Merge branch 'master' into frontchannel-slo v2.3.2-slo10
authorTamas Frank <sitya@niif.hu>
Mon, 25 Jul 2011 17:03:07 +0000 (19:03 +0200)
committerTamas Frank <sitya@niif.hu>
Mon, 25 Jul 2011 17:03:07 +0000 (19:03 +0200)
Conflicts:
pom.xml
src/installer/resources/conf-tmpl/handler.xml
src/installer/resources/conf-tmpl/relying-party.xml
src/installer/resources/metadata-tmpl/idp-metadata.xml

12 files changed:
1  2 
pom.xml
src/installer/resources/conf-tmpl/handler.xml
src/installer/resources/conf-tmpl/relying-party.xml
src/installer/resources/metadata-tmpl/idp-metadata.xml
src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/ProfileHandlerNamespaceHandler.java
src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
src/main/java/edu/internet2/middleware/shibboleth/idp/session/ServiceInformation.java
src/main/java/edu/internet2/middleware/shibboleth/idp/session/impl/ServiceInformationImpl.java
src/main/java/edu/internet2/middleware/shibboleth/idp/session/impl/SessionManagerImpl.java
src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd
src/main/webapp/WEB-INF/web.xml

diff --cc pom.xml
+++ b/pom.xml
@@@ -1,10 -1,13 +1,12 @@@
  <?xml version="1.0" encoding="UTF-8"?>
- <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+          
      <modelVersion>4.0.0</modelVersion>
 -
      <groupId>edu.internet2.middleware</groupId>
      <artifactId>shibboleth-identityprovider</artifactId>
-     <version>2.3.0-slo10</version>
 -    <version>2.3.2</version>
++    <version>2.3.2-slo10</version>
      <!-- We bundle as a jar here, the installer creates the WAR -->
      <packaging>jar</packaging>
  
          <dependency>
              <groupId>edu.internet2.middleware</groupId>
              <artifactId>shibboleth-common</artifactId>
++<<<<<<< HEAD
 +            <version>1.3.0-slo2</version>
++=======
+             <version>1.3.2</version>
++>>>>>>> master
          </dependency>
  
          <!-- Provided dependencies -->
              <timezone>0</timezone>
          </developer>
      </developers>
 -<<<<<<< HEAD
 -    
  </project>
++<<<<<<< HEAD
+ =======
 -
 -</project>
+ <<<<<<< HEAD
+ >>>>>>> tags/2.3.0
+ =======
+ >>>>>>> tags/2.3.2
++>>>>>>> master
          <ph:RequestPath>/SAML2/Redirect/SSO</ph:RequestPath>
      </ph:ProfileHandler>
  
 +    <ph:ProfileHandler xsi:type="ph:SAML2SLO" 
 +                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
 +                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect">
 +        <ph:RequestPath>/SAML2/Redirect/SLO</ph:RequestPath>
 +    </ph:ProfileHandler>
 +
 +    <ph:ProfileHandler xsi:type="ph:SAML2SLO" 
 +                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
 +                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST">
 +        <ph:RequestPath>/SAML2/POST/SLO</ph:RequestPath>
 +    </ph:ProfileHandler>
 +
 +    <ph:ProfileHandler xsi:type="ph:SAML2SLO" 
 +                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
 +                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP">
 +        <ph:RequestPath>/SAML2/SOAP/SLO</ph:RequestPath>
 +    </ph:ProfileHandler>
 +    
 +    <ph:ProfileHandler xsi:type="ph:SAML2SSO"
 +                    inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest"
 +                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
 +                                                urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST 
 +                                                urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
++
+     <ph:ProfileHandler xsi:type="ph:SAML2SSO" inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest" outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST                                                  urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
          <ph:RequestPath>/SAML2/Unsolicited/SSO</ph:RequestPath>
      </ph:ProfileHandler>
  
              We list them here so that people are aware of them (since they seem reluctant to 
              read the documentation).
          -->
-         <rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" 
-                               includeAttributeStatement="false"
-                               assertionLifetime="PT5M"
-                               signResponses="conditional"
-                               signAssertions="never" />
+         <rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" includeAttributeStatement="false" assertionLifetime="PT5M" signResponses="conditional" signAssertions="never"/>
                                
-         <rp:ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile"
-                               assertionLifetime="PT5M"
-                               signResponses="conditional"
-                               signAssertions="never" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" assertionLifetime="PT5M" signResponses="conditional" signAssertions="never"/>
          
-         <rp:ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile"
-                               signResponses="conditional"
-                               signAssertions="never" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile" signResponses="conditional" signAssertions="never"/>
          
-         <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" 
-                               includeAttributeStatement="true"
-                               assertionLifetime="PT5M"
-                               assertionProxyCount="0" 
-                               signResponses="never"
-                               signAssertions="always" 
-                               encryptAssertions="conditional"
-                               encryptNameIds="never" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" includeAttributeStatement="true" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
  
-         <rp:ProfileConfiguration xsi:type="saml:SAML2ECPProfile"
-                               includeAttributeStatement="true"
-                               assertionLifetime="PT5M"
-                               assertionProxyCount="0"
-                               signResponses="never"
-                               signAssertions="always"
-                               encryptAssertions="conditional"
-                               encryptNameIds="never" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML2ECPProfile" includeAttributeStatement="true" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
  
-         <rp:ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile" 
-                               assertionLifetime="PT5M"
-                               assertionProxyCount="0" 
-                               signResponses="conditional"
-                               signAssertions="never"
-                               encryptAssertions="conditional"
-                               encryptNameIds="never" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="conditional" signAssertions="never" encryptAssertions="conditional" encryptNameIds="never"/>
          
 +        <rp:ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile" 
 +                              signResponses="never"
 +                              signAssertions="always"
 +                              encryptAssertions="conditional"
 +                              encryptNameIds="never"/>
 +
 +        <rp:ProfileConfiguration xsi:type="saml:SAML2LogoutRequestProfile"
 +                              signResponses="always"
 +                              signAssertions="never"
 +                              encryptAssertions="never"
 +                              encryptNameIds="conditional" />
+         <rp:ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
          
      </rp:DefaultRelyingParty>
          
@@@ -20,24 -17,9 +17,22 @@@ $IDP_CERTIFICATE
              </ds:KeyInfo>
          </KeyDescriptor>
          
-         <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
-                                    Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML1/SOAP/ArtifactResolution" 
-                                    index="1"/>
+         <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
  
 -        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
 +        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
 +                                   Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/ArtifactResolution" 
 +                                   index="2"/>
 +        
 +        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
 +                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SLO" 
 +                             ResponseLocation="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SLO"/>
 +        
 +        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
 +                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SLO" 
 +                             ResponseLocation="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SLO"/>
 +        
 +        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 
 +                             Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/SLO" />
                                     
          <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
          <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
@@@ -82,4 -58,4 +71,8 @@@ $IDP_CERTIFICATE
          
      </AttributeAuthorityDescriptor>
      
++<<<<<<< HEAD
 +</EntityDescriptor>    
++=======
+ </EntityDescriptor>
++>>>>>>> master
Simple merge