import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
-
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import junit.framework.TestCase;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
/**
* Exercises the <code>AttributeQueryHandle</code>
*
* @author Walter Hoehn wassa@columbia.edu
*
*/
-
public class AQHTest extends TestCase {
protected SecretKey goodKey;
- protected URL testHs;
+ protected String testHs;
public AQHTest(String name) {
super(name);
}
+
public static void main(String args[]) {
junit.textui.TestRunner.run(AQHTest.class);
}
+
+ /**
+ * @see TestCase#setUp()
+ */
+
protected void setUp() {
try {
Security.addProvider(new BouncyCastleProvider());
} catch (NoSuchAlgorithmException e) {
fail("Could not generate fixture (secret key)");
}
-
- try {
- testHs = new URL("http://www.test.com/HS");
- } catch (MalformedURLException e) {
- fail("Error initializing test Hs URL.");
- }
+ testHs = "http://www.test.com/HS";
}
/**
* Tests the basic, creation, serialization, and unmarshalling of the <code>AttributeQueryHandle</code>
*/
+
public void testAQH() {
try {
-
//Create an AQH
AttributeQueryHandle originalAQH =
new AttributeQueryHandle("Walter", goodKey, 300000l, testHs);
-
//Ensure that a unique id was generated
- assertNotNull(
- "No unique id generated for handle",
- originalAQH.getHandleID());
+ assertNotNull("No unique id generated for handle", originalAQH.getHandleID());
String cacheHandleID = originalAQH.getHandleID();
-
//Ensure that the principal was set correctly
- assertEquals(
- "Principal incorrect",
- "Walter",
- originalAQH.getPrincipal());
-
+ assertEquals("Principal incorrect", "Walter", originalAQH.getPrincipal());
//Test to see that the handle has not expired
//Hopefull this doesn't take more than 5 mintues to run :-)
- assertTrue(
- "AttributeQueryHandle unexpectedly expired.",
- (!originalAQH.isExpired()));
-
+ assertTrue("AttributeQueryHandle unexpectedly expired.", (!originalAQH.isExpired()));
//Create a new AQH from the serialized first AQH
AttributeQueryHandle secondAQH =
new AttributeQueryHandle(originalAQH.serialize(), goodKey);
-
//Ensure that the principal was set correctly
- assertEquals(
- "Principal incorrect",
- "Walter",
- secondAQH.getPrincipal());
-
+ assertEquals("Principal incorrect", "Walter", secondAQH.getPrincipal());
//Test to see that the handle has not expired
//Hopefull this doesn't take more than 5 mintues to run :-)
- assertTrue(
- "AttributeQueryHandle unexpectedly expired.",
- (!secondAQH.isExpired()));
-
+ assertTrue("AttributeQueryHandle unexpectedly expired.", (!secondAQH.isExpired()));
//Make sure that the handle id matches that of the first object
assertEquals(
"Improper unmarshalling of unique handle id",
cacheHandleID,
secondAQH.getHandleID());
-
} catch (HandleException e) {
fail("Failed to create AttributeQueryHandle" + e);
}
}
-
/**
* Ensure that <code>AttributeQueryHandle</code> objects expire correctly
*/
-
public void testExpiration() {
-
try {
- AttributeQueryHandle aqh =
- new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
+ AttributeQueryHandle aqh = new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
Thread.sleep(2);
- assertTrue(
- "AttributeQueryHandle failed to expire appropriately",
- aqh.isExpired());
+ assertTrue("AttributeQueryHandle failed to expire appropriately", aqh.isExpired());
} catch (InterruptedException e) {
} catch (HandleException e) {
fail("Failed to create AttributeQueryHandle" + e);
}
-
}
-
/**
* Ensue that all of our UUIDs are not identical
*/
-
public void testDups() {
-
try {
- AttributeQueryHandle aqh1 =
- new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
- AttributeQueryHandle aqh2 =
- new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
- assertTrue("Reusing a UUID when creating new AQH", !aqh1.getHandleID().equals(aqh2.getHandleID()));
+ AttributeQueryHandle aqh1 = new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
+ AttributeQueryHandle aqh2 = new AttributeQueryHandle("Walter", goodKey, 1l, testHs);
+ assertTrue(
+ "Reusing a UUID when creating new AQH",
+ !aqh1.getHandleID().equals(aqh2.getHandleID()));
} catch (HandleException e) {
fail("Failed to create AttributeQueryHandle" + e);
}
-
-
}
}
\ No newline at end of file
package edu.internet2.middleware.shibboleth.common;
-import java.net.URL;
import java.util.StringTokenizer;
import javax.crypto.Cipher;
String principal,
SecretKey key,
long ticketLength,
- URL hsLocation)
+ String hsLocation)
throws HandleException {
this.principal = principal;
UUIDGenerator uuidGen = UUIDGenerator.getInstance();
UUID nameSpaceUUID = new UUID(UUID.NAMESPACE_URL);
handleID =
- uuidGen.generateNameBasedUUID(nameSpaceUUID, hsLocation.toString())+ ":" + uuidGen.generateTimeBasedUUID();
+ uuidGen.generateNameBasedUUID(nameSpaceUUID, hsLocation)+ ":" + uuidGen.generateTimeBasedUUID();
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
package edu.internet2.middleware.shibboleth.common;
-
/**
*
* Signals that an error has occurred while creating
* retrieved by the <code>{@link java.lang.Throwable#getMessage}</code>
* method of class <code>java.lang.Throwable</code>.
*
- * @param s the detail message.
+ * @param s The detailed message.
*/
public HandleException(String message) {
import java.io.IOException;
import java.io.InputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.security.Security;
import java.util.Date;
private String hsConfigFileLocation;
private String log4jConfigFileLocation;
private SecretKey key;
- private URL hsURL;
/**
* @see GenericServlet#init()
try {
- //Change this to work with any JCE
+ //Currently hardcoded to use Bouncy Castle
+ //Decided to change this or not based on overall shibboleth policy
Security.addProvider(new BouncyCastleProvider());
SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance("DESede");
"Error reading HS configuration file.",
ioe);
}
-
- try {
- hsURL = new URL(HandleServiceConfig.getLocation());
- } catch (MalformedURLException e) {
- log.fatal("Error parsing HS location from configuration file.", e);
- throw new ServletException(
- "Error reading HS configuration file.",
- e);
- }
}
req.setAttribute("shire", req.getParameter("shire"));
req.setAttribute("target", req.getParameter("target"));
log.info("Generating assertion...");
+ long startTime = System.currentTimeMillis();
byte[] assertion =
generateAssertion(
req.getParameter("shire"),
req.getRemoteAddr(),
req.getRemoteUser(),
req.getAuthType());
- log.info("Assertion Generated!");
+ log.info("Assertion Generated: " + "elapsed time " + (System.currentTimeMillis() - startTime) + " milliseconds.");
log.debug("Assertion: " + new String(Base64.decode(assertion)));
handleForm(req, resp, assertion);
} catch (HandleServiceException e) {
try {
rd.forward(req, res);
} catch (IOException ioe) {
- log.error(
- "Problem trying to display Handle Service error page: " + ioe);
+ log.info(
+ "IO operation interrupted when displaying Handle Service error page: " + ioe);
} catch (ServletException se) {
log.error(
"Problem trying to display Handle Service error page: " + se);
rd.forward(req, res);
} catch (IOException ioe) {
throw new HandleServiceException(
- "Problem displaying Handle Service UI." + ioe);
+ "IO interruption while displaying Handle Service UI." + ioe);
} catch (ServletException se) {
throw new HandleServiceException(
"Problem displaying Handle Service UI." + se);
remoteUser,
key,
Long.parseLong(HandleServiceConfig.getValidityPeriod()),
- hsURL);
+ HandleServiceConfig.getLocation());
log.info("Acquired Handle: " + aqh.getHandleID());
package edu.internet2.middleware.shibboleth.hs;
-
-
/**
* Class used by the WAYF service to determine runtime options.
* Most of the fields of this class should have reasonable defaults.
private static String logoLocation = "images/internet2.gif";
private static String supportContact = "mailto:shib-support@internet2.org";
- private static String location;
+ private static String location = "http://shib2.internet2.edu/shibboleth/HS";
private static String helpText =
"In order to fulfill the request for the web"
+ " resource you have just chosen, information must be sent from your home institution to the "
HandleServiceConfig.helpText = hs_helpText;
}
-
-
/**
* Gets the handleRepositoryImplementation.
* @return Returns a String
* retrieved by the <code>{@link java.lang.Throwable#getMessage}</code>
* method of class <code>java.lang.Throwable</code>.
*
- * @param s the detail message.
+ * @param s The detailed message.
*/
public HandleServiceException(String message) {
public class HsConfigDigester extends Digester {
- protected String hsConfigClass = "edu.internet2.middleware.shibboleth.hs.HandleServiceConfig";
- private boolean configured = false;
+ protected String hsConfigClass = "edu.internet2.middleware.shibboleth.hs.HandleServiceConfig";
+ private boolean configured = false;
- /**
- * Constructor for ShibbolethConfigDigester.
- */
- public HsConfigDigester() {
- super();
- configure();
- }
+ /**
+ * Constructor for ShibbolethConfigDigester.
+ */
+ public HsConfigDigester() {
+ super();
+ configure();
+ }
- /**
- * Constructor for ShibbolethConfigDigester.
- * @param parser
- */
- public HsConfigDigester(SAXParser parser) {
- super(parser);
- configure();
- }
+ /**
+ * Constructor for ShibbolethConfigDigester.
+ * @param parser
+ */
+ public HsConfigDigester(SAXParser parser) {
+ super(parser);
+ configure();
+ }
- /**
- * Constructor for ShibbolethConfigDigester.
- * @param reader
- */
- public HsConfigDigester(XMLReader reader) {
- super(reader);
- configure();
- }
+ /**
+ * Constructor for ShibbolethConfigDigester.
+ * @param reader
+ */
+ public HsConfigDigester(XMLReader reader) {
+ super(reader);
+ configure();
+ }
-
-
- protected void configure() {
+ protected void configure() {
- if (configured == true) {
- return;
- }
- addObjectCreate("ShibbolethConfig", hsConfigClass);
- addSetProperties("ShibbolethConfig/HsConfig");
- addCallMethod("ShibbolethConfig/HsConfig/HelpText", "setHelpText", 0);
- addCallMethod("ShibbolethConfig/HsConfig/SecretKey", "setSecretKey", 0);
+ if (configured == true) {
+ return;
+ }
+ addObjectCreate("ShibbolethConfig", hsConfigClass);
+ addSetProperties("ShibbolethConfig/HsConfig");
+ addCallMethod("ShibbolethConfig/HsConfig/HelpText", "setHelpText", 0);
+ addCallMethod("ShibbolethConfig/HsConfig/SecretKey", "setSecretKey", 0);
- configured = true;
+ configured = true;
- }
+ }
-
-
- /**
- * Gets the wayfDataClass.
- * @return Returns a String
- */
- public String getHsConfigClass() {
- return hsConfigClass;
- }
+ /**
+ * Gets the wayfDataClass.
+ * @return Returns a String
+ */
+ public String getHsConfigClass() {
+ return hsConfigClass;
+ }
- /**
- * Sets the wayfDataClass.
- * @param wayfDataClass The wayfDataClass to set
- */
- public void setHsConfigClass(String wayfDataClass) {
- this.hsConfigClass = wayfDataClass;
- }
+ /**
+ * Sets the wayfDataClass.
+ * @param wayfDataClass The wayfDataClass to set
+ */
+ public void setHsConfigClass(String wayfDataClass) {
+ this.hsConfigClass = wayfDataClass;
+ }
-}
+}
\ No newline at end of file