cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Add a separate way of configuring the RACS
Date Thu, 16 Apr 2015 16:34:45 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 4146fe4d8 -> a3fc169cf


Add a separate way of configuring the RACS


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a3fc169c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a3fc169c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a3fc169c

Branch: refs/heads/3.0.x-fixes
Commit: a3fc169cf49ed90069cc995e1729ab1a6de5c017
Parents: 4146fe4
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Apr 16 17:34:01 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Apr 16 17:34:38 2015 +0100

----------------------------------------------------------------------
 .../rs/security/saml/sso/MetadataService.java   | 22 +++++++++++++++-----
 .../rs/security/saml/sso/MetadataWriter.java    |  9 ++++----
 .../jaxrs/security/samlsso/metadata-server.xml  |  2 ++
 3 files changed, 24 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a3fc169c/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
index 266518b..63619c3 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.rs.security.saml.sso;
 
-import java.net.URI;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import java.util.ResourceBundle;
@@ -46,6 +45,7 @@ public class MetadataService extends AbstractSSOSpHandler {
     protected static final ResourceBundle BUNDLE = BundleUtils.getBundle(MetadataService.class);
     
     private String serviceAddress;
+    private String assertionConsumerServiceAddress;
     private String logoutServiceAddress;
     private boolean addEndpointAddressToContext;
     
@@ -90,15 +90,17 @@ public class MetadataService extends AbstractSSOSpHandler {
             
             if (addEndpointAddressToContext) {
                 Message message = JAXRSUtils.getCurrentMessage();
-                String httpBasePath = (String)message.get("http.base.path");
-                String rawPath = URI.create(httpBasePath).getRawPath();
+                String rawPath = (String)message.get("http.base.path");
                 return metadataWriter.getMetaData(rawPath + serviceAddress, 
+                                                  rawPath + assertionConsumerServiceAddress,

                                                   rawPath + logoutServiceAddress, 
                                                   privateKey, issuerCerts[0], 
                                                   true);
             } else {
-                return metadataWriter.getMetaData(serviceAddress, logoutServiceAddress, privateKey,
issuerCerts[0], 
-                                              true);
+                return metadataWriter.getMetaData(serviceAddress, assertionConsumerServiceAddress,
+                                                  logoutServiceAddress, 
+                                                  privateKey, issuerCerts[0], 
+                                                  true);
             }
         } catch (Exception ex) {
             LOG.log(Level.FINE, ex.getMessage(), ex);
@@ -132,4 +134,14 @@ public class MetadataService extends AbstractSSOSpHandler {
     public void setAddEndpointAddressToContext(boolean add) {
         addEndpointAddressToContext = add;
     }
+
+
+    public String getAssertionConsumerServiceAddress() {
+        return assertionConsumerServiceAddress;
+    }
+
+
+    public void setAssertionConsumerServiceAddress(String assertionConsumerServiceAddress)
{
+        this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/a3fc169c/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
index 27c8d10..9bb1f16 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
@@ -73,6 +73,7 @@ public class MetadataWriter {
     //CHECKSTYLE:OFF
     public Document getMetaData(
         String serviceURL,
+        String assertionConsumerServiceURL,
         String logoutURL,
         Key signingKey,
         X509Certificate signingCert,
@@ -95,7 +96,7 @@ public class MetadataWriter {
         writer.writeNamespace("wsa", SSOConstants.WS_ADDRESSING_NS);
         writer.writeNamespace("xsi", SSOConstants.SCHEMA_INSTANCE_NS);
 
-        writeSAMLMetadata(writer, serviceURL, logoutURL, signingCert, wantRequestsSigned);
+        writeSAMLMetadata(writer, assertionConsumerServiceURL, logoutURL, signingCert, wantRequestsSigned);
 
         writer.writeEndElement(); // EntityDescriptor
 
@@ -121,7 +122,7 @@ public class MetadataWriter {
     
     private void writeSAMLMetadata(
         XMLStreamWriter writer, 
-        String serviceURL,
+        String assertionConsumerServiceURL,
         String logoutURL,
         X509Certificate signingCert,
         boolean wantRequestsSigned
@@ -142,14 +143,14 @@ public class MetadataWriter {
         }
         
         writer.writeStartElement("md", "AssertionConsumerService", SSOConstants.SAML2_METADATA_NS);
-        writer.writeAttribute("Location", serviceURL);
+        writer.writeAttribute("Location", assertionConsumerServiceURL);
         writer.writeAttribute("index", "0");
         writer.writeAttribute("isDefault", "true");
         writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
         writer.writeEndElement(); // AssertionConsumerService
         
         writer.writeStartElement("md", "AssertionConsumerService", SSOConstants.SAML2_METADATA_NS);
-        writer.writeAttribute("Location", serviceURL);
+        writer.writeAttribute("Location", assertionConsumerServiceURL);
         writer.writeAttribute("index", "1");
         writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-REDIRECT");
         writer.writeEndElement(); // AssertionConsumerService

http://git-wip-us.apache.org/repos/asf/cxf/blob/a3fc169c/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
index 4560069..e130b3c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/samlsso/metadata-server.xml
@@ -41,6 +41,8 @@ under the License.
     <bean id="metadataBean" class="org.apache.cxf.rs.security.saml.sso.MetadataService">
        <property name="serviceAddress" 
                  value="https://localhost:${testutil.ports.jaxrs-saml}/saml-roles"/>
+       <property name="assertionConsumerServiceAddress" 
+                 value="https://localhost:${testutil.ports.jaxrs-saml}/saml-roles"/>
        <property name="logoutServiceAddress" 
                  value="https://localhost:${testutil.ports.jaxrs-saml}/sso/logout"/>
        <property name="signatureUsername" value="alice"/>


Mime
View raw message