Expose configuration options to indicate whether the external authn system login...
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 10 Oct 2011 18:41:37 +0000 (18:41 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 10 Oct 2011 18:41:37 +0000 (18:41 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@3074 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

doc/RELEASE-NOTES.txt
src/main/java/edu/internet2/middleware/shibboleth/idp/authn/provider/AbstractLoginHandler.java
src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/ExternalAuthnSystemLoginHandlerBeanDefinitionParser.java
src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/ExternalAuthnSystemLoginHandlerFactoryBean.java
src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd

index c638b7c..dbc691d 100644 (file)
@@ -1,8 +1,9 @@
 Changes in Release 2.3.4
 =============================================
-[SIDP-516] - Example login.jsp / Usage of label tag
+[SIDP-511] - ExternalAuthnSystemLoginHandler does not support forceAuthn/isPassive
 [SIDP-513] - idpui taglib could look for more languages matches
 [SIDP-514] - Alt text for IdP Logos is not esapiEncoder.encodeForHTMLAttribute
+[SIDP-516] - Example login.jsp / Usage of label tag
 [SIDP-519] - Switching between multiple login handlers cause first context to be sticky in Shib-Authentication-Method
 [SIDP-520] - Ipad/iOS devices will auto capitalize text entered into the IdP login screen, which can cause errors. Adding an HTML element will prevent that
 [SIDP-522] - supplied examples shouldn't promote federation URIs as relying parties
index cb03cac..29f37cf 100644 (file)
@@ -23,9 +23,7 @@ import org.opensaml.xml.util.LazyList;
 
 import edu.internet2.middleware.shibboleth.idp.authn.LoginHandler;
 
-/**
- * Base class for authentication handlers.
- */
+/** Base class for authentication handlers. */
 public abstract class AbstractLoginHandler implements LoginHandler {
     
     /** Authentication methods this handler supports. */
@@ -34,7 +32,7 @@ public abstract class AbstractLoginHandler implements LoginHandler {
     /** Length of time, in milliseconds, after which a user should be re-authenticated. */
     private long authenticationDuration;
 
-    /** Whether this handler supports foreced re-authentication. */
+    /** Whether this handler supports forced re-authentication. */
     private boolean supportsForceAuthentication;
 
     /** Whether this handler supports passive authentication. */
index c1f479b..0a53036 100644 (file)
@@ -20,6 +20,7 @@ package edu.internet2.middleware.shibboleth.idp.config.profile.authn;
 import javax.xml.namespace.QName;
 
 import org.opensaml.xml.util.DatatypeHelper;
+import org.opensaml.xml.util.XMLHelper;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.w3c.dom.Element;
 
@@ -41,8 +42,22 @@ public class ExternalAuthnSystemLoginHandlerBeanDefinitionParser extends Abstrac
     /** {@inheritDoc} */
     protected void doParse(Element config, BeanDefinitionBuilder builder) {
         super.doParse(config, builder);
-
+        
         builder.addPropertyValue("externalAuthnPath",
                 DatatypeHelper.safeTrimOrNullString(config.getAttributeNS(null, "externalAuthnPath")));
+        
+        if (config.hasAttributeNS(null, "supportsForcedAuthentication")) {
+            builder.addPropertyValue("supportsForcedAuthentication", XMLHelper.getAttributeValueAsBoolean(config
+                    .getAttributeNodeNS(null, "supportsForcedAuthentication")));
+        } else {
+            builder.addPropertyValue("supportsForcedAuthentication", false);
+        }
+        
+        if (config.hasAttributeNS(null, "supportsPassiveAuthentication")) {
+            builder.addPropertyValue("supportsPassiveAuthentication", XMLHelper.getAttributeValueAsBoolean(config
+                    .getAttributeNodeNS(null, "supportsPassiveAuthentication")));
+        } else {
+            builder.addPropertyValue("supportsPassiveAuthentication", false);
+        }
     }
 }
\ No newline at end of file
index cf2a6b6..c068376 100644 (file)
@@ -26,6 +26,12 @@ public class ExternalAuthnSystemLoginHandlerFactoryBean extends AbstractLoginHan
 
     /** The context-relative path to the Filter, Servlet, or JSP that triggers the external authentication system. */
     private String externalAuthnPath;
+    
+    /** Whether this handler supports forced re-authentication. */
+    private boolean supportsForcedAuthentication;
+
+    /** Whether this handler supports passive authentication. */
+    private boolean supportsPassive;
 
     /** {@inheritDoc} */
     public Class getObjectType() {
@@ -50,11 +56,49 @@ public class ExternalAuthnSystemLoginHandlerFactoryBean extends AbstractLoginHan
     public void setExternalAuthnPath(String path) {
         externalAuthnPath = path;
     }
+    
+    /**
+     * Gets whether this handler supposed forced re-authentication.
+     * 
+     * @return whether this handler supposed forced re-authentication
+     */
+    public boolean supportsForcedAuthentication() {
+        return supportsForcedAuthentication;
+    }
+
+    /**
+     * Sets whether this handler supports forced re-authentication.
+     * 
+     * @param supported whether this handler supports forced re-authentication
+     */
+    public void setSupportsForcedAuthentication(boolean supported) {
+        supportsForcedAuthentication = supported;
+    }
+
+    /**
+     * Gets whether this handler supports passive authentication.
+     * 
+     * @return whether this handler supports passive authentication
+     */
+    public boolean supportsPassive() {
+        return supportsPassive;
+    }
+
+    /**
+     * Sets whether this handler supports passive authentication.
+     * 
+     * @param supported whether this handler supports passive authentication.
+     */
+    public void setSupportsPassive(boolean supported) {
+        supportsPassive = supported;
+    }
 
     /** {@inheritDoc} */
     protected Object createInstance() throws Exception {
         ExternalAuthnSystemLoginHandler handler = new ExternalAuthnSystemLoginHandler();
         handler.setExternalAuthnPath(getExternalAuthnPath());
+        handler.setSupportsForceAuthentication(supportsForcedAuthentication);
+        handler.setSupportsPassive(supportsPassive);
         populateHandler(handler);
         return handler;
     }
index 18c811a..b5fbb0c 100644 (file)
                         </xsd:documentation>
                     </xsd:annotation>
                 </xsd:attribute>
+                <xsd:attribute name="supportsForcedAuthentication" type="xsd:boolean">
+                    <xsd:annotation>
+                        <xsd:documentation>
+                            Indicates whether the external authentication supports force re-authentication.
+                        </xsd:documentation>
+                    </xsd:annotation>
+                </xsd:attribute>
+                <xsd:attribute name="supportsPassiveAuthentication" type="xsd:boolean">
+                    <xsd:annotation>
+                        <xsd:documentation>
+                            Indicates whether the external authentication supports passive authentication.
+                        </xsd:documentation>
+                    </xsd:annotation>
+                </xsd:attribute>
             </xsd:extension>
         </xsd:complexContent>
     </xsd:complexType>