001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: DiscoveryConfig.java,v 1.6 2009/02/28 00:59:42 mrudul_uchil Exp $
026 *
027 */
028package com.sun.identity.wss.provider;
029
030import java.util.Iterator;
031import java.util.List;
032import java.util.ArrayList;
033
034import com.sun.identity.liberty.ws.disco.DiscoveryClient;
035import com.sun.identity.liberty.ws.disco.DiscoveryException;
036import com.sun.identity.liberty.ws.disco.Description;
037import com.sun.identity.liberty.ws.disco.Directive;
038import com.sun.identity.liberty.ws.disco.InsertEntry;
039import com.sun.identity.liberty.ws.disco.RemoveEntry;
040import com.sun.identity.liberty.ws.disco.Modify;
041import com.sun.identity.liberty.ws.disco.ModifyResponse;
042import com.sun.identity.liberty.ws.disco.ResourceOffering;
043import com.sun.identity.liberty.ws.disco.ResourceID;
044import com.sun.identity.liberty.ws.disco.ServiceInstance;
045import com.sun.identity.liberty.ws.disco.QueryResponse;
046import com.sun.identity.liberty.ws.disco.common.DiscoConstants;
047import com.sun.identity.liberty.ws.common.Status;
048import com.sun.identity.wss.security.SecurityMechanism;
049
050/**
051 * This abstract class <code>DiscoveryConfig</code> represents the 
052 * configuration of a Discovery client entity. It extends 
053 * <code>TrustAuthorityConfig</code>.
054 * 
055 * <p>This class can be extended to define the trust authority config
056 * which is Discovery client configuration.
057 * 
058 * <p>Pluggable implementation of this abstract class can choose to store this 
059 * configuration in desired configuration store. This pluggable implementation
060 * class can be configured in client's AMConfig.properties as value of 
061 * "com.sun.identity.wss.discovery.config.plugin" property 
062 * for Discovery client configuration.
063 * 
064 * <p>This class also provides methods for registering and un-registering
065 * with the discovery service. All the static methods in this class are for 
066 * the persistent operations.
067 * @supported.all.api
068 */
069
070public abstract class DiscoveryConfig extends TrustAuthorityConfig {
071
072      protected String authServiceEndpoint = null;
073
074      /** Creates a new instance of DiscoveryConfig */
075      public DiscoveryConfig() {}
076
077
078      /**
079       * Returns Authentication Web Service End point.
080       * @return Authentication Web Service End point
081       */
082      public String getAuthServiceEndPoint() {
083          return authServiceEndpoint;
084      }         
085
086      /**
087       * Sets Authentication Web Service End point.
088       * @param authServiceEndpoint Authentication Web Service End point
089       *
090       */
091      public void setAuthServiceEndPoint(String authServiceEndpoint) {
092          this.authServiceEndpoint = authServiceEndpoint;
093      }        
094
095      /**
096       * Registers the Discovery client configuration with trusted authority.
097       *
098       * @param config the configuration of the Discovery client.
099       *
100       * @param serviceURI the <code>URI</code> of the web services provider.
101       *
102       * @exception ProviderException if any failure.
103       */
104      public void registerProviderWithTA(ProviderConfig config,
105               String serviceURI) throws ProviderException {
106
107          registerProviderWithTA(config, serviceURI, false);
108      }
109       
110
111      /**
112       * Registers the Discovery client configuration with trusted authority.
113       *
114       * @param config the configuration of the Discovery client.
115       *
116       * @param serviceURI the <code>URI</code> of the web services provider.
117       *
118       * @param unregister if true unregisters the service offering with
119       *        trusted authority before registration.
120       *        
121       * @exception ProviderException if any failure.
122       */
123      public void registerProviderWithTA(ProviderConfig config, 
124               String serviceURI, boolean unregister) throws ProviderException {
125
126          try {
127              if(unregister) {
128                 unregisterProviderWithTA(serviceURI);
129              }
130              DiscoveryClient discoClient = new DiscoveryClient(endpoint, null);
131              Modify modifyReq = getDiscoveryModify(config, serviceURI);
132              ModifyResponse response = discoClient.modify(modifyReq);
133              
134              Status status = response.getStatus();
135              if(status != null) {
136                 if(status.getCode().getLocalPart().equalsIgnoreCase
137                            (DiscoConstants.STATUS_OK)) {
138                    return;
139                 } else {
140                    throw new ProviderException(
141                        ProviderUtils.bundle.getString("registrationFailed"));
142                 }
143              }
144              throw new ProviderException(
145                  ProviderUtils.bundle.getString("registrationFailed"));
146          } catch (DiscoveryException de) {
147             ProviderUtils.debug.error("DiscoveryConfig.registerProviderWith"+
148                 "TA: is failed", de);
149              throw new ProviderException(
150                  ProviderUtils.bundle.getString("registrationFailed"));
151          }
152           
153      }
154
155     /**
156      * Unregisters the provider with trusted authority.
157      *
158      * @param serviceURI the service <code>URI</code> of the 
159      *            web services provider.
160      * @exception ProviderException if any failure.
161      */
162     public void unregisterProviderWithTA(String serviceURI) 
163                     throws ProviderException {
164         try {
165             DiscoveryClient client = new DiscoveryClient(endpoint, null);
166             client.setResourceID(DiscoConstants.IMPLIED_RESOURCE);
167             List types = new ArrayList();
168             types.add(serviceURI);
169             QueryResponse result = client.getResourceOffering(types);
170             List offerings = result.getResourceOffering();
171             if((offerings == null) || (offerings.isEmpty())) {
172                if(ProviderUtils.debug.messageEnabled()) {
173                   ProviderUtils.debug.message("DiscoveryConfig." +
174                   "unregisterProviderWithTA:: " +
175                   "There are no resource offerings");
176                }
177                return;
178             }
179 
180             ResourceOffering offering = (ResourceOffering)offerings.get(0);
181             String entryID = offering.getEntryID();
182             RemoveEntry remove = new RemoveEntry(entryID);
183             List removes = new ArrayList();
184             removes.add(remove);
185
186             Modify modify = new Modify();
187             ResourceID resourceID = 
188                    new ResourceID(DiscoConstants.IMPLIED_RESOURCE); 
189             modify.setResourceID(resourceID);
190             modify.setRemoveEntry(removes);
191             client.modify(modify);
192         } catch (DiscoveryException de) {
193             ProviderUtils.debug.error("DiscoveryConfig.unregisterProviderWith"+
194                 "TA: is failed", de);
195              throw new ProviderException(
196                  ProviderUtils.bundle.getString("unregisterFailed"));
197         }
198     }
199
200    private Modify getDiscoveryModify(ProviderConfig config, 
201               String serviceURI) throws ProviderException {
202
203         // Register with discovery only if there are liberty security mechs.
204         List securityMech = config.getSecurityMechanisms();
205         List libertyMech = new ArrayList();
206         Iterator iter = securityMech.iterator();
207         while(iter.hasNext()) {
208             String secMech = (String)iter.next();
209             if(isLibertySecurityMechanism(secMech)) {
210                libertyMech.add(secMech);
211             }
212         }
213
214         if(libertyMech.isEmpty()) {
215            throw new ProviderException(
216                  ProviderUtils.bundle.getString("noLibertyMechanisms"));
217         }
218
219         List directives = new ArrayList();
220         iter = libertyMech.iterator();
221         while(iter.hasNext()) {
222            String mech = (String)iter.next();
223            getDirectives(mech, directives); 
224         }
225         ResourceID resourceID = 
226                    new ResourceID(DiscoConstants.IMPLIED_RESOURCE); 
227         Description description = 
228                   new Description(config.getSecurityMechanisms(), 
229                   null, config.getWSPEndpoint());
230         ArrayList descriptions = new ArrayList();
231         descriptions.add(description);
232
233         ServiceInstance serviceInstance = 
234                  new ServiceInstance(serviceURI, 
235                  config.getProviderName(), descriptions);
236         ResourceOffering offering = 
237                    new ResourceOffering(resourceID, serviceInstance);
238         InsertEntry insertEntry = new InsertEntry(offering, null);
239         if(!directives.isEmpty()) {
240            insertEntry.setAny(directives);
241         }
242         ArrayList insertEntries = new ArrayList();
243         insertEntries.add(insertEntry);
244         return new Modify(resourceID, insertEntries, null);
245    }
246
247    private boolean isLibertySecurityMechanism(String mechanism) {
248        if(mechanism == null) {
249           return false;
250        }
251
252        return SecurityMechanism.getLibertySecurityMechanismURIs().
253               contains(mechanism);
254    }
255
256    private void getDirectives(String mechanism, List directives) {
257        if(mechanism == null) {
258           return;
259        }
260        if(SecurityMechanism.LIB_NULL_SAML_TOKEN_URI.equals(mechanism) ||
261           SecurityMechanism.LIB_TLS_SAML_TOKEN_URI.equals(mechanism) ||
262           SecurityMechanism.LIB_CLIENT_TLS_SAML_TOKEN_URI.equals(mechanism)) {
263           Directive dir1 = new Directive(Directive.AUTHENTICATE_REQUESTER); 
264           directives.add(dir1);
265        } else if(
266           SecurityMechanism.LIB_NULL_SAML_BEARER_TOKEN_URI.equals(mechanism) ||
267           SecurityMechanism.LIB_TLS_SAML_BEARER_TOKEN_URI.equals(mechanism) ||
268           SecurityMechanism.LIB_CLIENT_TLS_SAML_BEARER_TOKEN_URI.
269                      equals(mechanism)) {
270           Directive dir1 = new Directive(Directive.AUTHENTICATE_REQUESTER); 
271           directives.add(dir1);
272
273           Directive dir2 = new Directive(Directive.GENERATE_BEARER_TOKEN);
274           directives.add(dir2);
275        }
276    }
277
278}




























































Copyright © 2010-2017, ForgeRock All Rights Reserved.