svn commit: r1443581 - in /cxf/fediz/branches/1.0.x-fixes: ./ services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java services/idp/src/main/webapp/WEB-INF/web.xml

Thu, 07 Feb 2013 07:59:43 -0800 

Author: coheigea
Date: Thu Feb  7 15:59:18 2013
New Revision: 1443581

URL: http://svn.apache.org/viewvc?rev=1443581&view=rev
Log:
[FEDIZ-49] - Support using wfresh parameter in the IdP for TTL

Modified:
    cxf/fediz/branches/1.0.x-fixes/   (props changed)
    
cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
    cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/webapp/WEB-INF/web.xml

Propchange: cxf/fediz/branches/1.0.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/fediz/trunk:r1443504

Modified: 
cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
URL: 
http://svn.apache.org/viewvc/cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java?rev=1443581&r1=1443580&r2=1443581&view=diff
==============================================================================
--- 
cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
 (original)
+++ 
cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
 Thu Feb  7 15:59:18 2013
@@ -90,6 +90,8 @@ public class IdpServlet extends HttpServ
     private static final String S_PARAM_STS_WSDL_SERVICE = "sts.wsdl.service";
 
     private static final String S_PARAM_STS_WSDL_URL = "sts.wsdl.url";
+    
+    private static final String S_PARAM_STS_USE_WFRESH_FOR_TTL = 
"sts.use.wfresh.for.ttl";
 
 
     /**
@@ -101,6 +103,8 @@ public class IdpServlet extends HttpServ
     
     protected String stsWsdlUrl;
     
+    protected boolean useWfreshForTTL;
+    
     private String tokenType;
 
     private Bus bus;
@@ -149,6 +153,20 @@ public class IdpServlet extends HttpServ
         if (getInitParameter(S_PARAM_TOKEN_INTERNAL_LIFETIME) != null) {
             LOG.info("Configured token lifetime: " + 
getInitParameter(S_PARAM_TOKEN_INTERNAL_LIFETIME));
         }
+        
+        try {
+            String wfreshParam = 
getInitParameter(S_PARAM_STS_USE_WFRESH_FOR_TTL);
+            if (wfreshParam != null) {
+                useWfreshForTTL = Boolean.valueOf(wfreshParam).booleanValue();
+            } else {
+                useWfreshForTTL = true;
+            }
+        } catch (Exception ex) {
+            LOG.error("Failed to parse parameter '" + 
S_PARAM_STS_USE_WFRESH_FOR_TTL + "': " 
+                + ex.toString());
+            throw new ServletException("Failed to parse parameter '" 
+                + S_PARAM_STS_USE_WFRESH_FOR_TTL + "'");
+        }
 
     }
 
@@ -263,7 +281,8 @@ public class IdpServlet extends HttpServ
                         }
                         
                         try {
-                            idpToken = requestSecurityTokenForIDP(username, 
password, "urn:fediz:idp");
+                            idpToken = 
+                                requestSecurityTokenForIDP(username, password, 
"urn:fediz:idp", wfresh);
                             session = request.getSession(true);
                             session.setAttribute(IDP_TOKEN, idpToken);
                             session.setAttribute(IDP_USER, username);
@@ -325,7 +344,7 @@ public class IdpServlet extends HttpServ
     }
     
     private SecurityToken requestSecurityTokenForIDP(
-        String username, String password, String appliesTo
+        String username, String password, String appliesTo, String wfresh
     ) throws Exception {
         Bus cxfBus = getBus();
         
@@ -348,13 +367,31 @@ public class IdpServlet extends HttpServ
         sts.getProperties().put(SecurityConstants.USERNAME, username);
         sts.getProperties().put(SecurityConstants.PASSWORD, password);
         
+        configureTTL(sts, wfresh);
+
+        return sts.requestSecurityToken(appliesTo);
+    }
+    
+    private void configureTTL(IdpSTSClient sts, String wfresh) {
+        if (wfresh != null) {
+            try {
+                int ttl = Integer.parseInt(wfresh);
+                if (ttl > 0) {
+                    sts.setTtl(ttl * 60);                    
+                    sts.setEnableLifetime(true);
+                    return;
+                }
+            } catch (NumberFormatException ex) {
+                LOG.error("Invalid wfresh value '" + wfresh + "': "  + 
ex.getMessage());
+            }
+        }
+        
+        // wfresh not set so fall back to a configured value
         if (getInitParameter(S_PARAM_TOKEN_INTERNAL_LIFETIME) != null) {
             sts.setEnableLifetime(true);
             int ttl = 
Integer.parseInt(getInitParameter(S_PARAM_TOKEN_INTERNAL_LIFETIME));
             sts.setTtl(ttl);
         }
-        
-        return sts.requestSecurityToken(appliesTo);
     }
 
     private String requestSecurityTokenForRP(SecurityToken onbehalfof,

Modified: 
cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/webapp/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1443581&r1=1443580&r2=1443581&view=diff
==============================================================================
--- cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/webapp/WEB-INF/web.xml 
(original)
+++ cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/webapp/WEB-INF/web.xml 
Thu Feb  7 15:59:18 2013
@@ -53,6 +53,10 @@
                        <param-name>token.internal.lifetime</param-name>
                        <param-value>7200</param-value>
                </init-param>
+               <init-param>
+                       <param-name>sts.use.wfresh.for.ttl</param-name>
+                       <param-value>true</param-value>
+               </init-param>
                
 <!--           
                <init-param>

Reply via email to