perfsonar-dev - perfsonar: r4971 - in branches/simple-service-with-base2: lib/repository/opensaml/opensaml lib/repository/opensaml/opensaml/2.2.3 lib/repository/xmltooling/xmltooling lib/repository/xmltooling/xmltooling/1.2.0 src/main/java/org/perfsonar/base2/client src/main/java/org/perfsonar/base2/service/authn src/main/java/org/perfsonar/base2/service/authn/component/wssec src/main/java/org/perfsonar/service/authService src/main/java/org/perfsonar/service/authService/auth/client
Subject: perfsonar development work
List archive
perfsonar: r4971 - in branches/simple-service-with-base2: lib/repository/opensaml/opensaml lib/repository/opensaml/opensaml/2.2.3 lib/repository/xmltooling/xmltooling lib/repository/xmltooling/xmltooling/1.2.0 src/main/java/org/perfsonar/base2/client src/main/java/org/perfsonar/base2/service/authn src/main/java/org/perfsonar/base2/service/authn/component/wssec src/main/java/org/perfsonar/service/authService src/main/java/org/perfsonar/service/authService/auth/client
Chronological Thread
- From:
- To:
- Subject: perfsonar: r4971 - in branches/simple-service-with-base2: lib/repository/opensaml/opensaml lib/repository/opensaml/opensaml/2.2.3 lib/repository/xmltooling/xmltooling lib/repository/xmltooling/xmltooling/1.2.0 src/main/java/org/perfsonar/base2/client src/main/java/org/perfsonar/base2/service/authn src/main/java/org/perfsonar/base2/service/authn/component/wssec src/main/java/org/perfsonar/service/authService src/main/java/org/perfsonar/service/authService/auth/client
- Date: Wed, 18 Feb 2009 09:55:27 -0500
Author: rodriguez
Date: 2009-02-18 09:55:27 -0500 (Wed, 18 Feb 2009)
New Revision: 4971
Added:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.jar
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.jar.sha1
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.pom
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.sha1
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.jar
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.jar.sha1
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.pom
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.pom.sha1
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/client/UbCSaslTest.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/AttrServiceEngine.java
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/auth/client/AttrEERequestGenerator.java
Log:
- Fixing some bugs in perfSONAR base and AS about attributes handling
- Adding new versions of OpenSAML2 and XMLTooling
Added:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.jar
Property changes on:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.jar.sha1
Added:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.pom
Added:
branches/simple-service-with-base2/lib/repository/opensaml/opensaml/2.2.3/opensaml-2.2.3.sha1
Added:
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.jar
Property changes on:
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added:
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.jar.sha1
Added:
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.pom
Added:
branches/simple-service-with-base2/lib/repository/xmltooling/xmltooling/1.2.0/xmltooling-1.2.0.pom.sha1
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/client/UbCSaslTest.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/client/UbCSaslTest.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/client/UbCSaslTest.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -1,5 +1,6 @@
package org.perfsonar.base2.client;
+import java.io.ByteArrayOutputStream;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.cert.CertificateParsingException;
@@ -7,7 +8,10 @@
import java.text.DateFormat;
import java.util.Collection;
import java.util.Iterator;
+import java.util.LinkedList;
import java.util.List;
+import java.util.Map;
+import java.util.Set;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
@@ -20,9 +24,15 @@
import org.perfsonar.base2.client.authn.saslca.SASLCAClient;
import org.perfsonar.base2.client.authn.saslca.SASLCAClientConfiguration;
import org.perfsonar.base2.client.authn.saslca.UserID;
+import org.perfsonar.base2.service.authn.AttrRequest;
+import org.perfsonar.base2.service.authn.AttrResponse;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
+import org.perfsonar.base2.service.requesthandler.ServiceMessage;
import org.perfsonar.base2.xml.AXIOMCreator;
+import org.perfsonar.base2.xml.Element;
+import org.perfsonar.base2.xml.StaxParser;
import org.perfsonar.base2.xml.nmwg.Message;
+import org.perfsonar.service.authService.auth.client.AttrEERequestGenerator;
import org.perfsonar.service.authService.auth.client.AuthNEERequestGenerator;
import org.w3c.dom.Document;
@@ -85,6 +95,9 @@
else if (oper.equals("authn")) {
sendAuthNEERequest(keyPair,endPoint);
}
+ else if (oper.equals("attr")) {
+ sendAttrEERequest(keyPair,endPoint);
+ }
} catch (PerfSONARException e) {
e.printStackTrace();
@@ -144,6 +157,69 @@
}
}
+ public void sendAttrEERequest(KeyPair keyPair,String endPoint) throws
PerfSONARException {
+ try {
+ checkCertificate(keyPair);
+
+ PrivateKey privateKey=keyPair.getPrivate();
+ X509Certificate cert = client.getCertficate(keyPair);
+
+ AttrRequest attrReq = new AttrRequest();
+ attrReq.setIssuer("Issuer");
+
attrReq.setSubject("urn:geant:edugain:component:be:gidp:user:first_candido-perfSONAR.net");
+ List<String> listValues = new LinkedList<String>();
+ listValues.add("perfSONAR.net");
+ attrReq.addAttribute("urn:oid:1.3.6.1.4.1.25178.1.2.9",
"schacHomeOrganization", listValues);
+
+ AttrEERequestGenerator rg = new AttrEERequestGenerator();
+ Message m = rg.generateRequestMessage(attrReq);
+ AXIOMCreator cr = new AXIOMCreator();
+
+ OMElement requestOMElement = cr.getElement(m);
+ SOAPFactory soapFactory = OMAbstractFactory.getSOAP11Factory();
+ SOAPEnvelope se = soapFactory.createSOAPEnvelope();
+ SOAPBody soapBody = soapFactory.createSOAPBody(se);
+ soapBody.addChild(requestOMElement);
+
+ Document doc =
Axis2Util.getDocumentFromSOAPEnvelope(se, true);
+
+ AuthNX509Data
authnData=AuthNDataFactory.getDefaultAuthNX509Data();
+ Object reqRaw=authnData.addX509STInMessage(doc, privateKey,
cert);
+ SOAPEnvelope envelope = (SOAPEnvelope)reqRaw;
+
+ OMElement result = new Axis2Client().send(endPoint,
+ envelope.getHeader().getFirstElement(),
requestOMElement);
+
+ ByteArrayOutputStream baos2 = new ByteArrayOutputStream();
+ result.serialize(baos2);
+
+ StaxParser sp = new StaxParser();
+ Element respElem = sp.parse(result.getXMLStreamReader());
+ ServiceMessage sm = new ServiceMessage(respElem);
+
+ Element response = sm.getElement();
+
+ AttrResponse
respAttr=AttrResponse.getAttrResponse(response);
+ Map<String, List<String>> attrs =
respAttr.getAttributes();
+ Set<String> keys = attrs.keySet();
+ Iterator<String> it1 = keys.iterator();
+ while (it1.hasNext()) {
+ String key = it1.next();
+ System.out.println("* "+key);
+ List<String> values = attrs.get(key);
+ Iterator<String> it2 = values.iterator();
+ while (it2.hasNext()) {
+ String value = it2.next();
+ System.out.println("*** "+value);
+ }
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new PerfSONARException(e.getMessage());
+ }
+ }
+
public static void main(String[] args) {
UbCSaslTest ubcSasl = new UbCSaslTest();
ubcSasl.test(args);
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AADispatchSOAPProtocol.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -235,10 +235,11 @@
ServiceMessage responseMsg = sendMessage(asPoint,
attrRequest, req.getSecurityToken());
Element response = responseMsg.getElement();
- AttrResponse
respAuth=AttrResponse.getAttrResponse(response);
- logger.debug("Attribte response:
("+respAuth.getResultCode()+","+respAuth.getStatus()+")");
+ AttrResponse
respAttr=AttrResponse.getAttrResponse(response);
+ logger.debug("Attribte response:
("+respAttr.getResultCode()+","+respAttr.getStatus()+")");
+ logger.debug("SAML Response:
"+respAttr.getSAMLResponse());
- return respAuth;
+ return respAttr;
} catch (ClassCastException e) {
e.printStackTrace();
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/AttrResponse.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -1,11 +1,70 @@
package org.perfsonar.base2.service.authn;
+import java.io.ByteArrayInputStream;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpression;
+import javax.xml.xpath.XPathExpressionException;
+import javax.xml.xpath.XPathFactory;
+
import org.perfsonar.base2.xml.Element;
+import org.w3c.dom.Document;
+import org.w3c.dom.NodeList;
public class AttrResponse extends AuthNResponse {
+ public static final int ATTR_OK_RESPONSE=1;
+ public static final int ATTR_BAD_RESPONSE=1;
+ public static final String NS_SUBJECT_AA =
"http://ggf.org/ns/nmwg/tools/org/perfsonar/service/as/attr/1.0/";;
+ private Map<String, List<String>> attributes;
+ private String samlRawResponse;
+ private XPath xpath;
+
+ public AttrResponse() {
+ super();
+
+ XPathFactory xfactory = XPathFactory.newInstance();
+ xpath = xfactory.newXPath();
+ NamespaceContext ctx = new NamespaceContext() {
+ public String getNamespaceURI(String prefix) {
+ String uri;
+ if (prefix.equals("samlp"))
+ uri =
"urn:oasis:names:tc:SAML:2.0:protocol";
+ else if (prefix.equals("saml"))
+ uri =
"urn:oasis:names:tc:SAML:2.0:assertion";
+ else
+ uri = null;
+ return uri;
+ }
+
+ // Dummy implementation - not used!
+ public Iterator<?> getPrefixes(String val) {
+ return null;
+ }
+
+ // Dummy implemenation - not used!
+ public String getPrefix(String uri) {
+ return null;
+ }
+ };
+ xpath.setNamespaceContext(ctx);
+
+ attributes = new HashMap<String, List<String>>();
+ }
+
public static AttrResponse getAttrResponse(Element message) {
AttrResponse res=new AttrResponse();
+ res.setStatus(AttrResponse.ATTR_OK_RESPONSE);
Element responseMetadata = null;
Element eventType = null;
@@ -17,9 +76,88 @@
}
if (eventType != null) {
if (eventType.getText().trim().indexOf("success.as.attr") != -1)
{
+ res.setStatus(AttrResponse.ATTR_BAD_RESPONSE);
}
}
+ if (res.getStatus()==AttrResponse.ATTR_OK_RESPONSE) {
+ Collection<Element> list =
responseMetadata.getChildren("subject",
"http://ggf.org/ns/nmwg/tools/org/perfsonar/service/as/attr/1.0/";);
+ Iterator<Element> it = list.iterator();
+ Element e = it.next();
+ String samlResponse=e.getText();
+ res.setSAMLResponse(samlResponse);
+ res.loadAttributes();
+ }
return res;
}
+
+ public void loadAttributes() {
+ Document doc = getDocumentFromString(getSAMLResponse());
+ try {
+ XPathExpression expression =
xpath.compile("//samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute");
+ NodeList nodes = (NodeList) expression.evaluate(doc,
XPathConstants.NODESET);
+ for (int i = 0; i < nodes.getLength(); i++) {
+ org.w3c.dom.Element
elem=(org.w3c.dom.Element)nodes.item(i);
+ String friendlyName =
elem.getAttribute("FriendlyName");
+ NodeList nodes2 =
elem.getElementsByTagName("saml:AttributeValue");
+ for (int j=0; j<nodes2.getLength(); j++) {
+ org.w3c.dom.Element
value=(org.w3c.dom.Element)nodes2.item(j);
+ String attributeValue =
value.getTextContent().trim();
+ addAttribute(friendlyName,
attributeValue);
+ }
+ }
+ } catch (XPathExpressionException e) {
+
+ }
+ }
+
+ public void addAttribute(String key,String value) {
+ if (!attributes.containsKey(key)) {
+ List<String> list=new LinkedList<String>();
+ attributes.put(key, list);
+ }
+ List<String> list = attributes.get(key);
+ list.add(value);
+ }
+
+ public void clearAttributes() {
+ attributes.clear();
+ }
+
+ public void removeAttribute(String key) {
+ if (attributes.containsKey(key)) {
+ attributes.remove(key);
+ }
+ }
+
+ public Map<String, List<String>> getAttributes() {
+ return attributes;
+ }
+
+ private Document getDocumentFromString(String message) {
+ try {
+ Document request = null;
+ DocumentBuilderFactory factory =
DocumentBuilderFactory
+ .newInstance();
+ factory.setNamespaceAware(true);
+
+ DocumentBuilder builder =
factory.newDocumentBuilder();
+ request = builder
+ .parse(new
ByteArrayInputStream(message.getBytes()));
+
+ return request;
+ } catch (Exception e) {
+ e.printStackTrace();
+ return null;
+ }
+ }
+
+
+ public String getSAMLResponse() {
+ return samlRawResponse;
+ }
+
+ public void setSAMLResponse(String samlMessage) {
+ this.samlRawResponse = samlMessage;
+ }
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/base2/service/authn/component/wssec/WSSecAuthNComponent.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -40,7 +40,6 @@
st.setSecTokenFromRequest();
AuthNRequest authnReq=new AuthNRequest(st);
AADispatchProtocol aadp =
AADispatchProtocolFactory.getDefaultAADispatchProtocol();
- aadp.setAuthService(getOption("as_endpoint").getValue());
aadp.setAuthService(getOption(AS_POINT).getValue());
AADispatchManager aadm=new AADispatchManager(aadp);
AuthNResponse authnRes=aadm.getAuthentication(authnReq);
@@ -84,7 +83,7 @@
prot.setAuthService(getOption("as_endpoint").getValue());
AADispatchManager aadm=new AADispatchManager(prot);
AuthRResponse authrRes=aadm.getAuthorization(authrReq);
- if (authrRes.getStatus()!=AuthNResponse.AUTHENTICATED) {
+ if (authrRes.getStatus()!=AuthRResponse.AUTHORIZED) {
logger.error("WSSecAuthNComponent: Authentication
failed ("+authrRes.getResultCode()+")");
throw new
PerfSONARException(authrRes.getResultCode());
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/AttrServiceEngine.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/AttrServiceEngine.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/AttrServiceEngine.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -24,7 +24,6 @@
import org.perfsonar.base2.xml.nmwg.EventType;
import org.perfsonar.base2.xml.nmwg.Message;
import org.perfsonar.base2.xml.nmwg.Metadata;
-import org.perfsonar.base2.xml.nmwg.Subject;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
@@ -50,6 +49,8 @@
uri =
"urn:oasis:names:tc:SAML:2.0:protocol";
else if (prefix.equals("saml"))
uri =
"urn:oasis:names:tc:SAML:2.0:assertion";
+ else if (prefix.equals("xsi"))
+ uri =
"http://www.w3.org/2001/XMLSchema-instance";;
else
uri = null;
return uri;
@@ -91,9 +92,9 @@
responseMetadata.setEventType(et);
et.setEventType(EVENT_TYPE_SUCCESS);
- Subject attrSub=new Subject();
- attrSub.setText(samlAttrResponse);
- responseMetadata.setSubject(attrSub);
+ Element attrSub = new Element("subject", "aa",
"http://ggf.org/ns/nmwg/tools/org/perfsonar/service/as/attr/1.0/";);
+ attrSub.setText(samlAttrResponse);
+ responseMetadata.addChild(attrSub);
Data responseData = new Data();
responseData.setMetadataIdRef(responseMetadata.getId());
@@ -114,13 +115,17 @@
try {
String id =
xpath.evaluate("//samlp:AttributeQuery/@ID", doc);
if (id==null||id.equals("")) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","SAML attribute request
doesn't include ID");
+ String msg = "SAML attribute request doesn't
include ID";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
id = id.trim();
logger.debug("Id AttributeQuery : "+id);
String instant =
xpath.evaluate("//samlp:AttributeQuery/@IssueInstant", doc);
if (instant==null||instant.equals("")) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","SAML attribute request
doesn't IssueInstant");
+ String msg = "SAML attribute request doesn't
IssueInstant";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
instant = instant.trim();
Date instantDate=null;
@@ -128,23 +133,32 @@
try {
instantDate=parseformatter.parse(instant);
} catch (Exception ex) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","Bad IssueInstant");
+ ex.printStackTrace();
+ String msg = "Bad IssueInstant";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
checkIssueInstant(instantDate);
String issuer =
xpath.evaluate("//samlp:AttributeQuery/saml:Issuer", doc);
if (issuer==null||issuer.equals("")) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","SAML attribute request
doesn't include Issuer");
+ String msg = "SAML attribute request doesn't
include Issuer";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
issuer = issuer.trim();
String subject =
xpath.evaluate("//samlp:AttributeQuery/saml:Subject/saml:NameID", doc);
if (subject==null||subject.equals("")) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","SAML attribute request
doesn't include Subject");
+ String msg = "SAML attribute request doesn't
include Subject";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
subject = subject.trim();
String urnUser =
getURNUser(serviceRequest.getMessageElement());
logger.debug("AttrServiceEngine: urn user =
"+urnUser);
if (!subject.equals(urnUser)) {
- throw new
PerfSONARException("error.attr.saml_subject","Subject ("+subject+") of the
SAML assertion is not equals to the user's urn ("+urnUser+") included in the
security token");
+ String msg = "Subject ("+subject+") of the
SAML assertion is not equals to the user's urn ("+urnUser+") included in the
security token";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_subject",msg);
}
Date date=new Date();
Date befDate=new Date(date.getTime()-300000);
@@ -169,11 +183,13 @@
" <saml:AttributeStatement>";
XPathExpression expression =
xpath.compile("//samlp:AttributeQuery/saml:Attribute");
NodeList nodes = (NodeList) expression.evaluate(doc,
XPathConstants.NODESET);
+ logger.debug("Num. requests of attribute:
"+nodes.getLength());
for (int i = 0; i < nodes.getLength(); i++) {
org.w3c.dom.Element
elem=(org.w3c.dom.Element)nodes.item(i);
String nameFormat =
elem.getAttribute("NameFormat");
String friendlyName =
elem.getAttribute("FriendlyName");
String uriName = elem.getAttribute("Name");
+ logger.debug("Attribute
("+nameFormat+","+friendlyName+","+uriName+")");
if
(nameFormat.equals(URI_FORMAT)&&friendlyName.equals(SHO_NAME)&&uriName.equals(SHO_URI))
{
NodeList nodes2 =
elem.getElementsByTagName("saml:AttributeValue");
for (int j=0; j<nodes2.getLength();
j++) {
@@ -197,7 +213,10 @@
return res;
} catch (XPathExpressionException ex) {
- throw new
PerfSONARException("error.attr.saml_wrong_params","Error parsing SAML
assertion");
+ ex.printStackTrace();
+ String msg = "Error parsing SAML assertion";
+ logger.error(msg);
+ throw new
PerfSONARException("error.attr.saml_wrong_params",msg);
}
}
Modified:
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/auth/client/AttrEERequestGenerator.java
===================================================================
---
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/auth/client/AttrEERequestGenerator.java
2009-02-18 12:16:27 UTC (rev 4970)
+++
branches/simple-service-with-base2/src/main/java/org/perfsonar/service/authService/auth/client/AttrEERequestGenerator.java
2009-02-18 14:55:27 UTC (rev 4971)
@@ -10,6 +10,7 @@
import org.perfsonar.base2.service.authn.AttrRequest;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
+import org.perfsonar.base2.xml.Element;
import org.perfsonar.base2.xml.nmwg.Data;
import org.perfsonar.base2.xml.nmwg.Message;
import org.perfsonar.base2.xml.nmwg.Metadata;
@@ -98,9 +99,14 @@
message.setMetadata(meta);
message.setData(data);
- Subject attrSub=new Subject();
- attrSub.setText(getSAMLMessage(attrReq));
- message.getMetadata(metaId).setSubject(attrSub);
+ String reqString = getSAMLMessage(attrReq);
+ reqString = reqString.replaceAll("\n", "");
+ reqString = reqString.replaceAll("\r", "");
+ reqString = reqString.replaceAll("\t", "");
+ reqString = reqString.replaceAll(" ", "");
+ Element authrElement = new Element("subject", "aa",
"http://ggf.org/ns/nmwg/tools/org/perfsonar/service/as/attr/1.0/";);
+ authrElement.setText(reqString);
+ message.getMetadata(metaId).addChild(authrElement);
return message;
}
@@ -109,9 +115,9 @@
Date date=new Date();
Format formatter = new SimpleDateFormat("yyyy-MM-dd");
Format formatter2 = new SimpleDateFormat("HH:mm:ss");
- String samlMessage = "<samlp:AttributeQuery
xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"
xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"
ID=\""+UUID.randomUUID().toString()+"\" Version=\"2.0\"
IssueInstant=\""+formatter.format(date)+"T"+formatter2.format(date)+"Z\">" +
- " <saml:Issuer>"+attrReq.getIssuer()+"</saml:Issuer>" +
- " <saml:Subject><saml:NameID
Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\">"+attrReq.getSubject()+"</saml:NameID></saml:Subject>";
+ String samlMessage = "<samlp:AttributeQuery
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\";
xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"
xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"
ID=\""+UUID.randomUUID().toString()+"\" Version=\"2.0\"
IssueInstant=\""+formatter.format(date)+"T"+formatter2.format(date)+"Z\">" +
+ "<saml:Issuer>"+attrReq.getIssuer()+"</saml:Issuer>" +
+ "<saml:Subject><saml:NameID
Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\">"+attrReq.getSubject()+"</saml:NameID></saml:Subject>";
Map<String, Map<String, List<String>>> attrs =
attrReq.getAttributes();
Iterator<String> it=attrs.keySet().iterator();
while (it.hasNext()) {
@@ -120,15 +126,15 @@
Iterator<String> attrNames=data.keySet().iterator();
String friendlyName = attrNames.next();
- samlMessage +=" <saml:Attribute
NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"
Name=\""+urn+"\" FriendlyName=\""+friendlyName+"\">";
+ samlMessage +="<saml:Attribute
NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\"
Name=\""+urn+"\" FriendlyName=\""+friendlyName+"\">";
List<String> attrsValues=(List<String>)data.get(friendlyName);
Iterator<String> itValues=attrsValues.iterator();
while (itValues.hasNext()) {
- samlMessage +=" <saml:AttributeValue
xsi:type=\"xsd:string\">"+itValues.next()+"</saml:AttributeValue>";
+ samlMessage +="<saml:AttributeValue
xsi:type=\"xsd:string\">"+itValues.next()+"</saml:AttributeValue>";
}
- samlMessage +=" </saml:Attribute>";
+ samlMessage +="</saml:Attribute>";
}
samlMessage += "</samlp:AttributeQuery>";
- perfsonar: r4971 - in branches/simple-service-with-base2: lib/repository/opensaml/opensaml lib/repository/opensaml/opensaml/2.2.3 lib/repository/xmltooling/xmltooling lib/repository/xmltooling/xmltooling/1.2.0 src/main/java/org/perfsonar/base2/client src/main/java/org/perfsonar/base2/service/authn src/main/java/org/perfsonar/base2/service/authn/component/wssec src/main/java/org/perfsonar/service/authService src/main/java/org/perfsonar/service/authService/auth/client, svnlog, 02/18/2009
Archive powered by MHonArc 2.6.16.