4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * The contents of this file are subject to the terms
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * of the Common Development and Distribution License
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * (the License). You may not use this file except in
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * compliance with the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * You can obtain a copy of the License at
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * See the License for the specific language governing
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * permission and limitations under the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * When distributing Covered Code, include this CDDL
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Header Notice in each file and include the License file
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * If applicable, add the following below the CDDL Header,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * with the fields enclosed by brackets [] replaced by
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * your own identifying information:
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * "Portions Copyrighted [year] [name of copyright owner]"
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * $Id: ConfigFedMonitoring.java,v 1.2 2009/10/29 00:03:51 exu Exp $
a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington * Portions Copyrighted 2011-2015 ForgeRock AS.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.cot.CircleOfTrustManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.federation.meta.IDFFMetaManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.federation.meta.IDFFMetaException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.monitoring.MonitoringUtil;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.monitoring.SSOServerRealmFedInfo;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.meta.SAML2MetaUtils;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.security.AdminTokenAction;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.sm.OrganizationConfigManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.sm.ServiceSchemaManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.wsfederation.meta.WSFederationMetaManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.wsfederation.meta.WSFederationMetaException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * This class gathers the configuration information for the
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * monitoring service, which is initially started in WebtopNaming.java
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Configuration information can be gathered after Session services
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * have started up.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String IDENTITY_PROVIDER = "IDP";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String SERVICE_PROVIDER = "SP";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String POLICY_DECISION_POINT_DESCRIPTOR = "PDP";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String POLICY_ENFORCEMENT_POINT_DESCRIPTOR = "PEP";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String SAML_ATTRAUTHORITY = "AttrAuthority";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String SAML_AUTHNAUTHORITY = "AuthnAuthority";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String SAML_ATTRQUERY = "AttrQuery";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static final String AFFILIATE = "Affiliate";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * this method is called by AMSetupServlet, when it's done
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * configuring the OpenAM server after deployment. it's also
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * called by the MonitoringConfiguration load-on-startup servlet
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * when the OpenAM server is restarted any time after being
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * configured. it completes the configuring of the monitoring
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * agent with the config information that requires an SSOToken
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * to retrieve. there is another part of the configuration supplied
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * to the agent by WebtopNaming.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.configureMonitoring: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.warning(classMethod + "monitoring is disabled");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "Could not get proper SSOToken", ssoe);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * get the SAML1.x trusted partners and sent to the Agent.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * these are global
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // now all the realms' federation configs
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private SSOToken getSSOToken() throws SSOException {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster return (SSOToken) AccessController.doPrivileged(
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getSAML1TPs: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // get SAML service attributes
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster new ServiceSchemaManager("iPlanetAMSAMLService", ssoToken);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = schemaTypes.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster ServiceSchema schema = svcSchMgr.getSchema(type);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator iu = asch.iterator(); iu.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster AttributeSchema as = (AttributeSchema)iu.next();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((i18n != null) && (i18n.trim().length() > 0)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // get the trusted partners
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster new StringBuffer(classMethod + "SAML1.x Trusted Partners:\n");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "iplanet-am-saml-partner-urls");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster cotsb.append(" has ").append(ovsize).append(" entries:\n");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator iu = orgValues.iterator(); iu.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster StringTokenizer st = new StringTokenizer(prtn, "|");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster StringTokenizer st2 = new StringTokenizer(prtn, "=");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // send SAML1.x trusted partners list, s1List, to the Agent
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "sso ex getting saml1.x: " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "sms ex getting saml1.x: " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * get the list of realms, starting from "startRealm", usu. "/".
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * return List with realms, with leading "/".
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private List getRealmsList(String startRealm) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getRealmsList: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster new OrganizationConfigManager(ssoToken, startRealm);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Set orgs = orgMgr.getSubOrganizationNames("*", true);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = orgs.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "SMSException getting OrgConfigMgr: " + e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster return (new ArrayList());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getAllRealms: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster boolean skipSAML2Entities = true; // until IDPs/SPs per realm instrum
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster StringBuffer sb = new StringBuffer(classMethod);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster sb.append("orgnames starting from ").append(startRealm).append(":\n");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster sb.append(" ").append(startRealm).append("\n");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster CircleOfTrustManager cotmgr = new CircleOfTrustManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster SAML2MetaManager saml2Mgr = new SAML2MetaManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster IDFFMetaManager idffmgr = new IDFFMetaManager(ssoToken);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = rList.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster s2Ents = getSAML2Entities(thisRealm, saml2Mgr);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Map idffentMap = getIDFFEntities(thisRealm, idffmgr);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * getCOTMembers(thisRealm, cot, cotmgr, cotsb)
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * can get the members of the COT, but there isn't
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * a (MIB) entry that right now.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Map membMap = getCOTMembers(thisRealm, cots, cotmgr);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "SAML2 ex: " + e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "COT ex: " + e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "IDFF ex: " + e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public List getWSFedRoles(String entity, String realm) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster boolean isSP = true;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster WSFederationMetaManager metaManager = new WSFederationMetaManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (metaManager.getIDPSSOConfig(realm,entity) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (metaManager.getSPSSOConfig(realm, entity) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster //to handle dual roles specifically for WSFED
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster metaManager.getEntityDescriptor(realm, entity);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator iter = fedElem.getAny().iterator();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (o instanceof UriNamedClaimTypesOfferedElement) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster } else if (o instanceof TokenIssuerEndpointElement) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.warning("ConfigFedMonitoring.getWSFedRoles", e);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster return (roles != null) ? roles : Collections.EMPTY_LIST;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * This is used to determine what 'roles' a particular entity is
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * acting as. It will producs a list of role names which can then
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * be used by the calling routine for whatever purpose it needs.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private List getSAMLv2Roles(String entity, String realm) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster SAML2MetaManager samlManager = new SAML2MetaManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster samlManager.getEntityDescriptor(realm, entity);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // find out what role this dude is playing
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getSPSSODescriptor(d) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getIDPSSODescriptor(d) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getPolicyDecisionPointDescriptor(d) != null)
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getPolicyEnforcementPointDescriptor(d) !=
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster roles.add(POLICY_ENFORCEMENT_POINT_DESCRIPTOR);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getAuthnAuthorityDescriptor(d) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (SAML2MetaUtils.getAttributeQueryDescriptor(d) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (samlManager.getAffiliationDescriptor(realm, entity) !=
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.warning("ConfigFedMonitoring.getSAMLv2Roles() - " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "Couldn't get SAMLMetaManager");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster return (roles != null) ? roles : Collections.EMPTY_LIST;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * This is used to determine what 'roles' a particular entity is
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * acting as. It will producs a list of role names which can then
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * be used by the calling routine for whatever purpose it needs.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private List getIDFFRoles(String entity, String realm) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster IDFFMetaManager idffManager = new IDFFMetaManager(ssoToken);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // find out what role this dude is playing
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (idffManager.getIDPDescriptor(realm, entity) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (idffManager.getSPDescriptor(realm, entity) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if(idffManager.getAffiliationDescriptor(realm, entity) != null) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.warning("ConfigFedMonitoring.getIDFFRoles() - " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "Couldn't get SAMLMetaManager");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * This is a convenience routine that can be used
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * to convert a List of String objects to a single String in the format of
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * "one; two; three"
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator i = roleNames.iterator(); i.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private String getLocalizedString(String key) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private Set getCOTs(String realm, CircleOfTrustManager cotmgr) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getCOTs: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "COTMgr error: " + e.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private Map getCOTMembers(String realm, Set cotNames,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getCOTMembers: ";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster StringBuffer sb = new StringBuffer(classMethod);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it1 = cotNames.iterator(); it1.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster sb.append(" cotName = ").append(cotName).append("\n");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((cotSAML != null) && (cotSAML.size() > 0)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = cotSAML.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((cotIDFF != null) && (cotIDFF.size() > 0)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = cotIDFF.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((cotWSFed != null) && (cotWSFed.size() > 0)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = cotWSFed.iterator(); it.hasNext(); ){
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "COTException: " + cx.getMessage());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private Map getSAML2Entities (String realm, SAML2MetaManager saml2Mgr) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getSAML2Entities:";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // s2entMap: entity name => Map of ("location", "roles") -> values
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Map s2entMap = new HashMap(); // for the SAML2 entities
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster List hosted = saml2Mgr.getAllHostedEntities(realm);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = s2Ents.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((hosted != null) && hosted.contains(entId)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster wse.put("roles", listToString(getSAMLv2Roles(entId, realm)));
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "getting SAML2 entity providers for realm " + realm + ": " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getWSFedEntities:";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // wsentMap: entity name => Map of ("location", "roles") -> values
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster WSFederationMetaManager metaManager = new WSFederationMetaManager();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster List hosted = metaManager.getAllHostedEntities(realm);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = wsEnts.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((hosted != null) && hosted.contains(entId)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster wse.put("roles", listToString(getWSFedRoles(entId, realm)));
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error(classMethod + "getting WSFed entities for realm " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private Map getIDFFEntities (String realm, IDFFMetaManager idffMgr) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String classMethod = "ConfigFedMonitoring.getIDFFEntities:";
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster // idffentMap: entity name => Map of ("location", "roles") -> values
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Map idffentMap = new HashMap(); // for the IDFF entities
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster List hosted = idffMgr.getAllHostedEntities(realm);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster for (Iterator it = idffEnts.iterator(); it.hasNext(); ) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if ((hosted != null) && hosted.contains(entId)) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster wse.put("roles", listToString(getIDFFRoles(entId, realm)));
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "getting IDFF entity providers for realm " + realm + ": " +