From f40a58978d1cfd81f66061de190d08b09c0ab562 Mon Sep 17 00:00:00 2001
From: eraviart <>
Date: Thu, 12 Aug 2004 19:42:17 +0000
Subject: [PATCH] Modified Liberty metadata files, so that the Liberty Alliance
servers use non priviliged ports.
Moved all metadata files in tests/data.
---
config-liberty-alliance.xml | 12 +++----
src/modules/libertyalliance.py | 30 +++++++++-------
tests/data/idp1-la/metadata.xml | 19 ++++++++++
.../data/idp2-la}/metadata.xml | 15 +++++---
tests/data/idp3-la/metadata.xml | 19 ++++++++++
tests/data/idp4-la/metadata.xml | 19 ++++++++++
tests/data/lecp1-la/metadata.xml | 36 +++++++++++++++++++
tests/data/lecp2-la/metadata.xml | 36 +++++++++++++++++++
tests/data/lecp3-la/metadata.xml | 36 +++++++++++++++++++
tests/data/lecp4-la/metadata.xml | 36 +++++++++++++++++++
tests/data/sp1-la/metadata.xml | 20 +++++++++++
.../data/sp2-la}/metadata.xml | 18 ++++++----
tests/data/sp3-la/metadata.xml | 20 +++++++++++
tests/data/sp4-la/metadata.xml | 20 +++++++++++
.../liberty-alliance/liberty-alliance.xml | 3 +-
.../service-providers/sp2-metadata.xml | 14 --------
.../identity-providers/idp2-metadata.xml | 14 --------
.../liberty-alliance/liberty-alliance.xml | 3 +-
18 files changed, 308 insertions(+), 62 deletions(-)
create mode 100644 tests/data/idp1-la/metadata.xml
rename {vhosts/identity-provider/liberty-alliance => tests/data/idp2-la}/metadata.xml (52%)
create mode 100644 tests/data/idp3-la/metadata.xml
create mode 100644 tests/data/idp4-la/metadata.xml
create mode 100644 tests/data/lecp1-la/metadata.xml
create mode 100644 tests/data/lecp2-la/metadata.xml
create mode 100644 tests/data/lecp3-la/metadata.xml
create mode 100644 tests/data/lecp4-la/metadata.xml
create mode 100644 tests/data/sp1-la/metadata.xml
rename {vhosts/service-provider/liberty-alliance => tests/data/sp2-la}/metadata.xml (51%)
create mode 100644 tests/data/sp3-la/metadata.xml
create mode 100644 tests/data/sp4-la/metadata.xml
delete mode 100644 vhosts/identity-provider/liberty-alliance/service-providers/sp2-metadata.xml
delete mode 100644 vhosts/service-provider/liberty-alliance/identity-providers/idp2-metadata.xml
diff --git a/config-liberty-alliance.xml b/config-liberty-alliance.xml
index c1408d8..9ffd8b1 100644
--- a/config-liberty-alliance.xml
+++ b/config-liberty-alliance.xml
@@ -26,8 +26,7 @@
- 127.0.0.3
- 80
+ 1999
idp2
Identity Provider
vhosts/identity-provider/
@@ -35,8 +34,7 @@
- 127.0.0.3
- 443
+ 2000
idp2
Identity Provider
vhosts/identity-provider/
@@ -46,8 +44,7 @@
- 127.0.0.7
- 80
+ 2007
sp2
Service Provider
vhosts/service-provider/
@@ -55,8 +52,7 @@
- 127.0.0.7
- 443
+ 2008
sp2
Service Provider
vhosts/service-provider/
diff --git a/src/modules/libertyalliance.py b/src/modules/libertyalliance.py
index 926e4db..6c2f201 100644
--- a/src/modules/libertyalliance.py
+++ b/src/modules/libertyalliance.py
@@ -508,17 +508,23 @@ You have been succesfully authenticated; click ok to go back to the service prov
return self._lassoServerDump
def getMetadata(self):
- directoryHolder = self.getDataHolder().getUriPrevious()
- try:
- metadataHolder = directoryHolder.walkToLocation(
- directoryHolder.getSubPathInternUri("metadata.xml"))
- except faults.PathNotFound:
+ nodes = self.evaluateXpath("yep:metadata/@src")
+ if not nodes:
return None
+ location = nodes[0].content.strip()
+ metadataAbsolutePath = self.convertRelativeLocationToAbsolutePath(location)
+ metadataHolder = dataholders.DataHolder(
+ pathFragment = metadataAbsolutePath, mimeType = "text/xml", isRootElder = True,
+ containedFileSystem = filesystems.PartialFileSystem(metadataAbsolutePath))
return metadataHolder.getRootElement()
def getMetadataFilePath(self):
- location = "metadata.xml"
- return self.convertRelativeLocationToAbsolutePath(location)
+ nodes = self.evaluateXpath("yep:metadata/@src")
+ if nodes:
+ location = nodes[0].content.strip()
+ return self.convertRelativeLocationToAbsolutePath(location)
+ else:
+ return None
def getPeerCertificationAuthorityCertificateFilePath(self):
nodes = self.evaluateXpath("yep:peerCACertificateFile")
@@ -534,12 +540,10 @@ You have been succesfully authenticated; click ok to go back to the service prov
if not nodes:
return None
location = nodes[0].content.strip()
- directoryHolder = self.getDataHolder().getUriPrevious()
- try:
- metadataHolder = directoryHolder.walkToLocation(
- directoryHolder.getSubPathInternUri(location))
- except faults.PathNotFound:
- return None
+ metadataAbsolutePath = self.convertRelativeLocationToAbsolutePath(location)
+ metadataHolder = dataholders.DataHolder(
+ pathFragment = metadataAbsolutePath, mimeType = "text/xml", isRootElder = True,
+ containedFileSystem = filesystems.PartialFileSystem(metadataAbsolutePath))
return metadataHolder.getRootElement()
def getPeerMetadataFilePath(self):
diff --git a/tests/data/idp1-la/metadata.xml b/tests/data/idp1-la/metadata.xml
new file mode 100644
index 0000000..6fd8b8d
--- /dev/null
+++ b/tests/data/idp1-la/metadata.xml
@@ -0,0 +1,19 @@
+
+
+
+
+ https://idp1:1998/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+
+ https://idp1:1998/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://idp1:1998/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://idp1:1998/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
diff --git a/vhosts/identity-provider/liberty-alliance/metadata.xml b/tests/data/idp2-la/metadata.xml
similarity index 52%
rename from vhosts/identity-provider/liberty-alliance/metadata.xml
rename to tests/data/idp2-la/metadata.xml
index 667667e..bbd44e2 100644
--- a/vhosts/identity-provider/liberty-alliance/metadata.xml
+++ b/tests/data/idp2-la/metadata.xml
@@ -3,12 +3,17 @@
providerID="https://idp2/liberty-alliance/metadata"
xmlns="urn:liberty:metadata:2003-08">
- https://idp2/liberty-alliance/liberty-alliance/singleLogout
- http://projectliberty.org/profiles/rni-sp-http
- https://idp2/liberty-alliance/liberty-alliance/soapEndpoint
- https://idp2/liberty-alliance/liberty-alliance/singleSignOn
+
+ https://idp2:2000/liberty-alliance/liberty-alliance/singleSignOn
http://projectliberty.org/profiles/sso-get
+
+ https://idp2:2000/liberty-alliance/liberty-alliance/singleLogout
http://projectliberty.org/profiles/slo-idp-soap
- https://idp2/liberty-alliance/liberty-alliance/registerNameIdentifier
+
+ https://idp2:2000/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://idp2:2000/liberty-alliance/liberty-alliance/soapEndpoint
+
diff --git a/tests/data/idp3-la/metadata.xml b/tests/data/idp3-la/metadata.xml
new file mode 100644
index 0000000..a2d6ce1
--- /dev/null
+++ b/tests/data/idp3-la/metadata.xml
@@ -0,0 +1,19 @@
+
+
+
+
+ https://idp3:2002/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+
+ https://idp3:2002/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://idp3:2002/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://idp3:2002/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
diff --git a/tests/data/idp4-la/metadata.xml b/tests/data/idp4-la/metadata.xml
new file mode 100644
index 0000000..ac51c10
--- /dev/null
+++ b/tests/data/idp4-la/metadata.xml
@@ -0,0 +1,19 @@
+
+
+
+
+ https://idp4:2004/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+
+ https://idp4:2004/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://idp4:2004/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://idp4:2004/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
diff --git a/tests/data/lecp1-la/metadata.xml b/tests/data/lecp1-la/metadata.xml
new file mode 100644
index 0000000..c0b967d
--- /dev/null
+++ b/tests/data/lecp1-la/metadata.xml
@@ -0,0 +1,36 @@
+
+
+
+
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+ https://lecp1:2014/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
+
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://lecp1:2014/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
+
diff --git a/tests/data/lecp2-la/metadata.xml b/tests/data/lecp2-la/metadata.xml
new file mode 100644
index 0000000..afe05ae
--- /dev/null
+++ b/tests/data/lecp2-la/metadata.xml
@@ -0,0 +1,36 @@
+
+
+
+
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+ https://lecp2:2016/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
+
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://lecp2:2016/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
+
diff --git a/tests/data/lecp3-la/metadata.xml b/tests/data/lecp3-la/metadata.xml
new file mode 100644
index 0000000..c9afc80
--- /dev/null
+++ b/tests/data/lecp3-la/metadata.xml
@@ -0,0 +1,36 @@
+
+
+
+
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+ https://lecp3:2018/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
+
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://lecp3:2018/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
+
diff --git a/tests/data/lecp4-la/metadata.xml b/tests/data/lecp4-la/metadata.xml
new file mode 100644
index 0000000..b552b35
--- /dev/null
+++ b/tests/data/lecp4-la/metadata.xml
@@ -0,0 +1,36 @@
+
+
+
+
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/singleSignOn
+ http://projectliberty.org/profiles/sso-get
+ https://lecp4:2020/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-http
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/soapEndpoint
+
+
+
+
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://lecp4:2020/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
+
diff --git a/tests/data/sp1-la/metadata.xml b/tests/data/sp1-la/metadata.xml
new file mode 100644
index 0000000..8269e5d
--- /dev/null
+++ b/tests/data/sp1-la/metadata.xml
@@ -0,0 +1,20 @@
+
+
+
+
+ https://sp1:2006/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://sp1:2006/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://sp1:2006/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://sp1:2006/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
diff --git a/vhosts/service-provider/liberty-alliance/metadata.xml b/tests/data/sp2-la/metadata.xml
similarity index 51%
rename from vhosts/service-provider/liberty-alliance/metadata.xml
rename to tests/data/sp2-la/metadata.xml
index f99739e..4568c0e 100644
--- a/vhosts/service-provider/liberty-alliance/metadata.xml
+++ b/tests/data/sp2-la/metadata.xml
@@ -3,12 +3,18 @@
providerID="https://sp2/liberty-alliance/metadata"
xmlns="urn:liberty:metadata:2003-08">
- https://sp2/liberty-alliance/liberty-alliance/singleLogout
- http://projectliberty.org/profiles/rni-sp-soap
- https://sp2/liberty-alliance/liberty-alliance/soapEndpoint
+
+ https://sp2:2008/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://sp2:2008/liberty-alliance/liberty-alliance/singleLogout
http://projectliberty.org/profiles/slo-idp-soap
- https://sp2/liberty-alliance/liberty-alliance/registerNameIdentifier
- https://sp2/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://sp2:2008/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://sp2:2008/liberty-alliance/liberty-alliance/soapEndpoint
+
true
-
+
+
diff --git a/tests/data/sp3-la/metadata.xml b/tests/data/sp3-la/metadata.xml
new file mode 100644
index 0000000..73a393f
--- /dev/null
+++ b/tests/data/sp3-la/metadata.xml
@@ -0,0 +1,20 @@
+
+
+
+
+ https://sp3:2010/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://sp3:2010/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://sp3:2010/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://sp3:2010/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
diff --git a/tests/data/sp4-la/metadata.xml b/tests/data/sp4-la/metadata.xml
new file mode 100644
index 0000000..30a7ff2
--- /dev/null
+++ b/tests/data/sp4-la/metadata.xml
@@ -0,0 +1,20 @@
+
+
+
+
+ https://sp4:2012/liberty-alliance/liberty-alliance/assertionConsumer
+
+ https://sp4:2012/liberty-alliance/liberty-alliance/singleLogout
+ http://projectliberty.org/profiles/slo-idp-soap
+
+ https://sp4:2012/liberty-alliance/liberty-alliance/registerNameIdentifier
+ http://projectliberty.org/profiles/rni-sp-soap
+
+ https://sp4:2012/liberty-alliance/liberty-alliance/soapEndpoint
+
+ true
+
+
+
diff --git a/vhosts/identity-provider/liberty-alliance/liberty-alliance.xml b/vhosts/identity-provider/liberty-alliance/liberty-alliance.xml
index 4592624..9f4d5c9 100644
--- a/vhosts/identity-provider/liberty-alliance/liberty-alliance.xml
+++ b/vhosts/identity-provider/liberty-alliance/liberty-alliance.xml
@@ -1,9 +1,10 @@
+
../../../tests/data/idp2-la/private-key-raw.pem
../../../tests/data/idp2-la/public-key.pem
../../../tests/data/idp2-la/certificate.pem
-
+
../../../tests/data/sp2-la/public-key.pem
../../../tests/data/ca2-la/certificate.pem
diff --git a/vhosts/identity-provider/liberty-alliance/service-providers/sp2-metadata.xml b/vhosts/identity-provider/liberty-alliance/service-providers/sp2-metadata.xml
deleted file mode 100644
index f99739e..0000000
--- a/vhosts/identity-provider/liberty-alliance/service-providers/sp2-metadata.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
- https://sp2/liberty-alliance/liberty-alliance/singleLogout
- http://projectliberty.org/profiles/rni-sp-soap
- https://sp2/liberty-alliance/liberty-alliance/soapEndpoint
- http://projectliberty.org/profiles/slo-idp-soap
- https://sp2/liberty-alliance/liberty-alliance/registerNameIdentifier
- https://sp2/liberty-alliance/liberty-alliance/assertionConsumer
- true
-
-
diff --git a/vhosts/service-provider/liberty-alliance/identity-providers/idp2-metadata.xml b/vhosts/service-provider/liberty-alliance/identity-providers/idp2-metadata.xml
deleted file mode 100644
index 667667e..0000000
--- a/vhosts/service-provider/liberty-alliance/identity-providers/idp2-metadata.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
- https://idp2/liberty-alliance/liberty-alliance/singleLogout
- http://projectliberty.org/profiles/rni-sp-http
- https://idp2/liberty-alliance/liberty-alliance/soapEndpoint
- https://idp2/liberty-alliance/liberty-alliance/singleSignOn
- http://projectliberty.org/profiles/sso-get
- http://projectliberty.org/profiles/slo-idp-soap
- https://idp2/liberty-alliance/liberty-alliance/registerNameIdentifier
-
-
diff --git a/vhosts/service-provider/liberty-alliance/liberty-alliance.xml b/vhosts/service-provider/liberty-alliance/liberty-alliance.xml
index a7d786a..2e01567 100644
--- a/vhosts/service-provider/liberty-alliance/liberty-alliance.xml
+++ b/vhosts/service-provider/liberty-alliance/liberty-alliance.xml
@@ -1,9 +1,10 @@
+
../../../tests/data/sp2-la/private-key-raw.pem
../../../tests/data/sp2-la/public-key.pem
../../../tests/data/sp2-la/certificate.pem
-
+
../../../tests/data/idp2-la/public-key.pem
../../../tests/data/ca2-la/certificate.pem