From 0a90384a9c7d840e88d9636271e8393a514647a0 Mon Sep 17 00:00:00 2001
From: Leif Johansson
Date: Tue, 28 Jul 2009 10:34:52 +0200
Subject: Import shibboleth ds 1.1.0
---
LICENSE.txt | 174 ++
cpappend.bat | 19 +
doc/CREDITS.txt | 42 +
doc/INSTALL.txt | 18 +
doc/README.txt | 19 +
doc/RELEASE-NOTES.txt | 20 +
doc/api/allclasses-frame.html | 75 +
doc/api/allclasses-noframe.html | 75 +
doc/api/constant-values.html | 207 +++
doc/api/deprecated-list.html | 143 ++
.../common/ShibbolethConfigurationException.html | 267 +++
.../ShibbolethConfigurationException.html | 193 ++
.../shibboleth/common/package-frame.html | 33 +
.../shibboleth/common/package-summary.html | 155 ++
.../middleware/shibboleth/common/package-tree.html | 155 ++
.../middleware/shibboleth/common/package-use.html | 167 ++
.../shibboleth/wayf/DiscoveryResponseBuilder.html | 312 ++++
.../shibboleth/wayf/DiscoveryResponseImpl.html | 420 +++++
.../wayf/DiscoveryResponseUnmarshaller.html | 298 +++
.../shibboleth/wayf/DiscoveryServiceHandler.html | 343 ++++
.../middleware/shibboleth/wayf/HandlerConfig.html | 414 +++++
.../shibboleth/wayf/IdPSite.Compare.html | 270 +++
.../middleware/shibboleth/wayf/IdPSite.html | 396 ++++
.../middleware/shibboleth/wayf/IdPSiteSet.html | 514 ++++++
.../shibboleth/wayf/IdPSiteSetEntry.html | 286 +++
.../wayf/LogbackConfigurationChangeListener.html | 353 ++++
.../shibboleth/wayf/LogbackLoggingService.html | 232 +++
.../middleware/shibboleth/wayf/Version.html | 256 +++
.../middleware/shibboleth/wayf/WayfException.html | 266 +++
.../middleware/shibboleth/wayf/WayfService.html | 316 ++++
.../middleware/shibboleth/wayf/XMLConstants.html | 304 ++++
.../wayf/class-use/DiscoveryResponseBuilder.html | 141 ++
.../wayf/class-use/DiscoveryResponseImpl.html | 187 ++
.../class-use/DiscoveryResponseUnmarshaller.html | 141 ++
.../wayf/class-use/DiscoveryServiceHandler.html | 141 ++
.../shibboleth/wayf/class-use/HandlerConfig.html | 203 +++
.../shibboleth/wayf/class-use/IdPSite.Compare.html | 141 ++
.../shibboleth/wayf/class-use/IdPSite.html | 447 +++++
.../shibboleth/wayf/class-use/IdPSiteSet.html | 193 ++
.../shibboleth/wayf/class-use/IdPSiteSetEntry.html | 141 ++
.../LogbackConfigurationChangeListener.html | 141 ++
.../wayf/class-use/LogbackLoggingService.html | 141 ++
.../shibboleth/wayf/class-use/Version.html | 141 ++
.../shibboleth/wayf/class-use/WayfException.html | 195 ++
.../shibboleth/wayf/class-use/WayfService.html | 141 ++
.../shibboleth/wayf/class-use/XMLConstants.html | 141 ++
.../middleware/shibboleth/wayf/package-frame.html | 70 +
.../shibboleth/wayf/package-summary.html | 223 +++
.../middleware/shibboleth/wayf/package-tree.html | 194 ++
.../middleware/shibboleth/wayf/package-use.html | 230 +++
.../middleware/shibboleth/wayf/plugins/Plugin.html | 381 ++++
.../shibboleth/wayf/plugins/PluginContext.html | 179 ++
.../wayf/plugins/PluginMetadataParameter.html | 177 ++
.../wayf/plugins/WayfRequestHandled.html | 243 +++
.../shibboleth/wayf/plugins/class-use/Plugin.html | 232 +++
.../wayf/plugins/class-use/PluginContext.html | 318 ++++
.../plugins/class-use/PluginMetadataParameter.html | 329 ++++
.../wayf/plugins/class-use/WayfRequestHandled.html | 257 +++
.../shibboleth/wayf/plugins/package-frame.html | 48 +
.../shibboleth/wayf/plugins/package-summary.html | 179 ++
.../shibboleth/wayf/plugins/package-tree.html | 160 ++
.../shibboleth/wayf/plugins/package-use.html | 246 +++
.../wayf/plugins/provider/BindingFilter.html | 270 +++
.../wayf/plugins/provider/ListFilter.html | 278 +++
.../provider/SamlCookiePlugin.SamlIdPCookie.html | 250 +++
.../wayf/plugins/provider/SamlCookiePlugin.html | 408 +++++
.../plugins/provider/class-use/BindingFilter.html | 141 ++
.../plugins/provider/class-use/ListFilter.html | 141 ++
.../class-use/SamlCookiePlugin.SamlIdPCookie.html | 141 ++
.../provider/class-use/SamlCookiePlugin.html | 141 ++
.../wayf/plugins/provider/package-frame.html | 37 +
.../wayf/plugins/provider/package-summary.html | 164 ++
.../wayf/plugins/provider/package-tree.html | 153 ++
.../wayf/plugins/provider/package-use.html | 141 ++
doc/api/help-doc.html | 220 +++
doc/api/index-all.html | 472 +++++
doc/api/index.html | 40 +
doc/api/options | 23 +
doc/api/overview-frame.html | 49 +
doc/api/overview-summary.html | 188 ++
doc/api/overview-tree.html | 201 +++
doc/api/package-list | 4 +
doc/api/packages | 4 +
doc/api/resources/inherit.gif | Bin 0 -> 57 bytes
doc/api/serialized-form.html | 261 +++
doc/api/stylesheet.css | 29 +
doc/src-xref/allclasses-frame.html | 92 +
.../common/ShibbolethConfigurationException.html | 64 +
.../shibboleth/common/package-frame.html | 24 +
.../shibboleth/common/package-summary.html | 67 +
.../shibboleth/wayf/DiscoveryResponseBuilder.html | 61 +
.../shibboleth/wayf/DiscoveryResponseImpl.html | 63 +
.../wayf/DiscoveryResponseUnmarshaller.html | 51 +
.../shibboleth/wayf/DiscoveryServiceHandler.html | 1016 +++++++++++
.../middleware/shibboleth/wayf/HandlerConfig.html | 236 +++
.../middleware/shibboleth/wayf/IdPSite.html | 231 +++
.../middleware/shibboleth/wayf/IdPSiteSet.html | 577 ++++++
.../shibboleth/wayf/IdPSiteSetEntry.html | 71 +
.../wayf/LogbackConfigurationChangeListener.html | 86 +
.../shibboleth/wayf/LogbackLoggingService.html | 78 +
.../middleware/shibboleth/wayf/Version.html | 45 +
.../middleware/shibboleth/wayf/WayfException.html | 61 +
.../middleware/shibboleth/wayf/WayfService.html | 332 ++++
.../middleware/shibboleth/wayf/XMLConstants.html | 47 +
.../middleware/shibboleth/wayf/package-frame.html | 66 +
.../shibboleth/wayf/package-summary.html | 137 ++
.../middleware/shibboleth/wayf/plugins/Plugin.html | 173 ++
.../shibboleth/wayf/plugins/PluginContext.html | 45 +
.../wayf/plugins/PluginMetadataParameter.html | 44 +
.../wayf/plugins/WayfRequestHandled.html | 31 +
.../shibboleth/wayf/plugins/package-frame.html | 33 +
.../shibboleth/wayf/plugins/package-summary.html | 82 +
.../wayf/plugins/provider/BindingFilter.html | 190 ++
.../wayf/plugins/provider/ListFilter.html | 198 ++
.../wayf/plugins/provider/SamlCookiePlugin.html | 558 ++++++
.../wayf/plugins/provider/package-frame.html | 36 +
.../wayf/plugins/provider/package-summary.html | 87 +
doc/src-xref/index.html | 24 +
doc/src-xref/overview-frame.html | 34 +
doc/src-xref/overview-summary.html | 79 +
doc/src-xref/stylesheet.css | 116 ++
doc/style/checkstyle.html | 55 +
doc/style/css/maven-base.css | 140 ++
doc/style/css/maven-theme.css | 110 ++
doc/style/css/print.css | 7 +
doc/style/images/add.gif | Bin 0 -> 207 bytes
doc/style/images/collapsed.gif | Bin 0 -> 53 bytes
doc/style/images/expanded.gif | Bin 0 -> 52 bytes
doc/style/images/external-classic.png | Bin 0 -> 956 bytes
doc/style/images/external.png | Bin 0 -> 230 bytes
doc/style/images/file.gif | Bin 0 -> 152 bytes
doc/style/images/fix.gif | Bin 0 -> 181 bytes
doc/style/images/folder-closed.gif | Bin 0 -> 220 bytes
doc/style/images/folder-open.gif | Bin 0 -> 229 bytes
doc/style/images/help_logo.gif | Bin 0 -> 2113 bytes
doc/style/images/icon_alert.gif | Bin 0 -> 1120 bytes
doc/style/images/icon_alertsml.gif | Bin 0 -> 154 bytes
doc/style/images/icon_arrowfolder1_sml.gif | Bin 0 -> 1082 bytes
doc/style/images/icon_arrowfolder2_sml.gif | Bin 0 -> 1080 bytes
doc/style/images/icon_arrowfolderclosed1_sml.gif | Bin 0 -> 441 bytes
doc/style/images/icon_arrowfolderopen2_sml.gif | Bin 0 -> 664 bytes
doc/style/images/icon_arrowmembers1_sml.gif | Bin 0 -> 1073 bytes
doc/style/images/icon_arrowmembers2_sml.gif | Bin 0 -> 1072 bytes
doc/style/images/icon_arrowusergroups1_sml.gif | Bin 0 -> 1072 bytes
doc/style/images/icon_arrowusergroups2_sml.gif | Bin 0 -> 1076 bytes
doc/style/images/icon_arrowwaste1_sml.gif | Bin 0 -> 606 bytes
doc/style/images/icon_arrowwaste2_sml.gif | Bin 0 -> 609 bytes
doc/style/images/icon_confirmsml.gif | Bin 0 -> 94 bytes
doc/style/images/icon_doc_lrg.gif | Bin 0 -> 1335 bytes
doc/style/images/icon_doc_sml.gif | Bin 0 -> 355 bytes
doc/style/images/icon_error_lrg.gif | Bin 0 -> 1531 bytes
doc/style/images/icon_error_sml.gif | Bin 0 -> 1010 bytes
doc/style/images/icon_folder_lrg.gif | Bin 0 -> 1548 bytes
doc/style/images/icon_folder_sml.gif | Bin 0 -> 634 bytes
doc/style/images/icon_help_lrg.gif | Bin 0 -> 1418 bytes
doc/style/images/icon_help_sml.gif | Bin 0 -> 1019 bytes
doc/style/images/icon_info_lrg.gif | Bin 0 -> 1383 bytes
doc/style/images/icon_info_sml.gif | Bin 0 -> 606 bytes
doc/style/images/icon_infosml.gif | Bin 0 -> 77 bytes
doc/style/images/icon_members_lrg.gif | Bin 0 -> 1570 bytes
doc/style/images/icon_members_sml.gif | Bin 0 -> 1023 bytes
doc/style/images/icon_sortdown.gif | Bin 0 -> 117 bytes
doc/style/images/icon_sortleft.gif | Bin 0 -> 121 bytes
doc/style/images/icon_sortright.gif | Bin 0 -> 122 bytes
doc/style/images/icon_sortup.gif | Bin 0 -> 117 bytes
doc/style/images/icon_success_lrg.gif | Bin 0 -> 1492 bytes
doc/style/images/icon_success_sml.gif | Bin 0 -> 990 bytes
doc/style/images/icon_usergroups_lrg.gif | Bin 0 -> 1520 bytes
doc/style/images/icon_usergroups_sml.gif | Bin 0 -> 1026 bytes
doc/style/images/icon_warning_lrg.gif | Bin 0 -> 1491 bytes
doc/style/images/icon_warning_sml.gif | Bin 0 -> 576 bytes
doc/style/images/icon_waste_lrg.gif | Bin 0 -> 780 bytes
doc/style/images/icon_waste_sml.gif | Bin 0 -> 562 bytes
doc/style/images/logos/maven-feather.png | Bin 0 -> 2907 bytes
doc/style/images/newwindow-classic.png | Bin 0 -> 951 bytes
doc/style/images/newwindow.png | Bin 0 -> 220 bytes
doc/style/images/none.png | Bin 0 -> 946 bytes
doc/style/images/nw_maj.gif | Bin 0 -> 49 bytes
doc/style/images/nw_maj_hi.gif | Bin 0 -> 51 bytes
doc/style/images/nw_maj_rond.gif | Bin 0 -> 51 bytes
doc/style/images/nw_med.gif | Bin 0 -> 48 bytes
doc/style/images/nw_med_hi.gif | Bin 0 -> 47 bytes
doc/style/images/nw_med_rond.gif | Bin 0 -> 46 bytes
doc/style/images/nw_min.gif | Bin 0 -> 51 bytes
doc/style/images/nw_min_036.gif | Bin 0 -> 45 bytes
doc/style/images/nw_min_hi.gif | Bin 0 -> 46 bytes
doc/style/images/pdf.gif | Bin 0 -> 950 bytes
doc/style/images/poweredby_036.gif | Bin 0 -> 808 bytes
doc/style/images/product_logo.gif | Bin 0 -> 680 bytes
doc/style/images/remove.gif | Bin 0 -> 227 bytes
doc/style/images/rss.png | Bin 0 -> 360 bytes
doc/style/images/se_maj_rond.gif | Bin 0 -> 50 bytes
doc/style/images/strich.gif | Bin 0 -> 43 bytes
doc/style/images/sw_maj_rond.gif | Bin 0 -> 51 bytes
doc/style/images/sw_med_rond.gif | Bin 0 -> 46 bytes
doc/style/images/sw_min.gif | Bin 0 -> 45 bytes
doc/style/images/update.gif | Bin 0 -> 192 bytes
doc/unitTest/css/maven-base.css | 140 ++
doc/unitTest/css/maven-theme.css | 110 ++
doc/unitTest/css/print.css | 7 +
doc/unitTest/images/add.gif | Bin 0 -> 207 bytes
doc/unitTest/images/collapsed.gif | Bin 0 -> 53 bytes
doc/unitTest/images/expanded.gif | Bin 0 -> 52 bytes
doc/unitTest/images/external-classic.png | Bin 0 -> 956 bytes
doc/unitTest/images/external.png | Bin 0 -> 230 bytes
doc/unitTest/images/file.gif | Bin 0 -> 152 bytes
doc/unitTest/images/fix.gif | Bin 0 -> 181 bytes
doc/unitTest/images/folder-closed.gif | Bin 0 -> 220 bytes
doc/unitTest/images/folder-open.gif | Bin 0 -> 229 bytes
doc/unitTest/images/help_logo.gif | Bin 0 -> 2113 bytes
doc/unitTest/images/icon_alert.gif | Bin 0 -> 1120 bytes
doc/unitTest/images/icon_alertsml.gif | Bin 0 -> 154 bytes
doc/unitTest/images/icon_arrowfolder1_sml.gif | Bin 0 -> 1082 bytes
doc/unitTest/images/icon_arrowfolder2_sml.gif | Bin 0 -> 1080 bytes
.../images/icon_arrowfolderclosed1_sml.gif | Bin 0 -> 441 bytes
doc/unitTest/images/icon_arrowfolderopen2_sml.gif | Bin 0 -> 664 bytes
doc/unitTest/images/icon_arrowmembers1_sml.gif | Bin 0 -> 1073 bytes
doc/unitTest/images/icon_arrowmembers2_sml.gif | Bin 0 -> 1072 bytes
doc/unitTest/images/icon_arrowusergroups1_sml.gif | Bin 0 -> 1072 bytes
doc/unitTest/images/icon_arrowusergroups2_sml.gif | Bin 0 -> 1076 bytes
doc/unitTest/images/icon_arrowwaste1_sml.gif | Bin 0 -> 606 bytes
doc/unitTest/images/icon_arrowwaste2_sml.gif | Bin 0 -> 609 bytes
doc/unitTest/images/icon_confirmsml.gif | Bin 0 -> 94 bytes
doc/unitTest/images/icon_doc_lrg.gif | Bin 0 -> 1335 bytes
doc/unitTest/images/icon_doc_sml.gif | Bin 0 -> 355 bytes
doc/unitTest/images/icon_error_lrg.gif | Bin 0 -> 1531 bytes
doc/unitTest/images/icon_error_sml.gif | Bin 0 -> 1010 bytes
doc/unitTest/images/icon_folder_lrg.gif | Bin 0 -> 1548 bytes
doc/unitTest/images/icon_folder_sml.gif | Bin 0 -> 634 bytes
doc/unitTest/images/icon_help_lrg.gif | Bin 0 -> 1418 bytes
doc/unitTest/images/icon_help_sml.gif | Bin 0 -> 1019 bytes
doc/unitTest/images/icon_info_lrg.gif | Bin 0 -> 1383 bytes
doc/unitTest/images/icon_info_sml.gif | Bin 0 -> 606 bytes
doc/unitTest/images/icon_infosml.gif | Bin 0 -> 77 bytes
doc/unitTest/images/icon_members_lrg.gif | Bin 0 -> 1570 bytes
doc/unitTest/images/icon_members_sml.gif | Bin 0 -> 1023 bytes
doc/unitTest/images/icon_sortdown.gif | Bin 0 -> 117 bytes
doc/unitTest/images/icon_sortleft.gif | Bin 0 -> 121 bytes
doc/unitTest/images/icon_sortright.gif | Bin 0 -> 122 bytes
doc/unitTest/images/icon_sortup.gif | Bin 0 -> 117 bytes
doc/unitTest/images/icon_success_lrg.gif | Bin 0 -> 1492 bytes
doc/unitTest/images/icon_success_sml.gif | Bin 0 -> 990 bytes
doc/unitTest/images/icon_usergroups_lrg.gif | Bin 0 -> 1520 bytes
doc/unitTest/images/icon_usergroups_sml.gif | Bin 0 -> 1026 bytes
doc/unitTest/images/icon_warning_lrg.gif | Bin 0 -> 1491 bytes
doc/unitTest/images/icon_warning_sml.gif | Bin 0 -> 576 bytes
doc/unitTest/images/icon_waste_lrg.gif | Bin 0 -> 780 bytes
doc/unitTest/images/icon_waste_sml.gif | Bin 0 -> 562 bytes
doc/unitTest/images/logos/maven-feather.png | Bin 0 -> 2907 bytes
doc/unitTest/images/newwindow-classic.png | Bin 0 -> 951 bytes
doc/unitTest/images/newwindow.png | Bin 0 -> 220 bytes
doc/unitTest/images/none.png | Bin 0 -> 946 bytes
doc/unitTest/images/nw_maj.gif | Bin 0 -> 49 bytes
doc/unitTest/images/nw_maj_hi.gif | Bin 0 -> 51 bytes
doc/unitTest/images/nw_maj_rond.gif | Bin 0 -> 51 bytes
doc/unitTest/images/nw_med.gif | Bin 0 -> 48 bytes
doc/unitTest/images/nw_med_hi.gif | Bin 0 -> 47 bytes
doc/unitTest/images/nw_med_rond.gif | Bin 0 -> 46 bytes
doc/unitTest/images/nw_min.gif | Bin 0 -> 51 bytes
doc/unitTest/images/nw_min_036.gif | Bin 0 -> 45 bytes
doc/unitTest/images/nw_min_hi.gif | Bin 0 -> 46 bytes
doc/unitTest/images/pdf.gif | Bin 0 -> 950 bytes
doc/unitTest/images/poweredby_036.gif | Bin 0 -> 808 bytes
doc/unitTest/images/product_logo.gif | Bin 0 -> 680 bytes
doc/unitTest/images/remove.gif | Bin 0 -> 227 bytes
doc/unitTest/images/se_maj_rond.gif | Bin 0 -> 50 bytes
doc/unitTest/images/strich.gif | Bin 0 -> 43 bytes
doc/unitTest/images/sw_maj_rond.gif | Bin 0 -> 51 bytes
doc/unitTest/images/sw_med_rond.gif | Bin 0 -> 46 bytes
doc/unitTest/images/sw_min.gif | Bin 0 -> 45 bytes
doc/unitTest/images/update.gif | Bin 0 -> 192 bytes
doc/unitTest/surefire-report.html | 69 +
endorsed/resolver-2.9.1.jar | Bin 0 -> 84091 bytes
endorsed/serializer-2.9.1.jar | Bin 0 -> 278286 bytes
endorsed/xalan-2.7.1.jar | Bin 0 -> 3176148 bytes
endorsed/xercesImpl-2.9.1.jar | Bin 0 -> 1229289 bytes
endorsed/xml-apis-2.9.1.jar | Bin 0 -> 194354 bytes
install.bat | 40 +
install.sh | 94 +
lib/antlr-2.7.2.jar | Bin 0 -> 358273 bytes
lib/bcprov-ext-jdk15-1.40.jar | Bin 0 -> 1603682 bytes
lib/commons-beanutils-1.7.0.jar | Bin 0 -> 188671 bytes
lib/commons-chain-1.1.jar | Bin 0 -> 90001 bytes
lib/commons-codec-1.3.jar | Bin 0 -> 46725 bytes
lib/commons-collections-3.1.jar | Bin 0 -> 559366 bytes
lib/commons-digester-1.8.jar | Bin 0 -> 143602 bytes
lib/commons-httpclient-3.1.jar | Bin 0 -> 305001 bytes
lib/commons-lang-2.1.jar | Bin 0 -> 207723 bytes
lib/commons-validator-1.3.1.jar | Bin 0 -> 138956 bytes
lib/jargs-1.0.jar | Bin 0 -> 11406 bytes
lib/jcip-annotations-1.0.jar | Bin 0 -> 2254 bytes
lib/jcl-over-slf4j-1.5.5.jar | Bin 0 -> 16746 bytes
lib/joda-time-1.5.2.jar | Bin 0 -> 531326 bytes
lib/log4j-over-slf4j-1.5.5.jar | Bin 0 -> 9665 bytes
lib/logback-classic-0.9.13.jar | Bin 0 -> 146846 bytes
lib/logback-core-0.9.13.jar | Bin 0 -> 219456 bytes
lib/not-yet-commons-ssl-0.3.9.jar | Bin 0 -> 260555 bytes
lib/opensaml-2.2.3.jar | Bin 0 -> 1249375 bytes
lib/openws-1.2.2.jar | Bin 0 -> 119232 bytes
lib/oro-2.0.8.jar | Bin 0 -> 65261 bytes
lib/shibboleth-discovery-service-1.1.0.jar | Bin 0 -> 56599 bytes
lib/slf4j-api-1.5.6.jar | Bin 0 -> 22338 bytes
lib/struts-core-1.3.9.jar | Bin 0 -> 329359 bytes
lib/struts-taglib-1.3.9.jar | Bin 0 -> 251209 bytes
lib/velocity-1.5.jar | Bin 0 -> 392124 bytes
lib/xmlsec-1.4.2.jar | Bin 0 -> 444503 bytes
lib/xmltooling-1.2.0.jar | Bin 0 -> 577978 bytes
src/installer/lib/ant-1.7.0.jar | Bin 0 -> 1289806 bytes
src/installer/lib/ant-contrib-1.0b2.jar | Bin 0 -> 194050 bytes
src/installer/lib/ant-launcher-1.7.0.jar | Bin 0 -> 11734 bytes
src/installer/lib/ant-nodeps-1.7.0.jar | Bin 0 -> 430311 bytes
src/installer/resources/build.xml | 68 +
src/installer/resources/install.properties | 1 +
src/installer/resources/logging.xml | 50 +
src/installer/resources/wayfconfig.xml | 159 ++
src/main/webapp/WEB-INF/tlds/struts-bean.tld | 1153 ++++++++++++
src/main/webapp/WEB-INF/tlds/struts-logic.tld | 1893 ++++++++++++++++++++
src/main/webapp/WEB-INF/web.xml | 55 +
src/main/webapp/images/incommon.gif | Bin 0 -> 975 bytes
src/main/webapp/images/internet2.gif | Bin 0 -> 1204 bytes
src/main/webapp/images/logo.jpg | Bin 0 -> 13660 bytes
src/main/webapp/index.htm | 5 +
src/main/webapp/wayf.css | 104 ++
src/main/webapp/wayf.jsp | 547 ++++++
src/main/webapp/wayferror.jsp | 38 +
325 files changed, 26579 insertions(+)
create mode 100644 LICENSE.txt
create mode 100644 cpappend.bat
create mode 100644 doc/CREDITS.txt
create mode 100644 doc/INSTALL.txt
create mode 100644 doc/README.txt
create mode 100644 doc/RELEASE-NOTES.txt
create mode 100644 doc/api/allclasses-frame.html
create mode 100644 doc/api/allclasses-noframe.html
create mode 100644 doc/api/constant-values.html
create mode 100644 doc/api/deprecated-list.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/ShibbolethConfigurationException.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/class-use/ShibbolethConfigurationException.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/package-frame.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/package-summary.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/package-tree.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/common/package-use.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseBuilder.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseImpl.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseUnmarshaller.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/HandlerConfig.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/IdPSite.Compare.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/IdPSite.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/IdPSiteSet.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/IdPSiteSetEntry.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/LogbackConfigurationChangeListener.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/LogbackLoggingService.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/Version.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/WayfException.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/WayfService.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/XMLConstants.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/DiscoveryResponseBuilder.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/DiscoveryResponseImpl.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/DiscoveryResponseUnmarshaller.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/DiscoveryServiceHandler.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/HandlerConfig.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/IdPSite.Compare.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/IdPSite.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/IdPSiteSet.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/IdPSiteSetEntry.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/LogbackConfigurationChangeListener.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/LogbackLoggingService.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/Version.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/WayfException.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/WayfService.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/class-use/XMLConstants.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/package-frame.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/package-summary.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/package-tree.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/package-use.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/Plugin.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/PluginContext.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/PluginMetadataParameter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/WayfRequestHandled.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/class-use/Plugin.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/class-use/PluginContext.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/class-use/PluginMetadataParameter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/class-use/WayfRequestHandled.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/package-tree.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/package-use.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/SamlCookiePlugin.SamlIdPCookie.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/SamlCookiePlugin.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/class-use/BindingFilter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/class-use/ListFilter.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/class-use/SamlCookiePlugin.SamlIdPCookie.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/class-use/SamlCookiePlugin.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-tree.html
create mode 100644 doc/api/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-use.html
create mode 100644 doc/api/help-doc.html
create mode 100644 doc/api/index-all.html
create mode 100644 doc/api/index.html
create mode 100644 doc/api/options
create mode 100644 doc/api/overview-frame.html
create mode 100644 doc/api/overview-summary.html
create mode 100644 doc/api/overview-tree.html
create mode 100644 doc/api/package-list
create mode 100644 doc/api/packages
create mode 100644 doc/api/resources/inherit.gif
create mode 100644 doc/api/serialized-form.html
create mode 100644 doc/api/stylesheet.css
create mode 100644 doc/src-xref/allclasses-frame.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/common/ShibbolethConfigurationException.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/common/package-frame.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/common/package-summary.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseBuilder.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseImpl.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryResponseUnmarshaller.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/HandlerConfig.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/IdPSite.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/IdPSiteSet.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/IdPSiteSetEntry.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/LogbackConfigurationChangeListener.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/LogbackLoggingService.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/Version.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/WayfException.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/WayfService.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/XMLConstants.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/package-frame.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/package-summary.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/Plugin.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/PluginContext.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/PluginMetadataParameter.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/WayfRequestHandled.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/SamlCookiePlugin.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html
create mode 100644 doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html
create mode 100644 doc/src-xref/index.html
create mode 100644 doc/src-xref/overview-frame.html
create mode 100644 doc/src-xref/overview-summary.html
create mode 100644 doc/src-xref/stylesheet.css
create mode 100644 doc/style/checkstyle.html
create mode 100644 doc/style/css/maven-base.css
create mode 100644 doc/style/css/maven-theme.css
create mode 100644 doc/style/css/print.css
create mode 100644 doc/style/images/add.gif
create mode 100644 doc/style/images/collapsed.gif
create mode 100644 doc/style/images/expanded.gif
create mode 100644 doc/style/images/external-classic.png
create mode 100644 doc/style/images/external.png
create mode 100644 doc/style/images/file.gif
create mode 100644 doc/style/images/fix.gif
create mode 100644 doc/style/images/folder-closed.gif
create mode 100644 doc/style/images/folder-open.gif
create mode 100644 doc/style/images/help_logo.gif
create mode 100644 doc/style/images/icon_alert.gif
create mode 100644 doc/style/images/icon_alertsml.gif
create mode 100644 doc/style/images/icon_arrowfolder1_sml.gif
create mode 100644 doc/style/images/icon_arrowfolder2_sml.gif
create mode 100644 doc/style/images/icon_arrowfolderclosed1_sml.gif
create mode 100644 doc/style/images/icon_arrowfolderopen2_sml.gif
create mode 100644 doc/style/images/icon_arrowmembers1_sml.gif
create mode 100644 doc/style/images/icon_arrowmembers2_sml.gif
create mode 100644 doc/style/images/icon_arrowusergroups1_sml.gif
create mode 100644 doc/style/images/icon_arrowusergroups2_sml.gif
create mode 100644 doc/style/images/icon_arrowwaste1_sml.gif
create mode 100644 doc/style/images/icon_arrowwaste2_sml.gif
create mode 100644 doc/style/images/icon_confirmsml.gif
create mode 100644 doc/style/images/icon_doc_lrg.gif
create mode 100644 doc/style/images/icon_doc_sml.gif
create mode 100644 doc/style/images/icon_error_lrg.gif
create mode 100644 doc/style/images/icon_error_sml.gif
create mode 100644 doc/style/images/icon_folder_lrg.gif
create mode 100644 doc/style/images/icon_folder_sml.gif
create mode 100644 doc/style/images/icon_help_lrg.gif
create mode 100644 doc/style/images/icon_help_sml.gif
create mode 100644 doc/style/images/icon_info_lrg.gif
create mode 100644 doc/style/images/icon_info_sml.gif
create mode 100644 doc/style/images/icon_infosml.gif
create mode 100644 doc/style/images/icon_members_lrg.gif
create mode 100644 doc/style/images/icon_members_sml.gif
create mode 100644 doc/style/images/icon_sortdown.gif
create mode 100644 doc/style/images/icon_sortleft.gif
create mode 100644 doc/style/images/icon_sortright.gif
create mode 100644 doc/style/images/icon_sortup.gif
create mode 100644 doc/style/images/icon_success_lrg.gif
create mode 100644 doc/style/images/icon_success_sml.gif
create mode 100644 doc/style/images/icon_usergroups_lrg.gif
create mode 100644 doc/style/images/icon_usergroups_sml.gif
create mode 100644 doc/style/images/icon_warning_lrg.gif
create mode 100644 doc/style/images/icon_warning_sml.gif
create mode 100644 doc/style/images/icon_waste_lrg.gif
create mode 100644 doc/style/images/icon_waste_sml.gif
create mode 100644 doc/style/images/logos/maven-feather.png
create mode 100644 doc/style/images/newwindow-classic.png
create mode 100644 doc/style/images/newwindow.png
create mode 100644 doc/style/images/none.png
create mode 100644 doc/style/images/nw_maj.gif
create mode 100644 doc/style/images/nw_maj_hi.gif
create mode 100644 doc/style/images/nw_maj_rond.gif
create mode 100644 doc/style/images/nw_med.gif
create mode 100644 doc/style/images/nw_med_hi.gif
create mode 100644 doc/style/images/nw_med_rond.gif
create mode 100644 doc/style/images/nw_min.gif
create mode 100644 doc/style/images/nw_min_036.gif
create mode 100644 doc/style/images/nw_min_hi.gif
create mode 100644 doc/style/images/pdf.gif
create mode 100644 doc/style/images/poweredby_036.gif
create mode 100644 doc/style/images/product_logo.gif
create mode 100644 doc/style/images/remove.gif
create mode 100644 doc/style/images/rss.png
create mode 100644 doc/style/images/se_maj_rond.gif
create mode 100644 doc/style/images/strich.gif
create mode 100644 doc/style/images/sw_maj_rond.gif
create mode 100644 doc/style/images/sw_med_rond.gif
create mode 100644 doc/style/images/sw_min.gif
create mode 100644 doc/style/images/update.gif
create mode 100644 doc/unitTest/css/maven-base.css
create mode 100644 doc/unitTest/css/maven-theme.css
create mode 100644 doc/unitTest/css/print.css
create mode 100644 doc/unitTest/images/add.gif
create mode 100644 doc/unitTest/images/collapsed.gif
create mode 100644 doc/unitTest/images/expanded.gif
create mode 100644 doc/unitTest/images/external-classic.png
create mode 100644 doc/unitTest/images/external.png
create mode 100644 doc/unitTest/images/file.gif
create mode 100644 doc/unitTest/images/fix.gif
create mode 100644 doc/unitTest/images/folder-closed.gif
create mode 100644 doc/unitTest/images/folder-open.gif
create mode 100644 doc/unitTest/images/help_logo.gif
create mode 100644 doc/unitTest/images/icon_alert.gif
create mode 100644 doc/unitTest/images/icon_alertsml.gif
create mode 100644 doc/unitTest/images/icon_arrowfolder1_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowfolder2_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowfolderclosed1_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowfolderopen2_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowmembers1_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowmembers2_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowusergroups1_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowusergroups2_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowwaste1_sml.gif
create mode 100644 doc/unitTest/images/icon_arrowwaste2_sml.gif
create mode 100644 doc/unitTest/images/icon_confirmsml.gif
create mode 100644 doc/unitTest/images/icon_doc_lrg.gif
create mode 100644 doc/unitTest/images/icon_doc_sml.gif
create mode 100644 doc/unitTest/images/icon_error_lrg.gif
create mode 100644 doc/unitTest/images/icon_error_sml.gif
create mode 100644 doc/unitTest/images/icon_folder_lrg.gif
create mode 100644 doc/unitTest/images/icon_folder_sml.gif
create mode 100644 doc/unitTest/images/icon_help_lrg.gif
create mode 100644 doc/unitTest/images/icon_help_sml.gif
create mode 100644 doc/unitTest/images/icon_info_lrg.gif
create mode 100644 doc/unitTest/images/icon_info_sml.gif
create mode 100644 doc/unitTest/images/icon_infosml.gif
create mode 100644 doc/unitTest/images/icon_members_lrg.gif
create mode 100644 doc/unitTest/images/icon_members_sml.gif
create mode 100644 doc/unitTest/images/icon_sortdown.gif
create mode 100644 doc/unitTest/images/icon_sortleft.gif
create mode 100644 doc/unitTest/images/icon_sortright.gif
create mode 100644 doc/unitTest/images/icon_sortup.gif
create mode 100644 doc/unitTest/images/icon_success_lrg.gif
create mode 100644 doc/unitTest/images/icon_success_sml.gif
create mode 100644 doc/unitTest/images/icon_usergroups_lrg.gif
create mode 100644 doc/unitTest/images/icon_usergroups_sml.gif
create mode 100644 doc/unitTest/images/icon_warning_lrg.gif
create mode 100644 doc/unitTest/images/icon_warning_sml.gif
create mode 100644 doc/unitTest/images/icon_waste_lrg.gif
create mode 100644 doc/unitTest/images/icon_waste_sml.gif
create mode 100644 doc/unitTest/images/logos/maven-feather.png
create mode 100644 doc/unitTest/images/newwindow-classic.png
create mode 100644 doc/unitTest/images/newwindow.png
create mode 100644 doc/unitTest/images/none.png
create mode 100644 doc/unitTest/images/nw_maj.gif
create mode 100644 doc/unitTest/images/nw_maj_hi.gif
create mode 100644 doc/unitTest/images/nw_maj_rond.gif
create mode 100644 doc/unitTest/images/nw_med.gif
create mode 100644 doc/unitTest/images/nw_med_hi.gif
create mode 100644 doc/unitTest/images/nw_med_rond.gif
create mode 100644 doc/unitTest/images/nw_min.gif
create mode 100644 doc/unitTest/images/nw_min_036.gif
create mode 100644 doc/unitTest/images/nw_min_hi.gif
create mode 100644 doc/unitTest/images/pdf.gif
create mode 100644 doc/unitTest/images/poweredby_036.gif
create mode 100644 doc/unitTest/images/product_logo.gif
create mode 100644 doc/unitTest/images/remove.gif
create mode 100644 doc/unitTest/images/se_maj_rond.gif
create mode 100644 doc/unitTest/images/strich.gif
create mode 100644 doc/unitTest/images/sw_maj_rond.gif
create mode 100644 doc/unitTest/images/sw_med_rond.gif
create mode 100644 doc/unitTest/images/sw_min.gif
create mode 100644 doc/unitTest/images/update.gif
create mode 100644 doc/unitTest/surefire-report.html
create mode 100644 endorsed/resolver-2.9.1.jar
create mode 100644 endorsed/serializer-2.9.1.jar
create mode 100644 endorsed/xalan-2.7.1.jar
create mode 100644 endorsed/xercesImpl-2.9.1.jar
create mode 100644 endorsed/xml-apis-2.9.1.jar
create mode 100644 install.bat
create mode 100644 install.sh
create mode 100644 lib/antlr-2.7.2.jar
create mode 100644 lib/bcprov-ext-jdk15-1.40.jar
create mode 100644 lib/commons-beanutils-1.7.0.jar
create mode 100644 lib/commons-chain-1.1.jar
create mode 100644 lib/commons-codec-1.3.jar
create mode 100644 lib/commons-collections-3.1.jar
create mode 100644 lib/commons-digester-1.8.jar
create mode 100644 lib/commons-httpclient-3.1.jar
create mode 100644 lib/commons-lang-2.1.jar
create mode 100644 lib/commons-validator-1.3.1.jar
create mode 100644 lib/jargs-1.0.jar
create mode 100644 lib/jcip-annotations-1.0.jar
create mode 100644 lib/jcl-over-slf4j-1.5.5.jar
create mode 100644 lib/joda-time-1.5.2.jar
create mode 100644 lib/log4j-over-slf4j-1.5.5.jar
create mode 100644 lib/logback-classic-0.9.13.jar
create mode 100644 lib/logback-core-0.9.13.jar
create mode 100644 lib/not-yet-commons-ssl-0.3.9.jar
create mode 100644 lib/opensaml-2.2.3.jar
create mode 100644 lib/openws-1.2.2.jar
create mode 100644 lib/oro-2.0.8.jar
create mode 100644 lib/shibboleth-discovery-service-1.1.0.jar
create mode 100644 lib/slf4j-api-1.5.6.jar
create mode 100644 lib/struts-core-1.3.9.jar
create mode 100644 lib/struts-taglib-1.3.9.jar
create mode 100644 lib/velocity-1.5.jar
create mode 100644 lib/xmlsec-1.4.2.jar
create mode 100644 lib/xmltooling-1.2.0.jar
create mode 100644 src/installer/lib/ant-1.7.0.jar
create mode 100644 src/installer/lib/ant-contrib-1.0b2.jar
create mode 100644 src/installer/lib/ant-launcher-1.7.0.jar
create mode 100644 src/installer/lib/ant-nodeps-1.7.0.jar
create mode 100644 src/installer/resources/build.xml
create mode 100644 src/installer/resources/install.properties
create mode 100644 src/installer/resources/logging.xml
create mode 100644 src/installer/resources/wayfconfig.xml
create mode 100644 src/main/webapp/WEB-INF/tlds/struts-bean.tld
create mode 100644 src/main/webapp/WEB-INF/tlds/struts-logic.tld
create mode 100644 src/main/webapp/WEB-INF/web.xml
create mode 100644 src/main/webapp/images/incommon.gif
create mode 100644 src/main/webapp/images/internet2.gif
create mode 100644 src/main/webapp/images/logo.jpg
create mode 100644 src/main/webapp/index.htm
create mode 100644 src/main/webapp/wayf.css
create mode 100644 src/main/webapp/wayf.jsp
create mode 100644 src/main/webapp/wayferror.jsp
diff --git a/LICENSE.txt b/LICENSE.txt
new file mode 100644
index 0000000..338979d
--- /dev/null
+++ b/LICENSE.txt
@@ -0,0 +1,174 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
\ No newline at end of file
diff --git a/cpappend.bat b/cpappend.bat
new file mode 100644
index 0000000..9f606aa
--- /dev/null
+++ b/cpappend.bat
@@ -0,0 +1,19 @@
+rem ---------------------------------------------------------------------------
+rem Append to CLASSPATH
+rem
+rem $Id$
+rem ---------------------------------------------------------------------------
+
+rem Process the first argument
+if ""%1"" == """" goto end
+set LOCALCLASSPATH=%LOCALCLASSPATH%;%1
+shift
+
+rem Process the remaining arguments
+:setArgs
+if ""%1"" == """" goto doneSetArgs
+set LOCALCLASSPATH=%LOCALCLASSPATH% %1
+shift
+goto setArgs
+:doneSetArgs
+:end
diff --git a/doc/CREDITS.txt b/doc/CREDITS.txt
new file mode 100644
index 0000000..23cde66
--- /dev/null
+++ b/doc/CREDITS.txt
@@ -0,0 +1,42 @@
+Shibboleth Implementation Team
+
+ Documentation
+
+ Nate Klingenstein
+ Internet2
+
+ Chad La Joie
+ SWITCH
+
+ Programming
+
+ Scott Cantor
+ The Ohio State University
+
+ Jim Fox
+ University of Washington
+
+ Chad La Joie
+ SWITCH
+
+ Will Norris
+ University of Southern California
+
+ Rod Widdowson
+ University of Edinburgh
+
+ Project Management
+
+ RL "Bob" Morgan
+ University of Washington
+
+ Steven Carmody
+ Brown University
+
+ Ken Klingenstein
+ Internet2
+
+
+Thanks to:
+
+ Internet2
\ No newline at end of file
diff --git a/doc/INSTALL.txt b/doc/INSTALL.txt
new file mode 100644
index 0000000..8ca3ae0
--- /dev/null
+++ b/doc/INSTALL.txt
@@ -0,0 +1,18 @@
+3-Mar-08
+Version 1.0 Release Candidate 3
+
+Shibboleth Discovery Service Installation
+
+Prior to installation you may need to configure the system as described in deployment guide.
+This is currently available at:
+
+https://spaces.internet2.edu/display/SHIB/DiscoveryService
+
+Specifically you may need to edit webpages\wayf.jsp and
+src/conf/wayfconfig.xml. With no configuration the DiscoveryService
+deploys an internet2 branded GUI and looks for metadata in the file
+"/usr/local/sites.xml" (unix) and "%systemdrive%:\usr\local\sites.xml"
+(Windows)
+
+Then run ant in the top level directory to build the war file suitable
+for deploying into your container.
\ No newline at end of file
diff --git a/doc/README.txt b/doc/README.txt
new file mode 100644
index 0000000..4b8e45a
--- /dev/null
+++ b/doc/README.txt
@@ -0,0 +1,19 @@
+Welcome to Internet2's Shibboleth
+
+Shibboleth is a federated web authentication and attribute exchange system
+based on SAML developed by Internet2 and MACE.
+
+Shibboleth is licensed under the Apache 2.0 license which is provided in the
+LICENSE.txt file.
+
+Shibboleth Project Site:
+http://shibboleth.internet2.edu/
+
+Shibboleth Documentation Site:
+https://spaces.internet2.edu/display/SHIB2/Home
+
+Source and binary distributions
+http://shibboleth.internet2.edu/downloads
+
+Bug Tracker:
+https://bugs.internet2.edu/jira
\ No newline at end of file
diff --git a/doc/RELEASE-NOTES.txt b/doc/RELEASE-NOTES.txt
new file mode 100644
index 0000000..07aa43f
--- /dev/null
+++ b/doc/RELEASE-NOTES.txt
@@ -0,0 +1,20 @@
+Changes in Release 1.1.0
+=============================================
+[SDSJ-22] - wayf.jsp: Invalid loaction of tag and
+[SDSJ-27] - Discovery Service produce megabytes of logging
+[SDSJ-34] - Add tabindex to the inputfields .
+[SDSJ-36] - Strip out cookie handling parameters from HandlerConfig
+[SDSJ-37] - Logging is still stuffed for V2 discovery service.
+[SDSJ-39] - Calling wayf.jsp directly should induce wayf error page with appropiate message
+[SDSJ-41] - Could the DS be made more informative when the SP point it to the wrong address
+[SDSJ-42] - DS should also listen on DS and *.ds endpoints
+[SDSJ-44] - Add version information in library JAR manifest and provide command line tool to view it
+[SDSJ-46] - 1.1 Installation is broken in several exciting and new ways.
+[SDSJ-48] - DS accepts SP endpoints without checking Binding attribute.
+[SDSJ-50] - Need to collect more recent versions of libraries for this release
+[SDSj-51] - Should be able to have whose contents are never shown.
+[SDSJ-52] - Display of UTF8 is currently broken.
+[SDSJ-53] - NPE in edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlug
+[SDSJ-54] - requestURL is fetched from the application context
+[SDSJ-55] - NPE on empty
+[SDSJ-57] - Add White/BloackList Filter
diff --git a/doc/api/allclasses-frame.html b/doc/api/allclasses-frame.html
new file mode 100644
index 0000000..2bede0e
--- /dev/null
+++ b/doc/api/allclasses-frame.html
@@ -0,0 +1,75 @@
+
+
+
+
+
+
+
+All Classes (Shibboleth Discovery Service 1.1.0 Java API.)
+
+
+
+
+
+
+
+
+
+
+All Classes
+
+
+
IdPSiteSet(Element el,
+ org.opensaml.xml.parse.ParserPool parserPool,
+ boolean warnOnBadBinding)
+
+
+ Create a new IdPSiteSet as described by the supplied XML segment.
ShibbolethConfigurationException
+
+
+ Signals that the a Shibboleth component has been given insufficient or improper runtime configuration paramerts.
forwardRequest(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ IdPSite site)
+
+
+ Uses an HTTP Status 307 redirect to forward the user to the IdP or the SP.
+A class which abstracts an IdP for the sake of the WAYF display. Given an EntityDescriptor as
+ input it provides bean style get functions for the name (EntityId), the display name
+ (a hybrid of Organization name or EntityId and the IdP's SSO connection point.
+
getDisplayName(javax.servlet.http.HttpServletRequest req)
+
+
+ Get the user friendly name for the entity, collecting the locale from the
+ browser if possible
Prior to display we set the display language from the
+ browser. There is probably a proper way to do this using
+ jsp, but I want to keep the API between JSP and java the same 1.3->2.0
+
+Represents a collection of related sites as desribed by a single soirce of metadata.
+ This is usually a federation. When the WAYF looks to see which IdP sites to show,
+ it trims the list so as to not show IdP's which do not trust the SP.
+
+ This class is opaque outside this file. The three static methods getSitesLists,
+ searchForMatchingOrigins and lookupIdP provide mechansims for accessing
+ collections of IdPSiteSets.
+
+
+
+
+
+
+
+
+
+
+
+
+
+Constructor Summary
+
+
+
+protected
+
IdPSiteSet(Element el,
+ org.opensaml.xml.parse.ParserPool parserPool,
+ boolean warnOnBadBinding)
+
+
+ Create a new IdPSiteSet as described by the supplied XML segment.
+
+
+
+
+
+
+
+
+
+Method Summary
+
+
+
+protected void
+
addPlugin(Plugin plugin)
+
+
+ Declares a plugin to the siteset.
+
+
+
+protected boolean
+
containsIdP(String IdPName)
+
+
+ For plugin handling we need to know quickly if a metadataset contains the idp.
+
+
+
+protected boolean
+
containsSP(String SPName)
+
+
+ We do not need to look at a set if it doesn't know about the given SP.
Return all the Idp in the provided entities descriptor. If SearchMatches
+ is non null it is populated with whatever of the IdPs matches the search string
+ (as noted above).
+
+
+
+
+
+
Parameters:
searchString - to match with
config - parameter to mathing
searchMatches - if non null is filled with such of the sites which match the string
+
We do not need to look at a set if it doesn't know about the given SP. However if
+ no SP is given (as per 1.1) then we do need to look. This calls lets us know whether
+ this set is a canddiate for looking into.
+
+A servlet implementation of the Shibboleth WAYF service. Allows a browser
+ user to select from among a group of origin sites. User selection is
+ optionally cached and the user is forwarded to the HandleService appropriate
+ to his selection.
+
DiscoveryServiceHandler.forwardRequest(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ IdPSite site)
+
+
+ Uses an HTTP Status 307 redirect to forward the user to the IdP or the SP.
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
DiscoveryServiceHandler.forwardRequest(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ IdPSite site)
+
+
+ Uses an HTTP Status 307 redirect to forward the user to the IdP or the SP.
DiscoveryResponseImpl
+
+
+ This plugs into the standard opensaml2 parser framework to allow us to get use DiscoverResponse
+ elements in our extensions.
+
+
+
HandlerConfig
+
+
+ Class used by the DiscoveryServiceHandler to handle run time behaviour.
+
+
+
IdPSite
+
+
+ A class which abstracts an IdP for the sake of the WAYF display.
+
+
+
IdPSiteSet
+
+
+ Represents a collection of related sites as desribed by a single soirce of metadata.
+
+
+
WayfException
+
+
+ Signals that an error has occurred while processing a Shibboleth WAYF request.
+The Plugin interface is used to affect the 'hints' that the WAYF offers to the users.
+
+ The WAYF can register any number of plugins. Each plugin is called when the metadata is loaded or realoaded
+ (so it can do any indexing) and at the three entry points into the WAYF - Lookup (main entry), Search and Select.
+ Plugins are called in the order in which they are declared to the WAYF.
+
+ Each plugin is called once when the user has made a selection.
+
+ For Search and Lookup, each plugin is called multiple times, once for each metadata provider which has
+ been declared to this particular WAYF instance. The plugin can return a context which is handed to subsequent calls.
+
+ The idea is that each plugin can affect the displayed lists of IdPs. As a reminder the WAYF displays two lists of
+ IdPs - the complete list, displayed either as a single list or a list of lists, and the hint list (which was
+ previously only populated from the _saml_idp cookie. In the search case the WAYF displays a third list of
+ the search hits.
+
+ When the plugin in called it is given the current set of potential IdPs as a Map from EntityID to IdPSite
+ and lists representing the current hint list and search results. A Plugin can remove an entry from
+ the map or the lists. Additionally it can insert an IdPSite found in the Map into the hint or search lists.
+ Thus the plugin can restrict the number of sites that the WAYF instance displays in the 'complete list' and
+ can add or remove IdPs from the hint list.
+
+ At any stage the plugin can take control of the current request and redirect or forward it. It signals that
+ it has done this to the WAYF by means of an exception.
+
+ The _saml_idp cookie handling code is written as a WAYF plugin. Other plugins have been written to allow IdPs
+ to be presented as hints based on the client's IP address or to redirect back to the SP once the choice of
+ IdP has been made.
+
+ Object implementing this interface are created during WAYF discovery service initialization. There are
+ expected to implement a constructor which takes a Element as the only parameter and they are
+ created via this constructor, with the parameter being the appropriate section of the WAYF configuration file
+
lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
refreshMetadata(org.opensaml.saml2.metadata.provider.MetadataProvider metadata)
+
+
+ Whenever the WAYF discoveres that the metadata is stale, it reloads it and calls each plugin at this method.
selected(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ String idP)
+
+
+ This method is called, for every plugin, after a user has selected an IdP.
The WAYF calls each plugin at this entry point when it is first contacted.
+
+
+
Parameters:
req - - Describes the current request. A Plugin might use it to find any appropriate cookies
res - - Describes the current response. A Plugin might use it to redirect a the request.
parameter - Describes the metadata.
context - Any processing context returned from a previous call.
validIdps - The list of IdPs which is currently views as possibly matches for the pattern.
+ The Key is the EntityId for the IdP and the value the object which describes
+ the Idp
idpList - The set of Idps which are currently considered as potential hints.
+
Returns:
a context to hand to subsequent calls
+
Throws:
+
WayfRequestHandled - if the plugin has handled the request (for instance it has
+ issues a redirect)
+
+ Each plugin is called multiple times,
+ once for each metadata provider which is registered (Depending on the precise configuration of the WAYF
+ metadata providers whose metadata does not include the target may be dropped). Initially the plugin is
+ called with a context parameter of null. In subsequent calls, the value returned from
+ the previous call is passed in as the context parameter.
+
+ The plugin may remove IdPSite objects from the validIdps list.
+
+ The plugin may add or remove them to the idpList. IdPSite Objects which are to be added to the idpList
+ should be looked up by EntityIdName in validIdps by EntityId. Hence any metadata processing shoudl
+ store the entityID.
This method is called when the user specified a search operation. The processing is similar to
+ that described for lookup.
+ Two additional paramaters are provided, the search parameter which was provided, and the current
+ proposed list of candidate IdPs. The plugin is at liberty to alter both the list of hints and the
+ list of valid IdPs.
+
+
+
Parameters:
req - Describes the current request. The Plugin could use it to find any appropriate cookies
res - Describes the result - this is needed if (for instance) a plung needs to change cookie values
parameter - Describes the metadata
pattern - The Search pattern provided
validIdps - The list of IdPs which is currently views as possibly matches for the pattern.
+ The Key is the Idp Name an the value the idp
context - Any processing context returned from a previous call.
searchResult - the resukt of any search
idpList - The set of Idps which are currently considered as potential hints. Each Idp is associated
+ with a numeric weight, where the lower the number is the more likely the IdP is to be a candidate.
+ As descibed above the WAYF uses this to provide hint list to the GUI (or even to dispatch
+ immediately to the IdP).
+
Returns:
a context to hand to subsequent calls
+
Throws:
+
WayfRequestHandled - if the plugin has handled the request (for instance it has
+ issues a redirect)
This method is called, for every plugin, after a user has selected an IdP. The plugin is expected
+ to use it to update any in memory state (via the PluginMetadataParameter parameter or permananent
+ state (for instance by writing back a cookie.
+
+
+
Parameters:
req - Describes the current request.
res - Describes the current response
parameter - Describes the metadata
+
Throws:
+
WayfRequestHandled - if the plugin has handled the request (for instance it has
+ issues a redirect)
+ Objects which implement PluginContext are passed between sucessive calls to a plugins implementations of
+ lookup and search as the plugin
+ is called for each MetadataProvider.
+
+The PluginParameter is a marker interface which a WAYF Plugin can use to associate extra information
+ with the metadata. Each plugin returns a PluginParameter from RefreshMetadata
+ and this is in turn presented back to then Plugin when it is called during WAYF processing.
+
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
Plugin.refreshMetadata(org.opensaml.saml2.metadata.provider.MetadataProvider metadata)
+
+
+ Whenever the WAYF discoveres that the metadata is stale, it reloads it and calls each plugin at this method.
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
Plugin.selected(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ String idP)
+
+
+ This method is called, for every plugin, after a user has selected an IdP.
SamlCookiePlugin.refreshMetadata(org.opensaml.saml2.metadata.provider.MetadataProvider metadata)
+
+
+ Plugin point which is called when the data is refreshed.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
Plugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ The WAYF calls each plugin at this entry point when it is first contacted.
Plugin.selected(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ String idP)
+
+
+ This method is called, for every plugin, after a user has selected an IdP.
SamlCookiePlugin.lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
Plugin
+
+
+ The Plugin interface is used to affect the 'hints' that the WAYF offers to the users.
+
+
+
PluginMetadataParameter
+
+
+ The PluginParameter is a marker interface which a WAYF Plugin can use to associate extra information
+ with the metadata.
PluginMetadataParameter
+
+
+ The PluginParameter is a marker interface which a WAYF Plugin can use to associate extra information
+ with the metadata.
+
+
+
WayfRequestHandled
+
+
+ This Exception can be signalled by a plugin to indicate to the WAYF that it has handled the
+ request and all processing should stop.
PluginMetadataParameter
+
+
+ The PluginParameter is a marker interface which a WAYF Plugin can use to associate extra information
+ with the metadata.
+
+
+
WayfRequestHandled
+
+
+ This Exception can be signalled by a plugin to indicate to the WAYF that it has handled the
+ request and all processing should stop.
lookup(javax.servlet.http.HttpServletRequest req,
+ javax.servlet.http.HttpServletResponse res,
+ PluginMetadataParameter parameter,
+ Map<String,IdPSite> validIdps,
+ PluginContext context,
+ List<IdPSite> idpList)
+
+
+ This is the 'hook' in the lookup part of Discovery Service processing.
req - - Describes the current request. Used to find any appropriate cookies
res - - Describes the current response. Used to redirect the request.
parameter - - Describes the metadata.
context - - Any processing context returned from a previous call. We set this on first call and
+ use non null to indicate that we don't go there again.
validIdps - The list of IdPs which is currently views as possibly matches for the pattern.
+ The Key is the EntityId for the IdP and the value the object which describes
+ the Idp
idpList - The set of Idps which are currently considered as potential hints.
+
Returns:
a context to hand to subsequent calls
+
Throws:
+
WayfRequestHandled - if the plugin has handled the request.
+ issues a redirect)
validIdps - The list of IdPs which is currently views as possibly matches for the pattern.
+ The Key is the EntityId for the IdP and the value the object which describes
+ the Idp
context - Any processing context returned from a previous call. We set this on first call and
+ use non null to indicate that we don't go there again.
searchResult - What the search yielded.
idpList - The set of Idps which are currently considered as potential hints.
+
+This API (Application Programming Interface) document has pages corresponding to the items in the navigation bar, described as follows.
+Overview
+
+
+
+The Overview page is the front page of this API document and provides a list of all packages with a summary for each. This page can also contain an overall description of the set of packages.
+
+Package
+
+
+
+Each package has a page that contains a list of its classes and interfaces, with a summary for each. This page can contain four categories:
+
Interfaces (italic)
Classes
Enums
Exceptions
Errors
Annotation Types
+
+
+Class/Interface
+
+
+
+Each class, interface, nested class and nested interface has its own separate page. Each of these pages has three sections consisting of a class/interface description, summary tables, and detailed member descriptions:
+
Class inheritance diagram
Direct Subclasses
All Known Subinterfaces
All Known Implementing Classes
Class/interface declaration
Class/interface description
+
+
Nested Class Summary
Field Summary
Constructor Summary
Method Summary
+
+
Field Detail
Constructor Detail
Method Detail
+Each summary entry contains the first sentence from the detailed description for that item. The summary entries are alphabetical, while the detailed descriptions are in the order they appear in the source code. This preserves the logical groupings established by the programmer.
+
+
+Annotation Type
+
+
+
+Each annotation type has its own separate page with the following sections:
+
Annotation Type declaration
Annotation Type description
Required Element Summary
Optional Element Summary
Element Detail
+
+
+
+Enum
+
+
+
+Each enum has its own separate page with the following sections:
+
Enum declaration
Enum description
Enum Constant Summary
Enum Constant Detail
+
+
+Use
+
+Each documented package, class and interface has its own Use page. This page describes what packages, classes, methods, constructors and fields use any part of the given class or package. Given a class or interface A, its Use page includes subclasses of A, fields declared as A, methods that return A, and methods and constructors with parameters of type A. You can access this page by first going to the package, class or interface, then clicking on the "Use" link in the navigation bar.
+
+Tree (Class Hierarchy)
+
+There is a Class Hierarchy page for all packages, plus a hierarchy for each package. Each hierarchy page contains a list of classes and a list of interfaces. The classes are organized by inheritance structure starting with java.lang.Object. The interfaces do not inherit from java.lang.Object.
+
When viewing the Overview page, clicking on "Tree" displays the hierarchy for all packages.
When viewing a particular package, class or interface page, clicking "Tree" displays the hierarchy for only that package.
+
+
+Deprecated API
+
+The Deprecated API page lists all of the API that have been deprecated. A deprecated API is not recommended for use, generally due to improvements, and a replacement API is usually given. Deprecated APIs may be removed in future implementations.
+
+Index
+
+The Index contains an alphabetic list of all classes, interfaces, constructors, methods, and fields.
+
+Prev/Next
+These links take you to the next or previous class, interface, package, or related page.
+Frames/No Frames
+These links show and hide the HTML frames. All pages are available with or without frames.
+
+
+Serialized Form
+Each serializable or externalizable class has a description of its serialization fields and methods. This information is of interest to re-implementors, not to developers using the API. While there is no link in the navigation bar, you can get to this information by going to any serialized class and clicking "Serialized Form" in the "See also" section of the class description.
+
+The Discovery Service allows users to select a home IdP when they first approach a Service provider.
+
+This implementation provides support for two protocols. Firstly there
+is legacy support for the old style Shibboleth 1.3 prorocol (WAYF) in
+which the wayf sits between the Sp and the IdP. It also supports the
+SAML2 DiscoveryService protocol which is a conversation between the SP
+and the DS. The SP then dispatches off to the IdP.
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.common;
+18
+19/**
+20 * Signals that the a Shibboleth component has been given insufficient or improper runtime configuration paramerts.
+21 *
+22 * @author Walter Hoehn (wassa@columbia.edu)
+23 */
+24publicclassShibbolethConfigurationExceptionextends Exception {
+25
+26/**
+27 * 'Required' Serial ID.
+28 */
+29privatestaticfinallong serialVersionUID = 3052563354463892233L;
+30
+31/**
+32 * Build an object embedding a String message. Normally called for detected errors.
+33 *
+34 * @param message - Text (in US English) describing the reason for raising the exception.
+35 */
+36publicShibbolethConfigurationException(String message) {
+37super(message);
+38 }
+39
+40/**
+41 * Build an object which embeds an message an exception.
+42 * Normally called to pass on errors found at a lower level.
+43 *
+44 * @param message - Text (in US English) describing the reasdon for raising the exception.
+45 * @param t - Cause for the failure as returned by the lower level component.
+46 */
+47publicShibbolethConfigurationException(String message, Throwable t) {
+48super(message,t);
+49 }
+50 }
+
+
+1/*
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17/**
+18 *
+19 */
+20
+21package edu.internet2.middleware.shibboleth.wayf;
+22
+23import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+24import org.opensaml.common.xml.SAMLConstants;
+25
+26/**
+27 * Builder of {@link org.opensaml.saml2.metadata.impl.SingleLogoutServiceImpl}.
+28 */
+29publicclassDiscoveryResponseBuilderextends AbstractSAMLObjectBuilder<DiscoveryResponseImpl> {
+30
+31/**
+32 * Constructor
+33 */
+34publicDiscoveryResponseBuilder() {
+35
+36 }
+37
+38/** {@inheritDoc} */
+39publicDiscoveryResponseImpl buildObject() {
+40return buildObject(SAMLConstants.SAML20MD_NS, DiscoveryResponseImpl.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20MD_PREFIX);
+41 }
+42
+43/** {@inheritDoc} */
+44publicDiscoveryResponseImpl buildObject(String namespaceURI, String localName, String namespacePrefix) {
+45returnnewDiscoveryResponseImpl(namespaceURI, localName, namespacePrefix);
+46 }
+47 }
+
+
+1/*
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17/**
+18 *
+19 */
+20
+21package edu.internet2.middleware.shibboleth.wayf;
+22
+23import org.opensaml.saml2.metadata.IndexedEndpoint;
+24import org.opensaml.saml2.metadata.impl.IndexedEndpointImpl;
+25
+26/**
+27 * This plugs into the standard opensaml2 parser framework to allow us to get use <code> DiscoverResponse </code>
+28 * elements in our extensions.
+29 */
+30publicclassDiscoveryResponseImplextends IndexedEndpointImpl implements IndexedEndpoint {
+31
+32/** Namespace for Discovery Service metadata extensions. */
+33
+34publicstaticfinal String METADATA_NS = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol";
+35/** Name of the element inside the Extensions. */
+36
+37protectedstaticfinal String DEFAULT_ELEMENT_LOCAL_NAME = "DiscoveryResponse";
+38
+39/**
+40 * Constructor.
+41 *
+42 * @param namespaceURI the Uri
+43 * @param elementLocalName the local name
+44 * @param namespacePrefix the prefix
+45 */
+46protectedDiscoveryResponseImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
+47super(namespaceURI, elementLocalName, namespacePrefix);
+48 }
+49 }
+
+
+1/*
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17/**
+18 *
+19 */
+20
+21package edu.internet2.middleware.shibboleth.wayf;
+22
+23import org.opensaml.saml2.metadata.impl.IndexedEndpointUnmarshaller;
+24import org.opensaml.xml.XMLObject;
+25import org.opensaml.xml.io.UnmarshallingException;
+26import org.w3c.dom.Attr;
+27
+28/**
+29 * A thread safe Unmarshaller for {@link org.opensaml.saml2.metadata.SingleLogoutService} objects.
+30 */
+31publicclassDiscoveryResponseUnmarshallerextends IndexedEndpointUnmarshaller {
+32
+33/** {@inheritDoc} */
+34protectedvoid processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
+35super.processAttribute(samlObject, attribute);
+36 }
+37 }
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19import java.util.HashSet;
+20
+21import org.slf4j.Logger;
+22import org.slf4j.LoggerFactory;
+23import org.w3c.dom.Element;
+24import org.w3c.dom.NodeList;
+25
+26import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
+27
+28/**
+29 * Class used by the DiscoveryServiceHandler to handle run time behaviour.
+30 */
+31
+32publicclassHandlerConfig {
+33
+34/**
+35 * How to get debug output out.
+36 */
+37privatestaticfinal Logger LOG = LoggerFactory.getLogger(HandlerConfig.class.getName());
+38
+39/** A set of names which are ignored when doing a search. */
+40privatefinal HashSet <String> ignoredForMatch;
+41
+42/** Where to find the GUI description jsp file. */
+43privatefinal String jspFile;
+44
+45/** Where to find the error jsp file. */
+46privatefinal String errorJspFile;
+47
+48/** Do we give the jsp file an array of arrays of IdPs? */
+49privatefinalboolean provideListOfLists;
+50
+51/** Do we give the jsp file a flat list of IdPs? */
+52privatefinalboolean provideList;
+53
+54/** Do we do a pre-filter by SP name in for each metadata provider. */
+55privatefinalboolean lookupSp;
+56
+57/** Do we warn on the bad binding. */
+58privatefinalboolean warnOnBadBinding;
+59
+60/** Build the 'default default' configuation. */
+61publicHandlerConfig() {
+62//
+63// 'Sensible' default values
+64//
+65 jspFile = "/wayf.jsp";
+66 errorJspFile = "/wayfError.jsp";
+67 provideList = true;
+68 provideListOfLists = false;
+69 lookupSp = true;
+70 ignoredForMatch = new HashSet <String>();
+71 warnOnBadBinding = false;
+72 }
+73
+74
+75/**
+76 *
+77 * Parse the Supplied XML element into a new WayfConfig Object.
+78 * @param config - The XML with the configuration info.
+79 * @param defaultValue - The default if nothing is specified.
+80 * @throws ShibbolethConfigurationException - if we see somethin wrong.
+81 */
+82publicHandlerConfig(Element config, HandlerConfig defaultValue) throws ShibbolethConfigurationException {
+83
+84 String attribute;
+85 LOG.debug("Loading global configuration properties.");
+86
+87 NodeList list = config.getElementsByTagName("SearchIgnore");
+88
+89if (list.getLength() == 0) {
+90
+91 ignoredForMatch = defaultValue.ignoredForMatch;
+92
+93 } else {
+94
+95 ignoredForMatch = new HashSet<String>();
+96
+97for (int i = 0; i < list.getLength(); i++ ) {
+98
+99 NodeList inner = ((Element) list.item(i)).getElementsByTagName("IgnoreText");
+100
+101for(int j = 0; j < inner.getLength(); j++) {
+102
+103 addIgnoredForMatch(inner.item(j).getTextContent());
+104 }
+105 }
+106 }
+107
+108 attribute = config.getAttribute("jspFile");
+109if (attribute != null && !attribute.equals("")) {
+110 jspFile = attribute;
+111 } else {
+112 jspFile = defaultValue.jspFile;
+113 }
+114
+115 attribute = config.getAttribute("errorJspFile");
+116if (attribute != null && !attribute.equals("")) {
+117 errorJspFile = attribute;
+118 } else {
+119 errorJspFile = defaultValue.errorJspFile;
+120 }
+121
+122 attribute = config.getAttribute("provideList");
+123if (attribute != null && !attribute.equals("")) {
+124 provideList = Boolean.valueOf(attribute).booleanValue();
+125 } else {
+126 provideList = defaultValue.provideList;
+127 }
+128
+129 attribute = config.getAttribute("provideListOfList");
+130if (attribute != null && !attribute.equals("")) {
+131 provideListOfLists = Boolean.valueOf(attribute).booleanValue();
+132 } else {
+133 provideListOfLists = defaultValue.provideListOfLists;
+134 }
+135
+136 attribute = config.getAttribute("showUnusableIdPs");
+137if (attribute != null && !attribute.equals("")) {
+138 lookupSp = !Boolean.valueOf(attribute).booleanValue();
+139 } else {
+140 lookupSp = defaultValue.lookupSp;
+141 }
+142
+143 attribute = config.getAttribute("warnOnBadBinding");
+144if (null != attribute && !attribute.equals("")) {
+145 warnOnBadBinding = Boolean.valueOf(attribute).booleanValue();
+146 } else {
+147 warnOnBadBinding = false;
+148 }
+149 }
+150
+151
+152/**
+153 * Determines if a particular string token should be used for matching when a user searches for origins.
+154 *
+155 * @param str - The string to lookup.
+156 * @return whether it is or not.
+157 */
+158publicboolean isIgnoredForMatch(String str) {
+159
+160return ignoredForMatch.contains(str.toLowerCase());
+161 }
+162
+163/**
+164 * Sets the tokens that should be ignored when a user searches for an origin site.
+165 *
+166 * @param s
+167 * The ignored tokens are passed as a single string, each separated by whitespace
+168 */
+169privatevoid addIgnoredForMatch(String s) {
+170
+171 ignoredForMatch.add(s.toLowerCase());
+172 }
+173
+174/**
+175 * Get the name of the jsp File this instance uses.
+176 * @return the name.
+177 */
+178public String getJspFile() {
+179return jspFile;
+180 }
+181
+182/**
+183 * Get the name of the error jsp File this instance uses.
+184 * @return the name.
+185 */
+186public String getErrorJspFile() {
+187return errorJspFile;
+188 }
+189
+190/**
+191 * Do we provide a list of lists of IdPs?.
+192 * @return whether we do or not.
+193 */
+194publicboolean getProvideListOfLists() {
+195return provideListOfLists;
+196 }
+197
+198/**
+199 * Do we provide a list of IdPs?.
+200 * @return whether we provide a list of IdPs?.
+201 */
+202publicboolean getProvideList() {
+203return provideList;
+204 }
+205
+206/**
+207 * Do we lookup the SP or just return all the IdPs?.
+208 * @return whether or not we lookup the SP
+209 */
+210publicboolean getLookupSp() {
+211return lookupSp;
+212 }
+213
+214/**
+215 * Do ignore badly formed bindings or just warn
+216 * @return whether we warn.
+217 */
+218publicboolean getWarnOnBadBinding() {
+219return warnOnBadBinding;
+220 }
+221
+222 }
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19import java.util.Comparator;
+20import java.util.List;
+21import java.util.Locale;
+22
+23import javax.servlet.http.HttpServletRequest;
+24
+25import org.opensaml.saml2.metadata.EntityDescriptor;
+26import org.opensaml.saml2.metadata.Organization;
+27import org.opensaml.saml2.metadata.OrganizationDisplayName;
+28import org.opensaml.saml2.metadata.SingleSignOnService;
+29
+30/**
+31 * A class which abstracts an IdP for the sake of the WAYF display. Given an {@link EntityDescriptor} as
+32 * input it provides bean style get functions for the name (EntityId), the display name
+33 * (a hybrid of Organization name or EntityId and the IdP's SSO connection point.
+34 *
+35 */
+36publicclassIdPSite {
+37
+38/** The OpenSaml element that this stands for. */
+39private EntityDescriptor entity;
+40
+41/** The language we set up */
+42private String displayLanguage;
+43
+44/**
+45 * Create a new element from the provided Entity.
+46 * @param entityParam - What to create from
+47 */
+48publicIdPSite(EntityDescriptor entityParam) {
+49 entity = entityParam;
+50 }
+51
+52/**
+53 * Get the name for the enclosed entity.
+54 * @return the name for the enclosed entity.
+55 */
+56public String getName() {
+57return entity.getEntityID();
+58 }
+59
+60/**
+61 * Get the user friendly name for the entity, collecting the locale from the
+62 * browser if possible
+63 * @param req the request
+64 * @return a user friendly name.
+65 */
+66public String getDisplayName(HttpServletRequest req) {
+67//
+68// Get the browser locale, failing that the server one
+69//
+70 Locale locale = req.getLocale();
+71if (null == locale) {
+72 Locale.getDefault();
+73 }
+74 String lang = locale.getLanguage();
+75
+76return getDisplayName(lang);
+77 }
+78/**
+79 * Get the user friendly name for the entity, using provided language
+80 * @param lang the language.
+81 *
+82 * @return a user friendly name.
+83 */
+84private String getDisplayName(String lang) {
+85 Organization org = entity.getOrganization();
+86
+87if (org == null) {
+88return entity.getEntityID();
+89 }
+90
+91 List<OrganizationDisplayName> list = org.getDisplayNames();
+92
+93//
+94// Lookup first by locale
+95//
+96
+97for (OrganizationDisplayName name:list) {
+98if (null !=name && lang.equals(name.getName().getLanguage())) {
+99return name.getName().getLocalString();
+100 }
+101 }
+102
+103//
+104// If that doesn't work then anything goes
+105//
+106
+107for (OrganizationDisplayName name:list) {
+108if (null !=name && null != name.getName().getLocalString()) {
+109return name.getName().getLocalString();
+110 }
+111 }
+112
+113//
+114// If there is still nothing then use the entity Id
+115//
+116return entity.getEntityID();
+117 }
+118/**
+119 * Get the user friendly name for the entity, the language we previouslt set up
+120 * @param lang the language.
+121 *
+122 * @return a user friendly name.
+123 */
+124public String getDisplayName() {
+125return getDisplayName(displayLanguage);
+126 }
+127
+128/**
+129 * Comparison so we can sort the output for jsp.
+130 * @param o What to compare against
+131 * @return numeric encoding of comparison
+132 * @see java.lang.Comparator
+133 */
+134protectedint compareTo(Object o, HttpServletRequest req) {
+135
+136
+137 String myDisplayName;
+138 String otherDisplayName;
+139IdPSite other;
+140
+141if (equals(o)) {
+142return 0;
+143 }
+144
+145 myDisplayName = getDisplayName(req);
+146if (null == myDisplayName) {
+147 myDisplayName = "";
+148 }
+149
+150 other = (IdPSite) o;
+151 otherDisplayName = other.getDisplayName(req);
+152if (null == otherDisplayName) {
+153 otherDisplayName = "";
+154 }
+155
+156int result = myDisplayName.toLowerCase().compareTo(otherDisplayName.toLowerCase());
+157if (result == 0) {
+158 result = myDisplayName.compareTo(otherDisplayName);
+159 }
+160return result;
+161 }
+162
+163/**
+164 * When a user has selected an IdP, this provides the address to which we redirect.
+165 * @return http address for the IdP this represents.
+166 */
+167public String getAddressForWAYF() {
+168 List<SingleSignOnService> ssoList;
+169
+170 ssoList = entity.getIDPSSODescriptor(XMLConstants.SHIB_NS).getSingleSignOnServices();
+171
+172for (SingleSignOnService signOnService: ssoList) {
+173if (XMLConstants.IDP_SSO_BINDING.equals(signOnService.getBinding())) {
+174return signOnService.getLocation();
+175 }
+176 }
+177returnnull;
+178 }
+179
+180/**
+181 * Prior to display we set the display language from the
+182 * browser. There is probably a proper way to do this using
+183 * jsp, but I want to keep the API between JSP and java the same 1.3->2.0
+184 * @param lang the language to set
+185 */
+186publicvoid setDisplayLanguage(String lang) {
+187this.displayLanguage = lang;
+188 }
+189
+190publicstaticclassCompare implements Comparator<IdPSite> {
+191
+192/**
+193 * This allows us to set up sorted lists of entities with respect to
+194 * the browser request.
+195 *
+196 * @see java.util.Comparator#compare(java.lang.Object, java.lang.Object)
+197 */
+198private HttpServletRequest req = null;
+199
+200privateCompare() {
+201//
+202// No public method
+203 }
+204
+205publicCompare(HttpServletRequest req) {
+206this.req = req;
+207 }
+208
+209publicint compare(IdPSite o1, IdPSite o2) {
+210// TODO Auto-generated method stub
+211return o1.compareTo(o2, req);
+212 }
+213
+214 }
+215
+216 }
+217
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16package edu.internet2.middleware.shibboleth.wayf;
+17
+18import java.io.File;
+19import java.lang.reflect.Constructor;
+20import java.net.MalformedURLException;
+21import java.net.URL;
+22import java.util.ArrayList;
+23import java.util.Collection;
+24import java.util.Enumeration;
+25import java.util.HashMap;
+26import java.util.HashSet;
+27import java.util.List;
+28import java.util.Map;
+29import java.util.Set;
+30import java.util.StringTokenizer;
+31import java.util.TreeMap;
+32
+33import org.opensaml.saml2.metadata.EntitiesDescriptor;
+34import org.opensaml.saml2.metadata.EntityDescriptor;
+35import org.opensaml.saml2.metadata.IDPSSODescriptor;
+36import org.opensaml.saml2.metadata.Organization;
+37import org.opensaml.saml2.metadata.OrganizationDisplayName;
+38import org.opensaml.saml2.metadata.OrganizationName;
+39import org.opensaml.saml2.metadata.RoleDescriptor;
+40import org.opensaml.saml2.metadata.SPSSODescriptor;
+41import org.opensaml.saml2.metadata.provider.FileBackedHTTPMetadataProvider;
+42import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
+43import org.opensaml.saml2.metadata.provider.MetadataFilter;
+44import org.opensaml.saml2.metadata.provider.MetadataFilterChain;
+45import org.opensaml.saml2.metadata.provider.MetadataProvider;
+46import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+47import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider;
+48import org.opensaml.xml.XMLObject;
+49import org.opensaml.xml.parse.ParserPool;
+50import org.slf4j.Logger;
+51import org.slf4j.LoggerFactory;
+52import org.w3c.dom.Element;
+53import org.w3c.dom.NodeList;
+54
+55import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
+56import edu.internet2.middleware.shibboleth.wayf.plugins.Plugin;
+57import edu.internet2.middleware.shibboleth.wayf.plugins.PluginMetadataParameter;
+58import edu.internet2.middleware.shibboleth.wayf.plugins.provider.BindingFilter;
+59
+60/**
+61 *
+62 * Represents a collection of related sites as desribed by a single soirce of metadata.
+63 * This is usually a federation. When the WAYF looks to see which IdP sites to show,
+64 * it trims the list so as to not show IdP's which do not trust the SP.
+65 *
+66 * This class is opaque outside this file. The three static methods getSitesLists,
+67 * searchForMatchingOrigins and lookupIdP provide mechansims for accessing
+68 * collections of IdPSiteSets.
+69 *
+70 */
+71
+72publicclassIdPSiteSet implements ObservableMetadataProvider.Observer {
+73
+74/** Handle for error output. */
+75privatestaticfinal Logger LOG = LoggerFactory.getLogger(IdPSiteSet.class.getName());
+76
+77/** The OpenSaml metadat6a source. */
+78private ObservableMetadataProvider metadata;
+79
+80/** Is the named SP in the current metadata set? */
+81private Set<String> spNames = new HashSet<String>(0);
+82
+83/** Is the named IdP in the current metadata set? */
+84private Set<String> idpNames = new HashSet<String>(0);
+85
+86/** What does the configuration identify this as? */
+87privatefinal String identifier;
+88
+89/** What name should we display for this set of entities? */
+90privatefinal String displayName;
+91
+92/** Where does the metadata exist? */
+93private String location;
+94
+95/** What parameters do we pass in to which plugin? */
+96privatefinal Map<Plugin, PluginMetadataParameter> plugins = new HashMap<Plugin, PluginMetadataParameter>();
+97
+98/**
+99 * Create a new IdPSiteSet as described by the supplied XML segment.
+100 * @param el - configuration details.
+101 * @param parserPool - the parsers we initialized above.
+102 * @param warnOnBadBinding if we just warn or give an error if an SP has bad entry points.
+103 * @throws ShibbolethConfigurationException - if something goes wrong.
+104 */
+105protectedIdPSiteSet(Element el, ParserPool parserPool, boolean warnOnBadBinding) throws ShibbolethConfigurationException {
+106
+107 String spoolSpace;
+108 String delayString;
+109
+110this.identifier = el.getAttribute("identifier");
+111this.displayName = el.getAttribute("displayName");
+112 location = el.getAttribute("url");
+113if (null == location || location.length() == 0) {
+114//
+115// Sigh for a few releases this was documented as URI
+116//
+117 location = el.getAttribute("url");
+118 }
+119 spoolSpace = el.getAttribute("backingFile");
+120 delayString = el.getAttribute("timeout");
+121
+122//
+123// Configure the filters (before the metadata so we can add them before we start reading)
+124//
+125 String ident;
+126 String className;
+127 ident = "<not specified>";
+128 className = "<not specified>";
+129 MetadataFilterChain filterChain = null;
+130 filterChain = new MetadataFilterChain();
+131try {
+132 NodeList itemElements = el.getElementsByTagNameNS(XMLConstants.CONFIG_NS, "Filter");
+133 List <MetadataFilter> filters = new ArrayList<MetadataFilter>(1 + itemElements.getLength());
+134
+135//
+136// We always have a binding filter
+137//
+138 filters.add(newBindingFilter(warnOnBadBinding));
+139
+140for (int i = 0; i < itemElements.getLength(); i++) {
+141 Element element = (Element) itemElements.item(i);
+142
+143 ident = "<not specified>";
+144 className = "<not specified>";
+145
+146 ident = element.getAttribute("identifier");
+147
+148if (null == ident || ident.equals("")) {
+149 LOG.error("Could not load filter with no identifier");
+150continue;
+151 }
+152
+153 className = element.getAttribute("type");
+154if (null == className || className.equals("")) {
+155 LOG.error("Filter " + identifier + " did not have a valid type");
+156 }
+157//
+158// So try to get hold of the Filter
+159//
+160 Class<MetadataFilter> filterClass = (Class<MetadataFilter>) Class.forName(className);
+161 Class[] classParams = {Element.class};
+162 Constructor<MetadataFilter> constructor = filterClass.getConstructor(classParams);
+163 Object[] constructorParams = {element};
+164
+165 filters.add(constructor.newInstance(constructorParams));
+166 }
+167 filterChain.setFilters(filters);
+168 } catch (Exception e) {
+169 LOG.error("Could not load filter " + ident + "()" + className + ") for " + this.identifier, e);
+170thrownewShibbolethConfigurationException("Could not load filter", e);
+171 }
+172
+173 LOG.info("Loading Metadata for " + displayName);
+174try {
+175int delay;
+176 delay = 30000;
+177if (null != delayString && !"".equals(delayString)) {
+178 delay = Integer.parseInt(delayString);
+179 }
+180
+181 URL url = new URL(location);
+182if ("file".equalsIgnoreCase(url.getProtocol())){
+183 FilesystemMetadataProvider provider = new FilesystemMetadataProvider(new File(url.getFile()));
+184 provider.setParserPool(parserPool);
+185if (null != filterChain) {
+186 provider.setMetadataFilter(filterChain);
+187 }
+188 provider.initialize();
+189 metadata = provider;
+190 } else {
+191if (spoolSpace == null || "".equals(spoolSpace)) {
+192thrownewShibbolethConfigurationException("backingFile must be specified for " + identifier);
+193 }
+194
+195 FileBackedHTTPMetadataProvider provider;
+196
+197 provider = new FileBackedHTTPMetadataProvider(location, delay, spoolSpace);
+198 provider.setParserPool(parserPool);
+199if (null != filterChain) {
+200 provider.setMetadataFilter(filterChain);
+201 }
+202 provider.initialize();
+203 metadata = provider;
+204 }
+205 } catch (MetadataProviderException e) {
+206thrownewShibbolethConfigurationException("Could not read " + location, e);
+207 } catch (NumberFormatException e) {
+208thrownewShibbolethConfigurationException("Badly formed timeout " + delayString, e);
+209 } catch (MalformedURLException e) {
+210thrownewShibbolethConfigurationException("Badly formed url ", e);
+211 }
+212 metadata.getObservers().add(this);
+213 onEvent(metadata);
+214 }
+215
+216/**
+217 * Based on 1.2 Origin.isMatch. There must have been a reason for it...
+218 * [Kindas of] support for the search function in the wayf. This return many false positives
+219 * but given the aim is to provide input for a pull down list...
+220 *
+221 * @param entity The entity to match.
+222 * @param str The patten to match against.
+223 * @param config Provides list of tokens to not lookup
+224 * @return Whether this entity matches
+225 */
+226
+227privatestaticboolean isMatch(EntityDescriptor entity, String str, HandlerConfig config) {
+228
+229 Enumeration input = new StringTokenizer(str);
+230while (input.hasMoreElements()) {
+231 String currentToken = (String) input.nextElement();
+232
+233if (config.isIgnoredForMatch(currentToken)) {
+234continue;
+235 }
+236
+237 currentToken = currentToken.toLowerCase();
+238
+239if (entity.getEntityID().indexOf(currentToken) > -1) {
+240returntrue;
+241 }
+242
+243 Organization org = entity.getOrganization();
+244
+245if (org != null) {
+246
+247 List <OrganizationName> orgNames = org.getOrganizationNames();
+248for (OrganizationName name : orgNames) {
+249if (name.getName().getLocalString().indexOf(currentToken) > -1) {
+250returntrue;
+251 }
+252 }
+253
+254 List <OrganizationDisplayName> orgDisplayNames = org.getDisplayNames();
+255for (OrganizationDisplayName name : orgDisplayNames) {
+256if (name.getName().getLocalString().indexOf(currentToken) > -1) {
+257returntrue;
+258 }
+259 }
+260 }
+261 }
+262return false;
+263 }
+264
+265/**
+266 * Return all the Idp in the provided entities descriptor. If SearchMatches
+267 * is non null it is populated with whatever of the IdPs matches the search string
+268 * (as noted above).
+269 * @param searchString to match with
+270 * @param config parameter to mathing
+271 * @param searchMatches if non null is filled with such of the sites which match the string
+272 * @return the sites which fit.
+273 */
+274protected Map<String, IdPSite> getIdPSites(String searchString,
+275HandlerConfig config,
+276 Collection<IdPSite> searchMatches)
+277 {
+278 XMLObject object;
+279 List <EntityDescriptor> entities;
+280try {
+281 object = metadata.getMetadata();
+282 } catch (MetadataProviderException e) {
+283 LOG.error("Metadata for " + location + "could not be read", e);
+284returnnull;
+285 }
+286
+287if (object == null) {
+288returnnull;
+289 }
+290
+291//
+292// Fill in entities approptiately
+293//
+294
+295if (object instanceof EntityDescriptor) {
+296 entities = new ArrayList<EntityDescriptor>(1);
+297 entities.add((EntityDescriptor) object);
+298 } elseif (object instanceof EntitiesDescriptor) {
+299
+300 EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) object;
+301
+302 entities = entitiesDescriptor.getEntityDescriptors();
+303 } else {
+304returnnull;
+305 }
+306
+307//
+308// populate the result (and the searchlist) from the entities list
+309//
+310
+311 TreeMap<String, IdPSite> result = new TreeMap <String,IdPSite>();
+312
+313for (EntityDescriptor entity : entities) {
+314
+315if (entity.isValid() && hasIdPRole(entity)) {
+316
+317IdPSite site = newIdPSite(entity);
+318 result.put(site.getName(), site);
+319if (searchMatches != null && isMatch(entity, searchString, config)) {
+320
+321 searchMatches.add(site);
+322 }
+323
+324 }
+325 } // iterate over all entities
+326return result;
+327 }
+328
+329
+330/**
+331 * Return this sites (internal) identifier.
+332 * @return the identifier
+333 */
+334protected String getIdentifier() {
+335return identifier;
+336 }
+337
+338/**
+339 * Return the human friendly name for this siteset.
+340 * @return The friendly name
+341 */
+342protected String getDisplayName() {
+343return displayName;
+344 }
+345
+346/**
+347 * We do not need to look at a set if it doesn't know about the given SP. However if
+348 * no SP is given (as per 1.1) then we do need to look. This calls lets us know whether
+349 * this set is a canddiate for looking into.
+350 * @param SPName the Sp we are interested in.
+351 * @return whether the site contains the SP.
+352 */
+353protectedboolean containsSP(String SPName) {
+354
+355//
+356// Deal with the case where we do *not* want to search by
+357// SP (also handles the 1.1 case)
+358//
+359
+360if ((SPName == null) || (SPName.length() == 0)) {
+361returntrue;
+362 }
+363
+364//
+365// Get hold of the current object list so as to provoke observer to fire
+366// if needs be.
+367//
+368
+369 XMLObject object;
+370try {
+371 object = metadata.getMetadata();
+372 } catch (MetadataProviderException e) {
+373return false;
+374 }
+375//
+376// Now lookup
+377//
+378
+379if (object instanceof EntitiesDescriptor ||
+380 object instanceof EntityDescriptor) {
+381return spNames.contains(SPName);
+382 } else {
+383return false;
+384 }
+385 }
+386
+387/**
+388 * For plugin handling we need to know quickly if a metadataset contains the idp.
+389 * @param IdPName the IdP we are interested in.
+390 * @return whether the site contains the IdP.
+391 *
+392 */
+393
+394protectedboolean containsIdP(String IdPName) {
+395
+396if ((IdPName == null) || (IdPName.length() == 0)) {
+397returntrue;
+398 }
+399
+400//
+401// Get hold of the current object list so as to provoke observer to fire
+402// if needs be.
+403//
+404
+405 XMLObject object;
+406try {
+407 object = metadata.getMetadata();
+408 } catch (MetadataProviderException e) {
+409return false;
+410 }
+411if (object instanceof EntitiesDescriptor ||
+412 object instanceof EntityDescriptor) {
+413return idpNames.contains(IdPName);
+414 } else {
+415return false;
+416 }
+417 }
+418
+419//
+420// Now deal with plugins - these are delcared to use but we are
+421// responsible for their parameter
+422//
+423
+424/**
+425 * Declares a plugin to the siteset.
+426 * @param plugin what to declare
+427 */
+428protectedvoid addPlugin(Plugin plugin) {
+429
+430if (plugins.containsKey(plugin)) {
+431return;
+432 }
+433
+434PluginMetadataParameter param = plugin.refreshMetadata(metadata);
+435
+436 plugins.put(plugin, param);
+437 }
+438
+439/**
+440 * Return the parameter that this plugin uses.
+441 * @param plugin
+442 * @return teh parameter.
+443 */
+444protectedPluginMetadataParameter paramFor(Plugin plugin) {
+445return plugins.get(plugin);
+446 }
+447
+448
+449/* (non-Javadoc)
+450 * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider.Observer#onEvent(org.opensaml.saml2.metadata.provider.MetadataProvider)
+451 */
+452publicvoid onEvent(MetadataProvider provider) {
+453 Set<String> spNameSet = new HashSet<String>(0);
+454 Set<String> idpNameSet = new HashSet<String>(0);
+455
+456 XMLObject obj;
+457try {
+458 obj = provider.getMetadata();
+459 } catch (MetadataProviderException e) {
+460 LOG.error("Couldn't read metadata for " + location, e);
+461return;
+462 }
+463if ((obj instanceof EntitiesDescriptor)) {
+464 EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) obj;
+465
+466for (EntityDescriptor entity : entitiesDescriptor.getEntityDescriptors()) {
+467if (hasSPRole(entity)) {
+468 spNameSet.add(entity.getEntityID());
+469 }
+470if (hasIdPRole(entity)) {
+471 idpNameSet.add(entity.getEntityID());
+472 }
+473 }
+474 } elseif (obj instanceof EntityDescriptor) {
+475 EntityDescriptor entity = (EntityDescriptor) obj;
+476if (hasSPRole(entity)) {
+477 spNameSet.add(entity.getEntityID());
+478 }
+479if (hasIdPRole(entity)) {
+480 idpNameSet.add(entity.getEntityID());
+481 }
+482 } else {
+483 LOG.error("Metadata for " + location + " isn't <EntitiesDescriptor> or <EntityDescriptor>");
+484return;
+485 }
+486//
+487// Now that we have the new set sorted out commit it in
+488//
+489this.spNames = spNameSet;
+490this.idpNames = idpNameSet;
+491
+492for (Plugin plugin:plugins.keySet()) {
+493 plugins.put(plugin, plugin.refreshMetadata(provider));
+494 }
+495 }
+496
+497/**
+498 * Enumerate all the roles and see whether this entity can be an IdP.
+499 * @param entity
+500 * @return true if one of the roles that entity has is IdPSSO
+501 */
+502privatestaticboolean hasIdPRole(EntityDescriptor entity) {
+503 List<RoleDescriptor> roles = entity.getRoleDescriptors();
+504
+505for (RoleDescriptor role:roles) {
+506if (role instanceof IDPSSODescriptor) {
+507//
+508// So the entity knows how to be some sort of an Idp
+509//
+510returntrue;
+511 }
+512 }
+513return false;
+514 }
+515
+516/**
+517 * Enumerate all the roles and see whether this entity can be an SP.
+518 * @param entity
+519 * @return true if one of the roles that entity has is SPSSO
+520 */
+521privatestaticboolean hasSPRole(EntityDescriptor entity) {
+522 List<RoleDescriptor> roles = entity.getRoleDescriptors();
+523
+524for (RoleDescriptor role:roles) {
+525if (role instanceof SPSSODescriptor) {
+526//
+527// "I can do that"
+528//
+529returntrue;
+530 }
+531 }
+532return false;
+533 }
+534
+535/**
+536 * Return the idpSite for the given entity name.
+537 * @param idpName the entityname to look up
+538 * @return the associated idpSite
+539 * @throws WayfException
+540 */
+541protectedIdPSite getSite(String idpName) throws WayfException {
+542
+543try {
+544returnnewIdPSite(metadata.getEntityDescriptor(idpName));
+545 } catch (MetadataProviderException e) {
+546 String s = "Couldn't resolve " + idpName + " in " + getDisplayName();
+547 LOG.error(s, e);
+548thrownewWayfException(s, e);
+549 }
+550 }
+551
+552protected EntityDescriptor getEntity(String name) throws WayfException {
+553try {
+554return metadata.getEntityDescriptor(name);
+555 } catch (MetadataProviderException e) {
+556 String s = "Couldn't resolve " + name + " in " + getDisplayName();
+557 LOG.error(s, e);
+558thrownewWayfException(s, e);
+559 }
+560
+561 }
+562 }
+563
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16package edu.internet2.middleware.shibboleth.wayf;
+17
+18import java.util.Collection;
+19/**
+20 * This is just a container class for tieing together a set of IdPs to a name - this being what
+21 * is sent to the JSP for display purposes.
+22 */
+23publicclassIdPSiteSetEntry {
+24
+25/** The metadata provider. */
+26privatefinalIdPSiteSet siteSet;
+27
+28/** The IdPs associated with that metadata provider. */
+29privatefinal Collection<IdPSite> sites;
+30
+31/**
+32 * Create an object which contains just these two objects.
+33 * @param siteSetParam the metadata provider.
+34 * @param sitesParam the list of IdPs.
+35 */
+36publicIdPSiteSetEntry(IdPSiteSet siteSetParam, Collection<IdPSite> sitesParam) {
+37this.siteSet = siteSetParam;
+38this.sites = sitesParam;
+39 }
+40
+41/**
+42 * Return something to display for this set of sites.
+43 * @return the name as defined in the configuration
+44 */
+45public String getName() {
+46return siteSet.getDisplayName();
+47 }
+48
+49/**
+50 * Return the list of associated sites.
+51 * @return a collection of IdPs.
+52 */
+53public Collection<IdPSite> getSites() {
+54return sites;
+55 }
+56
+57 }
+
+
+1/*
+2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19import java.util.Timer;
+20
+21import org.opensaml.util.resource.FilesystemResource;
+22import org.opensaml.util.resource.Resource;
+23import org.opensaml.util.resource.ResourceChangeWatcher;
+24import org.opensaml.util.resource.ResourceException;
+25import org.slf4j.LoggerFactory;
+26
+27import ch.qos.logback.classic.LoggerContext;
+28import ch.qos.logback.core.status.ErrorStatus;
+29import ch.qos.logback.core.status.StatusManager;
+30
+31/**
+32 * Simple logging service that watches for logback configuration file changes and reloads the file when a change occurs.
+33 */
+34publicclassLogbackLoggingService {
+35
+36/** Timer used periodically read the logging configuration file. */
+37private Timer taskTimer;
+38
+39/**
+40 * Constructor.
+41 *
+42 * @param loggingConfigurationFile logback configuration file
+43 * @param pollingFrequency frequency the configuration file should be checked for changes
+44 */
+45publicLogbackLoggingService(String loggingConfigurationFile, long pollingFrequency) {
+46 LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory();
+47 StatusManager statusManager = loggerContext.getStatusManager();
+48
+49try{
+50 Resource configResource = new FilesystemResource(loggingConfigurationFile);
+51LogbackConfigurationChangeListener configChangeListener = newLogbackConfigurationChangeListener();
+52 configChangeListener.onResourceCreate(configResource);
+53
+54 ResourceChangeWatcher resourceWatcher = new ResourceChangeWatcher(configResource, pollingFrequency, 5);
+55 resourceWatcher.getResourceListeners().add(configChangeListener);
+56
+57 taskTimer = new Timer(true);
+58 taskTimer.schedule(resourceWatcher, 0, pollingFrequency);
+59 }catch(ResourceException e){
+60 statusManager.add(new ErrorStatus("Error loading logging configuration file: "
+61 + loggingConfigurationFile, this, e));
+62 }
+63 }
+64 }
+
+
+1/*
+2 * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19/** Class for printing the version of this library. */
+20publicclassVersion {
+21
+22/**
+23 * Main entry point to program.
+24 *
+25 * @param args command line arguments
+26 */
+27publicstaticvoid main(String[] args) {
+28 Package pkg = Version.class.getPackage();
+29 System.out.println(pkg.getImplementationTitle() + " version " + pkg.getImplementationVersion());
+30 }
+31 }
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19
+20/**
+21 * Signals that an error has occurred while processing a Shibboleth WAYF request.
+22 *
+23 * @author Walter Hoehn wassa@columbia.edu
+24 */
+25
+26publicclassWayfExceptionextends Exception {
+27
+28/** Required serialization constant. */
+29privatestaticfinallong serialVersionUID = 8426660801169338914L;
+30
+31/**
+32 * Constructor with a description and an exception.
+33 * @param s description
+34 * @param e something bad having happened.
+35 */
+36publicWayfException(String s, Throwable e) {
+37super(s, e);
+38 }
+39
+40/**
+41 * Constructure with just a description.
+42 * @param s description
+43 */
+44publicWayfException(String s) {
+45super(s);
+46 }
+47 }
+
+
+1/*
+2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf;
+18
+19/**
+20 * Holder class for various XML constants (namespaces and so forth).
+21 */
+22publicclassXMLConstants {
+23
+24/** Shibboleth XML namespace. */
+25publicstaticfinal String SHIB_NS = "urn:mace:shibboleth:1.0";
+26
+27/** SSO Binding name. */
+28publicstaticfinal String IDP_SSO_BINDING = "urn:mace:shibboleth:1.0:profiles:AuthnRequest";
+29
+30/** Namespace for Discovery Service configuration. */
+31publicstaticfinal String CONFIG_NS = "urn:mace:shibboleth:wayf:config:1.0";
+32
+33 }
+
+
+1/**
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16package edu.internet2.middleware.shibboleth.wayf.plugins;
+17
+18import java.util.Collection;
+19import java.util.List;
+20import java.util.Map;
+21
+22import javax.servlet.http.HttpServletRequest;
+23import javax.servlet.http.HttpServletResponse;
+24
+25import org.opensaml.saml2.metadata.provider.MetadataProvider;
+26
+27import edu.internet2.middleware.shibboleth.wayf.IdPSite;
+28
+29/**
+30 *
+31 * The Plugin interface is used to affect the 'hints' that the WAYF offers to the users.
+32 * <p>
+33 * The WAYF can register any number of plugins. Each plugin is called when the metadata is loaded or realoaded
+34 * (so it can do any indexing) and at the three entry points into the WAYF - Lookup (main entry), Search and Select.
+35 * Plugins are called in the order in which they are declared to the WAYF.
+36 * <p>
+37 * Each plugin is called once when the user has made a selection.
+38 * <p>
+39 * For Search and Lookup, each plugin is called multiple times, once for each metadata provider which has
+40 * been declared to this particular WAYF instance. The plugin can return a context which is handed to subsequent calls.
+41 * <p>
+42 * The idea is that each plugin can affect the displayed lists of IdPs. As a reminder the WAYF displays two lists of
+43 * IdPs - the complete list, displayed either as a single list or a list of lists, and the hint list (which was
+44 * previously only populated from the _saml_idp cookie. In the search case the WAYF displays a third list of
+45 * the search hits.
+46 * <p>
+47 * When the plugin in called it is given the current set of potential IdPs as a Map from EntityID to {@link IdPSite}
+48 * and lists representing the current hint list and search results. A Plugin can remove an entry from
+49 * the map or the lists. Additionally it can insert an IdPSite found in the Map into the hint or search lists.
+50 * Thus the plugin can restrict the number of sites that the WAYF instance displays in the 'complete list' and
+51 * can add or remove IdPs from the hint list.
+52 * <p>
+53 * At any stage the plugin can take control of the current request and redirect or forward it. It signals that
+54 * it has done this to the WAYF by means of an exception.
+55 * <p>
+56 * The _saml_idp cookie handling code is written as a WAYF plugin. Other plugins have been written to allow IdPs
+57 * to be presented as hints based on the client's IP address or to redirect back to the SP once the choice of
+58 * IdP has been made.
+59 * <p>
+60 * Object implementing this interface are created during WAYF discovery service initialization. There are
+61 * expected to implement a constructor which takes a {@link org.w3c.dom.Element} as the only parameter and they are
+62 * created via this constructor, with the parameter being the appropriate section of the WAYF configuration file
+63 *
+64 * @version Discussion
+65 *
+66 */
+67publicinterfacePlugin {
+68
+69/**
+70 * Whenever the WAYF discoveres that the metadata is stale, it reloads it and calls each plugin at this method.
+71 *
+72 * @param metadata - where to get the data from.
+73 * @return the value which will be provided as input to subsequent calls to {@link #lookup Lookup} and
+74 * {@link #search Search}
+75 */
+76PluginMetadataParameter refreshMetadata(MetadataProvider metadata);
+77
+78/**
+79 * The WAYF calls each plugin at this entry point when it is first contacted.
+80 *
+81 * @param req - Describes the current request. A Plugin might use it to find any appropriate cookies
+82 * @param res - Describes the current response. A Plugin might use it to redirect a the request.
+83 * @param parameter Describes the metadata.
+84 * @param context Any processing context returned from a previous call.
+85 * @param validIdps The list of IdPs which is currently views as possibly matches for the pattern.
+86 * The Key is the EntityId for the IdP and the value the object which describes
+87 * the Idp
+88 * @param idpList The set of Idps which are currently considered as potential hints.
+89 * @return a context to hand to subsequent calls
+90 * @throws WayfRequestHandled if the plugin has handled the request (for instance it has
+91 * issues a redirect)
+92 *
+93 * Each plugin is called multiple times,
+94 * once for each metadata provider which is registered (Depending on the precise configuration of the WAYF
+95 * metadata providers whose metadata does not include the target may be dropped). Initially the plugin is
+96 * called with a context parameter of <code>null</code>. In subsequent calls, the value returned from
+97 * the previous call is passed in as the context parameter.
+98 *
+99 * The plugin may remove IdPSite objects from the validIdps list.
+100 *
+101 * The plugin may add or remove them to the idpList. IdPSite Objects which are to be added to the idpList
+102 * should be looked up by EntityIdName in validIdps by EntityId. Hence any metadata processing shoudl
+103 * store the entityID.
+104 *
+105 */
+106PluginContext lookup(HttpServletRequest req,
+107 HttpServletResponse res,
+108PluginMetadataParameter parameter,
+109 Map<String, IdPSite> validIdps,
+110PluginContext context,
+111 List<IdPSite> idpList) throws WayfRequestHandled;
+112
+113/**
+114 * This method is called when the user specified a search operation. The processing is similar to
+115 * that described for {@link #lookup lookup}.
+116 * Two additional paramaters are provided, the search parameter which was provided, and the current
+117 * proposed list of candidate IdPs. The plugin is at liberty to alter both the list of hints and the
+118 * list of valid IdPs.
+119 *
+120 * @param req Describes the current request. The Plugin could use it to find any appropriate cookies
+121 * @param res Describes the result - this is needed if (for instance) a plung needs to change cookie values
+122 * @param parameter Describes the metadata
+123 * @param pattern The Search pattern provided
+124 * @param validIdps The list of IdPs which is currently views as possibly matches for the pattern.
+125 * The Key is the Idp Name an the value the idp
+126 * @param context Any processing context returned from a previous call.
+127 * @param searchResult the resukt of any search
+128 * @param idpList The set of Idps which are currently considered as potential hints. Each Idp is associated
+129 * with a numeric weight, where the lower the number is the more likely the IdP is to be a candidate.
+130 * As descibed above the WAYF uses this to provide hint list to the GUI (or even to dispatch
+131 * immediately to the IdP).
+132 * @return a context to hand to subsequent calls
+133 * @throws WayfRequestHandled if the plugin has handled the request (for instance it has
+134 * issues a redirect)
+135 */
+136PluginContext search(HttpServletRequest req,
+137 HttpServletResponse res,
+138PluginMetadataParameter parameter,
+139 String pattern,
+140 Map<String, IdPSite> validIdps,
+141PluginContext context,
+142 Collection<IdPSite> searchResult,
+143 List<IdPSite> idpList) throws WayfRequestHandled;
+144
+145/**
+146 * This method is called, for every plugin, after a user has selected an IdP. The plugin is expected
+147 * to use it to update any in memory state (via the {@link PluginMetadataParameter} parameter or permananent
+148 * state (for instance by writing back a cookie.
+149 * @param req Describes the current request.
+150 * @param res Describes the current response
+151 * @param parameter Describes the metadata
+152 * @throws WayfRequestHandled if the plugin has handled the request (for instance it has
+153 * issues a redirect)
+154 */
+155void selected(HttpServletRequest req,
+156 HttpServletResponse res,
+157PluginMetadataParameter parameter,
+158 String idP) throws WayfRequestHandled;
+159 }
+
+
+1/**
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf.plugins;
+18
+19/**
+20 * This is a marker interface.
+21 * <p>
+22 * Objects which implement PluginContext are passed between sucessive calls to a plugins implementations of
+23 * {@link Plugin#lookup lookup} and {@link Plugin#search search} as the plugin
+24 * is called for each {@link org.opensaml.saml2.metadata.provider.MetadataProvider}.
+25 * <p>
+26 * @author Rod Widdowson
+27 * @version Discussion
+28 */
+29publicinterfacePluginContext {
+30
+31 }
+
+
+1/**
+2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16package edu.internet2.middleware.shibboleth.wayf.plugins;
+17
+18
+19/**
+20 * The PluginParameter is a marker interface which a WAYF {@link Plugin} can use to associate extra information
+21 * with the metadata. Each plugin returns a PluginParameter from {@link Plugin#refreshMetadata RefreshMetadata}
+22 * and this is in turn presented back to then Plugin when it is called during WAYF processing.
+23 * <p>
+24 * @author Rod Widdowson
+25 * @version Discussion
+26 *
+27 */
+28publicinterfacePluginMetadataParameter {
+29
+30 }
+
+
+1package edu.internet2.middleware.shibboleth.wayf.plugins;
+2
+3/**
+4 *
+5 * This Exception can be signalled by a plugin to indicate to the WAYF that it has handled the
+6 * request and all processing should stop.
+7 *
+8 * @author Rod Widdowson
+9 */
+10publicclassWayfRequestHandledextends Exception {
+11
+12/**
+13 * Required Serialization constant.
+14 */
+15privatestaticfinallong serialVersionUID = 3022489208153734092L;
+16
+17 }
+
+
+1/*
+2 * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
+3 *
+4 * Licensed under the Apache License, Version 2.0 (the "License");
+5 * you may not use this file except in compliance with the License.
+6 * You may obtain a copy of the License at
+7 *
+8 * http://www.apache.org/licenses/LICENSE-2.0
+9 *
+10 * Unless required by applicable law or agreed to in writing, software
+11 * distributed under the License is distributed on an "AS IS" BASIS,
+12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+13 * See the License for the specific language governing permissions and
+14 * limitations under the License.
+15 */
+16
+17package edu.internet2.middleware.shibboleth.wayf.plugins.provider;
+18
+19import java.util.Iterator;
+20import java.util.List;
+21
+22import org.opensaml.saml2.common.Extensions;
+23import org.opensaml.saml2.metadata.EntitiesDescriptor;
+24import org.opensaml.saml2.metadata.EntityDescriptor;
+25import org.opensaml.saml2.metadata.RoleDescriptor;
+26import org.opensaml.saml2.metadata.SPSSODescriptor;
+27import org.opensaml.saml2.metadata.provider.FilterException;
+28import org.opensaml.saml2.metadata.provider.MetadataFilter;
+29import org.opensaml.xml.XMLObject;
+30import org.slf4j.Logger;
+31import org.slf4j.LoggerFactory;
+32
+33import edu.internet2.middleware.shibboleth.wayf.DiscoveryResponseImpl;
+34import edu.internet2.middleware.shibboleth.wayf.HandlerConfig;
+35
+36/**
+37 * See SDSJ-48. If we get a DS endpoint then we need to check that the binding is provided
+38 * and that it is correct.
+39 *
+40 * @author Rod Widdowson
+41 *
+42 */
+43publicclassBindingFilter implements MetadataFilter {
+44
+45/**
+46 * Log for the warning.
+47 */
+48privatestaticfinal Logger LOG = LoggerFactory.getLogger(BindingFilter.class.getName());
+49
+50/**
+51 * Set if we just want to warn on failure.
+52 */
+53privatefinalboolean warnOnFailure;
+54
+55/**
+56 * Only the protected constructor should be visible.
+57 */
+58privateBindingFilter() {
+59this.warnOnFailure = false;
+60 }
+61
+62/**
+63 * Initialize the filter.
+64 * @param warn do we warn or do we fail if we see badness?
+65 */
+66publicBindingFilter(boolean warn) {
+67this.warnOnFailure = warn;
+68 }
+69
+70/**
+71 * Apply the filter.
+72 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+73 * @param metadata what to filter.
+74 * @throws FilterException if it sees any missed or bad bindings.
+75 */
+76publicvoid doFilter(XMLObject metadata) throws FilterException {
+77
+78if (metadata instanceof EntitiesDescriptor) {
+79
+80 checkEntities((EntitiesDescriptor) metadata);
+81
+82 } elseif (metadata instanceof EntityDescriptor) {
+83 EntityDescriptor entity = (EntityDescriptor) metadata;
+84
+85if (!checkEntity(entity)) {
+86if (warnOnFailure) {
+87 LOG.warn("Badly formatted binding for " + entity.getEntityID());
+88 } else {
+89 LOG.error("Badly formatted binding for top level entity " + entity.getEntityID());
+90 }
+91 }
+92 }
+93 }
+94
+95/**
+96 * If the entity has an SP characteristic, and it has a DS endpoint
+97 * then check its binding.
+98 *
+99 * @param entity what to check.
+100 * @return true if all is OK.
+101 */
+102privatestaticboolean checkEntity(EntityDescriptor entity) {
+103 List<RoleDescriptor> roles = entity.getRoleDescriptors();
+104
+105for (RoleDescriptor role:roles) {
+106
+107//
+108// Check every role
+109//
+110if (role instanceof SPSSODescriptor) {
+111
+112//
+113// Grab hold of all the extensions for SPSSO descriptors
+114//
+115
+116 Extensions exts = role.getExtensions();
+117if (exts != null) {
+118//
+119// We have some children check them form <DiscoveryResponse>
+120//
+121 List<XMLObject> children = exts.getOrderedChildren();
+122
+123for (XMLObject obj : children) {
+124if (obj instanceof DiscoveryResponseImpl) {
+125//
+126// And check or the binding
+127//
+128DiscoveryResponseImpl ds = (DiscoveryResponseImpl) obj;
+129 String binding = ds.getBinding();
+130
+131if (!DiscoveryResponseImpl.METADATA_NS.equals(binding)) {
+132return false;
+133 }
+134 }
+135 }
+136 }
+137 }
+138 }
+139returntrue;
+140 }
+141
+142/**
+143 * Check an EntitiesDescriptor call checkentities for the Entities and ourselves
+144 * recursively for the EntitesDescriptors.
+145 *
+146 * @param entities what to check.
+147 */
+148privatevoid checkEntities(EntitiesDescriptor entities) {
+149 List<EntitiesDescriptor> childEntities = entities.getEntitiesDescriptors();
+150 List<EntityDescriptor> children = entities.getEntityDescriptors();
+151
+152if (children != null) {
+153 Iterator<EntityDescriptor> itr;
+154 EntityDescriptor entity;
+155 itr = children.iterator();
+156
+157while (itr.hasNext()) {
+158 entity = itr.next();
+159if (!checkEntity(entity)) {
+160if (warnOnFailure) {
+161 LOG.warn("Badly formatted binding for " + entity.getEntityID());
+162 } else {
+163 LOG.error("Badly formatted binding for " + entity.getEntityID() + ". Entity has been removed");
+164 itr.remove();
+165 }
+166 }
+167 }
+168 }
+169
+170if (childEntities != null) {
+171for (EntitiesDescriptor descriptor : childEntities) {
+172 checkEntities(descriptor);
+173 }
+174 }
+175 }
+176 }
+
+
+1package edu.internet2.middleware.shibboleth.wayf.plugins.provider;
+2
+3import java.io.UnsupportedEncodingException;
+4import java.net.URLDecoder;
+5import java.net.URLEncoder;
+6import java.util.ArrayList;
+7import java.util.Collection;
+8import java.util.Iterator;
+9import java.util.List;
+10import java.util.Map;
+11
+12import javax.servlet.http.Cookie;
+13import javax.servlet.http.HttpServletRequest;
+14import javax.servlet.http.HttpServletResponse;
+15
+16import org.apache.log4j.Logger;
+17import org.opensaml.saml2.metadata.provider.MetadataProvider;
+18import org.opensaml.xml.util.Base64;
+19import org.w3c.dom.Element;
+20
+21import edu.internet2.middleware.shibboleth.wayf.DiscoveryServiceHandler;
+22import edu.internet2.middleware.shibboleth.wayf.IdPSite;
+23import edu.internet2.middleware.shibboleth.wayf.WayfException;
+24import edu.internet2.middleware.shibboleth.wayf.plugins.Plugin;
+25import edu.internet2.middleware.shibboleth.wayf.plugins.PluginContext;
+26import edu.internet2.middleware.shibboleth.wayf.plugins.PluginMetadataParameter;
+27import edu.internet2.middleware.shibboleth.wayf.plugins.WayfRequestHandled;
+28
+29/**
+30 * This is a test implementation of the saml cookie lookup stuff to
+31 * see whether it fits the plugin architecture.
+32 *
+33 * @author Rod Widdowson
+34 *
+35 */
+36publicclassSamlCookiePlugin implements Plugin {
+37
+38/**
+39 * The parameter which controls the cache.
+40 */
+41privatestaticfinal String PARAMETER_NAME = "cache";
+42
+43/**
+44 * Parameter to say make it last a long time.
+45 */
+46privatestaticfinal String PARAMETER_PERM = "perm";
+47
+48/**
+49 * Parameter to say just keep this as long as the brower is open.
+50 */
+51privatestaticfinal String PARAMETER_SESSION = "session";
+52
+53/**
+54 * Handle for logging.
+55 */
+56privatestatic Logger log = Logger.getLogger(SamlCookiePlugin.class.getName());
+57
+58/**
+59 * As specified in the SAML2 profiles specification.
+60 */
+61privatestaticfinal String COOKIE_NAME = "_saml_idp";
+62
+63/**
+64 * By default we keep the cookie around for a week.
+65 */
+66privatestaticfinalint DEFAULT_CACHE_EXPIRATION = 6048000;
+67
+68/**
+69 * Do we always go where the cookie tells us, or do we just provide the cookie as a hint.
+70 */
+71privateboolean alwaysFollow;
+72
+73/**
+74 * Is our job to clean up the cookie.
+75 */
+76privateboolean deleteCookie;
+77
+78/**
+79 * Lipservice towards having a common domain cookie.
+80 */
+81private String cacheDomain;
+82
+83/**
+84 * How long the cookie our will be active?
+85 */
+86privateint cacheExpiration;
+87
+88/**
+89 * This constructor is called during wayf initialization with it's
+90 * own little bit of XML config.
+91 *
+92 * @param element - further information to be gleaned from the DOM.
+93 */
+94publicSamlCookiePlugin(Element element) {
+95/*
+96 * <Plugin idenfifier="WayfCookiePlugin"
+97 * type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
+98 * alwaysFollow = "FALSE"
+99 * deleteCookie = "FALSE"
+100 * cacheExpiration = "number"
+101 * cacheDomain = "string"/>
+102 */
+103 log.info("New plugin");
+104 String s;
+105
+106 s = element.getAttribute("alwaysFollow");
+107if (s != null && !s.equals("") ) {
+108 alwaysFollow = Boolean.valueOf(s).booleanValue();
+109 } else {
+110 alwaysFollow = true;
+111 }
+112
+113 s = element.getAttribute("deleteCookie");
+114if (s != null && !s.equals("")) {
+115 deleteCookie = Boolean.valueOf(s).booleanValue();
+116 } else {
+117 deleteCookie = false;
+118 }
+119
+120 s = element.getAttribute("cacheDomain");
+121if ((s != null) && !s.equals("")) {
+122 cacheDomain = s;
+123 } else {
+124 cacheDomain = "";
+125 }
+126
+127 s = element.getAttribute("cacheExpiration");
+128if ((s != null) && !s.equals("")) {
+129
+130try {
+131
+132 cacheExpiration = Integer.parseInt(s);
+133 } catch (NumberFormatException ex) {
+134
+135 log.error("Invalid CacheExpiration value - " + s);
+136 cacheExpiration = DEFAULT_CACHE_EXPIRATION;
+137 }
+138 } else {
+139 cacheExpiration = DEFAULT_CACHE_EXPIRATION;
+140 }
+141 }
+142
+143/**
+144 * Create a plugin with the hard-wired default settings.
+145 */
+146privateSamlCookiePlugin() {
+147 alwaysFollow = false;
+148 deleteCookie = false;
+149 cacheExpiration = DEFAULT_CACHE_EXPIRATION;
+150 }
+151
+152/**
+153 * This is the 'hook' in the lookup part of Discovery Service processing.
+154 *
+155 * @param req - Describes the current request. Used to find any appropriate cookies
+156 * @param res - Describes the current response. Used to redirect the request.
+157 * @param parameter - Describes the metadata.
+158 * @param context - Any processing context returned from a previous call. We set this on first call and
+159 * use non null to indicate that we don't go there again.
+160 * @param validIdps The list of IdPs which is currently views as possibly matches for the pattern.
+161 * The Key is the EntityId for the IdP and the value the object which describes
+162 * the Idp
+163 * @param idpList The set of Idps which are currently considered as potential hints.
+164 * @return a context to hand to subsequent calls
+165 * @throws WayfRequestHandled if the plugin has handled the request.
+166 * issues a redirect)
+167 *
+168 * @see edu.internet2.middleware.shibboleth.wayf.plugins.Plugin#lookup
+169 */
+170publicPluginContext lookup(HttpServletRequest req,
+171 HttpServletResponse res,
+172PluginMetadataParameter parameter,
+173 Map<String, IdPSite> validIdps,
+174PluginContext context,
+175 List <IdPSite> idpList) throws WayfRequestHandled {
+176
+177if (context != null) {
+178//
+179// We only need to be called once
+180//
+181return context;
+182 }
+183
+184if (deleteCookie) {
+185 deleteCookie(req, res);
+186//
+187// Only need to be called once - so set up a parameter
+188//
+189returnnewContext() ;
+190 }
+191 List <String> idps = getIdPCookie(req, res, cacheDomain).getIdPList();
+192
+193for (String idpName : idps) {
+194IdPSite idp = validIdps.get(idpName);
+195if (idp != null) {
+196if (alwaysFollow) {
+197try {
+198 DiscoveryServiceHandler.forwardRequest(req, res, idp);
+199 } catch (WayfException e) {
+200// Do nothing we are going to throw anyway
+201 ;
+202 }
+203thrownewWayfRequestHandled();
+204 }
+205//
+206// This IDP is ok
+207//
+208 idpList.add(idp);
+209 }
+210 }
+211
+212returnnull;
+213 }
+214
+215/**
+216 * Plugin point which is called when the data is refreshed.
+217 * @param metadata - where to get the data from.
+218 * @return the value which will be provided as input to subsequent calls
+219 * @see edu.internet2.middleware.shibboleth.wayf.plugins.Plugin#refreshMetadata
+220 */
+221publicPluginMetadataParameter refreshMetadata(MetadataProvider metadata) {
+222//
+223// We don't care about metadata - we are given all that we need
+224//
+225returnnull;
+226 }
+227
+228/**
+229 * Plgin point for searching.
+230 *
+231 * @throws WayfRequestHandled
+232 * @param req Describes the current request.
+233 * @param res Describes the current response.
+234 * @param parameter Describes the metadata.
+235 * @param pattern What we are searchign for.
+236 * @param validIdps The list of IdPs which is currently views as possibly matches for the pattern.
+237 * The Key is the EntityId for the IdP and the value the object which describes
+238 * the Idp
+239 * @param context Any processing context returned from a previous call. We set this on first call and
+240 * use non null to indicate that we don't go there again.
+241 * @param searchResult What the search yielded.
+242 * @param idpList The set of Idps which are currently considered as potential hints.
+243 * @return a context to hand to subsequent calls.
+244 * @see edu.internet2.middleware.shibboleth.wayf.plugins.Plugin#search
+245 * @throws WayfRequestHandled if the plugin has handled the request.
+246 *
+247 */
+248publicPluginContext search(HttpServletRequest req,
+249 HttpServletResponse res,
+250PluginMetadataParameter parameter,
+251 String pattern,
+252 Map<String, IdPSite> validIdps,
+253PluginContext context,
+254 Collection<IdPSite> searchResult,
+255 List<IdPSite> idpList) throws WayfRequestHandled {
+256//
+257// Don't distinguish between lookup and search
+258//
+259return lookup(req, res, parameter, validIdps, context, idpList);
+260 }
+261
+262/**
+263 * Plugin point for selection.
+264 *
+265 * @see edu.internet2.middleware.shibboleth.wayf.plugins.Plugin#selected(javax.servlet.http.HttpServletRequest.
+266 * javax.servlet.http.HttpServletResponse,
+267 * edu.internet2.middleware.shibboleth.wayf.plugins.PluginMetadataParameter,
+268 * java.lang.String)
+269 * @param req Describes the current request.
+270 * @param res Describes the current response.
+271 * @param parameter Describes the metadata.
+272 * @param idP Describes the idp.
+273 *
+274 */
+275publicvoid selected(HttpServletRequest req, HttpServletResponse res,
+276PluginMetadataParameter parameter, String idP) {
+277
+278SamlIdPCookie cookie = getIdPCookie(req, res, cacheDomain);
+279 String param = req.getParameter(PARAMETER_NAME);
+280
+281if (null == param || param.equals("")) {
+282return;
+283 } elseif (param.equalsIgnoreCase(PARAMETER_SESSION)) {
+284 cookie.addIdPName(idP, -1);
+285 } elseif (param.equalsIgnoreCase(PARAMETER_PERM)) {
+286 cookie.addIdPName(idP, cacheExpiration);
+287 }
+288 }
+289
+290//
+291// Private classes for internal use
+292//
+293
+294/**
+295 * This is just a marker tag.
+296 */
+297privatestaticclassContext implements PluginContext {}
+298
+299/**
+300 * Class to abstract away the saml cookie for us.
+301 */
+302publicfinalclassSamlIdPCookie {
+303
+304
+305/**
+306 * The associated request.
+307 */
+308privatefinal HttpServletRequest req;
+309/**
+310 * The associated response.
+311 */
+312privatefinal HttpServletResponse res;
+313/**
+314 * The associated domain.
+315 */
+316privatefinal String domain;
+317/**
+318 * The IdPs.
+319 */
+320privatefinal List <String> idPList = new ArrayList<String>();
+321
+322/**
+323 * Constructs a <code>SamlIdPCookie</code> from the provided string (which is the raw data.
+324 *
+325 * @param codedData
+326 * the information read from the cookie
+327 * @param request Describes the current request.
+328 * @param response Describes the current response.
+329 * @param domainName - if non null the domain for any *created* cookie.
+330 */
+331privateSamlIdPCookie(String codedData,
+332 HttpServletRequest request,
+333 HttpServletResponse response,
+334 String domainName) {
+335
+336this.req = request;
+337this.res = response;
+338this.domain = domainName;
+339
+340int start;
+341int end;
+342
+343if (codedData == null || codedData.equals("")) {
+344 log.info("Empty cookie");
+345return;
+346 }
+347//
+348// An earlier version saved the cookie without URL encoding it, hence there may be
+349// spaces which in turn means we may be quoted. Strip any quotes.
+350//
+351if (codedData.charAt(0) == '"' && codedData.charAt(codedData.length()-1) == '"') {
+352 codedData = codedData.substring(1,codedData.length()-1);
+353 }
+354
+355try {
+356 codedData = URLDecoder.decode(codedData, "UTF-8");
+357 } catch (UnsupportedEncodingException e) {
+358 log.error("could not decode cookie");
+359return;
+360 }
+361
+362 start = 0;
+363 end = codedData.indexOf(' ', start);
+364while (end > 0) {
+365 String value = codedData.substring(start, end);
+366 start = end + 1;
+367 end = codedData.indexOf(' ', start);
+368if (!value.equals("")) {
+369 idPList.add(new String(Base64.decode(value)));
+370 }
+371 }
+372if (start < codedData.length()) {
+373 String value = codedData.substring(start);
+374if (!value.equals("")) {
+375 idPList.add(new String(Base64.decode(value)));
+376 }
+377 }
+378 }
+379/**
+380 * Create a SamlCookie with no data inside.
+381 * @param domainName - if non null, the domain of the new cookie
+382 * @param request Describes the current request.
+383 * @param response Describes the current response.
+384 *
+385 */
+386privateSamlIdPCookie(HttpServletRequest request, HttpServletResponse response, String domainName) {
+387this.req = request;
+388this.res = response;
+389this.domain = domainName;
+390 }
+391
+392/**
+393 * Add the specified Shibboleth IdP Name to the cookie list or move to
+394 * the front and then write it back.
+395 *
+396 * We always add to the front (and remove from wherever it was)
+397 *
+398 * @param idPName - The name to be added
+399 * @param expiration - The expiration of the cookie or zero if it is to be unchanged
+400 */
+401privatevoid addIdPName(String idPName, int expiration) {
+402
+403 idPList.remove(idPName);
+404 idPList.add(0, idPName);
+405
+406 writeCookie(expiration);
+407 }
+408
+409/**
+410 * Delete the <b>entire<\b> cookie contents
+411 */
+412
+413
+414/**
+415 * Remove origin from the cachedata and write it back.
+416 *
+417 * @param origin what to remove.
+418 * @param expiration How long it will live.
+419 */
+420
+421publicvoid deleteIdPName(String origin, int expiration) {
+422 idPList.remove(origin);
+423 writeCookie(expiration);
+424 }
+425
+426/**
+427 * Write back the cookie.
+428 *
+429 * @param expiration How long it will live
+430 */
+431privatevoid writeCookie(int expiration) {
+432 Cookie cookie = getCookie(req);
+433
+434if (idPList.size() == 0) {
+435//
+436// Nothing to write, so delete the cookie
+437//
+438 cookie.setPath("/");
+439 cookie.setMaxAge(0);
+440 res.addCookie(cookie);
+441return;
+442 }
+443
+444//
+445// Otherwise encode up the cookie
+446//
+447 StringBuffer buffer = new StringBuffer();
+448 Iterator <String> it = idPList.iterator();
+449
+450while (it.hasNext()) {
+451 String next = it.next();
+452 String what = new String(Base64.encodeBytes(next.getBytes()));
+453 buffer.append(what).append(' ');
+454 }
+455
+456 String value;
+457try {
+458 value = URLEncoder.encode(buffer.toString(), "UTF-8");
+459 } catch (UnsupportedEncodingException e) {
+460 log.error("Could not encode cookie");
+461return;
+462 }
+463
+464if (cookie == null) {
+465 cookie = new Cookie(COOKIE_NAME, value);
+466 } else {
+467 cookie.setValue(value);
+468 }
+469 cookie.setComment("Used to cache selection of a user's Shibboleth IdP");
+470 cookie.setPath("/");
+471
+472
+473 cookie.setMaxAge(expiration);
+474
+475if (domain != null && domain != "") {
+476 cookie.setDomain(domain);
+477 }
+478 res.addCookie(cookie);
+479
+480 }
+481
+482/**
+483 * Return the list of Idps for this cookie.
+484 * @return The list.
+485 */
+486public List <String> getIdPList() {
+487return idPList;
+488 }
+489 }
+490
+491/**
+492 * Extract the cookie from a request.
+493 * @param req the request.
+494 * @return the cookie.
+495 */
+496privatestatic Cookie getCookie(HttpServletRequest req) {
+497
+498 Cookie[] cookies = req.getCookies();
+499if (cookies != null) {
+500for (int i = 0; i < cookies.length; i++) {
+501if (cookies[i].getName().equals(COOKIE_NAME)) {
+502return cookies[i];
+503 }
+504 }
+505 }
+506returnnull;
+507 }
+508
+509/**
+510 * Delete the cookie from the response.
+511 * @param req The request.
+512 * @param res The response.
+513 */
+514privatestaticvoid deleteCookie(HttpServletRequest req, HttpServletResponse res) {
+515 Cookie cookie = getCookie(req);
+516
+517if (cookie == null) {
+518return;
+519 }
+520
+521 cookie.setPath("/");
+522 cookie.setMaxAge(0);
+523 res.addCookie(cookie);
+524 }
+525/**
+526 * Load up the cookie and convert it into a SamlIdPCookie. If there is no
+527 * underlying cookie return a null one.
+528 * @param req The request.
+529 * @param res The response.
+530 * @param domain - if this is set then any <b>created</b> cookies are set to this domain
+531 * @return the new object.
+532 */
+533
+534privateSamlIdPCookie getIdPCookie(HttpServletRequest req, HttpServletResponse res, String domain) {
+535 Cookie cookie = getCookie(req);
+536
+537if (cookie == null) {
+538returnnewSamlIdPCookie(req, res, domain);
+539 } else {
+540returnnewSamlIdPCookie(cookie.getValue(), req, res, domain);
+541 }
+542 }
+543 }
+544
+
Note: failures are anticipated and checked for with assertions while errors are unanticipated.
+
+
+
+
+
+
+
+
diff --git a/endorsed/resolver-2.9.1.jar b/endorsed/resolver-2.9.1.jar
new file mode 100644
index 0000000..e535bdc
Binary files /dev/null and b/endorsed/resolver-2.9.1.jar differ
diff --git a/endorsed/serializer-2.9.1.jar b/endorsed/serializer-2.9.1.jar
new file mode 100644
index 0000000..de9b007
Binary files /dev/null and b/endorsed/serializer-2.9.1.jar differ
diff --git a/endorsed/xalan-2.7.1.jar b/endorsed/xalan-2.7.1.jar
new file mode 100644
index 0000000..458fa73
Binary files /dev/null and b/endorsed/xalan-2.7.1.jar differ
diff --git a/endorsed/xercesImpl-2.9.1.jar b/endorsed/xercesImpl-2.9.1.jar
new file mode 100644
index 0000000..8f762e1
Binary files /dev/null and b/endorsed/xercesImpl-2.9.1.jar differ
diff --git a/endorsed/xml-apis-2.9.1.jar b/endorsed/xml-apis-2.9.1.jar
new file mode 100644
index 0000000..d42c0ea
Binary files /dev/null and b/endorsed/xml-apis-2.9.1.jar differ
diff --git a/install.bat b/install.bat
new file mode 100644
index 0000000..a10f8d7
--- /dev/null
+++ b/install.bat
@@ -0,0 +1,40 @@
+@echo off
+setlocal
+
+REM Find the necessary resources
+set ANT_HOME=.
+
+REM We need a JVM
+if not defined JAVA_HOME (
+ echo Error: JAVA_HOME is not defined.
+ exit /b
+)
+
+if not defined JAVACMD (
+ set JAVACMD="%JAVA_HOME%\bin\java.exe"
+)
+
+if not exist %JAVACMD% (
+ echo Error: JAVA_HOME is not defined correctly.
+ echo Cannot execute %JAVACMD%
+ exit /b
+)
+
+if defined CLASSPATH (
+ set LOCALCLASSPATH=%CLASSPATH%
+)
+
+REM add in the dependency .jar files
+for %%i in (%ANT_HOME%\src\installer\lib\*.jar) do (
+ call %ANT_HOME%\cpappend.bat %%i
+)
+
+if exist %JAVA_HOME%\lib\tools.jar (
+ set LOCALCLASSPATH=%LOCALCLASSPATH%;%JAVA_HOME%\lib\tools.jar
+)
+
+if exist %JAVA_HOME%\lib\classes.zip (
+ set LOCALCLASSPATH=%LOCALCLASSPATH%;%JAVA_HOME%\lib\classes.zip
+)
+
+%JAVACMD% -cp "%LOCALCLASSPATH%" -Dant.home="%ANT_HOME%" %ANT_OPTS% org.apache.tools.ant.Main -e -f src/installer/resources/build.xml %*
diff --git a/install.sh b/install.sh
new file mode 100644
index 0000000..327bf90
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,94 @@
+#! /bin/sh
+
+# OS specific support. $var _must_ be set to either true or false.
+cygwin=false;
+darwin=false;
+case "`uname`" in
+ CYGWIN*) cygwin=true ;;
+ Darwin*) darwin=true ;;
+esac
+
+#Find the necessary resources
+ANT_HOME=.
+
+if [ -z "$JAVACMD" ] ; then
+ if [ -n "$JAVA_HOME" ] ; then
+ if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+ # IBM's JDK on AIX uses strange locations for the executables
+ JAVACMD=$JAVA_HOME/jre/sh/java
+ else
+ JAVACMD=$JAVA_HOME/bin/java
+ fi
+ else
+ JAVACMD=java
+ fi
+fi
+
+if [ ! -x "$JAVACMD" ] ; then
+ echo "Error: JAVA_HOME is not defined correctly."
+ echo " We cannot execute $JAVACMD"
+ exit
+fi
+
+if [ -n "$CLASSPATH" ] ; then
+ LOCALCLASSPATH=$CLASSPATH
+fi
+
+# add in the dependency .jar files
+DIRLIBS=${ANT_HOME}/src/installer/lib/*.jar
+for i in ${DIRLIBS}
+do
+ # if the directory is empty, then it will return the input string
+ # this is stupid, so case for it
+ if [ "$i" != "${DIRLIBS}" ] ; then
+ if [ -z "$LOCALCLASSPATH" ] ; then
+ LOCALCLASSPATH=$i
+ else
+ LOCALCLASSPATH="$i":$LOCALCLASSPATH
+ fi
+ fi
+done
+
+if [ -n "$JAVA_HOME" ] ; then
+ if [ -f "$JAVA_HOME/lib/tools.jar" ] ; then
+ LOCALCLASSPATH=$LOCALCLASSPATH:$JAVA_HOME/lib/tools.jar
+ fi
+
+ if [ -f "$JAVA_HOME/lib/classes.zip" ] ; then
+ LOCALCLASSPATH=$LOCALCLASSPATH:$JAVA_HOME/lib/classes.zip
+ fi
+
+ # OSX hack to make Ant work with jikes
+ if $darwin ; then
+ OSXHACK="/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Classes"
+ if [ -d ${OSXHACK} ] ; then
+ for i in ${OSXHACK}/*.jar
+ do
+ JIKESPATH=$JIKESPATH:$i
+ done
+ fi
+ fi
+
+else
+ echo "Warning: JAVA_HOME environment variable is not set."
+ echo " If build fails because sun.* classes could not be found"
+ echo " you will need to set the JAVA_HOME environment variable"
+ echo " to the installation directory of java."
+fi
+
+# supply JIKESPATH to Ant as jikes.class.path
+if [ -n "$JIKESPATH" ] ; then
+ if [ -n "$ANT_OPTS" ] ; then
+ ANT_OPTS="$ANT_OPTS -Djikes.class.path=$JIKESPATH"
+ else
+ ANT_OPTS=-Djikes.class.path=$JIKESPATH
+ fi
+fi
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin; then
+ ANT_HOME=`cygpath --path --windows "$ANT_HOME"`
+ JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
+ LOCALCLASSPATH=`cygpath --path --windows "$LOCALCLASSPATH"`
+fi
+$JAVACMD -classpath "$LOCALCLASSPATH" -Dant.home="${ANT_HOME}" $ANT_OPTS org.apache.tools.ant.Main -e -f src/installer/resources/build.xml "$@"
diff --git a/lib/antlr-2.7.2.jar b/lib/antlr-2.7.2.jar
new file mode 100644
index 0000000..8850fc6
Binary files /dev/null and b/lib/antlr-2.7.2.jar differ
diff --git a/lib/bcprov-ext-jdk15-1.40.jar b/lib/bcprov-ext-jdk15-1.40.jar
new file mode 100644
index 0000000..5fb6c1d
Binary files /dev/null and b/lib/bcprov-ext-jdk15-1.40.jar differ
diff --git a/lib/commons-beanutils-1.7.0.jar b/lib/commons-beanutils-1.7.0.jar
new file mode 100644
index 0000000..b1b89c9
Binary files /dev/null and b/lib/commons-beanutils-1.7.0.jar differ
diff --git a/lib/commons-chain-1.1.jar b/lib/commons-chain-1.1.jar
new file mode 100644
index 0000000..60c027e
Binary files /dev/null and b/lib/commons-chain-1.1.jar differ
diff --git a/lib/commons-codec-1.3.jar b/lib/commons-codec-1.3.jar
new file mode 100644
index 0000000..957b675
Binary files /dev/null and b/lib/commons-codec-1.3.jar differ
diff --git a/lib/commons-collections-3.1.jar b/lib/commons-collections-3.1.jar
new file mode 100644
index 0000000..41e230f
Binary files /dev/null and b/lib/commons-collections-3.1.jar differ
diff --git a/lib/commons-digester-1.8.jar b/lib/commons-digester-1.8.jar
new file mode 100644
index 0000000..1110f0a
Binary files /dev/null and b/lib/commons-digester-1.8.jar differ
diff --git a/lib/commons-httpclient-3.1.jar b/lib/commons-httpclient-3.1.jar
new file mode 100644
index 0000000..7c59774
Binary files /dev/null and b/lib/commons-httpclient-3.1.jar differ
diff --git a/lib/commons-lang-2.1.jar b/lib/commons-lang-2.1.jar
new file mode 100644
index 0000000..87b80ab
Binary files /dev/null and b/lib/commons-lang-2.1.jar differ
diff --git a/lib/commons-validator-1.3.1.jar b/lib/commons-validator-1.3.1.jar
new file mode 100644
index 0000000..55b12b1
Binary files /dev/null and b/lib/commons-validator-1.3.1.jar differ
diff --git a/lib/jargs-1.0.jar b/lib/jargs-1.0.jar
new file mode 100644
index 0000000..cdbc80b
Binary files /dev/null and b/lib/jargs-1.0.jar differ
diff --git a/lib/jcip-annotations-1.0.jar b/lib/jcip-annotations-1.0.jar
new file mode 100644
index 0000000..06e9066
Binary files /dev/null and b/lib/jcip-annotations-1.0.jar differ
diff --git a/lib/jcl-over-slf4j-1.5.5.jar b/lib/jcl-over-slf4j-1.5.5.jar
new file mode 100644
index 0000000..f97cf3d
Binary files /dev/null and b/lib/jcl-over-slf4j-1.5.5.jar differ
diff --git a/lib/joda-time-1.5.2.jar b/lib/joda-time-1.5.2.jar
new file mode 100644
index 0000000..247898f
Binary files /dev/null and b/lib/joda-time-1.5.2.jar differ
diff --git a/lib/log4j-over-slf4j-1.5.5.jar b/lib/log4j-over-slf4j-1.5.5.jar
new file mode 100644
index 0000000..d329877
Binary files /dev/null and b/lib/log4j-over-slf4j-1.5.5.jar differ
diff --git a/lib/logback-classic-0.9.13.jar b/lib/logback-classic-0.9.13.jar
new file mode 100644
index 0000000..e2c1bf8
Binary files /dev/null and b/lib/logback-classic-0.9.13.jar differ
diff --git a/lib/logback-core-0.9.13.jar b/lib/logback-core-0.9.13.jar
new file mode 100644
index 0000000..cce9a6d
Binary files /dev/null and b/lib/logback-core-0.9.13.jar differ
diff --git a/lib/not-yet-commons-ssl-0.3.9.jar b/lib/not-yet-commons-ssl-0.3.9.jar
new file mode 100644
index 0000000..cb1bee3
Binary files /dev/null and b/lib/not-yet-commons-ssl-0.3.9.jar differ
diff --git a/lib/opensaml-2.2.3.jar b/lib/opensaml-2.2.3.jar
new file mode 100644
index 0000000..2712f80
Binary files /dev/null and b/lib/opensaml-2.2.3.jar differ
diff --git a/lib/openws-1.2.2.jar b/lib/openws-1.2.2.jar
new file mode 100644
index 0000000..b66347c
Binary files /dev/null and b/lib/openws-1.2.2.jar differ
diff --git a/lib/oro-2.0.8.jar b/lib/oro-2.0.8.jar
new file mode 100644
index 0000000..23488d2
Binary files /dev/null and b/lib/oro-2.0.8.jar differ
diff --git a/lib/shibboleth-discovery-service-1.1.0.jar b/lib/shibboleth-discovery-service-1.1.0.jar
new file mode 100644
index 0000000..a2083c7
Binary files /dev/null and b/lib/shibboleth-discovery-service-1.1.0.jar differ
diff --git a/lib/slf4j-api-1.5.6.jar b/lib/slf4j-api-1.5.6.jar
new file mode 100644
index 0000000..d794252
Binary files /dev/null and b/lib/slf4j-api-1.5.6.jar differ
diff --git a/lib/struts-core-1.3.9.jar b/lib/struts-core-1.3.9.jar
new file mode 100644
index 0000000..dd50410
Binary files /dev/null and b/lib/struts-core-1.3.9.jar differ
diff --git a/lib/struts-taglib-1.3.9.jar b/lib/struts-taglib-1.3.9.jar
new file mode 100644
index 0000000..fad289f
Binary files /dev/null and b/lib/struts-taglib-1.3.9.jar differ
diff --git a/lib/velocity-1.5.jar b/lib/velocity-1.5.jar
new file mode 100644
index 0000000..7c7f2c4
Binary files /dev/null and b/lib/velocity-1.5.jar differ
diff --git a/lib/xmlsec-1.4.2.jar b/lib/xmlsec-1.4.2.jar
new file mode 100644
index 0000000..6753cec
Binary files /dev/null and b/lib/xmlsec-1.4.2.jar differ
diff --git a/lib/xmltooling-1.2.0.jar b/lib/xmltooling-1.2.0.jar
new file mode 100644
index 0000000..3837ea9
Binary files /dev/null and b/lib/xmltooling-1.2.0.jar differ
diff --git a/src/installer/lib/ant-1.7.0.jar b/src/installer/lib/ant-1.7.0.jar
new file mode 100644
index 0000000..0a56a58
Binary files /dev/null and b/src/installer/lib/ant-1.7.0.jar differ
diff --git a/src/installer/lib/ant-contrib-1.0b2.jar b/src/installer/lib/ant-contrib-1.0b2.jar
new file mode 100644
index 0000000..ea817cd
Binary files /dev/null and b/src/installer/lib/ant-contrib-1.0b2.jar differ
diff --git a/src/installer/lib/ant-launcher-1.7.0.jar b/src/installer/lib/ant-launcher-1.7.0.jar
new file mode 100644
index 0000000..12a1e78
Binary files /dev/null and b/src/installer/lib/ant-launcher-1.7.0.jar differ
diff --git a/src/installer/lib/ant-nodeps-1.7.0.jar b/src/installer/lib/ant-nodeps-1.7.0.jar
new file mode 100644
index 0000000..2d209fa
Binary files /dev/null and b/src/installer/lib/ant-nodeps-1.7.0.jar differ
diff --git a/src/installer/resources/build.xml b/src/installer/resources/build.xml
new file mode 100644
index 0000000..ae85dfa
--- /dev/null
+++ b/src/installer/resources/build.xml
@@ -0,0 +1,68 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/installer/resources/install.properties b/src/installer/resources/install.properties
new file mode 100644
index 0000000..c37d1c1
--- /dev/null
+++ b/src/installer/resources/install.properties
@@ -0,0 +1 @@
+ds.home = /etc/DiscoveryService
\ No newline at end of file
diff --git a/src/installer/resources/logging.xml b/src/installer/resources/logging.xml
new file mode 100644
index 0000000..77fefd6
--- /dev/null
+++ b/src/installer/resources/logging.xml
@@ -0,0 +1,50 @@
+
+
+
+
+
+
+ $DS_HOME$/logs/discoveryService.log
+ true
+
+
+ $DS_HOME$/logs/discovery-%d{yyyy-MM-dd}.log
+
+
+
+ %date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n
+
+
+
+
+ true
+
+ %date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml
new file mode 100644
index 0000000..1cd22d7
--- /dev/null
+++ b/src/installer/resources/wayfconfig.xml
@@ -0,0 +1,159 @@
+
+
+
+
+
+
+
+ Institution
+ University
+ State
+ School
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/main/webapp/WEB-INF/tlds/struts-bean.tld b/src/main/webapp/WEB-INF/tlds/struts-bean.tld
new file mode 100644
index 0000000..7e95a46
--- /dev/null
+++ b/src/main/webapp/WEB-INF/tlds/struts-bean.tld
@@ -0,0 +1,1153 @@
+
+
+
+
+ 1.3
+ 1.2
+ bean
+ http://struts.apache.org/tags-bean
+
+ Note: Some of the features in this taglib are also
+ available in the JavaServer Pages Standard Tag Library (JSTL).
+ The Struts team encourages the use of the standard tags over the Struts
+ specific tags when possible.
+
+
This tag library contains tags useful in accessing beans and their
+ properties, as well as defining new beans (based on these accesses)
+ that are accessible to the remainder of the page via scripting variables
+ and page scope attributes. Convenient mechanisms to create new beans
+ based on the value of request cookies, headers, and parameters are also
+ provided.
+
+
Many of the tags in this tag library will throw a
+ JspException at runtime when they are utilized incorrectly
+ (such as when you specify an invalid combination of tag attributes). JSP
+ allows you to declare an "error page" in the <%@ page %>
+ directive. If you wish to process the actual exception that caused the
+ problem, it is passed to the error page as a request attribute under key
+ org.apache.struts.action.EXCEPTION.
+
+ ]]>
+
+
+ cookie
+ org.apache.struts.taglib.bean.CookieTag
+ org.apache.struts.taglib.bean.CookieTei
+ empty
+
+
+ Define a scripting variable based on the value(s) of the specified
+ request cookie.
+
+
+
Retrieve the value of the specified request cookie (as a single
+ value or multiple values, depending on the multiple attribute),
+ and define the result as a page scope attribute of type Cookie
+ (if multiple is not specified) or Cookie[]
+ (if multiple is specified).
+
+
If no cookie with the specified name can be located, and no default
+ value is specified, a request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified request cookie.
+ ]]>
+
+
+
+ multiple
+ false
+ true
+
+ If any arbitrary value for this attribute is specified, causes all
+ matching cookies to be accumulated and stored into a bean of type
+ Cookie[]. If not specified, the first value for the
+ specified cookie will be retrieved as a value of type
+ Cookie.
+ ]]>
+
+
+
+ name
+ true
+ true
+
+ Specifies the name of the request cookie whose value, or values,
+ is to be retrieved.
+ ]]>
+
+
+
+ value
+ false
+ true
+
+ The default cookie value to return if no cookie with the
+ specified name was included in this request.
+ ]]>
+
+
+
+
+ define
+ org.apache.struts.taglib.bean.DefineTag
+ org.apache.struts.taglib.bean.DefineTei
+ JSP
+
+
+ Define a scripting variable based on the value(s) of the specified
+ bean property.
+
+
+
Create a new attribute (in the scope specified by the
+ toScope property, if any), and a corresponding scripting
+ variable, both of which are named by the value of the id
+ attribute. The corresponding value to which this new attribute (and
+ scripting variable) is set are specified via use of exactly one of the
+ following approaches (trying to use more than one will result in a
+ JspException being thrown):
+
+
Specify a name attribute (plus optional
+ property and scope attributes) -
+ The created attribute and scripting variable will be of the type of the
+ retrieved JavaBean property, unless it is a Java primitive type,
+ in which case it will be wrapped in the appropriate wrapper class
+ (i.e. int is wrapped by java.lang.Integer).
+
Specify a value attribute - The created attribute and
+ scripting variable will be of type java.lang.String,
+ set to the value of this attribute.
+
Specify nested body content - The created attribute and scripting
+ variable will be of type java.lang.String, set to
+ the value of the nested body content.
+
+
+
If a problem occurs while retrieving the specified bean property, a
+ request time exception will be thrown.
+
+
The <bean:define> tag differs from
+ <jsp:useBean> in several ways, including:
+
+
Unconditionally creates (or replaces) a bean under the
+ specified identifier.
+
Can create a bean with the value returned by a property getter
+ of a different bean (including properties referenced with a
+ nested and/or indexed property name).
+
Can create a bean whose contents is a literal string (or the result
+ of a runtime expression) specified by the value
+ attribute.
+
Does not support nested content (such as
+ <jsp:setProperty> tags) that are only executed
+ if a bean was actually created.
+
+
+
USAGE NOTE - There is a restriction in the JSP 1.1
+ Specification that disallows using the same value for an id
+ attribute more than once in a single JSP page. Therefore, you will not
+ be able to use <bean:define> for the same bean
+ name more than once in a single page.
+
+
USAGE NOTE - If you use another tag to create the
+ body content (e.g. bean:write), that tag must return a non-empty String.
+ An empty String equates to an empty body or a null String, and a new
+ scripting variable cannot be defined as null. Your bean must return a
+ non-empty String, or the define tag must be wrapped within a logic tag
+ to test for an empty or null value.
+
+
USAGE NOTE - You cannot use bean:define to instantiate
+ a DynaActionForm (type="org.apache.struts.action.DynaActionForm") with
+ the properties specified in the struts-config. The mechanics of creating
+ the dyna-properties is complex and cannot be handled by a no-argument
+ constructor. If you need to create an ActionForm this way, you must use
+ a conventional ActionForm.
+
+
+
See the Bean Developer's Guide section on
+
+ bean creation for more information about these differences, as well
+ as alternative approaches to introducing beans into a JSP page.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified property.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ Specifies the attribute name of the bean whose property is accessed
+ to define a new page scope attribute (if property is also
+ specified) or the attribute name of the bean that is duplicated with
+ the new reference created by this tag (if property is not
+ also specified). This attribute is required unless you specify
+ a value attribute or nested body content.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Specifies the name of the property to be accessed on the bean
+ specified by name. This value may be a simple, indexed,
+ or nested property reference expression. If not specified, the bean
+ identified by name is given a new reference identified by
+ id.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ Specifies the variable scope searched to retrieve the bean specified
+ by name. If not specified, the default rules applied by
+ PageContext.findAttribute() are applied.
+ ]]>
+
+
+
+ toScope
+ false
+ true
+
+ Specifies the variable scope into which the newly defined bean will
+ be created. If not specified, the bean will be created in
+ page scope.
+ ]]>
+
+
+
+ type
+ false
+ true
+
+ Specifies the fully qualified class name of the value to be exposed
+ as the id attribute.
+ ]]>
+
+
+
+ value
+ false
+ true
+
+ The java.lang.String value to which the exposed bean
+ should be set. This attribute is required unless you specify the
+ name attribute or nested body content.
+ ]]>
+
+
+
+
+ header
+ org.apache.struts.taglib.bean.HeaderTag
+ org.apache.struts.taglib.bean.HeaderTei
+ empty
+
+
+ Define a scripting variable based on the value(s) of the specified
+ request header.
+
+
+
Retrieve the value of the specified request header (as a single
+ value or multiple values, depending on the multiple attribute),
+ and define the result as a page scope attribute of type String
+ (if multiple is not specified) or String[]
+ (if multiple is specified).
+
+
If no header with the specified name can be located, and no default
+ value is specified, a request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified request header.
+ ]]>
+
+
+
+ multiple
+ false
+ true
+
+ If any arbitrary value for this attribute is specified, causes a call
+ to HttpServletRequest.getHeaders() and a definition of the
+ result as a bean of type String[]. Otherwise,
+ HttpServletRequest.getHeader() will be called, and a
+ definition of the result as a bean of type String
+ will be performed.
+ ]]>
+
+
+
+ name
+ true
+ true
+
+ Specifies the name of the request header whose value, or values,
+ is to be retrieved.
+ ]]>
+
+
+
+ value
+ false
+ true
+
+ The default header value to return if no header with the
+ specified name was included in this request.
+ ]]>
+
+
+
+
+ include
+ org.apache.struts.taglib.bean.IncludeTag
+ org.apache.struts.taglib.bean.IncludeTei
+ empty
+
+
+ Load the response from a dynamic application request and make it available
+ as a bean.
+
+
+
Perform an internal dispatch to the specified application component
+ (or external URL)
+ and make the response data from that request available as a bean of
+ type String. This tag has a function similar to that of
+ the standard <jsp:include> tag, except that the
+ response data is stored in a page scope attribute instead of being
+ written to the output stream. If the current request is part of a
+ session, the generated request for the include will also include the
+ session identifier (and thus be part of the same session).
+
+
The URL used to access the specified application component is
+ calculated based on which of the following attributes you specify
+ (you must specify exactly one of them):
+
+
forward - Use the value of this attribute as the name
+ of a global ActionForward to be looked up, and
+ use the module-relative or context-relative URI found there.
+
href - Use the value of this attribute unchanged (since
+ this might link to a resource external to the application, the
+ session identifier is not included.
+
page - Use the value of this attribute as an
+ module-relative URI to the desired resource.
+
+ ]]>
+
+
+ anchor
+ false
+ true
+
+ Optional anchor tag ("#xxx") to be added to the generated
+ hyperlink. Specify this value without any
+ "#" character.
+ ]]>
+
+
+
+ forward
+ false
+ true
+
+ Logical name of a global ActionForward that contains
+ the actual content-relative URI of the resource to be included.
+ ]]>
+
+
+
+ href
+ false
+ true
+
+ Absolute URL (including the appropriate protocol prefix such as
+ "http:") of the resource to be included. Because this URL could be
+ external to the current web application, the session identifier will
+ not be included in the request.
+ ]]>
+
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified web application resource.
+ ]]>
+
+
+
+ page
+ false
+ true
+
+ Module-relative URI (starting with a '/') of the web application
+ resource to be included.
+ ]]>
+
+
+
+ transaction
+ false
+ true
+ boolean
+
+ Set to true if you want the current
+ transaction control token included in the generated
+ URL for this include.
+ ]]>
+
+
+
+
+ message
+ org.apache.struts.taglib.bean.MessageTag
+ empty
+
+
+ Render an internationalized message string to the response.
+
+
+
Retrieves an internationalized message for the specified locale,
+ using the specified message key, and write it to the output stream.
+ Up to five parametric replacements (such as "{0}") may be specified.
+
+
The message key may be specified directly, using the key
+ attribute, or indirectly, using the name and
+ property attributes to obtain it from a bean.
+
+
+ JSTL: The equivalent JSTL tag is <fmt:message>. For example,
+
+
+ <fmt:message key="my.msg.key">
+ <fmt:param value="replacement text"/>
+ </fmt:message>
+
+
+ ]]>
+
+
+ arg0
+ false
+ true
+
+ First parametric replacement value, if any.
+ ]]>
+
+
+
+ arg1
+ false
+ true
+
+ Second parametric replacement value, if any.
+ ]]>
+
+
+
+ arg2
+ false
+ true
+
+ Third parametric replacement value, if any.
+ ]]>
+
+
+
+ arg3
+ false
+ true
+
+ Fourth parametric replacement value, if any.
+ ]]>
+
+
+
+ arg4
+ false
+ true
+
+ Fifth parametric replacement value, if any.
+ ]]>
+
+
+
+ bundle
+ false
+ true
+
+ The name of the application scope bean under which the
+ MessageResources object containing our messages
+ is stored.
+ ]]>
+
+
+
+ key
+ false
+ true
+
+ The message key of the requested message, which must have
+ a corresponding value in the message resources. If not specified,
+ the key is obtained from the name and
+ property attributes.
+ ]]>
+
+
+
+ locale
+ false
+ true
+
+ The name of the session scope bean under which our currently
+ selected Locale object is stored.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ Specifies the attribute name of the bean whose property is accessed
+ to retrieve the value specified by property (if
+ specified). If property is not specified, the value of
+ this bean itself will be used as the message resource key.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Specifies the name of the property to be accessed on the bean
+ specified by name. This value may be a simple, indexed,
+ or nested property reference expression. If not specified, the value
+ of the bean identified by name will itself be used as the
+ message resource key.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ Specifies the variable scope searched to retrieve the bean specified
+ by name. If not specified, the default rules applied by
+ PageContext.findAttribute() are applied.
+ ]]>
+
+
+
+
+ page
+ org.apache.struts.taglib.bean.PageTag
+ org.apache.struts.taglib.bean.PageTei
+ empty
+
+
+ Expose a specified item from the page context as a bean.
+
+
+
Retrieve the value of the specified item from the page context
+ for this page, and define it as a scripting variable, and a page scope
+ attribute accessible to the remainder of the current page.
+
+
If a problem occurs while retrieving the specified configuration
+ object, a request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated
+ page scope attribute) that will be made available with the value of
+ the specified page context property.
+ ]]>
+
+
+
+ property
+ true
+ true
+
+ Name of the property from our page context to be retrieved and
+ exposed. Must be one of application, config,
+ request, response, or session.
+
+ ]]>
+
+
+
+
+ parameter
+ org.apache.struts.taglib.bean.ParameterTag
+ org.apache.struts.taglib.bean.ParameterTei
+ empty
+
+
+ Define a scripting variable based on the value(s) of the specified
+ request parameter.
+
+
+
Retrieve the value of the specified request parameter (as a single
+ value or multiple values, depending on the multiple attribute),
+ and define the result as a page scope attribute of type String
+ (if multiple is not specified) or String[]
+ (if multiple is specified).
+
+
If no request parameter with the specified name can be located, and
+ no default value is specified, a request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified request parameter.
+ ]]>
+
+
+
+ multiple
+ false
+ true
+
+ If any arbitrary value for this attribute is specified, causes a call
+ to ServletRequest.getParameterValues() and a definition of
+ the result as a bean of type String[]. Otherwise,
+ ServletRequest.getParameter() will be called, and a
+ definition of the result as a bean of type String
+ will be performed.
+ ]]>
+
+
+
+ name
+ true
+ true
+
+ Specifies the name of the request parameter whose value, or values,
+ is to be retrieved.
+ ]]>
+
+
+
+ value
+ false
+ true
+
+ The default parameter value to return if no parameter with the
+ specified name was included in this request.
+ ]]>
+
+
+
+
+ resource
+ org.apache.struts.taglib.bean.ResourceTag
+ org.apache.struts.taglib.bean.ResourceTei
+ empty
+
+
+ Load a web application resource and make it available as a bean.
+
+
+
Retrieve the value of the specified web application resource, and make
+ it available as either a InputStream or a String,
+ depending on the value of the input attribute.
+
+
If a problem occurs while retrieving the specified resource, a
+ request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated page
+ scope attribute) that will be made available with the value of the
+ specified web application resource.
+ ]]>
+
+
+
+ input
+ false
+ true
+
+ If any arbitrary value for this attribute is specified, the resource
+ will be made available as an InputStream. If this
+ attribute is not specified, the resource will be made available
+ as a String.
+ ]]>
+
+
+
+ name
+ true
+ true
+
+ Module-relative name (starting with a '/') of the web application
+ resource to be loaded and made available.
+ ]]>
+
+
+
+
+ size
+ org.apache.struts.taglib.bean.SizeTag
+ org.apache.struts.taglib.bean.SizeTei
+ empty
+
+
+ Define a bean containing the number of elements in a Collection or Map.
+
+
+
Given a reference to an array, Collection or Map, creates a new bean, of
+ type java.lang.Integer, whose value is the number of elements
+ in that collection. You can specify the collection to be counted in any
+ one of the following ways:
+
+
As a runtime expression specified as the value of the
+ collection attribute.
+
As a JSP bean specified by the name attribute.
+
As the property, specified by the property attribute,
+ of the JSP bean specified by the name attribute.
+
+ ]]>
+
+
+ collection
+ false
+ true
+ java.lang.Object
+
+ A runtime expression that evaluates to an array, a Collection, or
+ a Map.
+ ]]>
+
+
+
+ id
+ true
+ false
+
+ The name of a page scope JSP bean, of type
+ java.lang.Integer, that will be created to contain the
+ size of the underlying collection being counted.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The name of the JSP bean (optionally constrained to the scope
+ specified by the scope attribute) that contains the
+ collection to be counted (if property is not specified),
+ or whose property getter is called to return the collection to be
+ counted (if property is specified.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The name of the property, of the bean specified by the
+ name attribute, whose getter method will return the
+ collection to be counted.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the JSP bean specified
+ by the name attribute. If not specified, the available
+ scopes are searched in ascending sequence.
+ ]]>
+
+
+
+
+ struts
+ org.apache.struts.taglib.bean.StrutsTag
+ org.apache.struts.taglib.bean.StrutsTei
+ empty
+
+
+ Expose a named Struts internal configuration object as a bean.
+
+
+
Retrieve the value of the specified Struts internal configuration
+ object, and define it as a scripting variable and as a page scope
+ attribute accessible to the remainder of the current page. You must
+ specify exactly one of the formBean, forward,
+ and mapping attributes to select the configuration object
+ to be exposed.
+
+
If a problem occurs while retrieving the specified configuration
+ object, a request time exception will be thrown.
+ ]]>
+
+
+ id
+ true
+ false
+
+ Specifies the name of the scripting variable (and associated
+ page scope attribute) that will be made available with the value of
+ the specified Struts internal configuration object.
+ ]]>
+
+
+
+ formBean
+ false
+ true
+
+ Specifies the name of the Struts ActionFormBean
+ definition object to be exposed.
+ ]]>
+
+
+
+ forward
+ false
+ true
+
+ Specifies the name of the global Struts ActionForward
+ definition object to be exposed.
+ ]]>
+
+
+
+ mapping
+ false
+ true
+
+ Specifies the matching path of the Struts ActionMapping
+ definition object to be exposed.
+ ]]>
+
+
+
+
+ write
+ org.apache.struts.taglib.bean.WriteTag
+ empty
+
+
+ Render the value of the specified bean property to the current
+ JspWriter.
+
+
+
Retrieve the value of the specified bean property, and render it to the
+ current JspWriter as a String by the ways:
+
+
If format attribute exists then value will be formatted on base of format
+ string from format attribute and default system locale.
+
If in resources exists format string for value data type (view format
+ attribute description) then value will be formatted on base of format string
+ from resources. Resources bundle and target locale can be specified with
+ bundle and locale attributes. If nothing specified then
+ default resource bundle and current user locale will be used.
+
If there is a PropertyEditor configured for the property value's class, the
+ getAsText() method will be called.
+
Otherwise, the usual toString() conversions will be applied.
+
+
When a format string is provided, numeric values are formatted using the
+ java.text.DecimalFormat class; if the format string came from
+ a resource, the applyLocalisedPattern() method is used, and
+ applyPattern() is used otherwise. Dates are formatted using
+ the SimpleDateFormat class. For details of the specific format
+ patterns, please see the Javadocs for those classes.
+
If a problem occurs while retrieving the specified bean property, a
+ request time exception will be thrown.
+ ]]>
+
+
+ bundle
+ false
+ true
+
+ The name of the application scope bean under which the
+ MessageResources object containing our messages
+ is stored.
+ ]]>
+
+
+
+ filter
+ false
+ true
+ boolean
+
+ If this attribute is set to true, the rendered property
+ value will be filtered for characters that are sensitive in HTML, and any
+ such characters will be replaced by their entity equivalents.
+ ]]>
+
+
+
+ format
+ false
+ true
+
+ Specifies the format string to use to convert bean or property value
+ to the String. If nothing specified, then default format
+ string for value data type will be searched in message resources by
+ according key.
+
+ ]]>
+
+
+
+ formatKey
+ false
+ true
+
+ Specifies the key to search format string in application resources.
+ ]]>
+
+
+
+ ignore
+ false
+ true
+ boolean
+
+ If this attribute is set to true, and the bean specified
+ by the name and scope attributes does not
+ exist, simply return without writing anything. If this attribute is
+ set to false, a runtime exception to be thrown,
+ consistent with the other tags in this tag library.
+ ]]>
+
+
+
+ locale
+ false
+ true
+
+ The name of the session scope bean under which our currently
+ selected Locale object is stored.
+ ]]>
+
+
+
+ name
+ true
+ true
+
+ Specifies the attribute name of the bean whose property is accessed
+ to retrieve the value specified by property (if
+ specified). If property is not specified, the value of
+ this bean itself will be rendered.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Specifies the name of the property to be accessed on the bean
+ specified by name. This value may be a simple, indexed,
+ or nested property reference expression. If not specified, the bean
+ identified by name will itself be rendered. If the
+ specified property returns null, no output will be rendered.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ Specifies the variable scope searched to retrieve the bean specified
+ by name. If not specified, the default rules applied by
+ PageContext.findAttribute() are applied.
+ ]]>
+
+
+
+
+
+
+
diff --git a/src/main/webapp/WEB-INF/tlds/struts-logic.tld b/src/main/webapp/WEB-INF/tlds/struts-logic.tld
new file mode 100644
index 0000000..fe638ae
--- /dev/null
+++ b/src/main/webapp/WEB-INF/tlds/struts-logic.tld
@@ -0,0 +1,1893 @@
+
+
+
+
+ 1.3
+ 1.2
+ logic
+ http://struts.apache.org/tags-logic
+
+ Note: Some of the features in this taglib are also
+ available in the JavaServer Pages Standard Tag Library (JSTL).
+ The Struts team encourages the use of the standard tags over the Struts
+ specific tags when possible.
+
+
This tag library contains tags that are useful in managing conditional
+ generation of output text, looping over object collections for
+ repetitive generation of output text, and application flow management.
+
+
For tags that do value comparisons (equal,
+ greaterEqual, greaterThan, lessEqual,
+ lessThan, notEqual), the following rules apply:
+
+
The specified value is examined. If it can be converted successfully
+ to a double or a long, it is assumed that the
+ ultimate comparison will be numeric (either floating point or integer).
+ Otherwise, a String comparison will be performed.
+
The variable to be compared to is retrieved, based on the selector
+ attribute(s) (cookie, header,
+ name, parameter, property)
+ present on this tag. It will be converted to the appropriate type
+ for the comparison, as determined above.
+
If the specified variable or property returns null, it will be
+ coerced to a zero-length string before the comparison occurs.
+
The specific comparison for this tag will be performed, and the nested
+ body content of this tag will be evaluated if the comparison returns
+ a true result.
+
+
+
For tags that do substring matching (match,
+ notMatch), the following rules apply:
+
+
The specified variable is retrieved, based on the selector attribute(s)
+ (cookie, header, name,
+ parameter, property) present on this tag.
+ The variable is converted to a String, if necessary.
+
A request time exception will be thrown if the specified variable
+ cannot be retrieved, or has a null value.
+
The specified value is checked for existence as a substring of the
+ variable, in the position specified by the location
+ attribute, as follows: at the beginning (if location is set to
+ start), at the end (if location is set to
+ end), or anywhere (if location is not specified).
+
+
+
Many of the tags in this tag library will throw a
+ JspException at runtime when they are utilized incorrectly
+ (such as when you specify an invalid combination of tag attributes). JSP
+ allows you to declare an "error page" in the <%@ page %>
+ directive. If you wish to process the actual exception that caused the
+ problem, it is passed to the error page as a request attribute under key
+ org.apache.struts.action.EXCEPTION.
+
+ ]]>
+
+
+ empty
+ org.apache.struts.taglib.logic.EmptyTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested variable is
+ either null or an empty string.
+
+
+
This tag evaluates its nested body content only if the specified value
+ is either absent (i.e. null), an empty string (i.e. a
+ java.lang.String with a length of zero), or an empty
+ java.util.Collection or java.util.Map (tested by
+ the .isEmpty() method on the respective interface).
+
+
+ JSTL: The equivalent JSTL tag is <c:if> using the
+ empty operator. For example,
+
+
+ <c:if test="${empty sessionScope.myBean.myProperty}">
+ do something
+ </c:if>
+
+
+
+
Since:
+
Struts 1.1
+ ]]>
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+
+ equal
+ org.apache.struts.taglib.logic.EqualTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is equal to the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable and value are equal.
+
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ forward
+ org.apache.struts.taglib.logic.ForwardTag
+ empty
+
+
+ Forward control to the page specified by the specified ActionForward
+ entry.
+
+
+
Performs a PageContext.forward() or
+ HttpServletResponse.sendRedirect() call for the global
+ ActionForward entry for the specified name. URL
+ rewriting will occur automatically if a redirect is performed.
+ ]]>
+
+
+ name
+ true
+ true
+
+
+ The logical name of the global ActionForward entry
+ that identifies the destination, and forwarding approach, to be used.
+ Note: forwarding to Tiles definitions is not supported
+ from this tag. You should forward to them from an Action subclass.
+
+ ]]>
+
+
+
+
+ greaterEqual
+ org.apache.struts.taglib.logic.GreaterEqualTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is greater than or equal to the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable is greater than or equal
+ to the value.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ greaterThan
+ org.apache.struts.taglib.logic.GreaterThanTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is greater than the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable is greater than
+ the value.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ iterate
+ org.apache.struts.taglib.logic.IterateTag
+ org.apache.struts.taglib.logic.IterateTei
+ JSP
+
+
+ Repeat the nested body content of this tag over a specified collection.
+
+
+
Repeats the nested body content of this tag once for every element
+ of the specified collection, which must be an Iterator,
+ a Collection, a Map (whose values are to be
+ iterated over), or an array. The collection to be iterated over must be
+ specified in one of the following ways:
+
+
As a runtime expression specified as the value of the
+ collection attribute.
+
As a JSP bean specified by the name attribute.
+
As the property, specified by the property, of the
+ JSP bean specified by the name attribute.
+
+
+
The collection to be iterated over MUST conform to one of the following
+ requirements in order for iteration to be successful:
+
+
An array of Java objects or primitives.
+
+
An implementation of java.util.Collection, including
+ ArrayList and Vector.
+
An implementation of java.util.Enumeration.
+
An implementation of java.util.Iterator.
+
An implementation of java.util.Map, including
+ HashMap, Hashtable, and
+ TreeMap. NOTE - See below for
+ additional information about accessing Maps.
+
+
+
Normally, each object exposed by the iterate tag is an element
+ of the underlying collection you are iterating over. However, if you
+ iterate over a Map, the exposed object is of type
+ Map.Entry that has two properties:
+
+
key - The key under which this item is stored in the
+ underlying Map.
+
value - The value that corresponds to this key.
+
+
+
So, if you wish to iterate over the values of a Hashtable, you would
+ implement code like the following:
+
+ <logic:iterate id="element" name="myhashtable">
+ Next element is <bean:write name="element" property="value"/>
+ </logic:iterate>
+
+
+
If the collection you are iterating over can contain null
+ values, the loop will still be performed but no page scope attribute
+ (named by the id attribute) will be created for that loop
+ iteration. You can use the <logic:present> and
+ <logic:notPresent> tags to test for this case.
+
+ ]]>
+
+
+ collection
+ false
+ true
+ java.lang.Object
+
+ A runtime expression that evaluates to a collection (conforming to
+ the requirements listed above) to be iterated over.
+ ]]>
+
+
+
+ id
+ true
+ false
+
+ The name of a page scope JSP bean that will contain the current
+ element of the collection on each iteration, if it is not
+ null.
+ ]]>
+
+
+
+ indexId
+ false
+ false
+
+ The name of a page scope JSP bean that will contain the current
+ index of the collection on each iteration.
+ ]]>
+
+
+
+ length
+ false
+ true
+
+ The maximum number of entries (from the underlying collection) to be
+ iterated through on this page. This can be either an integer that
+ directly expresses the desired value, or the name of a JSP bean (in
+ any scope) of type java.lang.Integer that defines the
+ desired value. If not present, there will be no limit on the number
+ of iterations performed.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The name of the JSP bean containing the collection to be iterated
+ (if property is not specified), or the JSP bean whose
+ property getter returns the collection to be iterated (if
+ property is specified).
+ ]]>
+
+
+
+ offset
+ false
+ true
+
+ The zero-relative index of the starting point at which entries from
+ the underlying collection will be iterated through. This can be either
+ an integer that directly expresses the desired value, or the name of a
+ JSP bean (in any scope) of type java.lang.Integer that
+ defines the desired value. If not present, zero is assumed (meaning
+ that the collection will be iterated from the beginning.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Name of the property, of the JSP bean specified by name,
+ whose getter returns the collection to be iterated.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ type
+ false
+ true
+
+ Fully qualified Java class name of the element to be exposed through
+ the JSP bean named from the id attribute. If not present,
+ no type conversions will be performed. NOTE: The actual elements of
+ the collection must be assignment-compatible with this class, or a
+ request time ClassCastException will occur.
+ ]]>
+
+
+
+
+ lessEqual
+ org.apache.struts.taglib.logic.LessEqualTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is less than or equal to the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable is less than or equal
+ to the value.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ lessThan
+ org.apache.struts.taglib.logic.LessThanTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is less than the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable is less than
+ the value.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ match
+ org.apache.struts.taglib.logic.MatchTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the specified value
+ is an appropriate substring of the requested variable.
+
+
+
Matches the variable specified by one of the selector attributes
+ (as a String) against the specified constant value. If the value is
+ a substring (appropriately limited by the location
+ attribute), the nested body content of this tag is evaluated.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be matched is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be matched is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ location
+ false
+ true
+
+ If not specified, a match between the variable and the value may
+ occur at any position within the variable string. If specified, the
+ match must occur at the specified location (either start
+ or end) of the variable string.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be matched is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be matched is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be matched is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value which is checked for existence as a substring
+ of the specified variable.
+ ]]>
+
+
+
+
+ messagesNotPresent
+
+ org.apache.struts.taglib.logic.MessagesNotPresentTag
+ JSP
+
+
+ Generate the nested body content of this tag if the specified
+ message is not present in any scope.
+
+
+
Evaluates the nested body content of this tag if
+ an ActionMessages
+ object, ActionErrors object, a String,
+ or a String array is not present in any scope. If
+ such a bean is found, nothing will be rendered.
+
+
+
Since:
+
Struts 1.1
+ ]]>
+
+
+ name
+ false
+ true
+
+ The parameter key used to retrieve the message from page, request,
+ session or application scope.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Name of the property for which messages should be
+ retrieved. If not specified, all messages (regardless
+ of property) are retrieved.
+
+ ]]>
+
+
+
+ message
+ false
+ true
+
+ By default the tag will retrieve the bean it will
+ iterate over from the Globals.ERROR_KEY constant string,
+ but if this attribute is set to 'true' the bean
+ will be retrieved from the Globals.MESSAGE_KEY
+ constant string. Also if this is set to 'true', any value
+ assigned to the name attribute will be ignored.
+
+ ]]>
+
+
+
+
+ messagesPresent
+
+ org.apache.struts.taglib.logic.MessagesPresentTag
+ JSP
+
+
+ Generate the nested body content of this tag if the specified
+ message is present in any scope.
+
+
+
Evaluates the nested body content of this tag if
+ an ActionMessages
+ object, ActionErrors object, a String,
+ or a String array is present in any scope. If
+ such a bean is not found, nothing will be rendered.
+
+
+
Since:
+
Struts 1.1
+ ]]>
+
+
+ name
+ false
+ true
+
+ The parameter key used to retrieve the message from page, request,
+ session, or application scope.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Name of the property for which messages should be
+ retrieved. If not specified, all messages (regardless
+ of property) are retrieved.
+
+ ]]>
+
+
+
+ message
+ false
+ true
+
+ By default the tag will retrieve the bean it will
+ iterate over from the Globals.ERROR_KEY constant string,
+ but if this attribute is set to 'true' the bean
+ will be retrieved from the Globals.MESSAGE_KEY
+ constant string. Also if this is set to 'true', any value
+ assigned to the name attribute will be ignored.
+
+ ]]>
+
+
+
+
+ notEmpty
+ org.apache.struts.taglib.logic.NotEmptyTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested variable is
+ neither null, nor an empty string, nor an empty java.util.Collection
+ (tested by the .isEmpty() method on the java.util.Collection interface).
+
+
+
This tag evaluates its nested body content only if the specified value
+ is present (i.e. not null) and is not an empty string (i.e. a
+ java.lang.String with a length of zero).
+
+
+ JSTL: The equivalent JSTL tag is <c:if> using the
+ ! empty operator. For example,
+
+
+ <c:if test="${ ! empty sessionScope.myBean.myProperty}">
+ do something
+ </c:if>
+
+
+ ]]>
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+
+ notEqual
+ org.apache.struts.taglib.logic.NotEqualTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the requested
+ variable is not equal to the specified value.
+
+
+
Compares the variable specified by one of the selector attributes
+ against the specified constant value. The nested body content of this
+ tag is evaluated if the variable and value are not equal.
+
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be compared is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be compared is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be compared is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be compared is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be compared is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value to which the variable, specified by other
+ attribute(s) of this tag, will be compared.
+ ]]>
+
+
+
+
+ notMatch
+ org.apache.struts.taglib.logic.NotMatchTag
+ JSP
+
+
+ Evaluate the nested body content of this tag if the specified value
+ is not an appropriate substring of the requested variable.
+
+
+
Matches the variable specified by one of the selector attributes
+ (as a String) against the specified constant value. If the value is
+ not a substring (appropriately limited by the location
+ attribute), the nested body content of this tag is evaluated.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ The variable to be matched is the value of the cookie whose
+ name is specified by this attribute.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ The variable to be matched is the value of the header whose
+ name is specified by this attribute. The name match is performed
+ in a case insensitive manner.
+ ]]>
+
+
+
+ location
+ false
+ true
+
+ If not specified, a match between the variable and the value may
+ occur at any position within the variable string. If specified, the
+ match must occur at the specified location (either start
+ or end) of the variable string.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The variable to be matched is the JSP bean specified by this
+ attribute, if property is not specified, or the value
+ of the specified property of this bean, if property
+ is specified.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ The variable to be matched is the first, or only, value of the
+ request parameter specified by this attribute.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The variable to be matched is the property (of the bean specified
+ by the name attribute) specified by this attribute.
+ The property reference can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ value
+ true
+ true
+
+ The constant value which is checked for existence as a substring
+ of the specified variable.
+ ]]>
+
+
+
+
+ notPresent
+ org.apache.struts.taglib.logic.NotPresentTag
+ JSP
+
+
+ Generate the nested body content of this tag if the specified
+ value is not present in this request.
+
+
+
Depending on which attribute is specified, this tag checks the
+ current request, and evaluates the nested body content of this tag
+ only if the specified value is not present. Only one
+ of the attributes may be used in one occurrence of this tag, unless
+ you use the property attribute, in which case the
+ name attribute is also required.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ Checks for the existence of a cookie with the specified name.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ Checks for the existence of an HTTP header with the specified
+ name. The name match is performed in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ Checks for the existence of a JSP bean, in any scope, with the
+ specified name. If property is also specified, checks
+ for a non-null property value for the specified property.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ Checks for the existence of at least one occurrence of the
+ specified request parameter on this request, even if the parameter
+ value is a zero-length string.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Checks for the existence of a non-null property value, returned
+ by a property getter method on the JSP bean (in any scope) that is
+ specified by the name attribute. Property references
+ can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ role
+ false
+ true
+
+ Checks whether the currently authenticated user (if any) has been
+ associated with the specified security role.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ user
+ false
+ true
+
+ Checks whether the currently authenticated user principal has the
+ specified name.
+ ]]>
+
+
+
+
+ present
+ org.apache.struts.taglib.logic.PresentTag
+ JSP
+
+
+ Generate the nested body content of this tag if the specified
+ value is present in this request.
+
+
+
Depending on which attribute is specified, this tag checks the
+ current request, and evaluates the nested body content of this tag
+ only if the specified value is present. Only one
+ of the attributes may be used in one occurrence of this tag, unless
+ you use the property attribute, in which case the
+ name attribute is also required.
+ ]]>
+
+
+ cookie
+ false
+ true
+
+ Checks for the existence of a cookie with the specified name.
+ ]]>
+
+
+
+ header
+ false
+ true
+
+ Checks for the existence of an HTTP header with the specified
+ name. The name match is performed in a case insensitive manner.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ Checks for the existence of a JSP bean, in any scope, with the
+ specified name. If property is also specified, checks
+ for a non-null property value for the specified property.
+ ]]>
+
+
+
+ parameter
+ false
+ true
+
+ Checks for the existence of at least one occurrence of the
+ specified request parameter on this request, even if the parameter
+ value is a zero-length string.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ Checks for the existence of a non-null property value, returned
+ by a property getter method on the JSP bean (in any scope) that is
+ specified by the name attribute. Property references
+ can be simple, nested, and/or indexed.
+ ]]>
+
+
+
+ role
+ false
+ true
+
+ Checks whether the currently authenticated user (if any) has been
+ associated with any of the specified security roles. Use a comma-delimited
+ list to check for multiple roles. Example:
+ <logic:present role="role1,role2,role3">
+ code.....
+ </logic:present>
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The bean scope within which to search for the bean named by the
+ name property, or "any scope" if not specified.
+ ]]>
+
+
+
+ user
+ false
+ true
+
+ Checks whether the currently authenticated user principal has the
+ specified name.
+ ]]>
+
+
+
+
+ redirect
+ org.apache.struts.taglib.logic.RedirectTag
+
+ Render an HTTP Redirect
+
+
+
Performs an HttpServletResponse.sendRedirect()
+ call to the hyperlink specified by the attributes to this
+ tag. URL rewriting will be applied automatically, to
+ maintain session state in the absence of cookies.
+
+
The base URL for this redirect is calculated based on
+ which of the following attributes you specify (you must
+ specify exactly one of them):
+
+
forward - Use the value of this attribute as the
+ name of a global ActionForward to be looked
+ up, and use the module-relative or context-relative
+ URI found there.
+
href - Use the value of this attribute unchanged.
+
+
page - Use the value of this attribute as an
+ module-relative URI, and generate a server-relative
+ URI by including the context path.
+
+
+
Normally, the redirect you specify with one of the
+ attributes described in the previous paragraph will be left
+ unchanged (other than URL rewriting if necessary). However,
+ there are two ways you can append one or more dynamically
+ defined query parameters to the hyperlink -- specify a single
+ parameter with the paramId attribute (and its
+ associated attributes to select the value), or specify the
+ name (and optional property)
+ attributes to select a java.util.Map bean that
+ contains one or more parameter ids and corresponding values.
+
+
+
To specify a single parameter, use the paramId
+ attribute to define the name of the request parameter to be
+ submitted. To specify the corresponding value, use one of the
+ following approaches:
+
+
Specify only the paramName attribute
+ - The named JSP bean (optionally scoped by the value of the
+ paramScope attribute) must identify a value
+ that can be converted to a String.
+
Specify both the paramName and
+ paramProperty attributes - The specified
+ property getter method will be called on the JSP bean
+ identified by the paramName (and optional
+ paramScope) attributes, in order to select
+ a value that can be converted to a String.
+
+
+
If you prefer to specify a java.util.Map that
+ contains all of the request parameters to be added to the
+ hyperlink, use one of the following techniques:
+
+
Specify only the name attribute -
+ The named JSP bean (optionally scoped by the value of
+ the scope attribute) must identify a
+ java.util.Map containing the parameters.
+
Specify both name and
+ property attributes - The specified
+ property getter method will be called on the bean
+ identified by the name (and optional
+ scope) attributes, in order to return the
+ java.util.Map containing the parameters.
+
+
+
As the Map is processed, the keys are assumed
+ to be the names of query parameters to be appended to the
+ hyperlink. The value associated with each key must be either
+ a String or a String array representing the parameter value(s).
+ If a String array is specified, more than one value for the
+ same query parameter name will be created.
+ ]]>
+
+
+ action
+ false
+ true
+
+ Logical name of a global Action that
+ contains the actual content-relative URI of the destination
+ of this transfer. This hyperlink may be dynamically
+ modified by the inclusion of query parameters, as described
+ in the tag description. You must specify
+ exactly one of the action attribute, the
+ forward attribute, the
+ href attribute,
+ or the page attribute.
+ ]]>
+
+
+
+ anchor
+ false
+ true
+
+ Optional anchor tag ("#xxx") to be added to the generated
+ hyperlink. Specify this value without any
+ "#" character.
+ ]]>
+
+
+
+ forward
+ false
+ true
+
+ Logical name of a global ActionForward that
+ contains the actual content-relative URI of the destination
+ of this redirect. This URI may be dynamically
+ modified by the inclusion of query parameters, as described
+ in the tag description. You must specify
+ exactly one of the forward attribute, the
+ href attribute, the linkName
+ attribute, or the page attribute.
+ ]]>
+
+
+
+ href
+ false
+ true
+
+ The URL to which this redirect will transfer control.
+ This URL may be dynamically modified
+ by the inclusion of query parameters, as described in the
+ tag description. You must specify
+ exactly one of the forward attribute, the
+ href attribute, the linkName
+ attribute, or the page attribute.
+ ]]>
+
+
+
+ name
+ false
+ true
+
+ The name of a JSP bean that contains a Map
+ representing the query parameters (if property
+ is not specified), or a JSP bean whose property getter is
+ called to return a Map (if property
+ is specified).
+ ]]>
+
+
+
+ page
+ false
+ true
+
+ The context-relative path (beginning with a "/"
+ character) to which this hyperlink will transfer control
+ if activated. This hyperlink may be dynamically modified
+ by the inclusion of query parameters, as described in the
+ tag description. You must specify exactly
+ one of the forward attribute, the
+ href attribute, the linkName
+ attribute, or the page attribute.
+ ]]>
+
+
+
+ paramId
+ false
+ true
+
+ The name of the request parameter that will be dynamically
+ added to the generated hyperlink. The corresponding value is
+ defined by the paramName and (optional)
+ paramProperty attributes, optionally scoped by
+ the paramScope attribute
+ ]]>
+
+
+
+ paramName
+ false
+ true
+
+ The name of a JSP bean that is a String containing the
+ value for the request parameter named by paramId
+ (if paramProperty is not specified), or a JSP
+ bean whose property getter is called to return a String
+ (if paramProperty is specified). The JSP bean
+ is constrained to the bean scope specified by the
+ paramScope property, if it is specified.
+ ]]>
+
+
+
+ paramProperty
+ false
+ true
+
+ The name of a property of the bean specified by the
+ paramName attribute, whose return value must
+ be a String containing the value of the request parameter
+ (named by the paramId attribute) that will be
+ dynamically added to this hyperlink.
+ ]]>
+
+
+
+ paramScope
+ false
+ true
+
+ The scope within which to search for the bean specified
+ by the paramName attribute. If not specified,
+ all scopes are searched.
+ ]]>
+
+
+
+ property
+ false
+ true
+
+ The name of a property of the bean specified by the
+ name attribute, whose return value must be
+ a java.util.Map containing the query parameters
+ to be added to the hyperlink. You must
+ specify the name attribute if you specify
+ this attribute.
+ ]]>
+
+
+
+ scope
+ false
+ true
+
+ The scope within which to search for the bean specified
+ by the name attribute. If not specified, all
+ scopes are searched.
+ ]]>
+
+
+
+ transaction
+ false
+ true
+ boolean
+
+ Set to true if you want the current
+ transaction control token included in the generated
+ URL for this redirect.
+ ]]>
+
+
+
+ useLocalEncoding
+ false
+ true
+ boolean
+
+ If set to true, LocalCharacterEncoding will be
+ used, that is, the characterEncoding set to the HttpServletResponse,
+ as prefered character encoding rather than UTF-8, when
+ URLEncoding is done on parameters of the URL.
+ ]]>
+
+
+
+
+
+
+
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..c938b16
--- /dev/null
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,55 @@
+
+
+
+
+
+
+
+ WAYF
+ Shibboleth WAYF Service
+ edu.internet2.middleware.shibboleth.wayf.WayfService
+
+ WAYFConfigFileLocation
+ $DS_HOME$/conf/wayfconfig.xml
+
+
+ WAYFLogConfig
+ $DS_HOME$/conf/logging.xml
+
+
+ WAYFLogConfigPollFrequency
+ 300000
+
+
+
+
+
+
+ WAYF
+ /WAYF
+
+
+
+ WAYF
+ *.wayf
+
+
+
+ WAYF
+ /DS
+
+
+
+ WAYF
+ *.ds
+
+
+
+ css
+ text/css
+
+
diff --git a/src/main/webapp/images/incommon.gif b/src/main/webapp/images/incommon.gif
new file mode 100644
index 0000000..01949cf
Binary files /dev/null and b/src/main/webapp/images/incommon.gif differ
diff --git a/src/main/webapp/images/internet2.gif b/src/main/webapp/images/internet2.gif
new file mode 100644
index 0000000..74ecbcb
Binary files /dev/null and b/src/main/webapp/images/internet2.gif differ
diff --git a/src/main/webapp/images/logo.jpg b/src/main/webapp/images/logo.jpg
new file mode 100644
index 0000000..c021e7f
Binary files /dev/null and b/src/main/webapp/images/logo.jpg differ
diff --git a/src/main/webapp/index.htm b/src/main/webapp/index.htm
new file mode 100644
index 0000000..8825d6d
--- /dev/null
+++ b/src/main/webapp/index.htm
@@ -0,0 +1,5 @@
+
+
+
+
+
diff --git a/src/main/webapp/wayf.css b/src/main/webapp/wayf.css
new file mode 100644
index 0000000..4056aa3
--- /dev/null
+++ b/src/main/webapp/wayf.css
@@ -0,0 +1,104 @@
+body {
+ background-color: #CCCCCC;
+ text-align: center;
+ color: #000000;
+ text-align: left;
+}
+
+p {
+ font-size: 90%;
+}
+
+li {
+ font-size: 100%;
+ list-style-type: none;
+}
+
+h1 {
+ font-size: 135%;
+ font-weight: bold;
+ color: #FFFFFF;
+}
+
+h2 {
+ font-size: 100%;
+ font-weight: bold;
+}
+
+h3 {
+ font-size: 100%;
+ font-weight: normal;
+}
+
+span.option {
+ font-size: 100%;
+ font-weight: bold;
+}
+
+.error {
+ font-size: 100%;
+ color: #990000;
+}
+
+.head {
+ max-width: 600px;
+ border-left-width: 2px;
+ border-right-width: 2px;
+ border-top-width: 2px;
+ border-bottom-width: 2px;
+ border-color: #000000;
+ border-style: solid;
+ background-color: #6688aa;
+ margin-top: 1em;
+ margin-bottom: 0;
+ margin-left: 1em;
+ margin-right: 1em;
+ padding-left: .75em;
+ padding-right: .75em;
+ padding-top: .5em;
+ padding-bottom: .5em;
+}
+
+.selector {
+ max-width: 600px;
+ border-left-width: 2px;
+ border-right-width: 2px;
+ border-top-width: 0;
+ border-bottom-width: 0;
+ border-color: #000000;
+ border-style: solid;
+ background-color: #FFFFFF;
+ margin-top: 0;
+ margin-bottom: 0;
+ margin-left: 1em;
+ margin-right: 1em;
+ padding: .75em;
+}
+
+.footer {
+ max-width: 600px;
+ border-left-width: 2px;
+ border-right-width: 2px;
+ border-top-width: 2px;
+ border-bottom-width: 2px;
+ border-color: #000000;
+ border-style: solid;
+ background-color: #FFFFFF;
+ margin-top: 0;
+ margin-bottom: 1em;
+ margin-left: 1em;
+ margin-right: 1em;
+ padding-left: .75em;
+ padding-right: .75em;
+ padding-top: .5em;
+ padding-bottom: .5em;
+}
+
+span.warning {
+ font-size: 80%;
+}
+
+.logo {
+ text-align: center;
+ margin-top: 1.5em;
+}
diff --git a/src/main/webapp/wayf.jsp b/src/main/webapp/wayf.jsp
new file mode 100644
index 0000000..74ba11d
--- /dev/null
+++ b/src/main/webapp/wayf.jsp
@@ -0,0 +1,547 @@
+
+
+<%@ page contentType="text/html;charset=UTF-8" %>
+
+
+<%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+<%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+
+<%request.setCharacterEncoding("UTF-8");%>
+<%response.setCharacterEncoding("UTF-8");%>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Identity Provider Selection
+
+
+
+
+
+
+Select an identity provider
+
+
+
+
+
+
+
+
+
+The Service you are trying to reach requires that you
+authenticate with your home institution, please select it from the
+list below.
+
+