cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/5] cxf-fediz git commit: Remove some WS-Federation specifics from the SAML SSO Web Flow
Date Fri, 18 Mar 2016 17:06:35 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master ee79fdd1b -> cb89526b5


Remove some WS-Federation specifics from the SAML SSO Web Flow


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/86c268b4
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/86c268b4
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/86c268b4

Branch: refs/heads/master
Commit: 86c268b4fda611801968cfeb8d64f8cacc1fae74
Parents: ee79fdd
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Mar 18 10:56:05 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Mar 18 10:56:05 2016 +0000

----------------------------------------------------------------------
 .../webapp/WEB-INF/flows/saml-signin-request.xml    | 16 ++++++++--------
 .../webapp/WEB-INF/flows/saml-validate-request.xml  | 10 ++++------
 2 files changed, 12 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/86c268b4/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
index 61610e3..f706f0a 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
@@ -27,24 +27,24 @@
     <input name="SAMLRequest" />
     <input name="RelayState" />
 
-    <decision-state id="checkWauthTypeSupported">
+    <decision-state id="signInEntryPoint">
         <on-entry>
             <!-- Here, home realm is guaranteed to be THIS realm -->
-            <set name="flowScope.whr" value="flowScope.idpConfig.realm" />
+            <set name="flowScope.homerealm" value="flowScope.idpConfig.realm" />
         </on-entry>
         <if test="flowScope.idpConfig.getAuthenticationURIs() == null"
             then="viewBadRequest" />
         <!-- check presence of cached IDP token for THIS realm -->
-        <if test="externalContext.sessionMap[flowScope.whr] == null"
+        <if test="externalContext.sessionMap[flowScope.homerealm] == null"
             then="cacheSecurityToken" else="checkTokenExpiry" />
     </decision-state>
 
     <action-state id="checkTokenExpiry">
         <evaluate
-            expression="idpTokenExpiredAction.isTokenExpired(flowScope.whr, flowRequestContext)"
/>
+            expression="idpTokenExpiredAction.isTokenExpired(flowScope.homerealm, flowRequestContext)"
/>
         <transition on="yes" to="redirectToLocalIDP" />
         <transition on="no" to="requestRpToken">
-            <set name="flowScope.idpToken" value="externalContext.sessionMap[whr]" />
+            <set name="flowScope.idpToken" value="externalContext.sessionMap[flowScope.homerealm]"
/>
         </transition>
         <transition on-exception="java.lang.Throwable" to="viewBadRequest" />
     </action-state>
@@ -53,14 +53,14 @@
         <on-entry>
             <evaluate expression="logoutAction.submit(flowRequestContext)" />
         </on-entry>
-        <output name="whr" value="flowScope.whr" />
+        <output name="homerealm" value="flowScope.homerealm" />
     </end-state>
 
     <action-state id="cacheSecurityToken">
         <secured attributes="IS_AUTHENTICATED_FULLY" />
         <evaluate expression="cacheSecurityToken.submit(flowRequestContext)" />
         <transition to="requestRpToken">
-            <set name="flowScope.idpToken" value="externalContext.sessionMap[whr]" />
+            <set name="flowScope.idpToken" value="externalContext.sessionMap[flowScope.homerealm]"
/>
         </transition>
     </action-state>
 
@@ -68,7 +68,7 @@
 
     <!-- normal exit point -->
     <end-state id="requestRpToken">
-        <output name="whr" value="flowScope.whr" />
+        <output name="homerealm" value="flowScope.homerealm" />
         <output name="idpToken" value="flowScope.idpToken" />
     </end-state>
 

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/86c268b4/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
index 4a2667c..df7db44 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
@@ -45,19 +45,17 @@
         <input name="SAMLRequest" value="flowScope.SAMLRequest" />
         <input name="RelayState" value="flowScope.RelayState" />
 
-        <output name="whr" />
+        <output name="homerealm" />
         <output name="idpToken" />
         <output name="trusted_idp_context" />
 
         <transition on="requestRpToken" to="requestRpToken">
-            <set name="flowScope.whr" value="currentEvent.attributes.whr" />
+            <set name="flowScope.homerealm" value="currentEvent.attributes.homerealm"
/>
             <set name="flowScope.idpToken" value="currentEvent.attributes.idpToken" />
         </transition>
         <transition on="viewBadRequest" to="viewBadRequest" />
         <transition on="scInternalServerError" to="scInternalServerError" />
-        <transition on="redirectToLocalIDP" to="redirectToLocalIDP">
-            <set name="flowScope.wctx" value="currentEvent.attributes.wctx" />
-        </transition>
+        <transition on="redirectToLocalIDP" to="redirectToLocalIDP" />
     </subflow-state>
     
     <!-- produce RP security token (as String type) -->
@@ -65,7 +63,7 @@
         <on-entry>
             <evaluate expression="authnRequestParser.retrieveRealm(flowRequestContext)"

                       result="flowScope.realm"/>
-            <evaluate expression="stsClientForRpAction.submit(flowRequestContext, flowScope.realm,
flowScope.whr)"
+            <evaluate expression="stsClientForRpAction.submit(flowRequestContext, flowScope.realm,
flowScope.homerealm)"
                       result="flowScope.rpToken"/>
             <evaluate expression="authnRequestParser.retrieveConsumerURL(flowRequestContext)"

                       result="flowScope.consumerURL"/>


Mime
View raw message