Changeset 493

Show
Ignore:
Timestamp:
01/22/08 16:30:56 (10 months ago)
Author:
paulhethmon
Message:

Add support to add the public certificate to the Response object sent to the SP.
Add support to send the simpleSAMLphp ID:URI fix to those SP's which need it, controlled by a file.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • AcmeIdp/trunk/web/WEB-INF/web.xml

    r490 r493  
    1313        <param-value>public-cert.pem</param-value> 
    1414    </context-param> 
     15    <context-param> 
     16        <description>A list of SP's who use the simpleSAMLPHP code and need the malformed ID value.</description> 
     17        <param-name>simplesamlphpfile</param-name> 
     18        <param-value>simplesamlphp.txt</param-value> 
     19    </context-param> 
    1520    <session-config> 
    1621        <session-timeout> 

  • AcmeIdp/trunk/web/auth-user.jsp

    r490 r493  
    2424 
    2525<%@ page import="java.io.InputStream" %> 
     26<%@ page import="java.io.BufferedReader" %> 
     27<%@ page import="java.io.InputStreamReader" %> 
     28<%@ page import="java.util.ArrayList" %> 
    2629<%@ page import="net.clareitysecurity.websso.idp.*" %> 
    2730<%@ page import="org.opensaml.saml2.core.*" %> 
     
    3639    PrivateKeyCache pkCache; 
    3740    PublicKeyCache pubCache; 
     41    ArrayList simpleSAMLphpList; 
     42     
     43    // Look for and build the list of bad SP's 
     44    simpleSAMLphpList = (ArrayList) application.getAttribute(_simplesamlphp); 
     45    if (simpleSAMLphpList == null) { 
     46      simpleSAMLphpList = new ArrayList(); 
     47      String sspFile = application.getInitParameter(_simplesamlphpfile); 
     48      InputStream is = this.getClass().getClassLoader().getResourceAsStream(sspFile); 
     49      BufferedReader in = new BufferedReader(new InputStreamReader(is)); 
     50      String line; 
     51      while ((line = in.readLine()) != null) { 
     52        line = line.toLowerCase(); 
     53        line = line.trim(); 
     54        simpleSAMLphpList.add(line); 
     55      } 
     56      in.close(); 
     57      is.close(); 
     58      application.setAttribute(_simplesamlphp, simpleSAMLphpList); 
     59    } 
    3860     
    3961    // Check and see if we have our PrivateKey object stored 
     
    86108    if (auth != null) { // Ok, we have one 
    87109      SAMLResponse rsp = new net.clareitysecurity.websso.idp.SAMLResponse(); 
     110       
     111      // First thing we do is compare the SP Issuer with our list of bad SP's 
     112      // based on the simpleSAMLphp code. 
     113      if (simpleSAMLphpList != null) { 
     114        String issuer = auth.getIssuer().getValue(); 
     115        issuer = issuer.toLowerCase(); 
     116        issuer = issuer.trim(); 
     117        if (simpleSAMLphpList.contains(issuer) == true) { 
     118          rsp.setSimpleSAMLphp(true); 
     119        } 
     120      } 
     121       
    88122      rsp.setAuthnRequest(auth); 
    89123      rsp.setLoginId(idpLoginId); 

  • AcmeIdp/trunk/web/include.jsp

    r490 r493  
    99  _privatekeyfile = "privatekeyfile", 
    1010  _publickeycache = "publickeycache", 
    11   _publickeyfile = "publickeyfile"; 
     11  _publickeyfile = "publickeyfile", 
     12  _simplesamlphp = "simplesamlphp", 
     13  _simplesamlphpfile = "simplesamlphpfile"; 
    1214 
    1315  String