gluu
公開メンバ関数 | 非公開メンバ関数 | 非公開変数類 | 静的非公開変数類 | 全メンバ一覧
org.gluu.oxtrust.ldap.service.MetadataValidationTimer クラス
org.gluu.oxtrust.ldap.service.MetadataValidationTimer 連携図
Collaboration graph

公開メンバ関数

void init ()
 
void initTimer ()
 
void processMetadataValidationTimerEvent (@Observes @Scheduled MetadataValidationEvent metadataValidationEvent)
 
void queue (String fileName)
 
boolean isQueued (String gluuSAMLspMetaDataFN)
 

非公開メンバ関数

void procesMetadataValidation ()
 
void regenerateConfigurationFiles ()
 
boolean validateMetadata (String shib3IdpTempmetadataFolder, String shib3IdpMetadataFolder)
 

非公開変数類

Logger log
 
Event< TimerEvent > timerEvent
 
AppConfiguration appConfiguration
 
TrustService trustService
 
Shibboleth3ConfService shibboleth3ConfService
 
AtomicBoolean isActive
 
LinkedBlockingQueue< String > metadataUpdates
 

静的非公開変数類

static final int DEFAULT_INTERVAL = 60
 

詳解

著者
�Oleksiy Tataryn�
Yuriy Mochan

関数詳解

◆ init()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.init ( )
inline
73  {
74  this.isActive = new AtomicBoolean(true);
75  try {
76  this.metadataUpdates = new LinkedBlockingQueue<String>();
77  } finally {
78  this.isActive.set(false);
79  }
80  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.isActive
AtomicBoolean isActive
Definition: MetadataValidationTimer.java:68
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.metadataUpdates
LinkedBlockingQueue< String > metadataUpdates
Definition: MetadataValidationTimer.java:70

◆ initTimer()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.initTimer ( )
inline
82  {
83  log.debug("Initializing Metadata Validation Timer");
84 
85  final int delay = 30;
86  final int interval = DEFAULT_INTERVAL;
87 
88  timerEvent.fire(new TimerEvent(new TimerSchedule(delay, interval), new MetadataValidationEvent(),
89  Scheduled.Literal.INSTANCE));
90  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
Logger log
Definition: MetadataValidationTimer.java:54
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.DEFAULT_INTERVAL
static final int DEFAULT_INTERVAL
Definition: MetadataValidationTimer.java:51
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.timerEvent
Event< TimerEvent > timerEvent
Definition: MetadataValidationTimer.java:57

◆ isQueued()

boolean org.gluu.oxtrust.ldap.service.MetadataValidationTimer.isQueued ( String  gluuSAMLspMetaDataFN)
inline
129  {
130  synchronized (metadataUpdates) {
131  for (String filename : metadataUpdates) {
132  if (filename.contains(gluuSAMLspMetaDataFN)) {
133  return true;
134  }
135  }
136  return false;
137  }
138  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.metadataUpdates
LinkedBlockingQueue< String > metadataUpdates
Definition: MetadataValidationTimer.java:70

◆ procesMetadataValidation()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.procesMetadataValidation ( )
inlineprivate
111  {
112  log.debug("Starting metadata validation");
113  boolean result = validateMetadata(appConfiguration.getShibboleth3IdpRootDir() + File.separator
114  + Shibboleth3ConfService.SHIB3_IDP_TEMPMETADATA_FOLDER + File.separator, appConfiguration
115  .getShibboleth3IdpRootDir() + File.separator + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator);
116  log.debug("Metadata validation finished with result: '{}'", result);
117 
118  if (result) {
119  regenerateConfigurationFiles();
120  }
121  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.appConfiguration
AppConfiguration appConfiguration
Definition: MetadataValidationTimer.java:60
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
Logger log
Definition: MetadataValidationTimer.java:54
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.validateMetadata
boolean validateMetadata(String shib3IdpTempmetadataFolder, String shib3IdpMetadataFolder)
Definition: MetadataValidationTimer.java:157
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.regenerateConfigurationFiles
void regenerateConfigurationFiles()
Definition: MetadataValidationTimer.java:140

◆ processMetadataValidationTimerEvent()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.processMetadataValidationTimerEvent ( @Observes @Scheduled MetadataValidationEvent  metadataValidationEvent)
inline
93  {
94  if (this.isActive.get()) {
95  return;
96  }
97 
98  if (!this.isActive.compareAndSet(false, true)) {
99  return;
100  }
101 
102  try {
103  procesMetadataValidation();
104  } catch (Throwable ex) {
105  log.error("Exception happened while reloading application configuration", ex);
106  } finally {
107  this.isActive.set(false);
108  }
109  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
Logger log
Definition: MetadataValidationTimer.java:54
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.isActive
AtomicBoolean isActive
Definition: MetadataValidationTimer.java:68
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.procesMetadataValidation
void procesMetadataValidation()
Definition: MetadataValidationTimer.java:111

◆ queue()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.queue ( String  fileName)
inline
123  {
124  synchronized (metadataUpdates) {
125  metadataUpdates.add(fileName);
126  }
127  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.metadataUpdates
LinkedBlockingQueue< String > metadataUpdates
Definition: MetadataValidationTimer.java:70

◆ regenerateConfigurationFiles()

void org.gluu.oxtrust.ldap.service.MetadataValidationTimer.regenerateConfigurationFiles ( )
inlineprivate
140  {
141  boolean createConfig = appConfiguration.isConfigGeneration();
142  log.info("IDP config generation is set to " + createConfig);
143 
144  if (createConfig) {
145  List<GluuSAMLTrustRelationship> trustRelationships = trustService.getAllActiveTrustRelationships();
146  shibboleth3ConfService.generateConfigurationFiles(trustRelationships);
147 
148  log.info("IDP config generation files finished. TR count: '{}'", trustRelationships.size());
149  }
150 
151  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.appConfiguration
AppConfiguration appConfiguration
Definition: MetadataValidationTimer.java:60
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
Logger log
Definition: MetadataValidationTimer.java:54
org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.generateConfigurationFiles
boolean generateConfigurationFiles(List< GluuSAMLTrustRelationship > trustRelationships)
Definition: Shibboleth3ConfService.java:177
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.trustService
TrustService trustService
Definition: MetadataValidationTimer.java:63
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.shibboleth3ConfService
Shibboleth3ConfService shibboleth3ConfService
Definition: MetadataValidationTimer.java:66
org.gluu.oxtrust.ldap.service.TrustService.getAllActiveTrustRelationships
List< GluuSAMLTrustRelationship > getAllActiveTrustRelationships()
Definition: TrustService.java:202

◆ validateMetadata()

boolean org.gluu.oxtrust.ldap.service.MetadataValidationTimer.validateMetadata ( String  shib3IdpTempmetadataFolder,
String  shib3IdpMetadataFolder 
)
inlineprivate
引数
shib3IdpTempmetadataFolder
shib3IdpMetadataFolder
157  {
158  boolean result = false;
159  log.trace("Starting metadata validation process.");
160 
161  String metadataFN = null;
162  synchronized (metadataUpdates) {
163  if (!metadataUpdates.isEmpty()) {
164  metadataFN = metadataUpdates.poll();
165  }
166  }
167 
168  synchronized (this) {
169  if (StringHelper.isNotEmpty(metadataFN)) {
170  File metadata = new File(shib3IdpTempmetadataFolder + metadataFN);
171  File target = new File(shib3IdpMetadataFolder + metadataFN.replaceAll(".{4}\\..{4}$", ""));
172  GluuSAMLTrustRelationship tr = trustService.getTrustByUnpunctuatedInum(
173  metadataFN.split("-" + Shibboleth3ConfService.SHIB3_IDP_SP_METADATA_FILE)[0]);
174  if (tr == null) {
175  metadataUpdates.add(metadataFN);
176  return false;
177  }
178  tr.setValidationStatus(GluuValidationStatus.VALIDATION);
179  trustService.updateTrustRelationship(tr);
180 
181  GluuErrorHandler errorHandler = null;
182  List<String> validationLog = null;
183  try {
184  errorHandler = shibboleth3ConfService.validateMetadata(new FileInputStream(metadata));
185  } catch (Exception e) {
186  tr.setValidationStatus(GluuValidationStatus.VALIDATION_FAILED);
187  tr.setStatus(GluuStatus.INACTIVE);
188  validationLog = new ArrayList<String>();
189  validationLog.add(e.getMessage());
190  log.warn("Validation of " + tr.getInum() + " failed: " + e.getMessage() );
191  tr.setValidationLog(validationLog);
192  trustService.updateTrustRelationship(tr);
193 
194  return false;
195  }
196  if (errorHandler.isValid()) {
197  tr.setValidationLog(errorHandler.getLog());
198  tr.setValidationStatus(GluuValidationStatus.VALIDATION_SUCCESS);
199  if (((!target.exists()) || target.delete()) && (!metadata.renameTo(target))) {
200  log.error("Failed to move metadata file to location:" + target.getAbsolutePath());
201  tr.setStatus(GluuStatus.INACTIVE);
202  } else {
203  tr.setSpMetaDataFN(target.getName());
204  }
205  boolean federation = shibboleth3ConfService.isFederation(tr);
206  tr.setFederation(federation);
207  String idpMetadataFolder = appConfiguration.getShibboleth3IdpRootDir() + File.separator
208  + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator;
209  File metadataFile = new File(idpMetadataFolder + tr.getSpMetaDataFN());
210 
211 
212  List<String> entityIdList = SAMLMetadataParser.getEntityIdFromMetadataFile(metadataFile);
213  Set<String> entityIdSet = new TreeSet<String>();
214  Set<String> duplicatesSet = new TreeSet<String>();
215  if(entityIdList != null && ! entityIdList.isEmpty()){
216 
217  for (String entityId : entityIdList) {
218  if (!entityIdSet.add(entityId)) {
219  duplicatesSet.add(entityId);
220  }
221  }
222  }
223 
224 
225  if(! duplicatesSet.isEmpty()){
226  validationLog = tr.getValidationLog();
227  if(validationLog != null){
228  validationLog = new LinkedList<String>(validationLog);
229  }else{
230  validationLog = new LinkedList<String>();
231  }
232  validationLog.add("This metadata contains multiple instances of entityId: " + Arrays.toString(duplicatesSet.toArray()));
233  }
234  tr.setValidationLog(validationLog);
235  tr.setGluuEntityId(entityIdSet);
236  tr.setStatus(GluuStatus.ACTIVE);
237 
238  trustService.updateTrustRelationship(tr);
239  result = true;
240  } else if(appConfiguration.isIgnoreValidation() || errorHandler.isInternalError()){
241  tr.setValidationLog(new ArrayList<String>(new HashSet<String>(errorHandler.getLog())));
242  tr.setValidationStatus(GluuValidationStatus.VALIDATION_FAILED);
243  if( (( ! target.exists() ) || target.delete()) && ( ! metadata.renameTo(target) )){
244  log.error("Failed to move metadata file to location:" + target.getAbsolutePath());
245  tr.setStatus(GluuStatus.INACTIVE);
246  }else{
247  tr.setSpMetaDataFN(target.getName());
248  }
249  boolean federation = shibboleth3ConfService.isFederation(tr);
250  tr.setFederation(federation);
251  String idpMetadataFolder = appConfiguration.getShibboleth3IdpRootDir() + File.separator + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator;
252  File metadataFile = new File(idpMetadataFolder + tr.getSpMetaDataFN());
253 
254  List<String> entityIdList = SAMLMetadataParser.getEntityIdFromMetadataFile(metadataFile);
255  Set<String> duplicatesSet = new TreeSet<String>();
256  Set<String> entityIdSet = new TreeSet<String>();
257 
258  for (String entityId : entityIdList) {
259  if (!entityIdSet.add(entityId)) {
260  duplicatesSet.add(entityId);
261  }
262  }
263 
264  tr.setGluuEntityId(entityIdSet);
265  tr.setStatus(GluuStatus.ACTIVE);
266  validationLog = tr.getValidationLog();
267  if(! duplicatesSet.isEmpty()){
268  validationLog.add("This metadata contains multiple instances of entityId: " + Arrays.toString(duplicatesSet.toArray()));
269  }
270 
271  if (errorHandler.isInternalError()) {
272  validationLog = tr.getValidationLog();
273 
274  validationLog.add("Warning: cannot validate metadata. Check internet connetion ans www.w3.org availability.");
275 
276  // update log with warning
277  for (String warningLogMessage : errorHandler.getLog())
278  validationLog.add("Warning: " + warningLogMessage);
279  }
280 
281  trustService.updateTrustRelationship(tr);
282  result = true;
283  } else {
284  tr.setValidationLog(new ArrayList<String>(new HashSet<String>(errorHandler.getLog())));
285  tr.setValidationStatus(GluuValidationStatus.VALIDATION_FAILED);
286  tr.setStatus(GluuStatus.INACTIVE);
287  trustService.updateTrustRelationship(tr);
288  }
289  }
290  }
291 
292  return result;
293  }
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.appConfiguration
AppConfiguration appConfiguration
Definition: MetadataValidationTimer.java:60
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
Logger log
Definition: MetadataValidationTimer.java:54
org.gluu.oxtrust.ldap.service.TrustService.getTrustByUnpunctuatedInum
GluuSAMLTrustRelationship getTrustByUnpunctuatedInum(String unpunctuated)
Definition: TrustService.java:417
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.trustService
TrustService trustService
Definition: MetadataValidationTimer.java:63
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.metadataUpdates
LinkedBlockingQueue< String > metadataUpdates
Definition: MetadataValidationTimer.java:70
org.gluu.oxtrust.ldap.service.MetadataValidationTimer.shibboleth3ConfService
Shibboleth3ConfService shibboleth3ConfService
Definition: MetadataValidationTimer.java:66
org.gluu.oxtrust.ldap.service.TrustService.updateTrustRelationship
void updateTrustRelationship(GluuSAMLTrustRelationship trustRelationship)
Definition: TrustService.java:111
org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.isFederation
boolean isFederation(GluuSAMLTrustRelationship trustRelationship)
Definition: Shibboleth3ConfService.java:1523
org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.validateMetadata
GluuErrorHandler validateMetadata(InputStream stream)
Definition: Shibboleth3ConfService.java:1404

メンバ詳解

◆ appConfiguration

AppConfiguration org.gluu.oxtrust.ldap.service.MetadataValidationTimer.appConfiguration
private

◆ DEFAULT_INTERVAL

final int org.gluu.oxtrust.ldap.service.MetadataValidationTimer.DEFAULT_INTERVAL = 60
staticprivate

◆ isActive

AtomicBoolean org.gluu.oxtrust.ldap.service.MetadataValidationTimer.isActive
private

◆ log

Logger org.gluu.oxtrust.ldap.service.MetadataValidationTimer.log
private

◆ metadataUpdates

LinkedBlockingQueue<String> org.gluu.oxtrust.ldap.service.MetadataValidationTimer.metadataUpdates
private

◆ shibboleth3ConfService

Shibboleth3ConfService org.gluu.oxtrust.ldap.service.MetadataValidationTimer.shibboleth3ConfService
private

◆ timerEvent

Event<TimerEvent> org.gluu.oxtrust.ldap.service.MetadataValidationTimer.timerEvent
private

◆ trustService

TrustService org.gluu.oxtrust.ldap.service.MetadataValidationTimer.trustService
private
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時45分24秒作成 - gluu / 構成:   doxygen 1.8.13