/** * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved * * The contents of this file are subject to the terms * of the Common Development and Distribution License * (the License). You may not use this file except in * compliance with the License. * * You can obtain a copy of the License at * https://opensso.dev.java.net/public/CDDLv1.0.html or * opensso/legal/CDDLv1.0.txt * See the License for the specific language governing * permission and limitations under the License. * * When distributing Covered Code, include this CDDL * Header Notice in each file and include the License file * at opensso/legal/CDDLv1.0.txt. * If applicable, add the following below the CDDL Header, * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" * * $Id: CreateIDFFMetaDataTemplate.java,v 1.9 2008/11/18 22:38:19 asyhuang Exp $ * */ package com.sun.identity.workflow; import com.sun.identity.cot.COTConstants; import com.sun.identity.federation.common.IFSConstants; import com.sun.identity.federation.meta.IDFFMetaException; import com.sun.identity.federation.meta.IDFFMetaSecurityUtils; import com.sun.identity.federation.meta.IDFFMetaUtils; import com.sun.identity.saml2.meta.SAML2MetaManager; import com.sun.identity.shared.Constants; import com.sun.identity.shared.configuration.SystemPropertiesManager; import java.util.Iterator; import java.util.List; import java.util.Map; /** * Create IDFF Meta Template. */ public class CreateIDFFMetaDataTemplate { private CreateIDFFMetaDataTemplate() { } public static String createStandardMetaTemplate( String entityId, Map mapParams, String url ) throws IDFFMetaException { if (url == null) { String protocol = SystemPropertiesManager.get( Constants.AM_SERVER_PROTOCOL); String host = SystemPropertiesManager.get(Constants.AM_SERVER_HOST); String port = SystemPropertiesManager.get(Constants.AM_SERVER_PORT); String deploymentURI = SystemPropertiesManager.get( Constants.AM_SERVICES_DEPLOYMENT_DESCRIPTOR); url = protocol + "://" + host + ":" + port + deploymentURI; } StringBuffer buff = new StringBuffer(); buff.append("\n"); String idpAlias = (String)mapParams.get(MetaTemplateParameters.P_IDP); if (idpAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(idpAlias); addIDFFIdentityProviderTemplate(buff, mapParams, url); } String spAlias = (String)mapParams.get(MetaTemplateParameters.P_SP); if (spAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(spAlias); addIDFFServiceProviderTemplate(buff, mapParams, url); } String affiAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFILIATION); if (affiAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(affiAlias); addAffiliationTemplate(buff, entityId, affiAlias, url, mapParams); } buff.append("\n"); return buff.toString(); } private static void addIDFFIdentityProviderTemplate( StringBuffer buff, Map mapParams, String url ) throws IDFFMetaException { String idpAlias = (String)mapParams.get(MetaTemplateParameters.P_IDP); String idpSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_IDP_S_CERT); String idpECertAlias = (String)mapParams.get( MetaTemplateParameters.P_IDP_E_CERT); String maStr = buildMetaAliasInURI(idpAlias); buff.append(" \n"); String idpSX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( idpSCertAlias); if (idpSX509Cert != null) { buff.append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(idpSX509Cert) .append(" \n") .append(" \n") .append(" \n") .append( " \n"); } String idpEX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( idpECertAlias); if (idpEX509Cert != null) { buff.append(" \n") .append(" http://www.w3.org/2001/04/xmlenc#aes128-cbc\n") .append(" 128\n") .append(" \n") .append(" \n") .append(" \n") .append(idpEX509Cert) .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } buff.append(" ") .append(url) .append("/SOAPReceiver") .append(maStr) .append("\n") .append(" ") .append(url) .append("/ProcessLogout") .append(maStr) .append("\n") .append(" ") .append(url) .append("/ReturnLogout") .append(maStr) .append("\n") .append(" ") .append(url) .append("/ProcessTermination") .append(maStr) .append("\n") .append(" ") .append(url) .append("/ReturnTermination") .append(maStr) .append("\n") .append(" http://projectliberty.org/profiles/fedterm-sp-http\n") .append(" http://projectliberty.org/profiles/fedterm-sp-soap\n") .append(" http://projectliberty.org/profiles/slo-sp-http\n") .append(" http://projectliberty.org/profiles/slo-sp-soap\n") .append(" http://projectliberty.org/profiles/rni-sp-http\n") .append(" http://projectliberty.org/profiles/rni-sp-soap\n") .append(" ") .append(url) .append("/ProcessRegistration") .append(maStr) .append("\n") .append(" ") .append(url) .append("/ReturnRegistration") .append(maStr) .append("\n") .append(" ") .append(url) .append("/SingleSignOnService") .append(maStr) .append("\n") .append(" http://projectliberty.org/profiles/brws-art\n") .append(" http://projectliberty.org/profiles/brws-post\n") .append(" http://projectliberty.org/profiles/lecp\n") .append(" \n"); } private static void addIDFFServiceProviderTemplate( StringBuffer buff, Map mapParams, String url ) throws IDFFMetaException { String spAlias = (String)mapParams.get(MetaTemplateParameters.P_SP); String spSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_SP_S_CERT); String spECertAlias = (String)mapParams.get( MetaTemplateParameters.P_SP_E_CERT); String maStr = buildMetaAliasInURI(spAlias); buff.append(" \n"); String spSX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( spSCertAlias); if (spSX509Cert != null) { buff.append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(spSX509Cert ) .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } String spEX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( spECertAlias); if (spEX509Cert != null) { buff.append(" \n") .append(" http://www.w3.org/2001/04/xmlenc#aes128-cbc\n") .append(" 128\n") .append(" \n") .append(" \n") .append(" \n") .append(spEX509Cert ) .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } buff.append(" ") .append(url ) .append("/SOAPReceiver") .append(maStr ) .append("\n") .append(" ") .append(url ) .append("/ProcessLogout") .append(maStr) .append("\n") .append(" ") .append(url ) .append("/ReturnLogout") .append(maStr) .append("\n") .append(" ") .append(url ) .append("/ProcessTermination") .append(maStr) .append("\n") .append(" ") .append(url ) .append("/ReturnTermination") .append(maStr) .append("\n") .append(" http://projectliberty.org/profiles/fedterm-idp-http\n") .append(" http://projectliberty.org/profiles/fedterm-idp-soap\n") .append(" http://projectliberty.org/profiles/slo-idp-http\n") .append(" http://projectliberty.org/profiles/slo-idp-soap\n") .append(" http://projectliberty.org/profiles/rni-idp-http\n") .append(" http://projectliberty.org/profiles/rni-idp-soap\n") .append(" ") .append(url) .append("/ProcessRegistration") .append(maStr) .append("\n") .append(" ") .append(url ) .append("/ReturnRegistration") .append(maStr) .append("\n") .append(" ") .append(url) .append("/AssertionConsumerService") .append(maStr) .append("\n") .append(" false\n") .append(" \n"); } public static String createExtendedMetaTemplate( String entityId, Map mapParams ) { StringBuffer buff = new StringBuffer(); buff.append("\n\n"); String idpAlias = (String)mapParams.get(MetaTemplateParameters.P_IDP); if (idpAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(idpAlias); buildIDFFIDPConfigTemplate(mapParams, buff); } String spAlias = (String)mapParams.get(MetaTemplateParameters.P_SP); if (spAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(spAlias); buildIDFFSPConfigTemplate(mapParams, buff); } String affiAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFILIATION); if (affiAlias != null) { String realm = IDFFMetaUtils.getRealmByMetaAlias(affiAlias); buildAffiliationConfigTemplate(buff, affiAlias, mapParams); } buff.append("\n"); return buff.toString(); } private static void buildIDFFIDPConfigTemplate( Map mapParams, StringBuffer buff ) { String idpAlias = (String)mapParams.get(MetaTemplateParameters.P_IDP); String idpSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_IDP_S_CERT); String idpECertAlias = (String)mapParams.get( MetaTemplateParameters.P_IDP_E_CERT); if (idpSCertAlias == null) { idpSCertAlias = ""; } if (idpECertAlias == null) { idpECertAlias = ""; } buff.append(" \n") .append(" \n") .append(" active\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" ") .append(idpSCertAlias) .append("\n") .append(" \n") .append(" \n") .append(" ") .append(idpECertAlias) .append("\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" true\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" com.sun.identity.federation.accountmgmt.DefaultFSUserProvider\n") .append(" \n") .append(" \n") .append(" com.sun.identity.federation.services.util.FSNameIdentifierImpl\n") .append(" \n") .append(" \n") .append(" local\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" 60\n") .append(" \n") .append(" \n") .append(" 180\n") .append(" \n") .append(" \n") .append(" 120\n") .append(" \n") .append(" \n") .append(" 0\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" ") .append(IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD) .append("\n") .append(" \n") .append(" \n") .append(" context=") .append(IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD) .append("|key=module|value=DataStore|level=0\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } private static void buildIDFFSPConfigTemplate( Map mapParams, StringBuffer buff ) { String spAlias = (String)mapParams.get(MetaTemplateParameters.P_SP); String spSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_SP_S_CERT); String spECertAlias = (String)mapParams.get( MetaTemplateParameters.P_SP_E_CERT); if (spSCertAlias == null) { spSCertAlias = ""; } if (spECertAlias == null) { spECertAlias = ""; } buff.append(" \n") .append(" \n") .append(" active\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" ") .append(spSCertAlias) .append("\n") .append(" \n") .append(" \n") .append(" ") .append(spECertAlias) .append("\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" -1\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" http://projectliberty.org/profiles/brws-art\n") .append(" http://projectliberty.org/profiles/brws-post\n") .append(" http://projectliberty.org/profiles/wml-post\n") .append(" http://projectliberty.org/profiles/lecp\n") .append(" \n") .append(" \n") .append(" federated\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" com.sun.identity.federation.accountmgmt.DefaultFSUserProvider\n") .append(" \n") .append(" \n") .append(" com.sun.identity.federation.services.util.FSNameIdentifierImpl\n") .append(" \n") .append(" \n") .append(" remote\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" ") .append(IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD) .append("\n") .append(" \n") .append(" \n") .append(" context=") .append(IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD) .append("|level=0\n") .append(" \n") .append(" \n") .append(" false\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" com.sun.identity.federation.plugins.FSDefaultSPAdapter\n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } private static String buildMetaAliasInURI(String alias) { return "/" + SAML2MetaManager.NAME_META_ALIAS_IN_URI + alias; } private static void addAffiliationTemplate( StringBuffer buff, String entityID, String affiAlias, String url, Map mapParams ) throws IDFFMetaException { String maStr = buildMetaAliasInURI(affiAlias); String affiOwnerID = (String)mapParams.get( MetaTemplateParameters.P_AFFI_OWNERID); buff.append(" \n"); List affiMembers = (List)mapParams.get( MetaTemplateParameters.P_AFFI_MEMBERS); for(Iterator iter = affiMembers.iterator(); iter.hasNext(); ) { String affiMember = (String)iter.next(); buff.append( " " + affiMember + "\n"); } String affiSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFI_S_CERT); String affiSX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( affiSCertAlias); if (affiSX509Cert != null) { buff.append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(affiSX509Cert) .append(" \n") .append(" \n") .append(" \n") .append( " \n"); } String affiECertAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFI_E_CERT); String affiEX509Cert = IDFFMetaSecurityUtils.buildX509Certificate( affiECertAlias); if (affiEX509Cert != null) { buff.append(" \n") .append(" http://www.w3.org/2001/04/xmlenc#aes128-cbc\n") .append(" 128\n") .append(" \n") .append(" \n") .append(" \n") .append(affiEX509Cert) .append(" \n") .append(" \n") .append(" \n") .append(" \n"); } buff.append(" \n"); } private static void buildAffiliationConfigTemplate( StringBuffer buff, String affiAlias, Map mapParams ) { String affiECertAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFI_E_CERT); String affiSCertAlias = (String)mapParams.get( MetaTemplateParameters.P_AFFI_S_CERT); if (affiECertAlias == null) { affiECertAlias = ""; } if (affiSCertAlias == null) { affiSCertAlias = ""; } buff.append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" \n") .append(" ") .append(affiSCertAlias) .append("\n") .append(" \n") .append(" \n") .append(" ") .append(affiECertAlias) .append("\n") .append(" \n") .append(" \n"); } }