Package org.picketlink.identity.federation.core.config

Examples of org.picketlink.identity.federation.core.config.KeyProviderType

78
79
80
81
82
83
84
85
     *
     * @param idpOrSPConfiguration
     * @return
     */
    public static TrustKeyManager getTrustKeyManager(ProviderType idpOrSPConfiguration) {
        KeyProviderType keyProvider = idpOrSPConfiguration.getKeyProvider();
        return getTrustKeyManager(keyProvider);
    }
View Full Code Here
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
     */
    private KeyProviderType parseKeyProvider(XMLEventReader xmlEventReader) throws ParsingException {
        StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
        StaxParserUtil.validate(startElement, KEY_PROVIDER_ELEMENT);

        KeyProviderType keyProvider = new KeyProviderType();
        // get the key provider class name attribute.
        QName attributeQName = new QName("", CLASS_NAME_ATTRIB);
        Attribute attribute = startElement.getAttributeByName(attributeQName);
        if (attribute == null)
            throw logger.parserRequiredAttribute("ClassName");
        keyProvider.setClassName(StaxParserUtil.getAttributeValue(attribute));

        // parse the inner elements.
        while (xmlEventReader.hasNext()) {
            XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
            if (xmlEvent == null)
                break;
            if (xmlEvent instanceof EndElement) {
                EndElement endElement = (EndElement) StaxParserUtil.getNextEvent(xmlEventReader);
                String endElementName = StaxParserUtil.getEndElementName(endElement);
                if (endElementName.equals(KEY_PROVIDER_ELEMENT))
                    break;
                else
                    throw logger.parserUnknownEndElement(endElementName);
            }

            StartElement subEvent = StaxParserUtil.peekNextStartElement(xmlEventReader);
            if (subEvent == null)
                break;
            String elementName = StaxParserUtil.getStartElementName(subEvent);

            if (SIGNING_ALIAS_ELEMENT.equalsIgnoreCase(elementName)) {
                subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
                if (!StaxParserUtil.hasTextAhead(xmlEventReader))
                    throw logger.parserExpectedTextValue("SigningAlias");
                keyProvider.setSigningAlias(StaxParserUtil.getElementText(xmlEventReader));
            } else if (VALIDATING_ALIAS_ELEMENT.equalsIgnoreCase(elementName)) {
                subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
                KeyValueType keyValue = new KeyValueType();
                // parse the key and value attributes.
                attributeQName = new QName("", KEY_ATTRIB);
                attribute = subEvent.getAttributeByName(attributeQName);
                if (attribute != null)
                    keyValue.setKey(StaxParserUtil.getAttributeValue(attribute));
                attributeQName = new QName("", VALUE_ATTRIB);
                attribute = subEvent.getAttributeByName(attributeQName);
                if (attribute != null)
                    keyValue.setValue(StaxParserUtil.getAttributeValue(attribute));

                EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
                StaxParserUtil.validate(endElement, VALIDATING_ALIAS_ELEMENT);
                keyProvider.add(keyValue);
            } else if (AUTH_ELEMENT.equalsIgnoreCase(elementName)) {
                subEvent = StaxParserUtil.getNextStartElement(xmlEventReader);
                AuthPropertyType authProperty = new AuthPropertyType();
                // parse the key and value attributes.
                attributeQName = new QName("", KEY_ATTRIB);
                attribute = subEvent.getAttributeByName(attributeQName);
                if (attribute != null)
                    authProperty.setKey(StaxParserUtil.getAttributeValue(attribute));
                attributeQName = new QName("", VALUE_ATTRIB);
                attribute = subEvent.getAttributeByName(attributeQName);
                if (attribute != null)
                    authProperty.setValue(StaxParserUtil.getAttributeValue(attribute));

                EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
                StaxParserUtil.validate(endElement, AUTH_ELEMENT);
                keyProvider.add(authProperty);
            } else
                throw logger.parserUnknownTag(elementName, subEvent.getLocation());
        }
        return keyProvider;
    }
View Full Code Here
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
            for (ServiceProviderType provider : serviceProviders.getServiceProvider())
                this.spMetadata.put(provider.getEndpoint(), provider);
        }

        // setup the key store.
        KeyProviderType keyProviderType = config.getKeyProvider();
        if (keyProviderType != null) {
            String keyManagerClassName = keyProviderType.getClassName();
            try {
                // Decrypt/de-mask the passwords if any
                List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProviderType);

                Class<?> clazz = SecurityActions.loadClass(getClass(), keyManagerClassName);
                if (clazz == null)
                    throw logger.classNotLoadedError(keyManagerClassName);
                this.trustManager = (TrustKeyManager) clazz.newInstance();
                this.trustManager.setAuthProperties(authProperties);
                this.trustManager.setValidatingAlias(keyProviderType.getValidatingAlias());

                //Special case when you need X509Data in SignedInfo
                if(authProperties != null){
                    for(AuthPropertyType authPropertyType: authProperties){
                        String key = authPropertyType.getKey();
View Full Code Here
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
        String signOutgoingString = config.getInitParameter(GeneralConstants.SIGN_OUTGOING_MESSAGES);
        if (signOutgoingString != null && !"".equals(signOutgoingString))
            this.signOutgoingMessages = Boolean.parseBoolean(signOutgoingString);

        if (this.signOutgoingMessages) {
            KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider();
            if (keyProvider == null)
                throw new RuntimeException(ErrorCodes.NULL_VALUE + "Key Provider is null for context="
                        + context.getContextPath());

            try {
                String keyManagerClassName = keyProvider.getClassName();
                if (keyManagerClassName == null)
                    throw new RuntimeException(ErrorCodes.NULL_VALUE + "KeyManager class name is null");

                Class<?> clazz = SecurityActions.loadClass(getClass(), keyManagerClassName);
                this.keyManager = (TrustKeyManager) clazz.newInstance();

                List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProvider);

                keyManager.setAuthProperties(authProperties);
                keyManager.setValidatingAlias(keyProvider.getValidatingAlias());
            } catch (Exception e) {
                log.error("Exception reading configuration:", e);
                throw new RuntimeException(e.getLocalizedMessage());
            }
            if (trace)
                log.trace("Key Provider=" + keyProvider.getClassName());
        }

        // handle the role generator
        String rgString = config.getInitParameter(GeneralConstants.ROLE_GENERATOR);
        if (rgString != null && !"".equals(rgString))
View Full Code Here
51
52
53
54
55
56
57
58
59
60
61
        configureDefaultKeyProvider();
        return (SPType) this.providerType;
    }

    private void configureDefaultKeyProvider() {
        this.providerType.setKeyProvider(new KeyProviderType());
        this.providerType.getKeyProvider().setClassName("org.picketlink.identity.federation.core.impl.KeyStoreKeyManager");

        this.providerType.getKeyProvider().add(createAuthProperty("KeyStoreURL", "keystore/jbid_test_keystore.jks"));
        this.providerType.getKeyProvider().add(createAuthProperty("KeyStorePass", "store123"));
        this.providerType.getKeyProvider().add(createAuthProperty("SigningKeyPass", "test123"));
View Full Code Here
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
        IDPType idp = (IDPType) object;
        assertEquals("somefqn", idp.getRoleGenerator());
        assertTrue(idp.isEncrypt());
        assertEquals(CanonicalizationMethod.EXCLUSIVE, idp.getCanonicalizationMethod());
        KeyProviderType kp = idp.getKeyProvider();
        assertNotNull("KeyProvider is not null", kp);
        assertEquals("SomeClass", "SomeClass", kp.getClassName());
        List<AuthPropertyType> authProps = kp.getAuth();
        AuthPropertyType authProp = authProps.get(0);
        assertEquals("SomeKey", "SomeKey", authProp.getKey());
        assertEquals("SomeValue", "SomeValue", authProp.getValue());

        authProp = authProps.get(1);
        assertEquals("DBURL", "DBURL", authProp.getKey());
        assertEquals("SomeDBURL", "SomeDBURL", authProp.getValue());

        List<KeyValueType> validatingAliases = kp.getValidatingAlias();
        assertEquals("Validating Alias length is 2", 2, validatingAliases.size());

        KeyValueType kv = validatingAliases.get(0);
        assertEquals("localhost", kv.getKey());
        assertEquals("localhostalias", kv.getValue());
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
        assertEquals(true, stsType.isSignToken());
        assertEquals(false, stsType.isEncryptToken());
        assertEquals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments", stsType.getCanonicalizationMethod());

        // check if the key provider has been set according to the configuration file.
        KeyProviderType keyProvider = stsType.getKeyProvider();
        assertNotNull(keyProvider);
        assertEquals("org.picketlink.identity.federation.core.impl.KeyStoreKeyManager", keyProvider.getClassName());
        assertNull(keyProvider.getSigningAlias());
        List<AuthPropertyType> authProperties = keyProvider.getAuth();
        assertEquals(4, authProperties.size());
        assertEquals("KeyStoreURL", authProperties.get(0).getKey());
        assertEquals("sts_keystore.jks", authProperties.get(0).getValue());
        assertEquals("KeyStorePass", authProperties.get(1).getKey());
        assertEquals("testpass", authProperties.get(1).getValue());
        assertEquals("SigningKeyAlias", authProperties.get(2).getKey());
        assertEquals("sts", authProperties.get(2).getValue());
        assertEquals("SigningKeyPass", authProperties.get(3).getKey());
        assertEquals("keypass", authProperties.get(3).getValue());
        List<KeyValueType> validatingAliases = keyProvider.getValidatingAlias();
        assertEquals(2, validatingAliases.size());
        assertEquals("http://services.testcorp.org/provider1", validatingAliases.get(0).getKey());
        assertEquals("service1", validatingAliases.get(0).getValue());
        assertEquals("http://services.testcorp.org/provider2", validatingAliases.get(1).getKey());
        assertEquals("service2", validatingAliases.get(1).getValue());
View Full Code Here
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
    protected void initKeyProvider(Context context) throws LifecycleException {
        if (!doSupportSignature()) {
            return;
        }

        KeyProviderType keyProvider = this.spConfiguration.getKeyProvider();

        if (keyProvider == null && doSupportSignature())
            throw new LifecycleException(ErrorCodes.NULL_VALUE + "KeyProvider is null for context=" + context.getName());

        try {
            String keyManagerClassName = keyProvider.getClassName();
            if (keyManagerClassName == null)
                throw new RuntimeException(ErrorCodes.NULL_VALUE + "KeyManager class name");

            Class<?> clazz = SecurityActions.loadClass(getClass(), keyManagerClassName);

            if (clazz == null)
                throw new ClassNotFoundException(ErrorCodes.CLASS_NOT_LOADED + keyManagerClassName);
            this.keyManager = (TrustKeyManager) clazz.newInstance();

            List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProvider);

            keyManager.setAuthProperties(authProperties);
            keyManager.setValidatingAlias(keyProvider.getValidatingAlias());

            String identityURL = this.spConfiguration.getIdentityURL();

            //Special case when you need X509Data in SignedInfo
            if(authProperties != null){
                for(AuthPropertyType authPropertyType: authProperties){
                    String key = authPropertyType.getKey();
                    if(GeneralConstants.X509CERTIFICATE.equals(key)){
                        //we need X509Certificate in SignedInfo. The value is the alias name
                        keyManager.addAdditionalOption(GeneralConstants.X509CERTIFICATE, authPropertyType.getValue());
                        break;
                    }
                }
            }
            keyManager.addAdditionalOption(ServiceProviderBaseProcessor.IDP_KEY, new URL(identityURL).getHost());
        } catch (Exception e) {
            logger.trustKeyManagerCreationError(e);
            throw new LifecycleException(e.getLocalizedMessage());
        }

        logger.trace("Key Provider=" + keyProvider.getClassName());
    }
View Full Code Here
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
        }
    }

    protected void initKeyManager() throws LifecycleException {
        if (this.idpConfiguration.isSupportsSignature() || this.idpConfiguration.isEncrypt()) {
            KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider();
            if (keyProvider == null)
                throw new LifecycleException(
                        logger.nullValueError("Key Provider is null for context=" + getContext().getName()));

            try {
                this.keyManager = CoreConfigUtil.getTrustKeyManager(keyProvider);

                List<AuthPropertyType> authProperties = CoreConfigUtil.getKeyProviderProperties(keyProvider);
                keyManager.setAuthProperties(authProperties);
                keyManager.setValidatingAlias(keyProvider.getValidatingAlias());
                //Special case when you need X509Data in SignedInfo
                if(authProperties != null){
                    for(AuthPropertyType authPropertyType: authProperties){
                        String key = authPropertyType.getKey();
                        if(GeneralConstants.X509CERTIFICATE.equals(key)){
                            //we need X509Certificate in SignedInfo. The value is the alias name
                            keyManager.addAdditionalOption(GeneralConstants.X509CERTIFICATE, authPropertyType.getValue());
                            break;
                        }
                    }
                }
            } catch (Exception e) {
                logger.trustKeyManagerCreationError(e);
                throw new LifecycleException(e.getLocalizedMessage());
            }

            logger.samlIDPSettingCanonicalizationMethod(idpConfiguration.getCanonicalizationMethod());

            XMLSignatureUtil.setCanonicalizationMethodType(idpConfiguration.getCanonicalizationMethod());

            logger.trace("Key Provider=" + keyProvider.getClassName());
        }
    }
View Full Code Here
135
136
137
138
139
140
141
142
143
144
145
146
147
            }

            metadata = (EntityDescriptorType) metadataProvider.getMetaData();

            // Get the trust manager information
            KeyProviderType keyProvider = providerType.getKeyProvider();
            signingAlias = keyProvider.getSigningAlias();
            String keyManagerClassName = keyProvider.getClassName();
            if (keyManagerClassName == null)
                throw new RuntimeException(ErrorCodes.NULL_VALUE + "KeyManager class name");

            clazz = SecurityActions.loadClass(getClass(), keyManagerClassName);
            this.keyManager = (TrustKeyManager) clazz.newInstance();
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.core.config.KeyProviderType

  • org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve
  • org.picketlink.identity.federation.bindings.tomcat.sp.AbstractSPFormAuthenticator
  • org.picketlink.identity.federation.core.parsers.sts.STSConfigParser
  • org.picketlink.identity.federation.core.util.CoreConfigUtil
  • org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration
  • org.picketlink.identity.federation.web.filters.SPFilter
  • org.picketlink.identity.federation.web.servlets.IDPServlet
  • org.picketlink.identity.federation.web.servlets.saml.MetadataServlet
  • org.picketlink.test.identity.federation.bindings.workflow.MockSAMLConfigurationProvider
  • org.picketlink.test.identity.federation.core.config.ConfigUnitTestCase
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.