Examples with FSException com.sun.identity.federation.common.FSException used on opensource projects
Example 26 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSIDPFinderService method doGet.
/**
* Gets <code>IDP</code> from common domain and sends proxy authentication
* request to the <code>IDP</code>.
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @exception ServletException, IOException if error occurred.
*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (request == null || response == null) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Null Input");
return;
}
FSUtils.debug.message("FSIDPFinderService.doGet::Init");
String entityID = request.getParameter("ProviderID");
String requestID = request.getParameter("RequestID");
String realm = request.getParameter("Realm");
if (entityID == null || requestID == null || realm == null) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Request is missing" + "either ProviderID or the RequestID");
throw new ServletException("invalidRequest");
}
String idpID = null;
try {
idpID = getCommonDomainIDP(request, response, realm, entityID, requestID);
} catch (FSRedirectException fe) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIDPFinderService.doGet:Redirection" + " has happened");
}
return;
}
String hostMetaAlias = null;
BaseConfigType hostConfig = null;
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
try {
if (metaManager != null) {
hostConfig = metaManager.getIDPDescriptorConfig(realm, entityID);
if (hostConfig != null) {
hostMetaAlias = hostConfig.getMetaAlias();
}
}
} catch (IDFFMetaException ie) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "getting proxying hosted meta:", ie);
return;
}
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
FSAuthnRequest authnReq = sessionManager.getAuthnRequest(requestID);
// is same as the local provider then do a local login.
if (idpID == null || idpID.equals(entityID)) {
String loginURL = getLoginURL(authnReq, realm, entityID, request);
if (loginURL == null) {
FSUtils.debug.error("FSIDPFinderService.doGet : login url" + " is null");
return;
}
response.setHeader("Location", loginURL);
response.sendRedirect(loginURL);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIDPFinderService.doGet:IDP to be proxied:" + idpID);
}
// Now proxy the authentication request to the preferred IDP.
try {
FSProxyHandler handler = new FSProxyHandler(request, response);
handler.setHostedEntityId(entityID);
IDPDescriptorType hostDesc = null;
SPDescriptorType origSPDesc = null;
if (metaManager != null) {
hostDesc = metaManager.getIDPDescriptor(realm, entityID);
origSPDesc = metaManager.getSPDescriptor(realm, authnReq.getProviderId());
}
handler.setSPDescriptor(origSPDesc);
handler.setHostedDescriptor(hostDesc);
handler.setHostedDescriptorConfig(hostConfig);
handler.setMetaAlias(hostMetaAlias);
handler.setRealm(realm);
handler.sendProxyAuthnRequest(authnReq, idpID);
} catch (IDFFMetaException ie) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "getting proxying hosted meta:", ie);
} catch (FSException fe) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "sending the proxy authentication request.", fe);
}
}
}
Also used :
ServletException(javax.servlet.ServletException)
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSException(com.sun.identity.federation.common.FSException)
FSRedirectException(com.sun.identity.federation.common.FSRedirectException)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)
Example 27 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSSSOAndFedHandler method createAuthnResponse.
protected FSAuthnResponse createAuthnResponse(Object ssoToken, String inResponseTo, NameIdentifier userHandle, NameIdentifier idpHandle) {
FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse: Called");
FSAuthnResponse authnResponse = null;
try {
String requestID = authnRequest.getRequestID();
FSAssertionManager am = FSAssertionManager.getInstance(metaAlias);
FSAssertion assertion = null;
SessionProvider sessionProvider = SessionManager.getProvider();
assertion = am.createFSAssertion(sessionProvider.getSessionID(ssoToken), null, realm, spEntityId, userHandle, idpHandle, inResponseTo, authnRequest.getMinorVersion());
StatusCode statusCode = new StatusCode(IFSConstants.STATUS_CODE_SUCCESS);
Status status = new Status(statusCode);
List contents = new ArrayList();
contents.add(assertion);
authnResponse = new FSAuthnResponse(null, requestID, status, contents, relayState);
authnResponse.setMinorVersion(authnRequest.getMinorVersion());
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse: " + "CHECK1: " + hostedEntityId);
}
authnResponse.setProviderId(hostedEntityId);
} catch (FSException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: FSException: ", se);
return null;
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SAMLException: ", se);
return null;
} catch (SessionException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SessionException: ", se);
return null;
}
// sign AuthnResponse
return authnResponse;
}
Also used :
Status(com.sun.identity.saml.protocol.Status)
FSAuthnResponse(com.sun.identity.federation.message.FSAuthnResponse)
FSAssertionManager(com.sun.identity.federation.services.FSAssertionManager)
FSAssertion(com.sun.identity.federation.message.FSAssertion)
ArrayList(java.util.ArrayList)
FSException(com.sun.identity.federation.common.FSException)
SessionException(com.sun.identity.plugin.session.SessionException)
List(java.util.List)
ArrayList(java.util.ArrayList)
StatusCode(com.sun.identity.saml.protocol.StatusCode)
SAMLException(com.sun.identity.saml.common.SAMLException)
SessionProvider(com.sun.identity.plugin.session.SessionProvider)
Example 28 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSSSOAndFedService method doGet.
/**
* Processes single sign on request.
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @exception ServletException, IOException if an error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
FSUtils.debug.message("FSSSOAndFedService.doGet: Called");
if ((request == null) || (response == null)) {
FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("nullInputParameter"));
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
return;
}
if (FSUtils.needSetLBCookieAndRedirect(request, response, true)) {
return;
}
// check for post authn
boolean bPostAuthn = false;
boolean bLECP = false;
String authnIndicator = request.getParameter(IFSConstants.AUTHN_INDICATOR_PARAM);
if (authnIndicator == null) {
FSUtils.debug.message("FSSSOAndFedService.doGet:Pre Authentication SSO");
bPostAuthn = false;
} else {
FSUtils.debug.message("FSSSOAndFedService.doGet:Post Authentication SSO");
bPostAuthn = true;
String lecpIndicator = request.getParameter(IFSConstants.LECP_INDICATOR_PARAM);
if (lecpIndicator == null) {
FSUtils.debug.message("FSSSOAndFedService.doGet:non LECP request");
bLECP = false;
} else {
FSUtils.debug.message("FSSSOAndFedService.doGet:post Authn LECP request");
bLECP = true;
}
//Start Change
String requestId = request.getParameter(IFSConstants.AUTH_REQUEST_ID);
String hostEntityId = request.getParameter(IFSConstants.PROVIDER_ID_KEY);
String authnContext = request.getParameter(IFSConstants.AUTHN_CONTEXT);
String realm = request.getParameter(IFSConstants.REALM);
String metaAlias = request.getParameter(IFSConstants.META_ALIAS);
FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
FSAuthnRequest authnRequest = sessionService.getAuthnRequest(requestId);
if (authnRequest == null) {
FSUtils.debug.message("FSSSOAndFedService.doGet: authnRequest is null");
}
if ((authnContext == null) || (authnContext.length() == 0)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.doGet: authnContext is null. " + "Using default password");
}
authnContext = IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD;
}
//End Change
if (authnRequest != null && realm != null && realm.length() != 0 && hostEntityId != null && hostEntityId.length() != 0 && authnContext != null && authnContext.length() != 0) {
handleAuthnRequest(request, response, authnRequest, realm, hostEntityId, bLECP, authnContext);
return;
} else {
FSUtils.debug.error("FSSSOAndFedService.doGet: " + "AuthnRequest not found in FSSessionManager");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInput"));
return;
}
}
// obtain AuthnRequest message
//decode and create FSAuthnRequest object
FSAuthnRequest authnRequest = null;
try {
authnRequest = FSAuthnRequest.parseURLEncodedRequest(request);
if (authnRequest == null) {
FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest"));
String[] data = { FSUtils.bundle.getString("invalidAuthnRequest") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, data);
response.sendError(response.SC_BAD_REQUEST, FSUtils.bundle.getString("invalidAuthnRequest"));
return;
}
} catch (FSException e) {
FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest") + ", queryString=" + request.getQueryString(), e);
String[] data = { FSUtils.bundle.getString("invalidAuthnRequest") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, data);
response.sendError(response.SC_BAD_REQUEST, FSUtils.bundle.getString("invalidAuthnRequest"));
return;
}
String metaAlias = null;
String realm = null;
String hostEntityId = null;
IDPDescriptorType hostedDesc = null;
BaseConfigType hostedConfig = null;
try {
metaAlias = FSServiceUtils.getMetaAlias(request);
realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
hostEntityId = metaManager.getEntityIDByMetaAlias(metaAlias);
hostedDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService: couldn't obtain hosted entity id:", e);
}
}
handleAuthnRequest(request, response, authnRequest, bPostAuthn, bLECP, realm, hostEntityId, metaAlias, hostedDesc, hostedConfig);
return;
}
Also used :
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSException(com.sun.identity.federation.common.FSException)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
FSException(com.sun.identity.federation.common.FSException)
IOException(java.io.IOException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
Example 29 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSAssertionManager method getAssertion.
/**
* Retrieves the assertion associated with an artifact.
* @param artifact assertion artifact
* @param destID destination ID of the site who sent the request
* @return assertion associated with the artifact
* @exception FSException if the assertion could not be retrieved
*/
public Assertion getAssertion(AssertionArtifact artifact, String destID) throws FSException {
if ((artifact == null) || (destID == null || destID.length() == 0)) {
FSUtils.debug.message("FSAssertionManager: input is null.");
throw new FSException("nullInput", null);
}
String artString = artifact.getAssertionArtifact();
// get server id.
String remoteUrl = SAMLUtils.getServerURL(artifact.getAssertionHandle());
if (remoteUrl != null) {
// call AssertionManagerClient.getAssertion
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("AssertionManager.getAssertion(art, " + "destid: calling another server in lb site:" + remoteUrl);
}
FSAssertionManagerClient amc = new FSAssertionManagerClient(metaAlias, getFullServiceURL(remoteUrl));
return amc.getAssertion(artifact, destID);
}
// else
String aIDString = null;
try {
aIDString = (String) artIdMap.get(artString);
if (aIDString == null) {
throw new FSException("nullInput", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no AssertionID found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
Entry entry = null;
try {
entry = (Entry) idEntryMap.get(aIDString);
if (entry == null) {
throw new FSException("nullEntry", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no Entry found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
// check the destination id
String dest = entry.getDestID();
if (dest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no destID found corresponding to artifact.");
}
throw new FSException("noDestIDMatchingArtifact", null);
}
if (!dest.equals(destID)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): destinationID doesn't match.");
}
throw new FSException("destIDNotMatch", null);
}
synchronized (artIdMap) {
artIdMap.remove(artString);
}
if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
idffSvc.setArtifacts((long) artIdMap.size());
}
artifactTimeoutRunnable.removeElement(aIDString);
synchronized (idEntryMap) {
idEntryMap.remove(aIDString);
}
if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
idffSvc.setAssertions((long) idEntryMap.size());
}
assertionTimeoutRunnable.removeElement(aIDString);
Assertion assertion = entry.getAssertion();
if (assertion == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no Assertion found corresponding to aID.");
}
throw new FSException("noMatchingAssertion", null);
}
if (!assertion.isTimeValid()) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager: assertion " + aIDString + " is expired.");
}
throw new FSException("assertionTimeNotValid", null);
}
return assertion;
}
Also used :
FSException(com.sun.identity.federation.common.FSException)
Assertion(com.sun.identity.saml.assertion.Assertion)
FSAssertion(com.sun.identity.federation.message.FSAssertion)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ParseException(java.text.ParseException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
UnknownHostException(java.net.UnknownHostException)
Example 30 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSAssertionManager method getDestIdForArtifact.
/**
* Finds the destination id for whom the artifact is issued for.
* @param artifact assertion artifact
* @return destination id
* @exception FSException if error occurrs
*/
public String getDestIdForArtifact(AssertionArtifact artifact) throws FSException {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: Called");
String artString = artifact.getAssertionArtifact();
// get server id.
String remoteUrl = SAMLUtils.getServerURL(artifact.getAssertionHandle());
if (remoteUrl != null) {
// call FSAssertionManagerClient.getAssertion
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("AssertionManager.getDestIdForArtifact(art, " + "destid: calling another server in lb site:" + remoteUrl);
}
FSAssertionManagerClient amc = new FSAssertionManagerClient(metaAlias, getFullServiceURL(remoteUrl));
return amc.getDestIdForArtifact(artifact);
}
// else
String aIDString = null;
try {
aIDString = (String) artIdMap.get(artString);
if (aIDString == null) {
throw new FSException("nullInput", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact :" + "no AssertionID found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
Entry entry = null;
try {
entry = (Entry) idEntryMap.get(aIDString);
if (entry == null) {
throw new FSException("nullEntry", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "no Entry found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
String dest = entry.getDestID();
if (dest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "no destID found corresponding to artifact.");
}
throw new FSException("noDestIDMatchingArtifact", null);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "Destination ProviderID found for Artifact: " + dest);
}
return dest;
}
Also used :
FSException(com.sun.identity.federation.common.FSException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ParseException(java.text.ParseException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
UnknownHostException(java.net.UnknownHostException)
Aggregations
FSException (com.sun.identity.federation.common.FSException)49
SAMLException (com.sun.identity.saml.common.SAMLException)25
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)21
SessionException (com.sun.identity.plugin.session.SessionException)19
IOException (java.io.IOException)13
List (java.util.List)12
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10
FSAssertion (com.sun.identity.federation.message.FSAssertion)10
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)8
FSAuthnRequest (com.sun.identity.federation.message.FSAuthnRequest)8
ArrayList (java.util.ArrayList)8
Iterator (java.util.Iterator)8
Document (org.w3c.dom.Document)8
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)7
IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)7
ProviderDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)7
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)7
Status (com.sun.identity.saml.protocol.Status)7
Map (java.util.Map)7
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)6
