateEncoding(boolean useDeflateEncoding);
+ boolean isSupportUnsolicited();
+
+ void setSupportUnsolicited(boolean supportUnsolicited);
+
SAML2BindingType getBindingType();
void setBindingType(SAML2BindingType bindingType);
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/JPASAML2IdP.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/JPASAML2IdP.java b/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/JPASAML2IdP.java
index 8b3943f..2de265b 100644
--- a/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/JPASAML2IdP.java
+++ b/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/JPASAML2IdP.java
@@ -83,6 +83,11 @@ public class JPASAML2IdP extends AbstractGeneratedKeyEntity implements SAML2IdP
@Column(nullable = false)
private Integer useDeflateEncoding;
+ @Min(0)
+ @Max(1)
+ @Column(nullable = false)
+ private Integer supportUnsolicited;
+
@Column(nullable = false)
private SAML2BindingType bindingType;
@@ -157,6 +162,16 @@ public class JPASAML2IdP extends AbstractGeneratedKeyEntity implements SAML2IdP
}
@Override
+ public boolean isSupportUnsolicited() {
+ return isBooleanAsInteger(supportUnsolicited);
+ }
+
+ @Override
+ public void setSupportUnsolicited(final boolean supportUnsolicited) {
+ this.supportUnsolicited = getBooleanAsInteger(supportUnsolicited);
+ }
+
+ @Override
public SAML2BindingType getBindingType() {
return bindingType;
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/ext/saml2sp/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/SAML2IdPDataBinderImpl.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/SAML2IdPDataBinderImpl.java b/ext/saml2sp/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/SAML2IdPDataBinderImpl.java
index ee84197..7d003ab 100644
--- a/ext/saml2sp/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/SAML2IdPDataBinderImpl.java
+++ b/ext/saml2sp/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/SAML2IdPDataBinderImpl.java
@@ -168,6 +168,7 @@ public class SAML2IdPDataBinderImpl implements SAML2IdPDataBinder {
idp.setCreateUnmatching(idpTO.isCreateUnmatching());
idp.setUpdateMatching(idpTO.isUpdateMatching());
idp.setUseDeflateEncoding(idpTO.isUseDeflateEncoding());
+ idp.setSupportUnsolicited(idpTO.isSupportUnsolicited());
idp.setBindingType(idpTO.getBindingType());
if (idpTO.getUserTemplate() == null) {
@@ -224,6 +225,7 @@ public class SAML2IdPDataBinderImpl implements SAML2IdPDataBinder {
idpTO.setEntityID(idp.getEntityID());
idpTO.setName(idp.getName());
idpTO.setUseDeflateEncoding(idp.isUseDeflateEncoding());
+ idpTO.setSupportUnsolicited(idp.isSupportUnsolicited());
idpTO.setBindingType(idp.getBindingType());
idpTO.setCreateUnmatching(idp.isCreateUnmatching());
idpTO.setUpdateMatching(idp.isUpdateMatching());
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
index 35e3efa..20d8995 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java
@@ -41,9 +41,11 @@ import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
+import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.Date;
+import java.util.List;
import java.util.Optional;
import java.util.regex.Pattern;
import javax.ws.rs.core.MediaType;
@@ -140,6 +142,14 @@ public class SAML2ITCase extends AbstractITCase {
saml2IdPService.importFromMetadata(SAML2ITCase.class.getResourceAsStream("/ssocircle.xml"));
saml2IdPService.importFromMetadata(SAML2ITCase.class.getResourceAsStream("/testshib-providers.xml"));
saml2IdPService.importFromMetadata(SAML2ITCase.class.getResourceAsStream("/fediz.xml"));
+ saml2IdPService.importFromMetadata(SAML2ITCase.class.getResourceAsStream("/fediz_realmb.xml"));
+
+ // Allow unsolicited responses for the realmb case
+ String realmBEntityId = "urn:org:apache:cxf:fediz:idp:realm-B";
+ Optional<SAML2IdPTO> realmBIdP =
+ saml2IdPService.list().stream().filter(idp -> realmBEntityId.equals(idp.getEntityID())).findFirst();
+ realmBIdP.get().setSupportUnsolicited(true);
+ saml2IdPService.update(realmBIdP.get());
} catch (Exception e) {
LOG.error("Unexpected error while importing SAML 2.0 IdP metadata", e);
} finally {
@@ -148,7 +158,7 @@ public class SAML2ITCase extends AbstractITCase {
type(clientFactory.getContentType().getMediaType());
}
- assertEquals(3, saml2IdPService.list().size());
+ assertEquals(4, saml2IdPService.list().size());
}
@AfterClass
@@ -320,7 +330,8 @@ public class SAML2ITCase extends AbstractITCase {
String inResponseTo = relayState.getJwtClaims().getSubject();
org.opensaml.saml.saml2.core.Response samlResponse =
- createResponse(inResponseTo, false, SAML2Constants.CONF_SENDER_VOUCHES);
+ createResponse(inResponseTo, false, SAML2Constants.CONF_SENDER_VOUCHES,
+ "urn:org:apache:cxf:fediz:idp:realm-A");
Document doc = DOMUtils.newDocument();
Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
@@ -398,22 +409,80 @@ public class SAML2ITCase extends AbstractITCase {
}
}
+ @Test
+ public void validateIdpInitiatedLoginResponse() throws Exception {
+ Assume.assumeTrue(SAML2SPDetector.isSAML2SPAvailable());
+
+ SAML2SPService saml2Service = anonymous.getService(SAML2SPService.class);
+
+ // Create a SAML Response using WSS4J
+ SAML2ReceivedResponseTO response = new SAML2ReceivedResponseTO();
+ response.setSpEntityID("http://recipient.apache.org/");
+ response.setUrlContext("saml2sp");
+
+ org.opensaml.saml.saml2.core.Response samlResponse =
+ createResponse(null, true, SAML2Constants.CONF_BEARER, "urn:org:apache:cxf:fediz:idp:realm-B");
+
+ Document doc = DOMUtils.newDocument();
+ Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
+ String responseStr = DOM2Writer.nodeToString(responseElement);
+
+ // Validate the SAML Response
+ response.setSamlResponse(Base64.getEncoder().encodeToString(responseStr.getBytes()));
+ response.setRelayState("idpInitiated");
+ SAML2LoginResponseTO loginResponse =
+ saml2Service.validateLoginResponse(response);
+ assertNotNull(loginResponse.getAccessToken());
+ assertEquals("puccini", loginResponse.getNameID());
+ }
+
+ // Make sure that the IdP initiated case is only supported when "supportUnsolicited" is true for that IdP
+ @Test
+ public void validateIdpInitiatedLoginResponseFailure() throws Exception {
+ Assume.assumeTrue(SAML2SPDetector.isSAML2SPAvailable());
+
+ SAML2SPService saml2Service = anonymous.getService(SAML2SPService.class);
+
+ // Create a SAML Response using WSS4J
+ SAML2ReceivedResponseTO response = new SAML2ReceivedResponseTO();
+ response.setSpEntityID("http://recipient.apache.org/");
+ response.setUrlContext("saml2sp");
+
+ org.opensaml.saml.saml2.core.Response samlResponse =
+ createResponse(null, true, SAML2Constants.CONF_BEARER, "urn:org:apache:cxf:fediz:idp:realm-A");
+
+ Document doc = DOMUtils.newDocument();
+ Element responseElement = OpenSAMLUtil.toDom(samlResponse, doc);
+ String responseStr = DOM2Writer.nodeToString(responseElement);
+
+ // Validate the SAML Response
+ response.setSamlResponse(Base64.getEncoder().encodeToString(responseStr.getBytes()));
+ response.setRelayState("idpInitiated");
+ try {
+ saml2Service.validateLoginResponse(response);
+ fail("Failure expected on an unsolicited login");
+ } catch (SyncopeClientException e) {
+ assertNotNull(e);
+ }
+ }
+
private org.opensaml.saml.saml2.core.Response createResponse(final String inResponseTo) throws Exception {
- return createResponse(inResponseTo, true, SAML2Constants.CONF_BEARER);
+ return createResponse(inResponseTo, true, SAML2Constants.CONF_BEARER, "urn:org:apache:cxf:fediz:idp:realm-A");
}
private org.opensaml.saml.saml2.core.Response createResponse(
- final String inResponseTo, final boolean signAssertion, final String subjectConfMethod) throws Exception {
+ final String inResponseTo, final boolean signAssertion, final String subjectConfMethod,
+ final String issuer) throws Exception {
Status status = SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
org.opensaml.saml.saml2.core.Response response = SAML2PResponseComponentBuilder.createSAMLResponse(
- inResponseTo, "urn:org:apache:cxf:fediz:idp:realm-A", status);
+ inResponseTo, issuer, status);
response.setDestination("http://recipient.apache.org");
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
- callbackHandler.setIssuer("urn:org:apache:cxf:fediz:idp:realm-A");
+ callbackHandler.setIssuer(issuer);
callbackHandler.setSubjectName("puccini");
callbackHandler.setSubjectConfirmationMethod(subjectConfMethod);
@@ -511,12 +580,16 @@ public class SAML2ITCase extends AbstractITCase {
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
- Path path = FileSystems.getDefault().getPath(basedir, "/src/test/resources/fediz.xml");
- String content = new String(Files.readAllBytes(path), StandardCharsets.UTF_8);
- content = content.replaceAll("cert-placeholder", certEncoded);
- Path path2 = FileSystems.getDefault().getPath(basedir, "/target/test-classes/fediz.xml");
- Files.write(path2, content.getBytes());
+ List<String> fileNames = Arrays.asList("fediz.xml", "fediz_realmb.xml");
+ for (String fileName : fileNames) {
+ Path path = FileSystems.getDefault().getPath(basedir, "/src/test/resources/" + fileName);
+ String content = new String(Files.readAllBytes(path), StandardCharsets.UTF_8);
+ content = content.replaceAll("cert-placeholder", certEncoded);
+
+ Path path2 = FileSystems.getDefault().getPath(basedir, "/target/test-classes/" + fileName);
+ Files.write(path2, content.getBytes());
+ }
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/c4261ab1/fit/core-reference/src/test/resources/fediz_realmb.xml
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/resources/fediz_realmb.xml b/fit/core-reference/src/test/resources/fediz_realmb.xml
new file mode 100644
index 0000000..a9a1cec
--- /dev/null
+++ b/fit/core-reference/src/test/resources/fediz_realmb.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<EntityDescriptor entityID="urn:org:apache:cxf:fediz:idp:realm-B" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+cert-placeholder
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost:8443/fediz-idp/saml/up"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost:8443/fediz-idp/saml/up"/>
+ </IDPSSODescriptor>
+</EntityDescriptor>
[2/2] syncope git commit: SYNCOPE-1202 - Adding UI support
Posted by co...@apache.org.
SYNCOPE-1202 - Adding UI support
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/58983df1
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/58983df1
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/58983df1
Branch: refs/heads/master
Commit: 58983df16678167db27f0a5c0b32e0bd3fc985a7
Parents: c4261ab
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Aug 31 15:27:02 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Aug 31 15:27:02 2017 +0100
----------------------------------------------------------------------
.../syncope/client/console/panels/SAML2IdPsDirectoryPanel.java | 2 ++
.../syncope/client/console/wizards/SAML2IdPWizardBuilder.java | 4 ++++
.../client/console/panels/SAML2IdPsDirectoryPanel.properties | 1 +
.../client/console/panels/SAML2IdPsDirectoryPanel_it.properties | 1 +
.../console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties | 1 +
.../client/console/panels/SAML2IdPsDirectoryPanel_ru.properties | 1 +
6 files changed, 10 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.java b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.java
index 45bdef3..dd2fb52 100644
--- a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.java
+++ b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.java
@@ -192,6 +192,8 @@ public class SAML2IdPsDirectoryPanel extends DirectoryPanel<
columns.add(new PropertyColumn<>(new ResourceModel("entityID"), "entityID", "entityID"));
columns.add(new BooleanPropertyColumn<>(
new ResourceModel("useDeflateEncoding"), "useDeflateEncoding", "useDeflateEncoding"));
+ columns.add(new BooleanPropertyColumn<>(
+ new ResourceModel("supportUnsolicited"), "supportUnsolicited", "supportUnsolicited"));
columns.add(new PropertyColumn<>(
new ResourceModel("bindingType"), "bindingType", "bindingType"));
columns.add(new BooleanPropertyColumn<>(
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/wizards/SAML2IdPWizardBuilder.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/wizards/SAML2IdPWizardBuilder.java b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/wizards/SAML2IdPWizardBuilder.java
index 5cafb9b..35eb5dc 100644
--- a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/wizards/SAML2IdPWizardBuilder.java
+++ b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/wizards/SAML2IdPWizardBuilder.java
@@ -117,6 +117,10 @@ public class SAML2IdPWizardBuilder extends AjaxWizardBuilder<SAML2IdPTO> {
"field", "useDeflateEncoding", new PropertyModel<>(idpTO, "useDeflateEncoding"), false);
fields.add(useDeflateEncoding);
+ AjaxCheckBoxPanel supportUnsolicited = new AjaxCheckBoxPanel(
+ "field", "supportUnsolicited", new PropertyModel<>(idpTO, "supportUnsolicited"), false);
+ fields.add(supportUnsolicited);
+
AjaxDropDownChoicePanel<SAML2BindingType> bindingType =
new AjaxDropDownChoicePanel<>("field", "bindingType",
new PropertyModel<>(idpTO, "bindingType"), false);
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.properties
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.properties b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.properties
index 97d8690..60b2a65 100644
--- a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.properties
+++ b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel.properties
@@ -16,6 +16,7 @@
# under the License.
entityID=Entity ID
useDeflateEncoding=Deflate Encoding
+supportUnsolicited=Support Unsolicited Logins
logoutSupported=Logout supported
any.edit=Edit ${entityID}
connObjectKeyValidation=There must be exactly one Remote Key
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_it.properties
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_it.properties b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_it.properties
index 76464c0..f1afdad 100644
--- a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_it.properties
+++ b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_it.properties
@@ -16,6 +16,7 @@
# under the License.
entityID=Entity ID
useDeflateEncoding=Deflate Encoding
+supportUnsolicited=Support Unsolicited Logins
logoutSupported=Logout supportato
any.edit=Modifica ${entityID}
connObjectKeyValidation=Deve essere definito esattamente una Chiave remota
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties
index d81f0a8..f7bedbe 100644
--- a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties
+++ b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_pt_BR.properties
@@ -16,6 +16,7 @@
# under the License.
entityID=Entity ID
useDeflateEncoding=Deflate Encoding
+supportUnsolicited=Support Unsolicited Logins
logoutSupported=Logout supported
any.edit=Alterar ${entityID}
connObjectKeyValidation=Precisa ser exatamente um Remote Key
http://git-wip-us.apache.org/repos/asf/syncope/blob/58983df1/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_ru.properties
----------------------------------------------------------------------
diff --git a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_ru.properties b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_ru.properties
index 8712eeb..311846b 100644
--- a/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_ru.properties
+++ b/ext/saml2sp/client-console/src/main/resources/org/apache/syncope/client/console/panels/SAML2IdPsDirectoryPanel_ru.properties
@@ -16,6 +16,7 @@
# under the License.
entityID=Entity ID
useDeflateEncoding=Deflate Encoding
+supportUnsolicited=Support Unsolicited Logins
logoutSupported=Logout supported
any.edit=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c ${entityID}
connObjectKeyValidation=\u0422\u0430\u043c \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u0440\u043e\u0432\u043d\u043e \u043e\u0434\u0438\u043d \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430