ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1340089 [2/2] - in /webservices/wss4j/branches/swssf: ./ rampart-policy/ streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/ streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/bean/ streaming-ws-security/src/main/java/org...
Date Fri, 18 May 2012 13:29:03 GMT
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML1Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML1Constants.java?rev=1340089&r1=1340088&r2=1340089&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML1Constants.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML1Constants.java Fri May 18 13:29:02 2012
@@ -26,55 +26,55 @@ package org.swssf.wss.impl.saml.builder;
  * <p/>
  * Created on May 18, 2009
  */
-public class SAML1Constants {
-
+public final class SAML1Constants {
+    
     //
     // NAME ID FORMAT
     //
-
-    public static final String NAMEID_FORMAT_UNSPECIFIED =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
-
-    public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
-
-    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
-
-    public static final String NAMEID_FORMAT_WINDOWS_DQN =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+    
+    public static final String NAMEID_FORMAT_UNSPECIFIED = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+    
+    public static final String NAMEID_FORMAT_EMAIL_ADDRESS = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+    
+    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+    
+    public static final String NAMEID_FORMAT_WINDOWS_DQN = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
 
     //
     // SUBJECT CONFIRMATION
     // 
-
+    
     /**
      * Assertion Bearer Confirmation Method Identifier
      */
-    public final static String CONF_BEARER =
-            "urn:oasis:names:tc:SAML:1.0:cm:bearer";
+    public static final String CONF_BEARER = 
+        "urn:oasis:names:tc:SAML:1.0:cm:bearer";
 
     /**
      * Holder of Key Confirmation Method Identifier
      */
-    public final static String CONF_HOLDER_KEY =
-            "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
+    public static final String CONF_HOLDER_KEY = 
+        "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
 
     /**
      * Sender Vouches Confirmation Method Identifier
      */
-    public final static String CONF_SENDER_VOUCHES =
-            "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
+    public static final String CONF_SENDER_VOUCHES = 
+        "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
 
     //
     // AUTH METHOD
     //
-
+    
     /**
      * The authentication was performed by means of a password.
      */
-    public static final String AUTH_METHOD_PASSWORD =
-            "urn:oasis:names:tc:SAML:1.0:am:password";
+    public static final String AUTH_METHOD_PASSWORD = 
+        "urn:oasis:names:tc:SAML:1.0:am:password";
 
     /**
      * The authentication was performed by means of the Kerberos protocol [RFC 1510],
@@ -83,7 +83,7 @@ public class SAML1Constants {
     public static final String AUTH_METHOD_KERBEROS = "urn:ietf:rfc:1510";
 
     /**
-     * The authentication was performed by means of Secure Remote Password protocol as specified in
+     * The authentication was performed by means of Secure Remote Password protocol as specified in 
      * [RFC 2945].
      */
     public static final String AUTH_METHOD_SRP = "urn:ietf:rfc:2945";
@@ -91,11 +91,11 @@ public class SAML1Constants {
     /**
      * The authentication was performed by means of an unspecified hardware token.
      */
-    public static final String AUTH_METHOD_HARDWARE_TOKEN =
-            "urn:oasis:names:tc:SAML:1.0:am:HardwareToken";
+    public static final String AUTH_METHOD_HARDWARE_TOKEN = 
+        "urn:oasis:names:tc:SAML:1.0:am:HardwareToken";
 
     /**
-     * The authentication was performed using either the SSL or TLS protocol with certificate
+     * The authentication was performed using either the SSL or TLS protocol with certificate 
      * based client authentication. TLS is described in [RFC 2246].
      */
     public static final String AUTH_METHOD_TLS_CLIENT = "urn:ietf:rfc:2246";
@@ -105,32 +105,32 @@ public class SAML1Constants {
      * means of an X.509 PKI [X.500][PKIX]. It may have been one of the mechanisms for which a more
      * specific identifier has been defined.
      */
-    public static final String AUTH_METHOD_X509 =
-            "urn:oasis:names:tc:SAML:1.0:am:X509-PKI";
+    public static final String AUTH_METHOD_X509 = 
+        "urn:oasis:names:tc:SAML:1.0:am:X509-PKI";
 
     /**
-     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
-     * means of a PGP web of trust [PGP]. It may have been one of the mechanisms for which a more
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by 
+     * means of a PGP web of trust [PGP]. It may have been one of the mechanisms for which a more 
      * specific identifier has been defined.
      */
-    public static final String AUTH_METHOD_PGP =
-            "urn:oasis:names:tc:SAML:1.0:am:PGP";
+    public static final String AUTH_METHOD_PGP = 
+        "urn:oasis:names:tc:SAML:1.0:am:PGP";
 
     /**
-     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
-     * means of a SPKI PKI [SPKI]. It may have been one of the mechanisms for which a more specific
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by 
+     * means of a SPKI PKI [SPKI]. It may have been one of the mechanisms for which a more specific 
      * identifier has been defined.
      */
-    public static final String AUTH_METHOD_SPKI =
-            "urn:oasis:names:tc:SAML:1.0:am:SPKI";
+    public static final String AUTH_METHOD_SPKI = 
+        "urn:oasis:names:tc:SAML:1.0:am:SPKI";
 
     /**
-     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by 
      * means of a XKMS trust service [XKMS]. It may have been one of the mechanisms for which a more
      * specific identifier has been defined.
      */
-    public static final String AUTH_METHOD_XKMS =
-            "urn:oasis:names:tc:SAML:1.0:am:XKMS";
+    public static final String AUTH_METHOD_XKMS = 
+        "urn:oasis:names:tc:SAML:1.0:am:XKMS";
 
     /**
      * The authentication was performed by means of an XML digital signature [RFC 3075].
@@ -140,6 +140,10 @@ public class SAML1Constants {
     /**
      * The authentication was performed by an unspecified means.
      */
-    public static final String AUTH_METHOD_UNSPECIFIED =
-            "urn:oasis:names:tc:SAML:1.0:am:unspecified";
+    public static final String AUTH_METHOD_UNSPECIFIED = 
+        "urn:oasis:names:tc:SAML:1.0:am:unspecified";
+    
+    private SAML1Constants() {
+        // Complete
+    }
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java?rev=1340089&r1=1340088&r2=1340089&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java Fri May 18 13:29:02 2012
@@ -23,14 +23,45 @@ import org.joda.time.DateTime;
 import org.opensaml.Configuration;
 import org.opensaml.common.SAMLObjectBuilder;
 import org.opensaml.common.SAMLVersion;
-import org.opensaml.saml2.core.*;
+
+import org.opensaml.saml2.core.Action;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.saml2.core.Audience;
+import org.opensaml.saml2.core.AudienceRestriction;
+import org.opensaml.saml2.core.AuthnContext;
+import org.opensaml.saml2.core.AuthnContextClassRef;
+import org.opensaml.saml2.core.AuthnStatement;
+import org.opensaml.saml2.core.AuthzDecisionStatement;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.DecisionTypeEnumeration;
+import org.opensaml.saml2.core.Evidence;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.KeyInfoConfirmationDataType;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.core.SubjectLocality;
+
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.XMLObjectBuilderFactory;
 import org.opensaml.xml.schema.XSString;
 import org.opensaml.xml.schema.impl.XSStringBuilder;
 import org.opensaml.xml.signature.KeyInfo;
 import org.swssf.wss.ext.WSSecurityException;
-import org.swssf.wss.impl.saml.bean.*;
+import org.swssf.wss.impl.saml.bean.ActionBean;
+import org.swssf.wss.impl.saml.bean.AttributeBean;
+import org.swssf.wss.impl.saml.bean.AttributeStatementBean;
+import org.swssf.wss.impl.saml.bean.AuthDecisionStatementBean;
+import org.swssf.wss.impl.saml.bean.AuthenticationStatementBean;
+import org.swssf.wss.impl.saml.bean.ConditionsBean;
+import org.swssf.wss.impl.saml.bean.KeyInfoBean;
+import org.swssf.wss.impl.saml.bean.SubjectBean;
+import org.swssf.wss.impl.saml.bean.SubjectConfirmationDataBean;
+import org.swssf.wss.impl.saml.bean.SubjectLocalityBean;
 import org.swssf.xmlsec.impl.util.IDGenerator;
 
 import java.util.ArrayList;
@@ -43,47 +74,51 @@ import java.util.List;
  * <p/>
  * Created on May 18, 2009
  */
-public class SAML2ComponentBuilder {
-    private static SAMLObjectBuilder<Assertion> assertionBuilder;
-
-    private static SAMLObjectBuilder<Issuer> issuerBuilder;
-
-    private static SAMLObjectBuilder<Subject> subjectBuilder;
-
-    private static SAMLObjectBuilder<NameID> nameIdBuilder;
-
-    private static SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder;
-
-    private static SAMLObjectBuilder<Conditions> conditionsBuilder;
-
-    private static SAMLObjectBuilder<SubjectConfirmationData> subjectConfirmationDataBuilder;
-
-    private static SAMLObjectBuilder<KeyInfoConfirmationDataType> keyInfoConfirmationDataBuilder;
-
-    private static SAMLObjectBuilder<AuthnStatement> authnStatementBuilder;
-
-    private static SAMLObjectBuilder<AuthnContext> authnContextBuilder;
-
-    private static SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder;
-
-    private static SAMLObjectBuilder<AttributeStatement> attributeStatementBuilder;
-
-    private static SAMLObjectBuilder<Attribute> attributeBuilder;
-
-    private static XSStringBuilder stringBuilder;
-
-    private static SAMLObjectBuilder<AudienceRestriction> audienceRestrictionBuilder;
-
-    private static SAMLObjectBuilder<Audience> audienceBuilder;
-
-    private static SAMLObjectBuilder<AuthzDecisionStatement> authorizationDecisionStatementBuilder;
-
-    private static SAMLObjectBuilder<Action> actionElementBuilder;
-
-    private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
-
-    private static SAMLObjectBuilder<SubjectLocality> subjectLocalityBuilder;
+public final class SAML2ComponentBuilder {
+    private static volatile SAMLObjectBuilder<Assertion> assertionBuilder;
+    
+    private static volatile SAMLObjectBuilder<Issuer> issuerBuilder;
+    
+    private static volatile SAMLObjectBuilder<Subject> subjectBuilder;
+    
+    private static volatile SAMLObjectBuilder<NameID> nameIdBuilder;
+    
+    private static volatile SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder;
+    
+    private static volatile SAMLObjectBuilder<Conditions> conditionsBuilder;
+    
+    private static volatile SAMLObjectBuilder<SubjectConfirmationData> subjectConfirmationDataBuilder;
+    
+    private static volatile SAMLObjectBuilder<KeyInfoConfirmationDataType> keyInfoConfirmationDataBuilder;
+    
+    private static volatile SAMLObjectBuilder<AuthnStatement> authnStatementBuilder;
+    
+    private static volatile SAMLObjectBuilder<AuthnContext> authnContextBuilder;
+    
+    private static volatile SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder;
+    
+    private static volatile SAMLObjectBuilder<AttributeStatement> attributeStatementBuilder;
+    
+    private static volatile SAMLObjectBuilder<Attribute> attributeBuilder;
+    
+    private static volatile XSStringBuilder stringBuilder;
+    
+    private static volatile SAMLObjectBuilder<AudienceRestriction> audienceRestrictionBuilder;
+    
+    private static volatile SAMLObjectBuilder<Audience> audienceBuilder;
+    
+    private static volatile SAMLObjectBuilder<AuthzDecisionStatement> authorizationDecisionStatementBuilder;
+    
+    private static volatile SAMLObjectBuilder<Action> actionElementBuilder;
+    
+    private static volatile XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+    
+    private static volatile SAMLObjectBuilder<SubjectLocality> subjectLocalityBuilder;
 
+    private SAML2ComponentBuilder() {
+        // Complete
+    }
+    
     /**
      * Create a SAML 2 assertion
      *
@@ -92,17 +127,17 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Assertion createAssertion() {
         if (assertionBuilder == null) {
-            assertionBuilder = (SAMLObjectBuilder<Assertion>)
-                    builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
+            assertionBuilder = (SAMLObjectBuilder<Assertion>) 
+                builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
             if (assertionBuilder == null) {
                 throw new IllegalStateException(
-                        "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
-                                + "prior using it"
+                    "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
+                    + "prior using it"
                 );
             }
         }
-        Assertion assertion =
-                assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
+        Assertion assertion = 
+            assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
         assertion.setID(IDGenerator.generateID(null));
         assertion.setVersion(SAMLVersion.VERSION_20);
         assertion.setIssueInstant(new DateTime());
@@ -118,9 +153,9 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Issuer createIssuer(String issuerValue) {
         if (issuerBuilder == null) {
-            issuerBuilder = (SAMLObjectBuilder<Issuer>)
-                    builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
-
+            issuerBuilder = (SAMLObjectBuilder<Issuer>) 
+                builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
+            
         }
         Issuer issuer = issuerBuilder.buildObject();
         //
@@ -139,27 +174,27 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Conditions createConditions(ConditionsBean conditionsBean) {
         if (conditionsBuilder == null) {
-            conditionsBuilder = (SAMLObjectBuilder<Conditions>)
-                    builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
+            conditionsBuilder = (SAMLObjectBuilder<Conditions>) 
+                builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
         }
-
+        
         Conditions conditions = conditionsBuilder.buildObject();
-
+        
         if (conditionsBean == null) {
             DateTime newNotBefore = new DateTime();
             conditions.setNotBefore(newNotBefore);
             conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5));
             return conditions;
         }
-
+        
         int tokenPeriodMinutes = conditionsBean.getTokenPeriodMinutes();
         DateTime notBefore = conditionsBean.getNotBefore();
         DateTime notAfter = conditionsBean.getNotAfter();
-
+        
         if (notBefore != null && notAfter != null) {
             if (notBefore.isAfter(notAfter)) {
                 throw new IllegalStateException(
-                        "The value of notBefore may not be after the value of notAfter"
+                    "The value of notBefore may not be after the value of notAfter"
                 );
             }
             conditions.setNotBefore(notBefore);
@@ -172,13 +207,13 @@ public class SAML2ComponentBuilder {
             }
             conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
         }
-
+        
         if (conditionsBean.getAudienceURI() != null) {
-            AudienceRestriction audienceRestriction =
-                    createAudienceRestriction(conditionsBean.getAudienceURI());
+            AudienceRestriction audienceRestriction = 
+                createAudienceRestriction(conditionsBean.getAudienceURI());
             conditions.getAudienceRestrictions().add(audienceRestriction);
         }
-
+        
         return conditions;
     }
 
@@ -191,14 +226,14 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static AudienceRestriction createAudienceRestriction(String audienceURI) {
         if (audienceRestrictionBuilder == null) {
-            audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>)
-                    builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
+            audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>) 
+                builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
         }
         if (audienceBuilder == null) {
-            audienceBuilder = (SAMLObjectBuilder<Audience>)
-                    builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
+            audienceBuilder = (SAMLObjectBuilder<Audience>) 
+                builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
         }
-
+       
         AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject();
         Audience audience = audienceBuilder.buildObject();
         audience.setAudienceURI(audienceURI);
@@ -214,27 +249,27 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AuthnStatement> createAuthnStatement(
-            List<AuthenticationStatementBean> authBeans
+        List<AuthenticationStatementBean> authBeans
     ) {
         List<AuthnStatement> authnStatements = new ArrayList<AuthnStatement>();
-
+        
         if (authnStatementBuilder == null) {
-            authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>)
-                    builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
+            authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>) 
+                builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
         }
         if (authnContextBuilder == null) {
-            authnContextBuilder = (SAMLObjectBuilder<AuthnContext>)
-                    builderFactory.getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME);
+            authnContextBuilder = (SAMLObjectBuilder<AuthnContext>) 
+                builderFactory.getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME);
         }
         if (authnContextClassRefBuilder == null) {
-            authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>)
-                    builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
+            authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>) 
+                builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
         }
         if (subjectLocalityBuilder == null) {
-            subjectLocalityBuilder = (SAMLObjectBuilder<SubjectLocality>)
-                    builderFactory.getBuilder(SubjectLocality.DEFAULT_ELEMENT_NAME);
+            subjectLocalityBuilder = (SAMLObjectBuilder<SubjectLocality>) 
+            builderFactory.getBuilder(SubjectLocality.DEFAULT_ELEMENT_NAME);
         }
-
+        
         if (authBeans != null && authBeans.size() > 0) {
             for (AuthenticationStatementBean statementBean : authBeans) {
                 AuthnStatement authnStatement = authnStatementBuilder.buildObject();
@@ -243,14 +278,14 @@ public class SAML2ComponentBuilder {
                     authInstant = new DateTime();
                 }
                 authnStatement.setAuthnInstant(authInstant);
-
+                
                 if (statementBean.getSessionIndex() != null) {
                     authnStatement.setSessionIndex(statementBean.getSessionIndex());
                 }
-
+                
                 AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject();
                 authnContextClassRef.setAuthnContextClassRef(
-                        transformAuthenticationMethod(statementBean.getAuthenticationMethod())
+                    transformAuthenticationMethod(statementBean.getAuthenticationMethod())
                 );
                 AuthnContext authnContext = authnContextBuilder.buildObject();
                 authnContext.setAuthnContextClassRef(authnContextClassRef);
@@ -264,7 +299,7 @@ public class SAML2ComponentBuilder {
 
                     authnStatement.setSubjectLocality(subjectLocality);
                 }
-
+                
                 authnStatements.add(authnStatement);
             }
         }
@@ -273,7 +308,7 @@ public class SAML2ComponentBuilder {
     }
 
     /**
-     * Transform the user-supplied authentication method value into one of the supported
+     * Transform the user-supplied authentication method value into one of the supported 
      * specification-compliant values.
      *
      * @param sourceMethod of type String
@@ -284,7 +319,7 @@ public class SAML2ComponentBuilder {
 
         if ("Password".equalsIgnoreCase(sourceMethod)) {
             transformedMethod = SAML2Constants.AUTH_CONTEXT_CLASS_REF_PASSWORD;
-        } else if (sourceMethod != null && !sourceMethod.isEmpty()) {
+        } else if (sourceMethod != null && !"".equals(sourceMethod)) {
             return sourceMethod;
         }
 
@@ -303,7 +338,7 @@ public class SAML2ComponentBuilder {
     public static Attribute createAttribute(String friendlyName, String name, List<String> values) {
         return createAttribute(friendlyName, name, null, values);
     }
-
+    
     /**
      * Create a SAML2 Attribute
      *
@@ -314,21 +349,21 @@ public class SAML2ComponentBuilder {
      * @return a SAML2 Attribute
      */
     public static Attribute createAttribute(
-            String friendlyName, String name, String nameFormat, List<?> values
+        String friendlyName, String name, String nameFormat, List<?> values
     ) {
         if (stringBuilder == null) {
-            stringBuilder = (XSStringBuilder) builderFactory.getBuilder(XSString.TYPE_NAME);
+            stringBuilder = (XSStringBuilder)builderFactory.getBuilder(XSString.TYPE_NAME);
         }
         Attribute attribute = createAttribute(friendlyName, name, nameFormat);
-
+        
         for (Object value : values) {
             if (value instanceof String) {
-                XSString attributeValue =
-                        stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
-                attributeValue.setValue((String) value);
+                XSString attributeValue = 
+                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+                attributeValue.setValue((String)value);
                 attribute.getAttributeValues().add(attributeValue);
             } else if (value instanceof XMLObject) {
-                attribute.getAttributeValues().add((XMLObject) value);
+                attribute.getAttributeValues().add((XMLObject)value);
             }
         }
 
@@ -342,109 +377,135 @@ public class SAML2ComponentBuilder {
      * @return a Subject
      */
     @SuppressWarnings("unchecked")
-    public static Subject createSaml2Subject(SubjectBean subjectBean)
-            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+    public static Subject createSaml2Subject(SubjectBean subjectBean) 
+        throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         if (subjectBuilder == null) {
-            subjectBuilder = (SAMLObjectBuilder<Subject>)
-                    builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
+            subjectBuilder = (SAMLObjectBuilder<Subject>) 
+                builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
         }
         Subject subject = subjectBuilder.buildObject();
-
+        
         NameID nameID = SAML2ComponentBuilder.createNameID(subjectBean);
         subject.setNameID(nameID);
-
+        
         SubjectConfirmationData subjectConfData = null;
-        if (subjectBean.getKeyInfo() != null) {
-            subjectConfData =
-                    SAML2ComponentBuilder.createSubjectConfirmationData(
-                            null,
-                            null,
-                            null,
-                            subjectBean.getKeyInfo()
-                    );
+        if (subjectBean.getKeyInfo() != null || subjectBean.getSubjectConfirmationData() != null) {
+            subjectConfData = 
+                SAML2ComponentBuilder.createSubjectConfirmationData(
+                    subjectBean.getSubjectConfirmationData(), 
+                    subjectBean.getKeyInfo() 
+                );
         }
-
+        
         String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
         if (confirmationMethodStr == null) {
             confirmationMethodStr = SAML2Constants.CONF_SENDER_VOUCHES;
         }
-        SubjectConfirmation subjectConfirmation =
-                SAML2ComponentBuilder.createSubjectConfirmation(
-                        confirmationMethodStr, subjectConfData
-                );
-
+        SubjectConfirmation subjectConfirmation = 
+            SAML2ComponentBuilder.createSubjectConfirmation(
+                confirmationMethodStr, subjectConfData
+            );
+        
         subject.getSubjectConfirmations().add(subjectConfirmation);
         return subject;
     }
-
+    
     /**
      * Create a SubjectConfirmationData object
      *
      * @param inResponseTo of type String
      * @param recipient    of type String
      * @param notOnOrAfter of type DateTime
-     * @param keyInfoBean  of type KeyInfoBean
+     * @param keyInfoBean of type KeyInfoBean
+     * @return a SubjectConfirmationData object
+     */
+    @Deprecated
+    public static SubjectConfirmationData createSubjectConfirmationData(
+        String inResponseTo, 
+        String recipient, 
+        DateTime notOnOrAfter,
+        KeyInfoBean keyInfoBean
+    ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        SubjectConfirmationDataBean subjectConfirmationDataBean = 
+            new SubjectConfirmationDataBean();
+        subjectConfirmationDataBean.setInResponseTo(inResponseTo);
+        subjectConfirmationDataBean.setRecipient(recipient);
+        subjectConfirmationDataBean.setNotAfter(notOnOrAfter);
+        return createSubjectConfirmationData(subjectConfirmationDataBean, keyInfoBean);
+    }
+    
+    /**
+     * Create a SubjectConfirmationData object
+     *
+     * @param subjectConfirmationDataBean of type SubjectConfirmationDataBean
+     * @param keyInfoBean of type KeyInfoBean
      * @return a SubjectConfirmationData object
      */
     @SuppressWarnings("unchecked")
     public static SubjectConfirmationData createSubjectConfirmationData(
-            String inResponseTo,
-            String recipient,
-            DateTime notOnOrAfter,
-            KeyInfoBean keyInfoBean
+        SubjectConfirmationDataBean subjectConfirmationDataBean,
+        KeyInfoBean keyInfoBean
     ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         SubjectConfirmationData subjectConfirmationData = null;
         KeyInfo keyInfo = null;
         if (keyInfoBean == null) {
             if (subjectConfirmationDataBuilder == null) {
-                subjectConfirmationDataBuilder = (SAMLObjectBuilder<SubjectConfirmationData>)
-                        builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
+                subjectConfirmationDataBuilder = (SAMLObjectBuilder<SubjectConfirmationData>) 
+                    builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
             }
             subjectConfirmationData = subjectConfirmationDataBuilder.buildObject();
         } else {
             if (keyInfoConfirmationDataBuilder == null) {
-                keyInfoConfirmationDataBuilder = (SAMLObjectBuilder<KeyInfoConfirmationDataType>)
-                        builderFactory.getBuilder(KeyInfoConfirmationDataType.TYPE_NAME);
+                keyInfoConfirmationDataBuilder = (SAMLObjectBuilder<KeyInfoConfirmationDataType>) 
+                    builderFactory.getBuilder(KeyInfoConfirmationDataType.TYPE_NAME);
             }
             subjectConfirmationData = keyInfoConfirmationDataBuilder.buildObject();
             keyInfo = SAML1ComponentBuilder.createKeyInfo(keyInfoBean);
-            ((KeyInfoConfirmationDataType) subjectConfirmationData).getKeyInfos().add(keyInfo);
+            ((KeyInfoConfirmationDataType)subjectConfirmationData).getKeyInfos().add(keyInfo);
         }
-
-        if (inResponseTo != null) {
-            subjectConfirmationData.setInResponseTo(inResponseTo);
-        }
-        if (recipient != null) {
-            subjectConfirmationData.setRecipient(recipient);
-        }
-        if (notOnOrAfter != null) {
-            subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
+        
+        if (subjectConfirmationDataBean != null) {
+            if (subjectConfirmationDataBean.getInResponseTo() != null) {
+                subjectConfirmationData.setInResponseTo(subjectConfirmationDataBean.getInResponseTo());
+            }
+            if (subjectConfirmationDataBean.getRecipient() != null) {
+                subjectConfirmationData.setRecipient(subjectConfirmationDataBean.getRecipient());
+            }
+            if (subjectConfirmationDataBean.getAddress() != null) {
+                subjectConfirmationData.setAddress(subjectConfirmationDataBean.getAddress());
+            }
+            if (subjectConfirmationDataBean.getNotAfter() != null) {
+                subjectConfirmationData.setNotOnOrAfter(subjectConfirmationDataBean.getNotAfter());
+            }
+            if (subjectConfirmationDataBean.getNotBefore() != null) {
+                subjectConfirmationData.setNotBefore(subjectConfirmationDataBean.getNotBefore());
+            }
         }
-
+        
         return subjectConfirmationData;
     }
-
+    
     /**
      * Create a SubjectConfirmation object
      * One of the following subject confirmation methods MUST be used:
-     * urn:oasis:names:tc:SAML:2.0:cm:holder-of-key
-     * urn:oasis:names:tc:SAML:2.0:cm:sender-vouches
-     * urn:oasis:names:tc:SAML:2.0:cm:bearer
+     *   urn:oasis:names:tc:SAML:2.0:cm:holder-of-key
+     *   urn:oasis:names:tc:SAML:2.0:cm:sender-vouches
+     *   urn:oasis:names:tc:SAML:2.0:cm:bearer
      *
-     * @param method                  of type String
+     * @param method of type String
      * @param subjectConfirmationData of type SubjectConfirmationData
      * @return a SubjectConfirmation object
      */
     @SuppressWarnings("unchecked")
     public static SubjectConfirmation createSubjectConfirmation(
-            String method,
-            SubjectConfirmationData subjectConfirmationData
+        String method,
+        SubjectConfirmationData subjectConfirmationData
     ) {
         if (subjectConfirmationBuilder == null) {
-            subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>)
-                    builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+            subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>) 
+                builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
         }
-
+        
         SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
         subjectConfirmation.setMethod(method);
         subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
@@ -454,14 +515,14 @@ public class SAML2ComponentBuilder {
     /**
      * Create a NameID object
      * One of the following formats MUST be used:
-     * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
-     * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-     * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
-     * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
-     * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
-     * urn:oasis:names:tc:SAML:2.0:nameid-format:entity
-     * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
-     * urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+     *   urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+     *   urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+     *   urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
+     *   urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
+     *   urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
+     *   urn:oasis:names:tc:SAML:2.0:nameid-format:entity
+     *   urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+     *   urn:oasis:names:tc:SAML:2.0:nameid-format:transient
      *
      * @param subject A SubjectBean instance
      * @return NameID
@@ -469,8 +530,8 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static NameID createNameID(SubjectBean subject) {
         if (nameIdBuilder == null) {
-            nameIdBuilder = (SAMLObjectBuilder<NameID>)
-                    builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
+            nameIdBuilder = (SAMLObjectBuilder<NameID>) 
+                builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
         }
         NameID nameID = nameIdBuilder.buildObject();
         nameID.setNameQualifier(subject.getSubjectNameQualifier());
@@ -488,12 +549,12 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AttributeStatement> createAttributeStatement(
-            List<AttributeStatementBean> attributeData
+        List<AttributeStatementBean> attributeData
     ) {
         List<AttributeStatement> attributeStatements = new ArrayList<AttributeStatement>();
         if (attributeStatementBuilder == null) {
-            attributeStatementBuilder = (SAMLObjectBuilder<AttributeStatement>)
-                    builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
+            attributeStatementBuilder = (SAMLObjectBuilder<AttributeStatement>) 
+            builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
         }
 
         if (attributeData != null && attributeData.size() > 0) {
@@ -504,13 +565,13 @@ public class SAML2ComponentBuilder {
                     if (attributeValues == null || attributeValues.isEmpty()) {
                         attributeValues = values.getCustomAttributeValues();
                     }
-                    Attribute samlAttribute =
-                            createAttribute(
-                                    values.getSimpleName(),
-                                    values.getQualifiedName(),
-                                    values.getNameFormat(),
-                                    attributeValues
-                            );
+                    Attribute samlAttribute = 
+                        createAttribute(
+                            values.getSimpleName(), 
+                            values.getQualifiedName(),
+                            values.getNameFormat(),
+                            attributeValues
+                        );
                     attributeStatement.getAttributes().add(samlAttribute);
                 }
                 // Add the completed attribute statementBean to the collection
@@ -523,34 +584,34 @@ public class SAML2ComponentBuilder {
 
     /**
      * Create an Attribute object. The name format is of type:
-     * urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
-     * urn:oasis:names:tc:SAML:2.0:attrname-format:uri
-     * urn:oasis:names:tc:SAML:2.0:attrname-format:basic
+     *   urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
+     *   urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+     *   urn:oasis:names:tc:SAML:2.0:attrname-format:basic
      *
      * @param friendlyName of type String
-     * @param name         of type String
+     * @param name of type String
      * @return an Attribute object
      * @deprecated
      */
     public static Attribute createAttribute(String friendlyName, String name) {
-        return createAttribute(friendlyName, name, (String) null);
+        return createAttribute(friendlyName, name, (String)null);
     }
-
+    
     /**
      * Create an Attribute object.
      *
      * @param friendlyName of type String
-     * @param name         of type String
-     * @param nameFormat   of type String
+     * @param name of type String
+     * @param nameFormat of type String
      * @return an Attribute object
      */
     @SuppressWarnings("unchecked")
     public static Attribute createAttribute(String friendlyName, String name, String nameFormat) {
         if (attributeBuilder == null) {
             attributeBuilder = (SAMLObjectBuilder<Attribute>)
-                    builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
+                builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
         }
-
+        
         Attribute attribute = attributeBuilder.buildObject();
         attribute.setFriendlyName(friendlyName);
         if (nameFormat == null) {
@@ -570,23 +631,23 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement(
-            List<AuthDecisionStatementBean> decisionData
+        List<AuthDecisionStatementBean> decisionData
     ) {
-        List<AuthzDecisionStatement> authDecisionStatements =
+        List<AuthzDecisionStatement> authDecisionStatements = 
                 new ArrayList<AuthzDecisionStatement>();
         if (authorizationDecisionStatementBuilder == null) {
-            authorizationDecisionStatementBuilder =
-                    (SAMLObjectBuilder<AuthzDecisionStatement>)
-                            builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
+            authorizationDecisionStatementBuilder = 
+                (SAMLObjectBuilder<AuthzDecisionStatement>)
+                    builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
         }
 
         if (decisionData != null && decisionData.size() > 0) {
             for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
-                AuthzDecisionStatement authDecision =
-                        authorizationDecisionStatementBuilder.buildObject();
+                AuthzDecisionStatement authDecision = 
+                    authorizationDecisionStatementBuilder.buildObject();
                 authDecision.setResource(decisionStatementBean.getResource());
                 authDecision.setDecision(
-                        transformDecisionType(decisionStatementBean.getDecision())
+                    transformDecisionType(decisionStatementBean.getDecision())
                 );
 
                 for (ActionBean actionBean : decisionStatementBean.getActions()) {
@@ -594,10 +655,10 @@ public class SAML2ComponentBuilder {
                     authDecision.getActions().add(actionElement);
                 }
 
-                if (decisionStatementBean.getEvidence() instanceof Evidence) {
-                    authDecision.setEvidence((Evidence) decisionStatementBean.getEvidence());
+                if (decisionStatementBean.getEvidence() instanceof Evidence) {                                    
+                    authDecision.setEvidence((Evidence)decisionStatementBean.getEvidence());
                 }
-
+                
                 authDecisionStatements.add(authDecision);
             }
         }
@@ -616,7 +677,7 @@ public class SAML2ComponentBuilder {
     public static Action createSamlAction(ActionBean actionBean) {
         if (actionElementBuilder == null) {
             actionElementBuilder = (SAMLObjectBuilder<Action>)
-                    builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
+                builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
         }
         Action actionElement = actionElementBuilder.buildObject();
         actionElement.setNamespace(actionBean.getActionNamespace());
@@ -632,10 +693,10 @@ public class SAML2ComponentBuilder {
      * Create a DecisionTypeEnumeration object
      *
      * @param decision of type Decision
-     * @return a DecisionTypeEnumeration object
+     * @return a DecisionTypeEnumeration object 
      */
     private static DecisionTypeEnumeration transformDecisionType(
-            AuthDecisionStatementBean.Decision decision
+        AuthDecisionStatementBean.Decision decision
     ) {
         DecisionTypeEnumeration decisionTypeEnum = DecisionTypeEnumeration.DENY;
         if (decision.equals(AuthDecisionStatementBean.Decision.PERMIT)) {

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java?rev=1340089&r1=1340088&r2=1340089&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java Fri May 18 13:29:02 2012
@@ -26,137 +26,141 @@ package org.swssf.wss.impl.saml.builder;
  * <p/>
  * Created on May 18, 2009
  */
-public class SAML2Constants {
+public final class SAML2Constants {
     //
     // NAME ID FORMAT
     //
-
-    public static final String NAMEID_FORMAT_UNSPECIFIED =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
-
-    public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
-
-    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
-
-    public static final String NAMEID_FORMAT_WINDOWS_DQN =
-            "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
-
-    public static final String NAMEID_FORMAT_KERBEROS =
-            "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos";
-
-    public static final String NAMEID_FORMAT_ENTITY =
-            "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
-
-    public static final String NAMEID_FORMAT_PERSISTENT =
-            "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
-
-    public static final String NAMEID_FORMAT_TRANSIENT =
-            "urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
+    
+    public static final String NAMEID_FORMAT_UNSPECIFIED = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+    
+    public static final String NAMEID_FORMAT_EMAIL_ADDRESS = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+    
+    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+    
+    public static final String NAMEID_FORMAT_WINDOWS_DQN = 
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+    
+    public static final String NAMEID_FORMAT_KERBEROS = 
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos";
+    
+    public static final String NAMEID_FORMAT_ENTITY = 
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
+    
+    public static final String NAMEID_FORMAT_PERSISTENT = 
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
+    
+    public static final String NAMEID_FORMAT_TRANSIENT = 
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
 
     //
     // SUBJECT CONFIRMATION
     //
-
-    public static final String CONF_BEARER =
-            "urn:oasis:names:tc:SAML:2.0:cm:bearer";
-
-    public static final String CONF_HOLDER_KEY =
-            "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
-
-    public static final String CONF_SENDER_VOUCHES =
-            "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
-
+    
+    public static final String CONF_BEARER = 
+        "urn:oasis:names:tc:SAML:2.0:cm:bearer";
+    
+    public static final String CONF_HOLDER_KEY = 
+        "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
+    
+    public static final String CONF_SENDER_VOUCHES = 
+        "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
+    
     //
     // AUTH CONTEXT CLASS REF
     //
-
-    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_KERBEROS =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:Password";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_PREVIOUS_SESSION =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_X509 =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:X509";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_PGP =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_SPKI =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_XMLDSIG =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD_PKI =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_SOFTWARE_PKI =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_TELEPHONY =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_NOMAD_TELEPHONY =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_PERSONAL_TELEPHONY =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_AUTHENTICATED_TELEPHONY =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_SECURED_REMOTE_PASSWORD =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_TLS_CLIENT =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken";
-
-    public static final String AUTH_CONTEXT_CLASS_REF_UNSPECIFIED =
-            "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_KERBEROS = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:Password";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_PREVIOUS_SESSION = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_X509 = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:X509";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_PGP = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_SPKI = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_XMLDSIG = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD_PKI = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_SOFTWARE_PKI = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_TELEPHONY = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_NOMAD_TELEPHONY = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_PERSONAL_TELEPHONY = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_AUTHENTICATED_TELEPHONY = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_SECURED_REMOTE_PASSWORD = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_TLS_CLIENT = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken";
+    
+    public static final String AUTH_CONTEXT_CLASS_REF_UNSPECIFIED = 
+        "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified";
 
     //
     // ATTRIBUTE NAME FORMAT
     //
-
-    public static final String ATTRNAME_FORMAT_UNSPECIFIED =
-            "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
-
-    public static final String ATTRNAME_FORMAT_URI =
-            "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
-
-    public static final String ATTRNAME_FORMAT_BASIC =
-            "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+    
+    public static final String ATTRNAME_FORMAT_UNSPECIFIED = 
+        "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
+    
+    public static final String ATTRNAME_FORMAT_URI = 
+        "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
+    
+    public static final String ATTRNAME_FORMAT_BASIC = 
+        "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+    
+    private SAML2Constants() {
+        // Complete
+    }
 }

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/saml2-xacml2-profile.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/saml2-xacml2-profile.xml?rev=1340089&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/saml2-xacml2-profile.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/saml2-xacml2-profile.xml Fri May 18 13:29:02 2012
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XMLTooling xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os" xmlns:xacml-saml="urn:oasis:xacml:2.0:saml:assertion:schema:os" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.opensaml.org/xmltooling-config">
+
+    <!-- XACML 2.0 for SAML 2 Profile Object Providers -->
+	<ObjectProviders>
+    
+		<!-- ReferencedPoliciesType -->
+        <ObjectProvider qualifiedName="xacml-saml:ReferencedPolicies">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+        <!-- ReferencedPoliciesType -->
+        <ObjectProvider qualifiedName="xacml-saml:ReferencedPoliciesType">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.ReferencedPoliciesTypeUnmarshaller"/>
+        </ObjectProvider>
+	
+         
+       <!-- XACMLAuthzDecisionStatement -->
+        <ObjectProvider qualifiedName="xacml-saml:XACMLAuthzDecisionStatement">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+        <ObjectProvider qualifiedName="xacml-saml:XACMLAuthzDecisionStatementType">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+        <!-- XACMLPolicyStatement -->
+        <ObjectProvider qualifiedName="xacml-saml:XACMLPolicyStatement">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+        <ObjectProvider qualifiedName="xacml-saml:XACMLPolicyStatementType">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyStatementTypeUnmarshaller"/>
+        </ObjectProvider>
+           
+       <!-- XACMLAuthzDecisionQuery provider -->
+        <ObjectProvider qualifiedName="xacml-samlp:XACMLAuthzDecisionQuery">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeUnmarshaller"/>
+        </ObjectProvider>
+     
+        <ObjectProvider qualifiedName="xacml-samlp:XACMLAuthzDecisionQueryType">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionQueryTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+        <!-- XACMLPolicyQuery provider -->
+        <ObjectProvider qualifiedName="xacml-samlp:XACMLPolicyQuery">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeUnmarshaller"/>
+        </ObjectProvider>
+     
+        <ObjectProvider qualifiedName="xacml-samlp:XACMLPolicyQueryType">
+            <BuilderClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeImplBuilder"/>
+            <MarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.xacml.profile.saml.impl.XACMLPolicyQueryTypeUnmarshaller"/>
+        </ObjectProvider>
+        
+    </ObjectProviders>
+    
+ </XMLTooling>

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenTest.java?rev=1340089&r1=1340088&r2=1340089&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenTest.java Fri May 18 13:29:02 2012
@@ -217,6 +217,7 @@ public class SAMLTokenTest extends Abstr
             callbackHandler.setStatement(CallbackHandlerImpl.Statement.AUTHZ);
             callbackHandler.setIssuer("www.example.com");
             callbackHandler.setSignAssertion(false);
+            callbackHandler.setResource("http://resource.org");
             securityProperties.setCallbackHandler(callbackHandler);
 
             OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
@@ -245,6 +246,7 @@ public class SAMLTokenTest extends Abstr
             SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
             callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHZ);
             callbackHandler.setIssuer("www.example.com");
+            callbackHandler.setResource("http://resource.org");
 
             InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
             String action = WSHandlerConstants.SAML_TOKEN_UNSIGNED;
@@ -436,6 +438,7 @@ public class SAMLTokenTest extends Abstr
             callbackHandler.setStatement(CallbackHandlerImpl.Statement.AUTHZ);
             callbackHandler.setIssuer("www.example.com");
             callbackHandler.setSignAssertion(false);
+            callbackHandler.setResource("http://resource.org");
             securityProperties.setCallbackHandler(callbackHandler);
 
             OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
@@ -464,6 +467,7 @@ public class SAMLTokenTest extends Abstr
             SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
             callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHZ);
             callbackHandler.setIssuer("www.example.com");
+            callbackHandler.setResource("http://resource.org");
 
             InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
             String action = WSHandlerConstants.SAML_TOKEN_UNSIGNED;

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java?rev=1340089&r1=1340088&r2=1340089&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java Fri May 18 13:29:02 2012
@@ -927,6 +927,9 @@ public class MerlinBase extends CryptoBa
      * Find the Public Key in a keystore.
      */
     private boolean findPublicKeyInKeyStore(PublicKey publicKey, KeyStore keyStoreToSearch) {
+        if (keyStoreToSearch == null) {
+            return false;
+        }
         try {
             for (Enumeration<String> e = keyStoreToSearch.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();



Mime
View raw message