Author: coheigea
Date: Tue Jan 24 20:16:53 2012
New Revision: 1235465
URL: http://svn.apache.org/viewvc?rev=1235465&view=rev
Log:
Changing SAML callback handlers to be compliant with the schema/spec
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/saml/saml2_request.xml
cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/client/SamlCallbackHandler.java
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java?rev=1235465&r1=1235464&r2=1235465&view=diff
==============================================================================
---
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
(original)
+++
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
Tue Jan 24 20:16:53 2012
@@ -92,11 +92,14 @@ public abstract class AbstractSAMLCallba
callback.setAuthenticationStatementData(Collections.singletonList(authBean));
} else if (statement == Statement.ATTR) {
AttributeStatementBean attrBean = new AttributeStatementBean();
+ AttributeBean attributeBean = new AttributeBean();
if (subjectBean != null) {
attrBean.setSubject(subjectBean);
+ attributeBean.setSimpleName("role");
+ attributeBean.setQualifiedName("http://custom-ns";);
+ } else {
+ attributeBean.setQualifiedName("role");
}
- AttributeBean attributeBean = new AttributeBean();
- attributeBean.setSimpleName("role");
attributeBean.setAttributeValues(Collections.singletonList("user"));
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/saml/saml2_request.xml
URL:
http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/saml/saml2_request.xml?rev=1235465&r1=1235464&r2=1235465&view=diff
==============================================================================
---
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/saml/saml2_request.xml
(original)
+++
cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/saml/saml2_request.xml
Tue Jan 24 20:16:53 2012
@@ -2,7 +2,7 @@
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<soap:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
- <saml2:Assertion ID="4D2CF5C052E2084C8F13014023747597"
IssueInstant="2011-03-29T12:39:34.759Z" Version="2.0"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:type="saml2:AssertionType"><saml2:Issuer>www.example.com</saml2:Issuer><saml2:Subject><saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
NameQualifier="www.example.com">uid=joe,ou=people,ou=saml-demo,o=example.com</saml2:NameID><saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions
NotBefore="2011-03-29T12:39:34.763Z"
NotOnOrAfter="2111-03-29T12:44:34.763Z"/><saml2:AuthzDecisionStatement
Decision="Permit"
Resource="endpoint"><saml2:Action>Read</saml2:Action></saml2:AuthzDecisionStatement></saml2:Assertion>
+ <saml2:Assertion ID="4D2CF5C052E2084C8F13014023747597"
IssueInstant="2011-03-29T12:39:34.759Z" Version="2.0"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:type="saml2:AssertionType"><saml2:Issuer>www.example.com</saml2:Issuer><saml2:Subject><saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
NameQualifier="www.example.com">uid=joe,ou=people,ou=saml-demo,o=example.com</saml2:NameID><saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions
NotBefore="2011-03-29T12:39:34.763Z"
NotOnOrAfter="2111-03-29T12:44:34.763Z"/><saml2:AuthzDecisionStatement
Decision="Permit" Resource="endpoint"><saml2:Action
Namespace="urn:oasis:names:tc:SAML:1.0:action:rwedc-negation">Read</saml2:Action></saml2:AuthzDecisionStatement></saml2:Assertion>
</wsse:Security>
</soap:Header>
<soap:Body>
Modified:
cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java?rev=1235465&r1=1235464&r2=1235465&view=diff
==============================================================================
---
cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
(original)
+++
cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
Tue Jan 24 20:16:53 2012
@@ -90,7 +90,12 @@ public class SamlCallbackHandler impleme
attrBean.setSubject(subjectBean);
AttributeBean attributeBean = new AttributeBean();
- attributeBean.setSimpleName("subject-role");
+ if (saml2) {
+ attributeBean.setQualifiedName("subject-role");
+ } else {
+ attributeBean.setSimpleName("subject-role");
+ attributeBean.setQualifiedName("http://custom-ns";);
+ }
attributeBean.setAttributeValues(Collections.singletonList("system-user"));
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
Modified:
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/client/SamlCallbackHandler.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/client/SamlCallbackHandler.java?rev=1235465&r1=1235464&r2=1235465&view=diff
==============================================================================
---
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/client/SamlCallbackHandler.java
(original)
+++
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/client/SamlCallbackHandler.java
Tue Jan 24 20:16:53 2012
@@ -93,7 +93,12 @@ public class SamlCallbackHandler impleme
attrBean.setSubject(subjectBean);
AttributeBean attributeBean = new AttributeBean();
- attributeBean.setSimpleName("subject-role");
+ if (saml2) {
+ attributeBean.setQualifiedName("subject-role");
+ } else {
+ attributeBean.setSimpleName("subject-role");
+ attributeBean.setQualifiedName("http://custom-ns";);
+ }
attributeBean.setAttributeValues(Collections.singletonList("system-user"));
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
