private static Logger log = Logger.getLogger(IdPProtocolSupport.class.getName());
private Logger transactionLog;
private IdPConfig config;
- private ArrayList fedMetadata = new ArrayList();
+ private ArrayList metadata = new ArrayList();
private NameMapper nameMapper;
private ServiceProviderMapper spMapper;
private ArpEngine arpEngine;
}
}
- protected void addFederationProvider(Element element) {
+ protected void addMetadataProvider(Element element) {
- log.debug("Found Federation Provider configuration element.");
- if (!element.getTagName().equals("FederationProvider")) {
- log.error("Error while attemtping to load Federation Provider. Malformed provider specificaion.");
+ log.debug("Found Metadata Provider configuration element.");
+ if (!element.getTagName().equals("MetadataProvider")) {
+ log.error("Error while attemtping to load Metadata Provider. Malformed provider specificaion.");
return;
}
try {
- fedMetadata.add(FederationProviderFactory.loadProvider(element));
+ metadata.add(MetadataProviderFactory.loadProvider(element));
} catch (MetadataException e) {
- log.error("Unable to load Federation Provider. Skipping...");
+ log.error("Unable to load Metadata Provider. Skipping...");
}
}
public int providerCount() {
- return fedMetadata.size();
+ return metadata.size();
}
public EntityDescriptor lookup(String providerId) {
- Iterator iterator = fedMetadata.iterator();
+ Iterator iterator = metadata.iterator();
while (iterator.hasNext()) {
EntityDescriptor provider = ((Metadata) iterator.next()).lookup(providerId);
if (provider != null) { return provider; }
public EntityDescriptor lookup(Artifact artifact) {
- Iterator iterator = fedMetadata.iterator();
+ Iterator iterator = metadata.iterator();
while (iterator.hasNext()) {
EntityDescriptor provider = ((Metadata) iterator.next()).lookup(artifact);
if (provider != null) { return provider; }
// Load metadata
itemElements = originConfig.getDocumentElement().getElementsByTagNameNS(IdPConfig.configNameSpace,
- "FederationProvider");
+ "MetadataProvider");
for (int i = 0; i < itemElements.getLength(); i++) {
- protocolSupport.addFederationProvider((Element) itemElements.item(i));
+ protocolSupport.addMetadataProvider((Element) itemElements.item(i));
}
if (protocolSupport.providerCount() < 1) {
- log.error("No Federation Provider metadata loaded.");
- throw new ShibbolethConfigurationException("Could not load federation metadata.");
+ log.error("No Metadata Provider metadata loaded.");
+ throw new ShibbolethConfigurationException("Could not load SAML metadata.");
}
log.info("Identity Provider initialization complete.");
}
-class FederationProviderFactory {
+class MetadataProviderFactory {
- private static Logger log = Logger.getLogger(FederationProviderFactory.class.getName());
+ private static Logger log = Logger.getLogger(MetadataProviderFactory.class.getName());
public static Metadata loadProvider(Element e) throws MetadataException {
String className = e.getAttribute("type");
if (className == null || className.equals("")) {
- log.error("Federation Provider requires specification of the attribute \"type\".");
- throw new MetadataException("Failed to initialize Federation Provider.");
+ log.error("Metadata Provider requires specification of the attribute \"type\".");
+ throw new MetadataException("Failed to initialize Metadata Provider.");
} else {
try {
Class[] params = {Class.forName("org.w3c.dom.Element"),};
return (Metadata) Class.forName(className).getConstructor(params).newInstance(new Object[]{e});
} catch (Exception loaderException) {
- log.error("Failed to load Federation Provider implementation class: " + loaderException);
+ log.error("Failed to load Metadata Provider implementation class: " + loaderException);
Throwable cause = loaderException.getCause();
while (cause != null) {
log.error("caused by: " + cause);
cause = cause.getCause();
}
- throw new MetadataException("Failed to initialize Federation Provider.");
+ throw new MetadataException("Failed to initialize Metadata Provider.");
}
}
}
<xs:import namespace="urn:mace:shibboleth:credentials:1.0" schemaLocation="credentials.xsd"/>
<xs:import namespace="urn:mace:shibboleth:namemapper:1.0" schemaLocation="namemapper.xsd"/>
-
- <xs:element name="IdPConfig" type="idp:IdPConfigType"/>
- <xs:element name="ShibbolethOriginConfig" type="idp:IdPConfigType"/>
-
+
<xs:simpleType name="LevelType">
<xs:restriction base="xs:string">
<xs:enumeration value="OFF"/>
</xs:restriction>
</xs:simpleType>
- <xs:complexType name="IdPConfigType">
- <xs:sequence>
+ <xs:element name="IdPConfig">
+ <xs:complexType>
<xs:sequence>
- <xs:element name="RelyingParty" maxOccurs="unbounded">
+ <xs:sequence>
+ <xs:element name="RelyingParty" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence minOccurs="0">
+ <xs:element name="HSNameFormat">
+ <xs:complexType>
+ <xs:attribute name="nameMapping" type="xs:string" use="required"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required"/>
+ <xs:attribute name="providerId" type="xs:anyURI" use="optional"/>
+ <xs:attribute name="signingCredential" type="xs:string" use="optional"/>
+ <xs:attribute name="AAUrl" type="xs:anyURI" use="optional"/>
+ <xs:attribute name="passThruErrors" type="xs:boolean" use="optional"/>
+ <xs:attribute name="forceAttributePush" type="xs:boolean" use="optional"/>
+ <xs:attribute name="signAssertions" type="xs:boolean" use="optional"/>
+ <xs:attribute name="forceAttributeNoPush" type="xs:boolean" use="optional"/>
+ <xs:attribute name="defaultToPOSTProfile" type="xs:boolean" use="optional"/>
+ <xs:attribute name="defaultAuthMethod" type="xs:string" use="optional"/>
+ <xs:attribute name="preferredArtifactType" type="xs:integer" use="optional"/>
+ <xs:attribute name="defaultTarget" type="xs:string" use="optional"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:element name="ReleasePolicyEngine" minOccurs="0">
<xs:complexType>
- <xs:sequence minOccurs="0">
- <xs:element name="HSNameFormat">
+ <xs:sequence>
+ <xs:element name="ArpRepository">
<xs:complexType>
- <xs:attribute name="nameMapping" type="xs:string" use="required"/>
+ <xs:sequence>
+ <xs:any namespace="##any" processContents="lax" minOccurs="0"
+ maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="implementation" type="xs:string" use="required"/>
+ <xs:anyAttribute namespace="##any" processContents="lax"/>
</xs:complexType>
</xs:element>
</xs:sequence>
- <xs:attribute name="name" type="xs:string" use="required"/>
- <xs:attribute name="providerId" type="xs:anyURI" use="optional"/>
- <xs:attribute name="signingCredential" type="xs:string" use="optional"/>
- <xs:attribute name="AAUrl" type="xs:anyURI" use="optional"/>
- <xs:attribute name="passThruErrors" type="xs:boolean" use="optional"/>
- <xs:attribute name="forceAttributePush" type="xs:boolean" use="optional"/>
- <xs:attribute name="signAssertions" type="xs:boolean" use="optional"/>
- <xs:attribute name="forceAttributeNoPush" type="xs:boolean" use="optional"/>
- <xs:attribute name="defaultToPOSTProfile" type="xs:boolean" use="optional"/>
- <xs:attribute name="defaultAuthMethod" type="xs:string" use="optional"/>
- <xs:attribute name="preferredArtifactType" type="xs:integer" use="optional"/>
- <xs:attribute name="defaultTarget" type="xs:string" use="optional"/>
</xs:complexType>
</xs:element>
- </xs:sequence>
- <xs:element name="ReleasePolicyEngine" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ArpRepository">
- <xs:complexType>
- <xs:sequence>
- <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="implementation" type="xs:string" use="required"/>
- <xs:anyAttribute namespace="##any" processContents="lax"/>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="Logging" minOccurs="0" maxOccurs="1">
- <xs:complexType>
- <xs:choice>
+ <xs:element name="Logging" minOccurs="0" maxOccurs="1">
+ <xs:complexType>
+ <xs:choice>
+ <xs:sequence>
+ <xs:element name="ErrorLog" type="idp:LogWithLevels" minOccurs="0" maxOccurs="1" />
+ <xs:element name="TransactionLog" type="idp:Log" minOccurs="0" maxOccurs="1" />
+ </xs:sequence>
+ <xs:element name="Log4JConfig">
+ <xs:complexType>
+ <xs:attribute name="type" type="idp:Log4JConfigType" use="optional"
+ default="properties" />
+ <xs:attribute name="location" type="xs:anyURI" use="required" />
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:sequence>
+ <xs:element ref="namemapper:NameMapping" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:element name="ArtifactMapper" minOccurs="0" maxOccurs="1">
+ <xs:complexType>
<xs:sequence>
- <xs:element name="ErrorLog" type="idp:LogWithLevels" minOccurs="0" maxOccurs="1" />
- <xs:element name="TransactionLog" type="idp:Log" minOccurs="0" maxOccurs="1" />
+ <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
- <xs:element name="Log4JConfig">
- <xs:complexType>
- <xs:attribute name="type" type="idp:Log4JConfigType" use="optional" default="properties" />
- <xs:attribute name="location" type="xs:anyURI" use="required" />
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
-
- <xs:sequence>
- <xs:element ref="namemapper:NameMapping" maxOccurs="unbounded"/>
+ <xs:attribute name="implementation" type="xs:string" use="required"/>
+ <xs:anyAttribute namespace="##any" processContents="lax"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element ref="credentials:Credentials"/>
+ <xs:element name="ProtocolHandler" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI" minOccurs="1" maxOccurs="unbounded" />
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="implementation" type="xs:string" use="required" />
+ <xs:anyAttribute namespace="##any" processContents="lax"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="MetadataProvider" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="type" type="xs:string" use="required" />
+ <xs:anyAttribute namespace="##any" processContents="lax"/>
+ </xs:complexType>
+ </xs:element>
</xs:sequence>
-
- <xs:element name="ArtifactMapper" minOccurs="0" maxOccurs="1">
- <xs:complexType>
- <xs:sequence>
- <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="implementation" type="xs:string" use="required"/>
- <xs:anyAttribute namespace="##any" processContents="lax"/>
- </xs:complexType>
- </xs:element>
-
- <xs:element ref="credentials:Credentials"/>
-
- <xs:element name="ProtocolHandler" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI" minOccurs="1" maxOccurs="unbounded" />
- <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="implementation" type="xs:string" use="required" />
- <xs:anyAttribute namespace="##any" processContents="lax"/>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="FederationProvider" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="type" type="xs:string" use="required" />
- <xs:anyAttribute namespace="##any" processContents="lax"/>
- </xs:complexType>
- </xs:element>
-
- </xs:sequence>
-
- <xs:attribute name="resolverConfig" type="xs:string" use="optional" default="/conf/resolver.xml"/>
- <xs:attribute name="AAUrl" type="xs:anyURI" use="optional"/>
- <xs:attribute name="providerId" type="xs:anyURI" use="required"/>
- <xs:attribute name="defaultRelyingParty" type="xs:anyURI" use="required"/>
- <xs:attribute name="defaultAuthMethod" type="xs:string" use="optional" default="urn:oasis:names:tc:SAML:1.0:am:unspecified"/>
- <xs:attribute name="passThruErrors" type="xs:boolean" use="optional" default="false"/>
- <xs:attribute name="authHeaderName" type="xs:string" use="optional"/>
- <xs:attribute name="maxHSThreads" type="xs:integer" use="optional"/>
- </xs:complexType>
+ <xs:attribute name="resolverConfig" type="xs:string" use="optional" default="/conf/resolver.xml"/>
+ <xs:attribute name="AAUrl" type="xs:anyURI" use="optional"/>
+ <xs:attribute name="providerId" type="xs:anyURI" use="required"/>
+ <xs:attribute name="defaultRelyingParty" type="xs:anyURI" use="required"/>
+ <xs:attribute name="defaultAuthMethod" type="xs:string" use="optional"
+ default="urn:oasis:names:tc:SAML:1.0:am:unspecified"/>
+ <xs:attribute name="passThruErrors" type="xs:boolean" use="optional" default="false"/>
+ <xs:attribute name="authHeaderName" type="xs:string" use="optional"/>
+ <xs:attribute name="maxHSThreads" type="xs:integer" use="optional"/>
+ </xs:complexType>
+ </xs:element>
</xs:schema>