0 Replies Latest reply: Mar 13, 2013 1:57 PM by 996652 RSS

    Retrieving SAML 2 custom principal in Subject

    996652
      This is very similar to post (Re: Weblogic saml2 Custom Principal cannot be added to the subject Here are the details:

      Using Weblogic 10.3.6 as Service Provider -

      1. set up Named Mapped Class to use custom class implementing SAML2IdentityAsserterNameMapper & SAML2IdentityAsserterAttributeMapper
      2. In the mapAttributeInfo() method - we create instances of a custom Principle class that extends WLSAbstractPrincipal and implements WLSUser. (see below)
      3. Assuming step #2 would add the attributes to the Subject - we have a jsp on the client side that iterates through the Principles. In our case - they are missing.
      4. ? Why aren't they available in Subject?

      Thanks in advance for any help.

      Code: Named Mapped Class Impl

           public Collection<Principal> mapAttributeInfo(
                     Collection<SAML2AttributeStatementInfo> attrStmtInfos,
                     ContextHandler contextHandler) {
                
                System.out
                .println("CustomIAAttributeMapperImpl: calling mapAttributeInfo method!!!!!!");
                
                if (attrStmtInfos == null || attrStmtInfos.size() == 0) {
                     System.out
                     .println("CustomIAAttributeMapperImpl: attrStmtInfos has no elements");
                     return null;
                }
                
                Collection<Principal> pals = new ArrayList<Principal>();

                for (SAML2AttributeStatementInfo stmtInfo : attrStmtInfos) {
                     Collection<SAML2AttributeInfo> attrs = stmtInfo.getAttributeInfo();
                     if (attrs == null || attrs.size() == 0) {
                          System.out
                          .println("CustomIAAttributeMapperImpl: no attribute in statement: "
                                    + stmtInfo.toString());
                     } else {
                          for (SAML2AttributeInfo attr : attrs) {
                               CustomPrincipal pal = new CustomPrincipal(attr
                                         .getAttributeName());
                               pal.setCollection(attr.getAttributeValues());
                               System.out
                               .println("CustomIAAttributeMapperImpl: attribute name:value is... " +
                                         attr.getAttributeName() + ":" + attr.getAttributeValues());
                               pals.add(pal);
                          }
                     }
                }
                return pals;
           }

      Code: Custom Principal
      public class CustomPrincipal extends WLSAbstractPrincipal implements WLSUser{
           private String commonName;
           private Collection collection;
           public CustomPrincipal(String name, String string, Collection<String> collection) {
                super();
                // Feed the WLSAbstractPrincipal.name. Mandatory
                this.setName(name);
                this.setCommonName(name);
                this.setCollection(collection);
                }
           public CustomPrincipal() {
                super();
                }
           public CustomPrincipal(String commonName) {
                super();
                this.setName(commonName);
                this.setCommonName(commonName);
                }
           
           public void setCommonName(String commonName) {
                // Feed the WLSAbstractPrincipal.name. Mandatory
                super.setName(commonName);
                this.commonName = commonName;
                System.out.println("Custom Principle name is ..." + this.getName());
                System.out.println("Custom Principle commonName is " + this.commonName);
                
                }
           public Collection getCollection() {
                return collection;
           }
           public void setCollection(Collection collection) {
                this.collection = collection;
                System.out.println("set collection in CustomPrinciple!");
                if(collection != null && collection.size()>0){
                     for (Iterator iterator = collection.iterator(); iterator.hasNext();) {
                final String value = (String) iterator.next();
                System.out.println("collection value is ..." + value);
                }
                }
           }
           @Override
           public int hashCode() {
                final int prime = 31;
                int result = super.hashCode();
                result = prime * result + ((collection == null) ? 0 : collection.hashCode());
                result = prime * result + ((commonName == null) ? 0 : commonName.hashCode());
                return result;
           }
           @Override
           public boolean equals(Object obj) {
                if (this == obj)
                     return true;
                if (!super.equals(obj))
                     return false;
                if (getClass() != obj.getClass())
                     return false;
                CustomPrincipal other = (CustomPrincipal) obj;
                if (collection == null) {
                     if (other.collection != null)
                          return false;
                } else if (!collection.equals(other.collection))
                     return false;
                if (commonName == null) {
                     if (other.commonName != null)
                          return false;
                } else if (!commonName.equals(other.commonName))
                     return false;
                return true;
           }
           
      }

      JSP Page snippet:
                     Subject sub = weblogic.security.Security.getCurrentSubject();
                     Set allPrivatePrincipals = sub.getPrivateCredentials();
                     Set allPublicPrincipals = sub.getPublicCredentials();
                     
                     Set<Principal> allPrincipals = sub.getPrincipals();
                     for (Principal principal : allPrincipals) {
                          System.out.println("all principles loop..." + principal.getClass().getName());
                     }
                     
                     System.out.println("private loop");
                     for (Object privatePrincipal : allPrivatePrincipals) {
                          System.out.println("private loop..." + privatePrincipal.getClass().getName());
                     }

                     System.out.println("public loop");
                     for (Object publicPrincipal : allPublicPrincipals) {
                          System.out.println("public loop..." + publicPrincipal.getClass().getName());
                     }