first attempt at adding the ui
authorblk <blk@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 1 Oct 2002 18:39:05 +0000 (18:39 +0000)
committerblk <blk@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 1 Oct 2002 18:39:05 +0000 (18:39 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@310 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/ui/UI.java [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIException.java [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIedit.jsp [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIerror.jsp [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIfilter.jsp [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIlist.jsp [new file with mode: 0755]
src/edu/internet2/middleware/shibboleth/ui/UIlogin.jsp [new file with mode: 0755]

diff --git a/src/edu/internet2/middleware/shibboleth/ui/UI.java b/src/edu/internet2/middleware/shibboleth/ui/UI.java
new file mode 100755 (executable)
index 0000000..604849b
--- /dev/null
@@ -0,0 +1,437 @@
+/* 
+ * The Shibboleth License, Version 1. 
+ * Copyright (c) 2002 
+ * University Corporation for Advanced Internet Development, Inc. 
+ * All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this 
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice, 
+ * this list of conditions and the following disclaimer in the documentation 
+ * and/or other materials provided with the distribution, if any, must include 
+ * the following acknowledgment: "This product includes software developed by 
+ * the University Corporation for Advanced Internet Development 
+ * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement 
+ * may appear in the software itself, if and wherever such third-party 
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor 
+ * Internet2, nor the University Corporation for Advanced Internet Development, 
+ * Inc., nor UCAID may be used to endorse or promote products derived from this 
+ * software without specific prior written permission. For written permission, 
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2, 
+ * UCAID, or the University Corporation for Advanced Internet Development, nor 
+ * may Shibboleth appear in their name, without prior written permission of the 
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK 
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE. 
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY 
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.ui;
+
+
+import java.io.*;
+import java.util.*;
+import javax.servlet.*;
+import javax.servlet.http.*;
+import javax.naming.*;
+import javax.naming.directory.*;
+import org.apache.log4j.Logger;
+import edu.internet2.middleware.shibboleth.aa.*;
+
+public class UI extends HttpServlet {
+
+    private String adminArpName = "#ADMIN#";
+    private String defaultArpName = "#DEFAULT#";
+    private String debug = "true";
+
+    private String arpDir;
+    private String ldapUrl;
+    private String attrFile;
+
+    private ArpRepository arpFactory;
+
+    private static Logger log = 
+       Logger.getLogger(UI.class.getName());; 
+    
+    public void init(ServletConfig conf)
+       throws ServletException
+    {
+       super.init(conf);
+       getInitParams();
+       log.info("UI: Loading init params");
+       try {
+           Properties props = new Properties();
+           props.setProperty("arpFactoryRealpath", arpDir);
+           arpFactory = ArpRepositoryFactory.getInstance("edu.internet2.middleware.shibboleth.aa.FileArpRepository", props);
+
+       } catch (Exception ex) {
+           throw new ServletException(ex);
+       }
+    }
+    
+    private void getInitParams() throws ServletException {
+       arpDir = getInitParameter("ARPdir");
+       if (arpDir == null || arpDir.equals("")) 
+           throw new ServletException("Cannot find location of ARPs in init parameters");
+
+       ldapUrl = getInitParameter("LDAPurl");
+       if (ldapUrl == null || ldapUrl.equals("")) 
+           throw new ServletException("Cannot find URL of LDAP directory in init parameters");
+       
+       attrFile = getInitParameter("AttrJarfile");
+       if (attrFile == null || attrFile.equals("")) 
+           throw new ServletException("Cannot find location of attribute jarfile in init parameters");
+    }
+
+    public void service(HttpServletRequest req, 
+                     HttpServletResponse res)
+       throws ServletException, IOException
+    {
+       String username = req.getParameter("username");
+
+       req.setAttribute("username", username);
+       req.setAttribute("requestURL", req.getRequestURI().toString());
+       req.setAttribute("attrFile", attrFile);
+       req.setAttribute("ldapUrl", ldapUrl);
+
+       String action = req.getParameter("Submit");
+       String resource = req.getParameter("Resource");
+       String err = "";
+
+       try{
+           if (username !=null) {
+               try{
+                   DirContext userCtx = getUserCtx(username);
+               } catch (UIException ex) {
+                   err = "Error: No record found for user "+username;
+                   username = "";
+               }
+           }
+           if (username==null || username.equals("") || action==null) {
+               getLogin(req, res, err); 
+           }
+           else {
+           if (action.equals("Change user")) {
+               getLogin(req, res, err); 
+           }
+           if (action.equals("Login") || action.equals("Cancel")) {
+               String isNew = req.getParameter("isNew");
+               if (isNew!=null && isNew.equals("true"))
+                   deleteArp(username, resource);
+               listArps(username, req, res);
+           }
+           if (action.equals("Edit")) {
+               editArp(username, resource, req, res, "false");
+           }
+           if (action.equals("Add new resource") || action.equals("Copy")) {
+               editArp(username, resource, req, res, "true");
+           }
+           if (action.equals("Save")) {
+               saveArp(username, resource, req, res);
+           }
+           if (action.equals("Delete") || action.equals("Delete entire ARP")) {
+               deleteArp(username, resource);
+               listArps(username, req, res);
+           }
+           if (action.equals("Filter")) {
+               editFilter(username, resource, req, res, "false");
+           }
+           if (action.equals("Save Filter")) {
+               saveFilter(username, resource, req, res);
+           }
+             }     
+        } catch (UIException ex) {
+           //          System.out.println(ex);
+               handleError(req, res, ex);
+           }
+    }
+
+    private void loadJsp(String page, 
+                        HttpServletRequest req, 
+                        HttpServletResponse res)
+       throws UIException 
+    {
+       try { 
+           RequestDispatcher rd = req.getRequestDispatcher(page);
+           rd.forward(req, res);
+       } catch (IOException ex) {
+           throw new UIException
+               ("IO interruption while displaying UI login." + ex);
+       } catch (ServletException ex) {
+           throw new UIException
+               ("Error displaying UI login." + ex);
+       } 
+    }
+
+    private void getLogin(HttpServletRequest req, 
+                        HttpServletResponse res,
+                         String err) 
+       throws UIException
+    {
+       req.setAttribute("err", err);
+       req.setAttribute("debug", debug);
+       loadJsp("/UIlogin.jsp", req, res);
+    }
+
+    private void listArps(String username, HttpServletRequest req, 
+                         HttpServletResponse res) 
+       throws UIException
+    {
+       try{
+           Arp arp = arpFactory.lookupArp(username, false);
+           Arp defaultArp = getDefault();
+           ArpResource r = (defaultArp.getShar("*")).getResource("*");
+           req.setAttribute("shars", arp.getShars());
+           req.setAttribute("defaultRes", r);
+           req.setAttribute("debug", debug);
+           req.setAttribute("userCtx", getUserCtx(username));
+       } catch (Exception ex) {
+           throw new UIException("Error retrieving user" +ex);
+       }
+
+       loadJsp("/UIlist.jsp", req, res);
+    } 
+    
+    private Arp getDefault() {
+       try{
+           Arp defaultArp = arpFactory.lookupArp("#DEFAULT", true);
+           ArpShar s = defaultArp.getShar("*");
+           if (s==null)
+               s = new ArpShar("*", true);
+           ArpResource r = s.getResource("*");
+           if (r==null)
+               r = new ArpResource("*");
+           s.addAResource(r);
+           defaultArp.addAShar(s);
+           arpFactory.update(defaultArp);
+           return defaultArp;
+       }catch (Exception e)
+           {}
+       return null;
+    }
+
+    private void editArp(String username,
+                        String resource,
+                        HttpServletRequest req, 
+                        HttpServletResponse res,
+                        String isNew) 
+       throws UIException
+    {
+       try{
+       Arp arp = arpFactory.lookupArp(username, false);
+       ArpShar s = arp.getShar(resource);
+       Arp adminArp = arpFactory.lookupArp("#ADMIN#", true);
+
+       AAAttributes aaa = new AAAttributes(attrFile);
+
+       req.setAttribute("userCtx", getUserCtx(username));
+       req.setAttribute("allAttrs", aaa.list());
+       req.setAttribute("resource", (s==null) ? new ArpResource("", "") : s.getResource(resource));
+       req.setAttribute("isNew", isNew);
+       } catch (Exception ex) {
+           throw new UIException("Error retrieving filter." +ex);
+       }
+
+       loadJsp("/UIedit.jsp", req, res);
+    }
+
+    /*********
+     ** Loads page to edit ARP filter 
+     **/
+
+    private void editFilter(String username,
+                           String resource,
+                           HttpServletRequest req, 
+                           HttpServletResponse res,
+                           String close)
+       throws UIException
+    {
+       try{
+       String attr = req.getParameter("Attr");
+       Arp arp = arpFactory.lookupArp(username, false);
+       ArpShar s = arp.getShar(resource);
+       ArpResource r = null;
+       ArpAttribute a = null;
+       if (s!=null)
+           r = s.getResource(resource);
+       if (r!=null)
+           a = r.getAttribute(attr);
+       if (a == null)
+           a = new ArpAttribute(attr, false);
+       ArpFilter f = a.getFilter();
+
+       req.setAttribute("userCtx", getUserCtx(username));
+       req.setAttribute("resource", resource);
+       req.setAttribute("attr", new ArpAttribute(attr, false));
+       req.setAttribute("filter", f);
+       req.setAttribute("close", close);
+       } catch (Exception ex) {
+           throw new UIException("Error retrieving filter." +ex);
+       }
+       loadJsp("/UIfilter.jsp", req, res);
+    }
+
+    private DirContext getUserCtx(String username) 
+       throws UIException
+    {
+       DirContext userCtx = null;
+       Hashtable env = new Hashtable(11);
+       env.put(Context.INITIAL_CONTEXT_FACTORY,
+               "com.sun.jndi.ldap.LdapCtxFactory");
+       env.put(Context.PROVIDER_URL, ldapUrl);
+       try { 
+           DirContext ctx = new InitialDirContext(env);
+           userCtx = (DirContext)ctx.lookup("uid="+username);
+       } catch (Exception ex) {
+           throw new UIException
+               ("Error getting user context for "+username+". "+ex);
+       }
+       return userCtx;
+    }
+
+
+    private void handleError( HttpServletRequest req, 
+                            HttpServletResponse res,
+                            Exception e )  
+       throws ServletException, IOException {
+
+       req.setAttribute("errorText", e.toString());
+       req.setAttribute("requestURL", req.getRequestURI().toString());
+       RequestDispatcher rd = req.getRequestDispatcher("/UIerror.jsp");
+       
+       rd.forward(req, res);
+       
+    }
+          
+    private void deleteArp(String username, String resource)
+    {
+       try{ 
+           Arp arp = arpFactory.lookupArp(username, false);
+           if (arp.isNew())
+               return;
+           if (resource==null || resource.equals("")) {
+               arpFactory.remove(arp);
+               return;
+           }
+           /* NOTE: at the time of this interface, SHAR was required for 
+              sorting but, was not being specified by the user, so the 
+              resource and shar are the same thing. Thus, to delete a 
+              resource, delete both resource and shar.  If these two 
+              concepts get separated out again, do it individually */
+           ArpShar s = arp.getShar(resource);
+           if (s==null) 
+               return;
+           ArpResource r = s.getResource(resource);
+           if (r==null)
+               return;
+           s.removeAResource(resource);
+           arp.removeAShar(resource);
+           arpFactory.update(arp);
+       } catch (Exception e)  {
+       }
+    }
+
+    private void saveArp(String username, 
+                        String resource,
+                        HttpServletRequest req,
+                        HttpServletResponse res)
+    {
+       try{ 
+           Arp arp = arpFactory.lookupArp(username, false);
+           String []subAttrs = req.getParameterValues("attr");
+           ArpShar s = arp.getShar(resource);
+           if (s==null) 
+               s = new ArpShar(resource, false); 
+           ArpResource r = s.getResource(resource);
+           if (r==null)
+               r = new ArpResource(resource);
+           ArpAttribute[] attrs = r.getAttributes();
+
+           ArpResource nr = new ArpResource(resource, req.getParameter("comment"));
+           if (subAttrs!=null){
+               for (int i = 0; i < subAttrs.length; i++) {
+                   ArpAttribute a = r.getAttribute(subAttrs[i]);
+                   if (a!=null) 
+                       nr.addAnAttribute(a);
+                   else {
+                       a = new ArpAttribute(subAttrs[i], false);
+                       nr.addAnAttribute(a);
+                   }
+               }
+           }
+           s.addAResource(nr, true);
+           arp.addAShar(s);
+           arpFactory.update(arp);
+
+           listArps(username, req, res);
+
+       } catch (Exception e)  {
+       }
+    }
+
+    private void saveFilter(String username, 
+                           String resource,
+                           HttpServletRequest req,
+                           HttpServletResponse res)
+       throws UIException
+    {
+       try{
+       String attr = req.getParameter("Attr");
+       Arp arp = arpFactory.lookupArp(username, false);
+       ArpShar s = arp.getShar(resource);
+       if (s==null)
+           s = new ArpShar(resource, false);
+       ArpResource r = s.getResource(resource);
+       if (r==null)
+           r = new ArpResource(resource);
+       ArpAttribute a = r.getAttribute(attr);
+       if (a==null)
+           a = new ArpAttribute(attr, false);
+       
+       ArpFilter filter = new ArpFilter();
+
+       String[] vals = req.getParameterValues("filterval");
+       if (vals!=null){
+           for (int i=0; i<vals.length; i++) {
+               ArpFilterValue afv = new ArpFilterValue(vals[i], false);
+               filter.addAFilterValue(afv, true);
+           }
+       }
+       a.setFilter(filter, true);
+       r.addAnAttribute(a);
+       s.addAResource(r);
+       arp.addAShar(s);
+       arpFactory.update(arp);
+
+       editFilter(username, resource, req, res, "true");
+
+       } catch (Exception ex) {
+           System.err.println("error: " +ex);
+       }
+
+    }
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIException.java b/src/edu/internet2/middleware/shibboleth/ui/UIException.java
new file mode 100755 (executable)
index 0000000..cf6198b
--- /dev/null
@@ -0,0 +1,63 @@
+/* 
+ * The Shibboleth License, Version 1. 
+ * Copyright (c) 2002 
+ * University Corporation for Advanced Internet Development, Inc. 
+ * All rights reserved
+ * 
+ * 
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice, this 
+ * list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice, 
+ * this list of conditions and the following disclaimer in the documentation 
+ * and/or other materials provided with the distribution, if any, must include 
+ * the following acknowledgment: "This product includes software developed by 
+ * the University Corporation for Advanced Internet Development 
+ * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement 
+ * may appear in the software itself, if and wherever such third-party 
+ * acknowledgments normally appear.
+ * 
+ * Neither the name of Shibboleth nor the names of its contributors, nor 
+ * Internet2, nor the University Corporation for Advanced Internet Development, 
+ * Inc., nor UCAID may be used to endorse or promote products derived from this 
+ * software without specific prior written permission. For written permission, 
+ * please contact shibboleth@shibboleth.org
+ * 
+ * Products derived from this software may not be called Shibboleth, Internet2, 
+ * UCAID, or the University Corporation for Advanced Internet Development, nor 
+ * may Shibboleth appear in their name, without prior written permission of the 
+ * University Corporation for Advanced Internet Development.
+ * 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+ * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 
+ * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK 
+ * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE. 
+ * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY 
+ * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.ui;
+
+
+public class UIException extends Exception{
+    String msg;
+    public UIException(String s){
+        msg = s;
+    }
+    public String toString(){
+        return msg;
+    }
+}
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIedit.jsp b/src/edu/internet2/middleware/shibboleth/ui/UIedit.jsp
new file mode 100755 (executable)
index 0000000..b2f0dd8
--- /dev/null
@@ -0,0 +1,156 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html 
+        PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
+        "DTD/xhtml1-strict.dtd">
+       <%@ page import="edu.internet2.middleware.shibboleth.aa.*" %>
+       <%@ page import="javax.naming.*" %>
+       <%@ page import="javax.naming.directory.*" %>
+       <%@ page import="java.util.*" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+        <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="username" scope="request" class="java.lang.String"/>
+       <jsp:useBean id="resource" scope="request" class="edu.internet2.middleware.shibboleth.aa.ArpResource"/>
+       <jsp:useBean id="allAttrs" scope="request" class="java.lang.String[]"/>
+       <jsp:useBean id="userCtx" scope="request" class="javax.naming.directory.DirContext"/>
+       <jsp:useBean id="isNew" scope="request" class="java.lang.String"/>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+        <link rel="stylesheet" type="text/css" href="main.css" />
+        <title>Shibboleth ARP</title>
+<SCRIPT TYPE="text/javascript">
+<!--
+function popupFilter(attr) 
+{
+    res = window.document.edit.Resource.value;
+    if (res.length == 0 || res.indexOf(" ") != -1) {
+       alert("Please enter a valid resource URL"); 
+    } else {
+        var url = "<bean:write name="requestURL" />?Submit=Filter&username=<bean:write name="username"/>&Attr="+attr+"&Resource="+res;
+        window.open(url, 'fpage', 'resizable, height=300, width=250, dependant=yes');
+    }
+    return false;
+}
+
+function formSubmit()
+{
+   res = window.document.edit.Resource.value;
+   if (res.length == 0 || res.indexOf(" ") != -1) {
+       alert("Please enter a valid resource URL");
+        return false;
+   }
+   return true;
+}
+function formCancel()
+{
+   return true;
+}
+//-->
+</SCRIPT>
+
+  </head>
+
+
+  <body>
+    <div class="head">
+      <h1>Shibboleth Attribute Release Policy</h1>
+    </div>
+
+    <p><b>Editing ARP for <bean:write name="username" /></b></p>
+
+    <form name="edit" action="<bean:write name="requestURL" />" method="post">
+    <input type=hidden name="username" value="<bean:write name="username"/>">
+    <input type=hidden name="isNew" value="<bean:write name="isNew" />">
+    <p><b>Resource URL:</b> 
+<% 
+    if (isNew.equals("true")) {
+%>
+      <input type=text name="Resource" size=30 value="<jsp:getProperty name="resource" property="name"/>"> 
+<%   
+    } else { 
+%>
+        <input type=hidden name="Resource" value="<jsp:getProperty name="resource" property="name"/>">
+<%
+       out.println(resource.getName());
+    }
+%>     
+
+    </p><br>
+
+    <b>Attribute Release Policy:</b>
+    <hr>
+    <table width="100%" border=0>
+      <tr align="left">
+       <th width="30%">Attribute</th>
+       <th width="40%">All Value(s)</th>
+       <th width="10%">Filter</th>
+       <th width="10%">Release?</th>
+      </tr>
+
+<%
+      for (int i=0; i<allAttrs.length; i++) {
+       ArpAttribute aAttr = new ArpAttribute(allAttrs[i], false);
+       Attribute dAttr = aAttr.getDirAttribute(userCtx, true);
+       if (dAttr != null && dAttr.size() > 0) {
+%>
+          <tr><td>
+           <%=allAttrs[i]%>
+         </td>
+         <td>
+<%
+         if (dAttr.size() > 1) {
+             out.println("<select name=\"values\" size=1>");
+             out.println("<option>[See Values]</option>");
+             for (int j=0; j < dAttr.size(); j++)  {
+               out.println("<option>"+dAttr.get(j)+"</option>");
+             }
+           out.println("</select>");
+         } else {
+             out.println(dAttr.get());
+         }
+
+          String checkbool = "";
+         ArpAttribute a = null;
+         if (resource != null)
+           a = resource.getAttribute(allAttrs[i]);
+         if (a != null) 
+           checkbool = "checked"; 
+         else
+           a = new ArpAttribute(allAttrs[i], false);
+
+         out.println("</td><td>");
+
+
+         if (dAttr.size() > 1) {
+         String filtStr="add";
+         if (a.hasFilter())
+            filtStr="edit";
+
+%>
+
+        <a href="#" onClick="return popupFilter('<%=a.getName()%>','<%=resource.getName()%>');"><%=filtStr%></a>
+<% } %>
+       </td>
+       <td>
+         <input type="checkbox" name="attr" value="<%=a.getName()%>" 
+         <%=checkbool%>>&nbsp;Yes
+       </td>
+
+      </tr>
+<% } } %>
+      </table>
+      
+      <p><b>Comment:</b>
+       <br>
+       <input type="text" name="comment" value="<jsp:getProperty name="resource" property="comment"/>" size="40">
+       </textarea>
+      </p>
+       
+      <hr>
+       <input type="hidden" name="username" value="<bean:write name="username"/>">     
+      <input type="submit" name="Submit" value="Save" onClick="return formSubmit();">&nbsp;&nbsp;
+
+       <input type="submit" name="Submit" value="Cancel" onClick="return formCancel();" >
+      </form>
+    <hr>
+         
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIerror.jsp b/src/edu/internet2/middleware/shibboleth/ui/UIerror.jsp
new file mode 100755 (executable)
index 0000000..40358f0
--- /dev/null
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html 
+        PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
+        "DTD/xhtml1-strict.dtd">
+        <%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+
+        <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="errorText" scope="request" class="java.lang.String"/>
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+        <link rel="stylesheet" type="text/css" href="main.css" />
+        <title>Shibboleth Handle Service Failure</title>
+</head>
+
+<body>
+<div class="head">
+<h1>Shibboleth Handle Service Failure</h1>
+</div>
+
+<p>The inter-institutional access system experienced a technical failure.</p>
+<hr>
+<p class="error">Handle Service failure at (<bean:write name="requestURL" />)</p
+>
+
+<p><bean:write name="errorText" /></p>
+
+</body>
+</html>
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIfilter.jsp b/src/edu/internet2/middleware/shibboleth/ui/UIfilter.jsp
new file mode 100755 (executable)
index 0000000..8e01301
--- /dev/null
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html 
+        PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
+        "DTD/xhtml1-strict.dtd">
+       <%@ page import="edu.internet2.middleware.shibboleth.aa.*" %>
+       <%@ page import="javax.naming.*" %>
+       <%@ page import="javax.naming.directory.*" %>
+       <%@ page import="java.util.*" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+        <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="username" scope="request" class="java.lang.String"/>
+       <jsp:useBean id="userCtx" scope="request" class="javax.naming.directory.DirContext"/>
+       <jsp:useBean id="attr" scope="request" class="edu.internet2.middleware.shibboleth.aa.ArpAttribute"/>
+       <jsp:useBean id="filter" scope="request" class="edu.internet2.middleware.shibboleth.aa.ArpFilter"/>
+       <jsp:useBean id="resource" scope="request" class="java.lang.String"/>
+       <jsp:useBean id="close" scope="request" class="java.lang.String"/>
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+        <link rel="stylesheet" type="text/css" href="main.css" />
+        <title>Shibboleth ARP</title>
+
+  </head>
+
+<body
+<% 
+ if (close.equals("true")) 
+       out.println(" onLoad=window.close()");
+%>
+>
+       
+    <p><b>Editing filter for attribute <bean:write name="attr" /></b></p>
+    
+     Select values for this attribute that should <b>not</b> be released:
+
+    <p><form name="filter_form" action="<bean:write name="requestURL" />" method="POST">
+       <table>
+       
+<% 
+    Attribute dAttr = attr.getDirAttribute(userCtx, true);
+
+    if (dAttr != null && dAttr.size() > 0) {
+    for (int j=0; j < dAttr.size(); j++)  {
+      String checked = "";
+      if (filter != null) {
+       ArpFilterValue afv = new ArpFilterValue(dAttr.get(j), false);
+       ArpFilterValue[] afva = filter.getFilterValues();       
+       for (int k=0;k<afva.length;k++) { 
+         if (afva[k].equals(afv))  
+           checked = "checked";
+       }
+      }
+
+      out.println("<tr><td>"+dAttr.get(j)+"</td>");
+      out.println("<td><input type=\"checkbox\" name=\"filterval\" value=\""+dAttr.get(j)+"\" "+checked+">&nbsp;Yes</td></tr>");
+    } 
+  }
+%>
+
+       </table>
+      <p>
+      <input type=hidden name="Attr" value="<jsp:getProperty name="attr" property="name"/>">
+      <input type=hidden name="username" value="<bean:write name="username"/>">
+      <input type=hidden name="Resource" value="<bean:write name="resource"/>"> 
+      <input type=submit name="Submit" value="Save Filter">
+      <input type=submit name="Submit" value="Cancel" onClick="javascript:window.close();">
+  </form>
+  
+
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIlist.jsp b/src/edu/internet2/middleware/shibboleth/ui/UIlist.jsp
new file mode 100755 (executable)
index 0000000..7e58921
--- /dev/null
@@ -0,0 +1,131 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html 
+        PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
+        "DTD/xhtml1-strict.dtd">
+       <%@ page import="edu.internet2.middleware.shibboleth.aa.*" %>
+       <%@ page import="javax.naming.*" %>
+       <%@ page import="javax.naming.directory.*" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+        <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="username" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="userCtx" scope="request" class="javax.naming.directory.DirContext"/>
+       <jsp:useBean id="shars" scope="request" class="edu.internet2.middleware.shibboleth.aa.ArpShar[]"/>
+       <jsp:useBean id="debug" scope="request" class="java.lang.String"/>
+<jsp:useBean id="defaultRes" scope="request" class="edu.internet2.middleware.shibboleth.aa.ArpResource"/>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+        <link rel="stylesheet" type="text/css" href="main.css" />
+        <title>Shibboleth ARP</title>
+  </head>
+
+
+  <body>
+    <div class="head">
+      <h1>Shibboleth Attribute Release Policy</h1>
+    </div>
+
+    <p><b>ARP for <bean:write name="username" /></b></p>
+    
+    <table width="100%" border=1>
+       <tr>
+         <th width="20%">Resource Name</th>
+         <th width="20%">Notes</th> 
+         <th width="30%">Attributes Released</th>
+         <th>Actions</th>
+       </tr>
+       <tr>
+         <td>(*)</td>
+         <td><i>Default release policy</i></td>
+         <td>
+<%
+  ArpAttribute []aa= defaultRes.getAttributes();
+  for (int i = 0; i < aa.length; i++) 
+    out.println(aa[i].getName() + "<br>");
+%>
+         </td>
+         <td></td>
+       </tr>
+    </table>
+<p><hr><p>
+<% if (shars.length > 0) { 
+%>
+    <table width="100%" border=1>
+       <tr>
+         <th width="20%">Resource Name</th>
+         <th width="20%">Notes</th> 
+         <th width="30%">Attributes Released</th>
+         <th>Actions</th>
+       </tr>
+<logic:iterate id="shar" name="shars">
+  <logic:iterate id="resource" name="shar" property="resources">
+    <tr>
+<%
+    String res = ((edu.internet2.middleware.shibboleth.aa.ArpResource)resource).getName();
+    String resourceUrl = (res.startsWith("http")) ? 
+       resourceUrl = res.substring(res.indexOf(":")+3) : res;
+%>
+    <form name="list<jsp:getProperty name="resource" property="name" />" action="<bean:write name="requestURL"/>" method="post">
+       <td><a href="http://<%=resourceUrl%>"><jsp:getProperty name="resource" property="name" /></a></td>
+       <td><jsp:getProperty name="resource" property="comment" /></td>
+<!--   <td><logic:iterate id="attr" name="resource" property="attributes">
+         <jsp:getProperty name="attr" property="name" />, 
+         </logic:iterate></td> -->
+       <td>
+<%
+  String[] nvals = getAttrVals((ArpResource)resource, userCtx);
+    for (int i = 0; i < nvals.length; i++)
+       out.println(nvals[i]);
+%>
+       </td>
+       <input type=hidden name="username" value="<bean:write name="username"/>">
+       <input type=hidden name="Resource" value="<jsp:getProperty name="resource" property="name"/>">
+           <td><input type="submit" name="Submit" value="Delete">&nbsp;
+       <input type="submit" name="Submit" value="Edit">&nbsp;
+       <input type="submit" name="Submit" value="Copy"></td>
+       </form>
+    </tr>
+  </logic:iterate>
+</logic:iterate>
+    </table>
+<% }%>    
+    <p>
+    <form name="act" action="<bean:write name="requestURL" />" method="post">
+    <input type=hidden name="username" value="<bean:write name="username"/>">
+    <input type=submit name="Submit" value="Add new resource"</a><br>
+    <input type=submit name="Submit" value="Delete all ARPs"</a><br>
+<%  if (debug == "true") %>
+    <input type=submit name="Submit" value="Change user"</a><br>
+
+    </form>
+    </p>
+
+  </body>
+</html>
+
+<%!
+public String[] getAttrVals(ArpResource r, DirContext userCtx) {
+    String[] buf = new String[1];
+    buf[0] = "";
+    try{ 
+    Vector v = new Vector();
+    ArpAttribute[] aa = r.getAttributes();
+    if (aa==null) 
+       return buf;
+    for (int i=0; i < aa.length; i++) {
+       ArpAttribute a = aa[i];
+       Attribute dAttr = a.getDirAttribute(userCtx, true);
+       if (dAttr != null && dAttr.size() > 0) {
+         for (int j=0; j < dAttr.size(); j++)  {       
+           v.add(dAttr.get(j));
+         }
+       }
+    }
+    buf = new String[v.size()];
+    for (int i = 0; i < v.size(); i++) 
+       buf[i] = (String)v.get(i) + "<br>";
+    
+    } catch (Exception ex) {}
+    return buf;
+}
+%>
\ No newline at end of file
diff --git a/src/edu/internet2/middleware/shibboleth/ui/UIlogin.jsp b/src/edu/internet2/middleware/shibboleth/ui/UIlogin.jsp
new file mode 100755 (executable)
index 0000000..9bb80fe
--- /dev/null
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html 
+        PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
+        "DTD/xhtml1-strict.dtd">
+        <%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
+        <%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
+        <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="username" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="err" scope="request" class="java.lang.String"/>
+        <jsp:useBean id="debug" scope="request" class="java.lang.String"/>
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+        <link rel="stylesheet" type="text/css" href="main.css" />
+        <title>Shibboleth Attribute Release Policy Login</title>
+  </head>
+
+  <body>
+    <div class="head">
+      <h1>Shibboleth Attribute Release Policy Login</h1>
+    </div>
+
+    <b><bean:write name="err" /></b>
+    <p><b>Not logged in</b></p>
+
+<% if (debug == "true")  { %>
+    <form action="<bean:write name="requestURL" />" method="post">
+      <p>Editing Attribute Release Policy for user 
+        <input type = "text" size="10" name="username" value="<bean:write name="username" />" /> &nbsp;&nbsp;&nbsp;
+        <input type="submit" name="Submit" value="Login" />
+      </p>
+    </form>
+<%}%>
+  </body>
+</html>
\ No newline at end of file