More guts in the Name Mapping code.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 16 Jan 2004 07:56:11 +0000 (07:56 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 16 Jan 2004 07:56:11 +0000 (07:56 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@824 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

12 files changed:
src/edu/internet2/middleware/shibboleth/common/AuthNPrincipal.java
src/edu/internet2/middleware/shibboleth/common/BaseNameIdentifierMapping.java
src/edu/internet2/middleware/shibboleth/common/IdentityProvider.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/common/InvalidNameIdentifierException.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/common/NameIdentifierMapping.java
src/edu/internet2/middleware/shibboleth/common/NameIdentifierMappingException.java
src/edu/internet2/middleware/shibboleth/common/NameMapper.java
src/edu/internet2/middleware/shibboleth/common/PrincipalNameIdentifier.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/common/ServiceProvider.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/hs/HSNameIdentifierMapping.java
src/edu/internet2/middleware/shibboleth/hs/HSNameMapper.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/hs/provider/SharedMemoryShibHandle.java [new file with mode: 0644]

index 139ebc9..9b288e1 100755 (executable)
@@ -57,7 +57,8 @@ import java.security.Principal;
  * 
  * @author Walter Hoehn (wassa@columbia.edu)
  */
-
+//TODO this name probably becomes less intuitive as name identifiers
+// don't necessarily come from the HS, change it
 public class AuthNPrincipal implements Principal, Serializable {
 
        static final long serialVersionUID = 1L;
index 2b7ed33..046bba1 100644 (file)
@@ -53,6 +53,8 @@ import java.net.URISyntaxException;
 import org.apache.log4j.Logger;
 import org.w3c.dom.Element;
 
+import edu.internet2.middleware.shibboleth.hs.HSNameIdentifierMapping;
+
 /**
  * @author Walter Hoehn
  */
@@ -79,6 +81,13 @@ public abstract class BaseNameIdentifierMapping implements NameIdentifierMapping
                        log.error("Name Mapping attribute \"format\" is not a valid URI: " + e);
                        throw new NameIdentifierMappingException("Invalid mapping information specified.");
                }
+
+               String id = ((Element) config).getAttribute("id");
+               if (id != null && (!(this instanceof HSNameIdentifierMapping))) {
+                       log.error(
+                               "\"id\" attribute is not valid for Name Mapping implementations that do are not used for Name Identifer Creation.");
+                       throw new NameIdentifierMappingException("Invalid mapping information specified.");
+               }
        }
 
        public URI getNameIdentifierFormat() {
diff --git a/src/edu/internet2/middleware/shibboleth/common/IdentityProvider.java b/src/edu/internet2/middleware/shibboleth/common/IdentityProvider.java
new file mode 100644 (file)
index 0000000..826525a
--- /dev/null
@@ -0,0 +1,55 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.common;
+
+/**
+ * @author Walter Hoehn
+ */
+public interface IdentityProvider {
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/common/InvalidNameIdentifierException.java b/src/edu/internet2/middleware/shibboleth/common/InvalidNameIdentifierException.java
new file mode 100644 (file)
index 0000000..ddf31e4
--- /dev/null
@@ -0,0 +1,58 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+package edu.internet2.middleware.shibboleth.common;
+
+/**
+ * @author Walter Hoehn
+ */
+public class InvalidNameIdentifierException extends NameIdentifierMappingException {
+
+       public InvalidNameIdentifierException(String message) {
+               super(message);
+       }
+
+}
index db74c62..b8c08bb 100644 (file)
@@ -49,6 +49,8 @@ package edu.internet2.middleware.shibboleth.common;
 
 import java.net.URI;
 
+import org.opensaml.SAMLNameIdentifier;
+
 /**
  * @author Walter Hoehn
  */
@@ -56,7 +58,7 @@ public interface NameIdentifierMapping {
 
        public URI getNameIdentifierFormat();
 
-       public AuthNPrincipal getPrincipal(String nameIdentifier)
-               throws NameIdentifierMappingException, InvalidNameIdentifierMappingException;
+       public AuthNPrincipal getPrincipal(SAMLNameIdentifier nameId, ServiceProvider sProv, IdentityProvider idProv)
+               throws NameIdentifierMappingException, InvalidNameIdentifierException;
 
 }
index c456497..ab08866 100644 (file)
@@ -58,9 +58,3 @@ public class NameIdentifierMappingException extends Exception {
                super(message);
        }
 }
-
-class InvalidNameIdentifierMappingException extends NameIdentifierMappingException {
-       public InvalidNameIdentifierMappingException(String message) {
-               super(message);
-       }
-}
index 385ebe0..4be94e3 100644 (file)
@@ -68,15 +68,15 @@ public class NameMapper {
                try {
                        registeredMappingTypes.put(
                                "CryptoHandleGenerator",
-                               Class.forName("edu.internet2.middleware.shibboleth.common.CryptoHandleGenerator"));
+                               Class.forName("edu.internet2.middleware.shibboleth.hs.provider.CryptoShibHandle"));
 
                        registeredMappingTypes.put(
-                               "MemoryHandleGenerator",
-                               Class.forName("edu.internet2.middleware.shibboleth.common.MemoryHandleGenerator"));
+                               "SharedMemoryShibHandle",
+                               Class.forName("edu.internet2.middleware.shibboleth.hs.provider.SharedMemoryShibHandle"));
 
                        registeredMappingTypes.put(
                                "PassThruNameIdentifier",
-                               Class.forName("edu.internet2.middleware.shibboleth.common.PassThruNameIdentifier"));
+                               Class.forName("edu.internet2.middleware.shibboleth.common.PrincipalNameIdentifier"));
 
                } catch (ClassNotFoundException e) {
                        log.error("Unable to pre-register Name mapping implementation types.");
@@ -131,15 +131,9 @@ public class NameMapper {
 
        public void addNameMapping(NameIdentifierMapping mapping) {
                byFormat.put(mapping.getNameIdentifierFormat(), mapping);
-
-               /* Will probably bump this into an HS specific base class
-               if (mapping.getId() != null && (!mapping.getId().equals(""))) {
-                       byId.put(mapping.getId(), mapping);
-               }
-               */
        }
 
-       public NameIdentifierMapping getNameIdentifierMappingByFormat(String format) {
+       public NameIdentifierMapping getNameIdentifierMapping(String format) {
                return (NameIdentifierMapping) byFormat.get(format);
        }
 
diff --git a/src/edu/internet2/middleware/shibboleth/common/PrincipalNameIdentifier.java b/src/edu/internet2/middleware/shibboleth/common/PrincipalNameIdentifier.java
new file mode 100644 (file)
index 0000000..b338abe
--- /dev/null
@@ -0,0 +1,68 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.common;
+
+import org.opensaml.SAMLNameIdentifier;
+import org.w3c.dom.Element;
+
+/**
+ * @author Walter Hoehn
+ */
+public class PrincipalNameIdentifier extends BaseNameIdentifierMapping {
+
+       public PrincipalNameIdentifier(Element config) throws NameIdentifierMappingException {
+               super(config);
+       }
+
+       public AuthNPrincipal getPrincipal(SAMLNameIdentifier nameId, ServiceProvider sProv, IdentityProvider idProv)
+               throws NameIdentifierMappingException, InvalidNameIdentifierException {
+
+               return new AuthNPrincipal(nameId.getName());
+       }
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/common/ServiceProvider.java b/src/edu/internet2/middleware/shibboleth/common/ServiceProvider.java
new file mode 100644 (file)
index 0000000..abaac10
--- /dev/null
@@ -0,0 +1,55 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.common;
+
+/**
+ * @author Walter Hoehn
+ */
+public interface ServiceProvider {
+
+}
index 7c9064f..cc8ca74 100644 (file)
 
 package edu.internet2.middleware.shibboleth.hs;
 
+import org.opensaml.SAMLNameIdentifier;
+
 import edu.internet2.middleware.shibboleth.common.AuthNPrincipal;
+import edu.internet2.middleware.shibboleth.common.IdentityProvider;
 import edu.internet2.middleware.shibboleth.common.NameIdentifierMapping;
 import edu.internet2.middleware.shibboleth.common.NameIdentifierMappingException;
+import edu.internet2.middleware.shibboleth.common.ServiceProvider;
 
 /**
  * @author Walter Hoehn
@@ -48,6 +52,6 @@ public interface HSNameIdentifierMapping extends NameIdentifierMapping {
        
        public String getId();
        
-       public String getNameIdentifierName(AuthNPrincipal principal) throws NameIdentifierMappingException;
+       public SAMLNameIdentifier getNameIdentifierName(AuthNPrincipal principal, ServiceProvider sProv, IdentityProvider idProv) throws NameIdentifierMappingException;
 
 }
diff --git a/src/edu/internet2/middleware/shibboleth/hs/HSNameMapper.java b/src/edu/internet2/middleware/shibboleth/hs/HSNameMapper.java
new file mode 100644 (file)
index 0000000..ebc52d5
--- /dev/null
@@ -0,0 +1,75 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+package edu.internet2.middleware.shibboleth.hs;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import edu.internet2.middleware.shibboleth.common.NameIdentifierMapping;
+import edu.internet2.middleware.shibboleth.common.NameMapper;
+
+/**
+ * @author Walter Hoehn
+ */
+public class HSNameMapper extends NameMapper {
+
+       private Map byId = new HashMap();
+
+       public void addNameMapping(NameIdentifierMapping mapping) {
+               super.addNameMapping(mapping);
+               if (mapping instanceof HSNameIdentifierMapping) {
+                       if (((HSNameIdentifierMapping) mapping).getId() != null
+                               && (!((HSNameIdentifierMapping) mapping).getId().equals(""))) {
+                               byId.put(((HSNameIdentifierMapping) mapping).getId(), mapping);
+                       }
+               }
+       }
+       
+       public HSNameIdentifierMapping getNameIdentifierMappingById(String id) {
+               return (HSNameIdentifierMapping) byId.get(id);
+       }
+}
diff --git a/src/edu/internet2/middleware/shibboleth/hs/provider/SharedMemoryShibHandle.java b/src/edu/internet2/middleware/shibboleth/hs/provider/SharedMemoryShibHandle.java
new file mode 100644 (file)
index 0000000..1ab8a20
--- /dev/null
@@ -0,0 +1,132 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation
+ * for Advanced Internet Development, Inc. All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution, if any, must include
+ * the following acknowledgment: "This product includes software developed by
+ * the University Corporation for Advanced Internet Development
+ * <http://www.ucaid.edu> Internet2 Project. Alternately, this acknowledegement
+ * may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor
+ * Internet2, nor the University Corporation for Advanced Internet Development,
+ * Inc., nor UCAID may be used to endorse or promote products derived from this
+ * software without specific prior written permission. For written permission,
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor
+ * may Shibboleth appear in their name, without prior written permission of the
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+package edu.internet2.middleware.shibboleth.hs.provider;
+
+import org.apache.log4j.Logger;
+import org.doomdark.uuid.UUIDGenerator;
+import org.opensaml.SAMLNameIdentifier;
+import org.w3c.dom.Element;
+
+import edu.internet2.middleware.shibboleth.common.AuthNPrincipal;
+import edu.internet2.middleware.shibboleth.common.BaseNameIdentifierMapping;
+import edu.internet2.middleware.shibboleth.common.IdentityProvider;
+import edu.internet2.middleware.shibboleth.common.InvalidNameIdentifierException;
+import edu.internet2.middleware.shibboleth.common.NameIdentifierMappingException;
+import edu.internet2.middleware.shibboleth.common.ServiceProvider;
+import edu.internet2.middleware.shibboleth.hs.HSNameIdentifierMapping;
+
+/**
+ * @author Walter Hoehn
+ */
+public class SharedMemoryShibHandle extends BaseNameIdentifierMapping implements HSNameIdentifierMapping {
+//TODO need to move the guts of this class out of the HandleRepository implementations
+       private String id;
+       protected HandleCache cache = HandleCache.instance();
+       private static Logger log = Logger.getLogger(SharedMemoryShibHandle.class.getName());
+
+       public SharedMemoryShibHandle(Element config) throws NameIdentifierMappingException {
+               super(config);
+               String id = ((Element) config).getAttribute("id");
+               if (id != null || !id.equals("")) {
+                       this.id = id;
+               }
+       }
+
+       public String getId() {
+               return id;
+       }
+
+       public SAMLNameIdentifier getNameIdentifierName(
+               AuthNPrincipal principal,
+               ServiceProvider sProv,
+               IdentityProvider idProv)
+               throws NameIdentifierMappingException {
+
+               if (principal == null) {
+                       log.error("A principal must be supplied for Attribute Query Handle creation.");
+                       throw new IllegalArgumentException("A principal must be supplied for Attribute Query Handle creation.");
+               }
+
+               String handle = UUIDGenerator.getInstance().generateRandomBasedUUID().toString();
+               log.debug("Assigning handle (" + handle + ") to principal (" + principal.getName() + ").");
+               synchronized (cache.handleEntries) {
+                       cache.handleEntries.put(handle, createHandleEntry(principal));
+               }
+               
+               return new SAMLNameIdentifier(handle, "qualifier", getNameIdentifierFormat().toString());
+
+       }
+
+       public AuthNPrincipal getPrincipal(SAMLNameIdentifier nameId, ServiceProvider sProv, IdentityProvider idProv)
+               throws NameIdentifierMappingException, InvalidNameIdentifierException {
+
+               synchronized (cache.handleEntries) {
+                       if (!cache.handleEntries.containsKey(nameId.getName())) {
+                               log.debug("The Name Mapping Cache does not contain an entry for this Attribute Query Handle.");
+                               throw new InvalidNameIdentifierException("The Name Mapping Cache does not contain an entry for this Attribute Query Handle.");
+                       }
+               }
+
+               HandleEntry handleEntry;
+               synchronized (cache.handleEntries) {
+                       handleEntry = (HandleEntry) cache.handleEntries.get(nameId.getName());
+               }
+
+               if (handleEntry.isExpired()) {
+                       log.debug("Attribute Query Handle is expired.");
+                       synchronized (cache.handleEntries) {
+                               cache.handleEntries.remove(nameId.getName());
+                       }
+                       throw new InvalidNameIdentifierException("Attribute Query Handle is expired.");
+               } else {
+                       log.debug("Attribute Query Handle recognized.");
+                       return handleEntry.principal;
+               }
+       }
+
+
+}