2 * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
3 * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
4 * provided that the following conditions are met: Redistributions of source code must retain the above copyright
5 * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above
6 * copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials
7 * provided with the distribution, if any, must include the following acknowledgment: "This product includes software
8 * developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu> Internet2 Project.
9 * Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
10 * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2, nor
11 * the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
12 * products derived from this software without specific prior written permission. For written permission, please contact
13 * shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2, UCAID, or the
14 * University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name, without prior
15 * written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS PROVIDED BY THE
16 * COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE
18 * DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE. IN NO
19 * EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC.
20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
23 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 package edu.internet2.middleware.shibboleth.idp.provider;
29 import java.net.URISyntaxException;
30 import java.util.HashSet;
31 import java.util.regex.Matcher;
32 import java.util.regex.Pattern;
34 import javax.security.auth.x500.X500Principal;
36 import org.apache.log4j.Logger;
37 import org.w3c.dom.Element;
38 import org.w3c.dom.Node;
39 import org.w3c.dom.NodeList;
41 import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
42 import edu.internet2.middleware.shibboleth.idp.IdPConfig;
43 import edu.internet2.middleware.shibboleth.idp.IdPProtocolHandler;
46 * Functionality common to all <code>IdPProtocolHandler</code> implementation.
48 * @author Walter Hoehn
50 public abstract class BaseHandler implements IdPProtocolHandler {
52 private static Logger log = Logger.getLogger(BaseHandler.class.getName());
53 private HashSet locations = new HashSet();
55 private static Pattern regex = Pattern.compile(".*?CN=([^,/]+).*");
58 * Required DOM-based constructor.
60 public BaseHandler(Element config) throws ShibbolethConfigurationException {
62 // Make sure we have at least one location
63 NodeList locations = config.getElementsByTagNameNS(IdPConfig.configNameSpace, "Location");
64 if (locations.getLength() < 1) {
65 log.error("The <ProtocolHandler/> element must contain at least one <Location/> element.");
66 throw new ShibbolethConfigurationException("Unable to load ProtocolHandler.");
69 // Parse the locations
70 for (int i = 0; i < locations.getLength(); i++) {
71 Node tnode = ((Element) locations.item(i)).getFirstChild();
72 if (tnode != null && tnode.getNodeType() == Node.TEXT_NODE) {
73 String rawURI = tnode.getNodeValue();
75 if (rawURI == null || rawURI.equals("")) {
76 log.error("The <Location/> element inside the <ProtocolHandler/> element must contain a URI.");
77 throw new ShibbolethConfigurationException("Unable to load ProtocolHandler.");
81 URI location = new URI(rawURI);
82 this.locations.add(location);
83 } catch (URISyntaxException e) {
84 log.error("The <Location/> element inside the <ProtocolHandler/> element contains "
85 + "an improperly formatted URI: " + e);
86 throw new ShibbolethConfigurationException("Unable to load ProtocolHandler.");
90 log.error("The <Location/> element inside the <ProtocolHandler/> element must contain a URI.");
91 throw new ShibbolethConfigurationException("Unable to load ProtocolHandler.");
97 * @see edu.internet2.middleware.shibboleth.idp.IdPProtocolHandler#getLocations()
99 public URI[] getLocations() {
101 return (URI[]) locations.toArray(new URI[0]);
104 protected static String getHostNameFromDN(X500Principal dn) {
106 Matcher matches = regex.matcher(dn.getName(X500Principal.RFC2253));
107 if (!matches.find() || matches.groupCount() > 1) {
108 log.error("Unable to extract host name name from certificate subject DN.");
111 return matches.group(1);