private void createConfigFile(
String issuer,
String nameQualifier,
String ksType,
String ksFile,
String ksPassword,
String privKeyAlias,
String privKeyPassword,
String certAlias)
throws IOException {
String SSO_CONFIG_FILE = "/WEB-INF/guanxi_idp/config/idp.xml";
String KEYSTORE_KEY_TYPE = "dsa";
IdpDocument idpDoc = null;
try {
idpDoc = IdpDocument.Factory.parse(new File(servletContext.getRealPath(SSO_CONFIG_FILE)));
} catch (XmlException xe) {
logger.error("Can't create config file", xe);
return;
}
IdpDocument.Idp idp = idpDoc.getIdp();
idp.getServiceProviderArray(0).setIdentity("exampleIdentity");
idp.getServiceProviderArray(0).setCreds("exampleCreds");
idp.getServiceProviderArray(0).setName("REPLACE_WITH_PROVIDER_ID_OF_SERVICE_PROVIDER");
idp.getIdentityArray(0).setName("exampleIdentity");
idp.getIdentityArray(0).setNameQualifier(nameQualifier);
idp.getIdentityArray(0).setIssuer(issuer);
idp.getCredsArray(0).setName("exampleCreds");
idp.getCredsArray(0).setKeystoreType("jks");
idp.getCredsArray(0).setKeyType(ksType);
idp.getCredsArray(0).setKeystoreFile(ksFile);
idp.getCredsArray(0).setKeystorePassword(ksPassword);
idp.getCredsArray(0).setPrivateKeyAlias(privKeyAlias);
idp.getCredsArray(0).setPrivateKeyPassword(privKeyPassword);
idp.getCredsArray(0).setCertificateAlias(certAlias);
idp.getCredsArray(0).setKeyType(KEYSTORE_KEY_TYPE);
XmlOptions xmlOptions = new XmlOptions();
xmlOptions.setSavePrettyPrint();
xmlOptions.setSavePrettyPrintIndent(2);
xmlOptions.setUseDefaultNamespace();
idpDoc.save(new File(servletContext.getRealPath(SSO_CONFIG_FILE)), xmlOptions);
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG_DOC, idpDoc);
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG, idpDoc.getIdp());
}
/** Initialise the interceptor */
public void init() {
try {
/* If we try to add the BouncyCastle provider but another Guanxi::SP running
* in another webapp in the same container has already done so, then we'll get
* -1 returned from the method, in which case, we should leave unloading of the
* provider to the particular Guanxi::SP that loaded it.
*/
if ((Security.addProvider(new BouncyCastleProvider())) != -1) {
// We've loaded it, so we should unload it
okToUnloadBCProvider = true;
}
IdpDocument configDoc =
IdpDocument.Factory.parse(new File(servletContext.getRealPath(configFile)));
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG_DOC, configDoc);
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG, configDoc.getIdp());
// Sort out the cookie's age
int cookieAge = -1;
String cookieMaxAge = configDoc.getIdp().getCookie().getAge().getStringValue();
String cookieAgeUnits = configDoc.getIdp().getCookie().getAge().getUnits().toString();
if (cookieAgeUnits.equals("seconds")) cookieAge = Integer.parseInt(cookieMaxAge);
else if (cookieAgeUnits.equals("minutes")) cookieAge = Integer.parseInt(cookieMaxAge) * 60;
else if (cookieAgeUnits.equals("hours")) cookieAge = Integer.parseInt(cookieMaxAge) * 3600;
else if (cookieAgeUnits.equals("days")) cookieAge = Integer.parseInt(cookieMaxAge) * 86400;
else if (cookieAgeUnits.equals("weeks")) cookieAge = Integer.parseInt(cookieMaxAge) * 604800;
else if (cookieAgeUnits.equals("months"))
cookieAge = Integer.parseInt(cookieMaxAge) * 2419200;
else if (cookieAgeUnits.equals("years"))
cookieAge = Integer.parseInt(cookieMaxAge) * 29030400;
else if (cookieAgeUnits.equals("transient")) cookieAge = -1;
String cookieDomain =
(configDoc.getIdp().getCookie().getDomain() == null)
? ""
: configDoc.getIdp().getCookie().getDomain();
// Register the IdP's ID and cookie details in case we're embedded
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_ID, configDoc.getIdp().getID());
servletContext.setAttribute(
Guanxi.CONTEXT_ATTR_IDP_COOKIE_PREFIX, configDoc.getIdp().getCookie().getPrefix());
servletContext.setAttribute(
Guanxi.CONTEXT_ATTR_IDP_COOKIE_NAME,
configDoc.getIdp().getCookie().getPrefix() + configDoc.getIdp().getID());
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_DOMAIN, cookieDomain);
servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_AGE, new Integer(cookieAge));
setup();
startJobs();
} catch (Exception e) {
}
}