perfsonar-dev - perfsonar: r3186 - trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService
Subject: perfsonar development work
List archive
perfsonar: r3186 - trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService
Chronological Thread
- From:
- To:
- Subject: perfsonar: r3186 - trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService
- Date: Tue, 8 Jan 2008 04:52:19 -0500
Author: rodriguez
Date: 2008-01-08 04:52:19 -0500 (Tue, 08 Jan 2008)
New Revision: 3186
Modified:
trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService/AuthNAction.java
Log:
More log information
Modified:
trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService/AuthNAction.java
===================================================================
---
trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService/AuthNAction.java
2008-01-08 08:23:40 UTC (rev 3185)
+++
trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService/AuthNAction.java
2008-01-08 09:52:19 UTC (rev 3186)
@@ -2,6 +2,7 @@
import java.net.URI;
import java.security.cert.X509Certificate;
+import java.util.Iterator;
import net.geant.edugain.validation.ComponentID;
import net.geant.edugain.validation.Validator;
@@ -12,6 +13,9 @@
import org.ggf.ns.nmwg.base.v2_0.Metadata;
import org.ggf.ns.nmwg.base.v2_0.Parameter;
import org.opensaml.SAMLAssertion;
+import org.opensaml.SAMLAuthenticationStatement;
+import org.opensaml.SAMLStatement;
+import org.opensaml.SAMLSubject;
import org.perfsonar.base.exceptions.PerfSONARException;
import org.perfsonar.service.base.authn.tokens.SecTokenManagerFactory;
import org.perfsonar.service.base.authn.tokens.SecurityToken;
@@ -42,6 +46,7 @@
else {
Metadata metadata=getMetadataFromRequest(request);
Parameter
sentSecToken=metadata.getParameterByName(SEC_TOKEN_PARAM);
+ logger.info("Security Token:
"+sentSecToken.getParameterValue());
if (sentSecToken!=null&&
sentSecToken.getParameterValue()!=null&&
sentSecToken.getParameterValue().equals(AuthNAction.X509_ID)) {
@@ -73,12 +78,24 @@
logger.debug("AuthNAction: Getting the SAML assertion");
try {
SAMLAssertion assertion=(SAMLAssertion)stValue;
+ String issuer=assertion.getIssuer();
+ Iterator it=assertion.getStatements();
+ while (it.hasNext()) {
+ SAMLStatement
statement=(SAMLStatement)it.next();
+ if (statement instanceof
SAMLAuthenticationStatement) {
+ SAMLAuthenticationStatement
authSt=(SAMLAuthenticationStatement)statement;
+ SAMLSubject
subject=authSt.getSubject();
+ logger.info("AuthNAction: the issuer
'"+issuer+"' has sent an authN statement about
'"+subject.getNameIdentifier().getName()+"'");
+ }
+ }
+ logger.info("AuthNAction: Validating SAML assertion");
val.validate(assertion);
} catch (Throwable e) {
String m = "AuthNAction: the SAML assertion is not
valid";
logger.info(m);
throw new
PerfSONARException("error.authn.assertion_not_valid",m);
}
+ logger.info("AuthNAction: the SAML assertion is valid");
return getValidAuthNMessage(request);
}
@@ -96,6 +113,7 @@
logger.debug("AuthNAction: Getting the X509 certificate");
try {
X509Certificate cert=(X509Certificate)stValue;
+ logger.info("AuthNAction: subject DN:
'"+cert.getSubjectDN().toString()+"' issuer DN:
'"+cert.getIssuerDN().toString()+"'");
logger.info("AuthNAction: Validating X509
certificate");
ComponentID theUri=val.validate(cert);
} catch (Throwable e) {
@@ -104,6 +122,7 @@
logger.info(m);
throw new
PerfSONARException("error.authn.x509_not_valid",m);
}
+ logger.info("AuthNAction: the X509 certificate is valid");
return getValidAuthNMessage(request);
}
- perfsonar: r3186 - trunk/geant2_java-as/src/main/java/org/perfsonar/service/authService, svnlog, 01/08/2008
Archive powered by MHonArc 2.6.16.