Search in sources :

Example 6 with FSSessionManager

use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.

the class LibertyManager method getDiscoveryBootStrapResourceOfferings.

/**
     * Returns the Discovery Service Resource Offerings nodes in an attribute
     * statement. After a single sign-on with an Identity Provider, a service
     * provider may get Discovery Service Resource Offerings through a SAML
     * assertion. This APIs helps in retrieving the resource offerings
     * if the user has been authenticated through the liberty SSO. It will
     * need to have a valid single sign on token (generated through the
     * liberty SSO).
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *        session.
     * @param providerID Hosted Provider's entity ID
     * @return <code>NodeList</code> Discovery Resource Offering Nodes,
     *  <code>null</code> if there is any failure  or if there is not one
     * @deprecated This method has been deprecated. Use
     *   {@link #getDiscoveryBootStrapResourceOfferings(
     *     HttpServletRequest request, String providerID, String providerRole)}
     */
public static NodeList getDiscoveryBootStrapResourceOfferings(HttpServletRequest request, String providerID) {
    if (request == null || providerID == null) {
        if (debug.messageEnabled()) {
            debug.message("LibertyManager.getDiscoveryResource" + "Offering: null Input params");
        }
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(IFSConstants.ROOT_REALM, providerID, IFSConstants.SP));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("LibertyManager.getDiscoveryResource" + "Offerings: Theres no liberty session for this token");
            }
            return null;
        }
        return session.getBootStrapResourceOfferings();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getDiscoveryResourceOfferings" + " Exception while retrieving discovery boot strap info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 7 with FSSessionManager

use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.

the class LibertyManager method getDiscoveryBootStrapCredentials.

/**
     * Returns the Discovery Service Credentials in the Advice element.
     * After a single sign-on with an Identity Provider, a service
     * provider may get Discovery Service Resource Offerings and Credentials
     * through a SAML assertion. This APIs helps in retrieving the Credentials
     * if the user has been authenticated through the liberty SSO. It will
     * need to have a valid single sign on token (generated through the
     * liberty SSO). The service provider should be under root realm.
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *  session.
     * @param providerID Hosted Provider's entity ID
     * @return <code>List</code> of <code>SecurityAssertions</code>,
     *         null if there is any failure  or if there is not one
     * @deprecated This method has been deprecated. Use
     *   {@link #getDiscoveryBootStrapCredentials(
     *     HttpServletRequest request, String providerID, String providerRole)}
     */
public static List getDiscoveryBootStrapCredentials(HttpServletRequest request, String providerID) {
    if (request == null || providerID == null) {
        if (debug.messageEnabled()) {
            debug.message("LibertyManager.getDiscoveryCredentials:" + " null Input params");
        }
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(IFSConstants.ROOT_REALM, providerID, IFSConstants.SP));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (debug.messageEnabled()) {
                debug.message("LibertyManager.getDiscoveryCredentials" + ": Theres no liberty session for this token");
            }
            return null;
        }
        return session.getBootStrapCredential();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getDiscoveryCredentials" + " Exception while retrieving discovery boot strap info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 8 with FSSessionManager

use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.

the class LibertyManager method getAccountFedInfo.

/**
     * Returns the federation information associated with current liberty 
     * session. 
     * It will need to have a valid single sign on token (generated through 
     * the liberty SSO).
     *
     * @param request <code>HttpServletRequest</code> associated with a user
     *  session.
     * @param realm the realm in which the provider resides
     * @param entityID Hosted Provider's entity ID
     * @param providerRole the role of the provider
     * @return <code>FSAccountFedInfo</code> associated with this session.
     *         <code>null</code> if there is any failure, or no liberty session
     *         is found.
     */
public static FSAccountFedInfo getAccountFedInfo(HttpServletRequest request, String realm, String entityID, String providerRole) {
    if (request == null || entityID == null) {
        debug.message("LibertyManager.getAccountFedInfo: null Input params");
        return null;
    }
    try {
        Object token = SessionManager.getProvider().getSession(request);
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(realm, entityID, providerRole));
        FSSession session = sessionManager.getSession(token);
        if (session == null) {
            if (debug.messageEnabled()) {
                debug.message("LibertyManager.getAccountFedInfo" + ": Theres no liberty session for this token");
            }
            return null;
        }
        return session.getAccountFedInfo();
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.getAccountFedInfo" + " Exception while retrieving federation info.", ex);
        return null;
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 9 with FSSessionManager

use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.

the class LibertyManager method setAuthnRequest.

/**
     * Sets the authentication request to be sent to identity provider.
     * 
     * @param request <code>FSAuthnRequest</code> associated with a user
     *  session.
     * @param realm the realm in which the entity resides
     * @param entityID Hosted Provider's entity ID
     * @return <code>true</code> if the operation is successful; 
     *  <code>false</code> otherwise.
     */
public static boolean setAuthnRequest(FSAuthnRequest request, String realm, String entityID) {
    if (request == null || entityID == null) {
        debug.message("LibertyManager.setAuthnRequest: null Input params");
        return false;
    }
    try {
        FSSessionManager sessionManager = FSSessionManager.getInstance(getMetaAlias(realm, entityID, IFSConstants.SP));
        String requestID = request.getRequestID();
        if (requestID != null) {
            sessionManager.setAuthnRequest(requestID, request);
            return true;
        }
    } catch (Exception ex) {
        FSUtils.debug.error("LibertyManager.setAuthnRequest" + " Exception while setting authn request.", ex);
    }
    return false;
}
Also used : FSSessionManager(com.sun.identity.federation.services.FSSessionManager) COTException(com.sun.identity.cot.COTException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSLoginHelperException(com.sun.identity.federation.services.FSLoginHelperException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException)

Example 10 with FSSessionManager

use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.

the class FSPreLogoutHandler method processSingleLogoutRequest.

/**
     * Processes logout request received via SOAP profile.
     * @param reqLogout <code>FSLogoutNotification</code> request received from 
     *                  remote provider
     * @return <code>FSLogoutStatus</code> object indicates the status of
     *  the logout process
     */
public FSLogoutStatus processSingleLogoutRequest(FSLogoutNotification reqLogout) {
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("Entered FSPreLogoutHandler::" + " processSingleLogoutRequest SOAP Profile");
    }
    // User DN needs to be figured from logout request
    userID = FSLogoutUtil.getUserFromRequest(reqLogout, realm, hostedEntityId, hostedRole, hostedConfig, metaAlias);
    if (userID == null) {
        FSUtils.debug.error("User does not exist. Invalid request");
        return new FSLogoutStatus(IFSConstants.SAML_REQUESTER);
    }
    FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
    String sessionIndex = reqLogout.getSessionIndex();
    FSSession session = sessionManager.getSession(sessionManager.getSessionList(userID), sessionIndex);
    FSLogoutUtil.cleanSessionMapPartnerList(userID, remoteEntityID, metaAlias, session);
    boolean bHasAnyOtherProvider = false;
    HashMap providerMap = new HashMap();
    FSSessionPartner sessionPartner = null;
    providerMap = FSLogoutUtil.getCurrentProvider(userID, metaAlias, ssoToken, session);
    if (providerMap != null) {
        sessionPartner = (FSSessionPartner) providerMap.get(IFSConstants.PARTNER_SESSION);
        sessionIndex = (String) providerMap.get(IFSConstants.SESSION_INDEX);
        if (sessionPartner != null) {
            bHasAnyOtherProvider = true;
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("bHasAnyOtherProvider = " + bHasAnyOtherProvider);
            }
            currentEntityId = sessionPartner.getPartner();
        }
    }
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("bHasAnyOtherProvider other than source : " + bHasAnyOtherProvider);
    }
    // this is SP initiated SOAP based single logout
    FSUtils.debug.message("creating FSSingleLogoutHandler");
    FSSingleLogoutHandler handlerObj = new FSSingleLogoutHandler();
    handlerObj.setHostedDescriptor(hostedDescriptor);
    handlerObj.setHostedDescriptorConfig(hostedConfig);
    handlerObj.setRealm(realm);
    handlerObj.setHostedEntityId(hostedEntityId);
    handlerObj.setHostedProviderRole(hostedRole);
    handlerObj.setMetaAlias(metaAlias);
    handlerObj.setSingleLogoutProtocol(IFSConstants.LOGOUT_SP_SOAP_PROFILE);
    //handlerObj.setRemoteEntityId(remoteEntityID);
    return handlerObj.processSingleLogoutRequest(reqLogout, sessionPartner, userID, remoteEntityID, sessionIndex, isWMLAgent, (hostedRole.equals(IFSConstants.SP) ? IFSConstants.IDP : IFSConstants.SP));
}
Also used : FSSessionPartner(com.sun.identity.federation.services.FSSessionPartner) HashMap(java.util.HashMap) FSSession(com.sun.identity.federation.services.FSSession) FSSessionManager(com.sun.identity.federation.services.FSSessionManager)

Aggregations

FSSessionManager (com.sun.identity.federation.services.FSSessionManager)48 FSSession (com.sun.identity.federation.services.FSSession)30 SessionException (com.sun.identity.plugin.session.SessionException)29 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)19 IOException (java.io.IOException)19 FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)18 SAMLException (com.sun.identity.saml.common.SAMLException)16 FSSessionPartner (com.sun.identity.federation.services.FSSessionPartner)13 List (java.util.List)13 FSException (com.sun.identity.federation.common.FSException)12 HashMap (java.util.HashMap)11 BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10 FSMsgException (com.sun.identity.federation.message.common.FSMsgException)10 SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)10 Iterator (java.util.Iterator)10 SessionProvider (com.sun.identity.plugin.session.SessionProvider)9 ServletException (javax.servlet.ServletException)9 FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)8 IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)8 COTException (com.sun.identity.cot.COTException)7