We have a requirement of having multiple metadata.xml and its entity to enable SSO as we have multiple country sites running from a same instance and same code base.
What we did so far
Customised the metadatageneratorfilter to set proper entity based on the request url (we have country code coming in the domain of url).
In Spring XML,
<pre>
[bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
[constructor-arg>
[list>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
[constructor-arg>
[bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
[constructor-arg>
[value type="java.io.File">${sso.metadata.location:classpath:security/metadata_se.xml}[/value>
[/constructor-arg>
[property name="parserPool" ref="parserPool"/>
[/bean>
[/constructor-arg>
[!-- added section starts -->
[constructor-arg>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
[property name="signingKey" value="ssoIDPCertr"/>
[/bean>
[/constructor-arg>
[!-- added section ends-->
[/bean>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
[constructor-arg>
[bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
[constructor-arg>
[value type="java.io.File">${sso.metadata.location:classpath:security/metadata_es.xml}[/value>
[/constructor-arg>
[property name="parserPool" ref="parserPool"/>
[/bean>
[/constructor-arg>
[!-- added section starts -->
[constructor-arg>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
[property name="signingKey" value="ssoIDPCertr"/>
[/bean>
[/constructor-arg>
[!-- added section ends-->
[/bean>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
[constructor-arg>
[bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
[constructor-arg>
[value type="java.io.File">${sso.metadata.location:classpath:security/metadata_de.xml}[/value>
[/constructor-arg>
[property name="parserPool" ref="parserPool"/>
[/bean>
[/constructor-arg>
[!-- added section starts -->
[constructor-arg>
[bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
[property name="signingKey" value="ssoIDPCertr"/>
[/bean>
[/constructor-arg>
[!-- added section ends-->
[/bean>
[/list>
[/constructor-arg>
[/bean>
</pre>
But this approach is not working as we dont have set providers against any unique values to identify the proper providers for countries.
our urls will be like
<pre>
https://xy.brand.com
https://yy.brand.com
</pre>
Each site has separate metadata.xml.
we need to store metadata.xml with countryCode as identifiers and retrieve it based on request url before forming SAML request & response.
Any help will be much appreciated.
Thanks,
Siva
Is using a different entityID the only reason why you are separating your SP metadata xml files? If so, have you considered using entity alias ?
Related
In the exemple i made in the pictures, i change the property "url" of "Mathématique" page type from "route" type to "resource_locator" but this one is skipped in the hierarchy usage.
Do you have any idea about how to refresh URLs ?
<property name="url" type="resource_locator" mandatory="true">
<meta>
<title lang="en">Resourcelocator</title>
<title lang="de">Adresse</title>
</meta>
<tag name="sulu.rlp"/>
</property>
I have a database first approach, using EF4 on Sybase.
SSDL
<EntityType Name="tq_qmt_logger">
<Key>
<PropertyRef Name="qmt_id" />
</Key>
<Property Name="qmt_id" Type="bigint" Nullable="false" StoreGeneratedPattern="Identity" />
<Property Name="client_id" Type="varchar" Nullable="false" MaxLength="100" />
<Property Name="logged_date" Type="datetime" Nullable="false" />
CSDL
I have corresponding CSDL with annotation:StoreGeneratedPattern="Identity"
Now my source code is,
tq_qmt_logger qmtLogger = new tq_qmt_logger();
qmtLogger.client_id = machineID;
qmtLogger.logged_date = DateTime.Now;
// qmtlogger.qmt id is omitted because it is
// generated by a sequence in the DB.
context.tq_qmt_logger.AddObject(qmtLogger);
context.savechanges()
SaveChanges throws OptimisticConcurrencyException with error Store update, insert, or delete statement affected an unexpected number of rows (0). My guess is, EF passes 0 to my qmt_id (identity) column, which is getting rejected. Can someone guide how to fix this?
I am not quite familiar with CXF configuration. Here I am encountering a situation that a object (subclass) is going to be used for client but it does not declare in Endpoint.
For example, there is a super class "SuperClass" and two subclasses "SubClassA" and "SubClassB". The following method is declared in Endpoint:
public <T extends SuperClass> T search(Criteria criteria, ClassType type);
Therefore, those subclasses do not appear in Endpoint and it causes that their complexType is missing in wsdl. Error saying no read type is prompted when the object of subclass is called from client.
org.apache.cxf.interceptor.Fault:
Could not determine how to read type: {http://model.fmchan.com}SubClassA
So here I would like to seek for a solution to add those subclasses into wsdl so as to be called properly on client side.
If it is properly configured, the following should be shown on wsdl:
<xsd:complexType name="SubClassA">
<xsd:sequence>
<xsd:element minOccurs="0" name="date" type="xsd:dateTime"/>
</xsd:sequence>
</xsd:complexType>
Enclosed is the configuration on server side for your reference.
<import resource="classpath:META-INF/cxf/cxf.xml" />
<bean id="aegisContext" class="org.apache.cxf.aegis.AegisContext"
p:writeXsiTypes="true" scope="prototype" />
<bean id="aegisBean" p:aegisContext-ref="aegisContext"
class="org.apache.cxf.aegis.databinding.AegisDatabinding"
scope="prototype" />
<bean id="genericServiceImpl" class="com.fmchan.service.SomeEndpointImpl"/>
<jaxws:endpoint implementor="#genericServiceImpl"
address="${service.address}">
<jaxws:serviceFactory>
<ref bean="jaxws-and-aegis-service-factory" />
</jaxws:serviceFactory>
</jaxws:endpoint>
<bean id="jaxws-and-aegis-service-factory"
class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean"
scope="prototype">
<property name="dataBinding">
<bean class="org.apache.cxf.aegis.databinding.AegisDatabinding" />
</property>
</bean>
Thank you for any help in advance.
The simplest solution I come up with is to create a dummy method including those subclasses A and B as parameters for endpoint. It probably isn't the best solution and I still seek for better one.
Is it possible to add a property inside a new aspect that will hold a User from Alfresco's users ?
It will be used to input the User who's responsabile/authorizer of a document having a defined aspect.
The problem is that you've defined the same field twice. First as a d:text property and the second is an association.
In your model you've defined
<property name="txm:vacationPerson">
<title>Nom et prénom</title>
<type>d:text</type>
</property>
And as association you've defined:
<associations>
<association name="txm:vacationPerson">
<title>Assignee</title>
<source>
<mandatory>false</mandatory>
<many>false</many>
</source>
<target>
<class>cm:person</class>
<mandatory>false</mandatory>
<many>false</many>
</target>
</association>
</associations>
So it's rendering the first field as text and the second field isn't rendered anymore.
Remove the first d:text property or rename it.
Yes, and you may choose to use either an assocation or a property. Assuming you want users to pick the person manually, I'd go for the association since the default controls provided by share support picking a person out of the box.
Here is a sample aspect showing both - a property and an association to hold the user.
<aspect name="your:assignee">
<title>Your Aspect</title>
<properties>
<property name="your:assigedPersonUsername">
<title>Owner</title>
<type>d:text</type>
</property>
</properties>
<associations>
<association name="your:assignedPerson">
<title>Assignee</title>
<source>
<mandatory>false</mandatory>
<many>false</many>
</source>
<target>
<class>cm:person</class>
<mandatory>false</mandatory>
<many>false</many>
</target>
</association>
</associations>
</aspect>
I have used a workflow-send button to submit form data in XML format to a JSP file. However, it saves data as a PDF as opposed to XML string.
I know it is PDF because I get <?xml version="1.0" encoding="UTF-8"?><url>/xforms-server/dynamic/e9002cb0ce38d116e3037bb622050a36</url> on sysout in the JSP.
My properties-local.xml contains the following entries:
<property as="xs:string" name="oxf.xforms.format.input.date" value="[D]/[M]/[Y]"/>
<property as="xs:boolean" name="oxf.fr.email.attach-pdf" value="false"/>
<property as="xs:boolean" name="oxf.fr.alfresco.send-pdf" value="false"/>
<property as="xs:boolean" name="oxf.fr.detail.send.pdf" value="false"/>
<property as="xs:boolean" name="oxf.fr.detail.send.alfresco" value="false"/>
<property as="xs:boolean" name="oxf.fr.detail.send.email" value="false"/>
<property as="xs:string" name="oxf.fr.detail.buttons.*.*" value="workflow-send"/>
<property as="xs:string" name="oxf.fr.detail.send.success.method.*.*" value="post"/>
<property as="xs:anyURI" name="oxf.fr.detail.send.uri.*.*" value="http://localhost:8080/orbeon/xforms-jsp/idm/idm-customer.jsp"/>
<property as="xs:NMTOKENS" name="oxf.xforms.logging.debug" value="document model submission control event action analysis server html submission-details"/>
How can I get the data in XML format instead of a PDF?
According to the documentation on the workflow-send, the PDF is generated if either one of the following properties is true: oxf.fr.detail.send.pdf, oxf.fr.email.attach-pdf, or oxf.fr.alfresco.send-pdf. You don't seem to have any of those properties set to true, so the XML (not the PDF) of the form should be sent to the service you specified. I suspect that you might be using a version of Orbeon Forms that pre-dates the introduction of some of those properties. If you are not on version 3.9, I would suggest you upgrade to 3.9 (or newer). If you are on 3.9 or newer, then please post a comment and we'll try to help.