perfsonar-dev - perfsonar: r3187 - trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn
Subject: perfsonar development work
List archive
perfsonar: r3187 - trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn
Chronological Thread
- From:
- To:
- Subject: perfsonar: r3187 - trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn
- Date: Tue, 8 Jan 2008 04:53:25 -0500
Author: rodriguez
Date: 2008-01-08 04:53:23 -0500 (Tue, 08 Jan 2008)
New Revision: 3187
Modified:
trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/WSSAuthNSAMLData.java
Log:
Adding the subject in the SAML authentication statement
Modified:
trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/WSSAuthNSAMLData.java
===================================================================
---
trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/WSSAuthNSAMLData.java
2008-01-08 09:52:19 UTC (rev 3186)
+++
trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn/WSSAuthNSAMLData.java
2008-01-08 09:53:23 UTC (rev 3187)
@@ -3,18 +3,23 @@
import java.security.PrivateKey;
import java.util.Collection;
import java.util.Date;
+import java.util.Iterator;
import org.apache.axis.Message;
import org.apache.axis.message.SOAPBodyElement;
import org.apache.axis.message.SOAPEnvelope;
+import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSAMLToken;
+import org.apache.ws.security.message.WSSecTimestamp;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAudienceRestrictionCondition;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
+import org.opensaml.SAMLNameIdentifier;
+import org.opensaml.SAMLStatement;
import org.opensaml.SAMLSubject;
import org.opensaml.XML;
import org.perfsonar.base.auxiliary.components.authn.SOAPUtil;
@@ -43,7 +48,11 @@
secHeader.setActor("we");
secHeader.insertSecurityHeader(doc);
- WSSecSAMLToken samlToken = new WSSecSAMLToken();
+ WSSecTimestamp timestamp = new WSSecTimestamp();
+ timestamp.prepare(doc);
+// sigParts.add(new WSEncryptionPart(timestamp.getId()));
+
+ WSSecSAMLToken samlToken = new WSSecSAMLToken();
Document signedDoc = samlToken.build(doc,
getAssertionAsSecurityToken(authAssertion, key, certchain,
cidPerfsonarResource, cidPerfsonarClient), secHeader);
Message signedMsg = (Message) SOAPUtil.toSOAPMessage(signedDoc);
envelope = signedMsg.getSOAPEnvelope();
@@ -65,6 +74,15 @@
SAMLSubject subject=new SAMLSubject();
subject.addConfirmationMethod("relayed-trust");
+ Iterator<?> it=authAssertion.getStatements();
+ while (it.hasNext()) {
+ SAMLStatement st=(SAMLStatement)it.next();
+ if (st instanceof SAMLAuthenticationStatement) {
+ SAMLAuthenticationStatement
as=(SAMLAuthenticationStatement)st;
+ SAMLNameIdentifier
old=as.getSubject().getNameIdentifier();
+ subject.setNameIdentifier(new
SAMLNameIdentifier(old.getName(),old.getNameQualifier(),old.getFormat()));
+ }
+ }
try {
Document request =
authAssertion.toDOM().getOwnerDocument();
- perfsonar: r3187 - trunk/perfsonar_base/src/main/java/org/perfsonar/client/base/authn, svnlog, 01/08/2008
Archive powered by MHonArc 2.6.16.