Repository: cxf-fediz Updated Branches: refs/heads/master ee79fdd1b -> cb89526b5
Remove some WS-Federation specifics from the SAML SSO Web Flow Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/86c268b4 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/86c268b4 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/86c268b4 Branch: refs/heads/master Commit: 86c268b4fda611801968cfeb8d64f8cacc1fae74 Parents: ee79fdd Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Fri Mar 18 10:56:05 2016 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Fri Mar 18 10:56:05 2016 +0000 ---------------------------------------------------------------------- .../webapp/WEB-INF/flows/saml-signin-request.xml | 16 ++++++++-------- .../webapp/WEB-INF/flows/saml-validate-request.xml | 10 ++++------ 2 files changed, 12 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/86c268b4/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml index 61610e3..f706f0a 100644 --- a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml +++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml @@ -27,24 +27,24 @@ <input name="SAMLRequest" /> <input name="RelayState" /> - <decision-state id="checkWauthTypeSupported"> + <decision-state id="signInEntryPoint"> <on-entry> <!-- Here, home realm is guaranteed to be THIS realm --> - <set name="flowScope.whr" value="flowScope.idpConfig.realm" /> + <set name="flowScope.homerealm" value="flowScope.idpConfig.realm" /> </on-entry> <if test="flowScope.idpConfig.getAuthenticationURIs() == null" then="viewBadRequest" /> <!-- check presence of cached IDP token for THIS realm --> - <if test="externalContext.sessionMap[flowScope.whr] == null" + <if test="externalContext.sessionMap[flowScope.homerealm] == null" then="cacheSecurityToken" else="checkTokenExpiry" /> </decision-state> <action-state id="checkTokenExpiry"> <evaluate - expression="idpTokenExpiredAction.isTokenExpired(flowScope.whr, flowRequestContext)" /> + expression="idpTokenExpiredAction.isTokenExpired(flowScope.homerealm, flowRequestContext)" /> <transition on="yes" to="redirectToLocalIDP" /> <transition on="no" to="requestRpToken"> - <set name="flowScope.idpToken" value="externalContext.sessionMap[whr]" /> + <set name="flowScope.idpToken" value="externalContext.sessionMap[flowScope.homerealm]" /> </transition> <transition on-exception="java.lang.Throwable" to="viewBadRequest" /> </action-state> @@ -53,14 +53,14 @@ <on-entry> <evaluate expression="logoutAction.submit(flowRequestContext)" /> </on-entry> - <output name="whr" value="flowScope.whr" /> + <output name="homerealm" value="flowScope.homerealm" /> </end-state> <action-state id="cacheSecurityToken"> <secured attributes="IS_AUTHENTICATED_FULLY" /> <evaluate expression="cacheSecurityToken.submit(flowRequestContext)" /> <transition to="requestRpToken"> - <set name="flowScope.idpToken" value="externalContext.sessionMap[whr]" /> + <set name="flowScope.idpToken" value="externalContext.sessionMap[flowScope.homerealm]" /> </transition> </action-state> @@ -68,7 +68,7 @@ <!-- normal exit point --> <end-state id="requestRpToken"> - <output name="whr" value="flowScope.whr" /> + <output name="homerealm" value="flowScope.homerealm" /> <output name="idpToken" value="flowScope.idpToken" /> </end-state> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/86c268b4/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml index 4a2667c..df7db44 100644 --- a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml +++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml @@ -45,19 +45,17 @@ <input name="SAMLRequest" value="flowScope.SAMLRequest" /> <input name="RelayState" value="flowScope.RelayState" /> - <output name="whr" /> + <output name="homerealm" /> <output name="idpToken" /> <output name="trusted_idp_context" /> <transition on="requestRpToken" to="requestRpToken"> - <set name="flowScope.whr" value="currentEvent.attributes.whr" /> + <set name="flowScope.homerealm" value="currentEvent.attributes.homerealm" /> <set name="flowScope.idpToken" value="currentEvent.attributes.idpToken" /> </transition> <transition on="viewBadRequest" to="viewBadRequest" /> <transition on="scInternalServerError" to="scInternalServerError" /> - <transition on="redirectToLocalIDP" to="redirectToLocalIDP"> - <set name="flowScope.wctx" value="currentEvent.attributes.wctx" /> - </transition> + <transition on="redirectToLocalIDP" to="redirectToLocalIDP" /> </subflow-state> <!-- produce RP security token (as String type) --> @@ -65,7 +63,7 @@ <on-entry> <evaluate expression="authnRequestParser.retrieveRealm(flowRequestContext)" result="flowScope.realm"/> - <evaluate expression="stsClientForRpAction.submit(flowRequestContext, flowScope.realm, flowScope.whr)" + <evaluate expression="stsClientForRpAction.submit(flowRequestContext, flowScope.realm, flowScope.homerealm)" result="flowScope.rpToken"/> <evaluate expression="authnRequestParser.retrieveConsumerURL(flowRequestContext)" result="flowScope.consumerURL"/>