* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
package edu.internet2.middleware.shibboleth.idp.profile;
import java.util.Map;
import org.springframework.web.servlet.HttpServletBean;
import edu.internet2.middleware.shibboleth.common.profile.ProfileHandler;
+import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyManager;
+import edu.internet2.middleware.shibboleth.common.session.SessionManager;
+import edu.internet2.middleware.shibboleth.idp.session.Session;
/**
* Servlet responsible for dispatching incoming requests to the appropriate {@link ProfileHandler}.
*/
public class ProfileRequestDispatcher extends HttpServletBean {
- /** Serial version UID. */
- private static final long serialVersionUID = -8899576775507240060L;
-
/** Registered profile handlers. */
private Map<String, ProfileHandler> profileHandlers;
-
+
+ /** User session manager. */
+ private SessionManager<Session> sessionManager;
+
+ /** Relying party configuration manager. */
+ private RelyingPartyManager rpManager;
+
/**
* Gets the profile handlers currently registered.
*
* @return profile handlers currently registered
*/
- public Map<String, ProfileHandler> getProfileHandlers(){
+ public Map<String, ProfileHandler> getProfileHandlers() {
return profileHandlers;
}
-
+
/**
* Sets all the profile handlers to use.
*
* @param handlers the profile handlers to use
*/
- public void setProfileHandlers(Map<String, ProfileHandler> handlers){
+ public void setProfileHandlers(Map<String, ProfileHandler> handlers) {
profileHandlers = handlers;
}
-
+
/** {@inheritDoc} */
- public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException{
+ public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException {
String path = request.getPathInfo();
ProfileHandler handler = profileHandlers.get(path);
-
- if(handler != null){
- handler.processRequest(request, response);
+
+ if (handler != null) {
+ ShibbolethProfileRequest profileReq = new ShibbolethProfileRequest(request, null, sessionManager, rpManager);
+ ShibbolethProfileResponse profileResp = new ShibbolethProfileResponse(response, null);
+ handler.processRequest(profileReq, profileResp);
}
-
+
// TODO handle case where there is no registered profile
}
}
\ No newline at end of file
package edu.internet2.middleware.shibboleth.idp.profile;
-import javax.servlet.ServletRequest;
+import javax.servlet.http.HttpServletRequest;
+import org.opensaml.common.binding.BindingException;
import org.opensaml.common.binding.MessageDecoder;
+import org.opensaml.xml.XMLObject;
import edu.internet2.middleware.shibboleth.common.profile.ProfileRequest;
+import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration;
+import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyManager;
+import edu.internet2.middleware.shibboleth.common.session.SessionManager;
+import edu.internet2.middleware.shibboleth.idp.session.Session;
/**
* Shibboleth {@link ProfileRequest}.
*/
-public class ShibbolethProfileRequest implements ProfileRequest {
+public class ShibbolethProfileRequest implements ProfileRequest<HttpServletRequest, Session> {
- /** Request to process. */
- private ServletRequest request;
+ /** Decoder used to decode the incomming request. */
+ private MessageDecoder<HttpServletRequest> messageDecoder;
- /** For decoding requests. */
- private MessageDecoder<ServletRequest> messageDecoder;
+ /** The in comming request. */
+ private HttpServletRequest rawRequest;
+
+ /** Configuration information for the requesting party. */
+ private RelyingPartyConfiguration rpConfiguration;
+
+ /** The decoded request message. */
+ private XMLObject decodedMessage;
+
+ /** The current user session. */
+ private Session userSession;
/**
* Constructor.
*
- * @param r to process
- * @param d for decoding the servlet request
+ * @param request the incomming HTTP request
+ * @param decoder the decoder for the request, all information but the request must be set already
+ * @param sessionManager the manager of current user sessions
+ * @param rpConfigManager the relying party configuration manager
*/
- public ShibbolethProfileRequest(ServletRequest r, MessageDecoder<ServletRequest> d) {
- request = r;
- messageDecoder = d;
+ public ShibbolethProfileRequest(HttpServletRequest request, MessageDecoder<HttpServletRequest> decoder,
+ SessionManager<Session> sessionManager, RelyingPartyManager rpConfigManager){
+
+ rawRequest = request;
+ userSession = sessionManager.getSession(request.getSession().getId());
+ messageDecoder = decoder;
}
/** {@inheritDoc} */
- public ServletRequest getRequest() {
- return request;
+ public MessageDecoder<HttpServletRequest> getMessageDecoder() {
+ return messageDecoder;
}
/** {@inheritDoc} */
- public MessageDecoder<ServletRequest> getMessageDecoder() {
- return messageDecoder;
+ public HttpServletRequest getRawRequest() {
+ return rawRequest;
+ }
+
+ /** {@inheritDoc} */
+ public RelyingPartyConfiguration getRelyingPartyConfiguration() {
+ return rpConfiguration;
+ }
+
+ /** {@inheritDoc} */
+ public synchronized XMLObject getRequest() throws BindingException{
+ if(decodedMessage == null){
+ messageDecoder.setRequest(rawRequest);
+ messageDecoder.decode();
+ decodedMessage = messageDecoder.getSAMLMessage();
+ }
+ return decodedMessage;
+ }
+
+ /** {@inheritDoc} */
+ public Session getSession() {
+ return userSession;
}
-}
+}
\ No newline at end of file
package edu.internet2.middleware.shibboleth.idp.profile;
-import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BindingException;
import org.opensaml.common.binding.MessageEncoder;
+import org.opensaml.xml.XMLObject;
import edu.internet2.middleware.shibboleth.common.profile.ProfileResponse;
/**
* Shibboleth {@link ProfileResponse}.
*/
-public class ShibbolethProfileResponse implements ProfileResponse {
+public class ShibbolethProfileResponse implements ProfileResponse<HttpServletResponse> {
- /** Response to send back to client. */
- private ServletResponse response;
+ /** Encoder used to send the response. */
+ private MessageEncoder<HttpServletResponse> messageEncoder;
- /** For encoding responses. */
- private MessageEncoder<ServletResponse> messageEncoder;
+ /** The outgoing response. */
+ private HttpServletResponse rawResponse;
/**
* Constructor.
*
- * @param r to send back
- * @param e for encoding the servlet response
+ * @param response the raw response
+ * @param encoder the encoder used to encode the response
*/
- public ShibbolethProfileResponse(ServletResponse r, MessageEncoder<ServletResponse> e) {
- response = r;
- messageEncoder = e;
+ public ShibbolethProfileResponse(HttpServletResponse response, MessageEncoder<HttpServletResponse> encoder) {
+ rawResponse = response;
+ messageEncoder = encoder;
}
/** {@inheritDoc} */
- public ServletResponse getResponse() {
- return response;
+ public MessageEncoder<HttpServletResponse> getMessageEncoder() {
+ return messageEncoder;
}
/** {@inheritDoc} */
- public MessageEncoder<ServletResponse> getMessageEncoder() {
- return messageEncoder;
+ public HttpServletResponse getRawResponse() {
+ return rawResponse;
+ }
+
+ /**
+ * {@inheritDoc}
+ *
+ * @throws BindingException thrown if the message can not be encoded and sent to the relying party
+ */
+ public void sendResponse(XMLObject response) throws BindingException {
+ messageEncoder.setResponse(rawResponse);
+ messageEncoder.setSAMLMessage((SAMLObject) response);
+ messageEncoder.encode();
}
-}
+}
\ No newline at end of file
package edu.internet2.middleware.shibboleth.idp.profile.adfs;
import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import edu.internet2.middleware.shibboleth.common.profile.ProfileHandler;
+import edu.internet2.middleware.shibboleth.common.profile.ProfileRequest;
+import edu.internet2.middleware.shibboleth.common.profile.ProfileResponse;
/**
* ADFS (Active Directory Federation Service) single sign-on profile handler
public class SingleSignOn implements ProfileHandler {
/** {@inheritDoc} */
- public boolean processRequest(ServletRequest request, ServletResponse response) throws ServletException {
+ public boolean processRequest(ProfileRequest request, ProfileResponse response) throws ServletException {
// TODO Auto-generated method stub
return false;
}
package edu.internet2.middleware.shibboleth.idp.profile.saml1;
import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import org.apache.log4j.Logger;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.SAMLVersion;
import org.opensaml.common.binding.BindingException;
-import org.opensaml.common.binding.MessageDecoder;
-import org.opensaml.common.binding.MessageEncoder;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.xml.XMLObjectBuilderFactory;
-import edu.internet2.middleware.shibboleth.common.attribute.filtering.FilteringEngine;
import edu.internet2.middleware.shibboleth.common.attribute.resolver.AttributeResolver;
import edu.internet2.middleware.shibboleth.common.profile.ProfileHandler;
-import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration;
/**
* Common implementation details for profile handlers.
/** For generating random ids. */
private SecureRandomIdentifierGenerator idGenerator;
- /** For decoding requests. */
- private MessageDecoder<ServletRequest> decoder;
-
- /** For encoding responses. */
- private MessageEncoder<ServletResponse> encoder;
-
- /** Relying party configuration. */
- private RelyingPartyConfiguration relyingPartyConfiguration;
-
/** For resolving attributes. */
private AttributeResolver resolver;
}
/**
- * Sets the decoder.
- *
- * @param d <code>MessageDecoder</code>
- */
- public void setDecoder(MessageDecoder<ServletRequest> d) {
- decoder = d;
- }
-
- /**
- * Returns the decoder.
- *
- * @return <code>MessageDecoder</code>
- */
- public MessageDecoder<ServletRequest> getDecoder() {
- return decoder;
- }
-
- /**
- * Sets the encoder.
- *
- * @param e <code>MessageEncoder</code>
- */
- public void setEncoder(MessageEncoder<ServletResponse> e) {
- encoder = e;
- }
-
- /**
- * Returns the encoder.
- *
- * @return <code>MessageEncoder</code>
- */
- public MessageEncoder<ServletResponse> getEncoder() {
- return encoder;
- }
-
- /**
* Sets the attribute resolver.
*
* @param r <code>AttributeResolver</code>
public FilteringEngine getFilteringEngine() {
return engine;
}
-
- /**
- * Returns the relying party configuration.
- *
- * @return Returns the relyingParty.
- */
- public RelyingPartyConfiguration getRelyingPartyConfiguration() {
- return relyingPartyConfiguration;
- }
-
- /**
- * Sets the relying party configuration.
- *
- * @param c The relyingParty to set.
- */
- public void setRelyingPartyConfiguration(RelyingPartyConfiguration c) {
- relyingPartyConfiguration = c;
- }
/**
* This decodes the attribute query message from the supplied request.
/** For generating random ids. */
private IdentifierGenerator idGenerator;
- /** Relying party configuration. */
- private RelyingPartyManager relyingPartyManager;
-
/** Builder for Response elements. */
protected XMLObjectBuilder responseBuilder;
}
/**
- * Returns the relying party manager.
- *
- * @return Returns the relyingPartyManager.
- */
- public RelyingPartyManager getRelyingPartyManager() {
- return relyingPartyManager;
- }
-
- /**
- * Sets the relying party manager.
- *
- * @param m The relyingPartyManager to set.
- */
- public void setRelyingPartyManager(RelyingPartyManager m) {
- relyingPartyManager = m;
- }
-
- /**
* This decodes the attribute query message from the supplied request.
*
* @param decoder <code>MessageDecoder</code>