Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
a7033d7f
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a7033d7f
编写于
2月 27, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
update
update
上级
a087487a
变更
24
隐藏空白更改
内联
并排
Showing
24 changed file
with
113 addition
and
149 deletion
+113
-149
maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java
.../main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java
+0
-3
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java
.../java/org/maxkey/authz/saml/common/EndpointGenerator.java
+6
-15
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java
...main/java/org/maxkey/authz/saml/common/TrustResolver.java
+4
-8
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/BindingAdapter.java
.../java/org/maxkey/authz/saml20/binding/BindingAdapter.java
+1
-5
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/ExtractBindingAdapter.java
...rg/maxkey/authz/saml20/binding/ExtractBindingAdapter.java
+2
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java
...key/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java
+5
-6
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java
...saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java
+17
-28
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java
...authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java
+7
-9
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractPostBindingAdapter.java
.../authz/saml20/binding/impl/ExtractPostBindingAdapter.java
+9
-3
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/ExtractRedirectBindingAdapter.java
...hz/saml20/binding/impl/ExtractRedirectBindingAdapter.java
+3
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostBindingAdapter.java
.../maxkey/authz/saml20/binding/impl/PostBindingAdapter.java
+4
-3
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/impl/PostSimpleSignBindingAdapter.java
...thz/saml20/binding/impl/PostSimpleSignBindingAdapter.java
+1
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
...g/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
+1
-8
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
...xkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
+7
-13
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java
...l20/consumer/spring/RealAuthenticationFailureHandler.java
+0
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java
...nsumer/spring/ServiceProviderAuthenticationException.java
+6
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java
.../maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java
+4
-8
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java
...a/org/maxkey/authz/saml20/metadata/MetadataGenerator.java
+4
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java
...ml20/provider/binding/encoding/WebServicePostEncoder.java
+4
-0
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
...key/authz/saml20/provider/endpoint/AssertionEndpoint.java
+1
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java
...axkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
.../authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
+3
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java
...in/java/org/springframework/ui/velocity/package-info.java
+3
-6
maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml
...maxkey/src/main/resources/spring/maxkey-protocol-saml.xml
+19
-19
未找到文件。
maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java
浏览文件 @
a7033d7f
...
...
@@ -9,7 +9,6 @@ import java.util.Enumeration;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.InitializingBean
;
import
org.springframework.beans.factory.annotation.Required
;
import
org.springframework.util.ResourceUtils
;
...
...
@@ -45,7 +44,6 @@ public class KeyStoreLoader implements InitializingBean{
/**
* @param keystoreFile the keystoreFile to set
*/
@Required
public
void
setKeystoreFile
(
String
keystoreFile
)
{
this
.
keystoreFile
=
keystoreFile
;
}
...
...
@@ -55,7 +53,6 @@ public class KeyStoreLoader implements InitializingBean{
/**
* @param keystorePassword the keystorePassword to set
*/
@Required
public
void
setKeystorePassword
(
String
keystorePassword
)
{
this
.
keystorePassword
=
keystorePassword
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/EndpointGenerator.java
浏览文件 @
a7033d7f
...
...
@@ -5,26 +5,18 @@ package org.maxkey.authz.saml.common;
import
javax.xml.namespace.QName
;
import
org.apache.commons.lang.StringUtils
;
import
org.opensaml.Configuration
;
import
org.opensaml.common.SAMLObjectBuilder
;
import
org.opensaml.saml2.metadata.AssertionConsumerService
;
import
org.opensaml.saml2.metadata.Endpoint
;
import
org.opensaml.
xml.XMLObjectBuilderFactory
;
import
org.opensaml.
saml2.metadata.impl.AssertionConsumerServiceBuilder
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
public
class
EndpointGenerator
{
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
EndpointGenerator
.
class
);
private
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
public
Endpoint
generateEndpoint
(
String
location
)
{
logger
.
debug
(
"end point location: {}"
,
location
);
QName
service
=
org
.
opensaml
.
saml2
.
metadata
.
AssertionConsumerService
.
DEFAULT_ELEMENT_NAME
;
SAMLObjectBuilder
<
Endpoint
>
endpointBuilder
=
(
SAMLObjectBuilder
<
Endpoint
>)
builderFactory
.
getBuilder
(
service
);
Endpoint
samlEndpoint
=
endpointBuilder
.
buildObject
();
Endpoint
samlEndpoint
=
new
AssertionConsumerServiceBuilder
().
buildObject
();
samlEndpoint
.
setLocation
(
location
);
...
...
@@ -35,12 +27,11 @@ public class EndpointGenerator {
logger
.
debug
(
"end point service: {}"
,
service
);
logger
.
debug
(
"end point location: {}"
,
location
);
logger
.
debug
(
"end point responseLocation: {}"
,
responseLocation
);
Endpoint
samlEndpoint
;
if
(
null
==
service
){
service
=
org
.
opensaml
.
saml2
.
metadata
.
AssertionConsumerService
.
DEFAULT_ELEMENT_NAME
;
service
=
AssertionConsumerService
.
DEFAULT_ELEMENT_NAME
;
}
SAMLObjectBuilder
<
Endpoint
>
endpointBuilder
=
(
SAMLObjectBuilder
<
Endpoint
>)
builderFactory
.
getBuilder
(
service
);
Endpoint
samlEndpoint
=
endpointBuilder
.
buildObject
();
samlEndpoint
=
new
AssertionConsumerServiceBuilder
().
buildObject
(
service
);
samlEndpoint
.
setLocation
(
location
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml/common/TrustResolver.java
浏览文件 @
a7033d7f
...
...
@@ -32,8 +32,7 @@ public class TrustResolver {
Map
<
String
,
String
>
passwords
=
new
HashMap
<
String
,
String
>();
passwords
.
put
(
key
,
password
);
keyStoreCredentialResolver
=
new
KeyStoreCredentialResolver
(
trustKeyStore
,
passwords
);
keyStoreCredentialResolver
=
new
KeyStoreCredentialResolver
(
trustKeyStore
,
passwords
);
return
keyStoreCredentialResolver
;
}
...
...
@@ -60,13 +59,11 @@ public class TrustResolver {
}
securityPolicyDelegate
.
addSecurityPolicy
(
issueInstantRule
);
securityPolicyDelegate
.
addSecurityPolicy
(
messageReplayRule
);
staticSecurityPolicyResolver
=
new
StaticSecurityPolicyResolver
(
securityPolicyDelegate
);
staticSecurityPolicyResolver
=
new
StaticSecurityPolicyResolver
(
securityPolicyDelegate
);
}
public
void
initPolicyRule
(){
signatureSecurityPolicyRule
=
new
SignatureSecurityPolicyRule
(
keyStoreCredentialResolver
,
new
SAMLSignatureProfileValidator
());
signatureSecurityPolicyRule
=
new
SignatureSecurityPolicyRule
(
keyStoreCredentialResolver
,
new
SAMLSignatureProfileValidator
());
signatureSecurityPolicyRule
.
loadTrustEngine
();
}
...
...
@@ -80,8 +77,7 @@ public class TrustResolver {
securityPolicyDelegate
.
addSecurityPolicy
(
issueInstantRule
);
securityPolicyDelegate
.
addSecurityPolicy
(
messageReplayRule
);
staticSecurityPolicyResolver
=
new
StaticSecurityPolicyResolver
(
securityPolicyDelegate
);
staticSecurityPolicyResolver
=
new
StaticSecurityPolicyResolver
(
securityPolicyDelegate
);
}
public
KeyStoreCredentialResolver
getKeyStoreCredentialResolver
()
{
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/BindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/
BindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
...
...
@@ -7,12 +7,9 @@ import javax.servlet.http.HttpServletResponse;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.opensaml.common.SignableSAMLObject
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.saml2.metadata.Endpoint
;
import
org.opensaml.ws.message.decoder.MessageDecodingException
;
import
org.opensaml.ws.message.encoder.MessageEncodingException
;
import
org.opensaml.ws.security.SecurityPolicyResolver
;
import
org.opensaml.xml.security.SecurityException
;
import
org.opensaml.xml.security.credential.Credential
;
/**
...
...
@@ -25,7 +22,6 @@ public interface BindingAdapter {
public
void
sendSAMLMessage
(
SignableSAMLObject
samlMessage
,
Endpoint
endpoint
,
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
MessageEncodingException
;
public
void
setSecurityPolicyResolver
(
SecurityPolicyResolver
securityPolicyResolver
);
public
void
setExtractBindingAdapter
(
ExtractBindingAdapter
extractBindingAdapter
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractBindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/
ExtractBindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding
;
import
java.security.KeyStore
;
...
...
@@ -21,6 +21,7 @@ import org.opensaml.xml.security.credential.CredentialResolver;
*/
public
interface
ExtractBindingAdapter
{
@SuppressWarnings
(
"rawtypes"
)
public
SAMLMessageContext
extractSAMLMessageContext
(
HttpServletRequest
request
)
throws
MessageDecodingException
,
SecurityException
;
public
String
extractSAMLMessage
(
HttpServletRequest
request
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostDecoder.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/decoder/
OpenHTTPPostDecoder.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.decoder
;
import
javax.servlet.http.HttpServletRequest
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder
;
import
org.opensaml.saml2.binding.decoding.HTTPPostDecoder
;
import
org.opensaml.ws.message.decoder.MessageDecodingException
;
import
org.opensaml.ws.transport.InTransport
;
...
...
@@ -14,9 +13,7 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
public
class
OpenHTTPPostDecoder
extends
HTTPPostDecoder
{
/** Class logger. */
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
BaseSAMLMessageDecoder
.
class
);
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
OpenHTTPPostDecoder
.
class
);
private
String
receiverEndpoint
;
...
...
@@ -42,6 +39,7 @@ public class OpenHTTPPostDecoder extends HTTPPostDecoder {
* thrown if there is a problem decoding and processing the
* message Destination or receiver endpoint information
*/
@SuppressWarnings
(
"rawtypes"
)
@Override
protected
void
checkEndpointURI
(
SAMLMessageContext
messageContext
)
throws
SecurityException
,
MessageDecodingException
{
...
...
@@ -99,8 +97,9 @@ public class OpenHTTPPostDecoder extends HTTPPostDecoder {
}
@Override
@SuppressWarnings
(
"rawtypes"
)
protected
String
getActualReceiverEndpointURI
(
SAMLMessageContext
messageContext
)
throws
MessageDecodingException
{
SAMLMessageContext
messageContext
)
throws
MessageDecodingException
{
InTransport
inTransport
=
messageContext
.
getInboundMessageTransport
();
if
(!(
inTransport
instanceof
HttpServletRequestAdapter
))
{
throw
new
MessageDecodingException
(
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPPostSimpleSignDecoder.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/decoder/
OpenHTTPPostSimpleSignDecoder.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.decoder
;
import
javax.servlet.http.HttpServletRequest
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder
;
import
org.opensaml.saml2.binding.decoding.HTTPPostSimpleSignDecoder
;
import
org.opensaml.ws.message.decoder.MessageDecodingException
;
import
org.opensaml.ws.transport.InTransport
;
...
...
@@ -14,9 +13,7 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
public
class
OpenHTTPPostSimpleSignDecoder
extends
HTTPPostSimpleSignDecoder
{
/** Class logger. */
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
BaseSAMLMessageDecoder
.
class
);
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
OpenHTTPPostSimpleSignDecoder
.
class
);
private
String
receiverEndpoint
;
...
...
@@ -42,7 +39,9 @@ public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder {
* thrown if there is a problem decoding and processing the
* message Destination or receiver endpoint information
*/
@Override
@SuppressWarnings
(
"rawtypes"
)
protected
void
checkEndpointURI
(
SAMLMessageContext
messageContext
)
throws
SecurityException
,
MessageDecodingException
{
...
...
@@ -56,58 +55,48 @@ public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder {
if
(
messageDestination
==
null
)
{
if
(
bindingRequires
)
{
log
.
error
(
"SAML message intended destination endpoint URI required by binding was empty"
);
throw
new
SecurityException
(
"SAML message intended destination (required by binding) was not present"
);
throw
new
SecurityException
(
"SAML message intended destination (required by binding) was not present"
);
}
else
{
log
.
debug
(
"SAML message intended destination endpoint in message was empty, not required by binding, skipping"
);
return
;
}
}
String
receiverEndpoint
=
DatatypeHelper
.
safeTrimOrNullString
(
getActualReceiverEndpointURI
(
messageContext
));
String
receiverEndpoint
=
DatatypeHelper
.
safeTrimOrNullString
(
getActualReceiverEndpointURI
(
messageContext
));
log
.
debug
(
"Intended message destination endpoint: {}"
,
messageDestination
);
log
.
debug
(
"Intended message destination endpoint: {}"
,
messageDestination
);
log
.
debug
(
"Actual message receiver endpoint: {}"
,
receiverEndpoint
);
// 协议头统一(http或https,需要和destination统一)
if
(
messageDestination
.
indexOf
(
"/"
)
!=
-
1
&&
receiverEndpoint
.
indexOf
(
"/"
)
!=
-
1
)
{
if
(!
messageDestination
.
substring
(
0
,
messageDestination
.
indexOf
(
"/"
))
.
equalsIgnoreCase
(
receiverEndpoint
.
substring
(
0
,
receiverEndpoint
.
indexOf
(
"/"
))))
{
receiverEndpoint
=
messageDestination
.
substring
(
0
,
messageDestination
.
indexOf
(
"/"
))
+
receiverEndpoint
.
substring
(
receiverEndpoint
.
indexOf
(
"/"
));
if
(!
messageDestination
.
substring
(
0
,
messageDestination
.
indexOf
(
"/"
))
.
equalsIgnoreCase
(
receiverEndpoint
.
substring
(
0
,
receiverEndpoint
.
indexOf
(
"/"
))))
{
receiverEndpoint
=
messageDestination
.
substring
(
0
,
messageDestination
.
indexOf
(
"/"
))
+
receiverEndpoint
.
substring
(
receiverEndpoint
.
indexOf
(
"/"
));
}
}
boolean
matched
=
compareEndpointURIs
(
messageDestination
,
receiverEndpoint
);
if
(!
matched
)
{
log
.
error
(
"SAML message intended destination endpoint '{}' did not match the recipient endpoint '{}'"
,
log
.
error
(
"SAML message intended destination endpoint '{}' did not match the recipient endpoint '{}'"
,
messageDestination
,
receiverEndpoint
);
throw
new
SecurityException
(
"SAML message intended destination endpoint did not match recipient endpoint"
);
throw
new
SecurityException
(
"SAML message intended destination endpoint did not match recipient endpoint"
);
}
else
{
log
.
debug
(
"SAML message intended destination endpoint matched recipient endpoint"
);
}
}
@Override
@SuppressWarnings
(
"rawtypes"
)
protected
String
getActualReceiverEndpointURI
(
SAMLMessageContext
messageContext
)
throws
MessageDecodingException
{
InTransport
inTransport
=
messageContext
.
getInboundMessageTransport
();
if
(!(
inTransport
instanceof
HttpServletRequestAdapter
))
{
throw
new
MessageDecodingException
(
"Message context InTransport instance was an unsupported type"
);
throw
new
MessageDecodingException
(
"Message context InTransport instance was an unsupported type"
);
}
HttpServletRequest
httpRequest
=
((
HttpServletRequestAdapter
)
inTransport
)
.
getWrappedRequest
();
HttpServletRequest
httpRequest
=
((
HttpServletRequestAdapter
)
inTransport
).
getWrappedRequest
();
StringBuffer
urlBuilder
=
httpRequest
.
getRequestURL
();
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/OpenHTTPRedirectDecoder.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/decoder/
OpenHTTPRedirectDecoder.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.decoder
;
import
javax.servlet.http.HttpServletRequest
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder
;
import
org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder
;
import
org.opensaml.ws.message.decoder.MessageDecodingException
;
import
org.opensaml.ws.transport.InTransport
;
...
...
@@ -14,9 +13,7 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
public
class
OpenHTTPRedirectDecoder
extends
HTTPRedirectDeflateDecoder
{
/** Class logger. */
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
BaseSAMLMessageDecoder
.
class
);
private
final
Logger
log
=
LoggerFactory
.
getLogger
(
OpenHTTPRedirectDecoder
.
class
);
private
String
receiverEndpoint
;
...
...
@@ -42,9 +39,10 @@ public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder {
* thrown if there is a problem decoding and processing the
* message Destination or receiver endpoint information
*/
@Override
protected
void
checkEndpointURI
(
SAMLMessageContext
messageContext
)
throws
SecurityException
,
MessageDecodingException
{
@SuppressWarnings
(
"rawtypes"
)
protected
void
checkEndpointURI
(
SAMLMessageContext
messageContext
)
throws
SecurityException
,
MessageDecodingException
{
log
.
debug
(
"Checking SAML message intended destination endpoint against receiver endpoint"
);
...
...
@@ -99,8 +97,8 @@ public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder {
}
@Override
protected
String
getActualReceiverEndpointURI
(
SAMLMessageContext
messageContext
)
throws
MessageDecodingException
{
@SuppressWarnings
(
"rawtypes"
)
protected
String
getActualReceiverEndpointURI
(
SAMLMessageContext
messageContext
)
throws
MessageDecodingException
{
InTransport
inTransport
=
messageContext
.
getInboundMessageTransport
();
if
(!(
inTransport
instanceof
HttpServletRequestAdapter
))
{
throw
new
MessageDecodingException
(
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractPostBindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/impl/
ExtractPostBindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.impl
;
import
java.security.KeyStore
;
import
javax.servlet.http.HttpServletRequest
;
import
org.apache.commons.lang.StringUtils
;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml20.binding.ExtractBindingAdapter
;
import
org.maxkey.crypto.keystore.KeyStoreLoader
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.opensaml.common.binding.BasicSAMLMessageContext
;
...
...
@@ -18,10 +19,13 @@ import org.opensaml.ws.security.SecurityPolicyResolver;
import
org.opensaml.ws.transport.http.HttpServletRequestAdapter
;
import
org.opensaml.xml.security.SecurityException
;
import
org.opensaml.xml.security.credential.CredentialResolver
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.InitializingBean
;
public
class
ExtractPostBindingAdapter
implements
ExtractBindingAdapter
,
InitializingBean
{
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
ExtractPostBindingAdapter
.
class
);
static
final
String
SAML_REQUEST_POST_PARAM_NAME
=
"SAMLRequest"
;
static
final
String
SAML_RESPONSE_POST_PARAM_NAME
=
"SAMLResponse"
;
...
...
@@ -65,7 +69,9 @@ public class ExtractPostBindingAdapter implements ExtractBindingAdapter, Initial
@Override
@SuppressWarnings
(
"rawtypes"
)
public
SAMLMessageContext
extractSAMLMessageContext
(
HttpServletRequest
request
)
throws
MessageDecodingException
,
SecurityException
{
BasicSAMLMessageContext
messageContext
=
new
BasicSAMLMessageContext
();
...
...
@@ -75,7 +81,7 @@ public class ExtractPostBindingAdapter implements ExtractBindingAdapter, Initial
messageContext
.
setSecurityPolicyResolver
(
securityPolicyResolver
);
decoder
.
decode
(
messageContext
);
logger
.
debug
(
"decode successed "
);
return
messageContext
;
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/ExtractRedirectBindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/impl/
ExtractRedirectBindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.impl
;
import
java.security.KeyStore
;
...
...
@@ -31,7 +31,8 @@ public class ExtractRedirectBindingAdapter extends ExtractPostBindingAdapter{
keyStoreLoader
.
getEntityName
(),
keyStoreLoader
.
getKeystorePassword
(),
issueInstantRule
,
messageReplayRule
,
"Redirect"
);
messageReplayRule
,
"Redirect"
);
credentialResolver
=
(
CredentialResolver
)
trustResolver
.
getKeyStoreCredentialResolver
();
this
.
securityPolicyResolver
=
trustResolver
.
getStaticSecurityPolicyResolver
();
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostBindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/impl/
PostBindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.impl
;
import
java.security.KeyStore
;
import
javax.servlet.http.HttpServletRequest
;
...
...
@@ -9,6 +9,8 @@ import org.apache.commons.lang.Validate;
import
org.apache.velocity.app.VelocityEngine
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml20.binding.BindingAdapter
;
import
org.maxkey.authz.saml20.binding.ExtractBindingAdapter
;
import
org.maxkey.crypto.keystore.KeyStoreLoader
;
import
org.maxkey.crypto.keystore.KeyStoreUtil
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
...
...
@@ -32,7 +34,6 @@ import org.opensaml.xml.security.criteria.UsageCriteria;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.InitializingBean
;
import
org.springframework.beans.factory.annotation.Required
;
public
class
PostBindingAdapter
implements
BindingAdapter
,
InitializingBean
{
private
final
static
Logger
logger
=
LoggerFactory
.
getLogger
(
PostBindingAdapter
.
class
);
...
...
@@ -73,12 +74,12 @@ public class PostBindingAdapter implements BindingAdapter, InitializingBean{
}
@Required
public
void
setVelocityEngine
(
VelocityEngine
velocityEngine
)
{
this
.
velocityEngine
=
velocityEngine
;
}
@Override
@SuppressWarnings
({
"rawtypes"
,
"unchecked"
})
public
void
sendSAMLMessage
(
SignableSAMLObject
samlMessage
,
Endpoint
endpoint
,
HttpServletRequest
request
,
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/PostSimpleSignBindingAdapter.java
→
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/
binding/impl/
PostSimpleSignBindingAdapter.java
浏览文件 @
a7033d7f
package
org.maxkey.authz.saml20
;
package
org.maxkey.authz.saml20
.binding.impl
;
import
org.opensaml.saml2.binding.encoding.HTTPPostSimpleSignEncoder
;
import
org.opensaml.ws.security.SecurityPolicyResolver
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/AuthnRequestGenerator.java
浏览文件 @
a7033d7f
...
...
@@ -5,15 +5,11 @@ package org.maxkey.authz.saml20.consumer;
import
org.maxkey.authz.saml.service.IDService
;
import
org.maxkey.authz.saml.service.TimeService
;
import
org.maxkey.authz.saml20.xml.IssuerGenerator
;
import
org.opensaml.Configuration
;
import
org.opensaml.saml2.core.AuthnRequest
;
import
org.opensaml.saml2.core.impl.AuthnRequestBuilder
;
import
org.opensaml.xml.XMLObjectBuilderFactory
;
public
class
AuthnRequestGenerator
{
private
XMLObjectBuilderFactory
builderFactory
=
Configuration
.
getBuilderFactory
();
private
final
String
issuingEntityName
;
private
final
TimeService
timeService
;
...
...
@@ -30,10 +26,7 @@ public class AuthnRequestGenerator {
}
public
AuthnRequest
generateAuthnRequest
(
String
destination
,
String
responseLocation
)
{
AuthnRequestBuilder
authnRequestBuilder
=
(
AuthnRequestBuilder
)
builderFactory
.
getBuilder
(
AuthnRequest
.
DEFAULT_ELEMENT_NAME
);
AuthnRequest
authnRequest
=
authnRequestBuilder
.
buildObject
();
AuthnRequest
authnRequest
=
new
AuthnRequestBuilder
().
buildObject
();
authnRequest
.
setAssertionConsumerServiceURL
(
responseLocation
);
authnRequest
.
setID
(
idService
.
generateID
());
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
浏览文件 @
a7033d7f
...
...
@@ -17,7 +17,7 @@ import org.maxkey.authz.saml.common.EndpointGenerator;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml.service.IDService
;
import
org.maxkey.authz.saml.service.TimeService
;
import
org.maxkey.authz.saml20.ExtractBindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
ExtractBindingAdapter
;
import
org.maxkey.authz.saml20.consumer.AuthnRequestGenerator
;
import
org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException
;
import
org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException
;
...
...
@@ -174,13 +174,11 @@ public class ConsumerEndpoint {
public
void
afterPropertiesSet
()
throws
Exception
{
authnRequestGenerator
=
new
AuthnRequestGenerator
(
keyStoreLoader
.
getEntityName
(),
timeService
,
idService
);
authnRequestGenerator
=
new
AuthnRequestGenerator
(
keyStoreLoader
.
getEntityName
(),
timeService
,
idService
);
endpointGenerator
=
new
EndpointGenerator
();
CriteriaSet
criteriaSet
=
new
CriteriaSet
();
criteriaSet
.
add
(
new
EntityIDCriteria
(
keyStoreLoader
.
getEntityName
()));
criteriaSet
.
add
(
new
EntityIDCriteria
(
keyStoreLoader
.
getEntityName
()));
criteriaSet
.
add
(
new
UsageCriteria
(
UsageType
.
SIGNING
));
try
{
...
...
@@ -210,17 +208,13 @@ public class ConsumerEndpoint {
InputStream
keyStoreStream
=
new
ByteArrayInputStream
(
keyStoreBytes
);
try
{
KeyStore
keyStore
=
KeyStore
.
getInstance
(
keyStoreLoader
.
getKeystoreType
());
keyStore
.
load
(
keyStoreStream
,
keyStoreLoader
.
getKeystorePassword
()
.
toCharArray
());
KeyStore
keyStore
=
KeyStore
.
getInstance
(
keyStoreLoader
.
getKeystoreType
());
keyStore
.
load
(
keyStoreStream
,
keyStoreLoader
.
getKeystorePassword
().
toCharArray
());
Map
<
String
,
String
>
passwords
=
new
HashMap
<
String
,
String
>();
for
(
Enumeration
<
String
>
en
=
keyStore
.
aliases
();
en
.
hasMoreElements
();)
{
for
(
Enumeration
<
String
>
en
=
keyStore
.
aliases
();
en
.
hasMoreElements
();)
{
String
aliase
=
en
.
nextElement
();
if
(
aliase
.
equalsIgnoreCase
(
keyStoreLoader
.
getEntityName
()))
{
if
(
aliase
.
equalsIgnoreCase
(
keyStoreLoader
.
getEntityName
()))
{
passwords
.
put
(
aliase
,
keyStoreLoader
.
getKeystorePassword
());
}
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/RealAuthenticationFailureHandler.java
浏览文件 @
a7033d7f
...
...
@@ -6,8 +6,6 @@ import java.io.IOException;
import
javax.servlet.ServletException
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpSession
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.AuthenticationException
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/spring/ServiceProviderAuthenticationException.java
浏览文件 @
a7033d7f
...
...
@@ -15,8 +15,12 @@ import org.springframework.security.core.AuthenticationException;
* @author jcox
*
*/
public
class
ServiceProviderAuthenticationException
extends
AuthenticationException
{
public
class
ServiceProviderAuthenticationException
extends
AuthenticationException
{
/**
*
*/
private
static
final
long
serialVersionUID
=
8817095932085915398L
;
public
ServiceProviderAuthenticationException
(
String
msg
,
Throwable
t
)
{
super
(
msg
,
t
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataDescriptorUtil.java
浏览文件 @
a7033d7f
...
...
@@ -157,25 +157,21 @@ public class MetadataDescriptorUtil {
// System.out.println("3 : "+idpEntityDescriptor.);
// System.out.println("+"+ entityDescriptor.getOrganization());
List
<
RoleDescriptor
>
listRoleDescriptor
=
entityDescriptor
.
getRoleDescriptors
();
List
<
RoleDescriptor
>
listRoleDescriptor
=
entityDescriptor
.
getRoleDescriptors
();
for
(
RoleDescriptor
roleDescriptor
:
listRoleDescriptor
)
{
// SPSSODescriptor
// sPSSODescriptor1=idpEntityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
if
(
roleDescriptor
instanceof
org
.
opensaml
.
saml2
.
metadata
.
impl
.
IDPSSODescriptorImpl
)
{
if
(
roleDescriptor
instanceof
IDPSSODescriptorImpl
)
{
IDPSSODescriptor
iDPSSODescriptor
=
(
IDPSSODescriptorImpl
)
roleDescriptor
;
// System.out.println("3 : "+sPSSODescriptor1.getAssertionConsumerServices().get(0).getLocation());
// System.out.println("4 : "+sPSSODescriptor1.getAssertionConsumerServices().get(0).getBinding());
System
.
out
.
println
(
"3 : "
+
iDPSSODescriptor
.
getSingleSignOnServices
().
get
(
0
).
getLocation
());
// System.out.println("- : "+iDPSSODescriptor.getNameIDFormats().get(0).getFormat());
// System.out.println("- : "+iDPSSODescriptor.getKeyDescriptors().get(0).getKeyInfo().getX509Datas().get(0));
}
else
{
SPSSODescriptor
sPSSODescriptor
=
(
SPSSODescriptorImpl
)
roleDescriptor
;
//
System.out.println("- : "+sPSSODescriptor.getAssertionConsumerServices().get(0).getLocation());
System
.
out
.
println
(
"- : "
+
sPSSODescriptor
.
getAssertionConsumerServices
().
get
(
0
).
getLocation
());
// System.out.println("- : "+sPSSODescriptor.getAssertionConsumerServices().get(0).getBinding());
}
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/MetadataGenerator.java
浏览文件 @
a7033d7f
...
...
@@ -113,7 +113,8 @@ public class MetadataGenerator {
}
public
void
samlmtest
(){
@SuppressWarnings
({
"unchecked"
,
"rawtypes"
})
public
void
samlmtest
(){
try
{
KeyStoreLoader
keyStoreLoader
=
new
KeyStoreLoader
();
keyStoreLoader
.
setKeystorePassword
(
"secret"
);
...
...
@@ -342,7 +343,8 @@ public class MetadataGenerator {
return
encryptionKeyDescriptor
;
}
public
static
XMLObject
buildXMLObject
(
QName
objectQName
){
@SuppressWarnings
(
"rawtypes"
)
public
static
XMLObject
buildXMLObject
(
QName
objectQName
){
XMLObjectBuilder
builder
=
builderFactory
.
getBuilder
(
objectQName
);
if
(
builder
==
null
){
;
//fail("Unable to retrieve builder for object QName " + objectQName);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/binding/encoding/WebServicePostEncoder.java
浏览文件 @
a7033d7f
...
...
@@ -36,6 +36,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder {
super
(
engine
,
templateId
);
}
@SuppressWarnings
(
"rawtypes"
)
public
VelocityContext
encodeMsgContext
(
MessageContext
messageContext
)
throws
MessageEncodingException
{
...
...
@@ -66,6 +67,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder {
* @throws MessageEncodingException
* thrown if there is a problem encoding the message
*/
@SuppressWarnings
(
"rawtypes"
)
protected
VelocityContext
encodeMsgContext
(
SAMLMessageContext
messageContext
)
throws
MessageEncodingException
{
...
...
@@ -83,6 +85,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder {
}
}
@SuppressWarnings
(
"rawtypes"
)
protected
void
populateVelocityContext
(
VelocityContext
velocityContext
,
SAMLMessageContext
messageContext
)
throws
MessageEncodingException
{
...
...
@@ -185,6 +188,7 @@ public class WebServicePostEncoder extends HTTPPostEncoder {
*
* @return the form control data string for signature computation
*/
@SuppressWarnings
(
"rawtypes"
)
protected
String
buildFormDataToSign
(
VelocityContext
velocityContext
,
SAMLMessageContext
messageContext
,
String
sigAlgURI
)
{
StringBuilder
builder
=
new
StringBuilder
();
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
浏览文件 @
a7033d7f
...
...
@@ -9,7 +9,7 @@ import javax.servlet.http.HttpServletResponse;
import
org.joda.time.DateTime
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml.common.EndpointGenerator
;
import
org.maxkey.authz.saml20.BindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
BindingAdapter
;
import
org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.web.WebContext
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java
浏览文件 @
a7033d7f
...
...
@@ -6,8 +6,8 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml20.BindingAdapter
;
import
org.maxkey.authz.saml20.ExtractBindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
BindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
ExtractBindingAdapter
;
import
org.maxkey.crypto.keystore.KeyStoreLoader
;
import
org.maxkey.crypto.keystore.KeyStoreUtil
;
import
org.maxkey.dao.service.AppsSaml20DetailsService
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
浏览文件 @
a7033d7f
...
...
@@ -6,8 +6,8 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authz.saml.common.AuthnRequestInfo
;
import
org.maxkey.authz.saml20.BindingAdapter
;
import
org.maxkey.authz.saml20.ExtractBindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
BindingAdapter
;
import
org.maxkey.authz.saml20.
binding.
ExtractBindingAdapter
;
import
org.maxkey.authz.saml20.xml.SAML2ValidatorSuite
;
import
org.maxkey.crypto.keystore.KeyStoreUtil
;
import
org.maxkey.dao.service.AppsSaml20DetailsService
;
...
...
@@ -105,6 +105,7 @@ public class SingleSignOnEndpoint {
}
@SuppressWarnings
(
"rawtypes"
)
public
void
extractSAMLMessage
(
ExtractBindingAdapter
extractBindingAdapter
,
HttpServletRequest
request
)
throws
Exception
{
SAMLMessageContext
messageContext
;
logger
.
debug
(
"extract SAML Message ."
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/package-info.java
浏览文件 @
a7033d7f
/**
*
* @author Crystal.Sea
* SAML 2.0 must use velocity,but spring 5.* is removed
*/
/**
* @author Administrator
*
*/
package
org.springframework.ui.velocity
;
\ No newline at end of file
package
org.springframework.ui.velocity
;
maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol-saml.xml
浏览文件 @
a7033d7f
...
...
@@ -42,21 +42,31 @@
<bean
id=
"mapBasedStorageService"
class=
"org.opensaml.util.storage.MapBasedStorageService"
/>
<bean
id=
"replayCache"
class=
"org.opensaml.util.storage.ReplayCache"
>
<constructor-arg
ref=
"mapBasedStorageService"
/>
<constructor-arg
value=
"${config.saml.v20.replay.cache.life.in.millis}"
></constructor-arg>
</bean>
<bean
id=
"messageReplayRule"
class=
"org.opensaml.common.binding.security.MessageReplayRule"
>
<constructor-arg
ref=
"replayCache"
/>
</bean>
<bean
id=
"samlParserPool"
class=
"org.opensaml.xml.parse.BasicParserPool"
>
<property
name=
"maxPoolSize"
value=
"${config.saml.v20.max.parser.pool.size}"
/>
</bean>
<bean
id=
"OpenHTTPPostSimpleSignDecoder"
class=
"org.maxkey.authz.saml20.OpenHTTPPostSimpleSignDecoder"
>
<!-- Decoder -->
<bean
id=
"openHTTPPostSimpleSignDecoder"
class=
"org.maxkey.authz.saml20.binding.decoder.OpenHTTPPostSimpleSignDecoder"
>
<constructor-arg
ref=
"samlParserPool"
/>
<property
name=
"receiverEndpoint"
value=
"${config.saml.v20.idp.receiver.endpoint}"
/>
</bean>
<bean
id=
"openHTTPPostDecoder"
class=
"org.maxkey.authz.saml20.OpenHTTPPostDecoder"
>
<bean
id=
"openHTTPPostDecoder"
class=
"org.maxkey.authz.saml20.
binding.decoder.
OpenHTTPPostDecoder"
>
<constructor-arg
ref=
"samlParserPool"
/>
<property
name=
"receiverEndpoint"
value=
"${config.saml.v20.idp.receiver.endpoint}"
/>
</bean>
<bean
id=
"openHTTPRedirectDecoder"
class=
"org.maxkey.authz.saml20.OpenHTTPRedirectDecoder"
>
<bean
id=
"openHTTPRedirectDecoder"
class=
"org.maxkey.authz.saml20.
binding.decoder.
OpenHTTPRedirectDecoder"
>
<constructor-arg
ref=
"samlParserPool"
/>
<property
name=
"receiverEndpoint"
value=
"${config.saml.v20.idp.receiver.endpoint}"
/>
</bean>
...
...
@@ -69,19 +79,9 @@
</bean>
<bean
id=
"replayCache"
class=
"org.opensaml.util.storage.ReplayCache"
>
<constructor-arg
ref=
"mapBasedStorageService"
/>
<constructor-arg
value=
"${config.saml.v20.replay.cache.life.in.millis}"
></constructor-arg>
</bean>
<bean
id=
"messageReplayRule"
class=
"org.opensaml.common.binding.security.MessageReplayRule"
>
<constructor-arg
ref=
"replayCache"
/>
</bean>
<!-- Binding -->
<!-- ExtractPostBindingAdapter -->
<bean
id=
"extractPostBindingAdapter"
class=
"org.maxkey.authz.saml20.ExtractPostBindingAdapter"
>
<bean
id=
"extractPostBindingAdapter"
class=
"org.maxkey.authz.saml20.
binding.impl.
ExtractPostBindingAdapter"
>
<constructor-arg
ref=
"openHTTPPostDecoder"
/>
<property
name=
"keyStoreLoader"
ref=
"keyStoreLoader"
/>
<property
name=
"issueInstantRule"
ref=
"issueInstantRule"
/>
...
...
@@ -89,7 +89,7 @@
</bean>
<!-- ExtractRedirectBindingAdapter -->
<bean
id=
"extractRedirectBindingAdapter"
class=
"org.maxkey.authz.saml20.ExtractRedirectBindingAdapter"
>
<bean
id=
"extractRedirectBindingAdapter"
class=
"org.maxkey.authz.saml20.
binding.impl.
ExtractRedirectBindingAdapter"
>
<constructor-arg
ref=
"openHTTPRedirectDecoder"
/>
<property
name=
"keyStoreLoader"
ref=
"keyStoreLoader"
/>
<property
name=
"issueInstantRule"
ref=
"issueInstantRule"
/>
...
...
@@ -97,13 +97,13 @@
</bean>
<!-- PostBindingAdapter -->
<bean
id=
"postSimpleSignBindingAdapter"
class=
"org.maxkey.authz.saml20.PostSimpleSignBindingAdapter"
>
<bean
id=
"postSimpleSignBindingAdapter"
class=
"org.maxkey.authz.saml20.
binding.impl.
PostSimpleSignBindingAdapter"
>
<property
name=
"velocityEngine"
ref=
"velocityEngine"
/>
<property
name=
"issuerEntityName"
value=
"${config.saml.v20.idp.issuer}"
/>
</bean>
<!-- PostBindingAdapter -->
<bean
id=
"postBindingAdapter"
class=
"org.maxkey.authz.saml20.PostBindingAdapter"
>
<bean
id=
"postBindingAdapter"
class=
"org.maxkey.authz.saml20.
binding.impl.
PostBindingAdapter"
>
<property
name=
"velocityEngine"
ref=
"velocityEngine"
/>
<property
name=
"issuerEntityName"
ref=
"issuerEntityName"
/>
</bean>
...
...
@@ -126,7 +126,6 @@
<property
name=
"keystoreFile"
value=
"${config.saml.v20.idp.keystore}"
/>
</bean>
<bean
id=
"spKeyStoreLoader"
class=
"org.maxkey.crypto.keystore.KeyStoreLoader"
>
<property
name=
"entityName"
value=
"${config.saml.v20.sp.issuing.entity.id}"
/>
...
...
@@ -138,6 +137,7 @@
<constructor-arg
value=
"${config.saml.v20.sp.issuing.entity.id}"
/>
</bean>
<!-- Metadata -->
<bean
id=
"saml20Metadata"
class=
"org.maxkey.domain.Saml20Metadata"
>
<property
name=
"orgName"
value=
"${config.saml.v20.metadata.orgName}"
/>
<property
name=
"orgDisplayName"
value=
"${config.saml.v20.metadata.orgDisplayName}"
/>
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录