Examples of org.apache.rahas.impl.SAMLTokenIssuerConfig

• org.apache.rahas.impl.SAMLTokenIssuerConfig
  Configuration manager for the SAMLTokenIssuer @see SAMLTokenIssuer

            Parameter origParam = stsService.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                samlConfig.setCallbackHandlerName(AttributeCallbackHandler.class.getName());

                ServerConfiguration serverConfig = ServerConfiguration.getInstance();
                String ttl = serverConfig.getFirstProperty("STSTimeToLive");

                if (ttl != null && ttl.length() > 0) {
                    try {
                        samlConfig.setTtl(Long.parseLong(ttl));
                        if (log.isDebugEnabled()) {
                            log.debug("STSTimeToLive read from carbon.xml " + ttl);
                        }
                    } catch (NumberFormatException e) {
                        log.error("Error while reading STSTimeToLive from carbon.xml", e);

            Parameter origParam = stsService.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                samlConfig.addTrustedServiceEndpointAddress(serviceAddress, certAlias);
                setSTSParameter(samlConfig);
                persistTrustedService(ServerConstants.STS_NAME,
                                      ServerConstants.STS_NAME,
                                      serviceAddress,
                                      certAlias);

            Parameter origParam = stsService.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                samlConfig.getTrustedServices().remove(serviceAddress);
                setSTSParameter(samlConfig);
                removeTrustedService(ServerConstants.STS_NAME, ServerConstants.STS_NAME,
                        serviceAddress);
            } else {
                throw new AxisFault("missing parameter : "

            Parameter origParam = service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                samlConfig.setProofKeyType(keyType);
                setSTSParameter(samlConfig);
            } else {
                throw new AxisFault("missing parameter : "
                        + SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
            }

            Parameter origParam = service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                Map trustedServicesMap = samlConfig.getTrustedServices();
                Set addresses = trustedServicesMap.keySet();

                ArrayList serviceBag = new ArrayList();
                for (Iterator iterator = addresses.iterator(); iterator.hasNext();) {
                    String address = (String) iterator.next();

            Parameter origParam = service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                    .getLocalPart());
            if (origParam != null) {
                OMElement samlConfigElem = origParam.getParameterElement().getFirstChildWithName(
                        SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);
                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                return samlConfig.getProofKeyType();
            } else {
                throw new SecurityConfigException("missing parameter : "
                        + SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
            }
        } catch (Exception e) {

            String cryptoProvider = ServerCrypto.class.getName();

            Properties props = RampartConfigUtil.getServerCryptoProperties(
                    new String[]{keyStoreName}, keyStoreName, privateKeyAlias);

            SAMLTokenIssuerConfig stsSamlConfig = new SAMLTokenIssuerConfig(issuerName,
                    cryptoProvider, props);
            stsSamlConfig.setIssuerKeyAlias(keyAlias);
            stsSamlConfig.setIssuerKeyPassword(keyPassword);
            stsSamlConfig.setAddRequestedAttachedRef(true);
            stsSamlConfig.setAddRequestedUnattachedRef(true);
            stsSamlConfig.setKeyComputation(2);
            stsSamlConfig.setProofKeyType(TokenIssuerUtil.BINARY_SECRET);

            String resourcePath = null;
            resourcePath = RegistryResources.SERVICE_GROUPS + ServerConstants.STS_NAME
                    + RegistryResources.SERVICES + ServerConstants.STS_NAME + "/trustedServices";
            if (configRegistry.resourceExists(resourcePath)) {
                Resource trustedService = null;
                Properties properties = null;
                Iterator iterator = null;
                trustedService = configRegistry.get(resourcePath);
                properties = trustedService.getProperties();
                if (properties != null && !properties.isEmpty()) {
                    iterator = properties.entrySet().iterator();
                    while (iterator.hasNext()) {
                        Entry entry = (Entry) iterator.next();
                        stsSamlConfig.addTrustedServiceEndpointAddress((String) entry.getKey(),
                                (String) ((List) entry.getValue()).get(0));
                    }
                }
            }

            //Set the TTL value read from the carbon.xml
            String ttl = serverConfig.getFirstProperty("STSTimeToLive");

            if (ttl != null && ttl.length() > 0) {
                try {
                    stsSamlConfig.setTtl(Long.parseLong(ttl));
                    if (log.isDebugEnabled()) {
                        log.debug("STSTimeToLive read from carbon.xml " + ttl);
                    }
                } catch (NumberFormatException e) {
                    log.error("Error while reading STSTimeToLive from carbon.xml", e);
                }
            }

          try {
                // remove param is exists
                Parameter param = service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG
                        .getLocalPart());
                if (param == null) {
                    // Add new parameter
                    service.addParameter(stsSamlConfig.getParameter());
                    service.addParameter(new Parameter(CarbonConstants.SKIP_PARAM_INIT, new Boolean("true")));
                }
            } catch (AxisFault e) {
                log.error("Error while updating " + ServerConstants.STS_NAME
                        + " in STSDeploymentInterceptor", e);

            String cryptoProvider = ServerCrypto.class.getName();

            Properties props = RampartConfigUtil.getServerCryptoProperties(
                    new String[]{keyStoreName}, keyStoreName, privateKeyAlias);

            SAMLTokenIssuerConfig stsSamlConfig = new SAMLTokenIssuerConfig(issuerName,
                    cryptoProvider, props);
            stsSamlConfig.setIssuerKeyAlias(keyAlias);
            stsSamlConfig.setIssuerKeyPassword(keyPassword);
            stsSamlConfig.setAddRequestedAttachedRef(true);
            stsSamlConfig.setAddRequestedUnattachedRef(true);
            stsSamlConfig.setKeyComputation(2);
            stsSamlConfig.setProofKeyType(TokenIssuerUtil.BINARY_SECRET);
            stsSamlConfig.setCallbackHandlerName(AttributeCallbackHandler.class.getName());

            String resourcePath = null;
            resourcePath = RegistryResources.SERVICE_GROUPS + ServerConstants.STS_NAME
                    + RegistryResources.SERVICES + ServerConstants.STS_NAME + "/trustedServices";
            if (systemRegistry.resourceExists(resourcePath)) {
                Resource trustedService = null;
                Properties properties = null;
                Iterator iterator = null;
                trustedService = systemRegistry.get(resourcePath);
                properties = trustedService.getProperties();
                if (properties != null && !properties.isEmpty()) {
                    iterator = properties.entrySet().iterator();
                    while (iterator.hasNext()) {
                        Entry entry = (Entry) iterator.next();
                        stsSamlConfig.addTrustedServiceEndpointAddress((String) entry.getKey(),
                                (String) ((List) entry.getValue()).get(0));
                    }
                }
            }