This is an automated email from the ASF dual-hosted git repository.
cris pushed a change to branch master
in repository
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-saml2.git.
at 635ef41 add git ignore file
This branch includes the following new commits:
new 3dd2d93 SAML2 SP Project setup
new 1c0e2df Update README.md
new 0986ec3 Started Auth Handler and Configuration for Auth Handler
new e3063e7 Started resolving OpenSAML dependencies
new c6d16a4 removed commented items from pom
new 07fcfb4 Finished adding OpenSAML V3 dependencies and pom.xml updates
such that the bundle Activates
new 8357cc4 Added JavaCryptoValidationInitializer is used to confirm JCE
supports the entire set of cryptographic algorithms as required by OpenSaml V3
new 2f78abc started test SP
new d7f0c6c started test idp
new f428d17 added more static helpers
new cab11a6 Added statement about this project being Derivative Works in
README.md
new d573a80 updated dependencies
new aac751e Updated readme and added a commons licensed diagram of SAML2
HTTP POST Binding flow
new 44d0ea9 corrected readme.md
new 12dac45 work in progress
new bb6f722 Added code to initialize OpenSAML V3. Corrected
authentication helper flow to call requestCredentials. Added dependency on
oak-auth-external for user sync'ing
new e83dc63 Added Java Keystore SPKeystore.jks for dev and initial tests
new 1d947d6 Started test IDP Servlet
new c837360 Corrected redirect problem with auth needed at test IDP
new 582cdec Started SOAP exchange between ConsumerServlet and
ArtifactResolutionServlet.java
new 11ed27d Classloading pain
new 1e07fee added OpenSAML-style classloading to SP and IDP servlets.
Corrected import package for HTTPSOAP11Decoder in ArtifactResolution Servlet
new 1a49ac6 Refactored configurations to a service so they may be shared
by the Auth Handler, Consumer Servlet and the UserManager service
new c560d9d Started User Management service for SAML2 Sync
new cd1de71 Started User Management service for SAML2 Sync
new d8d6e30 Refactored configurations to a service so they may be shared
by the Auth Handler, Consumer Servlet and the UserManager service
new 2aa8d8d continued user mgt service.
new 17dc7e5 Fixed pom issues, added code for user management, fixed
configService
new 757457a started group membership
new d1fd38b LPC-10 #comment Added group membership to test IDP
new 37b11de LPC-10 #comment Consumer Servlet adds groups from assertion
to the saml2user instance for the userMgt service
new 4f69a3e LPC-10 #comment Added code to manage User Membership
new 81f7164 Updated diagram to show SOAP binding and Apache Sling
new a956d80 LPC-23 #comment Started External Identity Provider and
External Login Modules
new 1dba226 LPC-23 #comment Correct error in auth handler preventing login
new d0c5778 clean up
new a2a072a added 'relay state.' Made use of SessionStorage for HTTP
Session handling
new 057f920 LPC-11 Changed SAML2 binding from Artifact (SOAP)
back-channel to Redirect/POST front-channel
new 41f1477 clean up
new b882d48 Added POST binding to Consumer Servlet
new 5f9f69c Deleted Consumer Servlet, and moved needed methods to
AuthenticationHandlerSAML2.java. Deleted ArtifactResolutionServlet.java since
this will actually use front-channel Redirect and POST bindings
new 98fcff3 Refactored static constants to SAML2ConfigServiceImpl,
updated AuthenticationHandlerSAML2 to handle SAMLRequests via POST. Updated
Saml2IDPServlet.java to use Rediect binding.
new b7509a7 LPC-23 #comment Provision user a security token that expires
and no longer persist or use AuthInfo from HTTP Session
new ee76d1a removed commented dep org.apache.sling.commons.classloader
new f0ada06 removed auth info getters and setters from Session Storage
new ee669c1 There was an error with cookiePayload at least with openJDK
it was doing arithmetic operations before String concats. Adding + makes it
clear for whatever JDK that the intent is only Sting concat and all the other
types will be cohersed to string
new 2cfa769 started NOTICE file
new 388abd6 started NOTICE file updated README with JKS info
new 100a6a1 Refactored IDP and SP static credential helpers to use JKS
according to the OSGI configs. Also renamed to make it clear what they do
new f493aa9 Removed unneeded static credential code
new 14c7497 Updates needed to use a Java Keystore from the file system,
and the associated items added to SAML2ConfigServiceImpl for OSGI configs
new 58590bf Deleted unused SOAP dependencies. Deleted unused SP Keystore
new 9d13618 Added Shibboleth Repo based on shib devs wiki and advice.
new 5baf875 Updated readme with Java Keystore instructions for signing
cert and SP credentials
new 9bb9238 start resolving some pom.xml setup stuff by removing
dependencies already provided by parent
new 1ea4fb1 Made service ranking and ACS path a osgi configuration. Fixed
bugs with incorrect binding type and in building the ACS url
new 3530966 Changed from bundle plugin from maven-bundle-plugin to
bnd-maven-plugin. Removed invalid component names.
new 564ff83 cleaned up dependencies and pom comments
new e5bfb0e Adding immediate = true for AuthenticationHandler seems to
make configurations saved take effect. Without this property, the bundle needs
to be started again.
new 3f34a8e Refactor project by removing the Internal (development) IDP.
Deleted anything used only by the IDP code.
new 715947b Updated README with complete instructions for configuring the
SAML SP, and Keycloak IDP.
new ffd81fe Added SAML2 configs that allow admins to specify which
attributes to copy from users' IDP Assertion to the JCR users properties
new 8246f93 Fixed login bug for paths under /content, returning
AuthenticationInfo.FAIL_AUTH ensures the requestCredentials method is called
new ab269e6 Fixed NPE when sync'ed attrs config is empty. Reverted last
commit to extractCredentials
new 435ce45 removed unneeded array variabled, removed default for path
configuration
new e9df4fc Added original LICENSE from project from which this was
derived,
https://bitbucket.org/srasmusson/webprofile-ref-project-v3/src/master/LICENSE
new ecc3c7f added attribution for files or methods
new 0c03af9 Removed the instructions about importing the keycloak
settings and using the JKS from resources. I needed to do this to recover my
own local IDP instance configuration, and it just didn't work. Probably best to
just describe how I did manually. Also added an link keycloak standalone
instead of docker
new 6cdc60f Updated the notice as recommended
new 16581b7 removed optional transititve for Spring's
org.relaxng.datatype from dom4j, which itself is not needed
new 67b2b46 removed optional transititve for Spring's
org.relaxng.datatype from dom4j, which itself is not needed
new b1a4900 saml-handler: pom.xml / bnd usage cleanups
new 453b148 Added method to validate subject confirmation
new 84e5eba Merge remote-tracking branch
'upstream/feature/saml-handler-pom-cleanups' into sling-saml2-service-provider
new b726d66 plugin renamed from maven-sling-plugin to sling-maven-plugin
new d1c03ec saml-handler: pom.xml / bnd usage cleanups
new c1262e6 clean up bugs and code smell
new 3890fa9 Added method to validate subject confirmation
new 8271fa7 plugin renamed from maven-sling-plugin to sling-maven-plugin
new da0f6e3 clean up bugs and code smell
new 4c05f35 added noticeStatement property
new 1e7bf27 SLING-9397 - SAML2 Authentication Handler [initial submission]
new 45eb1d7 merged upstream master
new 1cb9590 merged upstream master
new ea8da21 Upgraded SAML2 Handler to OpenSAML V4. Java 11. Sling 12.
Reviewed and optimized embedded OpenSAML dependencies and updated versions.
new 12eafbf Added custom runtime exception class for unhandled
exceptions. Removed commented and unused code
new 27120d8 added license
new 9357b5f Removed attribution under license. Refactored JKS password to
char[]. Reduced duplication Credentials classes. Removed Notice. Removed JCR
test package from resources
new fda39ab removed unused imports. added missing license
new 38396be updated comments
new 0469b44 fix 'catch multiple exceptions at once' code smell
new 8ad80ca space change
new 163def6 fix sonar bug and smells
new 87028ac Fixed startup problem by setting startLevel to 19
new 71c261e moved example realm to example project
new 24b6510 Export Package of oak-auth-external dependency simplifies
setup
new 8d0326a update documentation
new 2df5eca Updated READMME Docs for clarifying processes for SSL and
SAML credentials
new ba268ca Saml2 auth handler/upgrade sling12 open samlv4 java11 (#62)
new 598dcae Sling 9397/update removed saml config service (#69)
new 7b6a764 fix merge conflicts and sonarcloud code smells
new 635ef41 add git ignore file
The 102 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
