fedletXACMLQuery.jsp revision 416202e5dcb52019dba7580e78ddf3427c51f5c7
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%--
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater The contents of this file are subject to the terms
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater of the Common Development and Distribution License
4f91bcae4368308b0bfd13769a059de222a3769dAutomatic Updater (the License). You may not use this file except in
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt compliance with the License.
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater You can obtain a copy of the License at
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt https://opensso.dev.java.net/public/CDDLv1.0.html or
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt opensso/legal/CDDLv1.0.txt
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater See the License for the specific language governing
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt permission and limitations under the License.
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt When distributing Covered Code, include this CDDL
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Header Notice in each file and include the License file
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt at opensso/legal/CDDLv1.0.txt.
bef75d63d74f58abc0f834ed271526672777ba29Automatic Updater If applicable, add the following below the CDDL Header,
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt with the fields enclosed by brackets [] replaced by
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt your own identifying information:
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt "Portions Copyrighted [year] [name of copyright owner]"
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
bd537d750f489826deed5165648a8774ff5b2c11Automatic Updater Copyright 2009 Sun Microsystems Inc. All Rights Reserved
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt--%>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%--
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Portions Copyrighted 2013-2014 ForgeRock AS
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt Portions Copyrighted 2014 Nomura Research Institute, Ltd
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt--%>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%--
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater fedletXACMLQuery.jsp
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt This JSP used by the Fedlet to get the Resource URL. Fedlet uses XACML
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt to determine whether right policy has been defined for the Resource URL
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater--%>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%@ page import="com.sun.identity.shared.encode.URLEncDec" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="java.io.File" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="java.util.Set" %>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<%@ page import="com.sun.identity.cot.CircleOfTrustManager" %>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%@ page import="org.owasp.esapi.ESAPI"%>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<script>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updaterfunction checkEmptyResource() {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (document.fedletXACMLQuery.resource.value == "") {
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater alert("Resource URL cannot be empty");
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater return false;
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater }
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater return true;
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater}
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt</script>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<%
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt String deployuri = request.getRequestURI();
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt int slashLoc = deployuri.indexOf("/", 1);
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (slashLoc != -1) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt deployuri = deployuri.substring(0, slashLoc);
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt }
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt String fedletHomeDir = System.getProperty("com.sun.identity.fedlet.home");
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if ((fedletHomeDir == null) || (fedletHomeDir.trim().length() == 0)) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt if (System.getProperty("user.home").equals(File.separator)) {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt fedletHomeDir = File.separator + "fedlet";
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater } else {
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt fedletHomeDir = System.getProperty("user.home") +
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt File.separator + "fedlet";
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt }
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt }
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt%>
e1263b4b9c16f5ecd7640be046b1e1a5c592c1e0Automatic Updater<html>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt<head>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <title>XACML Query</title>
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt <link rel="stylesheet" type="text/css" href="<%= deployuri %>/com_sun_web_ui/css/css_ns6up.css" />
ca42dcc0686fefd3db202edab80e5adb09d6add5Evan Hunt</head>
<body>
<div class="MstDiv"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblTop" title="">
<tbody><tr>
<td nowrap="nowrap">&nbsp;</td>
<td nowrap="nowrap">&nbsp;</td>
</tr></tbody></table>
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblBot" title="">
<tbody><tr>
<td class="MstTdTtl" width="99%">
<div class="MstDivTtl"><img name="ProdName" src="<%= deployuri %>/console/images/PrimaryProductName.png" alt="" /></div></td><td class="MstTdLogo" width="1%"><img name="RMRealm.mhCommon.BrandLogo" src="<%= deployuri %>/com_sun_web_ui/images/other/javalogo.gif" alt="Java(TM) Logo" border="0" height="55" width="31" /></td></tr></tbody></table>
<table class="MstTblEnd" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td><img name="RMRealm.mhCommon.EndorserLogo" src="<%= deployuri %>/com_sun_web_ui/images/masthead/masthead-sunname.gif" alt="Sun(TM) Microsystems, Inc." align="right" border="0" height="10" width="108" /></td></tr></tbody></table></div><div class="SkpMedGry1"><a name="SkipAnchor2089" id="SkipAnchor2089"></a></div>
<div class="SkpMedGry1"><a href="#SkipAnchor4928"><img src="<%= deployuri %>/com_sun_web_ui/images/other/dot.gif" alt="Jump Over Tab Navigation Area. Current Selection is: Access Control" border="0" height="1" width="1" /></a></div>
<p><br>
<table border="0" width="700">
<tr>
<td colspan="2">
<%
try {
CircleOfTrustManager cotManager = new CircleOfTrustManager();
Set members = cotManager.getAllCirclesOfTrust("/");
if ((members == null) || members.isEmpty()) {
out.print("Misconfiguration - No circle of trust.");
} else {
out.print("Circle of trust names: ");
boolean isFirst = true;
for (Object member : members) {
if (isFirst) {
isFirst = false;
} else {
out.print(", ");
}
out.print(member);
}
}
} catch (Exception e) {
out.print(e.toString());
}
%>
</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td colspan="2">
<hr>
<form method=get name="fedletXACMLQuery" action=fedletXACMLResp.jsp onsubmit="return checkEmptyResource();">
<h1> XACML Query </h1>
<%
String idpEntityID = request.getParameter("idpEntityID");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + idpEntityID, idpEntityID,
"HTTPParameterValue", 2000, false)){
idpEntityID = "";
}
String spEntityID = request.getParameter("spEntityID");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + spEntityID, spEntityID,
"HTTPParameterValue", 2000, false)){
spEntityID = "";
}
String nameIDValue = request.getParameter("nameIDValue");
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + nameIDValue, nameIDValue,
"HTTPParameterValue", 2000, false)){
nameIDValue = "";
}
String newNameIDValue = URLEncDec.encode(nameIDValue);
%>
<p>
<input type=hidden name=idpEntityID value="<%=idpEntityID%>">
<input type=hidden name=spEntityID value="<%=spEntityID%>">
<input type=hidden name=nameIDValue value="<%=newNameIDValue%>">
<h3>Resource URL</h3>
<input type=text name=resource value=<%=request.getRequestURL()%> size=120> <br>
<p> <p>
<h3>Action</h3>
<input type="radio" name="action" value="GET" checked/> GET <br>
<input type="radio" name="action" value="POST"/> POST <br>
<input type=submit>
</form>
<hr>
</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</table>
</body>
</html>