From ca19e1aeccc299295d581aab6e9f409f85c248c2 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 29 Jun 2010 23:47:21 +0200 Subject: import 1.1. --- .../shibboleth/wayf/plugins/package-frame.html | 2 +- .../shibboleth/wayf/plugins/package-summary.html | 2 +- .../wayf/plugins/provider/BindingFilter.html | 284 ++++++++++--------- .../wayf/plugins/provider/ListFilter.html | 301 ++++++++++----------- .../wayf/plugins/provider/package-frame.html | 2 +- .../wayf/plugins/provider/package-summary.html | 2 +- 6 files changed, 295 insertions(+), 298 deletions(-) (limited to 'doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins') diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html index 856f7b5..f1f59a9 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-frame.html @@ -3,7 +3,7 @@ - Shibboleth Discovery Service 1.1.0 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins + Shibboleth Discovery Service 1.1.1 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html index 2c26dfd..09d4e41 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/package-summary.html @@ -3,7 +3,7 @@ - Shibboleth Discovery Service 1.1.0 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins + Shibboleth Discovery Service 1.1.1 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html index 9a234f3..8b1fa09 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/BindingFilter.html @@ -36,154 +36,152 @@ 26 import org.opensaml.saml2.metadata.SPSSODescriptor; 27 import org.opensaml.saml2.metadata.provider.FilterException; 28 import org.opensaml.saml2.metadata.provider.MetadataFilter; -29 import org.opensaml.xml.XMLObject; -30 import org.slf4j.Logger; -31 import org.slf4j.LoggerFactory; -32 -33 import edu.internet2.middleware.shibboleth.wayf.DiscoveryResponseImpl; -34 import edu.internet2.middleware.shibboleth.wayf.HandlerConfig; -35 -36 /** -37 * See SDSJ-48. If we get a DS endpoint then we need to check that the binding is provided -38 * and that it is correct. -39 * -40 * @author Rod Widdowson -41 * -42 */ -43 public class BindingFilter implements MetadataFilter { -44 -45 /** -46 * Log for the warning. -47 */ -48 private static final Logger LOG = LoggerFactory.getLogger(BindingFilter.class.getName()); -49 -50 /** -51 * Set if we just want to warn on failure. -52 */ -53 private final boolean warnOnFailure; -54 -55 /** -56 * Only the protected constructor should be visible. -57 */ -58 private BindingFilter() { -59 this.warnOnFailure = false; -60 } -61 -62 /** -63 * Initialize the filter. -64 * @param warn do we warn or do we fail if we see badness? -65 */ -66 public BindingFilter(boolean warn) { -67 this.warnOnFailure = warn; -68 } -69 -70 /** -71 * Apply the filter. -72 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) -73 * @param metadata what to filter. -74 * @throws FilterException if it sees any missed or bad bindings. -75 */ -76 public void doFilter(XMLObject metadata) throws FilterException { -77 -78 if (metadata instanceof EntitiesDescriptor) { +29 import org.opensaml.samlext.idpdisco.DiscoveryResponse; +30 import org.opensaml.xml.XMLObject; +31 import org.slf4j.Logger; +32 import org.slf4j.LoggerFactory; +33 +34 /** +35 * See SDSJ-48. If we get a DS endpoint then we need to check that the binding is provided +36 * and that it is correct. +37 * +38 * @author Rod Widdowson +39 * +40 */ +41 public class BindingFilter implements MetadataFilter { +42 +43 /** +44 * Log for the warning. +45 */ +46 private static final Logger LOG = LoggerFactory.getLogger(BindingFilter.class.getName()); +47 +48 /** +49 * Set if we just want to warn on failure. +50 */ +51 private final boolean warnOnFailure; +52 +53 /** +54 * Only the protected constructor should be visible. +55 */ +56 private BindingFilter() { +57 this.warnOnFailure = false; +58 } +59 +60 /** +61 * Initialize the filter. +62 * @param warn do we warn or do we fail if we see badness? +63 */ +64 public BindingFilter(boolean warn) { +65 this.warnOnFailure = warn; +66 } +67 +68 /** +69 * Apply the filter. +70 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) +71 * @param metadata what to filter. +72 * @throws FilterException if it sees any missed or bad bindings. +73 */ +74 public void doFilter(XMLObject metadata) throws FilterException { +75 +76 if (metadata instanceof EntitiesDescriptor) { +77 +78 checkEntities((EntitiesDescriptor) metadata); 79 -80 checkEntities((EntitiesDescriptor) metadata); -81 -82 } else if (metadata instanceof EntityDescriptor) { -83 EntityDescriptor entity = (EntityDescriptor) metadata; -84 -85 if (!checkEntity(entity)) { -86 if (warnOnFailure) { -87 LOG.warn("Badly formatted binding for " + entity.getEntityID()); -88 } else { -89 LOG.error("Badly formatted binding for top level entity " + entity.getEntityID()); -90 } -91 } -92 } -93 } -94 -95 /** -96 * If the entity has an SP characteristic, and it has a DS endpoint -97 * then check its binding. -98 * -99 * @param entity what to check. -100 * @return true if all is OK. -101 */ -102 private static boolean checkEntity(EntityDescriptor entity) { -103 List<RoleDescriptor> roles = entity.getRoleDescriptors(); -104 -105 for (RoleDescriptor role:roles) { -106 +80 } else if (metadata instanceof EntityDescriptor) { +81 EntityDescriptor entity = (EntityDescriptor) metadata; +82 +83 if (!checkEntity(entity)) { +84 if (warnOnFailure) { +85 LOG.warn("Badly formatted binding for " + entity.getEntityID()); +86 } else { +87 LOG.error("Badly formatted binding for top level entity " + entity.getEntityID()); +88 } +89 } +90 } +91 } +92 +93 /** +94 * If the entity has an SP characteristic, and it has a DS endpoint +95 * then check its binding. +96 * +97 * @param entity what to check. +98 * @return true if all is OK. +99 */ +100 private static boolean checkEntity(EntityDescriptor entity) { +101 List<RoleDescriptor> roles = entity.getRoleDescriptors(); +102 +103 for (RoleDescriptor role:roles) { +104 +105 // +106 // Check every role 107 // -108 // Check every role -109 // -110 if (role instanceof SPSSODescriptor) { -111 +108 if (role instanceof SPSSODescriptor) { +109 +110 // +111 // Grab hold of all the extensions for SPSSO descriptors 112 // -113 // Grab hold of all the extensions for SPSSO descriptors -114 // -115 -116 Extensions exts = role.getExtensions(); -117 if (exts != null) { +113 +114 Extensions exts = role.getExtensions(); +115 if (exts != null) { +116 // +117 // We have some children check them form <DiscoveryResponse> 118 // -119 // We have some children check them form <DiscoveryResponse> -120 // -121 List<XMLObject> children = exts.getOrderedChildren(); -122 -123 for (XMLObject obj : children) { -124 if (obj instanceof DiscoveryResponseImpl) { +119 List<XMLObject> children = exts.getOrderedChildren(); +120 +121 for (XMLObject obj : children) { +122 if (obj instanceof DiscoveryResponse) { +123 // +124 // And check or the binding 125 // -126 // And check or the binding -127 // -128 DiscoveryResponseImpl ds = (DiscoveryResponseImpl) obj; -129 String binding = ds.getBinding(); -130 -131 if (!DiscoveryResponseImpl.METADATA_NS.equals(binding)) { -132 return false; -133 } -134 } -135 } -136 } -137 } -138 } -139 return true; -140 } -141 -142 /** -143 * Check an EntitiesDescriptor call checkentities for the Entities and ourselves -144 * recursively for the EntitesDescriptors. -145 * -146 * @param entities what to check. -147 */ -148 private void checkEntities(EntitiesDescriptor entities) { -149 List<EntitiesDescriptor> childEntities = entities.getEntitiesDescriptors(); -150 List<EntityDescriptor> children = entities.getEntityDescriptors(); -151 -152 if (children != null) { -153 Iterator<EntityDescriptor> itr; -154 EntityDescriptor entity; -155 itr = children.iterator(); -156 -157 while (itr.hasNext()) { -158 entity = itr.next(); -159 if (!checkEntity(entity)) { -160 if (warnOnFailure) { -161 LOG.warn("Badly formatted binding for " + entity.getEntityID()); -162 } else { -163 LOG.error("Badly formatted binding for " + entity.getEntityID() + ". Entity has been removed"); -164 itr.remove(); -165 } -166 } -167 } -168 } -169 -170 if (childEntities != null) { -171 for (EntitiesDescriptor descriptor : childEntities) { -172 checkEntities(descriptor); -173 } -174 } -175 } -176 } +126 DiscoveryResponse ds = (DiscoveryResponse) obj; +127 String binding = ds.getBinding(); +128 +129 if (!DiscoveryResponse.IDP_DISCO_NS.equals(binding)) { +130 return false; +131 } +132 } +133 } +134 } +135 } +136 } +137 return true; +138 } +139 +140 /** +141 * Check an EntitiesDescriptor call checkentities for the Entities and ourselves +142 * recursively for the EntitesDescriptors. +143 * +144 * @param entities what to check. +145 */ +146 private void checkEntities(EntitiesDescriptor entities) { +147 List<EntitiesDescriptor> childEntities = entities.getEntitiesDescriptors(); +148 List<EntityDescriptor> children = entities.getEntityDescriptors(); +149 +150 if (children != null) { +151 Iterator<EntityDescriptor> itr; +152 EntityDescriptor entity; +153 itr = children.iterator(); +154 +155 while (itr.hasNext()) { +156 entity = itr.next(); +157 if (!checkEntity(entity)) { +158 if (warnOnFailure) { +159 LOG.warn("Badly formatted binding for " + entity.getEntityID()); +160 } else { +161 LOG.error("Badly formatted binding for " + entity.getEntityID() + ". Entity has been removed"); +162 itr.remove(); +163 } +164 } +165 } +166 } +167 +168 if (childEntities != null) { +169 for (EntitiesDescriptor descriptor : childEntities) { +170 checkEntities(descriptor); +171 } +172 } +173 } +174 }
diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html index 270ec3e..d0b7acc 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/ListFilter.html @@ -41,157 +41,156 @@ 31 import org.w3c.dom.Element; 32 import org.w3c.dom.NodeList; 33 -34 import edu.internet2.middleware.shibboleth.wayf.HandlerConfig; -35 import edu.internet2.middleware.shibboleth.wayf.XMLConstants; -36 -37 /** -38 * See SDSJ-57. Explicit -39 * -40 * @author Rod Widdowson -41 * -42 */ -43 public class ListFilter implements MetadataFilter { -44 -45 /** -46 * Log for any messages. -47 */ -48 private static final Logger LOG = LoggerFactory.getLogger(ListFilter.class.getName()); -49 -50 /** -51 * Set if this is a blacklist. -52 */ -53 private boolean excludeEntries; -54 -55 /** -56 * The list of entities. -57 */ -58 private final Set<String> filterEntities; -59 -60 /** -61 * The name of the filter (needed for debug). -62 */ -63 private final String filterName; -64 -65 /** -66 * Only the protected constructor should be visible. -67 */ -68 private ListFilter() { -69 this.excludeEntries = false; -70 this.filterEntities = new HashSet<String>(0); -71 this.filterName = "anonymous"; -72 } -73 -74 /** -75 * Initialize the filter. -76 * @param config the configuration -77 * -78 * The configuration looks liken this -79 * <code> <Filter identifier="WhiteList" -80 * type ="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter" -81 * excludeEntries = "true" > -82 * <EntityId>foo</EntityId> -83 * [...] -84 * </Filter> -85 * </code> -86 */ -87 public ListFilter(Element config) { -88 String excludeEntriesValue; -89 this.filterEntities = new HashSet<String>(10); -90 this.filterName = config.getAttribute("identifier"); -91 excludeEntriesValue = config.getAttribute("excludeEntries"); -92 -93 if (null == excludeEntriesValue || 0 == excludeEntriesValue.length()) { -94 this.excludeEntries = true; -95 } else { -96 this.excludeEntries = Boolean.getBoolean(excludeEntriesValue); -97 } -98 -99 NodeList itemElements = config.getElementsByTagNameNS(XMLConstants.CONFIG_NS, "EntityId"); -100 -101 if (excludeEntries) { -102 LOG.debug("Populating blacklist " + filterName); -103 } else { -104 LOG.debug("Populating whitelist " + filterName); -105 } -106 -107 for (int i = 0; i < itemElements.getLength(); i++) { -108 Element element = (Element) itemElements.item(i); -109 String entityId = element.getTextContent(); -110 -111 LOG.debug("\t" + entityId); -112 this.filterEntities.add(entityId); -113 } -114 } -115 -116 /** -117 * Apply the filter. -118 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) -119 * @param metadata what to filter. -120 * @throws FilterException if it sees any missed or bad bindings. -121 */ -122 public void doFilter(XMLObject metadata) throws FilterException { -123 -124 if (metadata instanceof EntitiesDescriptor) { -125 filterEntities((EntitiesDescriptor)metadata); -126 } else if (metadata instanceof EntityDescriptor) { -127 EntityDescriptor entity = (EntityDescriptor) metadata; -128 String entityName = entity.getEntityID(); -129 -130 if (excludeEntries) { -131 if (filterEntities.contains(entityName)) { -132 LOG.error("Metadata provider contains a single <EntityDescriptor> (" + entityName + -133 ") which is in exclude list"); -134 } -135 } else if (!filterEntities.contains(entity.getEntityID())) { -136 LOG.error("Metadata provider contains a single <EntityDescriptor> (" + entityName + -137 ") which is not on include list"); -138 } -139 } -140 } -141 -142 /** -143 * Filter an EntitiesDescriptor . We do this explictly for the Entities and call ourselves -144 * recursively for the EntitesDescriptors. -145 * -146 * @param entities what to check. -147 */ -148 private void filterEntities(EntitiesDescriptor entities) { -149 String entitiesName = entities.getName(); -150 List<EntitiesDescriptor> childEntities = entities.getEntitiesDescriptors(); -151 List<EntityDescriptor> children = entities.getEntityDescriptors(); -152 -153 // -154 // Go through and apply the filter -155 // -156 -157 if (children != null) { -158 Iterator<EntityDescriptor> itr; -159 EntityDescriptor entity; -160 itr = children.iterator(); -161 -162 while (itr.hasNext()) { -163 entity = itr.next(); -164 String entityName = entity.getEntityID(); -165 if (excludeEntries) { -166 -167 if (filterEntities.contains(entityName)) { -168 LOG.debug("Filter " + filterName + ": Removing blacklisted " + entityName + " from " + entitiesName); -169 itr.remove(); -170 } -171 } else if (!filterEntities.contains(entityName)) { -172 LOG.debug("Filter " + filterName + ": Removing non-whitelisted " + entityName + " from " + entitiesName); -173 itr.remove(); -174 } -175 } -176 } -177 -178 if (childEntities != null) { -179 for (EntitiesDescriptor descriptor : childEntities) { -180 filterEntities(descriptor); -181 } -182 } -183 } -184 } +34 import edu.internet2.middleware.shibboleth.wayf.XMLConstants; +35 +36 /** +37 * See SDSJ-57. Explicit +38 * +39 * @author Rod Widdowson +40 * +41 */ +42 public class ListFilter implements MetadataFilter { +43 +44 /** +45 * Log for any messages. +46 */ +47 private static final Logger LOG = LoggerFactory.getLogger(ListFilter.class.getName()); +48 +49 /** +50 * Set if this is a blacklist. +51 */ +52 private boolean excludeEntries; +53 +54 /** +55 * The list of entities. +56 */ +57 private final Set<String> filterEntities; +58 +59 /** +60 * The name of the filter (needed for debug). +61 */ +62 private final String filterName; +63 +64 /** +65 * Only the protected constructor should be visible. +66 */ +67 private ListFilter() { +68 this.excludeEntries = false; +69 this.filterEntities = new HashSet<String>(0); +70 this.filterName = "anonymous"; +71 } +72 +73 /** +74 * Initialize the filter. +75 * @param config the configuration +76 * +77 * The configuration looks liken this +78 * <code> <Filter identifier="WhiteList" +79 * type ="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter" +80 * excludeEntries = "true" > +81 * <EntityId>foo</EntityId> +82 * [...] +83 * </Filter> +84 * </code> +85 */ +86 public ListFilter(Element config) { +87 String excludeEntriesValue; +88 this.filterEntities = new HashSet<String>(10); +89 this.filterName = config.getAttribute("identifier"); +90 excludeEntriesValue = config.getAttribute("excludeEntries"); +91 +92 if (null == excludeEntriesValue || 0 == excludeEntriesValue.length()) { +93 this.excludeEntries = true; +94 } else { +95 this.excludeEntries = Boolean.getBoolean(excludeEntriesValue); +96 } +97 +98 NodeList itemElements = config.getElementsByTagNameNS(XMLConstants.CONFIG_NS, "EntityId"); +99 +100 if (excludeEntries) { +101 LOG.debug("Populating blacklist " + filterName); +102 } else { +103 LOG.debug("Populating whitelist " + filterName); +104 } +105 +106 for (int i = 0; i < itemElements.getLength(); i++) { +107 Element element = (Element) itemElements.item(i); +108 String entityId = element.getTextContent(); +109 +110 LOG.debug("\t" + entityId); +111 this.filterEntities.add(entityId); +112 } +113 } +114 +115 /** +116 * Apply the filter. +117 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) +118 * @param metadata what to filter. +119 * @throws FilterException if it sees any missed or bad bindings. +120 */ +121 public void doFilter(XMLObject metadata) throws FilterException { +122 +123 if (metadata instanceof EntitiesDescriptor) { +124 filterEntities((EntitiesDescriptor)metadata); +125 } else if (metadata instanceof EntityDescriptor) { +126 EntityDescriptor entity = (EntityDescriptor) metadata; +127 String entityName = entity.getEntityID(); +128 +129 if (excludeEntries) { +130 if (filterEntities.contains(entityName)) { +131 LOG.error("Metadata provider contains a single <EntityDescriptor> (" + entityName + +132 ") which is in exclude list"); +133 } +134 } else if (!filterEntities.contains(entity.getEntityID())) { +135 LOG.error("Metadata provider contains a single <EntityDescriptor> (" + entityName + +136 ") which is not on include list"); +137 } +138 } +139 } +140 +141 /** +142 * Filter an EntitiesDescriptor . We do this explictly for the Entities and call ourselves +143 * recursively for the EntitesDescriptors. +144 * +145 * @param entities what to check. +146 */ +147 private void filterEntities(EntitiesDescriptor entities) { +148 String entitiesName = entities.getName(); +149 List<EntitiesDescriptor> childEntities = entities.getEntitiesDescriptors(); +150 List<EntityDescriptor> children = entities.getEntityDescriptors(); +151 +152 // +153 // Go through and apply the filter +154 // +155 +156 if (children != null) { +157 Iterator<EntityDescriptor> itr; +158 EntityDescriptor entity; +159 itr = children.iterator(); +160 +161 while (itr.hasNext()) { +162 entity = itr.next(); +163 String entityName = entity.getEntityID(); +164 if (excludeEntries) { +165 +166 if (filterEntities.contains(entityName)) { +167 LOG.debug("Filter " + filterName + ": Removing blacklisted " + entityName + " from " + entitiesName); +168 itr.remove(); +169 } +170 } else if (!filterEntities.contains(entityName)) { +171 LOG.debug("Filter " + filterName + ": Removing non-whitelisted " + entityName + " from " + entitiesName); +172 itr.remove(); +173 } +174 } +175 } +176 +177 if (childEntities != null) { +178 for (EntitiesDescriptor descriptor : childEntities) { +179 filterEntities(descriptor); +180 } +181 } +182 } +183 }
diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html index 5eb51b5..b7af423 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-frame.html @@ -3,7 +3,7 @@ - Shibboleth Discovery Service 1.1.0 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins.provider + Shibboleth Discovery Service 1.1.1 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins.provider diff --git a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html index 2f91e22..206dc1d 100644 --- a/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html +++ b/doc/src-xref/edu/internet2/middleware/shibboleth/wayf/plugins/provider/package-summary.html @@ -3,7 +3,7 @@ - Shibboleth Discovery Service 1.1.0 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins.provider + Shibboleth Discovery Service 1.1.1 Reference Package edu.internet2.middleware.shibboleth.wayf.plugins.provider -- cgit v1.1