org.gluu.oxtrust.action.UpdateTrustRelationshipAction の継承関係図

org.gluu.oxtrust.action.UpdateTrustRelationshipAction 連携図

公開メンバ関数
List< GluuMetadataSourceType >	getMetadataSourceTypesList ()

String	add ()

String	update ()

String	cancel ()

String	save ()

String	saveImpl ()

void	newThreadSaveSpMetaDataFileSourceTypeURI ()

void	initTrustRelationship (GluuSAMLTrustRelationship trust, List< GluuAttribute > attributes)

String	getCertForGeneratedSP () throws IOException

boolean	saveSpMetaDataFileSourceTypeURI () throws IOException

String	delete ()

String	downloadConfiguration ()

String	downloadConfigurationImpl ()

Part	getFileWrapper ()

void	setFileWrapper (Part fileWrapper)

Part	getCertWrapper ()

void	setCertWrapper (Part certWrapper)

String	getInum ()

void	setInum (String inum)

GluuSAMLTrustRelationship	getTrustRelationship ()

String	getMetadata () throws IOException

boolean	isUpdate ()

String	getSAML1URI (GluuAttribute attribute)

String	getSAML2URI (GluuAttribute attribute)

void	setSelectedTR (String trust)

void	setContainerFederation (SelectItem federation)

SelectItem	getContainerFederation ()

ArrayList< SelectItem >	getAllFederations ()

boolean	isActive ()

String	activationToggle ()

void	setSelectedEntities (String[] entities)

String []	getSelectedEntities ()

void	filterEntities ()

void	setAvailableEntities (List< String > availableEntities)

List< String >	getAvailableEntities ()

void	setFilterString (String filterString)

String	getFilterString ()

List< GluuSAMLTrustRelationship >	getFederatedSites ()

GluuEntityType []	getEntityTypeList ()

boolean	generateSp () throws IOException

List< GluuSAMLTrustRelationship >	getAllOtherFederations (String inum)

GluuSAMLTrustRelationship	getTrustContainerFederation (String inum)

限定公開メンバ関数
String	getEventQueue ()

String	getActionName ()

boolean	allowAccessAttribute (GluuAttribute attribute)

boolean	allowEditAttribute (GluuAttribute attribute)

静的変数
static final Class<?> []	NO_PARAM_SIGNATURE = new Class[0]

非公開メンバ関数
boolean	initActions ()

List< GluuAttribute >	getAllAttributes ()

List< GluuAttribute >	getAllActiveAttributes ()

void	initFederatedSites (GluuSAMLTrustRelationship trustRelationship)

void	initAttributes (GluuSAMLTrustRelationship trust)

void	setEntityId ()

void	saveTR (boolean isUpdate)

void	updateSpMetaDataCert (Part certWrapper) throws IOException

void	markAsInactive ()

void	updateShibboleth3Configuration (List< GluuSAMLTrustRelationship > trustRelationships)

boolean	generateSpMetaDataFile (String certificate)

boolean	generateSpMetaDataFileImpl (String certificate)

boolean	saveSpMetaDataFileSourceTypeFile () throws IOException

List< GluuCustomAttribute >	getCurrentCustomAttributes ()

非公開変数類
Logger	log

AppConfiguration	appConfiguration

String	inum

boolean	update

GluuSAMLTrustRelationship	trustRelationship

OrganizationService	organizationService

SchemaService	shemaService

AttributeService	attributeService

MetadataValidationTimer	metadataValidationTimer

TrustService	trustService

ClientService	clientService

Identity	identity

TemplateService	templateService

SvnSyncTimer	svnSyncTimer

Shibboleth3ConfService	shibboleth3ConfService

FacesMessages	facesMessages

ConversationService	conversationService

TrustContactsAction	trustContactsAction

MetadataFiltersAction	metadataFiltersAction

RelyingPartyAction	relyingPartyAction

CustomAttributeAction	customAttributeAction

FederationDeconstructionAction	federationDeconstructionAction

SSLService	sslService

Part	fileWrapper

Part	certWrapper

String	selectedTR

List< GluuSAMLTrustRelationship >	federatedSites

List< String >	availableEntities

List< String >	filteredEntities

String	filterString

OxTrustAuditService	oxTrustAuditService

List< String >	availableEntitiesFiltered

transient ExternalContext	externalContext

静的非公開変数類
static final long	serialVersionUID = -1032167044333943680L

詳解

Action class for updating and adding the trust relationships

著者: Yuriy Movchan Date: 11.04.2010

関数詳解

◆ activationToggle()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.activationToggle ( )

inline

                                          {
                 if (trustRelationship.getStatus().equals(GluuStatus.ACTIVE)) {
                         trustRelationship.setStatus(GluuStatus.INACTIVE);
                 } else if (trustRelationship.getStatus().equals(GluuStatus.INACTIVE)) {
                         trustRelationship.setStatus(GluuStatus.ACTIVE);
                 }
                 saveTR(true);
 
                 List<GluuSAMLTrustRelationship> trustRelationships = trustService.getAllActiveTrustRelationships();
                 updateShibboleth3Configuration(trustRelationships);
 
                 facesMessages.add(FacesMessage.SEVERITY_INFO,
                                 "Relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}' #{updateTrustRelationshipAction.active ? 'activated' : 'deactivated'} successfully");
 
                 return OxTrustConstants.RESULT_SUCCESS;
         }

◆ add()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.add ( )

inline

                             {
                 if (this.trustRelationship != null) {
                         return OxTrustConstants.RESULT_SUCCESS;
                 }
 
                 this.update = false;
                 this.trustRelationship = new GluuSAMLTrustRelationship();
 
                 this.trustRelationship.setMaxRefreshDelay("PT8H");
                 this.trustRelationship.setOwner(organizationService.getOrganization().getDn());
 
                 boolean initActionsResult = initActions();
                 if (!initActionsResult) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to add relationship");
                         conversationService.endConversation();
 
                         return OxTrustConstants.RESULT_FAILURE;
                 }
 
                 return OxTrustConstants.RESULT_SUCCESS;
         }

◆ allowAccessAttribute()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.allowAccessAttribute ( GluuAttribute attribute )

inlineprotected

                                                                         {
                 return attribute.isAdminCanAccess();
         }

◆ allowEditAttribute()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.allowEditAttribute ( GluuAttribute attribute )

inlineprotected

                                                                       {
                 // Allow select any attribute
                 return true;
         }

◆ cancel()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.cancel ( )

inline

                                {
                 if (update) {
                         facesMessages.add(FacesMessage.SEVERITY_INFO,
                                         "Relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}' not updated");
                 } else {
                         facesMessages.add(FacesMessage.SEVERITY_INFO, "New relationship not added");
                 }
                 conversationService.endConversation();
 
                 return OxTrustConstants.RESULT_SUCCESS;
         }

◆ delete()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.delete ( )

inline

                                {
                 String result = OxTrustConstants.RESULT_FAILURE;
                 if (update) {
                         // Remove trust relationship
                         try {
                                 synchronized (svnSyncTimer) {
                                         for (GluuSAMLTrustRelationship trust : trustService
                                                         .getDeconstructedTrustRelationships(this.trustRelationship)) {
                                                 if (GluuStatus.ACTIVE.equals(trust.getStatus())) {
                                                         log.error(
                                                                         "Failed to remove federation trust relationship {}, there are still active federated Trust Relationships left.",
                                                                         this.trustRelationship.getInum());
                                                         return result;
                                                 }
                                         }
                                         for (GluuSAMLTrustRelationship trust : trustService
                                                         .getDeconstructedTrustRelationships(this.trustRelationship)) {
                                                 trustService.removeTrustRelationship(trust);
                                                 svnSyncTimer.removeTrustRelationship(trust, identity.getCredentials().getUsername());
                                         }
                                         shibboleth3ConfService.removeSpMetadataFile(this.trustRelationship.getSpMetaDataFN());
                                         trustService.removeTrustRelationship(this.trustRelationship);
                                         oxTrustAuditService.audit(
                                                         "TR " + this.trustRelationship.getInum() + " **" + this.trustRelationship.getDisplayName()
                                                                         + "** REMOVED",
                                                         identity.getUser(),
                                                         (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest());
                                         svnSyncTimer.removeTrustRelationship(this.trustRelationship,
                                                         identity.getCredentials().getUsername());
                                 }
                                 result = OxTrustConstants.RESULT_SUCCESS;
                         } catch (BasePersistenceException ex) {
                                 result = OxTrustConstants.RESULT_FAILURE;
                                 log.error("Failed to remove trust relationship {}", this.trustRelationship.getInum(), ex);
                         } catch (InterruptedException e) {
                                 log.error(
                                                 "Failed to add trust relationship to remove queue. It will be removed during next application restart",
                                                 e);
                         } finally {
                                 List<GluuSAMLTrustRelationship> trustRelationships = trustService.getAllActiveTrustRelationships();
                                 updateShibboleth3Configuration(trustRelationships);
                         }
                 }
 
                 if (OxTrustConstants.RESULT_SUCCESS.equals(result)) {
                         facesMessages.add(FacesMessage.SEVERITY_INFO,
                                         "Relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}' removed successfully");
                 } else if (OxTrustConstants.RESULT_FAILURE.equals(result)) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                         "Failed to remove relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}'");
                 }
 
                 return result;
         }

◆ downloadConfiguration()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.downloadConfiguration ( )

inline

                                               {
                 String outcome = downloadConfigurationImpl();
 
                 if (OxTrustConstants.RESULT_FAILURE.equals(outcome)) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                         "Failed to prepare Shibboleth3 configuration files for download'");
                 }
 
                 return outcome;
         }

◆ downloadConfigurationImpl()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.downloadConfigurationImpl ( )

inline

                                                   {
                 HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext()
                                 .getRequest();
                 inum = request.getParameter("inum");
                 log.info("inum " + inum);
 
                 GluuSAMLTrustRelationship trustRelationship = trustService.getRelationshipByInum(inum);
                 ByteArrayOutputStream bos = new ByteArrayOutputStream(16384);
                 ZipOutputStream zos = ResponseHelper.createZipStream(bos, "Shibboleth v3 configuration files");
                 try {
                         zos.setMethod(ZipOutputStream.DEFLATED);
                         zos.setLevel(Deflater.DEFAULT_COMPRESSION);
 
                         // Add files
                         String idpMetadataFilePath = shibboleth3ConfService.getIdpMetadataFilePath();
                         if (!ResponseHelper.addFileToZip(idpMetadataFilePath, zos,
                                         Shibboleth3ConfService.SHIB3_IDP_IDP_METADATA_FILE)) {
                                 log.error("Failed to add " + idpMetadataFilePath + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
 
                         if (trustRelationship.getSpMetaDataFN() == null) {
                                 log.error("SpMetaDataFN is not set.");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
                         String spMetadataFilePath = shibboleth3ConfService
                                         .getSpMetadataFilePath(trustRelationship.getSpMetaDataFN());
                         if (!ResponseHelper.addFileToZip(spMetadataFilePath, zos,
                                         Shibboleth3ConfService.SHIB3_IDP_SP_METADATA_FILE)) {
                                 log.error("Failed to add " + spMetadataFilePath + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
                         String sslDirFN = appConfiguration.getShibboleth3IdpRootDir() + File.separator
                                         + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator;
                         String spKeyFilePath = sslDirFN + shibboleth3ConfService.getSpNewMetadataFileName(trustRelationship)
                                         .replaceFirst("\\.xml$", ".key");
                         if (!ResponseHelper.addFileToZip(spKeyFilePath, zos, Shibboleth3ConfService.SHIB3_IDP_SP_KEY_FILE)) {
                                 log.error("Failed to add " + spKeyFilePath + " to zip");
                                 // return OxTrustConstants.RESULT_FAILURE;
                         }
                         String spCertFilePath = sslDirFN + shibboleth3ConfService.getSpNewMetadataFileName(trustRelationship)
                                         .replaceFirst("\\.xml$", ".crt");
                         if (!ResponseHelper.addFileToZip(spCertFilePath, zos, Shibboleth3ConfService.SHIB3_IDP_SP_CERT_FILE)) {
                                 log.error("Failed to add " + spCertFilePath + " to zip");
                                 // return OxTrustConstants.RESULT_FAILURE;
                         }
 
                         String spAttributeMap = shibboleth3ConfService.generateSpAttributeMapFile(trustRelationship);
                         if (spAttributeMap == null) {
                                 log.error("spAttributeMap is not set.");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
                         if (!ResponseHelper.addFileContentToZip(spAttributeMap, zos,
                                         Shibboleth3ConfService.SHIB3_SP_ATTRIBUTE_MAP_FILE)) {
                                 log.error("Failed to add " + spAttributeMap + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
 
                         VelocityContext context = new VelocityContext();
 
                         context.put("spUrl", (trustRelationship.getUrl() != null ? trustRelationship.getUrl() : ""));
                         String gluuSPEntityId = trustRelationship.getEntityId();
                         context.put("gluuSPEntityId", gluuSPEntityId);
                         String spHost = (trustRelationship.getUrl() != null
                                         ? trustRelationship.getUrl().replaceAll(":[0-9]*$", "").replaceAll("^.*?//", "")
                                         : "");
                         context.put("spHost", spHost);
                         String idpUrl = (appConfiguration.getIdpUrl() != null ? appConfiguration.getIdpUrl() : "");
                         context.put("idpUrl", idpUrl);
                         String idpHost = idpUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", "");
                         context.put("idpHost", idpHost);
                         context.put("orgInum", StringHelper.removePunctuation(organizationService.getOrganizationInum()));
                         context.put("orgSupportEmail", appConfiguration.getOrgSupportEmail());
 
                         String spShibboleth3FilePath = shibboleth3ConfService.getSpShibboleth3FilePath();
                         String shibConfig = templateService.generateConfFile(Shibboleth3ConfService.SHIB3_SP_SHIBBOLETH2_FILE,
                                         context);
                         if (!ResponseHelper.addFileContentToZip(shibConfig, zos,
                                         Shibboleth3ConfService.SHIB3_SP_SHIBBOLETH2_FILE)) {
                                 log.error("Failed to add " + spShibboleth3FilePath + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
 
                         String spReadMeResourceName = shibboleth3ConfService.getSpReadMeResourceName();
                         String fileName = (new File(spReadMeResourceName)).getName();
                         // InputStream is = resourceLoader.getResourceAsStream(spReadMeResourceName);
                         // InputStream is =
                         // this.getClass().getClassLoader().getResourceAsStream(spReadMeResourceName);
                         InputStream is = FacesContext.getCurrentInstance().getExternalContext()
                                         .getResourceAsStream(spReadMeResourceName);
 
                         // InputStream is = getClass().getResourceAsStream(spReadMeResourceName);
 
                         if (!ResponseHelper.addResourceToZip(is, fileName, zos)) {
                                 log.error("Failed to add " + spReadMeResourceName + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
 
                         String spReadMeWindowsResourceName = shibboleth3ConfService.getSpReadMeWindowsResourceName();
                         fileName = (new File(spReadMeWindowsResourceName)).getName();
                         // is = resourceLoader.getResourceAsStream(spReadMeWindowsResourceName);
 
                         is = FacesContext.getCurrentInstance().getExternalContext()
                                         .getResourceAsStream(spReadMeWindowsResourceName);
 
                         if (!ResponseHelper.addResourceToZip(is, fileName, zos)) {
                                 log.error("Failed to add " + spReadMeWindowsResourceName + " to zip");
                                 return OxTrustConstants.RESULT_FAILURE;
                         }
 
                 } finally {
                         IOUtils.closeQuietly(zos);
                         IOUtils.closeQuietly(bos);
                 }
 
                 boolean result = ResponseHelper.downloadFile("shibboleth3-configuration.zip",
                                 OxTrustConstants.CONTENT_TYPE_APPLICATION_ZIP, bos.toByteArray(), FacesContext.getCurrentInstance());
 
                 return result ? OxTrustConstants.RESULT_SUCCESS : OxTrustConstants.RESULT_FAILURE;
         }

◆ filterEntities()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.filterEntities ( )

inline

                                      {
         filteredEntities = null;
         if (StringHelper.isNotEmpty(getFilterString())) {
             filteredEntities = new ArrayList<String>();
             for (String entity : trustService.getTrustContainerFederation(trustRelationship).getGluuEntityId()) {
                 if (entity.toLowerCase().contains(getFilterString().toLowerCase())) {
                     filteredEntities.add(entity);
                 }
             }
         }
         }

◆ generateSp()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.generateSp ( ) throws IOException

inline

                                                        {
                 FacesContext facesContext = FacesContext.getCurrentInstance();
                 try {
                         log.info(" generate sp ------------");
                         this.trustRelationship.setInum(trustService.generateInumForNewTrustRelationship());
 
                         String cert = getCertForGeneratedSP();
                         // boolean val = generateSpMetaDataFile(cert);
 
                         String spMetadataFileName = this.trustRelationship.getSpMetaDataFN();
 
                         if (StringHelper.isEmpty(spMetadataFileName)) {
                                 // Generate new file name
                                 spMetadataFileName = shibboleth3ConfService.getSpNewMetadataFileName(trustRelationship);
                                 trustRelationship.setSpMetaDataFN(spMetadataFileName);
                         }
 
                         String spMetadataFileContent = shibboleth3ConfService.generateSpMetadataFileContent(trustRelationship,
                                         cert);
 
                         // ServletContext ctx = (ServletContext)
                         // FacesContext.getCurrentInstance()
                         // .getExternalContext().getContext();
                         HttpServletResponse response = (HttpServletResponse) externalContext.getResponse();
                         // InputStream fis = new
                         // ByteArrayInputStream(spMetadataFileContent.getBytes(StandardCharsets.UTF_8));//ctx.getResourceAsStream("/WEB-INF/testfile.zip");
 
                         // Prepare the response
                         response.setContentType("application/xml");
                         response.setHeader("Content-Disposition", "attachment;filename=" + spMetadataFileName);
                         ServletOutputStream os = response.getOutputStream();
                         os.write(spMetadataFileContent.getBytes());
                         os.flush();
                         os.close();
                         facesContext.responseComplete();
                 } catch (IOException e) {
                         // TODO Auto-generated catch block
                         e.printStackTrace();
                 }
 
                 facesContext.responseComplete();
                 return true;
         }

◆ generateSpMetaDataFile()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.generateSpMetaDataFile ( String certificate )

inlineprivate

                                                                    {
                 boolean result = generateSpMetaDataFileImpl(certificate);
 
                 if (result) {
                         this.trustRelationship.setSpMetaDataSourceType(GluuMetadataSourceType.FILE);
                         facesMessages.add(FacesMessage.SEVERITY_WARN, "SP meta-data file generated.");
                 } else {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to generate SP meta-data file");
                         markAsInactive();
                 }
                 return result;
         }

◆ generateSpMetaDataFileImpl()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.generateSpMetaDataFileImpl ( String certificate )

inlineprivate

                                                                        {
                 String spMetadataFileName = trustRelationship.getSpMetaDataFN();
 
                 if (StringHelper.isEmpty(spMetadataFileName)) {
                         // Generate new file name
                         spMetadataFileName = shibboleth3ConfService.getSpNewMetadataFileName(this.trustRelationship);
                         trustRelationship.setSpMetaDataFN(spMetadataFileName);
                 }
 
                 return shibboleth3ConfService.generateSpMetadataFile(trustRelationship, certificate);
         }

◆ getActionName()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getActionName ( )

inlineprotected

                                          {
                 return "updateTrustRelationshipAction";
         }

◆ getAllActiveAttributes()

List<GluuAttribute> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getAllActiveAttributes ( )

inlineprivate

                                                              {
                 List<GluuAttribute> attributes = attributeService.getAllActivePersonAttributes(UserRole.ADMIN);
                 attributes.remove(attributeService.getAttributeByName("userPassword"));
                 return attributes;
         }

◆ getAllAttributes()

List<GluuAttribute> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getAllAttributes ( )

inlineprivate

                                                        {
                 List<GluuAttribute> attributes = attributeService.getAllPersonAttributes(UserRole.ADMIN);
                 return attributes;
         }

◆ getAllFederations()

ArrayList<SelectItem> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getAllFederations ( )

inline

                                                          {
                 ArrayList<SelectItem> result = new ArrayList<SelectItem>();
                 for (GluuSAMLTrustRelationship federation : trustService.getAllFederations()) {
                         result.add(new SelectItem(federation, federation.getDisplayName()));
                 }
                 return result;
         }

◆ getAllOtherFederations()

List<GluuSAMLTrustRelationship> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getAllOtherFederations ( String inum )

inline

                                                                                    {
                 return trustService.getAllOtherFederations(inum);
         }

◆ getAvailableEntities()

List<String> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getAvailableEntities ( )

inline

                                                    {
         GluuSAMLTrustRelationship containerFederation = trustService.getTrustContainerFederation(trustRelationship);
         if (containerFederation == null) {
             return null;
         } else {
             if (!containerFederation.getGluuEntityId().contains(trustRelationship.getEntityId())) {
                 trustRelationship.setEntityId(null);
                 availableEntities = null;
             }
         }
 
         if (availableEntities == null) {
             availableEntities = new ArrayList<String>();
             if (containerFederation != null) {
                 availableEntities.addAll(containerFederation.getGluuEntityId());
             }
 
         }
         availableEntitiesFiltered = new ArrayList<String>();
         availableEntitiesFiltered.addAll(availableEntities);
 
         if (filteredEntities != null) {
             availableEntitiesFiltered.retainAll(filteredEntities);
 
         }
 
         return availableEntitiesFiltered;
         }

◆ getCertForGeneratedSP()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getCertForGeneratedSP ( ) throws IOException

inline

If there is no certificate selected, or certificate is invalid - generates one.

著者: �Oleksiy Tataryn�

戻り値: certificate for generated SP

例外

IOException
CertificateEncodingException

                                                                  {
                 X509Certificate cert = null;
 
                 if ((certWrapper != null) && (certWrapper.getInputStream() != null)) {
                         try {
                                 cert = sslService.getPEMCertificate(certWrapper.getInputStream());
                         } catch (Exception e) {
                                 log.error(e.getMessage(), e);
                         }
                 }
 
                 if ((cert == null) && (trustRelationship.getUrl() != null)) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                         "Certificate were not provided, or was incorrect. Appliance will create a self-signed certificate.");
                         if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
                                 Security.addProvider(new BouncyCastleProvider());
                         }
 
                         try {
                                 KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", "BC");
                                 keyPairGen.initialize(2048);
                                 KeyPair pair = keyPairGen.generateKeyPair();
                                 StringWriter keyWriter = new StringWriter();
                                 PEMWriter pemFormatWriter = new PEMWriter(keyWriter);
                                 pemFormatWriter.writeObject(pair.getPrivate());
                                 pemFormatWriter.close();
 
                                 String url = trustRelationship.getUrl().replaceFirst(".*//", "");
 
                                 X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(
                                                 new X500Name("CN=" + url + ", OU=None, O=None L=None, C=None"),
                                                 BigInteger.valueOf(new SecureRandom().nextInt()),
                                                 new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
                                                 new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365 * 10)),
                                                 new X500Name("CN=" + url + ", OU=None, O=None L=None, C=None"), pair.getPublic());
 
                                 cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(v3CertGen
                                                 .build(new JcaContentSignerBuilder("MD5withRSA").setProvider("BC").build(pair.getPrivate())));
                                 org.apache.commons.codec.binary.Base64 encoder = new org.apache.commons.codec.binary.Base64(64);
                                 byte[] derCert = cert.getEncoded();
                                 String pemCertPre = new String(encoder.encode(derCert));
                                 log.debug(Shibboleth3ConfService.PUBLIC_CERTIFICATE_START_LINE);
                                 log.debug(pemCertPre);
                                 log.debug(Shibboleth3ConfService.PUBLIC_CERTIFICATE_END_LINE);
 
                                 shibboleth3ConfService.saveCert(trustRelationship, pemCertPre);
                                 shibboleth3ConfService.saveKey(trustRelationship, keyWriter.toString());
 
                         } catch (Exception e) {
                                 e.printStackTrace();
                         }
 
                         // String certName = appConfiguration.getCertDir() + File.separator +
                         // StringHelper.removePunctuation(appConfiguration.getOrgInum())
                         // + "-shib.crt";
                         // File certFile = new File(certName);
                         // if (certFile.exists()) {
                         // cert = SSLService.instance().getPEMCertificate(certName);
                         // }
                 }
 
                 String certificate = null;
 
                 if (cert != null) {
 
                         try {
 
                                 certificate = new String(Base64.encode(cert.getEncoded()));
 
                                 log.info("##### certificate = " + certificate);
 
                         } catch (CertificateEncodingException e) {
                                 certificate = null;
                                 facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                                 "Failed to encode provided certificate. Please notify Gluu support about this.");
                                 log.error("Failed to encode certificate to DER", e);
                         }
 
                 } else {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                         "Certificate were not provided, or was incorrect. Appliance will create a self-signed certificate.");
                 }
 
                 return certificate;
         }

◆ getCertWrapper()

Part org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getCertWrapper ( )

inline

                                      {
                 return certWrapper;
         }

◆ getContainerFederation()

SelectItem org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getContainerFederation ( )

inline

                                                    {
             GluuSAMLTrustRelationship containerFederation = trustService.getTrustContainerFederation(trustRelationship);
         return new SelectItem(containerFederation,
                 containerFederation == null ? "Select Federation" : containerFederation .getDisplayName());
         }

◆ getCurrentCustomAttributes()

List<GluuCustomAttribute> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getCurrentCustomAttributes ( )

inlineprivate

                                                                        {
                 List<GluuCustomAttribute> result = new ArrayList<GluuCustomAttribute>();
                 if (selectedTR == null || selectedTR.equals(trustRelationship.getInum())) {
                         result = this.trustRelationship.getReleasedCustomAttributes();
                 } else {
                         for (GluuSAMLTrustRelationship trust : federatedSites) {
                                 if (selectedTR.equals(trust.getInum())) {
                                         result = trust.getReleasedCustomAttributes();
                                         break;
                                 }
                         }
                 }
 
                 return result;
         }

◆ getEntityTypeList()

GluuEntityType [] org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getEntityTypeList ( )

inline

                                                     {
                 return GluuEntityType.values();
         }

◆ getEventQueue()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getEventQueue ( )

inlineprotected

                                          {
                 return "trustQueue";
         }

◆ getFederatedSites()

List<GluuSAMLTrustRelationship> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getFederatedSites ( )

inline

                                                                    {
                 return federatedSites;
         }

◆ getFileWrapper()

Part org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getFileWrapper ( )

inline

                                      {
                 return fileWrapper;
         }

◆ getFilterString()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getFilterString ( )

inline

                                         {
                 return this.filterString;
         }

◆ getInum()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getInum ( )

inline

                                 {
                 return inum;
         }

◆ getMetadata()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getMetadata ( ) throws IOException

inline

                                                        {
                 if (trustRelationship == null) {
                         // return ;
                         return null;
                 }
 
                 String filename = trustRelationship.getSpMetaDataFN();
                 File metadataFile = null;
                 if (!StringUtils.isEmpty(filename)) {
                         metadataFile = new File(shibboleth3ConfService.getSpMetadataFilePath(filename));
 
                         if (metadataFile.exists()) {
                                 // metadata = FileUtils.readFileToString(metadataFile);
                                 // return;
                                 return FileUtils.readFileToString(metadataFile);
                         }
                 }
 
                 // return;
                 return null;
         }

◆ getMetadataSourceTypesList()

List<GluuMetadataSourceType> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getMetadataSourceTypesList ( )

inline

                                                                          {
                 List<GluuMetadataSourceType> metadataSourceTypesList = (Arrays.asList(GluuMetadataSourceType.values()));
                 if (GluuEntityType.FederationAggregate.equals(trustRelationship.getEntityType())) {
                         List<GluuMetadataSourceType> GluuMetadataSourceTypeSubList = new ArrayList<GluuMetadataSourceType>();
                         for (GluuMetadataSourceType enumType : GluuMetadataSourceType.values()) {
                                 if (!GluuMetadataSourceType.GENERATE.equals(enumType)
                                                 && !GluuMetadataSourceType.FEDERATION.equals(enumType)) {
                                         GluuMetadataSourceTypeSubList.add(enumType);
                                 }
                         }
                         return GluuMetadataSourceTypeSubList;
                 } else {
                         return metadataSourceTypesList;
                 }
 
         }

◆ getSAML1URI()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getSAML1URI ( GluuAttribute attribute )

inline

                                                            {
                 if (StringHelper.isNotEmpty(attribute.getSaml1Uri())) {
                         return "SAML1 URI: " + attribute.getSaml1Uri();
                 }
                 String namespace = "";
                 if (attribute.isCustom() || StringHelper.isEmpty(attribute.getUrn())
                                 || (!StringHelper.isEmpty(attribute.getUrn())
                                                 && attribute.getUrn().startsWith("urn:gluu:dir:attribute-def:"))) {
                         namespace = "gluu";
                 } else {
                         namespace = "mace";
                 }
 
                 return "SAML1 URI: urn:" + namespace + ":dir:attribute-def:" + attribute.getName();
         }

◆ getSAML2URI()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getSAML2URI ( GluuAttribute attribute )

inline

                                                            {
                 if (StringHelper.isNotEmpty(attribute.getSaml2Uri())) {
                         return "SAML1 URI: " + attribute.getSaml2Uri();
                 }
                 List<String> attributeNames = new ArrayList<String>();
                 attributeNames.add(attribute.getName());
                 SchemaEntry schemaEntry = shemaService.getSchema();
                 List<AttributeTypeDefinition> attributeTypes = shemaService.getAttributeTypeDefinitions(schemaEntry,
                                 attributeNames);
                 String attributeName = attribute.getName();
 
                 AttributeTypeDefinition attributeTypeDefinition = shemaService.getAttributeTypeDefinition(attributeTypes,
                                 attributeName);
                 if (attributeTypeDefinition == null) {
                         log.error("Failed to get OID for attribute name {}", attributeName);
                         return null;
                 }
 
                 return "SAML2 URI: urn:oid:" + attributeTypeDefinition.getOID();
         }

◆ getSelectedEntities()

String [] org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getSelectedEntities ( )

inline

                                               {
                 if (isUpdate() && this.trustRelationship.getGluuEntityId() != null) {
                         return this.trustRelationship.getGluuEntityId().toArray(new String[0]);
                 } else {
                         return new String[0];
                 }
 
         }

◆ getTrustContainerFederation()

GluuSAMLTrustRelationship org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getTrustContainerFederation ( String inum )

inline

                                                                                   {
                 return trustService.getTrustContainerFederation(this.trustRelationship.getGluuContainerFederation());
         }

◆ getTrustRelationship()

GluuSAMLTrustRelationship org.gluu.oxtrust.action.UpdateTrustRelationshipAction.getTrustRelationship ( )

inline

                                                                 {
                 return trustRelationship;
         }

◆ initActions()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.initActions ( )

inlineprivate

                                       {
                 initAttributes(this.trustRelationship);
 
                 String resultInitContacts = trustContactsAction.initContacts(this.trustRelationship);
                 if (!StringHelper.equalsIgnoreCase(OxTrustConstants.RESULT_SUCCESS, resultInitContacts)) {
                         return false;
                 }
 
                 String resultInitMetadataFilters = metadataFiltersAction.initMetadataFilters(this.trustRelationship);
                 if (!StringHelper.equalsIgnoreCase(OxTrustConstants.RESULT_SUCCESS, resultInitMetadataFilters)) {
                         return false;
                 }
 
                 String resultInitProfileConfigurations = relyingPartyAction.initProfileConfigurations();
                 if (!StringHelper.equalsIgnoreCase(OxTrustConstants.RESULT_SUCCESS, resultInitProfileConfigurations)) {
                         return false;
                 }
 
                 String resultInitFederationDeconstructions = federationDeconstructionAction
                                 .initFederationDeconstructions(this.trustRelationship);
                 if (!StringHelper.equalsIgnoreCase(OxTrustConstants.RESULT_SUCCESS, resultInitFederationDeconstructions)) {
                         return false;
                 }
 
                 initFederatedSites(this.trustRelationship);
 
                 return true;
         }

◆ initAttributes()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.initAttributes ( GluuSAMLTrustRelationship trust )

inlineprivate

                                                                      {
                 List<GluuAttribute> attributes = getAllActiveAttributes();
                 List<String> origins = attributeService.getAllAttributeOrigins(attributes);
 
                 initTrustRelationship(trust, attributes);
 
                 customAttributeAction.initCustomAttributes(attributes, trust.getReleasedCustomAttributes(), origins,
                                 appConfiguration.getPersonObjectClassTypes(), appConfiguration.getPersonObjectClassDisplayNames());
         }

◆ initFederatedSites()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.initFederatedSites ( GluuSAMLTrustRelationship trustRelationship )

inlineprivate

                                                                                      {
                 List<GluuAttribute> attributes = getAllAttributes();
 
                 this.federatedSites = new ArrayList<GluuSAMLTrustRelationship>();
                 for (GluuSAMLTrustRelationship deconstructedTrustRelationship : trustService
                                 .getDeconstructedTrustRelationships(trustRelationship)) {
                         initTrustRelationship(deconstructedTrustRelationship, attributes);
                         this.federatedSites.add(deconstructedTrustRelationship);
                 }
         }

◆ initTrustRelationship()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.initTrustRelationship	(	GluuSAMLTrustRelationship	trust,
		List< GluuAttribute >	attributes
	)

inline

                                                                                                            {
                 HashMap<String, GluuAttribute> attributesByDNs = attributeService.getAttributeMapByDNs(attributes);
                 List<GluuCustomAttribute> customAttributes = attributeService
                                 .getCustomAttributesByAttributeDNs(trust.getReleasedAttributes(), attributesByDNs);
                 boolean empty = (customAttributes == null) || customAttributes.isEmpty();
                 if (empty) {
                         customAttributes = new ArrayList<GluuCustomAttribute>();
                 }
 
                 trust.setReleasedCustomAttributes(customAttributes);
         }

◆ isActive()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.isActive ( )

inline

                                   {
                 return GluuStatus.ACTIVE.equals(trustRelationship.getStatus());
         }

◆ isUpdate()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.isUpdate ( )

inline

                                   {
                 return update;
         }

◆ markAsInactive()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.markAsInactive ( )

inlineprivate

                                       {
                 // Mark this configuration as not active because we don't have correct
                 // files in meta-data folder
                 if (update) {
                         try {
                                 GluuSAMLTrustRelationship tmpTrustRelationship = trustService
                                                 .getRelationshipByInum(this.trustRelationship.getInum());
                                 tmpTrustRelationship.setStatus(GluuStatus.INACTIVE);
                                 saveTR(update);
                         } catch (BasePersistenceException ex) {
                                 log.error("Failed to update trust relationship {}", inum, ex);
                         }
                 } else {
                         // Remove file name to generate new one during new save attempt.
                         // Cover case when somebody else added new one simultaneously
                         this.trustRelationship.setSpMetaDataFN(null);
                         this.trustRelationship.setInum(null);
                 }
         }

◆ newThreadSaveSpMetaDataFileSourceTypeURI()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.newThreadSaveSpMetaDataFileSourceTypeURI ( )

inline

                                                                {
                 try {
                         boolean result = saveSpMetaDataFileSourceTypeURI();
                         log.info("Download metadata for TR " + getTrustRelationship().getDisplayName() + "  : result   :  "
                                         + result);
                 } catch (IOException ex) {
                         log.error("Failed to Download metadata for TR   :" + getTrustRelationship().getDisplayName(), ex);
                 }
         }

◆ save()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.save ( )

inline

                              {
                 boolean currentUpdate = update;
                 String outcome = saveImpl();
 
                 if (currentUpdate) {
                         if (OxTrustConstants.RESULT_SUCCESS.equals(outcome)) {
                                 facesMessages.add(FacesMessage.SEVERITY_INFO,
                                                 "Relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}' updateted successfully'");
                         } else if (OxTrustConstants.RESULT_FAILURE.equals(outcome)) {
                                 facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                                 "Failed to update relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}'");
                         }
                 } else {
                         if (OxTrustConstants.RESULT_SUCCESS.equals(outcome)) {
                                 facesMessages.add(FacesMessage.SEVERITY_INFO,
                                                 "Relationship '#{updateTrustRelationshipAction.trustRelationship.displayName}' added successfully");
                                 conversationService.endConversation();
                         } else if (OxTrustConstants.RESULT_FAILURE.equals(outcome)) {
                                 facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to add new relationship");
                         }
                 }
 
                 return outcome;
         }

◆ saveImpl()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.saveImpl ( )

inline

                                  {
                 synchronized (svnSyncTimer) {
                         if (StringHelper.isEmpty(this.trustRelationship.getInum())) {
                                 this.inum = trustService.generateInumForNewTrustRelationship();
                                 this.trustRelationship.setInum(this.inum);
                         } else {
                                 this.inum = this.trustRelationship.getInum();
                                 if (this.trustRelationship.getSpMetaDataFN() == null)
                                         update = true;
                         }
 
                         boolean updateShib3Configuration = appConfiguration.isConfigGeneration();
                         oxTrustAuditService.audit("updateShib3Configuration:" + updateShib3Configuration);
                         oxTrustAuditService.audit("SpMetaDataSourceType:" + trustRelationship.getSpMetaDataSourceType());
                         switch (trustRelationship.getSpMetaDataSourceType()) {
                         case GENERATE:
                                 try {
                                         String certificate = getCertForGeneratedSP();
                                         GluuStatus status = StringHelper.isNotEmpty(certificate) ? GluuStatus.ACTIVE : GluuStatus.INACTIVE;
                                         this.trustRelationship.setStatus(status);
                                         if (generateSpMetaDataFile(certificate)) {
                                                 setEntityId();
                                         } else {
                                                 log.error("Failed to generate SP meta-data file");
                                                 return OxTrustConstants.RESULT_FAILURE;
                                         }
                                 } catch (IOException ex) {
                                         log.error("Failed to download SP certificate", ex);
                                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to download SP certificate");
 
                                         return OxTrustConstants.RESULT_FAILURE;
                                 }
 
                                 break;
                         case FILE:
                                 try {
                                         if (saveSpMetaDataFileSourceTypeFile()) {
                                                 // update = true;
                                                 updateSpMetaDataCert(certWrapper);
                                                 // setEntityId();
                                                 if (!update) {
                                                         this.trustRelationship.setStatus(GluuStatus.ACTIVE);
                                                 }
                                         } else {
                                                 log.error("Failed to save SP meta-data file {}", fileWrapper);
                                                 return OxTrustConstants.RESULT_FAILURE;
                                         }
                                 } catch (IOException ex) {
                                         log.error("Failed to download SP metadata", ex);
                                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to download SP metadata");
 
                                         return OxTrustConstants.RESULT_FAILURE;
                                 }
 
                                 break;
                         case URI:
                                 try {
                                         // if (saveSpMetaDataFileSourceTypeURI()) {
                                         // setEntityId();
                                         boolean result = shibboleth3ConfService.existsResourceUri(trustRelationship.getSpMetaDataURL());
                                         if (result) {
                                                 newThreadSaveSpMetaDataFileSourceTypeURI();
                                         } else {
                                                 log.info("There is no resource found Uri : {}", trustRelationship.getSpMetaDataURL());
                                         }
                                         if (!update) {
                                                 this.trustRelationship.setStatus(GluuStatus.ACTIVE);
                                         }
                                         /*
                                          * } else { log.error("Failed to save SP meta-data file {}", fileWrapper);
                                          * return OxTrustConstants.RESULT_FAILURE; }
                                          */
                                 } catch (Exception e) {
                                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Unable to download metadata");
                                         return "unable_download_metadata";
                                 }
                                 break;
                         case FEDERATION:
                                 if (!update) {
                                         this.trustRelationship.setStatus(GluuStatus.ACTIVE);
                                 }
                                 if (this.trustRelationship.getEntityId() == null) {
                                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "EntityID must be set to a value");
                                         return "invalid_entity_id";
                                 }
 
                                 break;
                         default:
 
                                 break;
                         }
 
                         trustService.updateReleasedAttributes(this.trustRelationship);
 
                         // We call it from TR validation timer
                         if (trustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.GENERATE)
                                         || (trustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.FEDERATION))) {
                                 boolean federation = shibboleth3ConfService.isFederation(this.trustRelationship);
                                 this.trustRelationship.setFederation(federation);
                         }
 
                         trustContactsAction.saveContacts();
 
                         if (update) {
                                 try {
                                         saveTR(update);
                                 } catch (BasePersistenceException ex) {
                                         log.error("Failed to update trust relationship {}", inum, ex);
                                         return OxTrustConstants.RESULT_FAILURE;
                                 }
                         } else {
                                 String dn = trustService.getDnForTrustRelationShip(this.inum);
                                 // Save trustRelationship
                                 this.trustRelationship.setDn(dn);
                                 try {
                                         saveTR(update);
                                 } catch (BasePersistenceException ex) {
                                         log.error("Failed to add new trust relationship {}", this.trustRelationship.getInum(), ex);
                                         return OxTrustConstants.RESULT_FAILURE;
                                 }
 
                                 this.update = true;
                         }
 
                         if (updateShib3Configuration) {
                                 List<GluuSAMLTrustRelationship> trustRelationships = trustService.getAllActiveTrustRelationships();
                                 updateShibboleth3Configuration(trustRelationships);
                         }
                 }
 
                 return OxTrustConstants.RESULT_SUCCESS;
         }

◆ saveSpMetaDataFileSourceTypeFile()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.saveSpMetaDataFileSourceTypeFile ( ) throws IOException

inlineprivate

                                                                               {
                 log.trace("Saving metadata file source type: File");
                 String spMetadataFileName = trustRelationship.getSpMetaDataFN();
                 boolean emptySpMetadataFileName = StringHelper.isEmpty(spMetadataFileName);
 
                 if ((fileWrapper == null) || (fileWrapper.getInputStream() == null)) {
                         if (emptySpMetadataFileName) {
                                 return false;
                         }
 
                         // Admin doesn't provide new file. Check if we already has this file
                         String filePath = shibboleth3ConfService.getSpMetadataFilePath(spMetadataFileName);
                         if (filePath == null) {
                                 return false;
                         }
 
                         File file = new File(filePath);
                         if (!file.exists()) {
                                 return false;
                         }
 
                         // File already exist
                         return true;
                 }
 
                 if (emptySpMetadataFileName) {
                         // Generate new file name
                         spMetadataFileName = shibboleth3ConfService.getSpNewMetadataFileName(this.trustRelationship);
                         this.trustRelationship.setSpMetaDataFN(spMetadataFileName);
                         if (trustRelationship.getDn() == null) {
                                 String dn = trustService.getDnForTrustRelationShip(this.inum);
                                 this.trustRelationship.setDn(dn);
                                 trustService.addTrustRelationship(this.trustRelationship);
                         } else {
                                 trustService.updateTrustRelationship(this.trustRelationship);
                         }
                 }
                 String result = shibboleth3ConfService.saveSpMetadataFile(spMetadataFileName, fileWrapper.getInputStream());
                 if (StringHelper.isNotEmpty(result)) {
                         metadataValidationTimer.queue(result);
                 } else {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR,
                                         "Failed to save SP meta-data file. Please check if you provide correct file");
                 }
 
                 return StringHelper.isNotEmpty(result);
 
         }

◆ saveSpMetaDataFileSourceTypeURI()

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.saveSpMetaDataFileSourceTypeURI ( ) throws IOException

inline

                                                                             {
                 String spMetadataFileName = trustRelationship.getSpMetaDataFN();
                 boolean emptySpMetadataFileName = StringHelper.isEmpty(spMetadataFileName);
 
                 if (emptySpMetadataFileName) {
                         // Generate new file name
                         spMetadataFileName = shibboleth3ConfService.getSpNewMetadataFileName(this.trustRelationship);
                 }
 
                 String result = shibboleth3ConfService.saveSpMetadataFile(trustRelationship.getSpMetaDataURL(),
                                 spMetadataFileName);
                 if (StringHelper.isNotEmpty(result)) {
                         metadataValidationTimer.queue(result);
                 } else {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to download metadata");
                 }
 
                 return StringHelper.isNotEmpty(result);
         }

◆ saveTR()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.saveTR ( boolean isUpdate )

inlineprivate

                                               {
                 log.trace("Saving Trust Relationship");
                 if (isUpdate) {
                         String oldLogoutRedirectUri = trustService.getRelationshipByDn(trustRelationship.getDn()).getSpLogoutURL();
                         String newLogoutRedirectUri = trustRelationship.getSpLogoutURL();
                         boolean oxClientUpdateNeeded = (oldLogoutRedirectUri != null) && (newLogoutRedirectUri != null)
                                         && !newLogoutRedirectUri.equals(oldLogoutRedirectUri);
 
                         boolean parentInactive = trustRelationship.getStatus().equals(GluuStatus.INACTIVE);
                         if (!federatedSites.isEmpty()) {
                                 for (GluuSAMLTrustRelationship trust : federatedSites) {
                                         if (parentInactive) {
                                                 trust.setStatus(GluuStatus.INACTIVE);
                                         }
                                         trustService.updateReleasedAttributes(trust);
                                         trustService.updateTrustRelationship(trust);
                                         svnSyncTimer.updateTrustRelationship(trust, identity.getCredentials().getUsername());
                                 }
                         }
                         trustService.updateTrustRelationship(this.trustRelationship);
                         oxTrustAuditService.audit(
                                         "TR " + this.trustRelationship.getInum() + " **" + this.trustRelationship.getDisplayName()
                                                         + "** UPDATED",
                                         identity.getUser(),
                                         (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest());
 
                         if (oxClientUpdateNeeded) {
                                 OxAuthClient client = clientService.getClientByInum(appConfiguration.getOxAuthClientId());
                                 Set<String> updatedLogoutRedirectUris = new HashSet<String>();
                                 List<GluuSAMLTrustRelationship> trs = trustService.getAllTrustRelationships();
                                 if (trs != null && !trs.isEmpty()) {
                                         for (GluuSAMLTrustRelationship tr : trs) {
                                                 String logoutRedirectUri = tr.getSpLogoutURL();
                                                 if (logoutRedirectUri != null && !logoutRedirectUri.isEmpty()) {
                                                         updatedLogoutRedirectUris.add(logoutRedirectUri);
                                                 }
                                         }
 
                                 }
                                 if (updatedLogoutRedirectUris.isEmpty()) {
                                         client.setPostLogoutRedirectUris(null);
                                 } else {
                                         client.setPostLogoutRedirectUris(updatedLogoutRedirectUris.toArray(new String[0]));
                                 }
                                 clientService.updateClient(client);
 
                         }
 
                         svnSyncTimer.updateTrustRelationship(this.trustRelationship, identity.getCredentials().getUsername());
                 } else {
                         trustService.addTrustRelationship(this.trustRelationship);
                         oxTrustAuditService.audit(
                                         "TR " + this.trustRelationship.getInum() + " **" + this.trustRelationship.getDisplayName()
                                                         + "** ADDED",
                                         identity.getUser(),
                                         (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest());
                         svnSyncTimer.addTrustRelationship(this.trustRelationship, identity.getCredentials().getUsername());
                 }
 
         }

◆ setAvailableEntities()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setAvailableEntities ( List< String > availableEntities )

inline

                                                                          {
                 this.availableEntities.removeAll(availableEntitiesFiltered);
                 this.availableEntities.addAll(availableEntities);
         }

◆ setCertWrapper()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setCertWrapper ( Part certWrapper )

inline

                                                      {
                 this.certWrapper = certWrapper;
         }

◆ setContainerFederation()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setContainerFederation ( SelectItem federation )

inline

                                                                   {
                 this.trustRelationship.setGluuContainerFederation(((GluuSAMLTrustRelationship) federation.getValue()).getDn());
         }

◆ setEntityId()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setEntityId ( )

inlineprivate

Sets entityId according to metadatafile. Works for all TR which have own metadata file.

著者: �Oleksiy Tataryn�

                                    {
 
                 String idpMetadataFolder = appConfiguration.getShibboleth3IdpRootDir() + File.separator
                                 + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator;
                 File metadataFile = new File(idpMetadataFolder + trustRelationship.getSpMetaDataFN());
 
                 List<String> entityIdList = SAMLMetadataParser.getEntityIdFromMetadataFile(metadataFile);
                 Set<String> entityIdSet = new TreeSet<String>();
 
                 if (entityIdList != null && !entityIdList.isEmpty()) {
                         Set<String> duplicatesSet = new TreeSet<String>();
                         for (String entityId : entityIdList) {
                                 if (!entityIdSet.add(entityId)) {
                                         duplicatesSet.add(entityId);
                                 }
                         }
                 }
 
                 this.trustRelationship.setGluuEntityId(entityIdSet);
         }

◆ setFileWrapper()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setFileWrapper ( Part fileWrapper )

inline

                                                      {
                 this.fileWrapper = fileWrapper;
         }

◆ setFilterString()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setFilterString ( String filterString )

inline

                                                          {
                 this.filterString = filterString;
         }

◆ setInum()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setInum ( String inum )

inline

                                          {
                 this.inum = inum;
         }

◆ setSelectedEntities()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setSelectedEntities ( String [] entities )

inline

                                                            {
                 if (entities != null && entities.length > 0) {
                         this.trustRelationship.setEntityId(entities[0]);
                 }
         }

◆ setSelectedTR()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.setSelectedTR ( String trust )

inline

                                                 {
                 this.selectedTR = trust;
                 customAttributeAction.refreshCustomAttributes(getCurrentCustomAttributes());
         }

◆ update()

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.update ( )

inline

                                {
                 if (this.trustRelationship != null) {
                         return OxTrustConstants.RESULT_SUCCESS;
                 }
 
                 this.update = true;
                 try {
                         this.trustRelationship = trustService.getRelationshipByInum(inum);
                 } catch (BasePersistenceException ex) {
                         log.error("Failed to find trust relationship {}", inum, ex);
                 }
 
                 if (this.trustRelationship == null) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update relationship");
                         conversationService.endConversation();
 
                         return OxTrustConstants.RESULT_FAILURE;
                 }
 
                 // this.fileWrapper.setFileName(this.trustRelationship.getSpMetaDataFN());
 
                 boolean initActionsResult = initActions();
                 if (!initActionsResult) {
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update relationship");
                         conversationService.endConversation();
 
                         return OxTrustConstants.RESULT_FAILURE;
                 }
 
                 return OxTrustConstants.RESULT_SUCCESS;
         }

◆ updateShibboleth3Configuration()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.updateShibboleth3Configuration ( List< GluuSAMLTrustRelationship > trustRelationships )

inlineprivate

                                                                                                         {
 
                 if (!shibboleth3ConfService.generateConfigurationFiles(trustRelationships)) {
 
                         log.error("Failed to update Shibboleth v3 configuration");
                         facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update Shibboleth v3 configuration");
 
                 } else {
 
                         log.info("Shibboleth v3 configuration updated successfully");
                         facesMessages.add(FacesMessage.SEVERITY_INFO, "Shibboleth v3 configuration updated successfully");
                         facesMessages.add(FacesMessage.SEVERITY_WARN,
                                         "Please note it may take several minutes before new settings are actually loaded and applied by Shibboleth module!");
                 }
         }

◆ updateSpMetaDataCert()

void org.gluu.oxtrust.action.UpdateTrustRelationshipAction.updateSpMetaDataCert ( Part certWrapper ) throws IOException

inlineprivate

                                                                                {
                 if ((certWrapper == null) || (certWrapper.getInputStream() == null)) {
                         return;
                 }
 
                 String certificate = shibboleth3ConfService.getPublicCertificate(certWrapper.getInputStream());
                 if (certificate == null) {
                         return;
                 }
                 // This regex defines certificate enclosed in X509Certificate tags
                 // regardless of namespace(as long as it is not more then 9 characters)
                 String certRegEx = "(?ms)(?<=<[^</>]{0,10}X509Certificate>).*(?=</[^</>]{0,10}?X509Certificate>)";
                 try {
                         shibboleth3ConfService.saveCert(trustRelationship, certificate);
                         shibboleth3ConfService.saveKey(trustRelationship, null);
 
                         String metadataFileName = this.trustRelationship.getSpMetaDataFN();
                         File metadataFile = new File(shibboleth3ConfService.getSpMetadataFilePath(metadataFileName));
                         String metadata = FileUtils.readFileToString(metadataFile);
                         String updatedMetadata = metadata.replaceFirst(certRegEx, certificate);
                         FileUtils.writeStringToFile(metadataFile, updatedMetadata);
                         this.trustRelationship.setStatus(GluuStatus.ACTIVE);
                 } catch (Exception e) {
                         log.error("Failed to update certificate", e);
                 }
 
         }

メンバ詳解

◆ appConfiguration

AppConfiguration org.gluu.oxtrust.action.UpdateTrustRelationshipAction.appConfiguration

private

◆ attributeService

AttributeService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.attributeService

private

◆ availableEntities

List<String> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.availableEntities

private

◆ availableEntitiesFiltered

List<String> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.availableEntitiesFiltered

private

◆ certWrapper

Part org.gluu.oxtrust.action.UpdateTrustRelationshipAction.certWrapper

private

◆ clientService

ClientService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.clientService

private

◆ conversationService

ConversationService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.conversationService

private

◆ customAttributeAction

CustomAttributeAction org.gluu.oxtrust.action.UpdateTrustRelationshipAction.customAttributeAction

private

◆ externalContext

transient ExternalContext org.gluu.oxtrust.action.UpdateTrustRelationshipAction.externalContext

private

◆ facesMessages

FacesMessages org.gluu.oxtrust.action.UpdateTrustRelationshipAction.facesMessages

private

◆ federatedSites

List<GluuSAMLTrustRelationship> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.federatedSites

private

◆ federationDeconstructionAction

FederationDeconstructionAction org.gluu.oxtrust.action.UpdateTrustRelationshipAction.federationDeconstructionAction

private

◆ fileWrapper

Part org.gluu.oxtrust.action.UpdateTrustRelationshipAction.fileWrapper

private

◆ filteredEntities

List<String> org.gluu.oxtrust.action.UpdateTrustRelationshipAction.filteredEntities

private

◆ filterString

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.filterString

private

◆ identity

Identity org.gluu.oxtrust.action.UpdateTrustRelationshipAction.identity

private

◆ inum

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.inum

private

◆ log

Logger org.gluu.oxtrust.action.UpdateTrustRelationshipAction.log

private

◆ metadataFiltersAction

MetadataFiltersAction org.gluu.oxtrust.action.UpdateTrustRelationshipAction.metadataFiltersAction

private

◆ metadataValidationTimer

MetadataValidationTimer org.gluu.oxtrust.action.UpdateTrustRelationshipAction.metadataValidationTimer

private

◆ NO_PARAM_SIGNATURE

final Class<?> [] org.gluu.oxtrust.action.UpdateTrustRelationshipAction.NO_PARAM_SIGNATURE = new Class[0]

staticpackage

◆ organizationService

OrganizationService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.organizationService

private

◆ oxTrustAuditService

OxTrustAuditService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.oxTrustAuditService

private

◆ relyingPartyAction

RelyingPartyAction org.gluu.oxtrust.action.UpdateTrustRelationshipAction.relyingPartyAction

private

◆ selectedTR

String org.gluu.oxtrust.action.UpdateTrustRelationshipAction.selectedTR

private

◆ serialVersionUID

final long org.gluu.oxtrust.action.UpdateTrustRelationshipAction.serialVersionUID = -1032167044333943680L

staticprivate

◆ shemaService

SchemaService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.shemaService

private

◆ shibboleth3ConfService

Shibboleth3ConfService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.shibboleth3ConfService

private

◆ sslService

SSLService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.sslService

private

◆ svnSyncTimer

SvnSyncTimer org.gluu.oxtrust.action.UpdateTrustRelationshipAction.svnSyncTimer

private

◆ templateService

TemplateService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.templateService

private

◆ trustContactsAction

TrustContactsAction org.gluu.oxtrust.action.UpdateTrustRelationshipAction.trustContactsAction

private

◆ trustRelationship

GluuSAMLTrustRelationship org.gluu.oxtrust.action.UpdateTrustRelationshipAction.trustRelationship

private

◆ trustService

TrustService org.gluu.oxtrust.action.UpdateTrustRelationshipAction.trustService

private

◆ update

boolean org.gluu.oxtrust.action.UpdateTrustRelationshipAction.update

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxTrust/server/src/main/java/org/gluu/oxtrust/action/UpdateTrustRelationshipAction.java

公開メンバ関数

限定公開メンバ関数

静的変数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

関数詳解

◆ activationToggle()

◆ add()

◆ allowAccessAttribute()

◆ allowEditAttribute()

◆ cancel()

◆ delete()

◆ downloadConfiguration()

◆ downloadConfigurationImpl()

◆ filterEntities()

◆ generateSp()

◆ generateSpMetaDataFile()

◆ generateSpMetaDataFileImpl()

◆ getActionName()

◆ getAllActiveAttributes()

◆ getAllAttributes()

◆ getAllFederations()

◆ getAllOtherFederations()

◆ getAvailableEntities()

◆ getCertForGeneratedSP()

◆ getCertWrapper()

◆ getContainerFederation()

◆ getCurrentCustomAttributes()

◆ getEntityTypeList()

◆ getEventQueue()

◆ getFederatedSites()

◆ getFileWrapper()

◆ getFilterString()

◆ getInum()

◆ getMetadata()

◆ getMetadataSourceTypesList()

◆ getSAML1URI()

◆ getSAML2URI()

◆ getSelectedEntities()

◆ getTrustContainerFederation()

◆ getTrustRelationship()

◆ initActions()

◆ initAttributes()

◆ initFederatedSites()

◆ initTrustRelationship()

◆ isActive()

◆ isUpdate()

◆ markAsInactive()

◆ newThreadSaveSpMetaDataFileSourceTypeURI()

◆ save()

◆ saveImpl()

◆ saveSpMetaDataFileSourceTypeFile()

◆ saveSpMetaDataFileSourceTypeURI()

◆ saveTR()

◆ setAvailableEntities()

◆ setCertWrapper()

◆ setContainerFederation()

◆ setEntityId()

◆ setFileWrapper()

◆ setFilterString()

◆ setInum()

◆ setSelectedEntities()

◆ setSelectedTR()

◆ update()

◆ updateShibboleth3Configuration()

◆ updateSpMetaDataCert()

メンバ詳解

◆ appConfiguration

◆ attributeService

◆ availableEntities

◆ availableEntitiesFiltered

◆ certWrapper

◆ clientService

◆ conversationService

◆ customAttributeAction

◆ externalContext

◆ facesMessages

◆ federatedSites