diff --git a/pom.xml b/pom.xml
index 4fc5896d65..ba248b5c89 100755
--- a/pom.xml
+++ b/pom.xml
@@ -883,6 +883,16 @@
keycloak-tomcat6-saml-adapter
${project.version}
+
+ org.keycloak
+ keycloak-tomcat7-saml-adapter
+ ${project.version}
+
+
+ org.keycloak
+ keycloak-tomcat8-saml-adapter
+ ${project.version}
+
org.keycloak
keycloak-tomcat7-adapter
diff --git a/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java b/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java
index 98eec5a2f8..7e317d377b 100755
--- a/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java
+++ b/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java
@@ -168,7 +168,7 @@ public class TomcatSamlTest {
});
}
- //@Test
+ @Test
public void testMetadataPostSignedLoginLogout() throws Exception {
testStrategy.testMetadataPostSignedLoginLogout();
}
diff --git a/testsuite/tomcat7/pom.xml b/testsuite/tomcat7/pom.xml
index d807e7383c..9be7c245dc 100755
--- a/testsuite/tomcat7/pom.xml
+++ b/testsuite/tomcat7/pom.xml
@@ -72,6 +72,24 @@
+
+ org.keycloak
+ keycloak-tomcat7-saml-adapter
+
+
+ org.apache.tomcat
+ tomcat-servlet-api
+
+
+ org.apache.tomcat
+ tomcat-catalina
+
+
+ org.apache.tomcat
+ catalina
+
+
+
org.jboss.resteasy
resteasy-client
diff --git a/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java
index b67c2fc7a4..5c6fed1b68 100755
--- a/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java
+++ b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java
@@ -26,6 +26,7 @@ import org.apache.tomcat.util.http.mapper.Mapper;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.ClassRule;
+import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.KeycloakSession;
@@ -41,6 +42,7 @@ import java.util.regex.Matcher;
/**
* @author Stian Thorgersen
*/
+@Ignore
public class Tomcat7Test {
@ClassRule
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
diff --git a/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java
new file mode 100755
index 0000000000..e7fee5139a
--- /dev/null
+++ b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/TomcatSamlTest.java
@@ -0,0 +1,197 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.keycloak.testsuite;
+
+import org.apache.catalina.startup.Tomcat;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.services.managers.RealmManager;
+import org.keycloak.testsuite.keycloaksaml.SamlAdapterTestStrategy;
+import org.keycloak.testsuite.rule.AbstractKeycloakRule;
+import org.openqa.selenium.WebDriver;
+
+import java.io.File;
+import java.net.URL;
+import java.util.regex.Matcher;
+
+/**
+ * @author Stian Thorgersen
+ */
+public class TomcatSamlTest {
+ @ClassRule
+ public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
+ @Override
+ protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
+ SamlAdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
+ }
+ };
+
+ static Tomcat tomcat = null;
+
+ @BeforeClass
+ public static void initTomcat() throws Exception {
+ tomcat = new Tomcat();
+ String baseDir = getBaseDirectory();
+ tomcat.setBaseDir(baseDir);
+ tomcat.setPort(8082);
+
+ System.setProperty("app.server.base.url", "http://localhost:8082");
+ System.setProperty("my.host.name", "localhost");
+ URL dir = TomcatSamlTest.class.getResource("/keycloak-saml/testsaml.json");
+ File base = new File(dir.getFile()).getParentFile();
+ tomcat.addWebapp("/sales-post", new File(base, "simple-post").toString());
+ tomcat.addWebapp("/sales-post-sig", new File(base, "signed-post").toString());
+ tomcat.addWebapp("/sales-post-sig-email", new File(base, "signed-post-email").toString());
+ tomcat.addWebapp("/sales-post-sig-transient", new File(base, "signed-post-transient").toString());
+ tomcat.addWebapp("/sales-post-sig-persistent", new File(base, "signed-post-persistent").toString());
+ tomcat.addWebapp("/sales-metadata", new File(base, "signed-metadata").toString());
+ tomcat.addWebapp("/employee-sig", new File(base, "signed-get").toString());
+ tomcat.addWebapp("/employee2", new File(base, "mappers").toString());
+ tomcat.addWebapp("/employee-sig-front", new File(base, "signed-front-get").toString());
+ tomcat.addWebapp("/bad-client-sales-post-sig", new File(base, "bad-client-signed-post").toString());
+ tomcat.addWebapp("/bad-realm-sales-post-sig", new File(base, "bad-realm-signed-post").toString());
+ tomcat.addWebapp("/sales-post-enc", new File(base, "encrypted-post").toString());
+ SamlAdapterTestStrategy.uploadSP("http://localhost:8081/auth", keycloakRule);
+
+
+ tomcat.start();
+ //tomcat.getServer().await();
+ }
+
+ @AfterClass
+ public static void shutdownTomcat() throws Exception {
+ tomcat.stop();
+ }
+
+ @Rule
+ public SamlAdapterTestStrategy testStrategy = new SamlAdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule);
+
+ @Test
+ public void testPostSimpleLoginLogout() {
+ testStrategy.testPostSimpleLoginLogout();
+ }
+
+ @Test
+ public void testPostSimpleLoginLogoutIdpInitiated() {
+ testStrategy.testPostSimpleLoginLogoutIdpInitiated();
+ }
+
+ @Test
+ public void testPostSignedLoginLogout() {
+ testStrategy.testPostSignedLoginLogout();
+ }
+
+ @Test
+ public void testPostSignedLoginLogoutTransientNameID() {
+ testStrategy.testPostSignedLoginLogoutTransientNameID();
+ }
+
+ @Test
+ public void testPostSignedLoginLogoutPersistentNameID() {
+ testStrategy.testPostSignedLoginLogoutPersistentNameID();
+ }
+
+ @Test
+ public void testPostSignedLoginLogoutEmailNameID() {
+ testStrategy.testPostSignedLoginLogoutEmailNameID();
+ }
+
+ @Test
+ public void testAttributes() throws Exception {
+ testStrategy.testAttributes();
+ }
+
+ @Test
+ public void testRedirectSignedLoginLogout() {
+ testStrategy.testRedirectSignedLoginLogout();
+ }
+
+ @Test
+ public void testRedirectSignedLoginLogoutFrontNoSSO() {
+ testStrategy.testRedirectSignedLoginLogoutFrontNoSSO();
+ }
+
+ @Test
+ public void testRedirectSignedLoginLogoutFront() {
+ testStrategy.testRedirectSignedLoginLogoutFront();
+ }
+
+ @Test
+ public void testPostEncryptedLoginLogout() {
+ testStrategy.testPostEncryptedLoginLogout();
+ }
+
+ @Test
+ public void testPostBadClientSignature() {
+ testStrategy.testPostBadClientSignature();
+ }
+
+ @Test
+ public void testPostBadRealmSignature() {
+ testStrategy.testPostBadRealmSignature( new SamlAdapterTestStrategy.CheckAuthError() {
+ @Override
+ public void check(WebDriver driver) {
+ Assert.assertEquals(driver.getPageSource(), "");
+ }
+ });
+ }
+
+ @Test
+ public void testPostSimpleUnauthorized() {
+ testStrategy.testPostSimpleUnauthorized( new SamlAdapterTestStrategy.CheckAuthError() {
+ @Override
+ public void check(WebDriver driver) {
+ Assert.assertTrue(driver.getPageSource().contains("forbidden"));
+ }
+ });
+ }
+
+ @Test
+ public void testMetadataPostSignedLoginLogout() throws Exception {
+ testStrategy.testMetadataPostSignedLoginLogout();
+ }
+
+ private static String getBaseDirectory() {
+ String dirPath = null;
+ String relativeDirPath = "testsuite" + File.separator + "tomcat7" + File.separator + "target";
+
+ if (System.getProperties().containsKey("maven.home")) {
+ dirPath = System.getProperty("user.dir").replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
+ } else {
+ for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) {
+ if (c.contains(File.separator + "testsuite" + File.separator + "tomcat7")) {
+ dirPath = c.replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
+ break;
+ }
+ }
+ }
+
+ String absolutePath = new File(dirPath).getAbsolutePath();
+ return absolutePath;
+ }
+}
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..fa1b2593d4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..6a3e3ba7d3
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..8b1bf3d783
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..215384cdef
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..24bfb6454a
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..822162ceaf
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/encrypted-post/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..4fc1dfc640
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,25 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/web.xml
new file mode 100755
index 0000000000..0d92eb3cab
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/mappers/WEB-INF/web.xml
@@ -0,0 +1,56 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+ el-jefe
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
+ user
+
+
+ employee
+
+
+ pee-on
+
+
+ hardcoded-role
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..a8d84c17fe
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,44 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..4daad218a3
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-front-get/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..724919bd9b
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,44 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..4daad218a3
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-get/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..1ffeb1bdd3
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..144830bc77
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-metadata/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..dbb9c31b6f
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,44 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..144830bc77
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-email/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..0415bb1dd1
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..144830bc77
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-persistent/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..4b96159674
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..144830bc77
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post-transient/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..dcd6f5b0e4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,45 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keystore.jks b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keystore.jks
new file mode 100755
index 0000000000..144830bc77
Binary files /dev/null and b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/keystore.jks differ
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/signed-post/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/META-INF/context.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/META-INF/context.xml
new file mode 100755
index 0000000000..d16faafd19
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/META-INF/context.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/keycloak-saml.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/keycloak-saml.xml
new file mode 100755
index 0000000000..e831ff7e3f
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/keycloak-saml.xml
@@ -0,0 +1,24 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/web.xml
new file mode 100755
index 0000000000..86db4a46a4
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/simple-post/WEB-INF/web.xml
@@ -0,0 +1,43 @@
+
+
+
+ adapter-test
+
+
+ SendUsernameServlet
+ org.keycloak.testsuite.keycloaksaml.SendUsernameServlet
+
+
+ SendUsernameServlet
+ /*
+
+
+
+
+ Users
+ /*
+
+
+ manager
+
+
+
+
+ BASIC
+ demo
+
+ /error.html
+ /error.html
+
+
+
+
+ manager
+
+
+ el-jefe
+
+
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/sp-metadata.xml b/testsuite/tomcat7/src/test/resources/keycloak-saml/sp-metadata.xml
new file mode 100755
index 0000000000..8f143deb61
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/sp-metadata.xml
@@ -0,0 +1,38 @@
+
+
+
+
+ urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+
+
+
+
+
+
+
+ MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw==
+
+
+
+
+
+
+ JBoss
+ JBoss by Red Hat
+ http://localhost:8080/sales-metadata/
+
+
+ The
+ Admin
+ admin@mycompany.com
+
+
+
\ No newline at end of file
diff --git a/testsuite/tomcat7/src/test/resources/keycloak-saml/testsaml.json b/testsuite/tomcat7/src/test/resources/keycloak-saml/testsaml.json
new file mode 100755
index 0000000000..0b13fb9e9e
--- /dev/null
+++ b/testsuite/tomcat7/src/test/resources/keycloak-saml/testsaml.json
@@ -0,0 +1,376 @@
+{
+ "id": "demo",
+ "realm": "demo",
+ "enabled": true,
+ "sslRequired": "external",
+ "registrationAllowed": true,
+ "resetPasswordAllowed": true,
+ "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
+ "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+ "requiredCredentials": [ "password" ],
+ "defaultRoles": [ "user" ],
+ "smtpServer": {
+ "from": "auto@keycloak.org",
+ "host": "localhost",
+ "port":"3025"
+ },
+ "users" : [
+ {
+ "username" : "bburke",
+ "enabled": true,
+ "email" : "bburke@redhat.com",
+ "credentials" : [
+ { "type" : "password",
+ "value" : "password" }
+ ],
+ "attributes" : {
+ "phone": "617"
+ },
+ "realmRoles": ["manager", "user"],
+ "applicationRoles": {
+ "http://localhost:8082/employee/": [ "employee" ],
+ "http://localhost:8082/employee2/": [ "employee" ]
+ }
+ } ,
+ {
+ "username" : "unauthorized",
+ "enabled": true,
+ "email" : "unauthorized@redhat.com",
+ "credentials" : [
+ { "type" : "password",
+ "value" : "password" }
+ ]
+ }
+ ],
+ "applications": [
+ {
+ "name": "http://localhost:8082/sales-post/",
+ "enabled": true,
+ "fullScopeAllowed": true,
+ "protocol": "saml",
+ "baseUrl": "http://localhost:8082/sales-post",
+ "redirectUris": [
+ "http://localhost:8082/sales-post/*"
+ ],
+ "attributes": {
+ "saml.authnstatement": "true",
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post/",
+ "saml_idp_initiated_sso_url_name": "sales-post"
+ }
+ },
+ {
+ "name": "http://localhost:8082/sales-post-sig/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/sales-post-sig",
+ "redirectUris": [
+ "http://localhost:8082/sales-post-sig/*"
+ ],
+ "attributes": {
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post-sig/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post-sig/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post-sig/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post-sig/",
+ "saml.server.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA256",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/sales-post-sig-transient/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/sales-post-sig-transient",
+ "adminUrl": "http://localhost:8082/sales-post-sig-transient",
+ "redirectUris": [
+ "http://localhost:8082/sales-post-sig-transient/*"
+ ],
+ "attributes": {
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post-sig-transient/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post-sig-transient/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post-sig-transient/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post-sig-transient/",
+ "saml.server.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA256",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/sales-post-sig-persistent/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/sales-post-sig-persistent",
+ "redirectUris": [
+ "http://localhost:8082/sales-post-sig-persistent/*"
+ ],
+ "attributes": {
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post-sig-persistent/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post-sig-persistent/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post-sig-persistent/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post-sig-persistent/",
+ "saml.server.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA256",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/sales-post-sig-email/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/sales-post-sig-email",
+ "adminUrl": "http://localhost:8082/sales-post-sig-email",
+ "redirectUris": [
+ "http://localhost:8082/sales-post-sig-email/*"
+ ],
+ "attributes": {
+ "saml_force_name_id_format": "true",
+ "saml_name_id_format": "email",
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post-sig-email/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post-sig-email/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post-sig-email/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post-sig-email/",
+ "saml.server.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA256",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/bad-realm-sales-post-sig/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/bad-realm-sales-post-sig/",
+ "adminUrl": "http://localhost:8082/bad-realm-sales-post-sig/",
+ "redirectUris": [
+ "http://localhost:8082/bad-realm-sales-post-sig/*"
+ ],
+ "attributes": {
+ "saml.server.signature": "true",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/bad-client-sales-post-sig/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/bad-client-sales-post-sig/",
+ "adminUrl": "http://localhost:8082/bad-client-sales-post-sig/",
+ "redirectUris": [
+ "http://localhost:8082/bad-client-sales-post-sig/*"
+ ],
+ "attributes": {
+ "saml.server.signature": "true",
+ "saml.client.signature": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGVacCDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1lbmMvMB4XDTE0MTAxNjE0MjA0NloXDTI0MTAxNjE0MjIyNlowMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3QtZW5jLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2+5MCT5BnVN+IYnKZcH6ev1pjXGi4feE0nOycq/VJ3aeaZMi4G9AxOxCBPupErOC7Kgm/Bw5AdJyw+Q12wSRXfJ9FhqCrLXpb7YOhbVSTJ8De5O8mW35DxAlh/cxe9FXjqPb286wKTUZ3LfGYR+X235UQeCTAPS/Ufi21EXaEikCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBMrfGD9QFfx5v7ld/OAto5rjkTe3R1Qei8XRXfcs83vLaqEzjEtTuLGrJEi55kXuJgBpVmQpnwCCkkjSy0JxbqLDdVi9arfWUxEGmOr01ZHycELhDNaQcFqVMPr5kRHIHgktT8hK2IgCvd3Fy9/JCgUgCPxKfhwecyEOKxUc857g=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/sales-post-enc/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/sales-post-enc",
+ "redirectUris": [
+ "http://localhost:8082/sales-post-enc/*"
+ ],
+ "attributes": {
+ "saml_assertion_consumer_url_post": "http://localhost:8082/sales-post-enc/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/sales-post-enc/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/sales-post-enc/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/sales-post-enc/",
+ "saml.server.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA512",
+ "saml.client.signature": "true",
+ "saml.encrypt": "true",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB1DCCAT0CBgFJGVacCDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1lbmMvMB4XDTE0MTAxNjE0MjA0NloXDTI0MTAxNjE0MjIyNlowMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3QtZW5jLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2+5MCT5BnVN+IYnKZcH6ev1pjXGi4feE0nOycq/VJ3aeaZMi4G9AxOxCBPupErOC7Kgm/Bw5AdJyw+Q12wSRXfJ9FhqCrLXpb7YOhbVSTJ8De5O8mW35DxAlh/cxe9FXjqPb286wKTUZ3LfGYR+X235UQeCTAPS/Ufi21EXaEikCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBMrfGD9QFfx5v7ld/OAto5rjkTe3R1Qei8XRXfcs83vLaqEzjEtTuLGrJEi55kXuJgBpVmQpnwCCkkjSy0JxbqLDdVi9arfWUxEGmOr01ZHycELhDNaQcFqVMPr5kRHIHgktT8hK2IgCvd3Fy9/JCgUgCPxKfhwecyEOKxUc857g==",
+ "saml.encryption.certificate": "MIIB1DCCAT0CBgFJGVacCDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1lbmMvMB4XDTE0MTAxNjE0MjA0NloXDTI0MTAxNjE0MjIyNlowMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3QtZW5jLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2+5MCT5BnVN+IYnKZcH6ev1pjXGi4feE0nOycq/VJ3aeaZMi4G9AxOxCBPupErOC7Kgm/Bw5AdJyw+Q12wSRXfJ9FhqCrLXpb7YOhbVSTJ8De5O8mW35DxAlh/cxe9FXjqPb286wKTUZ3LfGYR+X235UQeCTAPS/Ufi21EXaEikCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBMrfGD9QFfx5v7ld/OAto5rjkTe3R1Qei8XRXfcs83vLaqEzjEtTuLGrJEi55kXuJgBpVmQpnwCCkkjSy0JxbqLDdVi9arfWUxEGmOr01ZHycELhDNaQcFqVMPr5kRHIHgktT8hK2IgCvd3Fy9/JCgUgCPxKfhwecyEOKxUc857g=="
+ }
+ },
+ {
+ "name": "http://localhost:8082/employee-sig/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/employee-sig",
+ "redirectUris": [
+ "http://localhost:8082/employee-sig/*"
+ ],
+ "adminUrl": "http://localhost:8082/employee-sig/",
+ "attributes": {
+ "saml.server.signature": "true",
+ "saml.client.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA256",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB0DCCATkCBgFJH5u0EDANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNodHRwOi8vbG9jYWxob3N0OjgwODAvZW1wbG95ZWUtc2lnLzAeFw0xNDEwMTcxOTMzNThaFw0yNDEwMTcxOTM1MzhaMC4xLDAqBgNVBAMTI2h0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9lbXBsb3llZS1zaWcvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+9kVgPFpshjS2aT2g52lqTv2lqb1jgvXZVk7iFF4LAO6SdCXKXRZI4SuzIRkVNpE1a42V1kQRlaozoFklgvX5sje8tkpa9ylq+bxGXM9RRycqRu2B+oWUV7Aqq7Bs0Xud0WeHQYRcEoCjqsFKGy65qkLRDdT70FTJgpSHts+gDwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACKyPLGqMX8GsIrCfJU8eVnpaqzTXMglLVo/nTcfAnWe9UAdVe8N3a2PXpDBvuqNA/DEAhVcQgxdlOTWnB6s8/yLTRuH0bZgb3qGdySif+lU+E7zZ/SiDzavAvn+ABqemnzHcHyhYO+hNRGHvUbW5OAii9Vdjhm8BI32YF1NwhKp"
+ }
+ },
+ {
+ "name": "http://localhost:8082/employee/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/employee/",
+ "redirectUris": [
+ "http://localhost:8082/employee/*"
+ ],
+ "adminUrl": "http://localhost:8082/employee/",
+ "attributes": {
+ "saml.authnstatement": "true"
+ },
+ "protocolMappers": [
+ {
+ "name": "email",
+ "protocol": "saml",
+ "protocolMapper": "saml-user-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "email",
+ "friendly.name": "email",
+ "attribute.name": "urn:oid:1.2.840.113549.1.9.1",
+ "attribute.nameformat": "URI Reference"
+ }
+ },
+ {
+ "name": "phone",
+ "protocol": "saml",
+ "protocolMapper": "saml-user-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "phone",
+ "attribute.name": "phone",
+ "attribute.nameformat": "Basic"
+ }
+ },
+ {
+ "name": "role-list",
+ "protocol": "saml",
+ "protocolMapper": "saml-role-list-mapper",
+ "consentRequired": false,
+ "config": {
+ "attribute.name": "Role",
+ "attribute.nameformat": "Basic",
+ "single": "false"
+ }
+ }
+ ]
+ },
+ {
+ "name": "http://localhost:8082/employee2/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "baseUrl": "http://localhost:8082/employee2/",
+ "redirectUris": [
+ "http://localhost:8082/employee2/*"
+ ],
+ "adminUrl": "http://localhost:8082/employee2/",
+ "attributes": {
+ "saml.authnstatement": "true"
+ },
+ "protocolMappers": [
+ {
+ "name": "email",
+ "protocol": "saml",
+ "protocolMapper": "saml-user-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "email",
+ "friendly.name": "email",
+ "attribute.name": "urn:oid:1.2.840.113549.1.9.1",
+ "attribute.nameformat": "URI Reference"
+ }
+ },
+ {
+ "name": "phone",
+ "protocol": "saml",
+ "protocolMapper": "saml-user-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "phone",
+ "attribute.name": "phone",
+ "attribute.nameformat": "Basic"
+ }
+ },
+ {
+ "name": "role-list",
+ "protocol": "saml",
+ "protocolMapper": "saml-role-list-mapper",
+ "consentRequired": false,
+ "config": {
+ "attribute.name": "Role",
+ "attribute.nameformat": "Basic",
+ "single": "false"
+ }
+ }
+ ]
+ },
+ {
+ "name": "http://localhost:8082/employee-sig-front/",
+ "enabled": true,
+ "protocol": "saml",
+ "fullScopeAllowed": true,
+ "frontchannelLogout": true,
+ "baseUrl": "http://localhost:8082/employee-sig-front/",
+ "redirectUris": [
+ "http://localhost:8082/employee-sig-front/*"
+ ],
+ "attributes": {
+ "saml_assertion_consumer_url_post": "http://localhost:8082/employee-sig-front/",
+ "saml_assertion_consumer_url_redirect": "http://localhost:8082/employee-sig-front/",
+ "saml_single_logout_service_url_post": "http://localhost:8082/employee-sig-front/",
+ "saml_single_logout_service_url_redirect": "http://localhost:8082/employee-sig-front/",
+ "saml.server.signature": "true",
+ "saml.client.signature": "true",
+ "saml.signature.algorithm": "RSA_SHA1",
+ "saml.authnstatement": "true",
+ "saml.signing.certificate": "MIIB0DCCATkCBgFJH5u0EDANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNodHRwOi8vbG9jYWxob3N0OjgwODAvZW1wbG95ZWUtc2lnLzAeFw0xNDEwMTcxOTMzNThaFw0yNDEwMTcxOTM1MzhaMC4xLDAqBgNVBAMTI2h0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9lbXBsb3llZS1zaWcvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+9kVgPFpshjS2aT2g52lqTv2lqb1jgvXZVk7iFF4LAO6SdCXKXRZI4SuzIRkVNpE1a42V1kQRlaozoFklgvX5sje8tkpa9ylq+bxGXM9RRycqRu2B+oWUV7Aqq7Bs0Xud0WeHQYRcEoCjqsFKGy65qkLRDdT70FTJgpSHts+gDwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACKyPLGqMX8GsIrCfJU8eVnpaqzTXMglLVo/nTcfAnWe9UAdVe8N3a2PXpDBvuqNA/DEAhVcQgxdlOTWnB6s8/yLTRuH0bZgb3qGdySif+lU+E7zZ/SiDzavAvn+ABqemnzHcHyhYO+hNRGHvUbW5OAii9Vdjhm8BI32YF1NwhKp"
+ }
+ }
+ ],
+ "roles" : {
+ "realm" : [
+ {
+ "name": "manager",
+ "description": "Have Manager privileges"
+ },
+ {
+ "name": "user",
+ "description": "Have User privileges"
+ }
+ ],
+ "application" : {
+ "http://localhost:8082/employee/" : [
+ {
+ "name": "employee",
+ "description": "Have Employee privileges"
+ }
+ ],
+ "http://localhost:8082/employee2/" : [
+ {
+ "name": "employee",
+ "description": "Have Employee privileges"
+ }
+ ]
+ }
+ }
+}