cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1329945 [1/4] - in /cxf/sandbox/fediz: fediz-core/.settings/ fediz-core/src/main/java/org/apache/cxf/fediz/core/ fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ fediz-core/src/main/java/org/apache/cxf/fediz/core/exception/ fediz...
Date Tue, 24 Apr 2012 19:03:41 GMT
Author: owulff
Date: Tue Apr 24 19:03:39 2012
New Revision: 1329945

URL: http://svn.apache.org/viewvc?rev=1329945&view=rev
Log:
[CXF-4264] Applied fix from Juerg. Thanks. Some minor fixes and refactoring

Added:
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationPrincipal.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ObjectFactory.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ProtocolType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/TrustManagersType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuers.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ValidationType.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/exception/
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/spi/
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java
    cxf/sandbox/fediz/fediz-core/src/main/resources/
    cxf/sandbox/fediz/fediz-core/src/main/resources/configFile.xsd
    cxf/sandbox/fediz/fediz-core/src/main/resources/schemas/
    cxf/sandbox/fediz/fediz-core/src/test/java/org/apache/cxf/fediz/core/config/
    cxf/sandbox/fediz/fediz-core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
    cxf/sandbox/fediz/fediz-core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
    cxf/sandbox/fediz/fediz-core/src/test/resources/fediz_test_config.xml
    cxf/sandbox/fediz/fediz-core/src/test/resources/fediz_test_config2.xml
Removed:
    cxf/sandbox/fediz/fediz-core/.settings/
    cxf/sandbox/fediz/fediz-idp-sts/.settings/
    cxf/sandbox/fediz/fediz-tomcat-example/.settings/
    cxf/sandbox/fediz/fediz-tomcat/.settings/
    cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationPrincipal.java
Modified:
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/ClaimTypes.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessor.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/TokenValidator.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/saml/CertConstraintsParser.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/util/DOMUtils.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java
    cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/util/XMLUtils.java
    cxf/sandbox/fediz/fediz-core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
    cxf/sandbox/fediz/fediz-examples/webapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
    cxf/sandbox/fediz/fediz-idp/src/main/webapp/WEB-INF/web.xml
    cxf/sandbox/fediz/fediz-tomcat-example/pom.xml
    cxf/sandbox/fediz/fediz-tomcat-example/src/main/java/org/apache/cxf/fediz/example/FederationFilter.java
    cxf/sandbox/fediz/fediz-tomcat-example/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
    cxf/sandbox/fediz/fediz-tomcat-example/src/main/java/org/apache/cxf/fediz/example/SecurityTokenThreadLocal.java
    cxf/sandbox/fediz/fediz-tomcat-example/src/main/webapp/META-INF/context.xml
    cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java

Modified: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/ClaimTypes.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/ClaimTypes.java?rev=1329945&r1=1329944&r2=1329945&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/ClaimTypes.java (original)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/ClaimTypes.java Tue Apr 24 19:03:39 2012
@@ -30,23 +30,23 @@ public interface ClaimTypes {
      * http://docs.oasis-open.org/imi/identity/v1.0/os/identity-1.0-spec-os.pdf
      */
     public static final URI URI_BASE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims");
+
     /**
      * (givenName in [RFC 2256]) Preferred name or first name of a Subject.
      * According to RFC 2256: This attribute is used to hold the part of a person's name 
      * which is not their surname nor middle name.
      */
     public static final URI FIRSTNAME = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname");
+
     /**
      * (sn in [RFC 2256]) Surname or family name of a Subject.
      * According to RFC 2256: This is the X.500 surname attribute which contains the family name of a person.
      */
     public static final URI LASTNAME = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname");    
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname");    
+
     /**
      * (mail in inetOrgPerson) Preferred address for the "To:" field of email
      * to be sent to the Subject, usually of the form <user>@<domain>.
@@ -54,88 +54,88 @@ public interface ClaimTypes {
      * an electronic mailbox attribute following the syntax specified in RFC 822.
      */
     public static final URI EMAILADDRESS = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress");    
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress");    
+
     /**
      * (street in [RFC 2256]) Street address component of a Subject‟s address information.
      * According to RFC 2256: This attribute contains the physical address of the object
      * to which the entry corresponds, such as an address for package delivery.
      */
     public static final URI STREETADDRESS = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress");    
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress");    
+
     /**
      * (/ in [RFC 2256]) Locality component of a Subject's address information.
      * According to RFC 2256: This attribute contains the name of a locality, such as a city, county or other geographic region.
      */
     public static final URI LOCALITY = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality"); 
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality"); 
+
     /**
      * (st in [RFC 2256]) Abbreviation for state or province name of a Subject's address information.
      * According to RFC 2256: “This attribute contains the full name of a state or province.
      * The values SHOULD be coordinated on a national level and if well-known shortcuts exist.
      */
     public static final URI STATE_PROVINCE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince");    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince");    
 
     /**
      * (postalCode in X.500) Postal code or zip code component of a Subject's address information.
      * According to X.500(2001): The postal code attribute type specifies the postal code of the named object.
      */
     public static final URI POSTALCODE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode");
+
     /**
      * (c in [RFC 2256]) Country of a Subject.
      * According to RFC 2256: This attribute contains a two-letter ISO 3166 country code.
      */
     public static final URI COUNTRY = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country");
+
     /**
      * (homePhone in inetOrgPerson) Primary or home telephone number of a Subject.
      * According to inetOrgPerson using [RFC 1274]: This attribute type specifies a home telephone number associated with a person.
      */
     public static final URI HOMEPHONE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone");
+
     /**
      * (telephoneNumber in X.500 Person) Secondary or work telephone number of a Subject.
      * According to X.500(2001): This attribute type specifies an office/campus telephone number associated with a person.
      */
     public static final URI OTHERPHONE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone");    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone");    
 
     /**
      * (mobile in inetOrgPerson) Mobile telephone number of a Subject.
      * According to inetOrgPerson using [RFC 1274]: This attribute type specifies a mobile telephone number associated with a person.
      */
     public static final URI MOBILEPHONE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone");
+
     /**
      * The date of birth of a Subject in a form allowed by the xs:date data type.
      */
     public static final URI DATEOFBIRTH = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth");
+
     /**
      * Gender of a Subject that can have any of these exact URI values
      *   '0' (meaning unspecified), '1' (meaning Male) or '2' (meaning Female)
      */
     public static final URI GENDER = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender");
+
     /**
      * A private personal identifier (PPID) that identifies the Subject to a Relying Party.
      */
     public static final URI PRIVATE_PERSONAL_IDENTIFIER = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier");
-    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier");
+
     /**
      * The Web page of a Subject expressed as a URL.
      */
     public static final URI WEB_PAGE = 
-            URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage");    
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage");    
 }

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationPrincipal.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationPrincipal.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationPrincipal.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationPrincipal.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//[TODO] Should it be a Subject instead of Principal (tomcat uses a prinicpal in GenericPrinicpial)
+
+package org.apache.cxf.fediz.core;
+
+import java.security.Principal;
+
+public interface FederationPrincipal extends Principal {
+
+    public ClaimCollection getClaims();
+
+}
+
+/*
+public class FederationPrincipal implements Principal {
+
+    protected String username = null;
+    protected List<String> roles = null;
+    protected ClaimCollection claims = null;
+
+    public FederationPrincipal(String username) {
+        this(username, null, null);
+    }
+
+    public FederationPrincipal(String username, List<String> roles) {
+        this(username, roles, null);
+    }
+
+    public FederationPrincipal(String username, List<String> roles,
+            ClaimCollection claims) {
+        this.username = username;
+        this.roles = roles;
+        this.claims = claims;
+    }
+
+    @Override
+    public String getName() {
+        return this.username;
+    }
+
+    public List<String> getRoles() {
+        return Collections.unmodifiableList(this.roles);
+    }
+
+    public ClaimCollection getClaims() {
+        return this.claims;
+    }
+
+}*/

Modified: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessor.java?rev=1329945&r1=1329944&r2=1329945&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessor.java (original)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessor.java Tue Apr 24 19:03:39 2012
@@ -17,8 +17,14 @@
 
 package org.apache.cxf.fediz.core;
 
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.cxf.fediz.core.config.FederationContext;
+
 public interface FederationProcessor {
 
-    public FederationResponse processRequest(FederationRequest request, FederationConfiguration config);
+    public FederationResponse processRequest(FederationRequest request, FederationContext config);
+    
+    public String createSignInRequest(HttpServletRequest request, FederationContext config);
 
 }

Modified: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1329945&r1=1329944&r2=1329945&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java (original)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java Tue Apr 24 19:03:39 2012
@@ -19,13 +19,18 @@ package org.apache.cxf.fediz.core;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.net.URL;
+import java.net.URLEncoder;
 import java.text.DateFormat;
 import java.text.ParseException;
 import java.util.Calendar;
 import java.util.Date;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.xml.parsers.ParserConfigurationException;
 
+import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FederationProtocolType;
 import org.apache.cxf.fediz.core.saml.SAMLTokenValidator;
 import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.ws.security.WSConstants;
@@ -38,15 +43,15 @@ import org.xml.sax.SAXException;
 
 public class FederationProcessorImpl implements FederationProcessor {
 
-    private static final Logger LOG = LoggerFactory.getLogger(FederationProcessorImpl.class);
-
+    private static final Logger LOG = LoggerFactory
+    .getLogger(FederationProcessorImpl.class);
 
     private String namespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
 
     private TokenReplayCache<String> replayCache = null;
 
     /**
-     * Default constructor 
+     * Default constructor
      */
 
     public FederationProcessorImpl() {
@@ -54,10 +59,11 @@ public class FederationProcessorImpl imp
         replayCache = TokenReplayCacheInMemory.getInstance();
     }
 
-
     /**
      * 
-     * @param replayCache plugable token cache allowing to provide a replicated cache to be used in clustered scenarios 
+     * @param replayCache
+     *            plugable token cache allowing to provide a replicated cache to
+     *            be used in clustered scenarios
      */
 
     public FederationProcessorImpl(TokenReplayCache<String> replayCache) {
@@ -65,20 +71,18 @@ public class FederationProcessorImpl imp
         this.replayCache = replayCache;
     }
 
-
-
     @Override
-    public FederationResponse processRequest(FederationRequest request, FederationConfiguration config) {
+    public FederationResponse processRequest(FederationRequest request,
+            FederationContext config) {
         FederationResponse response = null;
-
         if (request.getWa().equals(FederationConstants.ACTION_SIGNIN)) {
             response = this.processSignInRequest(request, config);
         }
-
         return response;
     }
 
-    protected FederationResponse processSignInRequest(FederationRequest request, FederationConfiguration config) {
+    protected FederationResponse processSignInRequest(
+            FederationRequest request, FederationContext config) {
 
         byte[] wresult = request.getWresult().getBytes();
 
@@ -99,13 +103,12 @@ public class FederationProcessorImpl imp
             return null;
         }
 
-
-
         if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
             el = DOMUtils.getFirstElement(el);
         }
         if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
-            throw new RuntimeException("Unexpected element " + el.getLocalName());
+            throw new RuntimeException("Unexpected element "
+                    + el.getLocalName());
         }
         el = DOMUtils.getFirstElement(el);
         Element rst = null;
@@ -127,7 +130,9 @@ public class FederationProcessorImpl imp
         }
         if (LOG.isDebugEnabled()) {
             LOG.debug("RST: " + rst.toString());
-            LOG.debug("Lifetime: " + ((lifetimeElem != null) ? lifetimeElem.toString() : "null"));
+            LOG.debug("Lifetime: "
+                    + ((lifetimeElem != null) ? lifetimeElem.toString()
+                            : "null"));
             LOG.debug("Tokentype: " + ((tt != null) ? tt.toString() : "null"));
         }
 
@@ -138,69 +143,64 @@ public class FederationProcessorImpl imp
 
         if (config.isDetectExpiredTokens() && lifeTime != null) {
             Calendar cal = Calendar.getInstance();
-            if ( cal.getTime().after(lifeTime.getExpires()) ) {
+            if (cal.getTime().after(lifeTime.getExpires())) {
                 LOG.warn("Token already expired");
             }
 
-            if ( cal.getTime().before(lifeTime.getCreated())) {
+            if (cal.getTime().before(lifeTime.getCreated())) {
                 LOG.warn("Token not yet valid");
-                //[TODO] Add Check clocksqew
+                // [TODO] Add Check clocksqew
             }
         }
 
-        //[TODO] Exception: TokenExpiredException, TokenInvalidException, TokenCachedException
+        // [TODO] Exception: TokenExpiredException, TokenInvalidException,
+        // TokenCachedException
 
-        //[TODO] Flexible tokenvalidator selection, based on class list
+        // [TODO] Flexible tokenvalidator selection, based on class list
         SAMLTokenValidator validator = new SAMLTokenValidator();
-        TokenValidatorResponse response = validator.validateAndProcessToken(rst, config);
+        TokenValidatorResponse response = validator.validateAndProcessToken(
+                rst, config);
 
-
-        //Check whether token already used for signin
-        if (response.getUniqueTokenId() != null && config.isDetectReplayedTokens()) {
-            // Check whether token has already been processed once, prevent replay attack
+        // Check whether token already used for signin
+        if (response.getUniqueTokenId() != null
+                && config.isDetectReplayedTokens()) {
+            // Check whether token has already been processed once, prevent
+            // replay attack
 
             if (replayCache.getId(response.getUniqueTokenId()) == null) {
                 // not cached
                 replayCache.putId(response.getUniqueTokenId());
-            }
-            else {
-                LOG.error("Replay attack with token id: " +response.getUniqueTokenId());
-                throw new RuntimeException("Replay attack with token id: " +response.getUniqueTokenId());
+            } else {
+                LOG.error("Replay attack with token id: "
+                        + response.getUniqueTokenId());
+                throw new RuntimeException("Replay attack with token id: "
+                        + response.getUniqueTokenId());
             }
         }
 
         // [TODO] Token, WeakReference, SoftReference???
-        FederationResponse fedResponse = new FederationResponse(response.getUsername(),
-                                                                response.getIssuer(),
-                                                                response.getRoles(),
-                                                                response.getClaims(),
-                                                                response.getAudience(),
-                                                                (lifeTime != null) ? lifeTime.getCreated() : null,
-                                                                    (lifeTime != null) ? lifeTime.getExpires() : null,
-                                                                        rst,
-                                                                        response.getUniqueTokenId());
+        FederationResponse fedResponse = new FederationResponse(
+                response.getUsername(), response.getIssuer(),
+                response.getRoles(), response.getClaims(),
+                response.getAudience(),
+                (lifeTime != null) ? lifeTime.getCreated() : null,
+                        (lifeTime != null) ? lifeTime.getExpires() : null, rst,
+                                response.getUniqueTokenId());
 
         return fedResponse;
     }
 
-
-
-
     private LifeTime processLifeTime(Element lifetimeElem) {
-        //[TODO] Get rid of WSS4J dependency
+        // [TODO] Get rid of WSS4J dependency
         try {
-            Element createdElem = 
-                DOMUtils.getFirstChildWithName(lifetimeElem,
-                                               WSConstants.WSU_NS,
-                                               WSConstants.CREATED_LN);
+            Element createdElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+                    WSConstants.WSU_NS, WSConstants.CREATED_LN);
             DateFormat zulu = new XmlSchemaDateFormat();
 
             Date created = zulu.parse(DOMUtils.getContent(createdElem));
 
-            Element expiresElem = 
-                DOMUtils.getFirstChildWithName(lifetimeElem,
-                                               WSConstants.WSU_NS,
-                                               WSConstants.EXPIRES_LN);
+            Element expiresElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+                    WSConstants.WSU_NS, WSConstants.EXPIRES_LN);
             Date expires = zulu.parse(DOMUtils.getContent(expiresElem));
 
             return new LifeTime(created, expires);
@@ -216,7 +216,6 @@ public class FederationProcessorImpl imp
         private Date created;
         private Date expires;
 
-
         public LifeTime(Date created, Date expires) {
             this.created = created;
             this.expires = expires;
@@ -232,4 +231,95 @@ public class FederationProcessorImpl imp
 
     }
 
+    @Override
+    public String createSignInRequest(HttpServletRequest request,
+            FederationContext config) {
+
+        String redirectURL = null;
+        //        if (this.getIssuerCallbackHandler() != null) {
+        //            org.apache.cxf.fediz.core.spi.IDPCallback callback = new org.apache.cxf.fediz.core.spi.IDPCallback(
+        //                    request);
+        //            try {
+        //                this.getIssuerCallbackHandler().handle(
+        //                        new Callback[] { callback });
+        //                redirectURL = callback.getIssuerUrl().toString();
+        //                String trustedIssuer = callback.getTrustedIssuer();
+        //                if (trustedIssuer != null && trustedIssuer.length() > 0) {
+        //                    request.getSessionInternal().setNote(TRUSTED_ISSUER,
+        //                            trustedIssuer);
+        //                }
+        //            } catch (Exception ex) {
+        //                log.error("Failed to handle callback: " + ex.getMessage());
+        //            }
+        //        } 
+        try
+        {
+            String issuerURL = ((FederationProtocolType) config.getProtocol()).getIssuer();
+            if (issuerURL != null && issuerURL.length() > 0) {
+                redirectURL = issuerURL;
+            }
+            LOG.info("Issuer url: " + redirectURL);
+
+            StringBuilder sb = new StringBuilder();
+
+            sb.append(FederationConstants.PARAM_ACTION).append('=')
+            .append(FederationConstants.ACTION_SIGNIN);
+
+            sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
+            sb.append(URLEncoder
+                    .encode(request.getRequestURL().toString(), "UTF-8"));
+
+            String realm = null;
+            String contextPath = request.getContextPath();
+            String requestUrl = request.getRequestURL().toString();
+            String requestPath = new URL(requestUrl).getPath();
+
+            // Cut request path of request url and add context path if not ROOT
+            if (requestPath != null && requestPath.length() > 0) {
+                int lastIndex = requestUrl.lastIndexOf(requestPath);
+                realm = requestUrl.substring(0, lastIndex);
+            } else {
+                realm = requestUrl;
+            }
+            if (contextPath != null && contextPath.length() > 0) {
+                // contextPath contains starting slash
+                realm = realm + contextPath + "/";
+            } else {
+                realm = realm + "/";
+            }
+            LOG.debug("wtrealm=" + realm);
+
+            StringBuffer realmSb = new StringBuffer(request.getScheme());
+            realmSb.append("://").append(request.getServerName()).append(":")
+            .append(request.getServerPort())
+            .append(request.getContextPath());
+            sb.append('&').append(FederationConstants.PARAM_TREALM).append('=')
+            .append(URLEncoder.encode(realm, "UTF-8"));
+            redirectURL = redirectURL + "?" + sb.toString();
+        } catch (Exception ex) {
+            LOG.error("Failed to create SignInRequest", ex);
+            return null;
+        }
+        // [TODO] Current time, wct
+
+        // if (false) {
+        // sb.append("&");
+        // sb.append("wfresh=jjjj");
+        // }
+        // if (false) {
+        // sb.append("&");
+        // sb.append("wauth=jjjj");
+        // }
+        // if (false) {
+        // sb.append("&");wct
+        // sb.append("wreq=jjjj");
+        // }
+        // if (false) {
+        // sb.append("&");
+        // sb.append("wct=").append("jjjj");
+        // }
+        return redirectURL;
+    }
+
+
 }

Modified: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/TokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/TokenValidator.java?rev=1329945&r1=1329944&r2=1329945&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/TokenValidator.java (original)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/TokenValidator.java Tue Apr 24 19:03:39 2012
@@ -17,6 +17,7 @@
 
 package org.apache.cxf.fediz.core;
 
+import org.apache.cxf.fediz.core.config.FederationContext;
 import org.w3c.dom.Element;
 
 public interface TokenValidator {
@@ -38,5 +39,5 @@ public interface TokenValidator {
     /**
      * Validate a Token using the given Element and Configuration.
      */
-    TokenValidatorResponse validateAndProcessToken(Element token, FederationConfiguration config);
+    TokenValidatorResponse validateAndProcessToken(Element token, FederationContext config);
 }

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,59 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlEnum;
+import javax.xml.bind.annotation.XmlEnumValue;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for argumentType.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * <p>
+ * 
+ * <pre>
+ * &lt;simpleType name="argumentType">
+ *   &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string">
+ *     &lt;enumeration value="Class"/>
+ *     &lt;enumeration value="String"/>
+ *   &lt;/restriction>
+ * &lt;/simpleType>
+ * </pre>
+ * 
+ */
+@XmlType(name = "argumentType")
+@XmlEnum
+public enum ArgumentType {
+
+    @XmlEnumValue("Class")
+    CLASS("Class"), @XmlEnumValue("String")
+    STRING("String");
+    private final String value;
+
+    ArgumentType(String v) {
+        value = v;
+    }
+
+    public String value() {
+        return value;
+    }
+
+    public static ArgumentType fromValue(String v) {
+        for (ArgumentType c : ArgumentType.values()) {
+            if (c.value.equals(v)) {
+                return c;
+            }
+        }
+        throw new IllegalArgumentException(v);
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,79 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlSchemaType;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;sequence maxOccurs="unbounded">
+ *         &lt;element ref="{}audienceItem"/>
+ *       &lt;/sequence>
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "", propOrder = { "audienceItem" })
+@XmlRootElement(name = "audienceUris")
+public class AudienceUris {
+
+    @XmlElement(required = true)
+    @XmlSchemaType(name = "anyURI")
+    protected List<String> audienceItem;
+
+    /**
+     * Gets the value of the audienceItem property.
+     * 
+     * <p>
+     * This accessor method returns a reference to the live list, not a
+     * snapshot. Therefore any modification you make to the returned list will
+     * be present inside the JAXB object. This is why there is not a
+     * <CODE>set</CODE> method for the audienceItem property.
+     * 
+     * <p>
+     * For example, to add a new item, do as follows:
+     * 
+     * <pre>
+     * getAudienceItem().add(newItem);
+     * </pre>
+     * 
+     * 
+     * <p>
+     * Objects of the following type(s) are allowed in the list {@link String }
+     * 
+     * 
+     */
+    public List<String> getAudienceItem() {
+        if (audienceItem == null) {
+            audienceItem = new ArrayList<String>();
+        }
+        return this.audienceItem;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,89 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;attribute name="type" use="required" type="{}argumentType" />
+ *       &lt;attribute name="value" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "")
+@XmlRootElement(name = "authenticationType")
+public class AuthenticationType {
+
+    @XmlAttribute(name = "type", required = true)
+    protected ArgumentType type;
+    @XmlAttribute(name = "value", required = true)
+    protected String value;
+
+    /**
+     * Gets the value of the type property.
+     * 
+     * @return possible object is {@link ArgumentType }
+     * 
+     */
+    public ArgumentType getType() {
+        return type;
+    }
+
+    /**
+     * Sets the value of the type property.
+     * 
+     * @param value
+     *            allowed object is {@link ArgumentType }
+     * 
+     */
+    public void setType(ArgumentType value) {
+        this.type = value;
+    }
+
+    /**
+     * Gets the value of the value property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getValue() {
+        return value;
+    }
+
+    /**
+     * Sets the value of the value property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,119 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * 
+ * A CertStoreType represents a catenated sequence of X.509 certificates, in PEM
+ * or DER format. The "url", "file", and "resource" attributes are intended to
+ * be mutually exclusive, though this assumption is not encoded in schema. The
+ * precedence order observed by the runtime is 1) "file", 2) "resource", and 3)
+ * "url".
+ * 
+ * 
+ * <p>
+ * Java class for CertStoreType complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType name="CertStoreType">
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;attribute name="file" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="resource" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="url" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "CertStoreType")
+public class CertStoreType {
+
+    @XmlAttribute(name = "file")
+    protected String file;
+    @XmlAttribute(name = "resource")
+    protected String resource;
+    @XmlAttribute(name = "url")
+    protected String url;
+
+    /**
+     * Gets the value of the file property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getFile() {
+        return file;
+    }
+
+    /**
+     * Sets the value of the file property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setFile(String value) {
+        this.file = value;
+    }
+
+    /**
+     * Gets the value of the resource property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getResource() {
+        return resource;
+    }
+
+    /**
+     * Sets the value of the resource property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setResource(String value) {
+        this.resource = value;
+    }
+
+    /**
+     * Gets the value of the url property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getUrl() {
+        return url;
+    }
+
+    /**
+     * Sets the value of the url property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setUrl(String value) {
+        this.url = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,84 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;attribute name="optional" use="required" type="{}optionalType" />
+ *       &lt;attribute name="type" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "")
+@XmlRootElement(name = "claimType")
+public class ClaimType {
+
+    @XmlAttribute(name = "optional", required = true)
+    protected boolean optional;
+    @XmlAttribute(name = "type", required = true)
+    protected String type;
+
+    /**
+     * Gets the value of the optional property.
+     * 
+     */
+    public boolean isOptional() {
+        return optional;
+    }
+
+    /**
+     * Sets the value of the optional property.
+     * 
+     */
+    public void setOptional(boolean value) {
+        this.optional = value;
+    }
+
+    /**
+     * Gets the value of the type property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getType() {
+        return type;
+    }
+
+    /**
+     * Sets the value of the type property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setType(String value) {
+        this.type = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,78 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.26 at 04:14:11 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;sequence maxOccurs="unbounded">
+ *         &lt;element ref="{}claimType"/>
+ *       &lt;/sequence>
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "", propOrder = { "claimType" })
+@XmlRootElement(name = "claimTypeRequested")
+public class ClaimTypeRequested {
+
+    @XmlElement(required = true)
+    protected List<ClaimType> claimType;
+
+    /**
+     * Gets the value of the claimType property.
+     * 
+     * <p>
+     * This accessor method returns a reference to the live list, not a
+     * snapshot. Therefore any modification you make to the returned list will
+     * be present inside the JAXB object. This is why there is not a
+     * <CODE>set</CODE> method for the claimType property.
+     * 
+     * <p>
+     * For example, to add a new item, do as follows:
+     * 
+     * <pre>
+     * getClaimType().add(newItem);
+     * </pre>
+     * 
+     * 
+     * <p>
+     * Objects of the following type(s) are allowed in the list
+     * {@link ClaimType }
+     * 
+     * 
+     */
+    public List<ClaimType> getClaimType() {
+        if (claimType == null) {
+            claimType = new ArrayList<ClaimType>();
+        }
+        return this.claimType;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,78 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;sequence maxOccurs="unbounded">
+ *         &lt;element ref="{}claimType"/>
+ *       &lt;/sequence>
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "", propOrder = { "claimType" })
+@XmlRootElement(name = "claimTypesRequested")
+public class ClaimTypesRequested {
+
+    @XmlElement(required = true)
+    protected List<ClaimType> claimType;
+
+    /**
+     * Gets the value of the claimType property.
+     * 
+     * <p>
+     * This accessor method returns a reference to the live list, not a
+     * snapshot. Therefore any modification you make to the returned list will
+     * be present inside the JAXB object. This is why there is not a
+     * <CODE>set</CODE> method for the claimType property.
+     * 
+     * <p>
+     * For example, to add a new item, do as follows:
+     * 
+     * <pre>
+     * getClaimType().add(newItem);
+     * </pre>
+     * 
+     * 
+     * <p>
+     * Objects of the following type(s) are allowed in the list
+     * {@link ClaimType }
+     * 
+     * 
+     */
+    public List<ClaimType> getClaimType() {
+        if (claimType == null) {
+            claimType = new ArrayList<ClaimType>();
+        }
+        return this.claimType;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,214 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.math.BigInteger;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;sequence>
+ *         &lt;element ref="{}audienceUris"/>
+ *         &lt;element ref="{}certificateValidation"/>
+ *         &lt;element ref="{}trustedIssuers"/>
+ *         &lt;element ref="{}maximumClockSkew"/>
+ *         &lt;element ref="{}serviceCertificate"/>
+ *         &lt;element ref="{}protocol"/>
+ *       &lt;/sequence>
+ *       &lt;attribute name="name" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "", propOrder = { "audienceUris", "certificateValidation",
+        "trustedIssuers", "maximumClockSkew", "serviceCertificate", "protocol" })
+@XmlRootElement(name = "contextConfig")
+public class ContextConfig {
+
+    @XmlElement(required = true)
+    protected AudienceUris audienceUris;
+    @XmlElement(required = true)
+    protected ValidationType certificateValidation;
+    @XmlElement(required = true)
+    protected TrustedIssuers trustedIssuers;
+    @XmlElement(required = true)
+    protected BigInteger maximumClockSkew;
+    @XmlElement(required = true)
+    protected TrustManagersType serviceCertificate;
+    @XmlElement(required = true)
+    protected ProtocolType protocol;
+    @XmlAttribute(name = "name", required = true)
+    protected String name;
+
+    /**
+     * Gets the value of the audienceUris property.
+     * 
+     * @return possible object is {@link AudienceUris }
+     * 
+     */
+    public AudienceUris getAudienceUris() {
+        return audienceUris;
+    }
+
+    /**
+     * Sets the value of the audienceUris property.
+     * 
+     * @param value
+     *            allowed object is {@link AudienceUris }
+     * 
+     */
+    public void setAudienceUris(AudienceUris value) {
+        this.audienceUris = value;
+    }
+
+    /**
+     * Gets the value of the certificateValidation property.
+     * 
+     * @return possible object is {@link ValidationType }
+     * 
+     */
+    public ValidationType getCertificateValidation() {
+        return certificateValidation;
+    }
+
+    /**
+     * Sets the value of the certificateValidation property.
+     * 
+     * @param value
+     *            allowed object is {@link ValidationType }
+     * 
+     */
+    public void setCertificateValidation(ValidationType value) {
+        this.certificateValidation = value;
+    }
+
+    /**
+     * Gets the value of the trustedIssuers property.
+     * 
+     * @return possible object is {@link TrustedIssuers }
+     * 
+     */
+    public TrustedIssuers getTrustedIssuers() {
+        return trustedIssuers;
+    }
+
+    /**
+     * Sets the value of the trustedIssuers property.
+     * 
+     * @param value
+     *            allowed object is {@link TrustedIssuers }
+     * 
+     */
+    public void setTrustedIssuers(TrustedIssuers value) {
+        this.trustedIssuers = value;
+    }
+
+    /**
+     * Gets the value of the maximumClockSkew property.
+     * 
+     * @return possible object is {@link BigInteger }
+     * 
+     */
+    public BigInteger getMaximumClockSkew() {
+        return maximumClockSkew;
+    }
+
+    /**
+     * Sets the value of the maximumClockSkew property.
+     * 
+     * @param value
+     *            allowed object is {@link BigInteger }
+     * 
+     */
+    public void setMaximumClockSkew(BigInteger value) {
+        this.maximumClockSkew = value;
+    }
+
+    /**
+     * Gets the value of the serviceCertificate property.
+     * 
+     * @return possible object is {@link TrustManagersType }
+     * 
+     */
+    public TrustManagersType getServiceCertificate() {
+        return serviceCertificate;
+    }
+
+    /**
+     * Sets the value of the serviceCertificate property.
+     * 
+     * @param value
+     *            allowed object is {@link TrustManagersType }
+     * 
+     */
+    public void setServiceCertificate(TrustManagersType value) {
+        this.serviceCertificate = value;
+    }
+
+    /**
+     * Gets the value of the protocol property.
+     * 
+     * @return possible object is {@link ProtocolType }
+     * 
+     */
+    public ProtocolType getProtocol() {
+        return protocol;
+    }
+
+    /**
+     * Sets the value of the protocol property.
+     * 
+     * @param value
+     *            allowed object is {@link ProtocolType }
+     * 
+     */
+    public void setProtocol(ProtocolType value) {
+        this.protocol = value;
+    }
+
+    /**
+     * Gets the value of the name property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * Sets the value of the name property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setName(String value) {
+        this.name = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.io.File;
+import java.io.Reader;
+import java.io.Writer;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+
+public class FederationConfigurator {
+
+    private FedizConfig rootConfig = null;
+
+    private JAXBContext jaxbContext = null;
+
+    public FedizConfig loadConfig(File f) throws JAXBException {
+        rootConfig = (FedizConfig) getJaxbContext().createUnmarshaller()
+                .unmarshal(f);
+        return rootConfig;
+    }
+
+    public FedizConfig loadConfig(Reader reader) throws JAXBException {
+        rootConfig = (FedizConfig) getJaxbContext().createUnmarshaller()
+                .unmarshal(reader);
+        return rootConfig;
+    }
+
+    public void saveConfiguration(File f) throws JAXBException {
+        if (f.canWrite()) {
+            jaxbContext.createMarshaller().marshal(rootConfig, f);
+        }
+    }
+
+    public void saveConfiguration(Writer writer) throws JAXBException {
+        jaxbContext.createMarshaller().marshal(rootConfig, writer);
+    }
+
+    private JAXBContext getJaxbContext() throws JAXBException {
+        if (jaxbContext == null) {
+            jaxbContext = JAXBContext.newInstance(FedizConfig.class);
+        }
+        return jaxbContext;
+    }
+
+    public FederationContext getFederationContext(String contextName) {
+        ContextConfig config = getContextConfig(contextName);
+        if (config == null) {
+            return null;
+        }
+        return new FederationContext(config);
+    }
+
+    public ContextConfig getContextConfig(String contextName)
+            throws IllegalArgumentException {
+        if (contextName == null || contextName.isEmpty()) {
+            throw new IllegalArgumentException("Invalid Context Name '" + contextName + "'");
+        }
+        if (rootConfig == null) {
+            throw new IllegalArgumentException("No configuration loaded");
+        }
+
+        for (ContextConfig config : rootConfig.getContextConfig()) {
+            if (contextName.equals(config.getName())) {
+                return config;
+            }
+        }
+        return null;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,156 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.cxf.fediz.core.exception.IllegalConfigurationException;
+
+public class FederationContext {
+
+    private ContextConfig config = null;
+
+    private boolean detectExpiredTokens = true;
+    private boolean detectReplayedTokens = true;
+
+    public FederationContext(ContextConfig config) {
+        this.config = config;
+    }
+
+    public List<String> getAudienceUris() {
+        return config.getAudienceUris().getAudienceItem();
+    }
+
+    public ValidationType getCertificateValidation() {
+        return config.getCertificateValidation();
+    }
+
+    public TrustedIssuers getTrustedIssuers() {
+        return config.getTrustedIssuers();
+    }
+
+    public BigInteger getMaximumClockSkew() {
+        return config.getMaximumClockSkew();
+    }
+
+    public TrustManagersType getServiceCertificate() {
+        return config.getServiceCertificate();
+    }
+
+    public ProtocolType getProtocol() {
+        return config.getProtocol();
+    }
+
+    public String getName() {
+        return config.getName();
+    }
+
+    /**
+     * helpers to support existing testcases
+     */
+
+    public boolean isDetectExpiredTokens() {
+        return detectExpiredTokens;
+    }
+
+    public void setDetectExpiredTokens(boolean detectExpiredTokens) {
+        this.detectExpiredTokens = detectExpiredTokens;
+    }
+
+    public boolean isDetectReplayedTokens() {
+        return detectReplayedTokens;
+    }
+
+    public void setDetectReplayedTokens(boolean detectReplayedTokens) {
+        this.detectReplayedTokens = detectReplayedTokens;
+    }
+
+    public List<String> getTrustedIssuersNames() {
+        TrustedIssuers issuers = config.getTrustedIssuers();
+        List<String> issuerNames = new ArrayList<String>();
+        if (issuers != null) {
+            for (TrustManagersType t : issuers.getTrustedIssuerItem()) {
+                issuerNames.add(t.getProvider());
+            }
+            return issuerNames;
+        } else {
+            return Collections.<String> emptyList();
+        }
+    }
+
+    public URI getRoleURI() {
+        ProtocolType pt = config.getProtocol();
+        if (pt != null && pt instanceof FederationProtocolType) {
+            try {
+                return new URI(((FederationProtocolType) pt).getRoleURI());
+            } catch (URISyntaxException e) {
+                throw new IllegalConfigurationException("Invalid Role URI", e);
+            }
+        }
+        if (pt != null && !(pt instanceof FederationProtocolType)) {
+            throw new IllegalConfigurationException(
+                    "Unknown Protocoltype, only FederationProtocolType is currently suported");
+        }
+        if (pt == null) {
+            throw new IllegalConfigurationException("Missing ProtocolType");
+        }
+        return null;
+
+    }
+
+    public String getRoleDelimiter() {
+        ProtocolType pt = config.getProtocol();
+        if (pt != null && pt instanceof FederationProtocolType) {
+            return ((FederationProtocolType) pt).getRoleDelimiter();
+        }
+        throw new IllegalConfigurationException(
+                "No FederationProtocolType found");
+    }
+
+    public String getTrustStoreFile() {
+        KeyStoreType storeType = getTrustStore();
+        return storeType.getFile();
+    }
+
+    public String getTrustStorePassword() {
+        KeyStoreType storeType = getTrustStore();
+        return storeType.getPassword();
+    }
+
+    private KeyStoreType getTrustStore() {
+        List<TrustManagersType> managers = config.getTrustedIssuers()
+                .getTrustedIssuerItem();
+        if (managers == null) {
+            throw new IllegalConfigurationException(
+                    "No Trusted Issuers Keystore found");
+        }
+        if (managers.size() > 1) {
+            throw new IllegalConfigurationException(
+                    "Only one Trusted Issuer Keystore supported");
+        }
+        TrustManagersType trustManager = managers.get(0);
+        KeyStoreType storeType = trustManager.getKeyStore();
+        return storeType;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,347 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlSchemaType;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for federationProtocolType complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType name="federationProtocolType">
+ *   &lt;complexContent>
+ *     &lt;extension base="{}protocolType">
+ *       &lt;sequence>
+ *         &lt;element ref="{}realm"/>
+ *         &lt;element ref="{}issuer"/>
+ *         &lt;element ref="{}roleDelimiter"/>
+ *         &lt;element ref="{}roleURI"/>
+ *         &lt;element ref="{}authenticationType"/>
+ *         &lt;element ref="{}homeRealm"/>
+ *         &lt;element ref="{}freshness"/>
+ *         &lt;element ref="{}reply"/>
+ *         &lt;element ref="{}request"/>
+ *         &lt;element ref="{}claimTypesRequested"/>
+ *         &lt;sequence maxOccurs="unbounded">
+ *           &lt;element ref="{}securityTokenValidators"/>
+ *         &lt;/sequence>
+ *       &lt;/sequence>
+ *       &lt;attribute name="version" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/extension>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "federationProtocolType", propOrder = { "realm", "issuer",
+        "roleDelimiter", "roleURI", "authenticationType", "homeRealm",
+        "freshness", "reply", "request", "claimTypesRequested",
+        "securityTokenValidators" })
+public class FederationProtocolType extends ProtocolType {
+
+    @XmlElement(required = true)
+    protected String realm;
+    @XmlElement(required = true)
+    @XmlSchemaType(name = "anyURI")
+    protected String issuer;
+    @XmlElement(required = true)
+    protected String roleDelimiter;
+    @XmlElement(required = true)
+    protected String roleURI;
+    @XmlElement(required = true)
+    protected AuthenticationType authenticationType;
+    @XmlElement(required = true)
+    protected HomeRealm homeRealm;
+    @XmlElement(required = true)
+    protected String freshness;
+    @XmlElement(required = true)
+    protected String reply;
+    @XmlElement(required = true)
+    protected String request;
+    @XmlElement(required = true)
+    protected ClaimTypesRequested claimTypesRequested;
+    @XmlElement(required = true)
+    protected List<String> securityTokenValidators;
+    @XmlAttribute(name = "version", required = true)
+    protected String version;
+
+    /**
+     * Gets the value of the realm property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getRealm() {
+        return realm;
+    }
+
+    /**
+     * Sets the value of the realm property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setRealm(String value) {
+        this.realm = value;
+    }
+
+    /**
+     * Gets the value of the issuer property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getIssuer() {
+        return issuer;
+    }
+
+    /**
+     * Sets the value of the issuer property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setIssuer(String value) {
+        this.issuer = value;
+    }
+
+    /**
+     * Gets the value of the roleDelimiter property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getRoleDelimiter() {
+        return roleDelimiter;
+    }
+
+    /**
+     * Sets the value of the roleDelimiter property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setRoleDelimiter(String value) {
+        this.roleDelimiter = value;
+    }
+
+    /**
+     * Gets the value of the roleURI property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getRoleURI() {
+        return roleURI;
+    }
+
+    /**
+     * Sets the value of the roleURI property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setRoleURI(String value) {
+        this.roleURI = value;
+    }
+
+    /**
+     * Gets the value of the authenticationType property.
+     * 
+     * @return possible object is {@link AuthenticationType }
+     * 
+     */
+    public AuthenticationType getAuthenticationType() {
+        return authenticationType;
+    }
+
+    /**
+     * Sets the value of the authenticationType property.
+     * 
+     * @param value
+     *            allowed object is {@link AuthenticationType }
+     * 
+     */
+    public void setAuthenticationType(AuthenticationType value) {
+        this.authenticationType = value;
+    }
+
+    /**
+     * Gets the value of the homeRealm property.
+     * 
+     * @return possible object is {@link HomeRealm }
+     * 
+     */
+    public HomeRealm getHomeRealm() {
+        return homeRealm;
+    }
+
+    /**
+     * Sets the value of the homeRealm property.
+     * 
+     * @param value
+     *            allowed object is {@link HomeRealm }
+     * 
+     */
+    public void setHomeRealm(HomeRealm value) {
+        this.homeRealm = value;
+    }
+
+    /**
+     * Gets the value of the freshness property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getFreshness() {
+        return freshness;
+    }
+
+    /**
+     * Sets the value of the freshness property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setFreshness(String value) {
+        this.freshness = value;
+    }
+
+    /**
+     * Gets the value of the reply property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getReply() {
+        return reply;
+    }
+
+    /**
+     * Sets the value of the reply property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setReply(String value) {
+        this.reply = value;
+    }
+
+    /**
+     * Gets the value of the request property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getRequest() {
+        return request;
+    }
+
+    /**
+     * Sets the value of the request property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setRequest(String value) {
+        this.request = value;
+    }
+
+    /**
+     * Gets the value of the claimTypesRequested property.
+     * 
+     * @return possible object is {@link ClaimTypesRequested }
+     * 
+     */
+    public ClaimTypesRequested getClaimTypesRequested() {
+        return claimTypesRequested;
+    }
+
+    /**
+     * Sets the value of the claimTypesRequested property.
+     * 
+     * @param value
+     *            allowed object is {@link ClaimTypesRequested }
+     * 
+     */
+    public void setClaimTypesRequested(ClaimTypesRequested value) {
+        this.claimTypesRequested = value;
+    }
+
+    /**
+     * Gets the value of the securityTokenValidators property.
+     * 
+     * <p>
+     * This accessor method returns a reference to the live list, not a
+     * snapshot. Therefore any modification you make to the returned list will
+     * be present inside the JAXB object. This is why there is not a
+     * <CODE>set</CODE> method for the securityTokenValidators property.
+     * 
+     * <p>
+     * For example, to add a new item, do as follows:
+     * 
+     * <pre>
+     * getSecurityTokenValidators().add(newItem);
+     * </pre>
+     * 
+     * 
+     * <p>
+     * Objects of the following type(s) are allowed in the list {@link String }
+     * 
+     * 
+     */
+    public List<String> getSecurityTokenValidators() {
+        if (securityTokenValidators == null) {
+            securityTokenValidators = new ArrayList<String>();
+        }
+        return this.securityTokenValidators;
+    }
+
+    /**
+     * Gets the value of the version property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getVersion() {
+        return version;
+    }
+
+    /**
+     * Sets the value of the version property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setVersion(String value) {
+        this.version = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,78 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;sequence maxOccurs="unbounded">
+ *         &lt;element ref="{}contextConfig"/>
+ *       &lt;/sequence>
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "", propOrder = { "contextConfig" })
+@XmlRootElement(name = "FedizConfig")
+public class FedizConfig {
+
+    @XmlElement(required = true)
+    protected List<ContextConfig> contextConfig;
+
+    /**
+     * Gets the value of the contextConfig property.
+     * 
+     * <p>
+     * This accessor method returns a reference to the live list, not a
+     * snapshot. Therefore any modification you make to the returned list will
+     * be present inside the JAXB object. This is why there is not a
+     * <CODE>set</CODE> method for the contextConfig property.
+     * 
+     * <p>
+     * For example, to add a new item, do as follows:
+     * 
+     * <pre>
+     * getContextConfig().add(newItem);
+     * </pre>
+     * 
+     * 
+     * <p>
+     * Objects of the following type(s) are allowed in the list
+     * {@link ContextConfig }
+     * 
+     * 
+     */
+    public List<ContextConfig> getContextConfig() {
+        if (contextConfig == null) {
+            contextConfig = new ArrayList<ContextConfig>();
+        }
+        return this.contextConfig;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,89 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>
+ * Java class for anonymous complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType>
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;attribute name="type" use="required" type="{}argumentType" />
+ *       &lt;attribute name="value" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "")
+@XmlRootElement(name = "homeRealm")
+public class HomeRealm {
+
+    @XmlAttribute(name = "type", required = true)
+    protected ArgumentType type;
+    @XmlAttribute(name = "value", required = true)
+    protected String value;
+
+    /**
+     * Gets the value of the type property.
+     * 
+     * @return possible object is {@link ArgumentType }
+     * 
+     */
+    public ArgumentType getType() {
+        return type;
+    }
+
+    /**
+     * Sets the value of the type property.
+     * 
+     * @param value
+     *            allowed object is {@link ArgumentType }
+     * 
+     */
+    public void setType(ArgumentType value) {
+        this.type = value;
+    }
+
+    /**
+     * Gets the value of the value property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getValue() {
+        return value;
+    }
+
+    /**
+     * Sets the value of the value property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+}

Added: cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java?rev=1329945&view=auto
==============================================================================
--- cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java (added)
+++ cxf/sandbox/fediz/fediz-core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java Tue Apr 24 19:03:39 2012
@@ -0,0 +1,191 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
+// Any modifications to this file will be lost upon recompilation of the source schema. 
+// Generated on: 2012.03.28 at 02:33:06 PM CEST 
+//
+
+package org.apache.cxf.fediz.core.config;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * 
+ * A KeyStoreType represents the information needed to load a collection of key
+ * and certificate material from a desired location. The "url", "file", and
+ * "resource" attributes are intended to be mutually exclusive, though this
+ * assumption is not encoded in schema. The precedence order observed by the
+ * runtime is 1) "file", 2) "resource", and 3) "url".
+ * 
+ * 
+ * <p>
+ * Java class for KeyStoreType complex type.
+ * 
+ * <p>
+ * The following schema fragment specifies the expected content contained within
+ * this class.
+ * 
+ * <pre>
+ * &lt;complexType name="KeyStoreType">
+ *   &lt;complexContent>
+ *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       &lt;attribute name="type" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="password" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="provider" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="url" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="file" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *       &lt;attribute name="resource" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     &lt;/restriction>
+ *   &lt;/complexContent>
+ * &lt;/complexType>
+ * </pre>
+ * 
+ * 
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "KeyStoreType")
+public class KeyStoreType {
+
+    @XmlAttribute(name = "type")
+    protected String type;
+    @XmlAttribute(name = "password")
+    protected String password;
+    @XmlAttribute(name = "provider")
+    protected String provider;
+    @XmlAttribute(name = "url")
+    protected String url;
+    @XmlAttribute(name = "file")
+    protected String file;
+    @XmlAttribute(name = "resource")
+    protected String resource;
+
+    /**
+     * Gets the value of the type property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getType() {
+        return type;
+    }
+
+    /**
+     * Sets the value of the type property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setType(String value) {
+        this.type = value;
+    }
+
+    /**
+     * Gets the value of the password property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getPassword() {
+        return password;
+    }
+
+    /**
+     * Sets the value of the password property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setPassword(String value) {
+        this.password = value;
+    }
+
+    /**
+     * Gets the value of the provider property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getProvider() {
+        return provider;
+    }
+
+    /**
+     * Sets the value of the provider property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setProvider(String value) {
+        this.provider = value;
+    }
+
+    /**
+     * Gets the value of the url property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getUrl() {
+        return url;
+    }
+
+    /**
+     * Sets the value of the url property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setUrl(String value) {
+        this.url = value;
+    }
+
+    /**
+     * Gets the value of the file property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getFile() {
+        return file;
+    }
+
+    /**
+     * Sets the value of the file property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setFile(String value) {
+        this.file = value;
+    }
+
+    /**
+     * Gets the value of the resource property.
+     * 
+     * @return possible object is {@link String }
+     * 
+     */
+    public String getResource() {
+        return resource;
+    }
+
+    /**
+     * Sets the value of the resource property.
+     * 
+     * @param value
+     *            allowed object is {@link String }
+     * 
+     */
+    public void setResource(String value) {
+        this.resource = value;
+    }
+
+}



Mime
View raw message