Package org.springframework.security.saml.metadata

Examples of org.springframework.security.saml.metadata.ExtendedMetadata


        try {

            Collection<Credential> credentials = new ArrayList<Credential>();

            if (useExtendedMetadata) {
                ExtendedMetadata extendedMetadata = manager.getExtendedMetadata(entityID);
                if (usage.equals(UsageType.UNSPECIFIED)) {
                    if (extendedMetadata.getSigningKey() != null) {
                        log.debug("Using customized signing key {} from extended metadata for entityID {}", extendedMetadata.getSigningKey(), entityID);
                        credentials.add(keyManager.getCredential(extendedMetadata.getSigningKey()));
                    }
                    if (extendedMetadata.getEncryptionKey() != null) {
                        log.debug("Using customized encryption key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), entityID);
                        credentials.add(keyManager.getCredential(extendedMetadata.getEncryptionKey()));
                    }
                    if (extendedMetadata.getTlsKey() != null) {
                        log.debug("Using customized TLS key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), entityID);
                        credentials.add(keyManager.getCredential(extendedMetadata.getTlsKey()));
                    }
                } else if (usage.equals(UsageType.SIGNING)) {
                    if (extendedMetadata.getSigningKey() != null) {
                        log.debug("Using customized signing key {} from extended metadata for entityID {}", extendedMetadata.getSigningKey(), entityID);
                        credentials.add(keyManager.getCredential(extendedMetadata.getSigningKey()));
                    }
                } else if (usage.equals(UsageType.ENCRYPTION)) {
                    if (extendedMetadata.getEncryptionKey() != null) {
                        log.debug("Using customized encryption key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), entityID);
                        credentials.add(keyManager.getCredential(extendedMetadata.getEncryptionKey()));
                    }
                }
            }

            if (useXmlMetadata) {
View Full Code Here


        }

        // Load the entities from the context
        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();
        ExtendedMetadata idpExtendedMetadata = context.getPeerExtendedMetadata();

        if (spDescriptor == null || idpssoDescriptor == null || idpExtendedMetadata == null) {
            throw new SAMLException("SPSSODescriptor, IDPSSODescriptor or IDPExtendedMetadata are not present in the SAMLContext");
        }
View Full Code Here

            String entityID = criteriaSet.get(EntityIDCriteria.class).getEntityID();
            log.debug("Attempting to retrieve credentials from metadata configuration for entity: {}", entityID);
            Set<String> trustedKeys;

            ExtendedMetadata extendedMetadata = metadata.getExtendedMetadata(entityID);

            if (extendedMetadata.getTrustedKeys() != null) {
                trustedKeys = extendedMetadata.getTrustedKeys();
            } else {
                trustedKeys = keyManager.getAvailableCredentials();
            }

            for (String key : trustedKeys) {
View Full Code Here

            if (idpEntityDescriptor == null) {
                throw new MetadataProviderException("Cannot localize sender entity by SHA-1 hash from the artifact");
            }

            ExtendedMetadata extendedMetadata = metadata.getExtendedMetadata(idpEntityDescriptor.getEntityID());
            IDPSSODescriptor idpssoDescriptor = SAMLUtil.getIDPSSODescriptor(idpEntityDescriptor);
            ArtifactResolutionService artifactResolutionService = SAMLUtil.getArtifactResolutionService(idpssoDescriptor, endpointIndex);

            // Create SAML message for artifact resolution
            ArtifactResolve artifactResolve = createArtifactResolve(context, artifactId, artifactResolutionService);
View Full Code Here

     */
    @Test
    public void testIDPSelection_metadataURL() throws Exception {

        SAMLMessageContext context = new SAMLMessageContext();
        ExtendedMetadata metadata = new ExtendedMetadata();
        metadata.setIdpDiscoveryEnabled(true);
        metadata.setIdpDiscoveryURL("http://test.fi/idpDisco/");
        context.setLocalExtendedMetadata(metadata);
        context.setLocalEntityId("localId");

        context.setInboundMessageTransport(new HttpServletRequestAdapter(request));
        context.setOutboundMessageTransport(new HttpServletResponseAdapter(response, false));
View Full Code Here

     */
    @Test(expected = IllegalArgumentException.class)
    public void testIDPSelection_invalidDiscoURL() throws Exception {

        SAMLMessageContext context = new SAMLMessageContext();
        ExtendedMetadata metadata = new ExtendedMetadata();
        metadata.setIdpDiscoveryEnabled(true);
        metadata.setIdpDiscoveryURL("test.fi/idpDisco/");
        context.setLocalExtendedMetadata(metadata);
        context.setLocalEntityId("localId");

        context.setInboundMessageTransport(new HttpServletRequestAdapter(request));
        context.setOutboundMessageTransport(new HttpServletResponseAdapter(response, false));
View Full Code Here

     * @throws SAMLRuntimeException in case entity is remote and doesn't contain URL in metadata
     */
    protected String getDefaultReturnURL(SAMLMessageContext messageContext) {

        RoleDescriptor descriptor = messageContext.getLocalEntityRoleMetadata();
        ExtendedMetadata extendedMetadata = messageContext.getLocalExtendedMetadata();

        // Response address from extended metadata
        if (extendedMetadata.isLocal() && extendedMetadata.getIdpDiscoveryResponseURL() != null) {
            return extendedMetadata.getIdpDiscoveryResponseURL();
        }

        // Load from metadata extensions
        if (descriptor.getExtensions() != null) {
            List<XMLObject> discoveryResponseElements = descriptor.getExtensions().getUnknownXMLObjects(DiscoveryResponse.DEFAULT_ELEMENT_NAME);
            for (XMLObject element : discoveryResponseElements) {
                DiscoveryResponse response = (DiscoveryResponse) element;
                if (response.getBinding().equals(DiscoveryResponse.IDP_DISCO_NS)) {
                    logger.debug("Using IDP Discovery response URL from metadata {}", response.getLocation());
                    return response.getLocation();
                }
            }
        }

        // Generation for local entities at known URL
        if (extendedMetadata.isLocal()) {

            String filterUrl = SAMLEntryPoint.FILTER_URL;
            if (samlEntryPoint != null) {
                filterUrl = samlEntryPoint.getFilterProcessesUrl();
            }

            String contextPath = (String) messageContext.getInboundMessageTransport().getAttribute(SAMLConstants.LOCAL_CONTEXT_PATH);
            String responseURL = contextPath + filterUrl + (extendedMetadata.getAlias() != null ? "/alias/" + extendedMetadata.getAlias() : "") + "?" + SAMLEntryPoint.DISCOVERY_RESPONSE_PARAMETER + "=true";

            logger.debug("Using IDP Discovery response URL calculated for local entity {}", responseURL);
            return responseURL;

        }
View Full Code Here

            throw new MetadataProviderException("Peer entity ID wasn't specified, but is requested");
        }

        EntityDescriptor entityDescriptor = metadata.getEntityDescriptor(peerEntityId);
        RoleDescriptor roleDescriptor = metadata.getRole(peerEntityId, peerEntityRole, SAMLConstants.SAML20P_NS);
        ExtendedMetadata extendedMetadata = metadata.getExtendedMetadata(peerEntityId);

        if (entityDescriptor == null || roleDescriptor == null) {
            throw new MetadataProviderException("Metadata for entity " + peerEntityId + " and role " + peerEntityRole + " wasn't found");
        }
View Full Code Here

            throw new MetadataProviderException("No hosted service provider is configured and no alias was selected");
        }

        EntityDescriptor entityDescriptor = metadata.getEntityDescriptor(localEntityId);
        RoleDescriptor roleDescriptor = metadata.getRole(localEntityId, localEntityRole, SAMLConstants.SAML20P_NS);
        ExtendedMetadata extendedMetadata = metadata.getExtendedMetadata(localEntityId);

        if (entityDescriptor == null || roleDescriptor == null) {
            throw new MetadataProviderException("Metadata for entity " + localEntityId + " and role " + localEntityRole + " wasn't found");
        }

        samlContext.setLocalEntityMetadata(entityDescriptor);
        samlContext.setLocalEntityRoleMetadata(roleDescriptor);
        samlContext.setLocalExtendedMetadata(extendedMetadata);

        if (extendedMetadata.getSigningKey() != null) {
            samlContext.setLocalSigningCredential(keyManager.getCredential(extendedMetadata.getSigningKey()));
        } else {
            samlContext.setLocalSigningCredential(keyManager.getDefaultCredential());
        }

    }
View Full Code Here

TOP

Related Classes of org.springframework.security.saml.metadata.ExtendedMetadata

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.