gluu
公開メンバ関数 | 静的公開変数類 | 非公開メンバ関数 | 非公開変数類 | 静的非公開変数類 | 全メンバ一覧
org.gluu.oxtrust.ldap.service.FilterService クラス
org.gluu.oxtrust.ldap.service.FilterService の継承関係図
Inheritance graph
org.gluu.oxtrust.ldap.service.FilterService 連携図
Collaboration graph

公開メンバ関数

List< MetadataFiltergetAvailableMetadataFilters ()
 
List< MetadataFiltergetMetadataFiltersForTrustRelationship (GluuSAMLTrustRelationship trustRelationship)
 
void updateFilter (GluuSAMLTrustRelationship trustRelationship, MetadataFilter metadataFilterSelected)
 
boolean isMetadataFilterPresent (GluuSAMLTrustRelationship trustRelationship, MetadataFilter filter)
 
List< MetadataFiltergetFiltersList (GluuSAMLTrustRelationship trustRelationship)
 
void removeFilter (GluuSAMLTrustRelationship trustRelationship, MetadataFilter filter)
 
void saveFilters (GluuSAMLTrustRelationship trustRelationship, FileUploadWrapper filterCertWrapper)
 
void parseFilters (GluuSAMLTrustRelationship trustRelationship) throws SAXException, IOException, ParserConfigurationException, FactoryConfigurationError, XPathExpressionException
 
String saveFilterCert (String filterCertFileName, InputStream input)
 

静的公開変数類

static final String VALIDATION_TYPE = "SchemaValidation"
 
static final Object ENTITY_ROLE_WHITE_LIST_TYPE = "EntityRoleWhiteList"
 
static final Object VALID_UNTIL_REQUIRED_TYPE = "RequiredValidUntil"
 
static final Object SIGNATURE_VALIDATION_TYPE = "SignatureValidation"
 

非公開メンバ関数

MetadataFilter createMetadataFilter (String filterName)
 

非公開変数類

Logger log
 
ConfigurationFactory configurationFactory
 
AppConfiguration appConfiguration
 
TemplateService templateService
 
XmlService xmlService
 

静的非公開変数類

static final long serialVersionUID = -3450258050259083556L
 

詳解

Provides operations with metadata filters

関数詳解

◆ createMetadataFilter()

MetadataFilter org.gluu.oxtrust.ldap.service.FilterService.createMetadataFilter ( String  filterName)
inlineprivate
103  {
104  MetadataFilter metadataFilter = new MetadataFilter();
105  metadataFilter.setName(filterName);
106  metadataFilter.setExtensionSchemas(new ArrayList<String>());
107  metadataFilter.setRemoveRolelessEntityDescriptors(true);
108  metadataFilter.setRemoveEmptyEntitiesDescriptors(true);
109  metadataFilter.setRetainedRoles(new ArrayList<String>());
110  metadataFilter.setRequireSignedMetadata(false);
111 
112  return metadataFilter;
113  }

◆ getAvailableMetadataFilters()

List<MetadataFilter> org.gluu.oxtrust.ldap.service.FilterService.getAvailableMetadataFilters ( )
inline
81  {
82  String idpTemplatesLocation = configurationFactory.getIDPTemplatesLocation();
83  // File filterFolder = new File(configurationFactory.DIR + "shibboleth3" + File.separator + "idp" + File.separator + "MetadataFilter");
84  File filterFolder = new File(idpTemplatesLocation + "shibboleth3" + File.separator + "idp" + File.separator + "MetadataFilter");
85 
86  File[] filterTemplates = null;
87  List<MetadataFilter> metadataFilters = new ArrayList<MetadataFilter>();
88 
89  if (filterFolder.exists() && filterFolder.isDirectory()) {
90  filterTemplates = filterFolder.listFiles(new FilenameFilter() {
91  public boolean accept(File dir, String name) {
92  return name.endsWith("Filter.xml.vm");
93  }
94  });
95  for (File filterTemplate : filterTemplates) {
96  metadataFilters.add(createMetadataFilter(filterTemplate.getName().split("Filter")[0]));
97  }
98  }
99 
100  return metadataFilters;
101  }
org.gluu.oxtrust.config.ConfigurationFactory.getIDPTemplatesLocation
String getIDPTemplatesLocation()
Definition: ConfigurationFactory.java:542
org.gluu.oxtrust.ldap.service.FilterService.configurationFactory
ConfigurationFactory configurationFactory
Definition: FilterService.java:70
org.gluu.oxtrust.ldap.service.FilterService.createMetadataFilter
MetadataFilter createMetadataFilter(String filterName)
Definition: FilterService.java:103

◆ getFiltersList()

List<MetadataFilter> org.gluu.oxtrust.ldap.service.FilterService.getFiltersList ( GluuSAMLTrustRelationship  trustRelationship)
inline
128  {
129  List<MetadataFilter> metadataFilters = new ArrayList<MetadataFilter>();
130  for (String filterName : trustRelationship.getMetadataFilters().keySet()) {
131  metadataFilters.add(trustRelationship.getMetadataFilters().get(filterName));
132  }
133  return metadataFilters;
134  }

◆ getMetadataFiltersForTrustRelationship()

List<MetadataFilter> org.gluu.oxtrust.ldap.service.FilterService.getMetadataFiltersForTrustRelationship ( GluuSAMLTrustRelationship  trustRelationship)
inline
115  {
116  // TODO Auto-generated method stub
117  return new ArrayList<MetadataFilter>();
118  }

◆ isMetadataFilterPresent()

boolean org.gluu.oxtrust.ldap.service.FilterService.isMetadataFilterPresent ( GluuSAMLTrustRelationship  trustRelationship,
MetadataFilter  filter 
)
inline
124  {
125  return trustRelationship.getMetadataFilters().keySet().contains(filter.getName());
126  }

◆ parseFilters()

void org.gluu.oxtrust.ldap.service.FilterService.parseFilters ( GluuSAMLTrustRelationship  trustRelationship) throws SAXException, IOException, ParserConfigurationException, FactoryConfigurationError, XPathExpressionException
inline
200  {
201  if (trustRelationship.getGluuSAMLMetaDataFilter() != null) {
202  XPath xPath = XPathFactory.newInstance().newXPath();
203  for (String filterXML : trustRelationship.getGluuSAMLMetaDataFilter()) {
204  Document xmlDocument = xmlService.getXmlDocument(filterXML.getBytes());
205  if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(VALIDATION_TYPE)) {
206  MetadataFilter filter = createMetadataFilter("validation");
207  XPathExpression contactCountXPath = xPath.compile("count(/MetadataFilter/ExtensionSchema)");
208  int schemasNumber = Integer.parseInt(contactCountXPath.evaluate(xmlDocument));
209 
210  for (int i = 1; i <= schemasNumber; i++) {
211  contactCountXPath = xPath.compile("/MetadataFilter/ExtensionSchema[" + i + "]");
212  filter.getExtensionSchemas().add(contactCountXPath.evaluate(xmlDocument));
213  }
214  trustRelationship.getMetadataFilters().put("validation", filter);
215  continue;
216  }
217 
218  if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(ENTITY_ROLE_WHITE_LIST_TYPE)) {
219  MetadataFilter filter = createMetadataFilter("entityRoleWhiteList");
220  filter.setRemoveRolelessEntityDescriptors(Boolean.parseBoolean(xmlDocument.getFirstChild().getAttributes()
221  .getNamedItem("removeRolelessEntityDescriptors").getNodeValue()));
222  filter.setRemoveEmptyEntitiesDescriptors(Boolean.parseBoolean(xmlDocument.getFirstChild().getAttributes()
223  .getNamedItem("removeEmptyEntitiesDescriptors").getNodeValue()));
224 
225  XPathExpression contactCountXPath = xPath.compile("count(/MetadataFilter/RetainedRole)");
226  int schemasNumber = Integer.parseInt(contactCountXPath.evaluate(xmlDocument));
227 
228  for (int i = 1; i <= schemasNumber; i++) {
229  contactCountXPath = xPath.compile("/MetadataFilter/RetainedRole[" + i + "]");
230  filter.getRetainedRoles().add(contactCountXPath.evaluate(xmlDocument));
231  }
232  trustRelationship.getMetadataFilters().put("entityRoleWhiteList", filter);
233  continue;
234  }
235 
236  if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(VALID_UNTIL_REQUIRED_TYPE)) {
237  MetadataFilter filter = createMetadataFilter("requiredValidUntil");
238  filter.setMaxValidityInterval(Integer.parseInt(xmlDocument.getFirstChild().getAttributes()
239  .getNamedItem("maxValidityInterval").getNodeValue()));
240  trustRelationship.getMetadataFilters().put("requiredValidUntil", filter);
241  continue;
242  }
243 
244  if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(SIGNATURE_VALIDATION_TYPE)) {
245  MetadataFilter filter = createMetadataFilter("signatureValidation");
246  filter.setFilterCertFileName(StringHelper.removePunctuation(trustRelationship.getInum()));
247  trustRelationship.getMetadataFilters().put("signatureValidation", filter);
248  continue;
249  }
250 
251  }
252  }
253  }
org.gluu.oxtrust.ldap.service.FilterService.ENTITY_ROLE_WHITE_LIST_TYPE
static final Object ENTITY_ROLE_WHITE_LIST_TYPE
Definition: FilterService.java:60
org.gluu.oxtrust.ldap.service.FilterService.SIGNATURE_VALIDATION_TYPE
static final Object SIGNATURE_VALIDATION_TYPE
Definition: FilterService.java:64
org.gluu.oxtrust.ldap.service.FilterService.VALIDATION_TYPE
static final String VALIDATION_TYPE
Definition: FilterService.java:58
org.gluu.oxtrust.ldap.service.FilterService.xmlService
XmlService xmlService
Definition: FilterService.java:79
org.gluu.oxtrust.ldap.service.FilterService.createMetadataFilter
MetadataFilter createMetadataFilter(String filterName)
Definition: FilterService.java:103
org.gluu.oxtrust.ldap.service.FilterService.VALID_UNTIL_REQUIRED_TYPE
static final Object VALID_UNTIL_REQUIRED_TYPE
Definition: FilterService.java:62

◆ removeFilter()

void org.gluu.oxtrust.ldap.service.FilterService.removeFilter ( GluuSAMLTrustRelationship  trustRelationship,
MetadataFilter  filter 
)
inline
136  {
137  trustRelationship.getMetadataFilters().remove(filter.getName());
138  }

◆ saveFilterCert()

String org.gluu.oxtrust.ldap.service.FilterService.saveFilterCert ( String  filterCertFileName,
InputStream  input 
)
inline
255  {
256  if (appConfiguration.getShibboleth3IdpRootDir() == null) {
257  IOUtils.closeQuietly(input);
258  throw new InvalidConfigurationException("Failed to save filter certificate file due to undefined IDP root folder");
259  }
260 
261  String idpMetadataFolder = appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_METADATA_FOLDER + File.separator
262  + "credentials" + File.separator;
263  File filterCertFile = new File(idpMetadataFolder + filterCertFileName);
264 
265  FileOutputStream os = null;
266  try {
267  os = FileUtils.openOutputStream(filterCertFile);
268  IOUtils.copy(input, os);
269  os.flush();
270  } catch (IOException ex) {
271  log.error("Failed to write filter certificate file '{}'", filterCertFile, ex);
272  ex.printStackTrace();
273  return null;
274  } finally {
275  IOUtils.closeQuietly(os);
276  IOUtils.closeQuietly(input);
277  }
278 
279  return filterCertFile.getAbsolutePath();
280  }
org.gluu.oxtrust.ldap.service.FilterService.appConfiguration
AppConfiguration appConfiguration
Definition: FilterService.java:73
org.gluu.oxtrust.ldap.service.FilterService.log
Logger log
Definition: FilterService.java:67

◆ saveFilters()

void org.gluu.oxtrust.ldap.service.FilterService.saveFilters ( GluuSAMLTrustRelationship  trustRelationship,
FileUploadWrapper  filterCertWrapper 
)
inline
140  {
141  VelocityContext context = new VelocityContext();
142  if (trustRelationship.getMetadataFilters().get("validation") != null) {
143  List<String> extensionSchemas = trustRelationship.getMetadataFilters().get("validation").getExtensionSchemas();
144  if (extensionSchemas != null && !extensionSchemas.isEmpty()) {
145  context.put("extensionSchemas", extensionSchemas);
146  } else {
147  log.warn("validation filter on " + trustRelationship.getIname() + "is invalid. Removing it.");
148  trustRelationship.getMetadataFilters().remove("validation");
149  }
150  }
151 
152  if (trustRelationship.getMetadataFilters().get("entityRoleWhiteList") != null) {
153  List<String> retainedRoles = trustRelationship.getMetadataFilters().get("entityRoleWhiteList").getRetainedRoles();
154  if (retainedRoles != null && !retainedRoles.isEmpty()) {
155  context.put("retainedRoles", retainedRoles);
156  boolean removeEmptyEntitiesDescriptors = trustRelationship.getMetadataFilters().get("entityRoleWhiteList")
157  .getRemoveEmptyEntitiesDescriptors();
158  context.put("removeEmptyEntitiesDescriptors", removeEmptyEntitiesDescriptors);
159  boolean removeRolelessEntityDescriptors = trustRelationship.getMetadataFilters().get("entityRoleWhiteList")
160  .getRemoveRolelessEntityDescriptors();
161  context.put("removeRolelessEntityDescriptors", removeRolelessEntityDescriptors);
162  } else {
163  log.warn("entityRoleWhiteList filter on " + trustRelationship.getIname() + "is invalid. Removing it.");
164  trustRelationship.getMetadataFilters().remove("entityRoleWhiteList");
165  }
166 
167  }
168 
169  if (trustRelationship.getMetadataFilters().get("requiredValidUntil") != null) {
170  int maxValidityInterval = trustRelationship.getMetadataFilters().get("requiredValidUntil").getMaxValidityInterval();
171  context.put("maxValidityInterval", maxValidityInterval);
172  }
173 
174  if (trustRelationship.getMetadataFilters().get("signatureValidation") != null) {
175  String filterCertFileName = StringHelper.removePunctuation(trustRelationship.getInum());
176  if (filterCertWrapper.getStream() != null) {
177  saveFilterCert(filterCertFileName, filterCertWrapper.getStream());
178  trustRelationship.getMetadataFilters().get("signatureValidation")
179  .setFilterCertFileName(StringHelper.removePunctuation(trustRelationship.getInum()));
180  }
181 
182  if (StringHelper.isNotEmpty(trustRelationship.getMetadataFilters().get("signatureValidation").getFilterCertFileName())) {
183  boolean requireSignedMetadata = trustRelationship.getMetadataFilters().get("signatureValidation").getRequireSignedMetadata();
184  context.put("trustEngine", "shibboleth.FedTrustEngine");
185  context.put("requireSignedMetadata", requireSignedMetadata);
186  } else {
187  log.warn("signatureValidation filter on " + trustRelationship.getIname() + " is invalid. Removing it.");
188  trustRelationship.getMetadataFilters().remove("signatureValidation");
189  }
190  }
191 
192  trustRelationship.setGluuSAMLMetaDataFilter(new ArrayList<String>());
193 
194  for (String filterName : trustRelationship.getMetadataFilters().keySet()) {
195  trustRelationship.getGluuSAMLMetaDataFilter().add(templateService.generateConfFile(filterName + "Filter.xml", context));
196  }
197  }
org.gluu.oxtrust.ldap.service.FilterService.templateService
TemplateService templateService
Definition: FilterService.java:76
org.gluu.oxtrust.ldap.service.FilterService.saveFilterCert
String saveFilterCert(String filterCertFileName, InputStream input)
Definition: FilterService.java:255
org.gluu.oxtrust.ldap.service.FilterService.log
Logger log
Definition: FilterService.java:67
org.gluu.oxtrust.ldap.service.TemplateService.generateConfFile
String generateConfFile(String template, VelocityContext context)
Definition: TemplateService.java:51

◆ updateFilter()

void org.gluu.oxtrust.ldap.service.FilterService.updateFilter ( GluuSAMLTrustRelationship  trustRelationship,
MetadataFilter  metadataFilterSelected 
)
inline
120  {
121  trustRelationship.getMetadataFilters().put(metadataFilterSelected.getName(), metadataFilterSelected);
122  }

メンバ詳解

◆ appConfiguration

AppConfiguration org.gluu.oxtrust.ldap.service.FilterService.appConfiguration
private

◆ configurationFactory

ConfigurationFactory org.gluu.oxtrust.ldap.service.FilterService.configurationFactory
private

◆ ENTITY_ROLE_WHITE_LIST_TYPE

final Object org.gluu.oxtrust.ldap.service.FilterService.ENTITY_ROLE_WHITE_LIST_TYPE = "EntityRoleWhiteList"
static

◆ log

Logger org.gluu.oxtrust.ldap.service.FilterService.log
private

◆ serialVersionUID

final long org.gluu.oxtrust.ldap.service.FilterService.serialVersionUID = -3450258050259083556L
staticprivate

◆ SIGNATURE_VALIDATION_TYPE

final Object org.gluu.oxtrust.ldap.service.FilterService.SIGNATURE_VALIDATION_TYPE = "SignatureValidation"
static

◆ templateService

TemplateService org.gluu.oxtrust.ldap.service.FilterService.templateService
private

◆ VALID_UNTIL_REQUIRED_TYPE

final Object org.gluu.oxtrust.ldap.service.FilterService.VALID_UNTIL_REQUIRED_TYPE = "RequiredValidUntil"
static

◆ VALIDATION_TYPE

final String org.gluu.oxtrust.ldap.service.FilterService.VALIDATION_TYPE = "SchemaValidation"
static

◆ xmlService

XmlService org.gluu.oxtrust.ldap.service.FilterService.xmlService
private
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時45分23秒作成 - gluu / 構成:   doxygen 1.8.13