001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: SessionSubject.java,v 1.2 2008/06/25 05:47:22 qcheng Exp $ 026 * 027 */ 028 029 030package com.sun.identity.liberty.ws.security; 031 032 033import org.w3c.dom.Node; 034import org.w3c.dom.NodeList; 035import org.w3c.dom.Element; 036import com.sun.identity.saml.common.SAMLException; 037import com.sun.identity.saml.assertion.SubjectConfirmation; 038import com.sun.identity.federation.message.FSSubject; 039import com.sun.identity.federation.message.common.IDPProvidedNameIdentifier; 040import com.sun.identity.federation.message.common.FSMsgException; 041import com.sun.identity.federation.common.IFSConstants; 042import com.sun.identity.liberty.ws.common.wsse.WSSEConstants; 043import com.sun.identity.saml.common.SAMLUtils; 044import com.sun.identity.saml.common.SAMLConstants; 045import com.sun.identity.saml.assertion.NameIdentifier; 046/** 047 * The <code>SessionSubject</code> class represents a liberty subject 048 * with associated session status. 049 * 050 * @supported.all.api 051 */ 052public class SessionSubject extends FSSubject { 053 054 /** 055 * Constructs a <code>SessionSubject<code> object from a 056 * <code>NameIdentifier</code> object, <code>SubjectConfirmation</code> and 057 * <code>IDPProvidedNameIdentifier</code> object. 058 * 059 * @param nameIdentifier <code>NameIdentifier</code> object. 060 * @param subjectConfirmation <code>SubjectConfirmation</code> object. 061 * @param idpNameIdentifier <code>IDPProvidedNameIdentifier</code> object. 062 * @throws FSMsgException if <code>idpNameIdentifier</code> is null. 063 * @throws SAMLException if both <code>nameIdentifier</code> and 064 * <code>subjectConfirmation</code> are null. 065 */ 066 public SessionSubject( 067 NameIdentifier nameIdentifier, 068 SubjectConfirmation subjectConfirmation, 069 IDPProvidedNameIdentifier idpNameIdentifier 070 ) throws FSMsgException, SAMLException { 071 super(nameIdentifier, subjectConfirmation, idpNameIdentifier); 072 } 073 074 /** 075 * Constructs a <code>SessionSubject</code> object from a 076 * <code>NameIdentifier</code> object and a 077 * <code>IDPProvidedNameIdentifier</code> object. 078 * 079 * @param nameIdentifier <code>NameIdentifier</code> object. 080 * @param idpNameIdentifier <code>IDPProvidedNameIdentifier</code> object. 081 * @throws FSMsgException if <code>idpNameIdentifier</code> is null. 082 * @throws SAMLException if <code>nameIdentifier</code> is null. 083 */ 084 public SessionSubject( 085 NameIdentifier nameIdentifier, 086 IDPProvidedNameIdentifier idpNameIdentifier 087 ) throws FSMsgException, SAMLException { 088 super(nameIdentifier, idpNameIdentifier); 089 } 090 091 /** 092 * Constructs a <code>SessionSubject</code> object from a DOM element. 093 * which has already been built into a DOM. 094 * 095 * @param subjectElement An Element representing DOM tree for Subject object 096 * @throws SAMLException if can not create the object of 097 * <code>NameIdentifier</code> or 098 * <code>SubjectConfirmation</code> inside the DOM element. 099 * @throws FSMsgException if it could not process the Element properly, 100 * implying that there is an error in the sender or in the 101 * element definition. 102 */ 103 public SessionSubject( 104 Element subjectElement 105 ) throws FSMsgException, SAMLException { 106 SecurityTokenManager.debug.message("SessionSubject(Element): Called"); 107 int elementCount=0; 108 Element elt = (Element)subjectElement; 109 String rootTagName = elt.getLocalName(); 110 String rootTagNS = elt.getNamespaceURI(); 111 if (rootTagName == null) { 112 if (SecurityTokenManager.debug.messageEnabled()) { 113 SecurityTokenManager.debug.message( 114 "SessionSubject: local name missing"); 115 } 116 throw new FSMsgException(SAMLUtils.bundle.getString 117 ("nullInput")) ; 118 } 119 if (!(rootTagName.equals("SessionSubject"))) { 120 if (SecurityTokenManager.debug.messageEnabled()) { 121 SecurityTokenManager.debug.message( 122 "SessionSubject: invalid root element"); 123 } 124 throw new FSMsgException(SAMLUtils.bundle.getString( 125 "invalidElement")) ; 126 } 127 NodeList nl = subjectElement.getChildNodes(); 128 int length = nl.getLength(); 129 if (length == 0 ) { 130 if (SecurityTokenManager.debug.messageEnabled()) { 131 SecurityTokenManager.debug.message( 132 "SessionSubject: No sub elements found"); 133 } 134 throw new FSMsgException(SAMLUtils.bundle.getString( 135 "emptyElement")) ; 136 } 137 for (int n=0; n < length; n++) { 138 Node child = (Node)nl.item(n); 139 if (child.getNodeType() != Node.ELEMENT_NODE) { 140 continue; 141 } 142 String childName = child.getLocalName(); 143 if (childName.equals("NameIdentifier")) { 144 setNameIdentifier(new NameIdentifier((Element)child)); 145 elementCount++; 146 } else if (childName.equals("SubjectConfirmation")) { 147 super.setSubjectConfirmation( 148 new SubjectConfirmation((Element)child)); 149 elementCount++; 150 }else if (childName.equals("IDPProvidedNameIdentifier")) { 151 _idpNameIdentifier = 152 new IDPProvidedNameIdentifier((Element)child); 153 elementCount++; 154 }else { 155 if (SecurityTokenManager.debug.messageEnabled()) { 156 SecurityTokenManager.debug.message( 157 "SessionSubject: Invalid element encountered."); 158 } 159 throw new FSMsgException(SAMLUtils.bundle.getString( 160 "invalidElement")) ; 161 } 162 } 163 if (elementCount > 3 ) { 164 if (SecurityTokenManager.debug.messageEnabled()) { 165 SecurityTokenManager.debug.message( 166 "SessionSubject: more than allowed elements passed"); 167 } 168 throw new FSMsgException(SAMLUtils.bundle.getString( 169 "moreElement")) ; 170 } 171 if (_idpNameIdentifier == null) { 172 if (SecurityTokenManager.debug.messageEnabled()) { 173 SecurityTokenManager.debug.message( 174 "SessionSubject: mandatory IDPProvidedNameIdentifier " 175 + "missing"); 176 } 177 throw new FSMsgException(SAMLUtils.bundle.getString( 178 "missingElement")) ; 179 } 180 SecurityTokenManager.debug.message("SessionSubject(Element): leaving"); 181 182 } 183 184 /** 185 * Constructs a <code>SessionSubject</code> object from a 186 * <code>SubjectConfirmation</code> object. 187 * 188 * @param subjectConfirmation <code>SubjectConfirmation</code> object to be 189 * added to the object. 190 * @throws SAMLException if <code>subjectConfirmation</code> is null. 191 */ 192 public SessionSubject(SubjectConfirmation subjectConfirmation) 193 throws SAMLException { 194 super(subjectConfirmation); 195 } 196 197 /** 198 * Returns a String representation of the element. 199 * 200 * @return a string containing the valid XML for this element 201 * By default name space name is prepended to the element name 202 * example <code><saml:Subject></code>. 203 * @throws FSMsgException if could not create a String 204 * representation of this element. 205 */ 206 public String toXMLString() throws FSMsgException { 207 return this.toXMLString(true, false); 208 209 } 210 211 /** 212 * Returns a String representation of the <code><Subject></code> 213 * element. 214 * 215 * @param includeNS if true prepends all elements by their Namespace 216 * name example <code><saml:Subject></code> 217 * 218 * @param declareNS if true includes the namespace within the 219 * generated XML. 220 * @return a string containing the valid XML for this element. 221 * @throws FSMsgException if could not create a String 222 * representation of this element. 223 */ 224 public String toXMLString( 225 boolean includeNS, 226 boolean declareNS 227 ) throws FSMsgException { 228 SAMLConstants sc; 229 StringBuffer xml = new StringBuffer(3000); 230 String libprefix = ""; 231 String secprefix = ""; 232 String liburi = ""; 233 String secNS = ""; 234 String secNSString = ""; 235 236 if (includeNS) { 237 libprefix = IFSConstants.LIB_PREFIX; 238 secprefix = WSSEConstants.TAG_SEC + ":"; 239 } 240 if (declareNS) { 241 liburi = IFSConstants.LIB_NAMESPACE_STRING; 242 secNS = WSSEConstants.NS_SEC; 243 secNSString = " " + WSSEConstants.TAG_XMLNS + ":" + 244 WSSEConstants.TAG_SEC + "=\"" + secNS + "\""; 245 } 246 247 xml.append("<").append(secprefix). 248 append(WSSEConstants.TAG_SESSIONSUBJECT). 249 append(secNSString).append(">"); 250 251 if (getNameIdentifier() != null ) { 252 xml.append(getNameIdentifier().toString(includeNS, declareNS)); 253 } 254 if (getSubjectConfirmation() != null) { 255 xml.append(getSubjectConfirmation().toString(includeNS, declareNS)); 256 } 257 if (_idpNameIdentifier != null ) { 258 xml.append(_idpNameIdentifier.toXMLString(includeNS, declareNS)); 259 } 260 xml.append("</").append(secprefix). 261 append(WSSEConstants.TAG_SESSIONSUBJECT).append(">"); 262 return xml.toString(); 263 } 264}