Commit 6b69bcc1 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

87: Implement SAML authentication

Task-Url: http://github.com/tgradl/colreg/issues/issue/87
parent 65cea0a9
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.nondependency" value=""/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>dariah-javasp-core</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
</natures>
</projectDescription>
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
org.eclipse.jdt.core.compiler.compliance=1.5
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
org.eclipse.jdt.core.compiler.source=1.5
activeProfiles=
eclipse.preferences.version=1
resolveWorkspaceProjects=true
version=1
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
<wb-module deploy-name="dariah-javasp-core">
<wb-resource deploy-path="/" source-path="/src/main/java"/>
<wb-resource deploy-path="/" source-path="/src/main/resources"/>
</wb-module>
</project-modules>
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<installed facet="java" version="1.5"/>
<installed facet="jst.utility" version="1.0"/>
</faceted-project>
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>dariah-javasp-master</artifactId>
<groupId>de.dariah</groupId>
<version>0.0.3-SNAPSHOT</version>
</parent>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>eu.dariah.de</groupId>
<artifactId>dariah-javasp-core</artifactId>
<version>0.0.4-SNAPSHOT</version>
<name>DARIAH AAI library - core</name>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>de.dariah</groupId>
<groupId>eu.dariah.de</groupId>
<artifactId>spring-security-saml2-core</artifactId>
<version>${project.version}</version>
<version>1.0.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
......@@ -27,7 +24,7 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${org.slf4j-version}</version>
<version>1.7.10</version>
</dependency>
<dependency>
<groupId>joda-time</groupId>
......@@ -40,4 +37,5 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
<version>3.1</version>
</dependency>
</dependencies>
</project>
......@@ -52,15 +52,15 @@ public class SimpleUserDetails implements UserDetails, StagedUserDetails {
public void setAuthorities(Collection<Role> authorities) { this.authorities = authorities; }
public void setUsername(String username) { this.username = username; }
@Override public String getUsername() { return username; }
@Override public String getPassword() { return ""; }
@Override public Collection<Role> getAuthorities() { return authorities; }
@Override public boolean isAccountNonExpired() { return !expired; }
@Override public boolean isAccountNonLocked() { return !expired; }
@Override public boolean isCredentialsNonExpired() { return !expired; }
@Override public boolean isEnabled() { return !expired; }
public String getUsername() { return username; }
public String getPassword() { return ""; }
public Collection<Role> getAuthorities() { return authorities; }
public boolean isAccountNonExpired() { return !expired; }
public boolean isAccountNonLocked() { return !expired; }
public boolean isCredentialsNonExpired() { return !expired; }
public boolean isEnabled() { return !expired; }
@Override
public int getMaxAuthorityLevel() {
int level = 0;
if (getAuthorities() != null) {
......@@ -73,7 +73,7 @@ public class SimpleUserDetails implements UserDetails, StagedUserDetails {
return level;
}
@Override
public boolean isAuthorized(Role compRole) {
return getMaxAuthorityLevel() >= compRole.getLevel();
}
......
......@@ -51,7 +51,7 @@ public class TimeService implements InitializingBean, DisposableBean {
public DateTime getLastUpdate() { return lastUpdate; }
public DateTime getNow() { return DateTime.now().plusMillis(getMsOffset()); }
@Override
public void afterPropertiesSet() throws Exception {
ntpClient.setDefaultTimeout(10000);
......@@ -61,7 +61,7 @@ public class TimeService implements InitializingBean, DisposableBean {
startRefreshCycle();
}
@Override
public void destroy() throws Exception {
if (timer != null) {
timer.cancel();
......
......@@ -27,19 +27,19 @@ public class SAMLAssertionConsumer extends WebSSOProfileConsumerImpl {
@Autowired
private TimeService timeService;
@Override
//@Override
protected boolean isDateTimeSkewValid(int skewInSec, DateTime time) {
long current = timeService.getNow().getMillis();
return time.isAfter(current - skewInSec * 1000) && time.isBefore(current + skewInSec * 1000);
}
@Override
//@Override
protected boolean isDateTimeSkewValid(int skewInSec, int forwardInterval, DateTime time) {
long current = System.currentTimeMillis();
return time.isBefore(current + (skewInSec * 1000)) && time.isAfter(current - ((skewInSec + forwardInterval) * 1000));
}
@Override
//@Override
protected void verifySubject(Subject subject, RequestAbstractType request, SAMLMessageContext context) throws SAMLException, DecryptionException {
List<SubjectConfirmation> confirmations = new ArrayList<SubjectConfirmation>();
......@@ -62,7 +62,7 @@ public class SAMLAssertionConsumer extends WebSSOProfileConsumerImpl {
}
if (confirmations.size()>0) {
super.verifySubject(subject, request, context);
//super.verifySubject(subject, request, context);
}
}
......
......@@ -11,7 +11,7 @@ public class SAMLLogoutProfile extends SingleLogoutProfileImpl {
@Autowired
private TimeService timeService;
@Override
//@Override
protected boolean isDateTimeSkewValid(int skewInSec, DateTime time) {
long current = timeService.getNow().getMillis();
return time.isAfter(current - skewInSec * 1000) && time.isBefore(current + skewInSec * 1000);
......
......@@ -5,6 +5,9 @@ import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.URI;
......@@ -100,13 +103,13 @@ public class SAMLAttributeQueryImpl extends SAMLAssertionConsumer implements SAM
return SAML2_QUERY_PROFILE_URI;
}
@Override
public List<Attribute> queryAttributes(SAMLCredential subjectCredential, SAMLAttributeQueryOptions options)
{
try {
logger.debug("Performing attribute query for subject with NameID [%s]", subjectCredential.getNameID().getValue());
SAMLMessageContext context = prepareAttributeQueryContext(subjectCredential, options);
/*SAMLMessageContext context = prepareAttributeQueryContext(subjectCredential, options);
AttributeQuery query = getAttributeQuery(context, subjectCredential, options);
context.setOutboundMessage(query);
......@@ -124,16 +127,17 @@ public class SAMLAttributeQueryImpl extends SAMLAssertionConsumer implements SAM
logger.debug("SAML AttributeQuery resulted in the retrieval of %s attributes", attrs.size());
return attrs;
return attrs;*/
} catch (Exception e) {
logger.error("Exception raised white attempting to perform SAML AttributeQuery", e);
}
return null;
}
private SAMLMessageContext prepareAttributeQueryContext(SAMLCredential credential, SAMLAttributeQueryOptions options) throws MetadataProviderException, MessageDecodingException {
private SAMLMessageContext prepareAttributeQueryContext(HttpServletRequest request, HttpServletResponse response, SAMLCredential credential, SAMLAttributeQueryOptions options) throws MetadataProviderException, MessageDecodingException {
SAMLMessageContext context = contextProvider.getLocalAndPeerEntity(credential, options.getAttributeAuthorityIDP(), AttributeAuthorityDescriptor.DEFAULT_ELEMENT_NAME);
SAMLMessageContext context = contextProvider.getLocalAndPeerEntity(request, response);
context.setCommunicationProfileId(getProfileIdentifier());
context.setLocalEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
......
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.nondependency" value=""/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">
<attributes>
<attribute name="owner.project.facets" value="java"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>dariah-javasp-web</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
</natures>
</projectDescription>
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
org.eclipse.jdt.core.compiler.compliance=1.5
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
org.eclipse.jdt.core.compiler.source=1.5
activeProfiles=
eclipse.preferences.version=1
resolveWorkspaceProjects=true
version=1
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
<wb-module deploy-name="dariah-javasp-web">
<wb-resource deploy-path="/" source-path="/src/main/java"/>
</wb-module>
</project-modules>
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<installed facet="jst.utility" version="1.0"/>
<installed facet="java" version="1.5"/>
</faceted-project>
disabled=06target
eclipse.preferences.version=1
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>dariah-javasp-master</artifactId>
<groupId>de.dariah</groupId>
<version>0.0.3-SNAPSHOT</version>
</parent>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>dariah-javasp-web</artifactId>
<groupId>eu.dariah.de</groupId>
<version>0.0.4-SNAPSHOT</version>
<name>dariah-aai-web</name>
<url>http://maven.apache.org</url>
<packaging>jar</packaging>
<properties>
<eu.dariah.de.minfba.core-web.version>1.1.0-SNAPSHOT</eu.dariah.de.minfba.core-web.version>
<org.springframework-version>4.1.9.RELEASE</org.springframework-version>
<org.springsecurity-version>3.2.6.RELEASE</org.springsecurity-version>
<org.slf4j-version>1.7.10</org.slf4j-version>
</properties>
<dependencies>
<dependency>
<groupId>de.dariah</groupId>
<groupId>eu.dariah.de</groupId>
<artifactId>dariah-javasp-core</artifactId>
<version>${project.version}</version>
<version>0.0.4-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>de.dariah</groupId>
<groupId>eu.dariah.de</groupId>
<artifactId>spring-security-saml2-core</artifactId>
<version>${project.version}</version>
<version>1.0.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>eu.dariah.de.minfba.core</groupId>
<artifactId>core-web</artifactId>
......@@ -113,5 +112,40 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
</dependencies>
<distributionManagement>
<repository>
<id>dariah-releases</id>
<url>http://dev3.dariah.eu/archiva/repository/dariah-releases/</url>
</repository>
<snapshotRepository>
<id>dariah-snapshots</id>
<url>http://dev3.dariah.eu/archiva/repository/dariah-snapshots/</url>
</snapshotRepository>
</distributionManagement>
<repositories>
<repository>
<id>dariah-releases</id>
<name>DARIAH MInf Release Repository</name>
<url>http://dev3.dariah.eu/archiva/repository/dariah-releases/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>dariah-snapshots</id>
<name>DARIAH MInf Snapshot Repository</name>
<url>http://dev3.dariah.eu/archiva/repository/dariah-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
</project>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment