use of com.sun.identity.federation.jaxb.entityconfig.BaseConfigType in project OpenAM by OpenRock.
the class IDFFCOTUtils method removeCOTNameFromConfig.
/**
* Iterates through a list of entity config elements and
* removes the circle trust name from the entity config.
*/
private void removeCOTNameFromConfig(String realm, List configList, String cotName, EntityConfigElement entityConfig, IDFFMetaManager idffMetaMgr) throws IDFFMetaException {
for (Iterator iter = configList.iterator(); iter.hasNext(); ) {
BaseConfigType bConfig = (BaseConfigType) iter.next();
List list = bConfig.getAttribute();
for (Iterator iter2 = list.iterator(); iter2.hasNext(); ) {
AttributeType avp = (AttributeType) iter2.next();
if (avp.getName().trim().equalsIgnoreCase(COT_LIST)) {
List avpl = avp.getValue();
if (avpl != null && !avpl.isEmpty() && containsValue(avpl, cotName)) {
avpl.remove(cotName);
idffMetaMgr.setEntityConfig(realm, entityConfig);
break;
}
}
}
}
}
use of com.sun.identity.federation.jaxb.entityconfig.BaseConfigType in project OpenAM by OpenRock.
the class IDFFCOTUtils method removeFromEntityConfig.
/**
* Removes the circle trust name passed from the <code>cotlist</code>
* list attribute in the Entity Config. The Service Provider and Identity
* Provider Entity Configuration are updated.
*
* @param realm realm the entity resides in.
* @param cotName the circle of trust name to be removed.
* @param entityID the entity identifier of the provider.
* @throws IDFFMetaException if there is an error updating the entity
* config.
* @throws JAXBException if there is an error updating the entity config.
*/
public void removeFromEntityConfig(String realm, String cotName, String entityID) throws IDFFMetaException, JAXBException {
String classMethod = "IDFFCOTUtils.removeFromEntityConfig: ";
IDFFMetaManager idffMetaMgr = new IDFFMetaManager(callerSession);
// Check whether the entity id existed in the DS
EntityDescriptorElement entityDesc = idffMetaMgr.getEntityDescriptor(realm, entityID);
if (entityDesc == null) {
debug.error(classMethod + "No such entity: " + entityID);
String[] data = { entityID };
throw new IDFFMetaException("invalidEntityID", data);
}
EntityConfigElement entityConfig = idffMetaMgr.getEntityConfig(realm, entityID);
if (entityConfig != null) {
List spConfigList = entityConfig.getSPDescriptorConfig();
List idpConfigList = entityConfig.getIDPDescriptorConfig();
removeCOTNameFromConfig(realm, spConfigList, cotName, entityConfig, idffMetaMgr);
removeCOTNameFromConfig(realm, idpConfigList, cotName, entityConfig, idffMetaMgr);
BaseConfigType affiConfig = entityConfig.getAffiliationDescriptorConfig();
if (affiConfig != null) {
List affiConfigList = new ArrayList();
affiConfigList.add(affiConfig);
removeCOTNameFromConfig(realm, affiConfigList, cotName, entityConfig, idffMetaMgr);
}
}
}
use of com.sun.identity.federation.jaxb.entityconfig.BaseConfigType in project OpenAM by OpenRock.
the class FSAssertionArtifactHandler method sendProxyResponse.
/**
* Sends the proxy authentication response to the proxying service
* provider which has originally requested for the authentication.
* @param requestID authnRequest id that is sent to the authenticating
* Identity Provider.
*/
protected void sendProxyResponse(String requestID) {
FSUtils.debug.message("FSAssertionArtifactHandler.sendProxyResponse::");
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
FSAuthnRequest origRequest = sessionManager.getProxySPAuthnRequest(requestID);
if (FSUtils.debug.messageEnabled()) {
try {
FSUtils.debug.message("FSAssertionHandler.sendProxyResponse:" + origRequest.toXMLString());
} catch (Exception ex) {
FSUtils.debug.error("FSAssertionHandler.sendProxyResponse:" + "toString(): Failed.", ex);
}
}
SPDescriptorType proxyDescriptor = sessionManager.getProxySPDescriptor(requestID);
String proxySPEntityId = origRequest.getProviderId();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler.sendProxyResponse" + ":Original requesting service provider id:" + proxySPEntityId);
}
FSSession session = sessionManager.getSession(ssoToken);
if (authnContextStmt != null) {
String authnContext = authnContextStmt.getAuthnContextClassRef();
session.setAuthnContext(authnContext);
}
session.addSessionPartner(new FSSessionPartner(proxySPEntityId, false));
if (FSUtils.debug.messageEnabled()) {
Iterator partners = session.getSessionPartners().iterator();
while (partners.hasNext()) {
FSSessionPartner part = (FSSessionPartner) partners.next();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("PARTNERS" + part.getPartner());
}
}
}
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
BaseConfigType proxySPConfig = null;
try {
proxySPConfig = metaManager.getSPDescriptorConfig(realm, proxySPEntityId);
} catch (Exception e) {
FSUtils.debug.error("FSAssertionArtifactHandler.sendProxyResponse:" + "Couldn't obtain proxy sp meta:", e);
}
FSProxyHandler handler = new FSProxyHandler(request, response, origRequest, proxyDescriptor, proxySPConfig, proxySPEntityId, origRequest.getRelayState(), ssoToken);
IDPDescriptorType localIDPDesc = null;
BaseConfigType localIDPConfig = null;
String localIDPMetaAlias = null;
try {
localIDPDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
localIDPConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
localIDPMetaAlias = localIDPConfig.getMetaAlias();
} catch (Exception e) {
FSUtils.debug.error("FSAssertionartifactHandler.sendProxyResponse:" + "Exception when obtaining local idp meta:", e);
}
handler.setRealm(realm);
handler.setHostedEntityId(hostEntityId);
handler.setHostedDescriptor(localIDPDesc);
handler.setHostedDescriptorConfig(localIDPConfig);
handler.setMetaAlias(localIDPMetaAlias);
handler.processAuthnRequest(origRequest, true);
}
use of com.sun.identity.federation.jaxb.entityconfig.BaseConfigType in project OpenAM by OpenRock.
the class FSSSOAndFedHandler method sendProxyAuthnRequest.
/**
* Sends a new AuthnRequest to the authenticating provider.
* @param authnRequest original AuthnRequest sent by the service provider.
* @param preferredIDP IDP to be proxied.
* @exception FSException for any federation failure.
* @exception IOException if there is a failure in redirection.
*/
protected void sendProxyAuthnRequest(FSAuthnRequest authnRequest, String preferredIDP) throws FSException, IOException {
FSAuthnRequest newAuthnRequest = getNewAuthnRequest(authnRequest);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.sendProxyAuthnRequest:" + "New Authentication request:" + newAuthnRequest.toXMLString());
}
FSSessionManager sessManager = FSSessionManager.getInstance(IDFFMetaUtils.getMetaAlias(realm, hostedEntityId, IFSConstants.SP, null));
String requestID = newAuthnRequest.getRequestID();
sessManager.setAuthnRequest(requestID, newAuthnRequest);
sessManager.setProxySPDescriptor(requestID, spDescriptor);
sessManager.setProxySPAuthnRequest(requestID, authnRequest);
sessManager.setIDPEntityID(requestID, preferredIDP);
String targetURL = null;
SPDescriptorType localDescriptor = null;
BaseConfigType localDescriptorConfig = null;
try {
IDPDescriptorType idpDescriptor = metaManager.getIDPDescriptor(realm, preferredIDP);
targetURL = idpDescriptor.getSingleSignOnServiceURL();
if (targetURL == null) {
FSUtils.debug.error("FSSSOAndFedHandler.sendProxyAuthnRequest: Single " + "Sign-on service is not found for the proxying IDP");
return;
}
localDescriptor = metaManager.getSPDescriptor(realm, hostedEntityId);
localDescriptorConfig = metaManager.getSPDescriptorConfig(realm, hostedEntityId);
} catch (Exception e) {
FSUtils.debug.error("FSSSOAndFedHandler.sendProxyAuthnRequest:", e);
return;
}
String queryString = newAuthnRequest.toURLEncodedQueryString();
if (FSServiceUtils.isSigningOn()) {
String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(localDescriptorConfig, IFSConstants.SIGNING_CERT_ALIAS);
if (localDescriptor.isAuthnRequestsSigned()) {
queryString = FSSignatureUtil.signAndReturnQueryString(queryString, certAlias);
}
}
StringBuffer tmpURL = new StringBuffer(1000);
if (targetURL.indexOf("?") != -1) {
tmpURL.append(targetURL).append("&").append(queryString);
} else {
tmpURL.append(targetURL).append("?").append(queryString);
}
String redirectURL = tmpURL.toString();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.sendProxyAuthnRequest:" + "SSO URL to be redirected" + redirectURL);
}
response.setStatus(response.SC_MOVED_TEMPORARILY);
response.setHeader("Location", redirectURL);
response.sendRedirect(redirectURL);
}
use of com.sun.identity.federation.jaxb.entityconfig.BaseConfigType in project OpenAM by OpenRock.
the class FSSSOAndFedService method onMessage.
/**
* SOAP JAXM Listener implementation for LECP AuthnRequest.
*
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @param message SOAP message that contains LECP request
*/
public void onMessage(HttpServletRequest request, HttpServletResponse response, SOAPMessage message) {
FSUtils.debug.message("FSSSOAndFedService.onMessage: Called");
try {
Element elt = soapService.parseSOAPMessage(message);
if (elt == null) {
FSUtils.debug.error("FSSSOAndFedService.onMessage: " + "Error in processing. Invalid SOAPMessage");
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
String eltTagName = (elt.getTagName().trim());
String ns = elt.getNamespaceURI().trim();
String nodeName = elt.getLocalName().trim();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.onMessage: " + "tagName: " + eltTagName + " namespaceUri: " + ns + " localName: " + nodeName);
}
if (nodeName.equalsIgnoreCase("AuthnRequest") && (ns.equalsIgnoreCase(IFSConstants.libertyMessageNamespaceURI)) || (ns.equalsIgnoreCase(IFSConstants.FF_12_XML_NS))) {
SOAPMessage retMessage = null;
try {
FSAuthnRequest authnRequest = new FSAuthnRequest(elt);
String metaAlias = FSServiceUtils.getMetaAlias(request);
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
String hostEntityId = metaManager.getEntityIDByMetaAlias(metaAlias);
IDPDescriptorType hostedDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
BaseConfigType hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
sessionService.setAuthnRequest(authnRequest.getRequestID(), authnRequest);
handleLECPRequest(request, response, authnRequest, hostedDesc, hostedConfig, realm, hostEntityId, metaAlias);
retMessage = null;
} catch (Exception e) {
FSUtils.debug.error("FSSSOAndFedService.onMessage: " + "Error in processing lecp AuthnRequest:", e);
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
returnSOAPMessage(retMessage, response);
return;
} else {
FSUtils.debug.error("FSSSOAndFedService.onMessage: Invalid SOAP Request:" + nodeName);
}
} catch (Exception e) {
FSUtils.debug.error("FSSSOAndFedService.onMessage: " + "Error in processing Request: Exception occured: ", e);
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
java.io.ByteArrayOutputStream strm = new java.io.ByteArrayOutputStream();
e.printStackTrace(new java.io.PrintStream(strm));
FSUtils.debug.error(strm.toString());
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
Aggregations