Example 26 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class TaskModelImpl method getEntities.
/**
* Returns a set of entities in a circle of trust.
*
* @param realm Realm.
* @param cotName Name of circle of trust.
* @return a set of entities in a circle of trust.
* @throws AMConsoleException if unable to retrieve entities.
*/
public Set getEntities(String realm, String cotName) throws AMConsoleException {
try {
CircleOfTrustManager mgr = new CircleOfTrustManager();
Set entities = mgr.listCircleOfTrustMember(realm, cotName, COTConstants.SAML2);
return (entities == null) ? Collections.EMPTY_SET : entities;
} catch (COTException ex) {
throw new AMConsoleException(ex.getMessage());
}
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
TreeSet(java.util.TreeSet)
HashSet(java.util.HashSet)
Set(java.util.Set)
COTException(com.sun.identity.cot.COTException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 27 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class FSIntersiteTransferService method redirectToCommonDomain.
private void redirectToCommonDomain(HttpServletRequest request, HttpServletResponse response, String requestID) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService." + "redirectToCommonDomain: Called");
}
String metaAlias = request.getParameter(IFSConstants.META_ALIAS);
String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
try {
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
HttpSession session = request.getSession(true);
Set cotSet = (Set) session.getAttribute(IFSConstants.SESSION_COTSET_ATTR);
CircleOfTrustManager cotManager = new CircleOfTrustManager();
if (cotSet == null) {
cotSet = cotManager.getAllCirclesOfTrust(realm);
if (cotSet != null) {
session.setAttribute(IFSConstants.SESSION_COTSET_ATTR, cotSet);
}
if (cotSet == null || cotSet.isEmpty()) {
FSUtils.debug.error("FSIntersiteTransferService. redirect" + "ToCommonDomain: No CommonDomain metadata found");
String[] data = { FSUtils.bundle.getString("noCommonDomainMetadata") };
LogUtil.error(Level.INFO, LogUtil.COMMON_DOMAIN_META_DATA_NOT_FOUND, data);
//response.sendRedirect(framedLoginPageURL);
FSUtils.forwardRequest(request, response, framedLoginPageURL);
return;
}
}
if (cotSet.isEmpty()) {
FSUtils.debug.error("FSIntersiteTransferService." + "redirectToCommonDomain: No more CommonDomain left");
String[] data = { FSUtils.bundle.getString("noCommonDomainMetadata") };
LogUtil.error(Level.INFO, LogUtil.COMMON_DOMAIN_META_DATA_NOT_FOUND, data);
//response.sendRedirect(framedLoginPageURL);
FSUtils.forwardRequest(request, response, framedLoginPageURL);
return;
}
Iterator iter = cotSet.iterator();
String cotName = (String) iter.next();
cotSet.remove(cotName);
session.setAttribute(IFSConstants.SESSION_COTSET_ATTR, cotSet);
String readerServiceURL = cotManager.getCircleOfTrust(realm, cotName).getIDFFReaderServiceURL();
if (readerServiceURL != null) {
StringBuffer redirectURL = new StringBuffer(300);
StringBuffer returnURL = request.getRequestURL();
returnURL.append("?").append(IFSConstants.AUTH_REQUEST_ID).append("=").append(URLEncDec.encode(requestID));
returnURL.append("&").append(IFSConstants.META_ALIAS).append("=").append(URLEncDec.encode(metaAlias));
redirectURL.append(readerServiceURL);
redirectURL.append("?");
redirectURL.append(IFSConstants.LRURL);
redirectURL.append("=");
redirectURL.append(URLEncDec.encode(returnURL.toString()));
String url = redirectURL.toString();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService." + "redirectToCommonDomain: " + "Redirecting to check for PrefferedIDP @:" + url);
}
response.setHeader("Location", url);
response.sendRedirect(url);
return;
}
} catch (COTException e) {
FSUtils.debug.error("FSIntersiteTransferService." + "redirectToCommonDomain: " + "COTException occured while trying to " + "redirect to the CommonDomain: ", e);
try {
//response.sendRedirect(framedLoginPageURL);
FSUtils.forwardRequest(request, response, framedLoginPageURL);
} catch (Exception ex) {
FSUtils.debug.error("FSIntersiteTransferService." + "redirectToCommonDomain: IOException : ", ex);
}
return;
} catch (IOException e) {
FSUtils.debug.error("FSIntersiteTransferService." + "redirectToCommonDomain: IOException" + " occured while trying to redirect to the CommonDomain: ", e);
return;
}
}
Also used :
Set(java.util.Set)
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
HttpSession(javax.servlet.http.HttpSession)
Iterator(java.util.Iterator)
COTException(com.sun.identity.cot.COTException)
IOException(java.io.IOException)
ServletException(javax.servlet.ServletException)
FSSignatureException(com.sun.identity.federation.services.util.FSSignatureException)
COTException(com.sun.identity.cot.COTException)
IOException(java.io.IOException)
Example 28 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class SAML2SingleLogoutHandler method findIDPMetaAlias.
/**
* Returns the SAML2 IDP metaAlis which is in the same COT as the initiation
* IDP and SP. Return null if such SAML2 IDP does not exist or exception
* occurs.
*/
private String findIDPMetaAlias(String idpEntityID, String spEntityID, String realm, String protocol, SAML2MetaManager saml2Manager) {
try {
List hostedIdps = saml2Manager.getAllHostedIdentityProviderEntities(realm);
if (debug.messageEnabled()) {
debug.message("SAML2SingleLogoutHandler.findIDPMetaAlias: " + " all hosted SAML2 IDPs = " + hostedIdps);
}
if ((hostedIdps == null) || hostedIdps.isEmpty()) {
return null;
}
CircleOfTrustManager cotManager = new CircleOfTrustManager();
Set cots = cotManager.getAllActiveCirclesOfTrust(realm);
int num = hostedIdps.size();
for (int i = 0; i < num; i++) {
String idpId = (String) hostedIdps.get(i);
Iterator it = cots.iterator();
while (it.hasNext()) {
String cotName = (String) it.next();
if (debug.messageEnabled()) {
debug.message("SAML2SLOHandler.findIDPMetaAlias: " + " check COT = " + cotName);
}
// check if this cot contains all entities
Set providers = cotManager.listCircleOfTrustMember(realm, cotName, SingleLogoutManager.SAML2);
if ((providers == null) || !providers.contains(idpId)) {
continue;
}
providers = cotManager.listCircleOfTrustMember(realm, cotName, protocol);
if ((providers == null) || !providers.contains(idpEntityID)) {
continue;
}
if ((spEntityID != null) && (spEntityID.length() != 0) && !providers.contains(spEntityID)) {
continue;
}
// but just stop here right now.
if (SingleLogoutManager.debug.messageEnabled()) {
SingleLogoutManager.debug.message("SAML2SingleLogoutHandler.findIDPMetaAlias : " + "found IDP " + idpId + " in COT " + cotName);
}
IDPSSOConfigElement config = saml2Manager.getIDPSSOConfig(realm, idpId);
return config.getMetaAlias();
}
}
} catch (Exception e) {
SingleLogoutManager.debug.error("SAML2SingleLogoutHandler." + "findIDPMetaAlias", e);
}
return null;
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
Set(java.util.Set)
Iterator(java.util.Iterator)
List(java.util.List)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
SessionException(com.sun.identity.plugin.session.SessionException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 29 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class IDFFSingleLogoutHandler method findIDPMetaAlias.
/**
* Returns the IDFF IDP metaAlis which is in the same COT as the initiation
* IDP and SP. Return null if such IDFF IDP does not exist or exception
* occurs.
*/
private String findIDPMetaAlias(String idpEntityID, String spEntityID, String realm, String protocol) {
try {
IDFFMetaManager idffManager = new IDFFMetaManager(null);
List hostedIdps = idffManager.getAllHostedIdentityProviderIDs(realm);
if ((hostedIdps == null) || hostedIdps.isEmpty()) {
return null;
}
CircleOfTrustManager cotManager = new CircleOfTrustManager();
Set cots = cotManager.getAllActiveCirclesOfTrust(realm);
int num = hostedIdps.size();
for (int i = 0; i < num; i++) {
String idpId = (String) hostedIdps.get(i);
Iterator it = cots.iterator();
while (it.hasNext()) {
String cotName = (String) it.next();
// check if this cot contains all entities
Set providers = cotManager.listCircleOfTrustMember(realm, cotName, SingleLogoutManager.IDFF);
if ((providers == null) || !providers.contains(idpId)) {
continue;
}
providers = cotManager.listCircleOfTrustMember(realm, cotName, protocol);
if ((providers == null) || !providers.contains(idpEntityID)) {
continue;
}
if ((spEntityID != null) && !providers.contains(spEntityID)) {
continue;
}
// but just stop here right now.
if (SingleLogoutManager.debug.messageEnabled()) {
SingleLogoutManager.debug.message("IDFFSingleLogoutHandler.findIDPMetaAlias : " + "found IDP " + idpId + " in COT " + cotName);
}
IDPDescriptorConfigElement config = idffManager.getIDPDescriptorConfig(realm, idpId);
return config.getMetaAlias();
}
}
} catch (Exception e) {
SingleLogoutManager.debug.error("IDFFSingleLogoutHandler." + "findIDPMetaAlias", e);
}
return null;
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
Set(java.util.Set)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
Iterator(java.util.Iterator)
List(java.util.List)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Example 30 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class WSFederationSingleLogoutHandler method findIDPMetaAlias.
/**
* Returns the WSFed IDP metaAlis which is in the same COT as the initiation
* IDP and SP. Return null if such WSFed IDP does not exist or exception
* occurs.
*/
private String findIDPMetaAlias(String idpEntityID, String spEntityID, String realm, String protocol) {
try {
WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
List hostedIdps = metaManager.getAllHostedIdentityProviderEntities(realm);
if (debug.messageEnabled()) {
debug.message("WSFedSingleLogoutHandler.findIDPMetaAlias: " + " all hosted WS-Fed IDPs = " + hostedIdps);
}
if ((hostedIdps == null) || hostedIdps.isEmpty()) {
return null;
}
CircleOfTrustManager cotManager = new CircleOfTrustManager();
Set cots = cotManager.getAllActiveCirclesOfTrust(realm);
int num = hostedIdps.size();
for (int i = 0; i < num; i++) {
String idpId = (String) hostedIdps.get(i);
Iterator it = cots.iterator();
while (it.hasNext()) {
String cotName = (String) it.next();
if (debug.messageEnabled()) {
debug.message("WSFedSLOHandler.findIDPMetaAlias: " + " check COT = " + cotName);
}
// check if this cot contains the wsfed IDP to be checked
Set providers = cotManager.listCircleOfTrustMember(realm, cotName, SingleLogoutManager.WS_FED);
if ((providers == null) || !providers.contains(idpId)) {
continue;
}
providers = cotManager.listCircleOfTrustMember(realm, cotName, protocol);
if ((providers == null) || !providers.contains(idpEntityID)) {
continue;
}
if ((spEntityID != null) && (spEntityID.length() != 0) && !providers.contains(spEntityID)) {
continue;
}
// but just stop here right now.
if (SingleLogoutManager.debug.messageEnabled()) {
SingleLogoutManager.debug.message("WSFedSingleLogoutHandler.findIDPMetaAlias : " + "found IDP " + idpId + " in COT " + cotName);
}
IDPSSOConfigElement config = metaManager.getIDPSSOConfig(realm, idpId);
return config.getMetaAlias();
}
}
} catch (Exception e) {
SingleLogoutManager.debug.error("WSFederationSingleLogoutHandler." + "findIDPMetaAlias", e);
}
return null;
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
Set(java.util.Set)
Iterator(java.util.Iterator)
List(java.util.List)
IDPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)
SessionException(com.sun.identity.plugin.session.SessionException)
Aggregations
CircleOfTrustManager (com.sun.identity.cot.CircleOfTrustManager)35
COTException (com.sun.identity.cot.COTException)29
Set (java.util.Set)18
CircleOfTrustDescriptor (com.sun.identity.cot.CircleOfTrustDescriptor)16
Iterator (java.util.Iterator)15
CLIException (com.sun.identity.cli.CLIException)10
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)9
HashSet (java.util.HashSet)9
List (java.util.List)9
ArrayList (java.util.ArrayList)6
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)5
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)5
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)5
HashMap (java.util.HashMap)4
Map (java.util.Map)4
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)3
CLIRequest (com.sun.identity.cli.CLIRequest)2
IOutput (com.sun.identity.cli.IOutput)2
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)2
