use of com.sun.identity.federation.message.FSLogoutNotification in project OpenAM by OpenRock.
the class FSSingleLogoutHandler method doHttpRedirect.
/**
* Performs the logout notification in the case of HTTP Redirect profile.
* @param entityId the remote provider to whom logout message needs to
* be sent
* @return logout status
*/
private FSLogoutStatus doHttpRedirect(String entityId) {
try {
FSUtils.debug.message("In HTTP Redirect profile");
isHttpRedirect = true;
FSSessionManager sMgr = FSSessionManager.getInstance(metaAlias);
if (ssoToken == null) {
try {
//this is HTTP based protocol, get from HTTP servlet request
ssoToken = SessionManager.getProvider().getSession(request);
} catch (SessionException ex) {
FSUtils.debug.error("FSSLOHandler.doHttpRedirect: null ssoToken:", ex);
}
}
FSSession session = sMgr.getSession(ssoToken);
FSAccountFedInfo acctObj = null;
if (session != null) {
acctObj = session.getAccountFedInfo();
}
if (acctObj == null && session != null && !session.getOneTime()) {
acctObj = FSLogoutUtil.getCurrentWorkingAccount(userID, entityId, metaAlias);
}
if (acctObj == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSingleLogoutHandler.doHttp" + "Redirect: Account might have been terminated.");
}
return new FSLogoutStatus(IFSConstants.SAML_SUCCESS);
}
FSLogoutNotification reqLogout = createSingleLogoutRequest(acctObj, sessionIndex);
if (this.relayState != null) {
reqLogout.setRelayState(this.relayState);
}
if (reqLogout == null) {
FSUtils.debug.message("Logout Request is null");
return new FSLogoutStatus(IFSConstants.SAML_REQUESTER);
}
reqLogout.setMinorVersion(getMinorVersion(remoteDescriptor));
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSingleLogoutHandler::doHttpRedirect " + remoteDescriptor.getSingleLogoutServiceURL() + "\nLogout request: " + reqLogout.toXMLString());
}
String urlEncodedRequest = reqLogout.toURLEncodedQueryString();
// Sign the request querystring
if (FSServiceUtils.isSigningOn()) {
String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Retrieving self certalias : " + certAlias);
}
if (certAlias == null || certAlias.length() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSingleLogoutHandler::" + " doHttpRedirect: couldn't obtain " + "this site's cert alias.");
}
return new FSLogoutStatus(IFSConstants.SAML_RESPONDER);
}
urlEncodedRequest = FSSignatureUtil.signAndReturnQueryString(urlEncodedRequest, certAlias);
}
StringBuffer redirectURL = new StringBuffer();
String retURL = remoteDescriptor.getSingleLogoutServiceURL();
FSUtils.debug.message("Encoded Redirect URL " + urlEncodedRequest);
redirectURL.append(retURL);
if (retURL.indexOf(QUESTION_MARK) == -1) {
redirectURL.append(QUESTION_MARK);
} else {
redirectURL.append(AMPERSAND);
}
redirectURL.append(urlEncodedRequest);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSingleLogoutHandler::doHttpRedirect" + " URL is " + redirectURL.toString());
}
response.sendRedirect(redirectURL.toString());
return new FSLogoutStatus(IFSConstants.SAML_SUCCESS);
} catch (FSMsgException e) {
FSUtils.debug.error("FSSingleLogoutHandler::" + " doHttpRedirect FSMsgException:", e);
} catch (IOException e) {
FSUtils.debug.error("FSSingleLogoutHandler::" + "doHttpRedirect IOException:", e);
}
return new FSLogoutStatus(IFSConstants.SAML_RESPONDER);
}
Aggregations