[xgws-dev] CVS Update: codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization
Liang Fang
xgws-dev_at_extreme.indiana.edu
Thu Feb 2 21:00:01 2006
lifang 06/02/02 20:58:58
Modified: xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization
CapConstants.java Capability.java
CapabilityAuthorizer.java CapabilityEnforcer.java
CapabilityQuery.java CapabilityRequest.java
CapabilityUtil.java
Log:
changes due to opensaml upgrade
Revision Changes Path
1.8 +5 -1 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapConstants.java
Index: CapConstants.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapConstants.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -b -t -w -r1.7 -r1.8
--- CapConstants.java 30 Apr 2005 22:14:10 -0000 1.7
+++ CapConstants.java 3 Feb 2006 01:58:58 -0000 1.8
@@ -2,7 +2,7 @@
* Constants.java
*
* @author Liang Fang lifang_at_cs.indiana.edu
- * $Id: CapConstants.java,v 1.7 2005/04/30 22:14:10 lifang Exp $
+ * $Id: CapConstants.java,v 1.8 2006/02/03 01:58:58 lifang Exp $
*/
package xsul.dsig.saml.authorization;
@@ -21,6 +21,10 @@
public static final String DENY = SAMLDecision.DENY;
public static final String PERMIT = SAMLDecision.PERMIT;
+ public static final String CAP_NAMEIDENTIFIER_FORMAT =
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+ public static final String CAP_NAMEQUALIFIER = "subjectNS";
+
public static final String INDETERMINATE = SAMLDecision.INDETERMINATE;
public static final String SUCCESS = SAMLException.SUCCESS.toString();
public static final String REQUESTDENIED = XML.SAMLP_NS + ":" + "RequestDenied";
1.25 +7 -3 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/Capability.java
Index: Capability.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/Capability.java,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -b -t -w -r1.24 -r1.25
--- Capability.java 29 Apr 2005 21:30:55 -0000 1.24
+++ Capability.java 3 Feb 2006 01:58:58 -0000 1.25
@@ -14,7 +14,7 @@
*
* @author Liang Fang [lifang_at_cs.indiana.edu]
* @created December 16, 2003
- * $Id: Capability.java,v 1.24 2005/04/29 21:30:55 lifang Exp $
+ * $Id: Capability.java,v 1.25 2006/02/03 01:58:58 lifang Exp $
*/
package xsul.dsig.saml.authorization;
@@ -43,6 +43,7 @@
import org.opensaml.SAMLAudienceRestrictionCondition;
import org.opensaml.SAMLAuthorizationDecisionStatement;
import org.opensaml.SAMLException;
+import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLSubject;
import xsul.MLogger;
import xsul.XsulException;
@@ -96,7 +97,7 @@
throw new CapabilityException("illegal SAML statement");
if(authorst != null) {
SAMLSubject subj = authorst.getSubject();
- String uname = subj.getName();
+ String uname = subj.getNameIdentifier().getName();
users.add(uname);
this.resource = authorst.getResource();
}
@@ -547,7 +548,10 @@
// make AuthorizationDecisionStatement
String[] confirmationMethods = {SAMLSubject.CONF_BEARER};
SAMLSubject subject =
- new SAMLSubject(_username, null, null, Arrays.asList(confirmationMethods), null, null);
+ new SAMLSubject(new SAMLNameIdentifier(
+ _username, CapConstants.CAP_NAMEQUALIFIER,
+ CapConstants.CAP_NAMEIDENTIFIER_FORMAT),
+ Arrays.asList(confirmationMethods), null, null);
SAMLAuthorizationDecisionStatement sad =
new SAMLAuthorizationDecisionStatement((SAMLSubject)subject.clone(),
_ePR,
1.19 +2 -2 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityAuthorizer.java
Index: CapabilityAuthorizer.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityAuthorizer.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -b -t -w -r1.18 -r1.19
--- CapabilityAuthorizer.java 6 May 2005 14:36:20 -0000 1.18
+++ CapabilityAuthorizer.java 3 Feb 2006 01:58:58 -0000 1.19
@@ -3,7 +3,7 @@
* policy in the capability token.
*
* @author Liang Fang lifang_at_cs.indiana.edu
- * $Id: CapabilityAuthorizer.java,v 1.18 2005/05/06 14:36:20 lifang Exp $
+ * $Id: CapabilityAuthorizer.java,v 1.19 2006/02/03 01:58:58 lifang Exp $
*/
@@ -318,7 +318,7 @@
private void checkUserSubject(SAMLAuthorizationDecisionStatement authorst,
String principal)
throws CapabilityException {
- String name = authorst.getSubject().getName();
+ String name = authorst.getSubject().getNameIdentifier().getName();
logger.finest("subject name: " + name);
if(!CapabilityUtil.compareSubjects(principal, name)) {
logger.finest("principal name: " + principal);
1.18 +2 -2 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityEnforcer.java
Index: CapabilityEnforcer.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityEnforcer.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -b -t -w -r1.17 -r1.18
--- CapabilityEnforcer.java 9 Mar 2005 02:56:35 -0000 1.17
+++ CapabilityEnforcer.java 3 Feb 2006 01:58:58 -0000 1.18
@@ -36,7 +36,7 @@
* user's side.
*
* @author Liang Fang [lifang_at_cs.indiana.edu]
- * $Id: CapabilityEnforcer.java,v 1.17 2005/03/09 02:56:35 lifang Exp $
+ * $Id: CapabilityEnforcer.java,v 1.18 2006/02/03 01:58:58 lifang Exp $
*/
public class CapabilityEnforcer
{
@@ -125,7 +125,7 @@
(SAMLAuthorizationDecisionStatement)o;
logger.finest("type SAMLAuthorizationDecisionStatement");
SAMLSubject sub = authorst.getSubject();
- String namequal = sub.getName();
+ String namequal = sub.getNameIdentifier().getName();
logger.finest("name qual: " + namequal);
if(namequal.equals(subject))
{
1.7 +93 -89 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityQuery.java
Index: CapabilityQuery.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityQuery.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -t -w -r1.6 -r1.7
--- CapabilityQuery.java 16 Mar 2004 03:35:12 -0000 1.6
+++ CapabilityQuery.java 3 Feb 2006 01:58:58 -0000 1.7
@@ -7,13 +7,13 @@
package xsul.dsig.saml.authorization;
import java.util.Arrays;
-import java.util.Collection;
-import java.util.Vector;
import java.util.Iterator;
+import java.util.Vector;
import org.opensaml.SAMLAction;
-import org.opensaml.SAMLSubject;
-import org.opensaml.SAMLQuery;
import org.opensaml.SAMLAuthorizationDecisionQuery;
+import org.opensaml.SAMLNameIdentifier;
+import org.opensaml.SAMLQuery;
+import org.opensaml.SAMLSubject;
public class CapabilityQuery
{
@@ -35,7 +35,11 @@
throws Exception
{
String[] confirmationMethods = {SAMLSubject.CONF_BEARER};
- SAMLSubject sub = new SAMLSubject(subject, null, null, Arrays.asList(confirmationMethods), null, null);
+ SAMLSubject sub =
+ new SAMLSubject(new SAMLNameIdentifier(
+ subject, CapConstants.CAP_NAMEQUALIFIER,
+ CapConstants.CAP_NAMEIDENTIFIER_FORMAT),
+ Arrays.asList(confirmationMethods), null, null);
Vector samlactions = new Vector(actions.length);
for(int i = 0;i < actions.length;i++)
samlactions.add(new SAMLAction(nspace, actions[i]));
1.8 +3 -3 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityRequest.java
Index: CapabilityRequest.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityRequest.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -b -t -w -r1.7 -r1.8
--- CapabilityRequest.java 7 Mar 2005 00:54:09 -0000 1.7
+++ CapabilityRequest.java 3 Feb 2006 01:58:58 -0000 1.8
@@ -85,7 +85,7 @@
public CapabilityRequest(CapabilityQuery capquery)
throws Exception {
try {
- request = new SAMLRequest(null, capquery.getQuery(), null, null);
+ request = new SAMLRequest(capquery.getQuery());
issuer = capquery.getSubject();
resource = capquery.getResource();
1.16 +6 -2 codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityUtil.java
Index: CapabilityUtil.java
===================================================================
RCS file: /l/extreme/cvs/codes/xsul/java/modules/dsig_globus_opensaml/xsul/dsig/saml/authorization/CapabilityUtil.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -b -t -w -r1.15 -r1.16
--- CapabilityUtil.java 30 Nov 2005 21:13:06 -0000 1.15
+++ CapabilityUtil.java 3 Feb 2006 01:58:58 -0000 1.16
@@ -3,7 +3,7 @@
*
* @author Liang Fang lifang_at_cs.indiana.edu
* @created December 17, 2003
- * $Id: CapabilityUtil.java,v 1.15 2005/11/30 21:13:06 lifang Exp $
+ * $Id: CapabilityUtil.java,v 1.16 2006/02/03 01:58:58 lifang Exp $
*/
package xsul.dsig.saml.authorization;
@@ -34,6 +34,7 @@
import org.opensaml.SAMLAudienceRestrictionCondition;
import org.opensaml.SAMLAuthorizationDecisionStatement;
import org.opensaml.SAMLException;
+import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLStatement;
import org.opensaml.SAMLSubject;
import org.w3c.dom.Node;
@@ -238,7 +239,10 @@
// make AuthorizationDecisionStatement
String[] confirmationMethods = {SAMLSubject.CONF_BEARER};
SAMLSubject subject =
- new SAMLSubject(_username, null, null, Arrays.asList(confirmationMethods), null, null);
+ new SAMLSubject(new SAMLNameIdentifier(
+ _username, CapConstants.CAP_NAMEQUALIFIER,
+ CapConstants.CAP_NAMEIDENTIFIER_FORMAT),
+ Arrays.asList(confirmationMethods), null, null);
SAMLAuthorizationDecisionStatement sad =
new SAMLAuthorizationDecisionStatement((SAMLSubject)subject.clone(),
_ePR,