Fix bug where passThruErrors setting was being ignored.
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / aa / AAServiceProviderMapper.java
1 /*
2  * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
3  * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
4  * provided that the following conditions are met: Redistributions of source code must retain the above copyright
5  * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
6  * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
7  * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
8  * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu> Internet2
9  * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
10  * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
11  * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
12  * products derived from this software without specific prior written permission. For written permission, please
13  * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
14  * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
15  * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
16  * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
17  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
18  * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
19  * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
20  * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
22  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
23  * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24  * POSSIBILITY OF SUCH DAMAGE.
25  */
26
27 package edu.internet2.middleware.shibboleth.aa;
28
29 import org.apache.log4j.Logger;
30 import org.w3c.dom.Element;
31 import org.w3c.dom.NodeList;
32
33 import edu.internet2.middleware.shibboleth.common.RelyingParty;
34 import edu.internet2.middleware.shibboleth.common.ServiceProviderMapper;
35 import edu.internet2.middleware.shibboleth.common.ServiceProviderMapperException;
36 import edu.internet2.middleware.shibboleth.common.ShibbolethOriginConfig;
37
38 /**
39  * Class for determining the effective relying party for the Shibboleth attribute authority from the unique id of the
40  * service provider.
41  * 
42  * @author Walter Hoehn
43  */
44 public class AAServiceProviderMapper extends ServiceProviderMapper {
45
46         private static Logger   log     = Logger.getLogger(AAServiceProviderMapper.class.getName());
47         private AAConfig                configuration;
48
49         /**
50          * Constructs a new service provider mapper for the attribute authority.
51          * 
52          * @param rawConfig
53          *            DOM representation of the attribute authority configuration
54          * @param configuration
55          *            global attribute authority configuration
56          * @throws ServiceProviderMapperException
57          *             if the configuration is invalid
58          */
59         public AAServiceProviderMapper(Element rawConfig, AAConfig configuration) throws ServiceProviderMapperException {
60
61                 this.configuration = configuration;
62
63                 NodeList itemElements = rawConfig.getElementsByTagNameNS(ShibbolethOriginConfig.originConfigNamespace,
64                                 "RelyingParty");
65
66                 for (int i = 0; i < itemElements.getLength(); i++) {
67                         addRelyingParty((Element) itemElements.item(i));
68                 }
69
70                 verifyDefaultParty(configuration);
71         }
72
73         private void addRelyingParty(Element e) throws ServiceProviderMapperException {
74
75                 log.debug("Found a Relying Party.");
76                 try {
77                         if (e.getLocalName().equals("RelyingParty")) {
78                                 RelyingParty party = new AARelyingPartyImpl(e, configuration);
79                                 log.debug("Relying Party (" + party.getName() + ") loaded.");
80                                 relyingParties.put(party.getName(), party);
81                         }
82                 } catch (ServiceProviderMapperException exc) {
83                         log.error("Encountered an error while attempting to load Relying Party configuration.  Skipping...");
84                 }
85         }
86
87         /**
88          * Returns the appropriate relying party for the supplied service provider id.
89          */
90         public AARelyingParty getRelyingParty(String providerIdFromTarget) {
91                 return (AARelyingParty) getRelyingPartyImpl(providerIdFromTarget);
92         }
93
94         protected ShibbolethOriginConfig getOriginConfig() {
95                 return configuration;
96         }
97
98         /**
99          * AA-specific relying party implementation.
100          * 
101          * @author Walter Hoehn
102          */
103         class AARelyingPartyImpl extends BaseRelyingPartyImpl implements AARelyingParty {
104
105                 private AAConfig        aaConfig;
106                 private boolean         overridenPassThruErrors = false;
107                 private boolean         passThruIsOverriden             = false;
108
109                 public AARelyingPartyImpl(Element partyConfig, AAConfig globalConfig) throws ServiceProviderMapperException {
110                         super(partyConfig);
111
112                         aaConfig = globalConfig;
113
114                         String attribute = ((Element) partyConfig).getAttribute("passThruErrors");
115                         if (attribute != null && !attribute.equals("")) {
116                                 log.debug("Overriding passThruErrors for Relying Pary (" + name + ") with (" + attribute + ").");
117                                 overridenPassThruErrors = Boolean.valueOf(attribute).booleanValue();
118                                 passThruIsOverriden = true;
119                         }
120
121                         identityProvider = new RelyingPartyIdentityProvider(overridenOriginProviderId != null
122                                         ? overridenOriginProviderId
123                                         : configuration.getProviderId(), null);
124                 }
125
126                 public boolean passThruErrors() {
127                         if (passThruIsOverriden) {
128                                 return overridenPassThruErrors;
129                         } else {
130                                 return aaConfig.passThruErrors();
131                         }
132                 }
133
134         }
135 }