Examples with FSScoping com.sun.identity.federation.message.FSScoping used on opensource projects

Search in sources :

Example 1 with FSScoping

use of com.sun.identity.federation.message.FSScoping in project OpenAM by OpenRock.

the class FSSSOAndFedHandler method getNewAuthnRequest.

/**
     * Constructs new authentication request by using the original request
     * that is sent by the service provider to the proxying IDP.
     * @param origRequest Original Authn Request
     * @return FSAuthnRequest new authn request.
     * @exception FSException for failure in creating new authn request.
     */
private FSAuthnRequest getNewAuthnRequest(FSAuthnRequest origRequest) throws FSException {
    try {
        FSAuthnRequest newRequest = new FSAuthnRequest(null, origRequest.getRespondWith(), hostedEntityId, origRequest.getForceAuthn(), origRequest.getIsPassive(), false, origRequest.getNameIDPolicy(), origRequest.getProtocolProfile(), origRequest.getAuthnContext(), origRequest.getRelayState(), origRequest.getAuthContextCompType());
        newRequest.setMinorVersion(IFSConstants.FF_12_PROTOCOL_MINOR_VERSION);
        FSScoping scoping = origRequest.getScoping();
        if (scoping != null) {
            int proxyCount = scoping.getProxyCount();
            if (proxyCount > 0) {
                FSScoping newScoping = new FSScoping();
                newScoping.setProxyCount(proxyCount - 1);
                newScoping.setIDPList(scoping.getIDPList());
                newRequest.setScoping(newScoping);
            }
        }
        return newRequest;
    } catch (Exception ex) {
        FSUtils.debug.error("FSSSOAndFedHandler.getNewAuthnRequest:" + "Error in creating new authn request.", ex);
        throw new FSException(ex);
    }
}
Also used : FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest) FSException(com.sun.identity.federation.common.FSException) FSScoping(com.sun.identity.federation.message.FSScoping) SessionException(com.sun.identity.plugin.session.SessionException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) SAMLException(com.sun.identity.saml.common.SAMLException) FSException(com.sun.identity.federation.common.FSException) IOException(java.io.IOException) FSRedirectException(com.sun.identity.federation.common.FSRedirectException)

Example 2 with FSScoping

use of com.sun.identity.federation.message.FSScoping in project OpenAM by OpenRock.

the class FSSSOAndFedHandler method isIDPProxyEnabled.

/**
     * Checks if the identity provider is configured for proxying the 
     * authentication requests for a requesting service provider.
     * @param authnRequest Authentication Request.
     * @return <code>true</code> if the IDP is configured for proxying.
     * @exception FSException for any failure.
     */
protected boolean isIDPProxyEnabled(FSAuthnRequest authnRequest) throws FSException {
    if (authnRequest.getMinorVersion() != IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
        return false;
    }
    FSScoping scoping = authnRequest.getScoping();
    if (scoping != null && scoping.getProxyCount() == 0) {
        return false;
    }
    String enabledString = IDFFMetaUtils.getFirstAttributeValueFromConfig(spConfig, IFSConstants.ENABLE_IDP_PROXY);
    if (enabledString != null && enabledString.equalsIgnoreCase("true")) {
        return true;
    } else {
        return false;
    }
}
Also used : FSScoping(com.sun.identity.federation.message.FSScoping)

Example 3 with FSScoping

use of com.sun.identity.federation.message.FSScoping in project OpenAM by OpenRock.

the class FSIntersiteTransferService method doGet.

/**
     * Generates <code>AuthnRequest</code> and sends it to <code>IDP</code>.
     * @param request <code>HttpServletRequest</code> object
     * @param response <code>HttpServletResponse</code> object
     * @exception ServletException,IOException if error occurred
     */
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    FSUtils.debug.message("FSIntersiteTransferService.doGet: Called");
    /**
         * Check to see if there is a need to set lb cookie.
         * This is for the use case that AuthnRequest is not created by the 
         * preLogin process and lb cookie wasn't set there.
         */
    if (FSUtils.needSetLBCookieAndRedirect(request, response, false)) {
        return;
    }
    try {
        IDPDescriptorType idpDescriptor = null;
        String metaAlias = request.getParameter(IFSConstants.META_ALIAS);
        if (metaAlias == null || metaAlias.length() == 0) {
            metaAlias = FSServiceUtils.getMetaAlias(request);
        }
        IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
        String hostEntityId = metaManager.getEntityIDByMetaAlias(metaAlias);
        String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
        if ((request == null) || (response == null)) {
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
            return;
        }
        String qs = request.getQueryString();
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "QueryString Received from CommonDomain: " + qs);
        }
        String requestID = findRequestID(request);
        if (requestID == null) {
            //throw error page
            FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("nullInputParameter"));
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
            return;
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID found: " + requestID);
        }
        FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
        FSAuthnRequest authnRequest = sessionMgr.getAuthnRequest(requestID);
        if (authnRequest == null) {
            FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("invalidRequestId"));
            String[] data = { FSUtils.bundle.getString("invalidRequestId") };
            LogUtil.error(Level.INFO, "INVALID_AUTHN_REQUEST", data);
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidRequestId"));
            return;
        }
        String resourceUrl = authnRequest.getRelayState();
        String baseURL = FSServiceUtils.getBaseURL(request);
        framedLoginPageURL = FSServiceUtils.getCommonLoginPageURL(metaAlias, resourceUrl, null, request, baseURL);
        String idpID = FSUtils.findPreferredIDP(realm, request);
        if (idpID == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "No Preffered IDP found in this Common Domain. " + "Try to find PrefferedIDP in other common domains");
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID :" + requestID);
            }
            redirectToCommonDomain(request, response, requestID);
            return;
        } else {
            idpDescriptor = metaManager.getIDPDescriptor(realm, idpID);
            if (idpDescriptor == null) {
                FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("noTrust"));
                String[] data = { idpID };
                LogUtil.error(Level.INFO, "PROVIDER_NOT_TRUSTED", data);
                response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("noTrust"));
                return;
            }
            HttpSession session = request.getSession(true);
            session.removeAttribute(IFSConstants.SESSION_COTSET_ATTR);
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "Preffered IDP found:" + idpID);
        }
        sessionMgr.setIDPEntityID(requestID, idpID);
        // Set the authn request version here
        int minorVersion = FSServiceUtils.getMinorVersion(idpDescriptor.getProtocolSupportEnumeration());
        authnRequest.setMinorVersion(minorVersion);
        authnRequest.getAuthnContext().setMinorVersion(minorVersion);
        SPDescriptorType hostDesc = metaManager.getSPDescriptor(realm, hostEntityId);
        BaseConfigType hostConfig = metaManager.getSPDescriptorConfig(realm, hostEntityId);
        if (IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_AFFILIATION)) {
            Set affiliations = metaManager.getAffiliateEntity(realm, idpID);
            if (affiliations != null && !affiliations.isEmpty()) {
                AffiliationDescriptorType affiliateDescriptor = (AffiliationDescriptorType) affiliations.iterator().next();
                authnRequest.setAffiliationID(affiliateDescriptor.getAffiliationID());
            }
        }
        if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION && IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_IDP_PROXY)) {
            FSScoping scoping = new FSScoping();
            scoping.setProxyCount(Integer.parseInt(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_COUNT)));
            List proxyIDPs = IDFFMetaUtils.getAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_LIST);
            if (proxyIDPs != null && !proxyIDPs.isEmpty()) {
                Iterator iter = proxyIDPs.iterator();
                ArrayList list = new ArrayList();
                while (iter.hasNext()) {
                    IDPEntry entry = new IDPEntry((String) iter.next(), null, null);
                    list.add(entry);
                }
                IDPEntries entries = new IDPEntries(list);
                FSIDPList idpList = new FSIDPList(entries, null);
                scoping.setIDPList(idpList);
            }
            authnRequest.setScoping(scoping);
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "AuthnRequest:" + authnRequest.toXMLString(true, true));
        }
        if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_ART) || authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_POST)) {
            handleBrowserArtifactPOSTIST(request, response, authnRequest, idpDescriptor, hostDesc, hostConfig);
            return;
        } else if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_WML_POST)) {
            handleWMLIST(request, response, authnRequest, idpDescriptor);
            return;
        }
        FSUtils.debug.error("FSIntersiteTransferService.doGet: " + "Unknown Protocol Profile");
        String[] data = { FSUtils.bundle.getString("invalidAuthnRequest") };
        LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, data);
        response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidAuthnRequest"));
        return;
    } catch (Exception e) {
        FSUtils.debug.error("FSIntersiteTransferService.doGet: ", e);
        try {
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("Exception"));
            return;
        } catch (IOException ioe) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("sendFailed") + ioe.getMessage());
            }
        }
    }
}
Also used : Set(java.util.Set) HttpSession(javax.servlet.http.HttpSession) FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest) ArrayList(java.util.ArrayList) AffiliationDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType) IOException(java.io.IOException) SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType) IDPEntries(com.sun.identity.federation.message.common.IDPEntries) ServletException(javax.servlet.ServletException) FSSignatureException(com.sun.identity.federation.services.util.FSSignatureException) COTException(com.sun.identity.cot.COTException) IOException(java.io.IOException) IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType) BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType) FSIDPList(com.sun.identity.federation.message.FSIDPList) IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager) Iterator(java.util.Iterator) FSScoping(com.sun.identity.federation.message.FSScoping) ArrayList(java.util.ArrayList) List(java.util.List) FSIDPList(com.sun.identity.federation.message.FSIDPList) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) IDPEntry(com.sun.identity.federation.message.common.IDPEntry)

Aggregations

FSScoping (com.sun.identity.federation.message.FSScoping)3 FSAuthnRequest (com.sun.identity.federation.message.FSAuthnRequest)2 IOException (java.io.IOException)2 COTException (com.sun.identity.cot.COTException)1 FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)1 FSException (com.sun.identity.federation.common.FSException)1 FSRedirectException (com.sun.identity.federation.common.FSRedirectException)1 BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)1 FSIDPList (com.sun.identity.federation.message.FSIDPList)1 IDPEntries (com.sun.identity.federation.message.common.IDPEntries)1 IDPEntry (com.sun.identity.federation.message.common.IDPEntry)1 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)1 IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)1 FSSessionManager (com.sun.identity.federation.services.FSSessionManager)1 FSSignatureException (com.sun.identity.federation.services.util.FSSignatureException)1 AffiliationDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType)1 IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)1 SPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)1 SessionException (com.sun.identity.plugin.session.SessionException)1 SAMLException (com.sun.identity.saml.common.SAMLException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial