Beispiel #1
0
  private void createConfigFile(
      String issuer,
      String nameQualifier,
      String ksType,
      String ksFile,
      String ksPassword,
      String privKeyAlias,
      String privKeyPassword,
      String certAlias)
      throws IOException {

    String SSO_CONFIG_FILE = "/WEB-INF/guanxi_idp/config/idp.xml";
    String KEYSTORE_KEY_TYPE = "dsa";

    IdpDocument idpDoc = null;
    try {
      idpDoc = IdpDocument.Factory.parse(new File(servletContext.getRealPath(SSO_CONFIG_FILE)));
    } catch (XmlException xe) {
      logger.error("Can't create config file", xe);
      return;
    }

    IdpDocument.Idp idp = idpDoc.getIdp();

    idp.getServiceProviderArray(0).setIdentity("exampleIdentity");
    idp.getServiceProviderArray(0).setCreds("exampleCreds");
    idp.getServiceProviderArray(0).setName("REPLACE_WITH_PROVIDER_ID_OF_SERVICE_PROVIDER");

    idp.getIdentityArray(0).setName("exampleIdentity");
    idp.getIdentityArray(0).setNameQualifier(nameQualifier);
    idp.getIdentityArray(0).setIssuer(issuer);

    idp.getCredsArray(0).setName("exampleCreds");
    idp.getCredsArray(0).setKeystoreType("jks");
    idp.getCredsArray(0).setKeyType(ksType);
    idp.getCredsArray(0).setKeystoreFile(ksFile);
    idp.getCredsArray(0).setKeystorePassword(ksPassword);
    idp.getCredsArray(0).setPrivateKeyAlias(privKeyAlias);
    idp.getCredsArray(0).setPrivateKeyPassword(privKeyPassword);
    idp.getCredsArray(0).setCertificateAlias(certAlias);
    idp.getCredsArray(0).setKeyType(KEYSTORE_KEY_TYPE);

    XmlOptions xmlOptions = new XmlOptions();
    xmlOptions.setSavePrettyPrint();
    xmlOptions.setSavePrettyPrintIndent(2);
    xmlOptions.setUseDefaultNamespace();

    idpDoc.save(new File(servletContext.getRealPath(SSO_CONFIG_FILE)), xmlOptions);

    servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG_DOC, idpDoc);
    servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG, idpDoc.getIdp());
  }
Beispiel #2
0
  /** Initialise the interceptor */
  public void init() {
    try {
      /* If we try to add the BouncyCastle provider but another Guanxi::SP running
       * in another webapp in the same container has already done so, then we'll get
       * -1 returned from the method, in which case, we should leave unloading of the
       * provider to the particular Guanxi::SP that loaded it.
       */
      if ((Security.addProvider(new BouncyCastleProvider())) != -1) {
        // We've loaded it, so we should unload it
        okToUnloadBCProvider = true;
      }

      IdpDocument configDoc =
          IdpDocument.Factory.parse(new File(servletContext.getRealPath(configFile)));
      servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG_DOC, configDoc);
      servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG, configDoc.getIdp());

      // Sort out the cookie's age
      int cookieAge = -1;
      String cookieMaxAge = configDoc.getIdp().getCookie().getAge().getStringValue();
      String cookieAgeUnits = configDoc.getIdp().getCookie().getAge().getUnits().toString();
      if (cookieAgeUnits.equals("seconds")) cookieAge = Integer.parseInt(cookieMaxAge);
      else if (cookieAgeUnits.equals("minutes")) cookieAge = Integer.parseInt(cookieMaxAge) * 60;
      else if (cookieAgeUnits.equals("hours")) cookieAge = Integer.parseInt(cookieMaxAge) * 3600;
      else if (cookieAgeUnits.equals("days")) cookieAge = Integer.parseInt(cookieMaxAge) * 86400;
      else if (cookieAgeUnits.equals("weeks")) cookieAge = Integer.parseInt(cookieMaxAge) * 604800;
      else if (cookieAgeUnits.equals("months"))
        cookieAge = Integer.parseInt(cookieMaxAge) * 2419200;
      else if (cookieAgeUnits.equals("years"))
        cookieAge = Integer.parseInt(cookieMaxAge) * 29030400;
      else if (cookieAgeUnits.equals("transient")) cookieAge = -1;

      String cookieDomain =
          (configDoc.getIdp().getCookie().getDomain() == null)
              ? ""
              : configDoc.getIdp().getCookie().getDomain();

      // Register the IdP's ID and cookie details in case we're embedded
      servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_ID, configDoc.getIdp().getID());
      servletContext.setAttribute(
          Guanxi.CONTEXT_ATTR_IDP_COOKIE_PREFIX, configDoc.getIdp().getCookie().getPrefix());
      servletContext.setAttribute(
          Guanxi.CONTEXT_ATTR_IDP_COOKIE_NAME,
          configDoc.getIdp().getCookie().getPrefix() + configDoc.getIdp().getID());
      servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_DOMAIN, cookieDomain);
      servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_AGE, new Integer(cookieAge));

      setup();

      startJobs();
    } catch (Exception e) {
    }
  }