fedletXACMLQuery.jsp revision 416202e5dcb52019dba7580e78ddf3427c51f5c7
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater The contents of this file are subject to the terms
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater of the Common Development and Distribution License
4f91bcae4368308b0bfd13769a059de222a3769dAutomatic Updater (the License). You may not use this file except in
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt compliance with the License.
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater You can obtain a copy of the License at
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt https://opensso.dev.java.net/public/CDDLv1.0.html or
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater See the License for the specific language governing
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt permission and limitations under the License.
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt When distributing Covered Code, include this CDDL
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Header Notice in each file and include the License file
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater If applicable, add the following below the CDDL Header,
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt with the fields enclosed by brackets [] replaced by
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt your own identifying information:
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt "Portions Copyrighted [year] [name of copyright owner]"
bd537d750f489826deed5165648a8774ff5b2c11Automatic Updater Copyright 2009 Sun Microsystems Inc. All Rights Reserved
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Portions Copyrighted 2013-2014 ForgeRock AS
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Portions Copyrighted 2014 Nomura Research Institute, Ltd
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt This JSP used by the Fedlet to get the Resource URL. Fedlet uses XACML
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt to determine whether right policy has been defined for the Resource URL
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%@ page import="com.sun.identity.shared.encode.URLEncDec" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="java.io.File" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="java.util.Set" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="com.sun.identity.cot.CircleOfTrustManager" %>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%@ page import="org.owasp.esapi.ESAPI"%>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updaterfunction checkEmptyResource() {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (document.fedletXACMLQuery.resource.value == "") {
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater alert("Resource URL cannot be empty");
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt String deployuri = request.getRequestURI();
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt int slashLoc = deployuri.indexOf("/", 1);
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (slashLoc != -1) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt deployuri = deployuri.substring(0, slashLoc);
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt String fedletHomeDir = System.getProperty("com.sun.identity.fedlet.home");
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if ((fedletHomeDir == null) || (fedletHomeDir.trim().length() == 0)) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (System.getProperty("user.home").equals(File.separator)) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt fedletHomeDir = File.separator + "fedlet";
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <title>XACML Query</title>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <link rel="stylesheet" type="text/css" href="<%= deployuri %>/com_sun_web_ui/css/css_ns6up.css" />
<div class="MstDiv"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblTop" title="">
<div class="MstDivTtl"><img name="ProdName" src="<%= deployuri %>/console/images/PrimaryProductName.png" alt="" /></div></td><td class="MstTdLogo" width="1%"><img name="RMRealm.mhCommon.BrandLogo" src="<%= deployuri %>/com_sun_web_ui/images/other/javalogo.gif" alt="Java(TM) Logo" border="0" height="55" width="31" /></td></tr></tbody></table>
<table class="MstTblEnd" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td><img name="RMRealm.mhCommon.EndorserLogo" src="<%= deployuri %>/com_sun_web_ui/images/masthead/masthead-sunname.gif" alt="Sun(TM) Microsystems, Inc." align="right" border="0" height="10" width="108" /></td></tr></tbody></table></div><div class="SkpMedGry1"><a name="SkipAnchor2089" id="SkipAnchor2089"></a></div>
<div class="SkpMedGry1"><a href="#SkipAnchor4928"><img src="<%= deployuri %>/com_sun_web_ui/images/other/dot.gif" alt="Jump Over Tab Navigation Area. Current Selection is: Access Control" border="0" height="1" width="1" /></a></div>
Set members = cotManager.getAllCirclesOfTrust("/");
if ((members == null) || members.isEmpty()) {
out.print("Misconfiguration - No circle of trust.");
out.print("Circle of trust names: ");
out.print(", ");
out.print(member);
<form method=get name="fedletXACMLQuery" action=fedletXACMLResp.jsp onsubmit="return checkEmptyResource();">
String idpEntityID = request.getParameter("idpEntityID");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + idpEntityID, idpEntityID,
String spEntityID = request.getParameter("spEntityID");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + spEntityID, spEntityID,
String nameIDValue = request.getParameter("nameIDValue");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + nameIDValue, nameIDValue,
String newNameIDValue = URLEncDec.encode(nameIDValue);
<input type=text name=resource value=<%=request.getRequestURL()%> size=120> <br>