Examples with FSException com.sun.identity.federation.common.FSException used on opensource projects
Example 36 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSAssertionManager method getAssertion.
/**
* Retrieves the assertion associated with an artifact.
* @param artifact assertion artifact
* @param destID destination ID of the site who sent the request
* @return assertion associated with the artifact
* @exception FSException if the assertion could not be retrieved
*/
public Assertion getAssertion(AssertionArtifact artifact, String destID) throws FSException {
if ((artifact == null) || (destID == null || destID.length() == 0)) {
FSUtils.debug.message("FSAssertionManager: input is null.");
throw new FSException("nullInput", null);
}
String artString = artifact.getAssertionArtifact();
// get server id.
String remoteUrl = SAMLUtils.getServerURL(artifact.getAssertionHandle());
if (remoteUrl != null) {
// call AssertionManagerClient.getAssertion
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("AssertionManager.getAssertion(art, " + "destid: calling another server in lb site:" + remoteUrl);
}
FSAssertionManagerClient amc = new FSAssertionManagerClient(metaAlias, getFullServiceURL(remoteUrl));
return amc.getAssertion(artifact, destID);
}
// else
String aIDString = null;
try {
aIDString = (String) artIdMap.get(artString);
if (aIDString == null) {
throw new FSException("nullInput", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no AssertionID found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
Entry entry = null;
try {
entry = (Entry) idEntryMap.get(aIDString);
if (entry == null) {
throw new FSException("nullEntry", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no Entry found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
// check the destination id
String dest = entry.getDestID();
if (dest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no destID found corresponding to artifact.");
}
throw new FSException("noDestIDMatchingArtifact", null);
}
if (!dest.equals(destID)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): destinationID doesn't match.");
}
throw new FSException("destIDNotMatch", null);
}
synchronized (artIdMap) {
artIdMap.remove(artString);
}
if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
idffSvc.setArtifacts((long) artIdMap.size());
}
artifactTimeoutRunnable.removeElement(aIDString);
synchronized (idEntryMap) {
idEntryMap.remove(aIDString);
}
if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
idffSvc.setAssertions((long) idEntryMap.size());
}
assertionTimeoutRunnable.removeElement(aIDString);
Assertion assertion = entry.getAssertion();
if (assertion == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getAssertion(art, de" + "stid): no Assertion found corresponding to aID.");
}
throw new FSException("noMatchingAssertion", null);
}
if (!assertion.isTimeValid()) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager: assertion " + aIDString + " is expired.");
}
throw new FSException("assertionTimeNotValid", null);
}
return assertion;
}
Also used :
FSException(com.sun.identity.federation.common.FSException)
Assertion(com.sun.identity.saml.assertion.Assertion)
FSAssertion(com.sun.identity.federation.message.FSAssertion)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ParseException(java.text.ParseException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
UnknownHostException(java.net.UnknownHostException)
Example 37 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSAssertionManager method getDestIdForArtifact.
/**
* Finds the destination id for whom the artifact is issued for.
* @param artifact assertion artifact
* @return destination id
* @exception FSException if error occurrs
*/
public String getDestIdForArtifact(AssertionArtifact artifact) throws FSException {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: Called");
String artString = artifact.getAssertionArtifact();
// get server id.
String remoteUrl = SAMLUtils.getServerURL(artifact.getAssertionHandle());
if (remoteUrl != null) {
// call FSAssertionManagerClient.getAssertion
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("AssertionManager.getDestIdForArtifact(art, " + "destid: calling another server in lb site:" + remoteUrl);
}
FSAssertionManagerClient amc = new FSAssertionManagerClient(metaAlias, getFullServiceURL(remoteUrl));
return amc.getDestIdForArtifact(artifact);
}
// else
String aIDString = null;
try {
aIDString = (String) artIdMap.get(artString);
if (aIDString == null) {
throw new FSException("nullInput", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact :" + "no AssertionID found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
Entry entry = null;
try {
entry = (Entry) idEntryMap.get(aIDString);
if (entry == null) {
throw new FSException("nullEntry", null);
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "no Entry found corresponding to artifact.");
}
throw new FSException("noMatchingAssertion", null);
}
String dest = entry.getDestID();
if (dest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "no destID found corresponding to artifact.");
}
throw new FSException("noDestIDMatchingArtifact", null);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionManager.getDestIdForArtifact: " + "Destination ProviderID found for Artifact: " + dest);
}
return dest;
}
Also used :
FSException(com.sun.identity.federation.common.FSException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ParseException(java.text.ParseException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
UnknownHostException(java.net.UnknownHostException)
Example 38 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class EncryptedNameIdentifier method getEncryptedNameIdentifier.
/**
* Returns the <code>EncryptedNameIdentifier</code> for a given name
* identifier and the provider ID.
*
* @param ni the <code>NameIdentifier</code> object.
* @param realm The realm under which the entity resides.
* @param providerID the remote provider identifier.
* @return the <code>NameIdentifier</code> object.
* @throws FSException on error.
*/
public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier ni, String realm, String providerID) throws FSException {
if (ni == null || providerID == null) {
FSUtils.debug.error("EncryptedNameIdentifier.construct: " + "nullInputParameter");
throw new FSException("nullInputParameter", null);
}
ProviderDescriptorType providerDesc = null;
try {
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
if (metaManager != null) {
providerDesc = metaManager.getSPDescriptor(realm, providerID);
if (providerDesc == null) {
providerDesc = metaManager.getIDPDescriptor(realm, providerID);
}
}
if (providerDesc == null) {
throw new IDFFMetaException((String) null);
}
} catch (IDFFMetaException ae) {
FSUtils.debug.error("EncryptedNameIdentifier.construct: Could" + "not retrieve the meta for provider" + providerID);
throw new FSException(ae);
}
EncInfo encInfo = KeyUtil.getEncInfo(providerDesc, providerID, false);
return getEncryptedNameIdentifier(ni, providerID, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength());
}
Also used :
EncInfo(com.sun.identity.federation.key.EncInfo)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)
FSException(com.sun.identity.federation.common.FSException)
Example 39 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSSSOBrowserArtifactProfileHandler method createSAMLResponse.
private FSResponse createSAMLResponse(FSSAMLRequest samlRequest) throws FSException {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler.createSAMLResponse: Called");
FSResponse retResponse = null;
String respID = FSUtils.generateID();
String inResponseTo = samlRequest.getRequestID();
List contents = new ArrayList();
String message = null;
int length;
Status status;
String remoteAddr = ClientUtils.getClientIPAddress(request);
String respPrefix = FSUtils.bundle.getString("responseLogMessage") + " " + remoteAddr;
int reqType = samlRequest.getContentType();
if (reqType == Request.NOT_SUPPORTED) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "Found element in the request which are not supported");
}
message = FSUtils.bundle.getString("unsupportedElement");
try {
status = new Status(new StatusCode("samlp:Responder"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "Fatal error, cannot create status or response: ", se);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
FSAssertionManager am = null;
try {
am = FSAssertionManager.getInstance(metaAlias);
} catch (FSException se) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Cannot instantiate " + "FSAssertionManager");
}
message = se.getMessage();
try {
status = new Status(new StatusCode("samlp:Responder"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "Fatal error, cannot create status or response: ", sse);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
List artifacts = null;
List assertions = new ArrayList();
if (reqType == Request.ASSERTION_ARTIFACT) {
artifacts = samlRequest.getAssertionArtifact();
length = artifacts.size();
// ensure that all the artifacts have the same sourceID
String sourceID = null;
String providerID = null;
AssertionArtifact art = null;
for (int j = 0; j < length; j++) {
art = (AssertionArtifact) artifacts.get(j);
if (sourceID != null) {
if (!sourceID.equals(art.getSourceID())) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Artifacts not from " + "the same source");
}
message = FSUtils.bundle.getString("mismatchSourceID");
try {
/**
* Need a second level status for the federation
* does not exist.
*/
status = new Status(new StatusCode("samlp:Requester", new StatusCode(IFSConstants.FEDERATION_NOT_EXISTS_STATUS, null)), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException ex) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response: ", ex);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
} else {
//sourceids are equal
continue;
}
} else {
// sourceID == null
sourceID = art.getSourceID();
}
}
// while loop to go through artifacts to check for sourceID
if (art != null) {
try {
providerID = am.getDestIdForArtifact(art);
} catch (FSException ex) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: FSException Occured while " + "retrieving sp's providerID for the artifact: ", ex);
providerID = null;
}
if (providerID == null) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "artifact received does not correspond to any SP");
message = FSUtils.bundle.getString("invalidSource");
try {
/**
* Need a second level status for the federation
* does not exist.
*/
/**
* First, let's check we haven't recorded a status
* beforehand (by another call) related to this
* artifact. If so, use it.
*/
Status sorig = am.getErrorStatus(art);
if (sorig != null) {
status = sorig;
} else {
status = new Status(new StatusCode("samlp:Requester", new StatusCode(IFSConstants.FEDERATION_NOT_EXISTS_STATUS, null)), message, null);
}
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
return retResponse;
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse:Fatal error, " + "cannot create status or response: ", sse);
return null;
}
//return error response
} else {
try {
if (!metaManager.isTrustedProvider(realm, hostedEntityId, providerID)) {
FSUtils.debug.error("FSSSOAndFedHandler.processAuthnRequest: " + "RemoteProvider is not trusted");
message = FSUtils.bundle.getString("AuthnRequestProcessingFailed");
status = new Status(new StatusCode("samlp:Requester"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
return retResponse;
}
spDescriptor = metaManager.getSPDescriptor(realm, providerID);
spEntityId = providerID;
remoteAddr = providerID;
} catch (Exception ae) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "FSAllianceManagementException " + "Occured while getting", ae);
message = ae.getMessage();
try {
status = new Status(new StatusCode("samlp:Requester"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
return retResponse;
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse:Fatal error, " + "cannot create status or response: ", sse);
return null;
}
}
}
//Verify signature
if (FSServiceUtils.isSigningOn()) {
if (!verifySAMLRequestSignature(samlRequestElement, soapMsg)) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: " + "SAMLRequest signature verification failed");
message = FSUtils.bundle.getString("signatureVerificationFailed");
try {
status = new Status(new StatusCode("samlp:Requester"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
return retResponse;
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse:Fatal error, " + "cannot create status or response: " + sse.getMessage());
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtProfileHandler.createSAMLResp:" + " SAMLRequest signature verified");
}
}
}
//end signature verification
} else {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: No artifact found in samlRequest");
message = FSUtils.bundle.getString("missingArtifact");
try {
status = new Status(new StatusCode("samlp:Requester"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
return retResponse;
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse:Fatal error, " + "cannot create status or response: ", sse);
return null;
}
}
for (int i = 0; i < length; i++) {
AssertionArtifact artifact = (AssertionArtifact) artifacts.get(i);
Assertion assertion = null;
try {
assertion = am.getAssertion(artifact, spEntityId);
} catch (FSException e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler.createSAML" + "Response:could not find matching assertion:", e);
}
message = e.getMessage();
try {
status = new Status(new StatusCode("samlp:Success"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException sse) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse:Fatal error, " + "cannot create status or response: ", sse);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
if (assertion != null) {
assertions.add(i, assertion);
}
}
}
int assertionSize = assertions.size();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: found " + assertionSize + "assertions.");
}
// inside the assertion has the calling host's address in it.
for (int i = 0; i < assertionSize; i++) {
Assertion assn = (Assertion) assertions.get(i);
Conditions conds = assn.getConditions();
Set trcs = conds.getAudienceRestrictionCondition();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: checking to see if assertions" + " are for host:" + remoteAddr);
}
if (trcs != null && !trcs.isEmpty()) {
Iterator trcsIterator = trcs.iterator();
while (trcsIterator.hasNext()) {
if (!((AudienceRestrictionCondition) trcsIterator.next()).containsAudience(remoteAddr)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: removing TRC not" + "meant for this host");
}
assertions.remove(assn);
}
}
}
}
assertionSize = assertions.size();
if (assertionSize == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Matching Assertions(s) not " + "created for this host");
}
message = FSUtils.bundle.getString("mismatchDest");
try {
status = new Status(new StatusCode("samlp:Success"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, contents);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response:", se);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
if (reqType == Request.ASSERTION_ARTIFACT) {
if (assertions.size() == artifacts.size()) {
message = null;
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Matching Assertion found");
}
try {
status = new Status(new StatusCode("samlp:Success"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, assertions);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response:", se);
return null;
} catch (Exception e) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response:", e);
return null;
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
} else {
message = FSUtils.bundle.getString("unequalMatch");
try {
status = new Status(new StatusCode("samlp:Success"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, assertions);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response:", se);
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
} else {
// build response for all the other type of request
try {
message = null;
status = new Status(new StatusCode("samlp:Success"), message, null);
retResponse = new FSResponse(respID, inResponseTo, status, assertions);
retResponse.setMinorVersion(samlRequest.getMinorVersion());
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLResponse: Fatal error, " + "cannot create status or response:", se);
}
}
if (LogUtil.isAccessLoggable(Level.FINER)) {
String[] data = { respPrefix, retResponse.toString() };
LogUtil.access(Level.FINER, LogUtil.CREATE_SAML_RESPONSE, data);
} else {
String[] data = { respPrefix, FSUtils.bundle.getString("responseID") + "=" + retResponse.getResponseID() + "," + FSUtils.bundle.getString("inResponseTo") + "=" + retResponse.getInResponseTo() };
LogUtil.access(Level.INFO, LogUtil.CREATE_SAML_RESPONSE, data);
}
return retResponse;
}
Also used :
Status(com.sun.identity.saml.protocol.Status)
Set(java.util.Set)
ArrayList(java.util.ArrayList)
Assertion(com.sun.identity.saml.assertion.Assertion)
StatusCode(com.sun.identity.saml.protocol.StatusCode)
SAMLException(com.sun.identity.saml.common.SAMLException)
AssertionArtifact(com.sun.identity.saml.protocol.AssertionArtifact)
FSAssertionArtifact(com.sun.identity.federation.message.FSAssertionArtifact)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SessionException(com.sun.identity.plugin.session.SessionException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
Conditions(com.sun.identity.saml.assertion.Conditions)
FSAssertionManager(com.sun.identity.federation.services.FSAssertionManager)
FSResponse(com.sun.identity.federation.message.FSResponse)
FSException(com.sun.identity.federation.common.FSException)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 40 with FSException
use of com.sun.identity.federation.common.FSException in project OpenAM by OpenRock.
the class FSSSOBrowserArtifactProfileHandler method createSAMLAssertionArtifact.
/**
* Creates assertion and assertion artifact.
*/
protected List createSAMLAssertionArtifact(Object ssoToken, String inResponseTo, NameIdentifier userHandle, NameIdentifier idpHandle) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOBrowserArtifactProfileHandler." + "createSAMLAssertionArtifact: Called");
}
List artifactList = new ArrayList();
try {
FSAssertionManager am = FSAssertionManager.getInstance(metaAlias);
AssertionArtifact artifact = am.createFSAssertionArtifact(SessionManager.getProvider().getSessionID(ssoToken), realm, spEntityId, userHandle, idpHandle, inResponseTo, authnRequest.getMinorVersion());
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("AssertionArtifact id = " + artifact.toString());
}
String artid = artifact.getAssertionArtifact();
artifactList.add(artid);
return artifactList;
} catch (FSException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLAssertionArtifact(0): ", se);
return null;
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLAssertionArtifact(1): ", se);
return null;
} catch (SessionException se) {
FSUtils.debug.error("FSSSOBrowserArtifactProfileHandler." + "createSAMLAssertionArtifact(2): ", se);
return null;
}
}
Also used :
FSAssertionManager(com.sun.identity.federation.services.FSAssertionManager)
ArrayList(java.util.ArrayList)
FSException(com.sun.identity.federation.common.FSException)
SessionException(com.sun.identity.plugin.session.SessionException)
ArrayList(java.util.ArrayList)
List(java.util.List)
SAMLException(com.sun.identity.saml.common.SAMLException)
AssertionArtifact(com.sun.identity.saml.protocol.AssertionArtifact)
FSAssertionArtifact(com.sun.identity.federation.message.FSAssertionArtifact)
Aggregations
FSException (com.sun.identity.federation.common.FSException)49
SAMLException (com.sun.identity.saml.common.SAMLException)25
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)21
SessionException (com.sun.identity.plugin.session.SessionException)19
IOException (java.io.IOException)13
List (java.util.List)12
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10
FSAssertion (com.sun.identity.federation.message.FSAssertion)10
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)8
FSAuthnRequest (com.sun.identity.federation.message.FSAuthnRequest)8
ArrayList (java.util.ArrayList)8
Iterator (java.util.Iterator)8
Document (org.w3c.dom.Document)8
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)7
IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)7
ProviderDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)7
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)7
Status (com.sun.identity.saml.protocol.Status)7
Map (java.util.Map)7
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)6
