a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: SessionContext.java,v 1.2 2008/06/25 05:47:21 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.message.common.AuthnContext;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.message.common.FSMsgException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.common.wsse.WSSEConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequesterException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The <code>SessionContext</code> class represents session status of an entity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * to another system entity. It is supplied to a relying party to support policy
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * enforcement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster protected SessionSubject _sessionSubject = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default constructor
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>SessionContext</code> object from a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionSubject</code> object, a <code>AuthnContext</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * object and a <code>String</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param sessionSubject <code>SessionSubject</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param authnContext authentication context object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID provider ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if <code>sessionSubject</code> is null or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>providerID</code> is null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public SessionContext(SessionSubject sessionSubject,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((sessionSubject == null) || (providerID == null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("SessionContext: null input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>SessionSubject</code> within the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionContext</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>SessionSubject</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>SessionSubject</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param sub <code>SessionSubject</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void setSessionSubject(SessionSubject sub) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>AuthnContext</code> within the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionContext</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>AuthnContext</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>ProviderID</code> in the <code>SessionContext</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>ProviderID</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>AuthnContext</code> in the <code>SessionContext</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param authnContext <code>AuthnContext</code> to be set.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if <code>AuthnContext</code> was set.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean setAuthnContext(AuthnContext authnContext) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "setAuthnContext: Input is null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an <code>SessionContext</code> object from a DOM Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param element representing a DOM tree element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if there is an error in the sender or in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * element definition.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public SessionContext(Element element)throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // make sure input is not null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("AttributeStatement: null input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // check if it's an ResourceAccessStatement
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster boolean valid = SAMLUtils.checkStatement(element, "SessionContext");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("SessionContext: Wrong input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String authInstant = element.getAttribute("AuthenticationInstant");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String issueInstant = element.getAttribute("AssertionIssueInstant");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((authInstant == null) || (issueInstant == null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("SessionContext: AuthenticationInstant " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "or AssertionIssueInstant is missing!");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster _issueInstant = DateUtils.stringToDate(issueInstant);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster _authenticationInstant = DateUtils.stringToDate(authInstant);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster //TODO: handle exception
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster //Handle the children elements of SessionContext
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (currentNode.getNodeType() == Node.ELEMENT_NODE) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((tagName == null) || tagName.length() == 0 ||
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("SessionContext: The tag name"+
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " or tag namespace of child element is" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " either null or empty.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster tagNS.equals("urn:liberty:sec:2003-08")) { //sec:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " should only contain one SessionSubject");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "could not new SessionSubject" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " object.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "SessionSubject"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster tagNS.equals("urn:liberty:sec:2003-08")) { //sec
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " should at most contain one" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " ProviderID.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster _providerID = currentNode.getChildNodes().item(0)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster tagNS.equals("urn:liberty:iff:2003-08")) { //lib
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "should at most contain one " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AuthnContext");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "could not new AuthnContext" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " object.", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AuthnContext"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // end of if (currentNode.getNodeType() == Node.ELEMENT_NODE)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // end of for loop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } // end of if (nodeCount > 0)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // check if the subject is null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((_sessionSubject == null)||(_authnContext == null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("SessionContext should contain " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "one SessionSubject and one " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " one AuthnContext.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation of the <code>SessionContext</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A string containing the valid XML for this element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * By default name space name is prepended to the element name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * example <code><saml:Subject></code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws ParseException if could not convert String Date
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * expression to Date object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSMsgException if could not get <code>AuthnContext</code> XML
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String representation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public String toXMLString() throws ParseException, FSMsgException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return toXMLString(true, false);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation of the <code><SessionContext></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNS if true prepends all elements by their Namespace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * name <code><saml:Subject></code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS if true includes the namespace within the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * generated XML.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A string containing the valid XML for this element. Return null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * if error happened.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws ParseException if could not convert String Date
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * expression to Date object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSMsgException if could not get <code>AuthnContext</code> XML
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String representation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public String toXMLString(boolean includeNS, boolean declareNS)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster WSSEConstants.TAG_SEC + "=\"" + WSSEConstants.NS_SEC +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(WSSEConstants.TAG_SESSIONCONTEXT).append(secNS).append(" ").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(DateUtils.toUTCDateFormat(_issueInstant)).append("\" ").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(DateUtils.toUTCDateFormat(_authenticationInstant)).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(_sessionSubject.toXMLString(includeNS, declareNS));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append("<").append(secprefix).append(WSSEConstants.TAG_PROVIDERID).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(">").append(_providerID).append("</").append(secprefix).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster append(WSSEConstants.TAG_PROVIDERID).append(">");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(_authnContext.toXMLString(includeNS, declareNS));