Example 31 with FSSession
use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.
the class LibertyManagerImpl method getDiscoveryResourceOffering.
/**
* Returns the discovery service bootstrap resource offering.
* @param tokenID Single Sign On Token ID.
* @param hostProviderID Hosted <code>ProviderID</code>.
* @return <code>String</code> Discovery Service Resource Offering.
* @exception RemoteException if any failure.
*/
public String getDiscoveryResourceOffering(String tokenID, String hostProviderID) throws RemoteException {
try {
Object token = SessionManager.getProvider().getSession(tokenID);
FSSession session = FSSessionManager.getInstance(IDFFMetaUtils.getMetaAlias(IFSConstants.ROOT_REALM, hostProviderID, IFSConstants.SP, null)).getSession(token);
if (session == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscovery:" + "ResourceOffering: no FSSession found");
}
return null;
}
NodeList bootStrapRO = session.getBootStrapResourceOfferings();
if (bootStrapRO == null || bootStrapRO.getLength() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscovery:" + "ResourceOffering: bootstrap resource offering is null");
}
return null;
}
ResourceOffering offering = new ResourceOffering((Element) bootStrapRO.item(0));
return offering.toString();
} catch (SessionException se) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscoveryResource" + "Offering: SessionException", se);
}
throw new RemoteException(FSUtils.bundle.getString("invalidSSOToken"));
} catch (DiscoveryException de) {
FSUtils.debug.error("LibertyManagerImpl.getDiscoveryResource" + "Offering: Resource Offering parsing error", de);
throw new RemoteException(FSUtils.bundle.getString("invalidResourceOffering"));
}
}
Also used :
ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering)
NodeList(org.w3c.dom.NodeList)
FSSession(com.sun.identity.federation.services.FSSession)
SessionException(com.sun.identity.plugin.session.SessionException)
RemoteException(java.rmi.RemoteException)
DiscoveryException(com.sun.identity.liberty.ws.disco.DiscoveryException)
Example 32 with FSSession
use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.
the class FSAssertionArtifactHandler method sendProxyResponse.
/**
* Sends the proxy authentication response to the proxying service
* provider which has originally requested for the authentication.
* @param requestID authnRequest id that is sent to the authenticating
* Identity Provider.
*/
protected void sendProxyResponse(String requestID) {
FSUtils.debug.message("FSAssertionArtifactHandler.sendProxyResponse::");
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
FSAuthnRequest origRequest = sessionManager.getProxySPAuthnRequest(requestID);
if (FSUtils.debug.messageEnabled()) {
try {
FSUtils.debug.message("FSAssertionHandler.sendProxyResponse:" + origRequest.toXMLString());
} catch (Exception ex) {
FSUtils.debug.error("FSAssertionHandler.sendProxyResponse:" + "toString(): Failed.", ex);
}
}
SPDescriptorType proxyDescriptor = sessionManager.getProxySPDescriptor(requestID);
String proxySPEntityId = origRequest.getProviderId();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler.sendProxyResponse" + ":Original requesting service provider id:" + proxySPEntityId);
}
FSSession session = sessionManager.getSession(ssoToken);
if (authnContextStmt != null) {
String authnContext = authnContextStmt.getAuthnContextClassRef();
session.setAuthnContext(authnContext);
}
session.addSessionPartner(new FSSessionPartner(proxySPEntityId, false));
if (FSUtils.debug.messageEnabled()) {
Iterator partners = session.getSessionPartners().iterator();
while (partners.hasNext()) {
FSSessionPartner part = (FSSessionPartner) partners.next();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("PARTNERS" + part.getPartner());
}
}
}
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
BaseConfigType proxySPConfig = null;
try {
proxySPConfig = metaManager.getSPDescriptorConfig(realm, proxySPEntityId);
} catch (Exception e) {
FSUtils.debug.error("FSAssertionArtifactHandler.sendProxyResponse:" + "Couldn't obtain proxy sp meta:", e);
}
FSProxyHandler handler = new FSProxyHandler(request, response, origRequest, proxyDescriptor, proxySPConfig, proxySPEntityId, origRequest.getRelayState(), ssoToken);
IDPDescriptorType localIDPDesc = null;
BaseConfigType localIDPConfig = null;
String localIDPMetaAlias = null;
try {
localIDPDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
localIDPConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
localIDPMetaAlias = localIDPConfig.getMetaAlias();
} catch (Exception e) {
FSUtils.debug.error("FSAssertionartifactHandler.sendProxyResponse:" + "Exception when obtaining local idp meta:", e);
}
handler.setRealm(realm);
handler.setHostedEntityId(hostEntityId);
handler.setHostedDescriptor(localIDPDesc);
handler.setHostedDescriptorConfig(localIDPConfig);
handler.setMetaAlias(localIDPMetaAlias);
handler.processAuthnRequest(origRequest, true);
}
Also used :
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
FSSessionPartner(com.sun.identity.federation.services.FSSessionPartner)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSSession(com.sun.identity.federation.services.FSSession)
Iterator(java.util.Iterator)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
IOException(java.io.IOException)
Example 33 with FSSession
use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.
the class FSSSOAndFedHandler method processPostAuthnSSO.
/**
* Handles authentication request after local login.
* @param authnRequest <code>FSAuthnRequest</code> object
* @return <code>true</code> if the request is handled successfully;
* <code>false</code> otherwise.
*/
public boolean processPostAuthnSSO(FSAuthnRequest authnRequest) {
FSUtils.debug.message("FSSSOAndFedHandler.processPostAuthnSSO: Called");
SessionProvider sessionProvider = null;
try {
sessionProvider = SessionManager.getProvider();
if (ssoToken == null) {
ssoToken = sessionProvider.getSession(request);
}
if ((ssoToken == null) || (!sessionProvider.isValid(ssoToken))) {
FSUtils.debug.error("FSSSOAndFedHandler.processPostAuthnSSO: " + "session is not valid.");
return false;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPostAuthnSSO: " + "session is valid.");
}
}
} catch (SessionException se) {
FSUtils.debug.error("FSSSOAndFedHandler.processPostAuthnSSO: ", se);
return false;
}
//save session
String userID = null;
String sessionID = null;
try {
userID = sessionProvider.getPrincipalName(ssoToken);
sessionID = sessionProvider.getSessionID(ssoToken);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPostAuthnSSO: " + "UserID of the principal in the session: " + userID + "sessionID of the session: " + sessionID);
}
} catch (SessionException ex) {
FSUtils.debug.error("FSSSOAndFedHandler.processPostAuthnSSO: " + "SessionException occured. " + "Principal information not found in the session: ", ex);
return false;
}
FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
FSSession session = sessionManager.getSession(userID, sessionID);
if (session != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPostAuthnSSO: " + "An existing SSO session found with ID:" + session.getSessionID());
}
session.addSessionPartner(new FSSessionPartner(spEntityId, false));
sessionManager.addSession(userID, session);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPostAuthnSSO: " + "No existing SSO session found. " + "Entering a new session to the session manager with ID: " + sessionID);
}
session = new FSSession(sessionID);
String sessionIndex = SAMLUtils.generateID();
session.setSessionIndex(sessionIndex);
session.addSessionPartner(new FSSessionPartner(spEntityId, false));
sessionManager.addSession(userID, session);
}
// check for federation
String autoFedStr = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.ENABLE_AUTO_FEDERATION);
if (authnRequest.getFederate() || (autoFedStr != null && autoFedStr.equalsIgnoreCase("true"))) {
FSAccountFedInfo fedInfo = doAccountFederation(ssoToken, authnRequest, session);
NameIdentifier spNI = null;
NameIdentifier idpNI = null;
if (fedInfo == null) {
FSUtils.debug.error("FSSSOAndFedHandler.processPostAuthnSSO: " + "Accountfederation failed");
return false;
} else {
spNI = fedInfo.getRemoteNameIdentifier();
idpNI = fedInfo.getLocalNameIdentifier();
if (idpNI == null) {
idpNI = fedInfo.getRemoteNameIdentifier();
if (idpNI == null) {
FSUtils.debug.error("FSSSOAndFedHandler.processPost" + "AuthnSSO: Opaque handle not found");
return false;
}
}
if (spNI == null) {
spNI = idpNI;
}
}
return doSingleSignOn(ssoToken, authnRequest.getRequestID(), spNI, idpNI);
} else {
return doSingleSignOn(ssoToken, authnRequest.getRequestID());
}
}
Also used :
FSAccountFedInfo(com.sun.identity.federation.accountmgmt.FSAccountFedInfo)
FSSessionPartner(com.sun.identity.federation.services.FSSessionPartner)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
FSSession(com.sun.identity.federation.services.FSSession)
SessionException(com.sun.identity.plugin.session.SessionException)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SessionProvider(com.sun.identity.plugin.session.SessionProvider)
Example 34 with FSSession
use of com.sun.identity.federation.services.FSSession in project OpenAM by OpenRock.
the class LibertyManager method getAuthnContext.
/**
* Returns the authentication context used in liberty single sign-on.
* After single sign-on with an Identity Provider, a service
* provider may obtain the authentication context used by the identity
* provider that authenticates the user. It will need to have a valid
* single sign on token (generated through the liberty SSO).
*
* @param request <code>HttpServletRequest</code> associated with a user
* session.
* @param realm the realm in which the provider resides
* @param entityID Hosted Provider's entity ID
* @return authentication context string;
* <code>null</code> if there is any failure, or no liberty
* session is found.
*/
public static String getAuthnContext(HttpServletRequest request, String realm, String entityID) {
if (request == null || entityID == null) {
debug.message("LibertyManager.getAuthnContext: null Input params");
return null;
}
try {
Object token = SessionManager.getProvider().getSession(request);
FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(realm, entityID, IFSConstants.SP));
FSSession session = sessionManager.getSession(token);
if (session == null) {
if (debug.messageEnabled()) {
debug.message("LibertyManager.getAuthnContext" + ": There is no liberty session for this token");
}
return null;
}
return session.getAuthnContext();
} catch (Exception ex) {
FSUtils.debug.error("LibertyManager.getAuthnContext" + " Exception while retrieving authncontext.", ex);
return null;
}
}
Also used :
FSSession(com.sun.identity.federation.services.FSSession)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
COTException(com.sun.identity.cot.COTException)
SessionException(com.sun.identity.plugin.session.SessionException)
SAMLException(com.sun.identity.saml.common.SAMLException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
Aggregations
FSSession (com.sun.identity.federation.services.FSSession)34
FSSessionManager (com.sun.identity.federation.services.FSSessionManager)30
SessionException (com.sun.identity.plugin.session.SessionException)26
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)15
IOException (java.io.IOException)13
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)12
FSSessionPartner (com.sun.identity.federation.services.FSSessionPartner)12
SAMLException (com.sun.identity.saml.common.SAMLException)12
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)9
SessionProvider (com.sun.identity.plugin.session.SessionProvider)9
List (java.util.List)9
FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)8
SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)8
HashMap (java.util.HashMap)8
Iterator (java.util.Iterator)8
COTException (com.sun.identity.cot.COTException)5
FSException (com.sun.identity.federation.common.FSException)5
FSLoginHelperException (com.sun.identity.federation.services.FSLoginHelperException)5
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)4
Vector (java.util.Vector)4
