Configuration message encoder, decoders, and SAML2 Attribute query security policy

author lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>

Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)

committer lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>

Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)
author lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)
committer lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)
diff --git a/resources/conf/internal.xml b/resources/conf/internal.xml

index 330168b..ef11dd6 100644 (file)
--- a/resources/conf/internal.xml
+++ b/resources/conf/internal.xml
@@ -10,6 +10,34 @@
      xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"
      default-autowire="byType">
  
      xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"
      default-autowire="byType">
  
+    <bean id="shibboleth.ServletAttributeExporter"
+        class="org.springframework.web.context.support.ServletContextAttributeExporter">
+        <property name="attributes">
+            <map>
+                <entry>
+                    <key>
+                        <value>handlerManager</value>
+                    </key>
+                    <ref bean="shibboleth.ProfileHandler" />
+                </entry>
+            </map>
+        </property>
+    </bean>
+    
+    <bean id="shibboleth.VelocityEngine" class="org.springframework.ui.velocity.VelocityEngineFactoryBean" >
+        <property name="velocityProperties">
+            <props>
+                <prop key="resource.loader">classpath, string</prop>
+                <prop key="classpath.resource.loader.class">
+                    org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader
+                </prop>
+                <prop key="string.resource.loader.class">
+                    org.apache.velocity.runtime.resource.loader.StringResourceLoader
+                </prop>
+            </props>
+        </property>
+    </bean>
+
      <bean id="shibboleth.TaskTimer" class="java.util.Timer" destroy-method="cancel">
          <constructor-arg value="true" type="boolean" />
      </bean>
      <bean id="shibboleth.TaskTimer" class="java.util.Timer" destroy-method="cancel">
          <constructor-arg value="true" type="boolean" />
      </bean>
@@ -23,19 +51,87 @@
          <property name="namespaceAware" value="true" />
      </bean>
  
          <property name="namespaceAware" value="true" />
      </bean>
  
-    <bean id="shibboleth.ServletAttributeExporter"
-        class="org.springframework.web.context.support.ServletContextAttributeExporter">
-        <property name="attributes">
+    <bean id="shibboleth.SAML2AttributeQueryMessageSecurityPolicyFactory" class="org.opensaml.common.binding.security.SAMLSecurityPolicyFactory">
+        <property name="issuerRole">
+            <bean id="shibboleth.SAML2AttributeQueryRole" class="javax.xml.namespace.QName">
+                <constructor-arg value="urn:oasis:names:tc:SAML:2.0:metadata" />
+                <constructor-arg value="SPSSODescriptor" />
+            </bean>
+        </property>
+        <property name="issuerProtocol" value="urn:oasis:names:tc:SAML:2.0:protocol" />
+        <property name="policyRuleFactories">
+            <list>
+                <ref bean="shibboleth.SAML2ProtocolMessageRuleFactory" />
+                <ref bean="shibboleth.MessageIssueInstantRuleFactory" />
+            </list>
+        </property>
+    </bean>
+    
+    <bean id="shibboleth.SAML2ProtocolMessageRuleFactory" class="org.opensaml.saml2.binding.security.SAML2ProtocolMessageRuleFactory" />
+    
+    <bean id="shibboleth.MessageIssueInstantRuleFactory" class="org.opensaml.common.binding.security.IssueInstantRuleFactory">
+        <property name="clockSkew" value="5" />
+        <property name="expires" value="10" />
+    </bean>
+    
+    <bean id="shibboleth.MessageEncoderFactory" class="org.opensaml.common.binding.encoding.MessageEncoderFactory">
+        <property name="encoderBuilders">
              <map>
                  <entry>
              <map>
                  <entry>
-                    <key>
-                        <value>handlerManager</value>
-                    </key>
-                    <ref bean="shibboleth.ProfileHandler" />
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/>
+                    <bean id="shibboleth.SAML2HttpPostEncoderBuilder" class="org.opensaml.saml2.binding.encoding.HTTPPostEncoderBuilder">
+                        <constructor-arg ref="shibboleth.VelocityEngine" />
+                        <constructor-arg value="/templates/saml2-post-binding.vm"/>
+                    </bean>
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>
+                    <bean id="shibboleth.SAML2HttpRedirectEncoderBuilder" class="org.opensaml.saml2.binding.encoding.HTTPRedirectDefalteEncoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/>
+                    <bean id="shibboleth.SAML2HttpSoap11EncoderBuilder" class="org.opensaml.saml2.binding.encoding.HTTPSOAP11EncoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"/>
+                    <bean id="shibboleth.SAML1HttpPostEncoderBuilder" class="org.opensaml.saml1.binding.encoding.HTTPPostEncoderBuilder">
+                        <constructor-arg ref="shibboleth.VelocityEngine" />
+                        <constructor-arg value="/templates/saml1-post-binding.vm"/>
+                    </bean>
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"/>
+                    <bean id="shibboleth.SAML1HttpSoap11EncoderBuilder" class="org.opensaml.saml1.binding.encoding.HTTPSOAP11EncoderBuilder" />
                  </entry>
              </map>
          </property>
      </bean>
                  </entry>
              </map>
          </property>
      </bean>
-
-
+    
+    <bean id="shibboleth.MessageDecoderFactory" class="org.opensaml.common.binding.decoding.MessageDecoderFactory">
+        <property name="decoderBuilders">
+            <map>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/>
+                    <bean id="shibboleth.SAML2HttpPostDecoderBuilder" class="org.opensaml.saml2.binding.decoding.HTTPPostDecoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>
+                    <bean id="shibboleth.SAML2HttpRedirectDecoderBuilder" class="org.opensaml.saml2.binding.decoding.HTTPRedirectDefalteDecoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/>
+                    <bean id="shibboleth.SAML2HttpSoap11DecoderBuilder" class="org.opensaml.saml2.binding.decoding.HTTPSOAP11DecoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"/>
+                    <bean id="shibboleth.SAML1HttpPostDecoderBuilder" class="org.opensaml.saml1.binding.decoding.HTTPPostDecoderBuilder" />
+                </entry>
+                <entry>
+                    <key value="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"/>
+                    <bean id="shibboleth.SAML1HttpSoap11DecoderBuilder" class="org.opensaml.saml1.binding.decoding.HTTPSOAP11DecoderBuilder" />
+                </entry>
+            </map>
+        </property>
+    </bean>
+    
  </beans>
\ No newline at end of file
  </beans>
\ No newline at end of file
author	lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
	Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)
committer	lajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
	Sun, 27 May 2007 14:58:18 +0000 (14:58 +0000)