Skip to content

Commit

Permalink
Bring dk_wayf channel up to date with conventions. Add eduGAIN suppor…
Browse files Browse the repository at this point in the history 
…t for dk_wayf.
  • Loading branch information
@iay
iay committed Feb 26, 2013
1 parent 898834b commit 09dd005
Show file tree
Hide file tree
Showing 4 changed files with 170 additions and 18 deletions.
4 changes: 3 additions & 1 deletion build.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -862,7 +862,6 @@
depends="flow.importEdugain.all, flow.importProduction.all">
<CHANNEL.import channel="at_aconet"/>
<CHANNEL.import channel="au_aaf"/>
<CHANNEL.import channel="dk_wayf"/>
<CHANNEL.import channel="eu_clarin"/>
<CHANNEL.import channel="fr_renater"/>
<CHANNEL.import channel="ie_edugate"/>
Expand Down Expand Up @@ -891,6 +890,7 @@
<CHANNEL.do verb="importProduction" channel="ch_switchaai"/>
<CHANNEL.do verb="importProduction" channel="cz_eduid"/>
<CHANNEL.do verb="importProduction" channel="de_dfnaai"/>
<CHANNEL.do verb="importProduction" channel="dk_wayf"/>
<CHANNEL.do verb="importProduction" channel="es_sir"/>
<CHANNEL.do verb="importProduction" channel="fi_haka"/>
<CHANNEL.do verb="importProduction" channel="gr_grnet"/>
Expand All @@ -916,6 +916,7 @@
<CHANNEL.do verb="importEdugain" channel="ch_switchaai"/>
<CHANNEL.do verb="importEdugain" channel="cz_eduid"/>
<CHANNEL.do verb="importEdugain" channel="de_dfnaai"/>
<CHANNEL.do verb="importEdugain" channel="dk_wayf"/>
<CHANNEL.do verb="importEdugain" channel="es_sir"/>
<CHANNEL.do verb="importEdugain" channel="fi_haka"/>
<CHANNEL.do verb="importEdugain" channel="gr_grnet"/>
Expand All @@ -940,6 +941,7 @@
<CHANNEL.do verb="importEdugainRaw" channel="ch_switchaai"/>
<CHANNEL.do verb="importEdugainRaw" channel="cz_eduid"/>
<CHANNEL.do verb="importEdugainRaw" channel="de_dfnaai"/>
<CHANNEL.do verb="importEdugainRaw" channel="dk_wayf"/>
<CHANNEL.do verb="importEdugainRaw" channel="es_sir"/>
<CHANNEL.do verb="importEdugainRaw" channel="fi_haka"/>
<CHANNEL.do verb="importEdugainRaw" channel="gr_grnet"/>
Expand Down
114 changes: 109 additions & 5 deletions mdx/dk_wayf/beans.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,19 @@
http://wayf.dk/en/institutions/metadata
-->

<!--
Location of various resources.
-->
<bean id="dk_wayf_productionIdpMetadata_url" class="java.lang.String">
<constructor-arg value="https://wayf.wayf.dk/saml2/idp/metadata.php"/>
</bean>
<bean id="dk_wayf_productionSpMetadata_url" class="java.lang.String">
<constructor-arg value="https://wayf.wayf.dk/module.php/saml/sp/metadata.php/wayf.wayf.dk"/>
</bean>
<bean id="dk_wayf_edugainAggregate_url" class="java.lang.String">
<constructor-arg value="https://metadata.wayf.dk/wayf-edugain-metadata.xml"/>
</bean>

<!--
Fetch the IdP metadata.
-->
Expand All @@ -25,7 +38,7 @@
<property name="domResource">
<bean class="net.shibboleth.utilities.java.support.httpclient.HttpResource">
<constructor-arg name="client" ref="httpClient"/>
<constructor-arg name="url" value="https://wayf.wayf.dk/saml2/idp/metadata.php"/>
<constructor-arg name="url" ref="dk_wayf_productionIdpMetadata_url"/>
</bean>
</property>
</bean>
Expand All @@ -38,7 +51,7 @@
<property name="domResource">
<bean class="net.shibboleth.utilities.java.support.httpclient.HttpResource">
<constructor-arg name="client" ref="httpClient"/>
<constructor-arg name="url" value="https://wayf.wayf.dk/module.php/saml/sp/metadata.php/wayf.wayf.dk"/>
<constructor-arg name="url" ref="dk_wayf_productionSpMetadata_url"/>
</bean>
</property>
</bean>
Expand All @@ -57,11 +70,68 @@
</bean>
</property>
</bean>

<!--
Synthesise a production aggregate.
-->
<bean id="dk_wayf_productionAggregate" parent="composite_parent"
p:id="dk_wayf_productionAggregate">
<property name="composedStages">
<list>
<!-- BIRK proxy metadata aggregate -->
<ref bean="dk_wayf_birkMetadata"/>
<ref bean="disassemble"/>

<!-- hub singleton IdP and SP metadata -->
<ref bean="dk_wayf_idpMetadata"/>
<ref bean="dk_wayf_spMetadata"/>

<!-- put them together -->
<ref bean="assemble"/>
</list>
</property>
</bean>

<!--
Fetch the eduGAIN export aggregate.
-->
<bean id="dk_wayf_edugainAggregate" parent="domResourceStage_parent"
p:id="dk_wayf_edugainAggregate">
<property name="domResource">
<bean class="net.shibboleth.utilities.java.support.httpclient.HttpResource">
<constructor-arg name="client" ref="httpClient"/>
<constructor-arg name="url" ref="dk_wayf_edugainAggregate_url"/>
</bean>
</property>
</bean>

<!--
Signing certificate.
This one is used to sign the eduGAIN aggregate.
-->
<bean id="dk_wayf_signingCertificate" class="net.shibboleth.ext.spring.factory.X509CertificateFactoryBean">
<property name="certificateFile">
<bean class="java.io.File">
<constructor-arg value="#{ systemProperties['basedir'] }/mdx/dk_wayf/metadata-signer.crt"/>
</bean>
</property>
</bean>

<!--
Fetch and process the exported entities as a collection.
Check signing signature.
-->
<bean id="dk_wayf_exportedEntities" parent="composite_parent"
p:id="dk_wayf_exportedEntities">
<bean id="dk_wayf_checkSignature" parent="stage_parent"
class="net.shibboleth.metadata.dom.XMLSignatureValidationStage"
p:id="dk_wayf_checkSignature">
<property name="verificationCertificate" ref="dk_wayf_signingCertificate"/>
</bean>

<!--
Fetch and process the production entities as a collection.
-->
<bean id="dk_wayf_productionEntities" parent="composite_parent"
p:id="dk_wayf_productionEntities">
<property name="composedStages">
<list>
<!-- BIRK proxy metadata aggregate -->
Expand All @@ -81,4 +151,38 @@
</property>
</bean>

<!--
Fetch and process the eduGAIN export entities as a collection.
-->
<bean id="dk_wayf_edugainEntities" parent="composite_parent"
p:id="dk_wayf_edugainEntities">
<property name="composedStages">
<list>
<ref bean="dk_wayf_edugainAggregate"/>

<!--
Check for fatal errors at the aggregate level:
missing or expired validUntil attribute
invalid signature
-->
<ref bean="check_validUntil"/>
<ref bean="dk_wayf_checkSignature"/>
<ref bean="errorTerminatingFilter"/>

<ref bean="disassemble"/>

<ref bean="standardImportActions"/>

<!-- Strip all entity attributes from this source. -->
<ref bean="stripMdattrNamespace"/>

</list>
</property>
</bean>

<!--
Select primary export aggregate.
-->
<alias alias="dk_wayf_exportedAggregate" name="dk_wayf_edugainAggregate"/>
<alias alias="dk_wayf_exportedEntities" name="dk_wayf_edugainEntities"/>
</beans>
30 changes: 30 additions & 0 deletions mdx/dk_wayf/metadata-signer.crt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIDCUBhMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew
HhcNMTIxMTE3MTUyODQ3WhcNMTYxMTIwMDkzNzAxWjCBvzEpMCcGA1UEBRMgcHM0
YVM5MW5FM2NBdmhtNGdwMC85N2JQdlB3c2lJZU0xEzARBgNVBAsTCkdUODU1NDI5
MTUxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291cmNlcy9jcHMg
KGMpMTIxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRlZCAtIFJhcGlk
U1NMKFIpMRkwFwYDVQQDExBtZXRhZGF0YS53YXlmLmRrMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxr6rbSatSuukWVaqvA6sy63sbxaDa+1m8V0y7f9T
alphmsdqJhI+MwsBLg0PPUo0K7H/iWmhmeUNtVyUGll3xGCjaYLNXaJkazxGguCj
lhS0nDpCuzEUAIMfaMNWhIXclVqio6qQSh66Nfdz+olCLO5nkImaRq2woLSedYFz
pahnQB7OhLmtIeQBM3SsaHdw5Yq9CRxXkMmTu2mWv1KTkqcYDeZraRDfIEeIeGty
38AEDLqhH/ouvUFkLJ9KwZuUgOzZ4XO7nyRlSx+XNuPwLgpm9b5M86MuKWjg292E
qvBwK/rFmLYPbdjtmj4xIEghotxBhtS/qXIRXYQbmmRSHwIDAQABo4IBqzCCAacw
HwYDVR0jBBgwFoAUa2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHREEFDASghBtZXRh
ZGF0YS53YXlmLmRrMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9yYXBpZHNzbC1j
cmwuZ2VvdHJ1c3QuY29tL2NybHMvcmFwaWRzc2wuY3JsMB0GA1UdDgQWBBRBNLAB
9YBysFSki3QR66tKuRcclTAMBgNVHRMBAf8EAjAAMHgGCCsGAQUFBwEBBGwwajAt
BggrBgEFBQcwAYYhaHR0cDovL3JhcGlkc3NsLW9jc3AuZ2VvdHJ1c3QuY29tMDkG
CCsGAQUFBzAChi1odHRwOi8vcmFwaWRzc2wtYWlhLmdlb3RydXN0LmNvbS9yYXBp
ZHNzbC5jcnQwTAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEW
JWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJKoZIhvcN
AQEFBQADggEBAD77vs/Ja1nUPS+spCnuhs2XMc5mKEzjl34czaWYHl16jY89kKju
YrOjm5JcXa1rOjtiSwEUP+TT67ZIGZKOZIfapklJJWIKk39XiwJAlDnerfpSGHj5
4cbi4B4KFxInLnnKcRCK+6/yrxved1zKVzFyAk23ZVrWtrmZbHCev0XVglOJQ0fC
o6CKe9W3dxir/sQ+HTeX/Z9mPqKEecrjq9/sXDGfEnFx5skzG+yith0f8APAK4hz
NHS0TDt1nO74APvHJWXJqjWM6qP2LNEYxpjikACo9AI2g0bjaKn/Z0GFtQSisgw5
/VSJ96L0H0lAjYJ6HVu78Joxsjqsd6gDW5A=
-----END CERTIFICATE-----
40 changes: 28 additions & 12 deletions mdx/dk_wayf/verbs.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@
</property>
</bean>

<bean id="import" parent="pipeline_parent"
p:id="import">
<bean id="importProduction" parent="pipeline_parent"
p:id="importProduction">
<property name="stages">
<list>
<ref bean="dk_wayf_exportedEntities"/>
Expand All @@ -41,21 +41,37 @@
</property>
</bean>

<!--
importRaw
Fetch the separate IdP and SP aggregates, disassemble them into individual entities
and then build up a single aggregate from all combined.
-->
<bean id="importRaw" parent="pipeline_parent"
p:id="importRaw">
<bean id="importProductionRaw" parent="pipeline_parent"
p:id="importProductionRaw">
<property name="stages">
<list>
<ref bean="dk_wayf_productionAggregate"/>
<ref bean="serializeImported"/>
</list>
</property>
</bean>

<bean id="importEdugain" parent="pipeline_parent"
p:id="importEdugain">
<property name="stages">
<list>
<ref bean="dk_wayf_edugainEntities"/>
<ref bean="standardImportTail"/>
<ref bean="serializeImported"/>
</list>
</property>
</bean>

<bean id="importEdugainRaw" parent="pipeline_parent"
p:id="importEdugainRaw">
<property name="stages">
<list>
<ref bean="dk_wayf_idpMetadata"/>
<ref bean="assemble"/>
<ref bean="dk_wayf_edugainAggregate"/>
<ref bean="serializeImported"/>
</list>
</property>
</bean>

<alias alias="import" name="importEdugain"/>
<alias alias="importRaw" name="importEdugainRaw"/>
</beans>

0 comments on commit 09dd005

Please sign in to comment.