Author: sergeyb
Date: Thu May 17 16:53:10 2012
New Revision: 1339703
URL: http://svn.apache.org/viewvc?rev=1339703&view=rev
Log:
Some support for the POST redirects
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRequestInfo.java
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java?rev=1339703&r1=1339702&r2=1339703&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java
(original)
+++
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java
Thu May 17 16:53:10 2012
@@ -159,15 +159,14 @@ public abstract class AbstractServicePro
return true;
}
- protected String encodeAuthnRequest(Element authnRequestElement)
+ protected String deflateEncodeAuthnRequest(Element authnRequestElement)
throws IOException {
String requestMessage = DOM2Writer.nodeToString(authnRequestElement);
DeflateEncoderDecoder encoder = new DeflateEncoderDecoder();
byte[] deflatedBytes =
encoder.deflateToken(requestMessage.getBytes("UTF-8"));
- String encodedRequestMessage = Base64Utility.encode(deflatedBytes);
- return URLEncoder.encode(encodedRequestMessage, "UTF-8");
+ return Base64Utility.encode(deflatedBytes);
}
protected SamlRequestInfo createSamlRequestInfo(Message m) throws
Exception {
@@ -180,10 +179,10 @@ public abstract class AbstractServicePro
m, getIssuerId(m), getAbsoluteAssertionServiceAddress(m)
);
Element authnRequestElement = OpenSAMLUtil.toDom(authnRequest, doc);
- String authnRequestEncoded = encodeAuthnRequest(authnRequestElement);
+ String authnRequestEncoded =
deflateEncodeAuthnRequest(authnRequestElement);
SamlRequestInfo info = new SamlRequestInfo();
- info.setEncodedSamlRequest(authnRequestEncoded);
+ info.setSamlRequest(authnRequestEncoded);
String httpBasePath = (String)m.get("http.base.path");
String webAppContext = URI.create(httpBasePath).getRawPath();
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java?rev=1339703&r1=1339702&r2=1339703&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
(original)
+++
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
Thu May 17 16:53:10 2012
@@ -30,7 +30,6 @@ import java.util.UUID;
import java.util.logging.Logger;
import java.util.zip.DataFormatException;
-import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
@@ -51,11 +50,9 @@ import org.apache.cxf.common.util.Base64
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
-import org.apache.cxf.message.Message;
import org.apache.cxf.rs.security.saml.DeflateEncoderDecoder;
import org.apache.cxf.rs.security.saml.sso.state.RequestState;
import org.apache.cxf.rs.security.saml.sso.state.ResponseState;
-import org.apache.cxf.transport.http.AbstractHTTPDestination;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.saml.ext.OpenSAMLUtil;
import org.opensaml.xml.XMLObject;
@@ -71,8 +68,12 @@ public class RequestAssertionConsumerSer
private boolean supportBase64Encoding = true;
private boolean enforceAssertionsSigned = true;
+ private MessageContext messageContext;
+
@Context
- private MessageContext jaxrsContext;
+ public void setMessageContext(MessageContext mc) {
+ this.messageContext = mc;
+ }
public void setSupportDeflateEncoding(boolean deflate) {
supportDeflateEncoding = deflate;
@@ -272,11 +273,11 @@ public class RequestAssertionConsumerSer
) {
try {
SAMLSSOResponseValidator ssoResponseValidator = new
SAMLSSOResponseValidator();
-
ssoResponseValidator.setAssertionConsumerURL((String)jaxrsContext.get(Message.REQUEST_URL));
+ ssoResponseValidator.setAssertionConsumerURL(
+ messageContext.getUriInfo().getAbsolutePath().toString());
- HttpServletRequest httpRequest =
-
(HttpServletRequest)jaxrsContext.get(AbstractHTTPDestination.HTTP_REQUEST);
- ssoResponseValidator.setClientAddress(httpRequest.getRemoteAddr());
+ ssoResponseValidator.setClientAddress(
+ messageContext.getHttpServletRequest().getRemoteAddr());
ssoResponseValidator.setIssuerIDP(requestState.getIdpServiceAddress());
ssoResponseValidator.setRequestId(requestState.getSamlRequestId());
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java?rev=1339703&r1=1339702&r2=1339703&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
(original)
+++
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
Thu May 17 16:53:10 2012
@@ -22,7 +22,6 @@ import java.net.URLEncoder;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
-
import javax.security.auth.callback.CallbackHandler;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.HttpHeaders;
@@ -45,8 +44,12 @@ public class SamlRedirectBindingFilter e
} else {
try {
SamlRequestInfo info = createSamlRequestInfo(m);
+ String urlEncodedRequest =
+ URLEncoder.encode(info.getSamlRequest(), "UTF-8");
+
UriBuilder ub = UriBuilder.fromUri(getIdpServiceAddress());
- ub.queryParam(SSOConstants.SAML_REQUEST,
info.getEncodedSamlRequest());
+
+ ub.queryParam(SSOConstants.SAML_REQUEST, urlEncodedRequest);
ub.queryParam(SSOConstants.RELAY_STATE, info.getRelayState());
if (isSignRequest()) {
signRequest(ub);
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRequestInfo.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRequestInfo.java?rev=1339703&r1=1339702&r2=1339703&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRequestInfo.java
(original)
+++
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRequestInfo.java
Thu May 17 16:53:10 2012
@@ -19,17 +19,17 @@
package org.apache.cxf.rs.security.saml.sso;
public class SamlRequestInfo {
- private String encodedSamlRequest;
+ private String samlRequest;
private String relayState;
private String idpServiceAddress;
private String webAppContext;
private String webAppDomain;
- public void setEncodedSamlRequest(String encodedSaml) {
- this.encodedSamlRequest = encodedSaml;
+ public void setSamlRequest(String encodedSaml) {
+ this.samlRequest = encodedSaml;
}
- public String getEncodedSamlRequest() {
- return encodedSamlRequest;
+ public String getSamlRequest() {
+ return samlRequest;
}
public void setRelayState(String relayState) {
this.relayState = relayState;
