This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="https://sp.example.org/sp" entityID="https://sp.example.org/sp"> | |
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> | |
<md:KeyDescriptor use="signing"> | |
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> | |
<ds:X509Data> | |
<ds:X509Certificate> | |
MIIDUjCCAjqgAwIBAgIEUOLIQTANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQGEwJGSTEQMA4GA1UE | |
CBMHVXVzaW1hYTERMA8GA1UEBxMISGVsc2lua2kxGDAWBgNVBAoTD1JNNSBTb2Z0d2FyZSBPeTEM | |
MAoGA1UECwwDUiZEMQ8wDQYDVQQDEwZhcG9sbG8wHhcNMTMwMTAxMTEyODAxWhcNMjIxMjMwMTEy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"@class" : "org.jasig.cas.support.saml.services.SamlRegisteredService", | |
"serviceId" : "^https:\/\/sp\\.example\\.org.+", | |
"name" : "SAMLService", | |
"id" : 1001, | |
"evaluationOrder" : 10, | |
"metadataLocation" : "file://Users/thompsow/src/spring-sp/src/main/resources/metadata/sp-metadata.xml", | |
"attributeReleasePolicy" : { | |
"@class" : "org.jasig.cas.services.ReturnAllAttributeReleasePolicy", | |
"authorizedToReleaseCredentialPassword" : false, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2016-03-02 21:54:42,678 INFO [org.jasig.cas.support.saml.web.idp.profile.SSOPostProfileCallbackHandlerController] - <Received SAML callback profile request [/cas/idp/profile/SAML2/POST/SSO/Callback]> | |
2016-03-02 21:54:42,689 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN | |
============================================================= | |
WHO: audit:unknown | |
WHAT: ST-5-XMSjYl63edm0ofGHV9ct-cas.example.org | |
ACTION: SERVICE_TICKET_VALIDATED | |
APPLICATION: CAS | |
WHEN: Wed Mar 02 21:54:42 EST 2016 | |
CLIENT IP ADDRESS: 127.0.0.1 | |
SERVER IP ADDRESS: 127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package edu.internet2.middleware.grouper.changeLog; | |
import edu.internet2.middleware.grouper.*; | |
import edu.internet2.middleware.grouper.app.loader.GrouperLoaderConfig; | |
import edu.internet2.middleware.grouper.attr.AttributeDef; | |
import edu.internet2.middleware.grouper.attr.AttributeDefName; | |
import edu.internet2.middleware.grouper.attr.AttributeDefType; | |
import edu.internet2.middleware.grouper.attr.finder.AttributeDefFinder; | |
import edu.internet2.middleware.grouper.attr.finder.AttributeDefNameFinder; | |
import edu.internet2.middleware.grouper.cache.EhcacheController; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Grouper action: 1.0 Place a marker on a folder | |
Target outcome: add all the groups under that folder and any subfolder, and all the group memberships | |
Test 1.0.1: Marking a parent folder | |
1) setup folder structure with groups, sub folders, and groups in sub folders | |
2) place syncAttribute marker on parent folder | |
Outcome: | |
1) all groups within folder structure added to the target | |
GSH: | |
// Test 1.0.1 Marking a parent folder | |
gs = GrouperSession.startRootSession(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* These methods are expected to be overriden in a subclass that is specific to a provisioning target. (e.g. Google Apps) | |
*/ | |
protected void addGroup(Group group, ChangeLogEntry changeLogEntry, ChangeLogConsumerBaseImpl consumer) { | |
LOG.debug("{} addGroup {} dispatched but not implemented in subclass {}", consumerName, consumerClassName); | |
} | |
protected void updateGroup(Group group, ChangeLogEntry changeLogEntry, ChangeLogConsumerBaseImpl consumer) { | |
LOG.debug("{} updateGroup {} dispatched but not implemented in subclass {}", consumerName, consumerClassName); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Grouper action: 1.0 Place a marker on a folder | |
Target outcome: add all the groups under that folder and any subfolder, and all the group memberships | |
Test 1.0.1: Marking a parent folder | |
1) setup folder structure with groups, sub folders, and groups in sub folders | |
2) place syncAttribute marker on parent folder | |
Outcome: | |
1) all groups within folder structure added to the target | |
Grouper action: 1.1 Remove a marker from a folder |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
attributeAssign_addAttributeAssign { | |
/** | |
* On assignment of the syncAttribute marker, create all the groups or group (if directly assigned) | |
* and any current memberships at the target. | |
*/ | |
public void process(ChangeLogEntry changeLogEntry, ChangeLogConsumerBaseImpl consumer) { | |
// check if this is our syncAttribute, otherwise nothing to do. | |
final String attributeDefNameName = changeLogEntry.retrieveValueForLabel(ChangeLogLabels.ATTRIBUTE_ASSIGN_ADD.attributeDefNameName); | |
if (consumer.syncAttribute.getName().equals(attributeDefNameName)) { | |
// syncAttribute applied to a group, then create the group at the target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* If syncAttribute was applied to the group or one of the parent folders return true | |
* Method keeps an internal cache of results per run in markedFoldersAndGroups | |
* Will also check the PIT for recently deleted groups | |
*/ | |
private boolean isGroupMarkedForSync(String groupName) { | |
// have we seen this group already in this run | |
if (markedFoldersAndGroups.containsKey(groupName)) { | |
return markedFoldersAndGroups.get(groupName).equals(MARKED); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package edu.internet2.middleware.grouper.changeLog; | |
import edu.internet2.middleware.grouper.*; | |
import edu.internet2.middleware.grouper.app.loader.GrouperLoaderConfig; | |
import edu.internet2.middleware.grouper.attr.AttributeDef; | |
import edu.internet2.middleware.grouper.attr.AttributeDefName; | |
import edu.internet2.middleware.grouper.attr.AttributeDefType; | |
import edu.internet2.middleware.grouper.attr.finder.AttributeDefFinder; | |
import edu.internet2.middleware.grouper.attr.finder.AttributeDefNameFinder; | |
import edu.internet2.middleware.grouper.changeLog.ChangeLogConsumerBase; |
NewerOlder