Example 1 with FSPreLogoutHandler
use of com.sun.identity.federation.services.logout.FSPreLogoutHandler in project OpenAM by OpenRock.
the class FSServiceManager method getPreLogoutHandler.
/*
* Returns <code>FSPreLogouHandler</code>. This method is invoked when a
* logout request is to be processed.
* @return FSPreLogoutHandler PreLogout handler
*/
public FSPreLogoutHandler getPreLogoutHandler() {
FSUtils.debug.message("Entered FSServicemanager::getPreLogoutHandler");
try {
FSPreLogoutHandler handlerLogout = null;
handlerLogout = new FSPreLogoutHandler();
if (handlerLogout != null) {
return handlerLogout;
}
FSUtils.debug.message("PreLogoutHandler is null");
} catch (Exception e) {
FSUtils.debug.error("FSServiceManager::getSingleLogoutHandler " + "failed to get logout handler");
}
return null;
}
Also used :
FSPreLogoutHandler(com.sun.identity.federation.services.logout.FSPreLogoutHandler)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
Example 2 with FSPreLogoutHandler
use of com.sun.identity.federation.services.logout.FSPreLogoutHandler in project OpenAM by OpenRock.
the class FSSOAPReceiver method handleLogoutRequest.
/**
* Initiates the processing of the logout request received from a remote
* trusted provider.
* @param elt containing the logout request in the XML message
* @param logoutRequest logout notification
* @param msgLogout logout message
* @param request http request object
* @param response http response object
* @param hostedProviderDesc hosted provider meta descriptor
* @param hostedConfig hosted provider's extended meta
* @param providerAlias hosted provider's meta alias
* @param realm The realm under which the entity resides.
* @param hostedEntityId hosted provider's entity ID
* @param hostedRole hosted provider's role
* @return null if error in processing, or Map containing two
* keys, MESSAGE for SOAPMessage object and USERID for userID string
*/
private Map handleLogoutRequest(Element elt, FSLogoutNotification logoutRequest, SOAPMessage msgLogout, HttpServletRequest request, HttpServletResponse response, ProviderDescriptorType hostedProviderDesc, BaseConfigType hostedConfig, String providerAlias, String realm, String hostedEntityId, String hostedRole) {
try {
String remoteEntityId = logoutRequest.getProviderId();
ProviderDescriptorType remoteDesc = getRemoteProviderDescriptor(hostedRole, remoteEntityId, realm);
if (remoteDesc == null) {
return null;
}
boolean isIDP = false;
if (hostedRole.equalsIgnoreCase(IFSConstants.SP)) {
isIDP = true;
}
X509Certificate remoteCert = KeyUtil.getVerificationCert(remoteDesc, remoteEntityId, isIDP);
if (!FSServiceUtils.isSigningOn() || verifyRequestSignature(elt, msgLogout, remoteCert)) {
FSUtils.debug.message("Logout Signature successfully verified");
if (providerAlias == null || providerAlias.length() < 1) {
FSUtils.debug.message("Unable to retrieve alias, " + "Hosted Provider Cannot process logout request");
return null;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: " + "Completed forming request FSLogoutNotification");
}
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
if (metaManager.isTrustedProvider(realm, hostedEntityId, remoteEntityId)) {
String userID = FSLogoutUtil.getUserFromRequest(logoutRequest, realm, hostedEntityId, hostedRole, hostedConfig, providerAlias);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest" + " found user Id = " + userID);
}
// Call SP Adapter preSingleLogoutProcess for IDP/SOAP
if (hostedRole != null && hostedRole.equalsIgnoreCase(IFSConstants.SP)) {
FederationSPAdapter spAdapter = FSServiceUtils.getSPAdapter(hostedEntityId, hostedConfig);
if (spAdapter != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver, " + "call preSingleLogoutProcess, IDP/SOAP");
}
try {
spAdapter.preSingleLogoutProcess(hostedEntityId, request, response, userID, logoutRequest, null, IFSConstants.LOGOUT_IDP_SOAP_PROFILE);
} catch (Exception e) {
// ignore adapter process error
FSUtils.debug.error("preSingleLogoutProcess." + "IDP/SOAP", e);
}
}
}
// TODO : change to use FSLogoutUtil.liveConnectionsExist
if (!isUserExists(userID, providerAlias)) {
//to do the cleanup
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: User " + "does not exist locally. Finding remotely");
}
List platformList = null;
try {
platformList = SystemConfigurationUtil.getServerList();
} catch (SystemConfigurationException se) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: " + "Couldn't find remote server:", se);
}
}
if (platformList == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest" + "platformList is null");
}
return null;
}
Iterator iter = platformList.iterator();
while (iter.hasNext()) {
String remoteServerURL = (String) iter.next();
StringBuffer tmpremoteURL = new StringBuffer(remoteServerURL);
tmpremoteURL.append(SystemConfigurationUtil.getProperty("com.iplanet.am.services." + "deploymentDescriptor"));
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest" + "remoteServerURL = " + remoteServerURL + " and self serverUrl =" + FSServiceUtils.getBaseURL());
}
if ((FSServiceUtils.getBaseURL()).equalsIgnoreCase(remoteServerURL.toString())) {
continue;
}
FSAssertionManagerClient amc = new FSAssertionManagerClient(providerAlias, getFullServiceURL(remoteServerURL));
if (amc.isUserExists(userID)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest" + "user found here =" + remoteServerURL);
}
StringBuffer remoteURL = new StringBuffer();
remoteURL.append(remoteServerURL.toString()).append(SystemConfigurationUtil.getProperty("com.iplanet.am.services." + "deploymentDescriptor")).append(IFSConstants.SOAP_END_POINT_VALUE).append("/").append(IFSConstants.META_ALIAS).append(providerAlias);
FSSOAPService instSOAP = FSSOAPService.getInstance();
SOAPMessage retSOAPMessage = null;
if (instSOAP != null) {
try {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Forward logout request to " + remoteURL.toString());
}
retSOAPMessage = instSOAP.sendMessage(msgLogout, remoteURL.toString());
if (retSOAPMessage != null) {
Map map = new HashMap();
map.put(MESSAGE, retSOAPMessage);
if (userID != null) {
map.put(USERID, userID);
}
return map;
} else {
return null;
}
} catch (SOAPException e) {
FSUtils.debug.error("FSSOAPException in doSOAPProfile" + " Cannot send request", e);
return null;
}
} else {
return null;
}
}
}
}
FSServiceManager instService = FSServiceManager.getInstance();
if (instService != null) {
FSPreLogoutHandler logoutHandler = instService.getPreLogoutHandler();
if (logoutHandler != null) {
logoutHandler.setHostedDescriptor(hostedProviderDesc);
logoutHandler.setHostedDescriptorConfig(hostedConfig);
logoutHandler.setHostedEntityId(hostedEntityId);
logoutHandler.setHostedProviderRole(hostedRole);
logoutHandler.setMetaAlias(providerAlias);
logoutHandler.setRealm(realm);
logoutHandler.setRemoteDescriptor(remoteDesc);
logoutHandler.setRemoteEntityId(remoteEntityId);
logoutHandler.setLogoutRequest(logoutRequest);
FSLogoutStatus bProcessStatus = logoutHandler.processSingleLogoutRequest(logoutRequest);
if (bProcessStatus.getStatus().equalsIgnoreCase(IFSConstants.SAML_SUCCESS)) {
MessageFactory factory = MessageFactory.newInstance();
SOAPMessage successSOAP = factory.createMessage();
if (successSOAP != null) {
Map map = new HashMap();
map.put(MESSAGE, successSOAP);
if (userID != null) {
map.put(USERID, userID);
}
return map;
} else {
return null;
}
} else if (bProcessStatus.getStatus().equalsIgnoreCase(IFSConstants.SAML_UNSUPPORTED)) {
SOAPMessage retSOAPMessage = soapService.formSOAPError("Server", "cannotProcessRequest", null);
if (retSOAPMessage != null) {
Map map = new HashMap();
map.put(MESSAGE, retSOAPMessage);
if (userID != null) {
map.put(USERID, userID);
}
return map;
} else {
return null;
}
} else {
return null;
}
} else {
FSUtils.debug.error("Unable to get PreLogoutHandler");
FSUtils.debug.error("Cannot process request");
return null;
}
} else {
FSUtils.debug.message("FSServiceManager instance is" + "null. Cannot process logout request");
return null;
}
}
FSUtils.debug.message("Remote provider not in trusted list");
return null;
} else {
FSUtils.debug.error("Logout Signature failed verification");
return null;
}
} catch (Exception se) {
FSUtils.debug.error("FSSOAPService::handleLogoutRequest failed", se);
return null;
}
}
Also used :
MessageFactory(javax.xml.soap.MessageFactory)
HashMap(java.util.HashMap)
ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)
FSLogoutStatus(com.sun.identity.federation.services.logout.FSLogoutStatus)
SystemConfigurationException(com.sun.identity.common.SystemConfigurationException)
SOAPMessage(javax.xml.soap.SOAPMessage)
X509Certificate(java.security.cert.X509Certificate)
SOAPException(javax.xml.soap.SOAPException)
SystemConfigurationException(com.sun.identity.common.SystemConfigurationException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
FSException(com.sun.identity.federation.common.FSException)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
SOAPException(javax.xml.soap.SOAPException)
FSPreLogoutHandler(com.sun.identity.federation.services.logout.FSPreLogoutHandler)
Iterator(java.util.Iterator)
List(java.util.List)
FederationSPAdapter(com.sun.identity.federation.plugins.FederationSPAdapter)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)2
FSPreLogoutHandler (com.sun.identity.federation.services.logout.FSPreLogoutHandler)2
SystemConfigurationException (com.sun.identity.common.SystemConfigurationException)1
FSException (com.sun.identity.federation.common.FSException)1
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)1
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)1
FederationSPAdapter (com.sun.identity.federation.plugins.FederationSPAdapter)1
FSLogoutStatus (com.sun.identity.federation.services.logout.FSLogoutStatus)1
ProviderDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)1
X509Certificate (java.security.cert.X509Certificate)1
HashMap (java.util.HashMap)1
Iterator (java.util.Iterator)1
List (java.util.List)1
Map (java.util.Map)1
MessageFactory (javax.xml.soap.MessageFactory)1
SOAPException (javax.xml.soap.SOAPException)1
SOAPMessage (javax.xml.soap.SOAPMessage)1
