cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1301434 - in /cxf/trunk/services/sts/sts-core/src: main/java/org/apache/cxf/sts/claims/ main/java/org/apache/cxf/sts/operation/ main/java/org/apache/cxf/sts/request/ test/java/org/apache/cxf/sts/common/ test/java/org/apache/cxf/sts/operati...
Date Fri, 16 Mar 2012 11:05:43 GMT
Author: coheigea
Date: Fri Mar 16 11:05:43 2012
New Revision: 1301434

URL: http://svn.apache.org/viewvc?rev=1301434&view=rev
Log:
[CXF-4062][CXF-4173] - Enabling custom claim parser / Support for ClaimValue element of federation claims dialect added
 - Patch(es) applied, thanks! I made a few minor modifications

Added:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsParser.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/IdentityClaimsParser.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimParser.java
Modified:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsManager.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsManager.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsManager.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsManager.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsManager.java Fri Mar 16 11:05:43 2012
@@ -44,6 +44,7 @@ public class ClaimsManager {
 
     private static final Logger LOG = LogUtils.getL7dLogger(ClaimsManager.class);
 
+    private List<ClaimsParser> claimParsers;
     private List<ClaimsHandler> claimHandlers;
     private List<URI> supportedClaimTypes = new ArrayList<URI>();
 
@@ -51,10 +52,18 @@ public class ClaimsManager {
         return supportedClaimTypes;
     }
 
+    public List<ClaimsParser> getClaimParsers() {
+        return claimParsers;
+    }
+    
     public List<ClaimsHandler> getClaimHandlers() {
         return claimHandlers;
     }
 
+    public void setClaimParsers(List<ClaimsParser> claimParsers) {
+        this.claimParsers = claimParsers;
+    }
+    
     public void setClaimHandlers(List<ClaimsHandler> claimHandlers) {
         this.claimHandlers = claimHandlers;
         if (claimHandlers == null) {

Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsParser.java?rev=1301434&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsParser.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ClaimsParser.java Fri Mar 16 11:05:43 2012
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.claims;
+
+import org.w3c.dom.Element;
+
+public interface ClaimsParser {
+
+    /**
+     * @param claim Element to parse claim request from
+     * @return RequestClaim parsed from claim
+     */
+    RequestClaim parse(Element claim);
+
+    /**
+     * This method indicates the claims dialect this Parser can handle.
+     * 
+     * @return Name of supported Dialect
+     */
+    String getSupportedDialect();
+
+}

Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/IdentityClaimsParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/IdentityClaimsParser.java?rev=1301434&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/IdentityClaimsParser.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/IdentityClaimsParser.java Fri Mar 16 11:05:43 2012
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.claims;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import org.apache.cxf.common.logging.LogUtils;
+
+public class IdentityClaimsParser implements ClaimsParser {
+    
+    public static final String IDENTITY_CLAIMS_DIALECT = 
+        "http://schemas.xmlsoap.org/ws/2005/05/identity";
+
+    private static final Logger LOG = LogUtils.getL7dLogger(IdentityClaimsParser.class);
+
+    public RequestClaim parse(Element claim) {
+        return parseClaimType(claim);
+    }
+
+    public static RequestClaim parseClaimType(Element claimType) {
+        String claimLocalName = claimType.getLocalName();
+        String claimNS = claimType.getNamespaceURI();
+        if ("ClaimType".equals(claimLocalName)) {
+            String claimTypeUri = claimType.getAttribute("Uri");
+            String claimTypeOptional = claimType.getAttribute("Optional");
+            RequestClaim requestClaim = new RequestClaim();
+            try {
+                requestClaim.setClaimType(new URI(claimTypeUri));
+            } catch (URISyntaxException e) {
+                LOG.log(
+                    Level.WARNING, 
+                    "Cannot create URI from the given ClaimType attribute value " + claimTypeUri,
+                    e
+                );
+            }
+            requestClaim.setOptional(Boolean.parseBoolean(claimTypeOptional));
+            return requestClaim;
+        } else if ("ClaimValue".equals(claimLocalName)) {
+            String claimTypeUri = claimType.getAttribute("Uri");
+            String claimTypeOptional = claimType.getAttribute("Optional");
+            RequestClaim requestClaim = new RequestClaim();
+            try {
+                requestClaim.setClaimType(new URI(claimTypeUri));
+            } catch (URISyntaxException e) {
+                LOG.log(
+                    Level.WARNING, 
+                    "Cannot create URI from the given ClaimTye attribute value " + claimTypeUri,
+                    e
+                );
+            }
+            
+            Node valueNode = claimType.getFirstChild();
+            if (valueNode != null) {
+                if ("Value".equals(valueNode.getLocalName())) {
+                    requestClaim.setClaimValue(valueNode.getTextContent());
+                } else {
+                    LOG.warning("Unsupported child element of ClaimValue element "
+                            + valueNode.getLocalName());
+                    return null;
+                }
+            } else {
+                LOG.warning("No child element of ClaimValue element available");
+                return null;
+            }
+             
+            requestClaim.setOptional(Boolean.parseBoolean(claimTypeOptional));
+            
+            return requestClaim;
+        }
+        
+        LOG.fine("Found unknown element: " + claimLocalName + " " + claimNS);
+        return null;
+    }
+
+    /**
+     * Return the supported dialect of this class
+     */
+    public String getSupportedDialect() {
+        return IDENTITY_CLAIMS_DIALECT;
+    }
+}

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java Fri Mar 16 11:05:43 2012
@@ -102,7 +102,7 @@ public abstract class AbstractOperation 
     protected List<TokenValidator> tokenValidators = new ArrayList<TokenValidator>();
     protected boolean returnReferences = true;
     protected STSTokenStore tokenStore;
-    protected ClaimsManager claimsManager;
+    protected ClaimsManager claimsManager = new ClaimsManager();
     
     public boolean isReturnReferences() {
         return returnReferences;
@@ -173,7 +173,7 @@ public abstract class AbstractOperation 
         stsProperties.configureProperties();
         
         RequestParser requestParser = new RequestParser();
-        requestParser.parseRequest(request, context, stsProperties);
+        requestParser.parseRequest(request, context, stsProperties, claimsManager.getClaimParsers());
         
         return requestParser;
     }

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java Fri Mar 16 11:05:43 2012
@@ -43,7 +43,6 @@ import javax.xml.ws.WebServiceContext;
 import javax.xml.ws.handler.MessageContext;
 
 import org.w3c.dom.Element;
-import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
 import org.apache.cxf.common.logging.LogUtils;
@@ -53,6 +52,8 @@ import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.sts.QNameConstants;
 import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
+import org.apache.cxf.sts.claims.ClaimsParser;
+import org.apache.cxf.sts.claims.IdentityClaimsParser;
 import org.apache.cxf.sts.claims.RequestClaim;
 import org.apache.cxf.sts.claims.RequestClaimCollection;
 import org.apache.cxf.ws.security.sts.provider.STSException;
@@ -95,9 +96,11 @@ public class RequestParser {
     private TokenRequirements tokenRequirements = new TokenRequirements();
 
     public void parseRequest(
-        RequestSecurityTokenType request, WebServiceContext wsContext, STSPropertiesMBean stsProperties
+        RequestSecurityTokenType request, WebServiceContext wsContext, STSPropertiesMBean stsProperties, 
+        List<ClaimsParser> claimsParsers
     ) throws STSException {
         LOG.fine("Parsing RequestSecurityToken");
+        
         keyRequirements = new KeyRequirements();
         tokenRequirements = new TokenRequirements();
         
@@ -105,7 +108,8 @@ public class RequestParser {
             // JAXB types
             if (requestObject instanceof JAXBElement<?>) {
                 JAXBElement<?> jaxbElement = (JAXBElement<?>) requestObject;
-                boolean found = parseTokenRequirements(jaxbElement, tokenRequirements, wsContext);
+                boolean found = 
+                    parseTokenRequirements(jaxbElement, tokenRequirements, wsContext, claimsParsers);
                 if (!found) {
                     found = parseKeyRequirements(jaxbElement, keyRequirements, wsContext, stsProperties);
                 }
@@ -120,7 +124,7 @@ public class RequestParser {
                 Element element = (Element)requestObject;
                 if (STSConstants.WST_NS_05_12.equals(element.getNamespaceURI())
                     && "SecondaryParameters".equals(element.getLocalName())) {
-                    parseSecondaryParameters(element);
+                    parseSecondaryParameters(element, claimsParsers);
                 } else if ("AppliesTo".equals(element.getLocalName())
                     && (STSConstants.WSP_NS.equals(element.getNamespaceURI())
                         || STSConstants.WSP_NS_04.equals(element.getNamespaceURI()))) {
@@ -216,7 +220,8 @@ public class RequestParser {
     private static boolean parseTokenRequirements(
         JAXBElement<?> jaxbElement, 
         TokenRequirements tokenRequirements,
-        WebServiceContext wsContext
+        WebServiceContext wsContext,
+        List<ClaimsParser> claimsParsers
     ) {
         if (QNameConstants.TOKEN_TYPE.equals(jaxbElement.getName())) {
             String tokenType = (String)jaxbElement.getValue();
@@ -272,7 +277,7 @@ public class RequestParser {
             LOG.fine("Found CancelTarget token");
         } else if (QNameConstants.CLAIMS.equals(jaxbElement.getName())) {
             ClaimsType claimsType = (ClaimsType)jaxbElement.getValue();
-            RequestClaimCollection requestedClaims = parseClaims(claimsType);
+            RequestClaimCollection requestedClaims = parseClaims(claimsType, claimsParsers);
             tokenRequirements.setClaims(requestedClaims);
             LOG.fine("Found Claims token");
         } else {
@@ -495,7 +500,7 @@ public class RequestParser {
      * direct children of the RequestSecurityToken element. 
      * @param secondaryParameters the secondaryParameters element to parse
      */
-    private void parseSecondaryParameters(Element secondaryParameters) {
+    private void parseSecondaryParameters(Element secondaryParameters, List<ClaimsParser> claimsParsers) {
         LOG.fine("Found SecondaryParameters element");
         Element child = DOMUtils.getFirstElement(secondaryParameters);
         while (child != null) {
@@ -519,7 +524,7 @@ public class RequestParser {
             } else if (tokenRequirements.getClaims() == null 
                 && "Claims".equals(localName) && STSConstants.WST_NS_05_12.equals(namespace)) {
                 LOG.fine("Found Claims element");
-                RequestClaimCollection requestedClaims = parseClaims(child);
+                RequestClaimCollection requestedClaims = parseClaims(child, claimsParsers);
                 tokenRequirements.setClaims(requestedClaims);
             } else {
                 LOG.fine("Found unknown element: " + localName + " " + namespace);
@@ -531,7 +536,7 @@ public class RequestParser {
     /**
      * Create a RequestClaimCollection from a DOM Element
      */
-    private RequestClaimCollection parseClaims(Element claimsElement) {
+    private RequestClaimCollection parseClaims(Element claimsElement, List<ClaimsParser> claimsParsers) {
         String dialectAttr = null;
         RequestClaimCollection requestedClaims = new RequestClaimCollection();
         try {
@@ -549,7 +554,7 @@ public class RequestParser {
         
         Element childClaimType = DOMUtils.getFirstElement(claimsElement);
         while (childClaimType != null) {
-            RequestClaim requestClaim = parseChildClaimType(childClaimType);
+            RequestClaim requestClaim = parseChildClaimType(childClaimType, dialectAttr, claimsParsers);
             if (requestClaim != null) {
                 requestedClaims.add(requestClaim);
             }
@@ -562,7 +567,9 @@ public class RequestParser {
     /**
      * Create a RequestClaimCollection from a JAXB ClaimsType object
      */
-    private static RequestClaimCollection parseClaims(ClaimsType claimsType) {
+    private static RequestClaimCollection parseClaims(
+        ClaimsType claimsType, List<ClaimsParser> claimsParsers
+    ) {
         String dialectAttr = null;
         RequestClaimCollection requestedClaims = new RequestClaimCollection();
         try {
@@ -580,7 +587,7 @@ public class RequestParser {
         
         for (Object claim : claimsType.getAny()) {
             if (claim instanceof Element) {
-                RequestClaim requestClaim = parseChildClaimType((Element)claim);
+                RequestClaim requestClaim = parseChildClaimType((Element)claim, dialectAttr, claimsParsers);
                 if (requestClaim != null) {
                     requestedClaims.add(requestClaim);
                 }
@@ -593,59 +600,24 @@ public class RequestParser {
     /**
      * Parse a child ClaimType into a RequestClaim object.
      */
-    private static RequestClaim parseChildClaimType(Element childClaimType) {
-        String claimLocalName = childClaimType.getLocalName();
-        String claimNS = childClaimType.getNamespaceURI();
-        if ("ClaimType".equals(claimLocalName)) {
-            String claimTypeUri = childClaimType.getAttribute("Uri");
-            String claimTypeOptional = childClaimType.getAttribute("Optional");
-            RequestClaim requestClaim = new RequestClaim();
-            try {
-                requestClaim.setClaimType(new URI(claimTypeUri));
-            } catch (URISyntaxException e) {
-                LOG.log(
-                    Level.WARNING, 
-                    "Cannot create URI from the given ClaimType attribute value " + claimTypeUri,
-                    e
-                );
-            }
-            requestClaim.setOptional(Boolean.parseBoolean(claimTypeOptional));
-            return requestClaim;
-        } else if ("ClaimValue".equals(claimLocalName)) {
-            String claimTypeUri = childClaimType.getAttribute("Uri");
-            String claimTypeOptional = childClaimType.getAttribute("Optional");
-            RequestClaim requestClaim = new RequestClaim();
-            try {
-                requestClaim.setClaimType(new URI(claimTypeUri));
-            } catch (URISyntaxException e) {
-                LOG.log(
-                    Level.WARNING, 
-                    "Cannot create URI from the given ClaimTye attribute value " + claimTypeUri,
-                    e
-                );
-            }
-            
-            Node valueNode = childClaimType.getFirstChild();
-            if (valueNode != null) {
-                if ("Value".equals(valueNode.getLocalName())) {
-                    requestClaim.setClaimValue(valueNode.getTextContent());
-                } else {
-                    LOG.warning("Unsupported child element of ClaimValue element "
-                            + valueNode.getLocalName());
-                    return null;
+    private static RequestClaim parseChildClaimType(
+        Element childClaimType, String dialect, List<ClaimsParser> claimsParsers
+    ) {
+        if (claimsParsers != null) {
+            for (ClaimsParser parser : claimsParsers) {
+                if (parser != null && dialect.equals(parser.getSupportedDialect())) {
+                    return parser.parse(childClaimType);
                 }
-            } else {
-                LOG.warning("No child element of ClaimValue element available");
-                return null;
             }
-             
-            requestClaim.setOptional(Boolean.parseBoolean(claimTypeOptional));
-            
-            return requestClaim;
+        }
+        if (IdentityClaimsParser.IDENTITY_CLAIMS_DIALECT.equals(dialect)) {
+            return IdentityClaimsParser.parseClaimType(childClaimType);
         }
         
-        LOG.fine("Found unknown element: " + claimLocalName + " " + claimNS);
-        return null;
+        LOG.log(Level.WARNING, "No ClaimsParser is registered for dialect " + dialect);
+        throw new STSException(
+            "No ClaimsParser is registered for dialect " + dialect, STSException.BAD_REQUEST
+        );
     }
     
     

Added: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimParser.java?rev=1301434&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimParser.java (added)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimParser.java Fri Mar 16 11:05:43 2012
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.common;
+
+import java.net.URI;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.sts.claims.ClaimsParser;
+import org.apache.cxf.sts.claims.RequestClaim;
+
+public class CustomClaimParser implements ClaimsParser {
+
+    public static final String CLAIMS_DIALECT = "http://my.custom.org/my/custom/namespace";
+    
+    public RequestClaim parse(Element claim) {
+        
+        String claimLocalName = claim.getLocalName();
+        String claimNS = claim.getNamespaceURI();
+        if (CLAIMS_DIALECT.equals(claimNS) && "MyElement".equals(claimLocalName)) {
+            String claimTypeUri = claim.getAttribute("Uri");
+            CustomRequestClaim response = new CustomRequestClaim();
+            response.setClaimType(URI.create(claimTypeUri));
+            String claimValue = claim.getAttribute("value");
+            response.setClaimValue(claimValue);
+            String scope = claim.getAttribute("scope");
+            response.setScope(scope);
+            return response;
+        }
+        return null;
+    }
+
+    public String getSupportedDialect() {
+        return CLAIMS_DIALECT;
+    }
+    
+    /**
+     * Extends RequestClaim class to add additional attributes
+     */
+    public class CustomRequestClaim extends RequestClaim {
+        private String scope;
+        
+        public String getScope() {
+            return scope;
+        }
+        
+        public void setScope(String scope) {
+            this.scope = scope;
+        }
+    }
+
+}

Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java Fri Mar 16 11:05:43 2012
@@ -19,6 +19,7 @@
 package org.apache.cxf.sts.common;
 
 import java.net.URI;
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -29,6 +30,7 @@ import org.apache.cxf.sts.claims.ClaimsH
 import org.apache.cxf.sts.claims.ClaimsParameters;
 import org.apache.cxf.sts.claims.RequestClaim;
 import org.apache.cxf.sts.claims.RequestClaimCollection;
+import org.apache.cxf.sts.common.CustomClaimParser.CustomRequestClaim;
 
 /**
  * A custom ClaimsHandler implementation for use in the tests.
@@ -36,11 +38,14 @@ import org.apache.cxf.sts.claims.Request
 public class CustomClaimsHandler implements ClaimsHandler {
     
     private static List<URI> knownURIs = new ArrayList<URI>();
+    private static final URI ROLE_CLAIM = 
+            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
     
     static {
         knownURIs.add(ClaimTypes.FIRSTNAME);
         knownURIs.add(ClaimTypes.LASTNAME);
         knownURIs.add(ClaimTypes.EMAILADDRESS);
+        knownURIs.add(ROLE_CLAIM);
     }
 
     public List<URI> getSupportedClaimTypes() {
@@ -56,12 +61,25 @@ public class CustomClaimsHandler impleme
                 Claim claim = new Claim();
                 claim.setClaimType(requestClaim.getClaimType());
                 if (ClaimTypes.FIRSTNAME.equals(requestClaim.getClaimType())) {
-                    claim.setValue("alice");
+                    if (requestClaim instanceof CustomRequestClaim) {
+                        CustomRequestClaim customClaim = (CustomRequestClaim) requestClaim;
+                        String customName = customClaim.getClaimValue() + "@" + customClaim.getScope();
+                        claim.setValue(customName);
+                    } else {
+                        claim.setValue("alice");
+                    }
                 } else if (ClaimTypes.LASTNAME.equals(requestClaim.getClaimType())) {
                     claim.setValue("doe");
                 } else if (ClaimTypes.EMAILADDRESS.equals(requestClaim.getClaimType())) {
                     claim.setValue("alice@cxf.apache.org");
-                }
+                } else if (ROLE_CLAIM.equals(requestClaim.getClaimType())) {
+                    String requestedRole = requestClaim.getClaimValue();
+                    if (isUserInRole(parameters.getPrincipal(), requestedRole)) {
+                        claim.setValue(requestedRole);
+                    } else {
+                        continue;
+                    }
+                }                
                 claimCollection.add(claim);
             }
             return claimCollection;
@@ -70,5 +88,8 @@ public class CustomClaimsHandler impleme
         return null;
     }
 
+    private boolean isUserInRole(Principal principal, String requestedRole) {
+        return true;
+    }
         
 }

Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java Fri Mar 16 11:05:43 2012
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.sts.operation;
 
+import java.net.URI;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -47,9 +48,11 @@ import org.apache.cxf.sts.claims.ClaimsA
 import org.apache.cxf.sts.claims.ClaimsHandler;
 import org.apache.cxf.sts.claims.ClaimsManager;
 import org.apache.cxf.sts.claims.ClaimsMapper;
+import org.apache.cxf.sts.claims.ClaimsParser;
 import org.apache.cxf.sts.claims.RequestClaim;
 import org.apache.cxf.sts.claims.RequestClaimCollection;
 import org.apache.cxf.sts.common.CustomAttributeProvider;
+import org.apache.cxf.sts.common.CustomClaimParser;
 import org.apache.cxf.sts.common.CustomClaimsHandler;
 import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.request.KeyRequirements;
@@ -90,6 +93,9 @@ public class IssueSamlClaimsUnitTest ext
     public static final QName REQUESTED_SECURITY_TOKEN = 
         QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(null).getName();
     
+    private static final URI ROLE_CLAIM = 
+            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
+    
     /**
      * Test to successfully issue a Saml 1.1 token.
      */
@@ -97,32 +103,11 @@ public class IssueSamlClaimsUnitTest ext
     public void testIssueSaml1Token() throws Exception {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
-        // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<TokenProvider>();
+        addTokenProvider(issueOperation);
         
-        List<AttributeStatementProvider> customProviderList = 
-            new ArrayList<AttributeStatementProvider>();
-        customProviderList.add(new CustomAttributeProvider());
-        SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        addService(issueOperation);
         
-        // Add Service
-        ServiceMBean service = new StaticService();
-        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
-        issueOperation.setServices(Collections.singletonList(service));
-        
-        // Add STSProperties object
-        STSPropertiesMBean stsProperties = new StaticSTSProperties();
-        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
-        stsProperties.setEncryptionCrypto(crypto);
-        stsProperties.setSignatureCrypto(crypto);
-        stsProperties.setEncryptionUsername("myservicekey");
-        stsProperties.setSignatureUsername("mystskey");
-        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
-        stsProperties.setIssuer("STS");
-        issueOperation.setStsProperties(stsProperties);
+        addSTSProperties(issueOperation);
         
         // Set the ClaimsManager
         ClaimsManager claimsManager = new ClaimsManager();
@@ -141,21 +126,10 @@ public class IssueSamlClaimsUnitTest ext
         request.getAny().add(secondaryParameters);
         request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
         
-        // Mock up message context
-        MessageImpl msg = new MessageImpl();
-        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        msgCtx.put(
-            SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
-        );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        WebServiceContextImpl webServiceContext = setupMessageContext();
         
-        // Issue a token
-        RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
-        List<RequestSecurityTokenResponseType> securityTokenResponse = 
-            response.getRequestSecurityTokenResponse();
-        assertTrue(!securityTokenResponse.isEmpty());
+        List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request,
+                webServiceContext);
         
         // Test the generated token.
         Element assertion = null;
@@ -175,6 +149,8 @@ public class IssueSamlClaimsUnitTest ext
         assertTrue(tokenString.contains("alice"));
         assertTrue(tokenString.contains(SAML1Constants.CONF_BEARER));
         assertTrue(tokenString.contains(ClaimTypes.LASTNAME.toString()));
+        assertTrue(tokenString.contains(ROLE_CLAIM.toString()));
+        assertTrue(tokenString.contains("administrator"));
     }
     
     /**
@@ -185,31 +161,13 @@ public class IssueSamlClaimsUnitTest ext
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<TokenProvider>();
-        
-        List<AttributeStatementProvider> customProviderList = 
-            new ArrayList<AttributeStatementProvider>();
-        customProviderList.add(new CustomAttributeProvider());
-        SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        addTokenProvider(issueOperation);
         
         // Add Service
-        ServiceMBean service = new StaticService();
-        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
-        issueOperation.setServices(Collections.singletonList(service));
+        addService(issueOperation);
         
         // Add STSProperties object
-        STSPropertiesMBean stsProperties = new StaticSTSProperties();
-        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
-        stsProperties.setEncryptionCrypto(crypto);
-        stsProperties.setSignatureCrypto(crypto);
-        stsProperties.setEncryptionUsername("myservicekey");
-        stsProperties.setSignatureUsername("mystskey");
-        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
-        stsProperties.setIssuer("STS");
-        issueOperation.setStsProperties(stsProperties);
+        addSTSProperties(issueOperation);
         
         // Set the ClaimsManager
         ClaimsManager claimsManager = new ClaimsManager();
@@ -228,21 +186,10 @@ public class IssueSamlClaimsUnitTest ext
         request.getAny().add(secondaryParameters);
         request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
         
-        // Mock up message context
-        MessageImpl msg = new MessageImpl();
-        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        msgCtx.put(
-            SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
-        );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        WebServiceContextImpl webServiceContext = setupMessageContext();
         
-        // Issue a token
-        RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
-        List<RequestSecurityTokenResponseType> securityTokenResponse = 
-            response.getRequestSecurityTokenResponse();
-        assertTrue(!securityTokenResponse.isEmpty());
+        List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request,
+                webServiceContext);
         
         // Test the generated token.
         Element assertion = null;
@@ -262,33 +209,104 @@ public class IssueSamlClaimsUnitTest ext
         assertTrue(tokenString.contains("alice"));
         assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
         assertTrue(tokenString.contains(ClaimTypes.LASTNAME.toString()));
+        assertTrue(tokenString.contains(ROLE_CLAIM.toString()));
+        assertTrue(tokenString.contains("administrator"));
     }
     
     /**
-     * Test to successfully issue a Saml 1.1 token. The claims information is included as a 
-     * JAXB Element under RequestSecurityToken, rather than as a child of SecondaryParameters.
+     * Test custom claim parser and handler.
      */
     @org.junit.Test
-    public void testIssueJaxbSaml1Token() throws Exception {
+    public void testCustomClaimDialect() throws Exception {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<TokenProvider>();
-        
-        List<AttributeStatementProvider> customProviderList = 
-            new ArrayList<AttributeStatementProvider>();
-        customProviderList.add(new CustomAttributeProvider());
-        SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        addTokenProvider(issueOperation);
         
         // Add Service
-        ServiceMBean service = new StaticService();
-        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
-        issueOperation.setServices(Collections.singletonList(service));
+        addService(issueOperation);
         
         // Add STSProperties object
+        addSTSProperties(issueOperation);
+        
+        // Set the ClaimsManager
+        ClaimsManager claimsManager = new ClaimsManager();
+        ClaimsHandler claimsHandler = new CustomClaimsHandler();
+        ClaimsParser claimsParser = new CustomClaimParser();
+        claimsManager.setClaimParsers(Collections.singletonList(claimsParser));
+        claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
+        issueOperation.setClaimsManager(claimsManager);
+        
+        // Mock up a request
+        RequestSecurityTokenType request = new RequestSecurityTokenType();
+        JAXBElement<String> tokenType = 
+            new JAXBElement<String>(
+                QNameConstants.TOKEN_TYPE, String.class, WSConstants.WSS_SAML2_TOKEN_TYPE
+            );
+        request.getAny().add(tokenType);
+        Element secondaryParameters = createCustomSecondaryParameters();
+        request.getAny().add(secondaryParameters);
+        request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
+        
+        // Mock up message context
+        WebServiceContextImpl webServiceContext = setupMessageContext();
+        
+        // Issue a token
+        List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, 
+                request, webServiceContext);
+        
+        // Test the generated token.
+        Element assertion = null;
+        for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
+            if (tokenObject instanceof JAXBElement<?>
+                && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>)tokenObject).getName())) {
+                RequestedSecurityTokenType rstType = 
+                    (RequestedSecurityTokenType)((JAXBElement<?>)tokenObject).getValue();
+                assertion = (Element)rstType.getAny();
+                break;
+            }
+        }
+        
+        assertNotNull(assertion);
+        String tokenString = DOM2Writer.nodeToString(assertion);
+        assertTrue(tokenString.contains("AttributeStatement"));
+        assertTrue(tokenString.contains("bob@custom"));
+    }
+
+    /**
+     * @param issueOperation
+     * @param request
+     * @param webServiceContext
+     * @return
+     */
+    private List<RequestSecurityTokenResponseType> issueToken(TokenIssueOperation issueOperation,
+            RequestSecurityTokenType request, WebServiceContextImpl webServiceContext) {
+        RequestSecurityTokenResponseCollectionType response = 
+            issueOperation.issue(request, webServiceContext);
+        List<RequestSecurityTokenResponseType> securityTokenResponse = 
+            response.getRequestSecurityTokenResponse();
+        assertTrue(!securityTokenResponse.isEmpty());
+        return securityTokenResponse;
+    }
+
+    /**
+     * @return
+     */
+    private WebServiceContextImpl setupMessageContext() {
+        MessageImpl msg = new MessageImpl();
+        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        msgCtx.put(
+            SecurityContext.class.getName(), 
+            createSecurityContext(new CustomTokenPrincipal("alice"))
+        );
+        return new WebServiceContextImpl(msgCtx);
+    }
+
+    /**
+     * @param issueOperation
+     * @throws WSSecurityException
+     */
+    private void addSTSProperties(TokenIssueOperation issueOperation) throws WSSecurityException {
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
         stsProperties.setEncryptionCrypto(crypto);
@@ -298,6 +316,45 @@ public class IssueSamlClaimsUnitTest ext
         stsProperties.setCallbackHandler(new PasswordCallbackHandler());
         stsProperties.setIssuer("STS");
         issueOperation.setStsProperties(stsProperties);
+    }
+
+    /**
+     * @param issueOperation
+     */
+    private void addService(TokenIssueOperation issueOperation) {
+        ServiceMBean service = new StaticService();
+        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
+        issueOperation.setServices(Collections.singletonList(service));
+    }
+
+    /**
+     * @param issueOperation
+     */
+    private void addTokenProvider(TokenIssueOperation issueOperation) {
+        List<TokenProvider> providerList = new ArrayList<TokenProvider>();
+        
+        List<AttributeStatementProvider> customProviderList = 
+            new ArrayList<AttributeStatementProvider>();
+        customProviderList.add(new CustomAttributeProvider());
+        SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
+        samlTokenProvider.setAttributeStatementProviders(customProviderList);
+        providerList.add(samlTokenProvider);
+        issueOperation.setTokenProviders(providerList);
+    }
+    
+    /**
+     * Test to successfully issue a Saml 1.1 token. The claims information is included as a 
+     * JAXB Element under RequestSecurityToken, rather than as a child of SecondaryParameters.
+     */
+    @org.junit.Test
+    public void testIssueJaxbSaml1Token() throws Exception {
+        TokenIssueOperation issueOperation = new TokenIssueOperation();
+        
+        addTokenProvider(issueOperation);
+        
+        addService(issueOperation);
+        
+        addSTSProperties(issueOperation);
         
         // Set the ClaimsManager
         ClaimsManager claimsManager = new ClaimsManager();
@@ -328,21 +385,10 @@ public class IssueSamlClaimsUnitTest ext
         
         request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
         
-        // Mock up message context
-        MessageImpl msg = new MessageImpl();
-        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        msgCtx.put(
-            SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
-        );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        WebServiceContextImpl webServiceContext = setupMessageContext();
         
-        // Issue a token
-        RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
-        List<RequestSecurityTokenResponseType> securityTokenResponse = 
-            response.getRequestSecurityTokenResponse();
-        assertTrue(!securityTokenResponse.isEmpty());
+        List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request,
+                webServiceContext);
         
         // Test the generated token.
         Element assertion = null;
@@ -370,7 +416,8 @@ public class IssueSamlClaimsUnitTest ext
      * The relationship type between realm A and B is: FederateClaims
      */
     @org.junit.Test
-    public void testIssueSaml2TokenOnBehalfOfSaml2DifferentRealmFederateClaims() throws Exception {
+    public void testIssueSaml2TokenOnBehalfOfSaml2DifferentRealmFederateClaims() 
+        throws Exception {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
         Map<String, SAMLRealm> realms = createSamlRealms();
@@ -393,10 +440,7 @@ public class IssueSamlClaimsUnitTest ext
         validatorList.add(samlTokenValidator);
         issueOperation.setTokenValidators(validatorList);
 
-        // Add Service
-        ServiceMBean service = new StaticService();
-        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
-        issueOperation.setServices(Collections.singletonList(service));
+        addService(issueOperation);
         
         // Add Relationship list
         List<Relationship> relationshipList = new ArrayList<Relationship>();
@@ -469,13 +513,8 @@ public class IssueSamlClaimsUnitTest ext
         msgCtx.put("url", "https");
         WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
-        // run the test
-        RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
-        List<RequestSecurityTokenResponseType> securityTokenResponseList = 
-            response.getRequestSecurityTokenResponse();
-
-        assertTrue(!securityTokenResponseList.isEmpty());       
+        List<RequestSecurityTokenResponseType> securityTokenResponseList = issueToken(issueOperation,
+                request, webServiceContext);       
         RequestSecurityTokenResponseType securityTokenResponse = securityTokenResponseList.get(0);
         
         // Test the generated token.
@@ -489,7 +528,6 @@ public class IssueSamlClaimsUnitTest ext
                 break;
             }
         }
-        
         assertNotNull(assertion);
         String tokenString = DOM2Writer.nodeToString(assertion);
         assertTrue(tokenString.contains("AttributeStatement"));
@@ -547,10 +585,7 @@ public class IssueSamlClaimsUnitTest ext
         validatorList.add(samlTokenValidator);
         issueOperation.setTokenValidators(validatorList);
 
-        // Add Service
-        ServiceMBean service = new StaticService();
-        service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
-        issueOperation.setServices(Collections.singletonList(service));
+        addService(issueOperation);
         
         // Add Relationship list
         List<Relationship> relationshipList = new ArrayList<Relationship>();
@@ -629,13 +664,8 @@ public class IssueSamlClaimsUnitTest ext
         msgCtx.put("url", "https");
         WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
-        // run the test
-        RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
-        List<RequestSecurityTokenResponseType> securityTokenResponseList = 
-            response.getRequestSecurityTokenResponse();
-
-        assertTrue(!securityTokenResponseList.isEmpty());       
+        List<RequestSecurityTokenResponseType> securityTokenResponseList = issueToken(issueOperation,
+                request, webServiceContext);       
         RequestSecurityTokenResponseType securityTokenResponse = securityTokenResponseList.get(0);
         
         // Test the generated token.
@@ -739,8 +769,31 @@ public class IssueSamlClaimsUnitTest ext
         claims.setAttributeNS(null, "Dialect", STSConstants.IDT_NS_05_05);
         
         Element claimType = createClaimsType(doc);
-        
         claims.appendChild(claimType);
+        Element claimValue = createClaimValue(doc);
+        claims.appendChild(claimValue);
+        secondary.appendChild(claims);
+
+        return secondary;
+    }
+    
+    /*
+     * Mock up a SecondaryParameters DOM Element containing a custom claim dialect.
+     */
+    private Element createCustomSecondaryParameters() {
+        Document doc = DOMUtils.createDocument();
+        Element secondary = doc.createElementNS(STSConstants.WST_NS_05_12, "SecondaryParameters");
+        secondary.setAttributeNS(WSConstants.XMLNS_NS, "xmlns", STSConstants.WST_NS_05_12);
+        
+        Element claims = doc.createElementNS(STSConstants.WST_NS_05_12, "Claims");
+        claims.setAttributeNS(null, "Dialect", CustomClaimParser.CLAIMS_DIALECT);
+        
+        Element claim = doc.createElementNS(CustomClaimParser.CLAIMS_DIALECT, "MyElement");
+        claim.setAttributeNS(null, "Uri", ClaimTypes.FIRSTNAME.toString());
+        claim.setAttributeNS(null, "value", "bob");
+        claim.setAttributeNS(null, "scope", "custom");
+        
+        claims.appendChild(claim);
         secondary.appendChild(claims);
 
         return secondary;
@@ -756,6 +809,16 @@ public class IssueSamlClaimsUnitTest ext
         return claimType;
     }
     
+    private Element createClaimValue(Document doc) {
+        Element claimValue = doc.createElementNS(STSConstants.IDT_NS_05_05, "ClaimValue");
+        claimValue.setAttributeNS(null, "Uri", ROLE_CLAIM.toString());
+        claimValue.setAttributeNS(WSConstants.XMLNS_NS, "xmlns", STSConstants.IDT_NS_05_05);
+        Element value = doc.createElementNS(STSConstants.IDT_NS_05_05, "Value");
+        value.setTextContent("administrator");
+        claimValue.appendChild(value);
+        return claimValue;
+    }
+    
     private Map<String, SAMLRealm> createSamlRealms() {
         // Create Realms
         Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();

Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java?rev=1301434&r1=1301433&r2=1301434&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java Fri Mar 16 11:05:43 2012
@@ -147,7 +147,7 @@ public class RequestParserUnitTest exten
         resultsList.add(new WSHandlerResult("actor", engineResultList));
         msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
         
-        parser.parseRequest(request, wsContext, null);
+        parser.parseRequest(request, wsContext, null, null);
         
         SCTCanceller sctCanceller = new SCTCanceller();
         assertTrue(sctCanceller.canHandleToken(parser.getTokenRequirements().getCancelTarget()));
@@ -178,7 +178,7 @@ public class RequestParserUnitTest exten
         resultsList.add(new WSHandlerResult("actor", engineResultList));
         msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
         
-        parser.parseRequest(request, wsContext, null);
+        parser.parseRequest(request, wsContext, null, null);
         
         SCTValidator sctValidator = new SCTValidator();
         assertTrue(sctValidator.canHandleToken(parser.getTokenRequirements().getValidateTarget()));
@@ -210,7 +210,7 @@ public class RequestParserUnitTest exten
         resultsList.add(new WSHandlerResult("actor", engineResultList));
         msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
         
-        parser.parseRequest(request, wsContext, null);
+        parser.parseRequest(request, wsContext, null, null);
         
         assertNotNull(parser.getKeyRequirements().getReceivedKey().getX509Cert());
     }



Mime
View raw message