import java.io.*;
import java.util.*;
+import java.security.*;
+import java.security.cert.*;
import edu.internet2.middleware.shibboleth.*;
import edu.internet2.middleware.shibboleth.common.*;
import org.opensaml.*;
-
public class HandleServiceSAML {
protected String domain;
protected String AAurl;
public String[] policies = { Constants.POLICY_CLUBSHIB };
private ShibPOSTProfile spp;
+ PrivateKey privateKey;
+ X509Certificate cert;
- public HandleServiceSAML( String domain, String AAurl, String issuer)
- throws SAMLException
+ public HandleServiceSAML( String domain, String AAurl, String HSname,
+ String KSpath, String KSpass, String KSkeyalias,
+ String KSkeypass, String certalias )
+ throws SAMLException, KeyStoreException, Exception
{
this.domain = domain;
this.AAurl = AAurl;
- spp = ShibPOSTProfileFactory.getInstance( policies, issuer );
+ KeyStore ks = KeyStore.getInstance("JKS");
+ FileInputStream fis = new FileInputStream(KSpath);
+ ks.load( fis, KSpass.toCharArray());
+ privateKey = (PrivateKey)ks.getKey(KSkeyalias, KSkeypass.toCharArray());
+ cert =(X509Certificate)ks.getCertificate(certalias);
+
+
+ spp = ShibPOSTProfileFactory.getInstance( policies, HSname );
}
public byte[] prepare ( String handle, String shireURL,
try {
hsSAML = new HandleServiceSAML( getInitParameter("domain"),
getInitParameter("AAurl"),
- getInitParameter("issuer") );
+ getInitParameter("HSname"),
+ getInitParameter("KSpath"),
+ getInitParameter("KSpass"),
+ getInitParameter("KSkeyalias"),
+ getInitParameter("KSkeypass"),
+ getInitParameter("certalias") );
hrf = HandleRepositoryFactory.getInstance
( Constants.POLICY_CLUBSHIB, this );
}
catch (SAMLException ex) {
throw new ServletException( "Error initializing SAML libraries: " + ex );
}
+ catch (java.security.KeyStoreException ex) {
+ throw new ServletException( "Error initializing private KeyStore: " + ex );
+ }
+
catch (HandleException ex) {
throw new ServletException( "Error initializing Handle Service: " +ex );
}
+ catch (Exception ex) {
+ throw new ServletException( "Error initializing private KeyStore: " +ex );
+ }
if (hsSAML == null) {
throw new ServletException( "Error initializing SAML libraries: No Profile created." );
}
getInitParameter("AAurl").equals("")) {
throw new ServletException("Cannot find host Attribute Authority location in init parameters");
}
-
+ if ( getInitParameter("HSname") == null ||
+ getInitParameter("HSname").equals("")) {
+ throw new ServletException("Cannot find Handle Service name in init parameters");
+ }
+ if ( getInitParameter("KSpath") == null ||
+ getInitParameter("AAurl").equals("")) {
+ throw new ServletException("Cannot find path to KeyStore file in init parameters");
+ }
+ if ( getInitParameter("KSpass") == null ||
+ getInitParameter("KSpass").equals("")) {
+ throw new ServletException("Cannot find password to KeyStore in init parameters");
+ }
+ if ( getInitParameter("KSkeyalias") == null ||
+ getInitParameter("AAurl").equals("")) {
+ throw new ServletException("Cannot find private key alias to KeyStore in init parameters");
+ }
+ if ( getInitParameter("KSkeypass") == null ||
+ getInitParameter("KSkeypass").equals("")) {
+ throw new ServletException("Cannot find private key password to Keystore in init parameters");
+ }
+ if ( getInitParameter("certalias") == null ||
+ getInitParameter("certalias").equals("")) {
+ throw new ServletException("Cannot find certificate alias in init parameters");
+ }
+
}
out.println("</form>");
/**
- * soon to implement forwarding to hs.jsp for submission
+ * uncomment the following to implement
+ * forwarding to hs.jsp for submission
*
//Hardcoded to ASCII to ensure Base64 encoding compatibility
req.setAttribute("assertion", new String(buf, "ASCII"));
throws ServletException, IOException {
req.setAttribute("errorText", e.toString());
- // req.setAttribute("requestURL", req.getRequestURL().toString());
+ req.setAttribute("requestURL", req.getRequestURI().toString());
RequestDispatcher rd = req.getRequestDispatcher("/hserror.jsp");
rd.forward(req, res);
projects / java-idp.git / commitdiff