Example 11 with FSSessionManager
use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.
the class FSSSOAndFedHandler method processPreAuthnSSO.
/**
* Handles authentication request.
* @param authnRequest <code>FSAuthnRequest</code> object
* @return <code>true</code> if the request is handled successfully;
* <code>false</code> otherwise.
*/
public boolean processPreAuthnSSO(FSAuthnRequest authnRequest) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: Called");
String loginURL = null;
List authenticationContextClassRef = null;
String currentAuthnContextRef = null;
String authType = null;
FSAuthContextResult authnResult = null;
FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
if (authnRequest.getAuthnContext() != null) {
authenticationContextClassRef = authnRequest.getAuthnContext().getAuthnContextClassRefList();
if (authenticationContextClassRef == null) {
String authCtxRefDefault = IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD;
authenticationContextClassRef = new ArrayList();
authenticationContextClassRef.add(authCtxRefDefault);
}
authType = authnRequest.getAuthContextCompType();
currentAuthnContextRef = null;
}
boolean authenticated = true;
Object ssoToken = null;
try {
SessionProvider sessionProvider = SessionManager.getProvider();
ssoToken = sessionProvider.getSession(request);
if (ssoToken == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "session is null. User is not authenticated.");
}
authenticated = false;
} else if (!sessionProvider.isValid(ssoToken)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "session is not valid. User is not authenticated.");
}
authenticated = false;
} else {
FSSession ssoSession = sessionMgr.getSession(ssoToken);
if (ssoSession != null) {
currentAuthnContextRef = ssoSession.getAuthnContext();
if (currentAuthnContextRef != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User has an existing " + "valid session with authnContext: " + currentAuthnContextRef);
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's authentication" + " context information not found using " + "default authentication context");
}
currentAuthnContextRef = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.DEFAULT_AUTHNCONTEXT);
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.process" + "PreAuthnSSO: User's authenticated session " + "information is not present in FSSessionManager. " + "using default authentication context");
}
currentAuthnContextRef = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.DEFAULT_AUTHNCONTEXT);
}
authenticated = true;
}
if (authenticated) {
// added in case of multiple SPs
try {
sessionProvider.addListener(ssoToken, new FSTokenListener(metaAlias));
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "Couldn't add listener to session:", e);
}
}
}
} catch (SessionException se) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "SSOException Occured: User does not have session " + se.getMessage());
authenticated = false;
}
//Initiate proxying
if (!authenticated) {
try {
boolean isProxy = isIDPProxyEnabled(authnRequest);
if (isProxy && !authnRequest.getFederate()) {
String preferredIDP = getPreferredIDP(authnRequest);
if (preferredIDP != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.process" + "PreAuthnSSO:IDP to be proxied" + preferredIDP);
}
sendProxyAuthnRequest(authnRequest, preferredIDP);
return true;
}
//else continue for the local authentication.
}
} catch (FSRedirectException re) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandle.processPreAuthnSSO:" + "Redirecting for the proxy handling.");
}
return true;
} catch (Exception ex) {
FSUtils.debug.error("FSSSOAndFedHandler.processPreAuthnSSO:" + "Exception occured while processing for the proxy.", ex);
return false;
}
}
try {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "User's authentication status: " + authenticated);
}
FSAuthnDecisionHandler authnDecisionHandler = new FSAuthnDecisionHandler(realm, hostedEntityId, request);
List defAuthnCxtList = new ArrayList();
defAuthnCxtList.add(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.DEFAULT_AUTHNCONTEXT));
if (authnRequest.getIsPassive()) {
if (authnRequest.getForceAuthn()) {
if (FSUtils.debug.warningEnabled()) {
FSUtils.debug.warning("FSSSOAndFedHandler.PreAuthnSSO: " + "IDP is passive can't force authentication.");
}
return false;
} else {
if (authenticated) {
if (authenticationContextClassRef != null) {
authnResult = authnDecisionHandler.decideAuthnContext(authenticationContextClassRef, currentAuthnContextRef, authType);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's " + "authentication context is default");
}
authnResult = authnDecisionHandler.getURLForAuthnContext(defAuthnCxtList, authType);
}
if (authnResult == null) {
return false;
}
if (authnResult.getLoginURL() != null) {
// When it's not null.,
// we should show the login page
// may be it'asking for higher auth context.
loginURL = authnResult.getLoginURL();
loginURL = formatLoginURL(loginURL, authnResult.getAuthContextRef());
FSUtils.forwardRequest(request, response, loginURL);
return true;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's " + "authentication " + "context is evaluated to be valid");
}
return processPostAuthnSSO(authnRequest);
}
} else {
if (FSUtils.debug.warningEnabled()) {
FSUtils.debug.warning("FSSSOAndFedHandler.processPreAuthnSSO: " + "IDP is passive and user is not authenticated");
}
noFedStatus = new Status(new StatusCode("samlp:Responder", new StatusCode("lib:NoPassive", null)), FSUtils.bundle.getString("AuthnRequestProcessingFailed"), null);
return false;
}
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: AuthnRequest is active");
}
if (authnRequest.getForceAuthn()) {
if (authenticationContextClassRef != null) {
authnResult = authnDecisionHandler.getURLForAuthnContext(authenticationContextClassRef, authType);
} else {
authnResult = authnDecisionHandler.getURLForAuthnContext(defAuthnCxtList);
}
if (authnResult == null || authnResult.getLoginURL() == null || authnResult.getLoginURL().length() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO:" + "AuthnDecision engine failed to take a " + "authn decision");
}
return false;
} else {
if (ssoToken != null) {
try {
SessionManager.getProvider().invalidateSession(ssoToken, request, response);
} catch (SessionException ssoe) {
FSUtils.debug.error("FSSSOAndFedHandler.processPreAuthnSSO:" + "Unable to invalidate the sso session.");
}
ssoToken = null;
}
loginURL = authnResult.getLoginURL();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "AuthnDecision engine returned: " + loginURL);
}
}
loginURL = formatLoginURL(loginURL, authnResult.getAuthContextRef());
FSUtils.forwardRequest(request, response, loginURL);
response.flushBuffer();
return true;
} else {
if (authenticated) {
if (authenticationContextClassRef != null) {
authnResult = authnDecisionHandler.decideAuthnContext(authenticationContextClassRef, currentAuthnContextRef, authType);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's " + "authentication " + "context is default");
}
authnResult = authnDecisionHandler.getURLForAuthnContext(defAuthnCxtList, authType);
}
if (authnResult == null) {
return false;
} else if (authnResult.getLoginURL() == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's " + "authentication " + "context is evaluated to be valid");
}
return processPostAuthnSSO(authnRequest);
} else if (authnResult.getLoginURL().length() == 0) {
return false;
} else {
loginURL = authnResult.getLoginURL();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO" + ": AuthnDecision engine returned: " + loginURL);
}
}
loginURL = formatLoginURL(loginURL, authnResult.getAuthContextRef());
FSUtils.forwardRequest(request, response, loginURL);
return true;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: AuthnRequest is active");
}
//redirect for authentication authnContextRef
if (authenticationContextClassRef != null) {
authnResult = authnDecisionHandler.getURLForAuthnContext(authenticationContextClassRef, authType);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler." + "processPreAuthnSSO: User's " + "authentication " + "context is default");
}
authnResult = authnDecisionHandler.getURLForAuthnContext(defAuthnCxtList, authType);
}
if (authnResult == null || authnResult.getLoginURL() == null || authnResult.getLoginURL().length() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler. processPreAuthnSSO: " + " AuthnDecision engine" + " failed to take a decision");
}
noFedStatus = new Status(new StatusCode("samlp:Responder", new StatusCode("lib:NoAuthnContext", null)), FSUtils.bundle.getString("AuthnRequestProcessingFailed"), null);
return false;
} else {
loginURL = authnResult.getLoginURL();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.processPreAuthnSSO: " + "AuthnDecision engine returned: " + loginURL);
}
}
loginURL = formatLoginURL(loginURL, authnResult.getAuthContextRef());
FSUtils.forwardRequest(request, response, loginURL);
return true;
}
}
}
} catch (Exception e) {
FSUtils.debug.error("FSSSOAndFedHandler.processPreAuthnSSO: " + "Exception occured");
return processPostAuthnSSO(authnRequest);
}
}
Also used :
Status(com.sun.identity.saml.protocol.Status)
ArrayList(java.util.ArrayList)
FSSession(com.sun.identity.federation.services.FSSession)
SessionException(com.sun.identity.plugin.session.SessionException)
FSRedirectException(com.sun.identity.federation.common.FSRedirectException)
StatusCode(com.sun.identity.saml.protocol.StatusCode)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
IOException(java.io.IOException)
FSRedirectException(com.sun.identity.federation.common.FSRedirectException)
FSAuthContextResult(com.sun.identity.federation.services.FSAuthContextResult)
FSAuthnDecisionHandler(com.sun.identity.federation.services.FSAuthnDecisionHandler)
List(java.util.List)
ArrayList(java.util.ArrayList)
FSTokenListener(com.sun.identity.federation.services.logout.FSTokenListener)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SessionProvider(com.sun.identity.plugin.session.SessionProvider)
Example 12 with FSSessionManager
use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.
the class FSIDPFinderService method doGet.
/**
* Gets <code>IDP</code> from common domain and sends proxy authentication
* request to the <code>IDP</code>.
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @exception ServletException, IOException if error occurred.
*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (request == null || response == null) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Null Input");
return;
}
FSUtils.debug.message("FSIDPFinderService.doGet::Init");
String entityID = request.getParameter("ProviderID");
String requestID = request.getParameter("RequestID");
String realm = request.getParameter("Realm");
if (entityID == null || requestID == null || realm == null) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Request is missing" + "either ProviderID or the RequestID");
throw new ServletException("invalidRequest");
}
String idpID = null;
try {
idpID = getCommonDomainIDP(request, response, realm, entityID, requestID);
} catch (FSRedirectException fe) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIDPFinderService.doGet:Redirection" + " has happened");
}
return;
}
String hostMetaAlias = null;
BaseConfigType hostConfig = null;
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
try {
if (metaManager != null) {
hostConfig = metaManager.getIDPDescriptorConfig(realm, entityID);
if (hostConfig != null) {
hostMetaAlias = hostConfig.getMetaAlias();
}
}
} catch (IDFFMetaException ie) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "getting proxying hosted meta:", ie);
return;
}
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
FSAuthnRequest authnReq = sessionManager.getAuthnRequest(requestID);
// is same as the local provider then do a local login.
if (idpID == null || idpID.equals(entityID)) {
String loginURL = getLoginURL(authnReq, realm, entityID, request);
if (loginURL == null) {
FSUtils.debug.error("FSIDPFinderService.doGet : login url" + " is null");
return;
}
response.setHeader("Location", loginURL);
response.sendRedirect(loginURL);
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIDPFinderService.doGet:IDP to be proxied:" + idpID);
}
// Now proxy the authentication request to the preferred IDP.
try {
FSProxyHandler handler = new FSProxyHandler(request, response);
handler.setHostedEntityId(entityID);
IDPDescriptorType hostDesc = null;
SPDescriptorType origSPDesc = null;
if (metaManager != null) {
hostDesc = metaManager.getIDPDescriptor(realm, entityID);
origSPDesc = metaManager.getSPDescriptor(realm, authnReq.getProviderId());
}
handler.setSPDescriptor(origSPDesc);
handler.setHostedDescriptor(hostDesc);
handler.setHostedDescriptorConfig(hostConfig);
handler.setMetaAlias(hostMetaAlias);
handler.setRealm(realm);
handler.sendProxyAuthnRequest(authnReq, idpID);
} catch (IDFFMetaException ie) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "getting proxying hosted meta:", ie);
} catch (FSException fe) {
FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in " + "sending the proxy authentication request.", fe);
}
}
}
Also used :
ServletException(javax.servlet.ServletException)
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSException(com.sun.identity.federation.common.FSException)
FSRedirectException(com.sun.identity.federation.common.FSRedirectException)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)
Example 13 with FSSessionManager
use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.
the class FSIntersiteTransferService method doGet.
/**
* Generates <code>AuthnRequest</code> and sends it to <code>IDP</code>.
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @exception ServletException,IOException if error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
FSUtils.debug.message("FSIntersiteTransferService.doGet: Called");
/**
* Check to see if there is a need to set lb cookie.
* This is for the use case that AuthnRequest is not created by the
* preLogin process and lb cookie wasn't set there.
*/
if (FSUtils.needSetLBCookieAndRedirect(request, response, false)) {
return;
}
try {
IDPDescriptorType idpDescriptor = null;
String metaAlias = request.getParameter(IFSConstants.META_ALIAS);
if (metaAlias == null || metaAlias.length() == 0) {
metaAlias = FSServiceUtils.getMetaAlias(request);
}
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
String hostEntityId = metaManager.getEntityIDByMetaAlias(metaAlias);
String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
if ((request == null) || (response == null)) {
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
return;
}
String qs = request.getQueryString();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "QueryString Received from CommonDomain: " + qs);
}
String requestID = findRequestID(request);
if (requestID == null) {
//throw error page
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("nullInputParameter"));
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
return;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID found: " + requestID);
}
FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
FSAuthnRequest authnRequest = sessionMgr.getAuthnRequest(requestID);
if (authnRequest == null) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("invalidRequestId"));
String[] data = { FSUtils.bundle.getString("invalidRequestId") };
LogUtil.error(Level.INFO, "INVALID_AUTHN_REQUEST", data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidRequestId"));
return;
}
String resourceUrl = authnRequest.getRelayState();
String baseURL = FSServiceUtils.getBaseURL(request);
framedLoginPageURL = FSServiceUtils.getCommonLoginPageURL(metaAlias, resourceUrl, null, request, baseURL);
String idpID = FSUtils.findPreferredIDP(realm, request);
if (idpID == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "No Preffered IDP found in this Common Domain. " + "Try to find PrefferedIDP in other common domains");
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID :" + requestID);
}
redirectToCommonDomain(request, response, requestID);
return;
} else {
idpDescriptor = metaManager.getIDPDescriptor(realm, idpID);
if (idpDescriptor == null) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("noTrust"));
String[] data = { idpID };
LogUtil.error(Level.INFO, "PROVIDER_NOT_TRUSTED", data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("noTrust"));
return;
}
HttpSession session = request.getSession(true);
session.removeAttribute(IFSConstants.SESSION_COTSET_ATTR);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "Preffered IDP found:" + idpID);
}
sessionMgr.setIDPEntityID(requestID, idpID);
// Set the authn request version here
int minorVersion = FSServiceUtils.getMinorVersion(idpDescriptor.getProtocolSupportEnumeration());
authnRequest.setMinorVersion(minorVersion);
authnRequest.getAuthnContext().setMinorVersion(minorVersion);
SPDescriptorType hostDesc = metaManager.getSPDescriptor(realm, hostEntityId);
BaseConfigType hostConfig = metaManager.getSPDescriptorConfig(realm, hostEntityId);
if (IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_AFFILIATION)) {
Set affiliations = metaManager.getAffiliateEntity(realm, idpID);
if (affiliations != null && !affiliations.isEmpty()) {
AffiliationDescriptorType affiliateDescriptor = (AffiliationDescriptorType) affiliations.iterator().next();
authnRequest.setAffiliationID(affiliateDescriptor.getAffiliationID());
}
}
if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION && IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_IDP_PROXY)) {
FSScoping scoping = new FSScoping();
scoping.setProxyCount(Integer.parseInt(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_COUNT)));
List proxyIDPs = IDFFMetaUtils.getAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_LIST);
if (proxyIDPs != null && !proxyIDPs.isEmpty()) {
Iterator iter = proxyIDPs.iterator();
ArrayList list = new ArrayList();
while (iter.hasNext()) {
IDPEntry entry = new IDPEntry((String) iter.next(), null, null);
list.add(entry);
}
IDPEntries entries = new IDPEntries(list);
FSIDPList idpList = new FSIDPList(entries, null);
scoping.setIDPList(idpList);
}
authnRequest.setScoping(scoping);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "AuthnRequest:" + authnRequest.toXMLString(true, true));
}
if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_ART) || authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_POST)) {
handleBrowserArtifactPOSTIST(request, response, authnRequest, idpDescriptor, hostDesc, hostConfig);
return;
} else if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_WML_POST)) {
handleWMLIST(request, response, authnRequest, idpDescriptor);
return;
}
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + "Unknown Protocol Profile");
String[] data = { FSUtils.bundle.getString("invalidAuthnRequest") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidAuthnRequest"));
return;
} catch (Exception e) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: ", e);
try {
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("Exception"));
return;
} catch (IOException ioe) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("sendFailed") + ioe.getMessage());
}
}
}
}
Also used :
Set(java.util.Set)
HttpSession(javax.servlet.http.HttpSession)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
ArrayList(java.util.ArrayList)
AffiliationDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType)
IOException(java.io.IOException)
SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)
IDPEntries(com.sun.identity.federation.message.common.IDPEntries)
ServletException(javax.servlet.ServletException)
FSSignatureException(com.sun.identity.federation.services.util.FSSignatureException)
COTException(com.sun.identity.cot.COTException)
IOException(java.io.IOException)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
Iterator(java.util.Iterator)
FSScoping(com.sun.identity.federation.message.FSScoping)
ArrayList(java.util.ArrayList)
List(java.util.List)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
IDPEntry(com.sun.identity.federation.message.common.IDPEntry)
Example 14 with FSSessionManager
use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.
the class FSLogoutUtil method cleanSessionMapPartnerList.
/**
* Cleans the <code>FSSessionManager</code> maintained session
* for the given principal, provider Id and removes all references to
* the provider since logout notification has already been sent to
* that provider.
* @param userDN the principal whose session needs to be destroyed
* @param currentEntityId the provider to whom logout notification is
* about to be sent
* @param metaAlias the hostedProvider doing logout cleanup
* @param session Liberty session.
*/
public static void cleanSessionMapPartnerList(String userDN, String currentEntityId, String metaAlias, FSSession session) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("In cleanSessionMapPartnerList for user : " + userDN + "and provider : " + currentEntityId);
}
FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
sessionMgr.removeProvider(userDN, currentEntityId, session);
}
Also used :
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
Example 15 with FSSessionManager
use of com.sun.identity.federation.services.FSSessionManager in project OpenAM by OpenRock.
the class FSLogoutUtil method getCurrentProvider.
public static HashMap getCurrentProvider(String userID, String metaAlias, Object ssoToken, FSSession curSession) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Entered getCurrentProvider for user : " + userID);
}
HashMap providerMap = new HashMap();
try {
FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
FSSession session = sessionMgr.getSession(ssoToken);
if (session == null && curSession != null) {
session = curSession;
}
if (session != null) {
List partners = session.getSessionPartners();
if (partners != null && !partners.isEmpty()) {
Iterator iter = partners.iterator();
FSSessionPartner sessionPartner = (FSSessionPartner) iter.next();
providerMap.put(IFSConstants.PARTNER_SESSION, sessionPartner);
providerMap.put(IFSConstants.SESSION_INDEX, session.getSessionIndex());
return providerMap;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLogoutUtil.getCurrentProvider:" + "No more session partners");
}
return null;
}
}
return null;
} catch (Exception e) {
FSUtils.debug.error("FSLogoutUtil.getCurrentProvider:: Exception" + " in getting the current provider", e);
return null;
}
}
Also used :
FSSessionPartner(com.sun.identity.federation.services.FSSessionPartner)
HashMap(java.util.HashMap)
FSSession(com.sun.identity.federation.services.FSSession)
Iterator(java.util.Iterator)
List(java.util.List)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
IOException(java.io.IOException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
Aggregations
FSSessionManager (com.sun.identity.federation.services.FSSessionManager)48
FSSession (com.sun.identity.federation.services.FSSession)30
SessionException (com.sun.identity.plugin.session.SessionException)29
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)19
IOException (java.io.IOException)19
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)18
SAMLException (com.sun.identity.saml.common.SAMLException)16
FSSessionPartner (com.sun.identity.federation.services.FSSessionPartner)13
List (java.util.List)13
FSException (com.sun.identity.federation.common.FSException)12
HashMap (java.util.HashMap)11
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)10
SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)10
Iterator (java.util.Iterator)10
SessionProvider (com.sun.identity.plugin.session.SessionProvider)9
ServletException (javax.servlet.ServletException)9
FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)8
IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)8
COTException (com.sun.identity.cot.COTException)7
