a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: DiscoServiceManager.java,v 1.7 2008/08/06 17:28:08 exu Exp $
23e304384f98fca4ab2e6f9f07a53465c1bfc645Peter Major * Portions Copyrighted 2012 ForgeRock Inc
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.liberty.ws.disco.common;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.common.SystemConfigurationUtil;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.plugins.Default64ResourceIDMapper;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.plugins.DiscoEntryHandler;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.plugins.NameIdentifierMapper;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.plugins.jaxb.*;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.interfaces.ResourceIDMapper;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.interfaces.Authorizer;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.soapbinding.Utils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.configuration.ConfigurationActionEvent;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.configuration.ConfigurationException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.configuration.ConfigurationInstance;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.configuration.ConfigurationListener;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.configuration.ConfigurationManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.shared.datastruct.CollectionHelper;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This is a singleton class. It reads the current values from Discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Service configuration and updates the values by listening to Discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Service configuration events.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class DiscoServiceManager implements ConfigurationListener {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // constants used by this class only.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Don't need to publish them in DiscoConstants.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoveryService";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoProviderID";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_SUPPORTED_AUTHN_MECHS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoSupportedAuthnMechs";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_SUPPORTED_DIRECTIVE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoSupportedDirectives";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_LOOKUP_NEED_POLICY =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoLookupNeedPolicyEval";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String LOOKUP_NEED_POLICY_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_UPDATE_NEED_POLICY =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoUpdateNeedPolicyEval";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String UPDATE_NEED_POLICY_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoAuthorizer";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_ENTRY_HANDLER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoEntryHandler";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_GLOBAL_ENTRY_HANDLER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerGlobalDiscoEntryHandler";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoProviderResourceIDMapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String KEY_PROVIDER_ID = "providerid";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String KEY_IDMAPPER = "idmapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_BOOTSTRAPPING_DISCO_ENTRY =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerBootstrappingDiscoEntry";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_BOOTSTRAPPING_SESSION_CONTEXT =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerBootstrappingSessionContext";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String NEED_SESSION_CONTEXT_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_BOOTSTRAPPING_ENCRYPT_NI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerBootstrappingEncryptNIinSessionContext";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ENCRYPT_NI_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_BOOTSTRAPPING_IMPLIED_RESOURCE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerBootstrappingImpliedResource";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String USE_IMPLIED_RESOURCE_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_OPTION_SECURITY_RESPONSE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoOptionSecurityResponse";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String USE_RESPONSE_AUTHENTICATION_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static final String ATTR_NAMEID_MAPPER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sunIdentityServerDiscoNameIdentifierMapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static Debug debug = Debug.getInstance("libIDWSF");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static ConfigurationInstance ci = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static boolean policyEvalLookup = false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static boolean policyEvalUpdate = false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static DiscoEntryHandler entryHandler = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static DiscoEntryHandler globalEntryHandler = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static String bootDiscoEntryStr = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static boolean requireSessionContextStmt = false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static NameIdentifierMapper nameIdMapper = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ci = ConfigurationManager.getConfigurationInstance("DISCO");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster jc = JAXBContext.newInstance(Utils.getJAXBPackages());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.error("DiscoServiceManager.static:", ce);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.error("DiscoServiceManager.static: Unable to " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This method will be invoked when a component's
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * configuration data has been changed. The parameters componentName,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * realm and configName denotes the component name,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * organization and configuration instance name that are changed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * respectively.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param e Configuration action event, like ADDED, DELETED, MODIFIED etc.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void configChanged(ConfigurationActionEvent e) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.configChanged.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the provider ID for Discovery Service. Null would be returned
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * if it's not configured in the admin console. During installation, a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * default value will be configured.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return provider ID of discovery service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized String getDiscoProviderID() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the Set of <code>SecurityMechID</code>s that the discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * service supports. A set of default values will be configured during
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * installation time.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Set of <code>SecurityMechID</code>s that the discovery service
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static Set getSupportedAuthenticationMechanisms() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the Set of <code>Directive</code>s that the discovery service
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Set of <code>Directive</code>s the discovery service supports.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a boolean value which indicates whether policy evaluation is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * needed for discovery lookup.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if policy evaluation is needed for discovery lookup; false
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a boolean value which indicates whether policy evaluation is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * needed for discovery update.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if policy evaluation is needed for discovery update; false
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>Authorizer</code> specified in the discovery service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If no <code>Authorizer</code> is configured, an instance of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>DefaultDiscoAuthorizer</code> will be returned.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Authorizer configured in discovery service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>NameIdentifierMapper</code> class specified in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * discovery service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return instance of <code>NameIdentifierMapper</code> class.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>null</code> if no handler is configured, or unable to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * instantiate the mapper class.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized NameIdentifierMapper getNameIdentifierMapper() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>DiscoEntryHandler</code> specified in the discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return DiscoEntryHandler of the service. <code>null</code> if no
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * handler is configured.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized DiscoEntryHandler getDiscoEntryHandler() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the glbal <code>DiscoEntryHandler</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * business-to-enterprise (B2E) scenarios. This handler is invoked
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * when the resource id is implied.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized DiscoEntryHandler getGlobalEntryHandler() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>ResourceIDMapper</code> associated with the providerID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID a provider's ID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return ResourceIDMapper associated with providerID. Null will be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * returned if <code>providerID</code> is null, or couldn't find the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * matching <code>ResourceIDMapper</code> in the configuration. Caller
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * could call <code>DiscoServiceManager.getDefaultResourceIDMapper()</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * to obtain the default <code>ResourceIDMapper</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized ResourceIDMapper getResourceIDMapper(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((idMappers == null) || (providerID == null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return ((ResourceIDMapper) idMappers.get(providerID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the default <code>ResourceIDMapper</code> of the discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return ResourceIDMapper of the discovery service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static ResourceIDMapper getDefaultResourceIDMapper() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>DiscoEntryElement</code> of the discovery service
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * configured for bootstrapping. Null will be returned if it's not
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * configured. A default value will be configured during installation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Bootstrapping <code>DiscoEntryElement</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static synchronized DiscoEntryElement getBootstrappingDiscoEntry() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((bootDiscoEntryStr != null) && (bootDiscoEntryStr.length() != 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntry = (DiscoEntryElement) u.unmarshal(
23e304384f98fca4ab2e6f9f07a53465c1bfc645Peter Major XMLUtils.createSAXSource(new InputSource(new StringReader(bootDiscoEntryStr))));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Exception when creating Disco Resource Offering:",e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "no Discovery Resource Offering specified.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Updates discovery service cache.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Map attrsMap = ci.getConfiguration(null, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // self provider id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // supported security mech id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster authnMechs = (Set) attrsMap.get(ATTR_SUPPORTED_AUTHN_MECHS);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // supported directives
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster supportedDirectives = (Set) attrsMap.get(ATTR_SUPPORTED_DIRECTIVE);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster policyEvalLookup = Boolean.valueOf(CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster policyEvalUpdate = Boolean.valueOf(CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // authorizer
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String authorizerName = CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((authorizerName != null) && (authorizerName.length() != 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Exception when instantiating authorizer. Using "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "default Authorizer. Exception", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // entry handler
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String handlerName = CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((handlerName != null) && (handlerName.length() != 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Exception when instantiating entry handler:", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String globalHandler = CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((globalHandler != null) && (globalHandler.length() != 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster globalEntryHandler = (DiscoEntryHandler) Class.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.error("DiscoServiceManager.setValues: Exception"+
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " when instantiating global entry handler:", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Name Identifier Mapper
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String niMapperName = CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((niMapperName != null) && (niMapperName.length() != 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Exception when instantiating nameid mapper:", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // the syntax for each set value is:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // providerid=<providerid>|idmapper=<the class for ResourceIDMapper>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Set values = (Set)attrsMap.get(ATTR_ID_MAPPER);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster for (Iterator iter = values.iterator(); iter.hasNext();) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster StringTokenizer stz = new StringTokenizer(value, "|");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // ignore the attribute if it doesn't include "="
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Values: illegal format for ResourceIDMapper:"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // ignore the attribute if it is like "providerid="
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Values: illegal format of ResourceIDMapper:"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (key.equalsIgnoreCase(KEY_IDMAPPER)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + ".setValues: couldn't instantiate "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Values: illegal format of ResourceIDMapper:"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((providerID == null) || (mapper == null)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Values: Invalid syntax for "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Values: Invalid syntax for ResourceIDMapper:"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // disco resource offering for bootstrapping
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntryStr = CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: need Session "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Context Statement?" + requireSessionContextStmt);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster encryptNI = Boolean.valueOf(CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: encrypt NI in "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster useImpliedRes = Boolean.valueOf(CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: use implied "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster useRespAuth = Boolean.valueOf(CollectionHelper.getMapAttr(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster USE_RESPONSE_AUTHENTICATION_DEFAULT)).booleanValue();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.message("DiscoServiceManager.setValues: use response "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster debug.error("DiscoServiceManager.setValues: Exception", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntryStr = bootDiscoEntryStr.replaceAll(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Constants.TAG_SERVER_PROTO, SystemConfigurationUtil.getProperty(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntryStr = bootDiscoEntryStr.replaceAll(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Constants.TAG_SERVER_HOST, SystemConfigurationUtil.getProperty(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntryStr = bootDiscoEntryStr.replaceAll(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Constants.TAG_SERVER_PORT, SystemConfigurationUtil.getProperty(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster bootDiscoEntryStr = bootDiscoEntryStr.replaceAll(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Constants.TAG_SERVER_URI, SystemConfigurationUtil.getProperty(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns flag used by the IDP to decide if
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionContextStatement</code> needs to be generated for discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * bootstrapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if <code>SessionContextStatement</code> needs to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * generated; false otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static boolean needSessionContextStatement() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns flag used by the IDP to decide if <code>NameIdentifier</code> in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionContext</code> needs to be encrypted for discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * bootstrapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if <code>NameIdentifier</code> in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SessionContext</code> needs to be encrypted; false otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static boolean encryptNIinSessionContext() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns flag used by Discovery Service to decide whether Response
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is always authenticated or not.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if response authentication is used; false otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static boolean useResponseAuthentication() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns flag used by the IDP/AuthnSvc to decide whether to use
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implied resource for discovery bootstrapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if implied resource is used; false otherwise.