Example 6 with FSAccountMgmtException
use of com.sun.identity.federation.accountmgmt.FSAccountMgmtException in project OpenAM by OpenRock.
the class FSSSOAndFedService method handleAuthnRequest.
private void handleAuthnRequest(HttpServletRequest request, HttpServletResponse response, FSAuthnRequest authnRequest, String realm, String hostEntityId, boolean bLECP, String authnContext) {
// post authn process
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
IDPDescriptorType hostedDesc = null;
BaseConfigType hostedConfig = null;
String metaAlias = null;
try {
hostedDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
if (hostedConfig != null) {
metaAlias = hostedConfig.getMetaAlias();
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "Couldn't obtain hosted meta:", e);
}
}
/* Not really useful.
String nameRegisDone =
request.getParameter(IFSConstants.NAMEREGIS_INDICATOR_PARAM);
boolean doNameRegis = false;
String doNameRegisStr =
IDFFMetaUtils.getFirstAttributeValueFromConfig(
hostedConfig, IFSConstants.ENABLE_REGISTRATION_AFTER_SSO);
if (doNameRegisStr != null && doNameRegisStr.equalsIgnoreCase("true")) {
doNameRegis = true;
}
*/
Object ssoToken = null;
String userID = null;
try {
SessionProvider sessionProvider = SessionManager.getProvider();
ssoToken = sessionProvider.getSession(request);
if (ssoToken == null) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is null.");
return;
} else if (!sessionProvider.isValid(ssoToken)) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is not valid.");
return;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "session token is valid.");
}
}
FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
FSSession session = sessionManager.getSession(ssoToken);
userID = sessionProvider.getPrincipalName(ssoToken);
if (session == null) {
session = new FSSession(sessionProvider.getSessionID(ssoToken));
session.setAuthnContext(authnContext);
sessionManager.addSession(userID, session);
} else {
session.setAuthnContext(authnContext);
}
} catch (SessionException se) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: ", se);
return;
}
try {
if (userID == null) {
LogUtil.error(Level.INFO, LogUtil.USER_NOT_FOUND, null, ssoToken);
return;
}
String remoteEntityID = authnRequest.getProviderId();
FSAccountManager acctMng = FSAccountManager.getInstance(metaAlias);
acctMng.readAccountFedInfo(userID, remoteEntityID);
/* Not useful at all. Commented out for now.
if (doNameRegis &&
(nameRegisDone == null ||
!nameRegisDone.equals(IFSConstants.TRUE)) &&
!authnRequest.getFederate())
{
// have to do nameregis now
Map queryMap = new HashMap();
queryMap.put(IFSConstants.AUTH_REQUEST_ID,
authnRequest.getRequestID());
queryMap.put(IFSConstants.PROVIDER_ID_KEY,hostEntityId);
queryMap.put(IFSConstants.AUTHN_CONTEXT,authnContext);
FSServiceManager instSManager = FSServiceManager.getInstance();
if (instSManager != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message(
"FSSSOAndFedService.handleAuthnRequest:" +
"FSServiceManager Instance not null");
}
try {
FSNameRegistrationHandler handlerObj =
instSManager.getNameRegistrationHandler(
realm, remoteEntityID, IFSConstants.SP);
SPDescriptorType remoteProviderDesc =
metaManager.getSPDescriptor(realm,remoteEntityID);
if (handlerObj != null) {
handlerObj.setHostedDescriptor(hostedDesc);
handlerObj.setHostedDescriptorConfig(hostedConfig);
handlerObj.setMetaAlias(metaAlias);
handlerObj.setHostedEntityId(hostEntityId);
handlerObj.handleNameRegistration(
request,
response,
ssoToken,
(HashMap)queryMap);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message(
"FSSSOAndFedService.handleAuthnRequest:" +
"Control returned from name registration");
}
if (!FSServiceUtils.isRegisProfileSOAP(userID,
remoteEntityID,
remoteProviderDesc,
metaAlias,
hostedDesc))
{
return;
}
}
} catch (Exception ex){
FSUtils.debug.error(
"FSSSOAndFedService.handleAuthnRequest:Error in " +
"invoking Name registration. returning.", ex);
return;
}
}
}
*/
} catch (FSAccountMgmtException exp) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService:: handleAuthnRequest()" + " No account information avialable for user. " + "So no invocation " + " of name registration. ", exp);
}
}
handleAuthnRequest(request, response, authnRequest, true, bLECP, realm, hostEntityId, metaAlias, hostedDesc, hostedConfig);
}
Also used :
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
FSSession(com.sun.identity.federation.services.FSSession)
SessionException(com.sun.identity.plugin.session.SessionException)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
FSAccountManager(com.sun.identity.federation.accountmgmt.FSAccountManager)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
FSException(com.sun.identity.federation.common.FSException)
IOException(java.io.IOException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SessionProvider(com.sun.identity.plugin.session.SessionProvider)
Example 7 with FSAccountMgmtException
use of com.sun.identity.federation.accountmgmt.FSAccountMgmtException in project OpenAM by OpenRock.
the class FSLogoutUtil method getUserFromRequest.
/**
* Determines the user name from the logout request.
* @param reqLogout the logout rerquest received
* @param realm the realm under which the entity resides
* @param hostedEntityId the hosted provider performing logout
* @param hostedRole the role of the hosted provider
* @param hostedConfig extended meta config for hosted provider
* @param metaAlias hosted provider's meta alias
* @return user id if the user is found; <code>null</code> otherwise.
*/
public static String getUserFromRequest(FSLogoutNotification reqLogout, String realm, String hostedEntityId, String hostedRole, BaseConfigType hostedConfig, String metaAlias) {
FSAccountManager accountInst = null;
try {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Realm : " + realm + ", entityID : " + hostedEntityId);
}
accountInst = FSAccountManager.getInstance(metaAlias);
} catch (FSAccountMgmtException fe) {
FSUtils.debug.message("In FSAccountManagementException :: cannot" + " get account manager:" + fe);
return null;
}
try {
// User Name needs to be figured from logout request
String opaqueHandle = (reqLogout.getNameIdentifier()).getName().trim();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Name : " + opaqueHandle);
}
String associatedDomain = (reqLogout.getNameIdentifier().getNameQualifier()).trim();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Name Qualifier : " + associatedDomain);
}
if ((associatedDomain == null) || (associatedDomain.length() == 0) || associatedDomain.equals(reqLogout.getProviderId())) {
associatedDomain = hostedEntityId;
}
// Get userDN
FSAccountFedInfoKey acctkey = null;
// remote domain(SP) first
if (hostedRole.equalsIgnoreCase(IFSConstants.SP)) {
acctkey = new FSAccountFedInfoKey(associatedDomain, opaqueHandle);
} else {
acctkey = new FSAccountFedInfoKey(reqLogout.getProviderId(), opaqueHandle);
}
Map env = new HashMap();
env.put(IFSConstants.FS_USER_PROVIDER_ENV_LOGOUT_KEY, reqLogout);
String userID = accountInst.getUserID(acctkey, realm, env);
if (userID == null) {
// for backward compitability
if (hostedRole.equalsIgnoreCase(IFSConstants.SP)) {
acctkey = new FSAccountFedInfoKey(reqLogout.getProviderId(), opaqueHandle);
} else {
acctkey = new FSAccountFedInfoKey(associatedDomain, opaqueHandle);
}
userID = accountInst.getUserID(acctkey, realm, env);
}
if (userID == null) {
FSUtils.debug.message("UserID is null");
return null;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("user id is " + userID);
}
return userID;
} catch (FSAccountMgmtException e) {
FSUtils.debug.message("In FSAccountMgmtException :: ", e);
return null;
}
}
Also used :
HashMap(java.util.HashMap)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
FSAccountFedInfoKey(com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey)
FSAccountManager(com.sun.identity.federation.accountmgmt.FSAccountManager)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 8 with FSAccountMgmtException
use of com.sun.identity.federation.accountmgmt.FSAccountMgmtException in project OpenAM by OpenRock.
the class FSFedTerminationHandler method setUserID.
/**
* Finds the user based on the termination request received from a remote
* provider.
* @param reqTermination the termination request
* @return <code>true</code> if the user is found; <code>false</code>
* otherwise.
*/
public boolean setUserID(FSFederationTerminationNotification reqTermination) {
try {
// UserDN needs to be figured from termination request
String sourceProviderId = "";
if (managerInst != null) {
sourceProviderId = reqTermination.getProviderId();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("sourceProviderId : " + sourceProviderId);
}
String opaqueHandle = (reqTermination.getNameIdentifier()).getName().trim();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("processTerminationRequest Handle : " + opaqueHandle);
}
String associatedDomain = (reqTermination.getNameIdentifier().getNameQualifier()).trim();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Name Qualifier : " + associatedDomain);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Realm : " + realm);
}
String searchDomain = hostedEntityId;
if ((associatedDomain != null) && (associatedDomain.length() != 0) && (!sourceProviderId.equals(associatedDomain))) {
searchDomain = associatedDomain;
}
FSAccountFedInfoKey acctkey = new FSAccountFedInfoKey(searchDomain, opaqueHandle);
Map env = new HashMap();
env.put(IFSConstants.FS_USER_PROVIDER_ENV_TERMINATION_KEY, reqTermination);
this.userID = managerInst.getUserID(acctkey, realm, env);
if (this.userID == null) {
acctkey = new FSAccountFedInfoKey(remoteEntityId, opaqueHandle);
this.userID = managerInst.getUserID(acctkey, realm, env);
if (this.userID == null) {
FSUtils.debug.message("UserID is null");
return false;
}
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("user id is " + userID);
}
return true;
}
} catch (FSAccountMgmtException e) {
FSUtils.debug.error("In FSAccountMgmtException :: ", e);
}
this.userID = null;
return false;
}
Also used :
HashMap(java.util.HashMap)
FSAccountFedInfoKey(com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 9 with FSAccountMgmtException
use of com.sun.identity.federation.accountmgmt.FSAccountMgmtException in project OpenAM by OpenRock.
the class FSFedTerminationHandler method resetFederateCookie.
/**
* Resets ederate cookie when termination is done with one remote provider.
* If no active federations exists then the cookie is set to "no"; otherwise
* it is set to "yes".
*/
public void resetFederateCookie() {
try {
if (userID == null || userID.length() < 1) {
return;
} else {
Cookie fedCookie;
String cookieValue;
if (managerInst.hasAnyActiveFederation(userID)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("User : " + userID + " Federation Exists : " + IFSConstants.YES);
}
cookieValue = IFSConstants.YES;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("User : " + userID + " Federation Exists : " + IFSConstants.NO);
}
cookieValue = IFSConstants.NO;
}
FSUtils.debug.message("Setting Path to /");
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Setting Age to " + IFSConstants.PERSISTENT_COOKIE_AGE + " Age");
}
Set<String> domains = SystemConfigurationUtil.getCookieDomainsForRequest(request);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Provider cookie domain list is " + domains);
}
for (String domain : domains) {
CookieUtils.addCookieToResponse(response, CookieUtils.newCookie(FEDERATE_COOKIE_NAME, cookieValue, IFSConstants.PERSISTENT_COOKIE_AGE, "/", domain));
}
}
} catch (FSAccountMgmtException e) {
FSUtils.debug.error("Unable to read user federation information", e);
return;
}
}
Also used :
Cookie(javax.servlet.http.Cookie)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
Example 10 with FSAccountMgmtException
use of com.sun.identity.federation.accountmgmt.FSAccountMgmtException in project OpenAM by OpenRock.
the class FSNameRegistrationHandler method doRemoteRegistration.
/**
* Initiates federation registration at remote end.
* The registration request is constructed and based on the profile the
* request is sent over SOAP or as HTTP redirect. Profile is always based on
* the SPs profile.
* @return <code>true</code> if the process is successful;
* <code>false</code> otherwise.
*/
private boolean doRemoteRegistration() {
FSUtils.debug.message("Entered FSNameRegistrationHandler::doRemoteRegistration");
try {
try {
if (acctInfo == null) {
acctInfo = managerInst.readAccountFedInfo(userID, remoteEntityId);
}
} catch (FSAccountMgmtException e) {
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::doRemoteRegistration create" + " request start");
}
FSNameRegistrationRequest regisRequest = createNameRegistrationRequest(acctInfo);
if (regisRequest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::Registration request could " + "not be formed");
}
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::Registration request formed" + "successfully");
}
// Find out which profile to use
boolean isSOAPProfile = true;
if (acctInfo.isRoleIDP()) {
List hostProfiles = hostedDescriptor.getRegisterNameIdentifierProtocolProfile();
if (hostProfiles == null || hostProfiles.isEmpty()) {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration no registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
String hostProfile = (String) hostProfiles.iterator().next();
if (hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_SOAP_PROFILE) || hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_SOAP_PROFILE)) {
isSOAPProfile = true;
} else if (hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_HTTP_PROFILE) || hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_HTTP_PROFILE)) {
isSOAPProfile = false;
} else {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration Invalid registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
} else {
List remoteProfiles = remoteDescriptor.getRegisterNameIdentifierProtocolProfile();
if (remoteProfiles == null || remoteProfiles.isEmpty()) {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration no registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
String remoteProfile = (String) remoteProfiles.iterator().next();
if (remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_SOAP_PROFILE) || remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_SOAP_PROFILE)) {
isSOAPProfile = true;
} else if (remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_HTTP_PROFILE) || remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_HTTP_PROFILE)) {
isSOAPProfile = false;
} else {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration Invalid registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
}
if (isSOAPProfile) {
FSSOAPService instSOAP = FSSOAPService.getInstance();
if (instSOAP != null) {
FSUtils.debug.message("Signing suceeded. To call bindRegistrationRequest");
regisRequest.setID(IFSConstants.REGISTRATIONID);
SOAPMessage msgRegistration = instSOAP.bind(regisRequest.toXMLString(true, true));
if (msgRegistration != null) {
SOAPMessage retSOAPMessage = null;
try {
if (FSServiceUtils.isSigningOn()) {
int minorVersion = regisRequest.getMinorVersion();
if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
msgRegistration = signRegistrationRequest(msgRegistration, IFSConstants.ID, regisRequest.getID());
} else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
msgRegistration = signRegistrationRequest(msgRegistration, IFSConstants.REQUEST_ID, regisRequest.getRequestID());
} else {
FSUtils.debug.message("invalid minor version.");
}
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("calling " + "sendRegistrationMessage");
}
retSOAPMessage = instSOAP.sendMessage(msgRegistration, remoteDescriptor.getSoapEndpoint());
} catch (SOAPException e) {
FSUtils.debug.error("Error in sending request ", e);
returnLocallyAtSource(response, false);
return false;
} catch (Exception ex) {
FSUtils.debug.error("Error in sending request:", ex);
returnLocallyAtSource(response, false);
return false;
}
if (retSOAPMessage == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("sendRegistrationMessage" + "return response is null");
}
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("calling" + "parseSOAPMessage after return from IDP");
}
Element elt = instSOAP.parseSOAPMessage(retSOAPMessage);
if (FSServiceUtils.isSigningOn() && regisResponse != null) {
if (!verifyResponseSignature(retSOAPMessage, acctInfo.isRoleIDP())) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Response " + "signature verification failed");
FSUtils.debug.message("Name registration" + " failed in doRemoteRegistration");
}
returnLocallyAtSource(response, false);
return false;
}
}
FSUtils.debug.message("Response signature verification succeeded");
if (elt.getLocalName().equalsIgnoreCase(IFSConstants.NAME_REGISTRATION_RESPONSE)) {
FSNameRegistrationResponse regisResponse = null;
try {
regisResponse = new FSNameRegistrationResponse(elt);
} catch (SAMLException e) {
regisResponse = null;
}
if (regisResponse != null) {
String responseStatus = ((regisResponse.getStatus()).getStatusCode()).getValue();
if (responseStatus.equals(IFSConstants.SAML_SUCCESS)) {
FSUtils.debug.message("Name registration Successful");
// do local update
oldAcctKey = (FSAccountFedInfoKey) returnMap.get("OldAccountKey");
if (oldAcctKey != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Get OldAcctKet Name : " + oldAcctKey.getName() + "\nGet OldAcctKet Qualifier:" + oldAcctKey.getNameSpace());
}
} else {
FSUtils.debug.message("OldAccount Key is null");
}
newAcctKey = (FSAccountFedInfoKey) returnMap.get("AccountKey");
if (newAcctKey != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Get newAcctKey Name : " + newAcctKey.getName() + "\nGet newAcctKey Qualifier:" + newAcctKey.getNameSpace());
}
} else {
FSUtils.debug.message("newAcctKey Key is null");
}
newAcctInfo = (FSAccountFedInfo) returnMap.get("AccountInfo");
userID = (String) returnMap.get("userID");
regisSource = (String) returnMap.get("RegisSource");
returnURL = (String) returnMap.get(IFSConstants.LRURL);
boolean bStatus = doCommonRegistration();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("doCommonRegistration returns " + bStatus);
}
// Call SP Adapter
if (bStatus && hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
FSUtils.debug.message("doRemoteRegis");
callPostRegisterNameIdentifierSuccess(request, response, userID, regisRequest, regisResponse, IFSConstants.NAME_REGISTRATION_SP_SOAP_PROFILE);
}
returnLocallyAtSource(response, bStatus);
return bStatus;
} else if (responseStatus.equals(IFSConstants.FEDERATION_NOT_EXISTS_STATUS)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Name " + "registration Failed. " + "Federation does not exist");
}
returnLocallyAtSource(response, false);
return false;
} else if (responseStatus.equals(IFSConstants.REGISTRATION_FAILURE_STATUS)) {
FSUtils.debug.message("Name registration Failed.");
returnLocallyAtSource(response, false);
return false;
}
}
}
}
}
returnLocallyAtSource(response, false);
return false;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::doRemoteRegistration " + "In Redirect profile");
}
// addition of relay state
FSNameIdentifierHelper nameHelper = new FSNameIdentifierHelper(hostedConfig);
String newId = nameHelper.createNameIdentifier();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Registration Id : " + newId);
}
regisRequest.setRelayState(newId);
// add information to FSRegistrationMap
HashMap valMap = new HashMap();
valMap.put("SSODetails", regisMap);
valMap.put("ReturnEntry", returnMap);
if (returnURL != null) {
valMap.put(IFSConstants.LRURL, returnURL);
}
FSRegistrationManager registInst = FSRegistrationManager.getInstance(metaAlias);
registInst.setRegistrationMapInfo(newId, valMap);
// sat1 add null checks
Set ketSet = valMap.keySet();
Iterator iter = ketSet.iterator();
String key = null;
String value = null;
while (iter.hasNext()) {
key = (String) iter.next();
value = (String) regisMap.get(key);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Putting in Map Key : " + key + "\nPutting in Map Value : " + value);
}
}
String urlEncodedRequest = regisRequest.toURLEncodedQueryString();
// Sign the request querystring
if (FSServiceUtils.isSigningOn()) {
String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
if (certAlias == null || certAlias.length() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSBrowserArtifactConsumerHandler:: " + "signSAMLRequest:" + "couldn't obtain this site's cert alias.");
}
throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
}
urlEncodedRequest = FSSignatureUtil.signAndReturnQueryString(urlEncodedRequest, certAlias);
}
StringBuffer redirectURL = new StringBuffer();
String retURL = remoteDescriptor.getRegisterNameIdentifierServiceURL();
redirectURL.append(retURL);
if (retURL.indexOf(IFSConstants.QUESTION_MARK) == -1) {
redirectURL.append(IFSConstants.QUESTION_MARK);
} else {
redirectURL.append(IFSConstants.AMPERSAND);
}
redirectURL.append(urlEncodedRequest);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request to be sent : " + redirectURL.toString());
}
// end of addition
response.sendRedirect(redirectURL.toString());
return true;
}
} catch (IOException e) {
FSUtils.debug.error("FSNameRegistrationHandler" + FSUtils.bundle.getString(IFSConstants.FEDERATION_REDIRECT_FAILED));
} catch (FSMsgException e) {
FSUtils.debug.error("FSNameRegistrationHandler::doRemoteRegistration " + FSUtils.bundle.getString(IFSConstants.TERMINATION_FAILED_SEND_REMOTE));
} catch (SAMLResponderException e) {
FSUtils.debug.error("FSNameRegistrationHandler::doRemoteRegistration " + FSUtils.bundle.getString(IFSConstants.TERMINATION_FAILED_SEND_REMOTE));
}
returnLocallyAtSource(response, false);
return false;
}
Also used :
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
Set(java.util.Set)
HashMap(java.util.HashMap)
Element(org.w3c.dom.Element)
FSNameRegistrationRequest(com.sun.identity.federation.message.FSNameRegistrationRequest)
FSSOAPService(com.sun.identity.federation.services.FSSOAPService)
IOException(java.io.IOException)
SOAPMessage(javax.xml.soap.SOAPMessage)
SAMLException(com.sun.identity.saml.common.SAMLException)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SAMLException(com.sun.identity.saml.common.SAMLException)
IOException(java.io.IOException)
FSNameIdentifierHelper(com.sun.identity.federation.services.util.FSNameIdentifierHelper)
SOAPException(javax.xml.soap.SOAPException)
FSNameRegistrationResponse(com.sun.identity.federation.message.FSNameRegistrationResponse)
Iterator(java.util.Iterator)
List(java.util.List)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
Aggregations
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)15
FSAccountFedInfoKey (com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey)8
FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)7
HashMap (java.util.HashMap)7
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)6
Map (java.util.Map)6
Set (java.util.Set)5
FSAccountManager (com.sun.identity.federation.accountmgmt.FSAccountManager)4
SAMLException (com.sun.identity.saml.common.SAMLException)4
HashSet (java.util.HashSet)4
SSOException (com.iplanet.sso.SSOException)3
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)3
AMIdentity (com.sun.identity.idm.AMIdentity)3
IdRepoException (com.sun.identity.idm.IdRepoException)3
IOException (java.io.IOException)3
Iterator (java.util.Iterator)3
SSOToken (com.iplanet.sso.SSOToken)2
CLIException (com.sun.identity.cli.CLIException)2
IOutput (com.sun.identity.cli.IOutput)2
FSException (com.sun.identity.federation.common.FSException)2
