a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FSDefaultAttributePlugin.java,v 1.4 2008/11/10 22:56:58 veiming Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.message.FSSubject;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.services.util.FSServiceUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProvider;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProviderException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProviderManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionProvider;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.Attribute;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.AttributeStatement;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class <code>FSDefaultAttributePlugin</code> is the default
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attribute plugin implementation of <code>FSAttributePlugin</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of Identity provider. The default implementation will read the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attribute map configuration defined in hosted IDP local configuration
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * and create SAML <code>AttributeStatement</code>s so that they can be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * inserted into SAML SSO <code>Assertion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class FSDefaultAttributePlugin implements FSAttributePlugin {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns list of <code>AttributeStatement</code>s by using attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * map defined in the configuration.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param hostEntityId Hosted identity provider entity id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param remoteEntityID Remote provider's entity id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subject Subject subject of the authenticated principal.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token user's session.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return list of SAML <code>AttributeStatement<code>s.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @deprecated This method is deprecated.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #getAttributeStatements(String,String,String,FSSubject,Object)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "/", hostEntityId, remoteEntityID, subject, token);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns list of <code>AttributeStatement</code>s by using attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * map defined in the configuration.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param realm The realm under which the entity resides.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param hostEntityId Hosted identity provider entity id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param remoteEntityID Remote provider's entity id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subject Subject subject of the authenticated principal.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token user's session.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return list of SAML <code>AttributeStatement<code>s.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSDefaultAttributePlugin.getAttributeStatements");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster metaManager.getIDPDescriptorConfig(realm, hostEntityId);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Map attributes = IDFFMetaUtils.getAttributes(idpConfig);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attributeMap = FSServiceUtils.parseAttributeConfig((List)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attributes.get(IFSConstants.IDP_ATTRIBUTE_MAP));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (attributeMap == null || attributeMap.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Statements: Attribute map configuration is empty.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Statements: Attribute map configuration: " + attributeMap);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Iterator iter = attributeMap.entrySet().iterator();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster getAttributeValue(token, (String)entry.getValue());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Statements: attribute statement: " + statement.toString());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private String getAttributeValue(Object token, String attrName) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Value: attribute Name is null. Check the attribute map");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String userID = sessionProvider.getPrincipalName(token);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Set attrValues = dsProvider.getAttribute(userID, attrName);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (attrValues == null || attrValues.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSDefaultAttributePlugin.getAttribute"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Value: values not found for : " + attrName);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSDefaultAttributePlugin.getAttributeValue: exception:",
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSDefaultAttributePlugin.getAttributeValue: exception: ",