forked from Governance/overlord-commons
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial checkin of an IDP for Overlord.
- Loading branch information
1 parent
e399753
commit decbc33
Showing
25 changed files
with
9,919 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
/.settings | ||
/.project | ||
/target | ||
/.metadata | ||
/RemoteSystemsTempFiles |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,61 @@ | ||
overlord-commons | ||
================ | ||
# Overlord Common Components | ||
|
||
Common/shared Overlord components. | ||
## Summary | ||
|
||
This is the official Git repository for common components used/shared by the various Overlord sub-projects. | ||
|
||
## Get the code | ||
|
||
The easiest way to get started with the code is to [create your own fork](http://help.github.com/forking/) of this repository, and then clone your fork: | ||
|
||
$ git clone git@github.com:<you>/overlord-commons.git | ||
$ cd overlord-commons | ||
$ git remote add upstream git://github.com/Governance/overlord-commons.git | ||
|
||
At any time, you can pull changes from the upstream and merge them onto your master: | ||
|
||
$ git checkout master # switches to the 'master' branch | ||
$ git pull upstream master # fetches all 'upstream' changes and merges 'upstream/master' onto your 'master' branch | ||
$ git push origin # pushes all the updates to your fork, which should be in-sync with 'upstream' | ||
|
||
The general idea is to keep your 'master' branch in-sync with the 'upstream/master'. | ||
|
||
## Building Overlord Commons | ||
|
||
We use Maven 3.x to build our software. The following command compiles all the code, installs the JARs into your local Maven repository, and runs all of the unit tests: | ||
|
||
$ mvn clean install | ||
|
||
## Contribute fixes and features | ||
|
||
Overlord Commons is open source, and we welcome anybody who wants to participate and contribute! | ||
|
||
If you want to fix a bug or make any changes, please log an issue in the [Overlord Commons JIRA](http://issues.jboss.org/browse/SOAG) describing the bug | ||
or new feature. Then we highly recommend making the changes on a topic branch named with the JIRA issue number. For example, this command creates | ||
a branch for the SOAG-1234 issue: | ||
|
||
$ git checkout -b soag-1234 | ||
|
||
After you're happy with your changes and a full build (with unit tests) runs successfully, commit your changes on your topic branch | ||
(using [really good comments](http://community.jboss.org/wiki/OverlordDevelopmentGuidelines#Commits)). Then it's time to check for | ||
and pull any recent changes that were made in the official repository: | ||
|
||
$ git checkout master # switches to the 'master' branch | ||
$ git pull upstream master # fetches all 'upstream' changes and merges 'upstream/master' onto your 'master' branch | ||
$ git checkout soag-1234 # switches to your topic branch | ||
$ git rebase master # reapplies your changes on top of the latest in master | ||
(i.e., the latest from master will be the new base for your changes) | ||
|
||
If the pull grabbed a lot of changes, you should rerun your build to make sure your changes are still good. | ||
You can then either [create patches](http://progit.org/book/ch5-2.html) (one file per commit, saved in `~/soag-1234`) with | ||
|
||
$ git format-patch -M -o ~/soag-1234 orgin/master | ||
|
||
and upload them to the JIRA issue, or you can push your topic branch and its changes into your public fork repository | ||
|
||
$ git push origin soag-1234 # pushes your topic branch into your public fork of Overlord Commons | ||
|
||
and [generate a pull-request](http://help.github.com/pull-requests/) for your changes. | ||
|
||
We prefer pull-requests, because we can review the proposed changes, comment on them, | ||
discuss them with you, and likely merge the changes right into the official repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
/.settings | ||
/target | ||
/.classpath | ||
/.project | ||
/bin | ||
/repos |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<parent> | ||
<groupId>org.overlord</groupId> | ||
<artifactId>overlord-commons</artifactId> | ||
<version>1.0.0-SNAPSHOT</version> | ||
</parent> | ||
<artifactId>overlord-commons-idp</artifactId> | ||
<packaging>war</packaging> | ||
<name>Overlord Identity Provider</name> | ||
<description>An identity provider using PicketLink SAML.</description> | ||
</project> |
5 changes: 5 additions & 0 deletions
5
overlord-commons-idp/src/main/config/jboss-as7-config-cli.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
connect | ||
/subsystem=security/security-domain=overlord-idp:add(cache-type=default) | ||
/subsystem=security/security-domain=overlord-idp/authentication=classic:add(login-modules=[{"code"=>"UsersRoles","flag"=>"required","module-options"=>[("usersProperties"=>"${jboss.server.config.dir}/overlord-idp-users.properties"),("rolesProperties"=>"${jboss.server.config.dir}/overlord-idp-roles.properties")]}]) | ||
:reload | ||
:reload |
5 changes: 5 additions & 0 deletions
5
overlord-commons-idp/src/main/resources/overlord-idp-roles.properties
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
eric=overlorduser | ||
gary=overlorduser | ||
jeff=overlorduser | ||
kevin=overlorduser | ||
kurt=overlorduser |
5 changes: 5 additions & 0 deletions
5
overlord-commons-idp/src/main/resources/overlord-idp-users.properties
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
eric=overlord | ||
gary=overlord | ||
jeff=overlord | ||
kevin=overlord | ||
kurt=overlord |
10 changes: 10 additions & 0 deletions
10
overlord-commons-idp/src/main/webapp/META-INF/jboss-deployment-structure.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
<jboss-deployment-structure> | ||
|
||
<deployment> | ||
<!-- Add picketlink module dependency --> | ||
<dependencies> | ||
<module name="org.picketlink" /> | ||
</dependencies> | ||
</deployment> | ||
</jboss-deployment-structure> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
<jboss-web> | ||
<security-domain>overlord-idp</security-domain> | ||
<context-root>overlord-idp</context-root> | ||
<valve> | ||
<class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name> | ||
</valve> | ||
</jboss-web> |
35 changes: 35 additions & 0 deletions
35
overlord-commons-idp/src/main/webapp/WEB-INF/picketlink.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<PicketLink xmlns="urn:picketlink:identity-federation:config:2.1"> | ||
<PicketLinkIDP xmlns="urn:picketlink:identity-federation:config:2.1"> | ||
<IdentityURL>${overlord-idp.url::/overlord-idp/}</IdentityURL> | ||
<Trust> | ||
<Domains>localhost,jboss.com,jboss.org,amazonaws.com</Domains> | ||
</Trust> | ||
</PicketLinkIDP> | ||
<Handlers xmlns="urn:picketlink:identity-federation:handler:config:2.1"> | ||
<Handler | ||
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler" /> | ||
<Handler | ||
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" /> | ||
<Handler | ||
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler" /> | ||
<Handler | ||
class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" /> | ||
</Handlers> | ||
<!-- | ||
The configuration bellow defines a token timeout and a clock skew. Both configurations will be used during the SAML Assertion creation. | ||
This configuration is optional. It is defined only to show you how to set the token timeout and clock skew configuration. | ||
--> | ||
<PicketLinkSTS xmlns="urn:picketlink:identity-federation:config:1.0" TokenTimeout="5000" ClockSkew="0"> | ||
<TokenProviders> | ||
<TokenProvider | ||
ProviderClass="org.picketlink.identity.federation.core.saml.v1.providers.SAML11AssertionTokenProvider" | ||
TokenType="urn:oasis:names:tc:SAML:1.0:assertion" | ||
TokenElement="Assertion" TokenElementNS="urn:oasis:names:tc:SAML:1.0:assertion" /> | ||
<TokenProvider | ||
ProviderClass="org.picketlink.identity.federation.core.saml.v2.providers.SAML20AssertionTokenProvider" | ||
TokenType="urn:oasis:names:tc:SAML:2.0:assertion" | ||
TokenElement="Assertion" TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion" /> | ||
</TokenProviders> | ||
</PicketLinkSTS> | ||
|
||
</PicketLink> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
<?xml version="1.0"?> | ||
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" | ||
version="2.5"> | ||
|
||
<display-name>OverlordIDP</display-name> | ||
|
||
<listener> | ||
<listener-class>org.picketlink.identity.federation.web.listeners.IDPHttpSessionListener</listener-class> | ||
</listener> | ||
|
||
<!-- Define a security constraint that gives unlimted access to images --> | ||
<security-constraint> | ||
<web-resource-collection> | ||
<web-resource-name>Resources</web-resource-name> | ||
<url-pattern>/resources/*</url-pattern> | ||
</web-resource-collection> | ||
</security-constraint> | ||
|
||
<!-- Define a Security Constraint on this Application --> | ||
<security-constraint> | ||
<web-resource-collection> | ||
<web-resource-name>Manager command</web-resource-name> | ||
<url-pattern>/*</url-pattern> | ||
</web-resource-collection> | ||
<auth-constraint> | ||
<role-name>overlorduser</role-name> | ||
</auth-constraint> | ||
</security-constraint> | ||
|
||
<!-- Define the Login Configuration for this Application --> | ||
<login-config> | ||
<auth-method>FORM</auth-method> | ||
<realm-name>Overlord IDP Application</realm-name> | ||
<form-login-config> | ||
<form-login-page>/login.html</form-login-page> | ||
<form-error-page>/login-error.html</form-error-page> | ||
</form-login-config> | ||
</login-config> | ||
|
||
<!-- Security roles referenced by this web application --> | ||
<security-role> | ||
<role-name>overlorduser</role-name> | ||
</security-role> | ||
</web-app> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
Welcome to the Overlord Project IDP. You really shouldn't be | ||
logging in to this web application directly. If you are seeing | ||
this page then perhaps something went wrong? | ||
|
||
If you <b>did</b> log in to the IDP directly, you should now be | ||
signed in to all Overlord projects. Perhaps one of these will | ||
work: | ||
<br/> | ||
<br/> | ||
<ul> | ||
<li><a href="/s-ramp-ui">S-RAMP Browser</a></li> | ||
</ul> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="utf-8"> | ||
<title>Security Eval IDP - Login</title> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta name="description" content=""> | ||
<meta name="author" content=""> | ||
|
||
<link href="resources/bootstrap-2.2.2/css/bootstrap.css" rel="stylesheet"></link> | ||
<link href="resources/bootstrap-2.2.2/css/bootstrap-responsive.css" rel="stylesheet"></link> | ||
<link href="resources/idp.css" rel="stylesheet"></link> | ||
|
||
<!-- HTML5 shim, for IE6-8 support of HTML5 elements --> | ||
<!--[if lt IE 9]> | ||
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> | ||
<![endif]--> | ||
|
||
<script src="resources/jquery-1.9.1/jquery.min.js"></script> | ||
<script src="resources/bootstrap-2.2.2/js/bootstrap.min.js"></script> | ||
</head> | ||
|
||
<body> | ||
<div class="container"> | ||
<div class="alert alert-error"> | ||
Login failed. Please try again. | ||
</div> | ||
<form class="form-signin" id="login_form" name="login_form" method="post" | ||
action="j_security_check" enctype="application/x-www-form-urlencoded"> | ||
<h2 class="form-signin-heading">Overlord - Sign In</h2> | ||
<br /> | ||
<input id="username" name="j_username" type="text" class="input-block-level" placeholder="Username"></input> | ||
<input id="password" name="j_password" type="password" class="input-block-level" placeholder="Password"></input> | ||
<button id="submit" name="submit" class="btn btn-large btn-focus" type="submit">Sign in</button> | ||
</form> | ||
</div> | ||
</body> | ||
|
||
<script> | ||
$('#username').focus(); | ||
</script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="utf-8"> | ||
<title>Overlord IDP - Login</title> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta name="description" content=""> | ||
<meta name="author" content=""> | ||
|
||
<link href="resources/bootstrap-2.2.2/css/bootstrap.css" rel="stylesheet"></link> | ||
<link href="resources/bootstrap-2.2.2/css/bootstrap-responsive.css" rel="stylesheet"></link> | ||
<link href="resources/idp.css" rel="stylesheet"></link> | ||
|
||
<!-- HTML5 shim, for IE6-8 support of HTML5 elements --> | ||
<!--[if lt IE 9]> | ||
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> | ||
<![endif]--> | ||
|
||
<script src="resources/jquery-1.9.1/jquery.min.js"></script> | ||
<script src="resources/bootstrap-2.2.2/js/bootstrap.min.js"></script> | ||
</head> | ||
|
||
<body> | ||
<div class="container"> | ||
<form class="form-signin" id="login_form" name="login_form" method="post" | ||
action="j_security_check" enctype="application/x-www-form-urlencoded"> | ||
<h2 class="form-signin-heading">Overlord - Sign In</h2> | ||
<br /> | ||
<input id="username" name="j_username" type="text" class="input-block-level" placeholder="Username"></input> | ||
<input id="password" name="j_password" type="password" class="input-block-level" placeholder="Password"></input> | ||
<button id="submit" name="submit" class="btn btn-large btn-focus" type="submit">Sign in</button> | ||
</form> | ||
</div> | ||
</body> | ||
|
||
<script> | ||
$('#username').focus(); | ||
</script> | ||
</html> |
Oops, something went wrong.