Search in sources :

Example 6 with FSSession

use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.

the class LibertyManager method getDiscoveryBootStrapResourceOfferings.

/**
     * Returns the Discovery Service Resource Offerings nodes in an attribute
     * statement. After a single sign-on with an Identity Provider, a service
     * provider may get Discovery Service Resource Offerings through a SAML
     * assertion. This APIs helps in retrieving the resource offerings
     * if the user has been authenticated through the liberty SSO. It will
     * need to have a valid single sign on token (generated through the
     * liberty SSO).
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *        session.
     * @param providerID Hosted Provider's entity ID
     * @return <code>NodeList</code> Discovery Resource Offering Nodes,
     *  <code>null</code> if there is any failure  or if there is not one
     * @deprecated This method has been deprecated. Use
     *   {@link #getDiscoveryBootStrapResourceOfferings(
     *     HttpServletRequest request, String providerID, String providerRole)}
     */
public static NodeList getDiscoveryBootStrapResourceOfferings(HttpServletRequest request, String providerID) {
    if (request == null || providerID == null) {
        if (debug.messageEnabled()) {
            debug.message("LibertyManager.getDiscoveryResource" + "Offering: null Input params");
        }
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(IFSConstants.ROOT_REALM, providerID, IFSConstants.SP));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("LibertyManager.getDiscoveryResource" + "Offerings: Theres no liberty session for this token");
            }
            return null;
        }
        return session.getBootStrapResourceOfferings();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getDiscoveryResourceOfferings" + " Exception while retrieving discovery boot strap info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 7 with FSSession

use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.

the class LibertyManager method getDiscoveryBootStrapCredentials.

/**
     * Returns the Discovery Service Credentials in the Advice element.
     * After a single sign-on with an Identity Provider, a service
     * provider may get Discovery Service Resource Offerings and Credentials
     * through a SAML assertion. This APIs helps in retrieving the Credentials
     * if the user has been authenticated through the liberty SSO. It will
     * need to have a valid single sign on token (generated through the
     * liberty SSO). The service provider should be under root realm.
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *  session.
     * @param providerID Hosted Provider's entity ID
     * @return <code>List</code> of <code>SecurityAssertions</code>,
     *         null if there is any failure  or if there is not one
     * @deprecated This method has been deprecated. Use
     *   {@link #getDiscoveryBootStrapCredentials(
     *     HttpServletRequest request, String providerID, String providerRole)}
     */
public static List getDiscoveryBootStrapCredentials(HttpServletRequest request, String providerID) {
    if (request == null || providerID == null) {
        if (debug.messageEnabled()) {
            debug.message("LibertyManager.getDiscoveryCredentials:" + " null Input params");
        }
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(IFSConstants.ROOT_REALM, providerID, IFSConstants.SP));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (debug.messageEnabled()) {
                debug.message("LibertyManager.getDiscoveryCredentials" + ": Theres no liberty session for this token");
            }
            return null;
        }
        return session.getBootStrapCredential();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getDiscoveryCredentials" + " Exception while retrieving discovery boot strap info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 8 with FSSession

use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.

the class LibertyManager method getAccountFedInfo.

/**
     * Returns the federation information associated with current liberty 
     * session. 
     * It will need to have a valid single sign on token (generated through 
     * the liberty SSO).
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *  session.
     * @param realm the realm in which the provider resides
     * @param entityID Hosted Provider's entity ID
     * @param providerRole the role of the provider
     * @return <code>FSAccountFedInfo</code> associated with this session.
     *         <code>null</code> if there is any failure, or no liberty session
     *         is found.
     */
public static FSAccountFedInfo getAccountFedInfo(HttpServletRequest request, String realm, String entityID, String providerRole) {
    if (request == null || entityID == null) {
        debug.message("LibertyManager.getAccountFedInfo: null Input params");
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(realm, entityID, providerRole));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (debug.messageEnabled()) {
                debug.message("LibertyManager.getAccountFedInfo" + ": Theres no liberty session for this token");
            }
            return null;
        }
        return session.getAccountFedInfo();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getAccountFedInfo" + " Exception while retrieving federation info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 9 with FSSession

use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.

the class LibertyManagerImpl method getDiscoveryServiceCredential.

/**
     * Returns the discovery service credential.
     * @param tokenID Single Sign On Token ID.
     * @param hostProviderID Hosted <code>ProviderID</code>.
     * @return <code>String</code> Credential to access the discovery service.
     *         <code>null</code> if the credential does not present.
     * @exception RemoteException if any failure.
     */
public String getDiscoveryServiceCredential(String tokenID, String hostProviderID) throws RemoteException {
    try {
        Object token = SessionManager.getProvider().getSession(tokenID);
        FSSession session = FSSessionManager.getInstance(IDFFMetaUtils.getMetaAlias(IFSConstants.ROOT_REALM, hostProviderID, IFSConstants.SP, null)).getSession(token);
        if (session == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("LibertyManagerImpl.getDiscoveryServiceCredential:" + "ResourceOffering: no FSSession found");
            }
            return null;
        }
        List creds = session.getBootStrapCredential();
        if (creds == null || creds.size() == 0) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("LibertyManagerImpl.getDiscovery:" + "ServiceCredential: bootstrap credential is null");
            }
            return null;
        }
        return ((SecurityAssertion) creds.get(0)).toString();
    } catch (SessionException se) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("LibertyManagerImpl.getDiscoveryService" + "Credential: SessionException", se);
        }
        throw new RemoteException(FSUtils.bundle.getString("invalidSSOToken"));
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) SessionException(com.sun.identity.plugin.session.SessionException) NodeList(org.w3c.dom.NodeList) List(java.util.List) SecurityAssertion(com.sun.identity.liberty.ws.security.SecurityAssertion) RemoteException(java.rmi.RemoteException)

Example 10 with FSSession

use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.

the class FSPreLogoutHandler method processSingleLogoutRequest.

/**
     * Processes logout request received via SOAP profile.
     * @param reqLogout <code>FSLogoutNotification</code> request received from 
     *                  remote provider
     * @return <code>FSLogoutStatus</code> object indicates the status of
     *  the logout process
     */
public FSLogoutStatus processSingleLogoutRequest(FSLogoutNotification reqLogout) {
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("Entered FSPreLogoutHandler::" + " processSingleLogoutRequest SOAP Profile");
    }
    // User DN needs to be figured from logout request
    userID = FSLogoutUtil.getUserFromRequest(reqLogout, realm, hostedEntityId, hostedRole, hostedConfig, metaAlias);
    if (userID == null) {
        FSUtils.debug.error("User does not exist. Invalid request");
        return new FSLogoutStatus(IFSConstants.SAML_REQUESTER);
    }
    FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
    String sessionIndex = reqLogout.getSessionIndex();
    FSSession session = sessionManager.getSession(sessionManager.getSessionList(userID), sessionIndex);
    FSLogoutUtil.cleanSessionMapPartnerList(userID, remoteEntityID, metaAlias, session);
    boolean bHasAnyOtherProvider = false;
    HashMap providerMap = new HashMap();
    FSSessionPartner sessionPartner = null;
    providerMap = FSLogoutUtil.getCurrentProvider(userID, metaAlias, ssoToken, session);
    if (providerMap != null) {
        sessionPartner = (FSSessionPartner) providerMap.get(IFSConstants.PARTNER_SESSION);
        sessionIndex = (String) providerMap.get(IFSConstants.SESSION_INDEX);
        if (sessionPartner != null) {
            bHasAnyOtherProvider = true;
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("bHasAnyOtherProvider = " + bHasAnyOtherProvider);
            }
            currentEntityId = sessionPartner.getPartner();
        }
    }
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("bHasAnyOtherProvider other than source : " + bHasAnyOtherProvider);
    }
    // this is SP initiated SOAP based single logout
    FSUtils.debug.message("creating FSSingleLogoutHandler");
    FSSingleLogoutHandler handlerObj = new FSSingleLogoutHandler();
    handlerObj.setHostedDescriptor(hostedDescriptor);
    handlerObj.setHostedDescriptorConfig(hostedConfig);
    handlerObj.setRealm(realm);
    handlerObj.setHostedEntityId(hostedEntityId);
    handlerObj.setHostedProviderRole(hostedRole);
    handlerObj.setMetaAlias(metaAlias);
    handlerObj.setSingleLogoutProtocol(IFSConstants.LOGOUT_SP_SOAP_PROFILE);
    //handlerObj.setRemoteEntityId(remoteEntityID);
    return handlerObj.processSingleLogoutRequest(reqLogout, sessionPartner, userID, remoteEntityID, sessionIndex, isWMLAgent, (hostedRole.equals(IFSConstants.SP) ? IFSConstants.IDP : IFSConstants.SP));
}
Also used : FSSessionPartner(com.sun.identity.federation.services.FSSessionPartner) HashMap(java.util.HashMap) FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager)

Aggregations

FSSession (com.sun.identity.federation.services.FSSession)34 FSSessionManager (com.sun.identity.federation.services.FSSessionManager)30 SessionException (com.sun.identity.plugin.session.SessionException)26 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)15 IOException (java.io.IOException)13 FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)12 FSSessionPartner (com.sun.identity.federation.services.FSSessionPartner)12 SAMLException (com.sun.identity.saml.common.SAMLException)12 FSMsgException (com.sun.identity.federation.message.common.FSMsgException)9 SessionProvider (com.sun.identity.plugin.session.SessionProvider)9 List (java.util.List)9 FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)8 SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)8 HashMap (java.util.HashMap)8 Iterator (java.util.Iterator)8 COTException (com.sun.identity.cot.COTException)5 FSException (com.sun.identity.federation.common.FSException)5 FSLoginHelperException (com.sun.identity.federation.services.FSLoginHelperException)5 BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)4 Vector (java.util.Vector)4