You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2012/05/15 13:59:33 UTC
svn commit: r1338661 [1/2] - in /cxf/fediz/trunk: ./ examples/
examples/simpleWebapp/ examples/simpleWebapp/WebContent/
examples/simpleWebapp/src/main/config/ examples/wsclientWebapp/
examples/wsclientWebapp/webapp/ examples/wsclientWebapp/webapp/src/m...
Author: owulff
Date: Tue May 15 11:59:31 2012
New Revision: 1338661
URL: http://svn.apache.org/viewvc?rev=1338661&view=rev
Log:
[FEDIZ-10] improved federation configuration
Added:
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java
cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
Removed:
cxf/fediz/trunk/examples/simpleWebapp/WebContent/
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ObjectFactory.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ProtocolType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManagersType.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuers.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ValidationType.java
cxf/fediz/trunk/plugins/core/src/main/resources/configFile.xsd
Modified:
cxf/fediz/trunk/examples/pom.xml
cxf/fediz/trunk/examples/simpleWebapp/pom.xml
cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/wsclientWebapp/pom.xml
cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml
cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml
cxf/fediz/trunk/plugins/core/pom.xml
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java
cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config2.xml
cxf/fediz/trunk/plugins/pom.xml
cxf/fediz/trunk/plugins/tomcat/pom.xml
cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
cxf/fediz/trunk/pom.xml
cxf/fediz/trunk/services/idp/pom.xml
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/RPClaims.xml
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/beans.xml
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
cxf/fediz/trunk/services/pom.xml
cxf/fediz/trunk/services/sts/pom.xml
Modified: cxf/fediz/trunk/examples/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/pom.xml (original)
+++ cxf/fediz/trunk/examples/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,12 @@
<parent>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>examples</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
<name>Apache Fediz examples</name>
<packaging>pom</packaging>
Modified: cxf/fediz/trunk/examples/simpleWebapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,12 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>examples</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>simpleWebapp</artifactId>
- <name>Apache Fediz Webapp simple</name>
+ <name>Apache Fediz Examples - Webapp Simple</name>
<packaging>war</packaging>
<properties>
@@ -54,13 +54,13 @@
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-core</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-tomcat</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml Tue May 15 11:59:31 2012
@@ -4,11 +4,14 @@
<audienceUris>
<audienceItem>http://host_one:port/url</audienceItem>
</audienceUris>
- <certificateValidation>ChainTrust</certificateValidation>
+ <certificateStores>
+ <trustManager>
+ <keyStore file="conf/stsstore.jks" password="stsspass" type="JKS" />
+ </trustManager>
+ </certificateStores>
<trustedIssuers>
- <trustedIssuerItem provider=".*CN=www.sts.com.*">
- <keyStore file="/projects/fediz/tomcat-rp2/conf/stsstore.jks" password="stsspass" type="file" />
- </trustedIssuerItem>
+ <issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
+ name="DoubleItSTSIssuer" />
</trustedIssuers>
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Modified: cxf/fediz/trunk/examples/wsclientWebapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,11 +24,11 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>examples</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>wsclientWebapp</artifactId>
- <name>Apache Fediz Webapp WebService Client</name>
+ <name>Apache Fediz Examples - Webapp WS Client</name>
<packaging>pom</packaging>
<modules>
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,10 +24,10 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>wsclientWebapp</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<artifactId>webapp</artifactId>
- <name>Apache Fediz webservice Client Webapp</name>
+ <name>Apache Fediz Examples - Webapp WS Client - Webapp</name>
<packaging>war</packaging>
<properties>
@@ -55,13 +55,13 @@
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-core</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-tomcat</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml Tue May 15 11:59:31 2012
@@ -4,11 +4,14 @@
<audienceUris>
<audienceItem>http://host_one:port/url</audienceItem>
</audienceUris>
- <certificateValidation>ChainTrust</certificateValidation>
+ <certificateStores>
+ <trustManager>
+ <keyStore file="conf/stsstore.jks" password="stsspass" type="JKS" />
+ </trustManager>
+ </certificateStores>
<trustedIssuers>
- <trustedIssuerItem provider=".*CN=www.sts.com.*">
- <keyStore file="/projects/fediz/tomcat-rp2/conf/stsstore.jks" password="stsspass" type="file" />
- </trustedIssuerItem>
+ <issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
+ name="DoubleItSTSIssuer" />
</trustedIssuers>
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,11 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>webservice</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<groupId>org.apache.cxf.fediz.examples.webservice</groupId>
<artifactId>service-common</artifactId>
- <name>Apache Fediz Web Service common</name>
- <version>0.6-SNAPSHOT</version>
+ <name>Apache Fediz Examples - Webapp WS Client - Web Service Common</name>
<packaging>jar</packaging>
<dependencies>
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml Tue May 15 11:59:31 2012
@@ -24,11 +24,10 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>wsclientWebapp</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<artifactId>webservice</artifactId>
- <name>Apache Fediz wsclientwebapp - web service</name>
- <version>0.6-SNAPSHOT</version>
+ <name>Apache Fediz Examples - Webapp WS Client - Web Service</name>
<packaging>pom</packaging>
<properties>
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,11 @@
<parent>
<groupId>org.apache.cxf.fediz.examples</groupId>
<artifactId>webservice</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
</parent>
<groupId>org.apache.cxf.fediz.examples.webservice</groupId>
<artifactId>service-war</artifactId>
- <name>Apache Fediz Web Service implementation</name>
- <version>0.6-SNAPSHOT</version>
+ <name>Apache Fediz Examples - Webapp WS Client - Web Service Implementation</name>
<packaging>war</packaging>
<build>
Modified: cxf/fediz/trunk/plugins/core/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/pom.xml (original)
+++ cxf/fediz/trunk/plugins/core/pom.xml Tue May 15 11:59:31 2012
@@ -23,7 +23,7 @@
<parent>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz</artifactId>
- <version>0.6-SNAPSHOT</version>
+ <version>1.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<artifactId>fediz-core</artifactId>
@@ -64,8 +64,50 @@
<version>2.5</version>
<scope>provided</scope>
</dependency>
-
</dependencies>
-
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>com.sun.tools.xjc.maven2</groupId>
+ <artifactId>maven-jaxb-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>generate</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <schemaDirectory>${basedir}/src/main/resources</schemaDirectory>
+ <generatePackage>org.apache.cxf.fediz.core.config.jaxb</generatePackage>
+ <includeSchemas>
+ <includeSchema>**/FedizConfig.xsd</includeSchema>
+ </includeSchemas>
+ <excludeSchemas>
+ <excludeSchema>test*.xsd</excludeSchema>
+ </excludeSchemas>
+ <includeBindings>
+ <includeBinding>*.xjb</includeBinding>
+ </includeBindings>
+ <strict>true</strict>
+ <verbose>true</verbose>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-source-plugin</artifactId>
+ <version>2.1.2</version>
+ <executions>
+ <execution>
+ <id>attach-sources</id>
+ <phase>verify</phase>
+ <goals>
+ <goal>jar-no-fork</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
</project>
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java Tue May 15 11:59:31 2012
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletReq
import javax.xml.parsers.ParserConfigurationException;
import org.apache.cxf.fediz.core.config.FederationContext;
-import org.apache.cxf.fediz.core.config.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.FederationProtocol;
import org.apache.cxf.fediz.core.saml.SAMLTokenValidator;
import org.apache.cxf.fediz.core.util.DOMUtils;
import org.apache.ws.security.WSConstants;
@@ -254,7 +254,7 @@ public class FederationProcessorImpl imp
// }
try
{
- String issuerURL = ((FederationProtocolType) config.getProtocol()).getIssuer();
+ String issuerURL = ((FederationProtocol) config.getProtocol()).getIssuer();
if (issuerURL != null && issuerURL.length() > 0) {
redirectURL = issuerURL;
}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java Tue May 15 11:59:31 2012
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+
+public class Authentication {
+ private AuthenticationType authType = null;
+
+ public Authentication(AuthenticationType authType) {
+ super();
+ this.authType = authType;
+ }
+
+ protected AuthenticationType getAuthType() {
+ return authType;
+ }
+
+ protected void setAuthType(AuthenticationType authType) {
+ this.authType = authType;
+ }
+
+ public PropertyType getType() {
+ return PropertyType.fromValue(authType.getType().value());
+ }
+
+ public int hashCode() {
+ return authType.hashCode();
+ }
+
+ public void setType(PropertyType value) {
+ authType.setType(ArgumentType.fromValue(value.value()));
+ }
+
+ public String getValue() {
+ return authType.getValue();
+ }
+
+ public void setValue(String value) {
+ authType.setValue(value);
+ }
+
+ public boolean equals(Object obj) {
+ return authType.equals(obj);
+ }
+
+ public String toString() {
+ return authType.toString();
+ }
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java Tue May 15 11:59:31 2012
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.CertStoreType;
+
+public class CertStore {
+ private CertStoreType certStoreType = null;
+
+ public CertStore(CertStoreType certStoreType) {
+ super();
+ this.certStoreType = certStoreType;
+ }
+
+ protected CertStoreType getCertStoreType() {
+ return certStoreType;
+ }
+
+ protected void setCertStoreType(CertStoreType certStoreType) {
+ this.certStoreType = certStoreType;
+ }
+
+ public int hashCode() {
+ return certStoreType.hashCode();
+ }
+
+ public String getFile() {
+ return certStoreType.getFile();
+ }
+
+ public void setFile(String value) {
+ certStoreType.setFile(value);
+ }
+
+ public String getResource() {
+ return certStoreType.getResource();
+ }
+
+ public void setResource(String value) {
+ certStoreType.setResource(value);
+ }
+
+ public String getUrl() {
+ return certStoreType.getUrl();
+ }
+
+ public void setUrl(String value) {
+ certStoreType.setUrl(value);
+ }
+
+ public boolean equals(Object obj) {
+ return certStoreType.equals(obj);
+ }
+
+ public String toString() {
+ return certStoreType.toString();
+ }
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java Tue May 15 11:59:31 2012
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
+
+public enum CertificateValidationMethod {
+
+ PEER_TRUST("PeerTrust"),
+
+ CHAIN_TRUST("ChainTrust");
+ private final String value;
+
+ CertificateValidationMethod(String v) {
+ value = v;
+ }
+ CertificateValidationMethod(ValidationType type) {
+ value = type.value();
+ }
+
+ public String value() {
+ return value;
+ }
+
+ ValidationType validationType = null;
+
+ public static CertificateValidationMethod fromValue(String v) {
+ for (CertificateValidationMethod c: CertificateValidationMethod.values()) {
+ if (c.value.equals(v)) {
+ return c;
+ }
+ }
+ throw new IllegalArgumentException(v);
+ }
+
+
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java Tue May 15 11:59:31 2012
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+
+public class Claim {
+
+ private ClaimType claimType = null;
+
+ public Claim(ClaimType claimType) {
+ super();
+ this.claimType = claimType;
+ }
+
+ protected ClaimType getClaimType() {
+ return claimType;
+ }
+
+ protected void setClaimType(ClaimType claimType) {
+ this.claimType = claimType;
+ }
+
+ public boolean isOptional() {
+ return claimType.isOptional();
+ }
+
+ public int hashCode() {
+ return claimType.hashCode();
+ }
+
+ public void setOptional(boolean value) {
+ claimType.setOptional(value);
+ }
+
+ public String getType() {
+ return claimType.getType();
+ }
+
+ public void setType(String value) {
+ claimType.setType(value);
+ }
+
+ public boolean equals(Object obj) {
+ return claimType.equals(obj);
+ }
+
+ public String toString() {
+ return claimType.toString();
+ }
+
+
+
+}
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java Tue May 15 11:59:31 2012
@@ -20,10 +20,15 @@ package org.apache.cxf.fediz.core.config
import java.io.File;
import java.io.Reader;
import java.io.Writer;
+import java.util.ArrayList;
+import java.util.List;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
+
public class FederationConfigurator {
private FedizConfig rootConfig = null;
@@ -59,6 +64,14 @@ public class FederationConfigurator {
return jaxbContext;
}
+ public List<FederationContext> getFederationContextList(){
+ List<FederationContext> ctxList = new ArrayList<FederationContext>();
+ for (ContextConfig config : rootConfig.getContextConfig()) {
+ ctxList.add(new FederationContext(config));
+ }
+ return ctxList;
+ }
+
public FederationContext getFederationContext(String contextName) {
ContextConfig config = getContextConfig(contextName);
if (config == null) {
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java Tue May 15 11:59:31 2012
@@ -21,9 +21,15 @@ import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
+import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
import org.apache.cxf.fediz.core.exception.IllegalConfigurationException;
public class FederationContext {
@@ -42,24 +48,41 @@ public class FederationContext {
return config.getAudienceUris().getAudienceItem();
}
- public ValidationType getCertificateValidation() {
- return config.getCertificateValidation();
- }
-
- public TrustedIssuers getTrustedIssuers() {
- return config.getTrustedIssuers();
+ public List<TrustedIssuer> getTrustedIssuers(){
+ TrustedIssuers issuers = config.getTrustedIssuers();
+ List<TrustedIssuerType> trustManagers = issuers.getIssuer();
+ List<TrustedIssuer> trustedIssuers = new ArrayList<TrustedIssuer>();
+ for(TrustedIssuerType manager:trustManagers){
+ trustedIssuers.add(new TrustedIssuer(manager));
+ }
+ return trustedIssuers;
+ }
+
+
+ public List<TrustManager> getCertificateStores(){
+ CertificateStores certStores = config.getCertificateStores();
+ List<TrustManagersType> trustManagers = certStores.getTrustManager();
+ List<TrustManager> trustedIssuers = new ArrayList<TrustManager>();
+ for(TrustManagersType manager:trustManagers){
+ trustedIssuers.add(new TrustManager(manager));
+ }
+ return trustedIssuers;
}
-
+
public BigInteger getMaximumClockSkew() {
return config.getMaximumClockSkew();
}
- public TrustManagersType getServiceCertificate() {
- return config.getServiceCertificate();
- }
-
- public ProtocolType getProtocol() {
- return config.getProtocol();
+// public TrustManager getServiceCertificate() {
+// return new TrustManager(config.getServiceCertificate());
+// }
+
+ public Protocol getProtocol() {
+ ProtocolType type = config.getProtocol();
+ if(type instanceof FederationProtocolType){
+ return new FederationProtocol(type);
+ }
+ return null;
}
public String getName() {
@@ -86,18 +109,20 @@ public class FederationContext {
this.detectReplayedTokens = detectReplayedTokens;
}
+ /*
public List<String> getTrustedIssuersNames() {
TrustedIssuers issuers = config.getTrustedIssuers();
List<String> issuerNames = new ArrayList<String>();
if (issuers != null) {
for (TrustManagersType t : issuers.getTrustedIssuerItem()) {
- issuerNames.add(t.getProvider());
+ issuerNames.add(t.getName());
}
return issuerNames;
} else {
return Collections.<String> emptyList();
}
}
+ */
public URI getRoleURI() {
ProtocolType pt = config.getProtocol();
@@ -127,19 +152,22 @@ public class FederationContext {
"No FederationProtocolType found");
}
+ /*
public String getTrustStoreFile() {
- KeyStoreType storeType = getTrustStore();
+ KeyStore storeType = getTrustStore();
return storeType.getFile();
}
public String getTrustStorePassword() {
- KeyStoreType storeType = getTrustStore();
+ KeyStore storeType = getTrustStore();
return storeType.getPassword();
}
+
+
+ private KeyStore getTrustStore() {
- private KeyStoreType getTrustStore() {
- List<TrustManagersType> managers = config.getTrustedIssuers()
- .getTrustedIssuerItem();
+ List<TrustManager> managers = getTrustedIssuers();
+
if (managers == null) {
throw new IllegalConfigurationException(
"No Trusted Issuers Keystore found");
@@ -148,9 +176,11 @@ public class FederationContext {
throw new IllegalConfigurationException(
"Only one Trusted Issuer Keystore supported");
}
- TrustManagersType trustManager = managers.get(0);
+
+ TrustManager trustManager = managers.get(0);
return trustManager.getKeyStore();
}
+ */
public void setRelativePath(String relativePath) {
this.relativePath = relativePath;
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java Tue May 15 11:59:31 2012
@@ -0,0 +1,151 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+
+public class FederationProtocol extends Protocol {
+
+ public FederationProtocol(ProtocolType protocolType) {
+ super(protocolType);
+ }
+
+ protected FederationProtocolType getFederationProtocol() {
+ return (FederationProtocolType)super.getProtocolType();
+ }
+
+ protected void setFederationProtocol(FederationProtocolType federationProtocol) {
+ super.setProtocolType(federationProtocol);
+ }
+
+ public int hashCode() {
+ return getFederationProtocol().hashCode();
+ }
+
+ public String getRealm() {
+ return getFederationProtocol().getRealm();
+ }
+
+ public void setRealm(String value) {
+ getFederationProtocol().setRealm(value);
+ }
+
+ public String getIssuer() {
+ return getFederationProtocol().getIssuer();
+ }
+
+ public boolean equals(Object obj) {
+ return getFederationProtocol().equals(obj);
+ }
+
+ public void setIssuer(String value) {
+ getFederationProtocol().setIssuer(value);
+ }
+
+ public String getRoleDelimiter() {
+ return getFederationProtocol().getRoleDelimiter();
+ }
+
+ public void setRoleDelimiter(String value) {
+ getFederationProtocol().setRoleDelimiter(value);
+ }
+
+ public String getRoleURI() {
+ return getFederationProtocol().getRoleURI();
+ }
+
+ public void setRoleURI(String value) {
+ getFederationProtocol().setRoleURI(value);
+ }
+
+ public Authentication getAuthenticationType() {
+ return new Authentication(getFederationProtocol().getAuthenticationType());
+ }
+
+ public void setAuthenticationType(Authentication value) {
+ getFederationProtocol().setAuthenticationType(value.getAuthType());
+ }
+
+ public HomeRealm getHomeRealm() {
+ return new HomeRealm(getFederationProtocol().getHomeRealm());
+ }
+
+ public void setHomeRealm(HomeRealm value) {
+ getFederationProtocol().setHomeRealm(value.getHomeRealm());
+ }
+
+ public String getFreshness() {
+ return getFederationProtocol().getFreshness();
+ }
+
+ public void setFreshness(String value) {
+ getFederationProtocol().setFreshness(value);
+ }
+
+ public String getReply() {
+ return getFederationProtocol().getReply();
+ }
+
+ public void setReply(String value) {
+ getFederationProtocol().setReply(value);
+ }
+
+ public String getRequest() {
+ return getFederationProtocol().getRequest();
+ }
+
+ public void setRequest(String value) {
+ getFederationProtocol().setRequest(value);
+ }
+
+ public List<Claim> getClaimTypesRequested() {
+ ClaimTypesRequested claimsRequested = getFederationProtocol().getClaimTypesRequested();
+ List<Claim> claims = new ArrayList<Claim>();
+ for(ClaimType c:claimsRequested.getClaimType() ){
+ claims.add(new Claim(c));
+ }
+ return claims;
+ }
+
+ public void setClaimTypesRequested(ClaimTypesRequested value) {
+ getFederationProtocol().setClaimTypesRequested(value);
+ }
+
+ public List<String> getSecurityTokenValidators() {
+ return getFederationProtocol().getSecurityTokenValidators();
+ }
+
+ public String getVersion() {
+ return getFederationProtocol().getVersion();
+ }
+
+ public void setVersion(String value) {
+ getFederationProtocol().setVersion(value);
+ }
+
+ public String toString() {
+ return getFederationProtocol().toString();
+ }
+
+}
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java Tue May 15 11:59:31 2012
@@ -1,89 +1,51 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2012.03.28 at 02:33:06 PM CEST
-//
-
package org.apache.cxf.fediz.core.config;
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- * <p>
- * Java class for anonymous complex type.
- *
- * <p>
- * The following schema fragment specifies the expected content contained within
- * this class.
- *
- * <pre>
- * <complexType>
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <attribute name="type" use="required" type="{}argumentType" />
- * <attribute name="value" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "")
-@XmlRootElement(name = "homeRealm")
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+
public class HomeRealm {
+ private org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm = null;
+
+ public HomeRealm(org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm) {
+ super();
+ this.homeRealm = homeRealm;
+ }
+
+ protected org.apache.cxf.fediz.core.config.jaxb.HomeRealm getHomeRealm() {
+ return homeRealm;
+ }
+
+ protected void setHomeRealm(org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm) {
+ this.homeRealm = homeRealm;
+ }
- @XmlAttribute(name = "type", required = true)
- protected ArgumentType type;
- @XmlAttribute(name = "value", required = true)
- protected String value;
-
- /**
- * Gets the value of the type property.
- *
- * @return possible object is {@link ArgumentType }
- *
- */
public ArgumentType getType() {
- return type;
+ return homeRealm.getType();
+ }
+
+ public int hashCode() {
+ return homeRealm.hashCode();
}
- /**
- * Sets the value of the type property.
- *
- * @param value
- * allowed object is {@link ArgumentType }
- *
- */
public void setType(ArgumentType value) {
- this.type = value;
+ homeRealm.setType(value);
}
- /**
- * Gets the value of the value property.
- *
- * @return possible object is {@link String }
- *
- */
public String getValue() {
- return value;
+ return homeRealm.getValue();
}
- /**
- * Sets the value of the value property.
- *
- * @param value
- * allowed object is {@link String }
- *
- */
public void setValue(String value) {
- this.value = value;
+ homeRealm.setValue(value);
+ }
+
+ public boolean equals(Object obj) {
+ return homeRealm.equals(obj);
+ }
+
+ public String toString() {
+ return homeRealm.toString();
}
-}
+
+
+}
\ No newline at end of file
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java Tue May 15 11:59:31 2012
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
+
+public class KeyStore {
+ private KeyStoreType kesyStoreType = null;
+
+ public KeyStore(KeyStoreType kesyStoreType) {
+ super();
+ this.kesyStoreType = kesyStoreType;
+ }
+
+ protected KeyStoreType getKesyStoreType() {
+ return kesyStoreType;
+ }
+
+ protected void setKesyStoreType(KeyStoreType kesyStoreType) {
+ this.kesyStoreType = kesyStoreType;
+ }
+
+ public String getType() {
+ return kesyStoreType.getType();
+ }
+
+ public void setType(String value) {
+ kesyStoreType.setType(value);
+ }
+
+ public String getPassword() {
+ return kesyStoreType.getPassword();
+ }
+
+ public void setPassword(String value) {
+ kesyStoreType.setPassword(value);
+ }
+
+ public String getProvider() {
+ return kesyStoreType.getProvider();
+ }
+
+ public void setProvider(String value) {
+ kesyStoreType.setProvider(value);
+ }
+
+ public String getUrl() {
+ return kesyStoreType.getUrl();
+ }
+
+ public void setUrl(String value) {
+ kesyStoreType.setUrl(value);
+ }
+
+ public String getFile() {
+ return kesyStoreType.getFile();
+ }
+
+ public void setFile(String value) {
+ kesyStoreType.setFile(value);
+ }
+
+ public String getResource() {
+ return kesyStoreType.getResource();
+ }
+
+ public void setResource(String value) {
+ kesyStoreType.setResource(value);
+ }
+
+ public int hashCode() {
+ return kesyStoreType.hashCode();
+ }
+
+ public boolean equals(Object obj) {
+ return kesyStoreType.equals(obj);
+ }
+
+ public String toString() {
+ return kesyStoreType.toString();
+ }
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java Tue May 15 11:59:31 2012
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+
+public enum PropertyType {
+ CLASS("Class"),
+
+ STRING("String");
+ private final String value;
+
+
+
+ PropertyType(String v) {
+ value = v;
+ }
+
+
+ PropertyType(ArgumentType arg) {
+ value = arg.value();
+ }
+
+ public String value() {
+ return value;
+ }
+
+ public static PropertyType fromValue(String v) {
+ for (PropertyType c: PropertyType.values()) {
+ if (c.value.equals(v)) {
+ return c;
+ }
+ }
+ throw new IllegalArgumentException(v);
+ }
+
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java Tue May 15 11:59:31 2012
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+
+public abstract class Protocol {
+ private ProtocolType protocolType = null;
+
+ public Protocol(ProtocolType protocolType) {
+ super();
+ this.protocolType = protocolType;
+ }
+
+ protected ProtocolType getProtocolType() {
+ return protocolType;
+ }
+
+ protected void setProtocolType(ProtocolType protocolType) {
+ this.protocolType = protocolType;
+ }
+
+ public int hashCode() {
+ return protocolType.hashCode();
+ }
+
+ public boolean equals(Object obj) {
+ return protocolType.equals(obj);
+ }
+
+ public String toString() {
+ return protocolType.toString();
+ }
+
+
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java Tue May 15 11:59:31 2012
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+
+public class TrustManager {
+ private TrustManagersType trustManagerType = null;
+
+
+ public TrustManager(TrustManagersType trustManagerType) {
+ super();
+ this.trustManagerType = trustManagerType;
+ }
+
+
+
+ public KeyStore getKeyStore() {
+ return new KeyStore(trustManagerType.getKeyStore());
+ }
+
+ public void setKeyStore(KeyStore keyStore) {
+ trustManagerType.setKeyStore(keyStore.getKesyStoreType());
+ }
+
+
+
+ public String getProvider() {
+ return trustManagerType.getProvider();
+ }
+
+ public void setProvider(String value) {
+ trustManagerType.setProvider(value);
+ }
+
+ public int hashCode() {
+ return trustManagerType.hashCode();
+ }
+
+ public boolean equals(Object obj) {
+ return trustManagerType.equals(obj);
+ }
+
+ public String toString() {
+ return trustManagerType.toString();
+ }
+
+
+}
Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java Tue May 15 11:59:31 2012
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
+
+public class TrustedIssuer {
+ private TrustedIssuerType trustedIssuerType = null;
+
+
+ public TrustedIssuer(TrustedIssuerType trustedIssuerType) {
+ super();
+ this.trustedIssuerType = trustedIssuerType;
+ }
+
+ public String getName() {
+ return trustedIssuerType.getName();
+ }
+
+ public void setName(String name) {
+ trustedIssuerType.setName(name);
+ }
+
+ public String getSubject() {
+ return trustedIssuerType.getSubject();
+ }
+
+ public void setSubject(String subject) {
+ trustedIssuerType.setSubject(subject);
+ }
+
+ public CertificateValidationMethod getCertificateValidationMethod() {
+ if (ValidationType.CHAIN_TRUST.equals(trustedIssuerType.getCertificateValidation())) {
+ return CertificateValidationMethod.CHAIN_TRUST;
+ } else if (ValidationType.PEER_TRUST.equals(trustedIssuerType.getCertificateValidation())) {
+ return CertificateValidationMethod.PEER_TRUST;
+ } else {
+ throw new IllegalStateException("Not supported certificate validation type");
+ }
+ }
+
+ public void setCertificateValidationMethod(CertificateValidationMethod validationMethod) {
+ if (CertificateValidationMethod.CHAIN_TRUST.equals(validationMethod)) {
+ trustedIssuerType.setCertificateValidation(ValidationType.CHAIN_TRUST);
+ } else if (CertificateValidationMethod.PEER_TRUST.equals(validationMethod)) {
+ trustedIssuerType.setCertificateValidation(ValidationType.PEER_TRUST);
+ } else {
+ throw new IllegalStateException("Not supported certificate validation type");
+ }
+ }
+
+
+
+ public int hashCode() {
+ return trustedIssuerType.hashCode();
+ }
+
+ public boolean equals(Object obj) {
+ return trustedIssuerType.equals(obj);
+ }
+
+ public String toString() {
+ return trustedIssuerType.toString();
+ }
+
+
+}
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java Tue May 15 11:59:31 2012
@@ -1,7 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.apache.cxf.fediz.core.exception;
public class IllegalConfigurationException extends RuntimeException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 6273022567957710601L;
+
public IllegalConfigurationException() {
super();
}
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java Tue May 15 11:59:31 2012
@@ -38,6 +38,9 @@ import org.apache.cxf.fediz.core.ClaimCo
import org.apache.cxf.fediz.core.TokenValidator;
import org.apache.cxf.fediz.core.TokenValidatorResponse;
import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.KeyStore;
+import org.apache.cxf.fediz.core.config.TrustManager;
+import org.apache.cxf.fediz.core.config.TrustedIssuer;
import org.apache.ws.security.SAMLTokenPrincipal;
import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSPasswordCallback;
@@ -76,15 +79,24 @@ public class SAMLTokenValidator implemen
FederationContext config) {
try {
- String trustStoreFile = config.getTrustStoreFile();
+ String trustStoreFile;
+ String trustStorePw;
+ //[TODO] Support more than one truststore
+ TrustManager tm = config.getCertificateStores().get(0);
+ KeyStore ks = tm.getKeyStore();
+ if (ks.getFile() != null && !ks.getFile().isEmpty()) {
+ trustStoreFile = ks.getFile();
+ trustStorePw = ks.getPassword();
+ } else {
+ throw new IllegalStateException("No certificate store configured");
+ }
File f = new File(trustStoreFile);
if (!f.exists() && config.getRelativePath() != null && !config.getRelativePath().isEmpty()) {
- trustStoreFile = config.getRelativePath().concat(File.separator + config.getTrustStoreFile());
+ trustStoreFile = config.getRelativePath().concat(File.separator + trustStoreFile);
}
- Properties sigProperties = createCryptoProviderProperties(
- trustStoreFile, config.getTrustStorePassword());
+ Properties sigProperties = createCryptoProviderProperties(trustStoreFile, trustStorePw);
Crypto sigCrypto = CryptoFactory.getInstance(sigProperties);
RequestData requestData = new RequestData();
@@ -122,9 +134,10 @@ public class SAMLTokenValidator implemen
cert = trustCredential.getCertificates()[0];
}
- // List<String> subjectConstraints =
- // Arrays.asList(config.getTrustedIssuer());
- List<String> subjectConstraints = config.getTrustedIssuersNames();
+ // [TODO] Support more than one trusted issuer
+ List<TrustedIssuer> trustedIssuers = config.getTrustedIssuers();
+ TrustedIssuer ti = trustedIssuers.get(0);
+ List<String> subjectConstraints = Collections.singletonList(ti.getSubject());
CertConstraintsParser certConstraints = new CertConstraintsParser();
certConstraints.setSubjectConstraints(subjectConstraints);
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.apache.cxf.fediz.core.spi;
import javax.security.auth.callback.Callback;
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.apache.cxf.fediz.core.spi;
import java.net.URL;
Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.apache.cxf.fediz.core.spi;
import javax.servlet.http.HttpServletRequest;
Added: cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd (added)
+++ cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd Tue May 15 11:59:31 2012
@@ -0,0 +1,389 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ elementFormDefault="qualified" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <xs:element name="FedizConfig">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element ref="contextConfig" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="contextConfig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="audienceUris" />
+ <xs:element ref="certificateValidation" />
+ <xs:element ref="certificateStores" />
+ <xs:element ref="maximumClockSkew" />
+ <xs:element ref="serviceCertificate" />
+ <xs:element ref="trustedIssuers" />
+ <xs:element ref="protocol" />
+ </xs:sequence>
+ <xs:attribute name="name" use="required" type="xs:string" />
+
+ </xs:complexType>
+ </xs:element>
+
+ <!-- <xs:element name="trustedIssuerItem" type="TrustManagersType" /> <xs:element
+ name="trustedIssuers"> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element ref="trustedIssuerItem" /> </xs:sequence> </xs:complexType> </xs:element> -->
+
+ <xs:element name="trustedIssuers">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element name="issuer" type="TrustedIssuerType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="TrustedIssuerType">
+ <xs:attribute name="name" type="xs:string" use="optional" />
+ <xs:attribute name="certificateValidation" type="validationType"
+ use="optional" />
+ <xs:attribute name="subject" type="xs:string" use="optional" />
+ </xs:complexType>
+
+ <xs:element name="certificateStores">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element name="trustManager" type="TrustManagersType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+ <!-- <xs:element name="audienceUris" type="xs:anyURI"/> -->
+ <xs:element name="audienceUris">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element ref="audienceItem" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="audienceItem" type="xs:anyURI" />
+
+ <xs:element name="certificateValidation" type="validationType" />
+
+ <xs:simpleType name="validationType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="PeerTrust" />
+ <xs:enumeration value="ChainTrust" />
+ </xs:restriction>
+ </xs:simpleType>
+
+
+
+ <xs:element name="maximumClockSkew" type="xs:integer" />
+
+ <!-- keystore type -->
+ <xs:element name="serviceCertificate" type="KeyManagersType" />
+
+ <xs:element name="protocol" type="protocolType" />
+
+ <xs:complexType name="federationProtocolType">
+ <xs:complexContent>
+ <xs:extension base="protocolType">
+ <xs:sequence>
+ <xs:element ref="realm" />
+ <xs:element ref="issuer" />
+ <xs:element ref="roleDelimiter" />
+ <xs:element ref="roleURI" />
+ <xs:element ref="authenticationType" />
+ <xs:element ref="homeRealm" />
+ <xs:element ref="freshness" />
+ <xs:element ref="reply" />
+ <xs:element ref="request" />
+ <xs:element ref="claimTypesRequested" />
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element ref="securityTokenValidators" />
+ </xs:sequence>
+ </xs:sequence>
+ <!-- <xs:attribute name="roleDelimiter" type="xs:string"/> -->
+ <!--<xs:attribute name="roleURI" use="required" type="xs:string"/> -->
+ <xs:attribute name="version" use="required" type="xs:string" />
+ <!--<xs:attribute name="realm" use="required" type="xs:string"/> -->
+ <!--<xs:attribute name="freshness" use="required" type="xs:string"/> -->
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+
+ <xs:element name="roleDelimiter" type="xs:string" />
+ <xs:element name="roleURI" type="xs:string" />
+ <xs:element name="realm" type="xs:string" />
+ <xs:element name="issuer" type="xs:anyURI" />
+ <xs:element name="freshness" type="xs:string" />
+
+ <xs:complexType name="protocolType" abstract="true" />
+
+ <xs:element name="homeRealm">
+ <xs:complexType>
+ <xs:attribute name="type" use="required" type="argumentType" />
+ <xs:attribute name="value" use="required" type="xs:string" />
+ </xs:complexType>
+ </xs:element>
+
+
+ <xs:element name="authenticationType">
+ <xs:complexType>
+ <xs:attribute name="type" use="required" type="argumentType" />
+ <xs:attribute name="value" use="required" type="xs:string" />
+ </xs:complexType>
+ </xs:element>
+
+ <xs:simpleType name="argumentType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="Class" />
+ <xs:enumeration value="String" />
+ </xs:restriction>
+ </xs:simpleType>
+
+ <xs:element name="reply" type="xs:string" />
+
+ <xs:element name="request" type="xs:string" />
+
+ <xs:element name="claimTypesRequested">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="unbounded">
+ <xs:element ref="claimType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="claimType">
+ <xs:complexType>
+ <xs:attribute name="optional" use="required" type="optionalType" />
+ <xs:attribute name="type" use="required" type="xs:string" />
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="securityTokenValidators" type="xs:string" />
+
+ <xs:simpleType name="optionalType">
+ <xs:restriction base="xs:boolean" />
+ </xs:simpleType>
+
+
+ <xs:complexType name="TrustManagersType">
+ <xs:annotation>
+ <xs:documentation>
+ This structure contains the specification of JSSE
+ TrustManagers for
+ a single Keystore used for trusted certificates.
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence minOccurs="1" maxOccurs="1">
+ <xs:element name="keyStore" type="KeyStoreType" minOccurs="1">
+ <xs:annotation>
+ <xs:documentation>
+ This element contains the KeyStore used as a
+ trust
+ store.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="provider" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the KeyManagers provider
+ name.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="factoryAlgorithm" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the algorithm the KeyManagers Factory
+ will use in creating the KeyManagers from the KeyStore. Most
+ common examples are "PKIX".
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+
+ <xs:complexType name="KeyStoreType">
+ <xs:annotation>
+ <xs:documentation>
+ A KeyStoreType represents the information needed to
+ load a collection
+ of key and certificate material from a desired
+ location.
+ The "url", "file", and "resource" attributes are intended
+ to be
+ mutually exclusive, though this assumption is not encoded in
+ schema.
+ The precedence order observed by the runtime is
+ 1) "file", 2)
+ "resource", and 3) "url".
+ </xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="type" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the type of the keystore.
+ It is highly correlated to the provider. Most common examples
+ are
+ "jks" "pkcs12".
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="password" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifes the integrity password for
+ the keystore.
+ This is not the password that unlock keys within the
+ keystore.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="provider" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the keystore
+ implementation provider.
+ Most common examples are "SUN".
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="url" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the URL location of the
+ keystore.
+ This element should be a properly accessible URL, such as
+ "http://..." "file:///...", etc. Only one attribute of
+ "url",
+ "file", or "resource" is allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="file" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the File location of the
+ keystore.
+ This element should be a properly accessible file from the
+ working directory. Only one attribute of
+ "url", "file", or
+ "resource" is allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="resource" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the Resource location of
+ the keystore.
+ This element should be a properly accessible on the
+ classpath.
+ Only one attribute of "url", "file", or "resource" is
+ allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+
+ <xs:complexType name="CertStoreType">
+ <xs:annotation>
+ <xs:documentation>
+ A CertStoreType represents a catenated sequence of
+ X.509 certificates,
+ in PEM or DER format.
+ The "url", "file", and
+ "resource" attributes are intended to be
+ mutually exclusive, though
+ this assumption is not encoded in schema.
+ The precedence order
+ observed by the runtime is
+ 1) "file", 2) "resource", and 3) "url".
+ </xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="file" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the File location of the
+ certificate store.
+ This element should be a properly accessible file
+ from the working directory. Only one attribute of
+ "url", "file", or
+ "resource" is allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="resource" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the Resource location of
+ the certificate store.
+ This element should be a properly accessible
+ on the classpath.
+ Only one attribute of "url", "file", or "resource"
+ is allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="url" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute specifies the URL location of the
+ certificate store.
+ This element should be a properly accessible URL,
+ such as
+ "http://..." "file:///...", etc. Only one attribute of
+ "url", "file", or "resource" is allowed.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+
+
+
+ <xs:complexType name="KeyManagersType">
+ <xs:annotation>
+ <xs:documentation>
+ This structure specifies the JSSE based KeyManagers
+ for a single Keystore.
+ </xs:documentation>
+ </xs:annotation>
+
+ <xs:sequence>
+ <xs:element name="keyStore" type="KeyStoreType" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>
+ This element specified the Keystore for these
+ JSSE KeyManagers.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="keyPassword" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the password that unlocks
+ the keys within the keystore.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="provider" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the KeyManagers provider name.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="factoryAlgorithm" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the algorithm the KeyManagers Factory
+ will use in creating the KeyManagers from the KeyStore. Most
+ common examples are "PKIX".
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+
+
+</xs:schema>
Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java Tue May 15 11:59:31 2012
@@ -9,12 +9,28 @@ import java.math.BigInteger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
+import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
+import org.apache.cxf.fediz.core.config.jaxb.HomeRealm;
+import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
import org.junit.Assert;
public class FedizConfigurationTest {
private static final String ISSUER = "http://url_to_the_issuer";
private static final String PROTOCOL_VERSION = "1.0.0";
+ //private static final String REQUEST = "request value";
private static final String REPLY = "reply value";
private static final String TARGET_REALM = "target realm";
private static final String HOME_REALM_CLASS = "org.apache.fediz.realm.MyHomeRealm.class";
@@ -22,20 +38,13 @@ public class FedizConfigurationTest {
private static final String CONFIG_NAME = "ROOT";
private static final String CLOCK_SKEW = "1000";
- private static final String KEYSTORE_FILE = "/path/keystore.jks";
- private static final String FACTORY_ALGORITHM_1 = "factory algorithm 1";
- private static final String FACTORY_ALGORITHM_2 = "factory algorithm 2";
- private static final String RESOURCE_TYPE = "resource";
- private static final String FILE_TYPE = "file";
private static final String KEYSTORE_PASSWORD_1 = "passw0rd1";
private static final String KEYSTORE_RESOURCE_PATH_1 = "org.apache.fediz.kestore1";
private static final String KEYSTORE_PASSWORD_2 = "passw0rd2";
private static final String KEYSTORE_RESOURCE_PATH_2 = "org.apache.fediz.kestore2";
private static final String KEYSTORE_PASSWORD_3 = "passw0rd3";
private static final String KEYSTORE_RESOURCE_PATH_3 = "org.apache.fediz.kestore3";
- private static final String CERT_STORE_FILE_1 = "/path/truststore.jks";
- private static final String CERT_STORE_FILE_2 = "/path/keyfile.pem";
private static final String AUTH_TYPE_VALUE = "some auth type";
private static final String AUDIENCE_URI_1 = "http://host_one:port/url";
@@ -46,6 +55,10 @@ public class FedizConfigurationTest {
private static final String ROLE_URI = "http://someserver:8080/path/roles.uri";
private static final String CLAIM_TYPE_1 = "a particular claim type";
private static final String CLAIM_TYPE_2 = "a second particular claim type";
+ private static final String SUBJECT_VALUE_1 = ".*CN=www.sts1.com.*";
+ private static final String SUBJECT_VALUE_2 = ".*CN=www.sts2.com.*";
+ private static final String SUBJECT_VALUE_3 = ".*CN=www.sts3.com.*";
+
private static final String CONFIG_FILE = "./fedizconfig.xml";
@@ -57,59 +70,62 @@ public class FedizConfigurationTest {
config.setName(CONFIG_NAME);
config.setMaximumClockSkew(new BigInteger(CLOCK_SKEW));
- config.setCertificateValidation(ValidationType.CHAIN_TRUST);
-
- TrustManagersType tm0 = new TrustManagersType();
-
- CertStoreType cs0 = new CertStoreType();
- cs0.setFile(KEYSTORE_FILE);
- tm0.setCertStore(cs0);
- tm0.setFactoryAlgorithm(FACTORY_ALGORITHM_1);
+ CertificateStores certStores = new CertificateStores();
+
+ TrustManagersType tm0 = new TrustManagersType();
KeyStoreType ks0 = new KeyStoreType();
- ks0.setType(RESOURCE_TYPE);
+ ks0.setType("JKS");
ks0.setPassword(KEYSTORE_PASSWORD_1);
ks0.setResource(KEYSTORE_RESOURCE_PATH_1);
-
tm0.setKeyStore(ks0);
-
- config.setServiceCertificate(tm0);
-
- FederationProtocolType protocol = new FederationProtocolType();
- config.setProtocol(protocol);
-
- TrustedIssuers trustedIssuer = new TrustedIssuers();
-
+
+ certStores.getTrustManager().add(tm0);
+
TrustManagersType tm1 = new TrustManagersType();
- CertStoreType cs1 = new CertStoreType();
- cs1.setFile(CERT_STORE_FILE_1);
- tm1.setCertStore(cs1);
- tm1.setFactoryAlgorithm(FACTORY_ALGORITHM_2);
-
KeyStoreType ks1 = new KeyStoreType();
- ks1.setType(RESOURCE_TYPE);
+ ks1.setType("JKS");
ks1.setPassword(KEYSTORE_PASSWORD_2);
ks1.setResource(KEYSTORE_RESOURCE_PATH_2);
-
tm1.setKeyStore(ks1);
- trustedIssuer.getTrustedIssuerItem().add(tm1);
-
+
+ certStores.getTrustManager().add(tm1);
+
TrustManagersType tm2 = new TrustManagersType();
-
- CertStoreType cs2 = new CertStoreType();
- cs2.setFile(CERT_STORE_FILE_2);
- tm2.setCertStore(cs2);
- tm2.setFactoryAlgorithm(FACTORY_ALGORITHM_2);
-
KeyStoreType ks2 = new KeyStoreType();
- ks2.setType(FILE_TYPE);
+ ks2.setType("JKS");
ks2.setPassword(KEYSTORE_PASSWORD_3);
ks2.setResource(KEYSTORE_RESOURCE_PATH_3);
-
tm2.setKeyStore(ks2);
- trustedIssuer.getTrustedIssuerItem().add(tm2);
+
+ certStores.getTrustManager().add(tm2);
+
+ config.setCertificateStores(certStores);
+
+ TrustedIssuers trustedIssuers = new TrustedIssuers();
+
+ TrustedIssuerType ti0 = new TrustedIssuerType();
+ ti0.setCertificateValidation(ValidationType.CHAIN_TRUST);
+ ti0.setName("issuer1");
+ ti0.setSubject(SUBJECT_VALUE_1);
+ trustedIssuers.getIssuer().add(ti0);
+
+ TrustedIssuerType ti1 = new TrustedIssuerType();
+ ti1.setCertificateValidation(ValidationType.CHAIN_TRUST);
+ ti1.setName("issuer1");
+ ti1.setSubject(SUBJECT_VALUE_2);
+ trustedIssuers.getIssuer().add(ti1);
+
+ TrustedIssuerType ti2 = new TrustedIssuerType();
+ ti2.setCertificateValidation(ValidationType.CHAIN_TRUST);
+ ti2.setName("issuer1");
+ ti2.setSubject(SUBJECT_VALUE_3);
+ trustedIssuers.getIssuer().add(ti2);
+
+ config.setTrustedIssuers(trustedIssuers);
- config.setTrustedIssuers(trustedIssuer);
+ FederationProtocolType protocol = new FederationProtocolType();
+ config.setProtocol(protocol);
AuthenticationType authType = new AuthenticationType();
authType.setType(ArgumentType.STRING);
@@ -164,7 +180,7 @@ public class FedizConfigurationTest {
StringWriter writer = new StringWriter();
jaxbContext.createMarshaller().marshal(configOut, writer);
-
+
StringReader reader = new StringReader(writer.toString());
jaxbContext.createUnmarshaller().unmarshal(reader);
}