Partial fix for home realm mapping issue
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f9897e43 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f9897e43 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f9897e43 Branch: refs/heads/master Commit: f9897e43ac19f45c5a32a2491e5cc8cba4acf23c Parents: c802d98 Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Nov 8 13:46:33 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Nov 8 13:46:33 2016 +0000 ---------------------------------------------------------------------- .../src/main/webapp/WEB-INF/cxf-service.xml | 28 +++++++++--------- .../fediz/integrationtests/HomeRealmParser.java | 31 -------------------- .../test/resources/realma/entities-realma.xml | 10 +++---- .../src/test/resources/rp/cxf-service.xml | 28 +++++++++--------- 4 files changed, 32 insertions(+), 65 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f9897e43/systests/federation/samlWebapp/src/main/webapp/WEB-INF/cxf-service.xml ---------------------------------------------------------------------- diff --git a/systests/federation/samlWebapp/src/main/webapp/WEB-INF/cxf-service.xml b/systests/federation/samlWebapp/src/main/webapp/WEB-INF/cxf-service.xml index 9227893..58d6278 100644 --- a/systests/federation/samlWebapp/src/main/webapp/WEB-INF/cxf-service.xml +++ b/systests/federation/samlWebapp/src/main/webapp/WEB-INF/cxf-service.xml @@ -54,21 +54,21 @@ <bean id="callbackHandler" class="org.apache.cxf.fediz.samlsso.service.KeystorePasswordCallback"/> <bean id="stateManager" class="org.apache.cxf.rs.security.saml.sso.state.EHCacheSPStateManager"> - <constructor-arg ref="cxf"/> - </bean> + <constructor-arg ref="cxf"/> + </bean> - <bean id="ssoFilter" class="org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter"> - <property name="idpServiceAddress" value="https://localhost:${idp.https.port}/fediz-idp/saml/up"/> - <property name="assertionConsumerServiceAddress" - value="/racs/sso"/> - <property name="stateProvider" ref="stateManager"/> - <property name="addEndpointAddressToContext" value="true"/> - <property name="signRequest" value="true"/> - <property name="signaturePropertiesFile" value="stsKeystoreA.properties"/> - <property name="callbackHandler" ref="callbackHandler"/> - <property name="signatureUsername" value="realma" /> - <property name="issuerId" value="urn:org:apache:cxf:fediz:fedizhelloworld" /> - </bean> + <bean id="ssoFilter" class="org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter"> + <property name="idpServiceAddress" value="https://localhost:${idp.https.port}/fediz-idp/saml/up"/> + <property name="assertionConsumerServiceAddress" + value="/racs/sso"/> + <property name="stateProvider" ref="stateManager"/> + <property name="addEndpointAddressToContext" value="true"/> + <property name="signRequest" value="true"/> + <property name="signaturePropertiesFile" value="stsKeystoreA.properties"/> + <property name="callbackHandler" ref="callbackHandler"/> + <property name="signatureUsername" value="realma" /> + <property name="issuerId" value="urn:org:apache:cxf:fediz:fedizhelloworld:realm-B" /> + </bean> <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor"> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f9897e43/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java deleted file mode 100644 index b72e09d..0000000 --- a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.cxf.fediz.integrationtests; - -/** - * - */ -public class HomeRealmParser { - - public String getRealm() { - return "urn:org:apache:cxf:fediz:idp:realm-B"; - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f9897e43/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml b/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml index 93e3dfe..93830da 100644 --- a/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml +++ b/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml @@ -26,9 +26,6 @@ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd";> - <bean id="homeRealmParser" class="org.apache.cxf.fediz.integrationtests.HomeRealmParser"> - </bean> - <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.service.jpa.IdpEntity"> <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" /> <property name="uri" value="realma" /> @@ -81,9 +78,10 @@ <ref bean="claim_email" /> </util:list> </property> - <property name="hrds" value="'#{ homeRealmParser.realm }'" /> + <property name="hrds" value="{'urn:org:apache:cxf:fediz:fedizhelloworld:realm-B':'urn:org:apache:cxf:fediz:idp:realm-B'} + .get(getFlowScope().get('saml_authn_request').issuer)" /> </bean> - + <bean id="trusted-idp-realmB" class="org.apache.cxf.fediz.service.idp.service.jpa.TrustedIdpEntity"> <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" /> @@ -156,7 +154,7 @@ </bean> <bean id="srv-fedizhelloworld" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity"> - <property name="realm" value="urn:org:apache:cxf:fediz:fedizhelloworld" /> + <property name="realm" value="urn:org:apache:cxf:fediz:fedizhelloworld:realm-B" /> <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706"; /> <property name="serviceDisplayName" value="Fedizhelloworld" /> <property name="serviceDescription" value="Web Application to illustrate WS-Federation" /> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f9897e43/systests/federation/samlsso/src/test/resources/rp/cxf-service.xml ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/resources/rp/cxf-service.xml b/systests/federation/samlsso/src/test/resources/rp/cxf-service.xml index 9227893..58d6278 100644 --- a/systests/federation/samlsso/src/test/resources/rp/cxf-service.xml +++ b/systests/federation/samlsso/src/test/resources/rp/cxf-service.xml @@ -54,21 +54,21 @@ <bean id="callbackHandler" class="org.apache.cxf.fediz.samlsso.service.KeystorePasswordCallback"/> <bean id="stateManager" class="org.apache.cxf.rs.security.saml.sso.state.EHCacheSPStateManager"> - <constructor-arg ref="cxf"/> - </bean> + <constructor-arg ref="cxf"/> + </bean> - <bean id="ssoFilter" class="org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter"> - <property name="idpServiceAddress" value="https://localhost:${idp.https.port}/fediz-idp/saml/up"/> - <property name="assertionConsumerServiceAddress" - value="/racs/sso"/> - <property name="stateProvider" ref="stateManager"/> - <property name="addEndpointAddressToContext" value="true"/> - <property name="signRequest" value="true"/> - <property name="signaturePropertiesFile" value="stsKeystoreA.properties"/> - <property name="callbackHandler" ref="callbackHandler"/> - <property name="signatureUsername" value="realma" /> - <property name="issuerId" value="urn:org:apache:cxf:fediz:fedizhelloworld" /> - </bean> + <bean id="ssoFilter" class="org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter"> + <property name="idpServiceAddress" value="https://localhost:${idp.https.port}/fediz-idp/saml/up"/> + <property name="assertionConsumerServiceAddress" + value="/racs/sso"/> + <property name="stateProvider" ref="stateManager"/> + <property name="addEndpointAddressToContext" value="true"/> + <property name="signRequest" value="true"/> + <property name="signaturePropertiesFile" value="stsKeystoreA.properties"/> + <property name="callbackHandler" ref="callbackHandler"/> + <property name="signatureUsername" value="realma" /> + <property name="issuerId" value="urn:org:apache:cxf:fediz:fedizhelloworld:realm-B" /> + </bean> <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
