Example 1 with FSAuthnResponseEnvelope
use of com.sun.identity.federation.message.FSAuthnResponseEnvelope in project OpenAM by OpenRock.
the class FSSSOLECPProfileHandler method sendAuthnResponse.
protected void sendAuthnResponse(FSAuthnResponse authnResponse) {
authnResponse.setProviderId(hostedEntityId);
FSAuthnResponseEnvelope respEnvelope = new FSAuthnResponseEnvelope(authnResponse);
respEnvelope.setMinorVersion(authnResponse.getMinorVersion());
respEnvelope.setAssertionConsumerServiceURL(FSServiceUtils.getAssertionConsumerServiceURL(spDescriptor, null));
FSSOAPService soapService = FSSOAPService.getInstance();
SOAPMessage retMessage = null;
try {
retMessage = soapService.bind(respEnvelope.toXMLString(true, true));
} catch (FSMsgException ex) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOLECPProfileHandler.sendAuthnResponse: ", ex);
}
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
response.setHeader(IFSConstants.LECP_HEADER_NAME, request.getHeader(IFSConstants.LECP_HEADER_NAME));
response.setContentType(IFSConstants.LECP_RESP_CONTENT_TYPE_HEADER);
if (FSServiceUtils.isSigningOn()) {
try {
List assList = authnResponse.getAssertion();
Iterator iter = assList.iterator();
while (iter.hasNext()) {
FSAssertion assertion = (FSAssertion) iter.next();
String id = assertion.getID();
Document doc = (Document) FSServiceUtils.createSOAPDOM(retMessage);
String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
if (certAlias == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOLECPProfileHandler.sendAuthnResponse: " + "couldn't obtain this site's cert alias.");
}
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
XMLSignatureManager manager = XMLSignatureManager.getInstance();
int minorVersion = assertion.getMinorVersion();
if (minorVersion == IFSConstants.FF_11_ASSERTION_MINOR_VERSION) {
manager.signXML(doc, certAlias, SystemConfigurationUtil.getProperty(SAMLConstants.XMLSIG_ALGORITHM), IFSConstants.ID, id, false);
} else if (minorVersion == IFSConstants.FF_12_POST_ASSERTION_MINOR_VERSION || minorVersion == IFSConstants.FF_12_ART_ASSERTION_MINOR_VERSION) {
manager.signXML(doc, certAlias, SystemConfigurationUtil.getProperty(SAMLConstants.XMLSIG_ALGORITHM), IFSConstants.ASSERTION_ID, assertion.getAssertionID(), false);
} else {
FSUtils.debug.message("invalid minor version.");
}
retMessage = FSServiceUtils.convertDOMToSOAP(doc);
}
} catch (Exception e) {
response.setStatus(response.SC_INTERNAL_SERVER_ERROR);
returnSOAPMessage(soapService.formSOAPError("Server", "cannotProcessRequest", null), response);
return;
}
}
returnSOAPMessage(retMessage, response);
}
Also used :
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
FSAssertion(com.sun.identity.federation.message.FSAssertion)
FSAuthnResponseEnvelope(com.sun.identity.federation.message.FSAuthnResponseEnvelope)
XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager)
Document(org.w3c.dom.Document)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
Aggregations
FSAssertion (com.sun.identity.federation.message.FSAssertion)1
FSAuthnResponseEnvelope (com.sun.identity.federation.message.FSAuthnResponseEnvelope)1
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)1
XMLSignatureManager (com.sun.identity.saml.xmlsig.XMLSignatureManager)1
Document (org.w3c.dom.Document)1
