use of com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType in project OpenAM by OpenRock.
the class FSIntersiteTransferService method doGet.
/**
* Generates <code>AuthnRequest</code> and sends it to <code>IDP</code>.
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
* @exception ServletException,IOException if error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
FSUtils.debug.message("FSIntersiteTransferService.doGet: Called");
/**
* Check to see if there is a need to set lb cookie.
* This is for the use case that AuthnRequest is not created by the
* preLogin process and lb cookie wasn't set there.
*/
if (FSUtils.needSetLBCookieAndRedirect(request, response, false)) {
return;
}
try {
IDPDescriptorType idpDescriptor = null;
String metaAlias = request.getParameter(IFSConstants.META_ALIAS);
if (metaAlias == null || metaAlias.length() == 0) {
metaAlias = FSServiceUtils.getMetaAlias(request);
}
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
String hostEntityId = metaManager.getEntityIDByMetaAlias(metaAlias);
String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
if ((request == null) || (response == null)) {
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
return;
}
String qs = request.getQueryString();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "QueryString Received from CommonDomain: " + qs);
}
String requestID = findRequestID(request);
if (requestID == null) {
//throw error page
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("nullInputParameter"));
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("nullInputParameter"));
return;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID found: " + requestID);
}
FSSessionManager sessionMgr = FSSessionManager.getInstance(metaAlias);
FSAuthnRequest authnRequest = sessionMgr.getAuthnRequest(requestID);
if (authnRequest == null) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("invalidRequestId"));
String[] data = { FSUtils.bundle.getString("invalidRequestId") };
LogUtil.error(Level.INFO, "INVALID_AUTHN_REQUEST", data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidRequestId"));
return;
}
String resourceUrl = authnRequest.getRelayState();
String baseURL = FSServiceUtils.getBaseURL(request);
framedLoginPageURL = FSServiceUtils.getCommonLoginPageURL(metaAlias, resourceUrl, null, request, baseURL);
String idpID = FSUtils.findPreferredIDP(realm, request);
if (idpID == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "No Preffered IDP found in this Common Domain. " + "Try to find PrefferedIDP in other common domains");
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "RequestID :" + requestID);
}
redirectToCommonDomain(request, response, requestID);
return;
} else {
idpDescriptor = metaManager.getIDPDescriptor(realm, idpID);
if (idpDescriptor == null) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("noTrust"));
String[] data = { idpID };
LogUtil.error(Level.INFO, "PROVIDER_NOT_TRUSTED", data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("noTrust"));
return;
}
HttpSession session = request.getSession(true);
session.removeAttribute(IFSConstants.SESSION_COTSET_ATTR);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "Preffered IDP found:" + idpID);
}
sessionMgr.setIDPEntityID(requestID, idpID);
// Set the authn request version here
int minorVersion = FSServiceUtils.getMinorVersion(idpDescriptor.getProtocolSupportEnumeration());
authnRequest.setMinorVersion(minorVersion);
authnRequest.getAuthnContext().setMinorVersion(minorVersion);
SPDescriptorType hostDesc = metaManager.getSPDescriptor(realm, hostEntityId);
BaseConfigType hostConfig = metaManager.getSPDescriptorConfig(realm, hostEntityId);
if (IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_AFFILIATION)) {
Set affiliations = metaManager.getAffiliateEntity(realm, idpID);
if (affiliations != null && !affiliations.isEmpty()) {
AffiliationDescriptorType affiliateDescriptor = (AffiliationDescriptorType) affiliations.iterator().next();
authnRequest.setAffiliationID(affiliateDescriptor.getAffiliationID());
}
}
if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION && IDFFMetaUtils.getBooleanAttributeValueFromConfig(hostConfig, IFSConstants.ENABLE_IDP_PROXY)) {
FSScoping scoping = new FSScoping();
scoping.setProxyCount(Integer.parseInt(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_COUNT)));
List proxyIDPs = IDFFMetaUtils.getAttributeValueFromConfig(hostConfig, IFSConstants.IDP_PROXY_LIST);
if (proxyIDPs != null && !proxyIDPs.isEmpty()) {
Iterator iter = proxyIDPs.iterator();
ArrayList list = new ArrayList();
while (iter.hasNext()) {
IDPEntry entry = new IDPEntry((String) iter.next(), null, null);
list.add(entry);
}
IDPEntries entries = new IDPEntries(list);
FSIDPList idpList = new FSIDPList(entries, null);
scoping.setIDPList(idpList);
}
authnRequest.setScoping(scoping);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + "AuthnRequest:" + authnRequest.toXMLString(true, true));
}
if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_ART) || authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_BROWSER_POST)) {
handleBrowserArtifactPOSTIST(request, response, authnRequest, idpDescriptor, hostDesc, hostConfig);
return;
} else if (authnRequest.getProtocolProfile().equals(IFSConstants.SSO_PROF_WML_POST)) {
handleWMLIST(request, response, authnRequest, idpDescriptor);
return;
}
FSUtils.debug.error("FSIntersiteTransferService.doGet: " + "Unknown Protocol Profile");
String[] data = { FSUtils.bundle.getString("invalidAuthnRequest") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, data);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("invalidAuthnRequest"));
return;
} catch (Exception e) {
FSUtils.debug.error("FSIntersiteTransferService.doGet: ", e);
try {
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("Exception"));
return;
} catch (IOException ioe) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSIntersiteTransferService.doGet: " + FSUtils.bundle.getString("sendFailed") + ioe.getMessage());
}
}
}
}
use of com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType in project OpenAM by OpenRock.
the class FSLogoutUtil method getCurrentWorkingAccount.
/**
* Returns the <code>FSAccountFedInfo</code> object for the given
* principal and provider Id.
* @param userID principal whose working account we want to retrieve
* @param entityID the provider Id to whom logout notification needs to
* be sent
* @param metaAlias hosted provider's meta alias
* @return account object for the given user, provider
*/
protected static FSAccountFedInfo getCurrentWorkingAccount(String userID, String entityID, String metaAlias) {
try {
FSAccountManager accountInst = FSAccountManager.getInstance(metaAlias);
if (metaManager != null) {
try {
String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
Set affiliates = metaManager.getAffiliateEntity(realm, entityID);
if (affiliates != null && !affiliates.isEmpty()) {
Iterator iter = affiliates.iterator();
while (iter.hasNext()) {
AffiliationDescriptorType desc = (AffiliationDescriptorType) iter.next();
String affiliationID = desc.getAffiliationID();
FSAccountFedInfo accountInfo = accountInst.readAccountFedInfo(userID, affiliationID);
if ((accountInfo != null) && (accountInfo.isFedStatusActive())) {
return accountInfo;
}
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLogoutUtil.getCurrent" + "WorkingAccount: No affiliations");
}
}
} catch (Exception ex) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLogoutUtil.getCurrentWorking" + "Account. No Affiliation for:" + entityID, ex);
}
}
FSAccountFedInfo acctInfo = accountInst.readAccountFedInfo(userID, entityID);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLogoutUtil::" + "getCurrentWorkingAccount after readAccountFedInfo");
}
return acctInfo;
} else {
return null;
}
} catch (Exception e) {
FSUtils.debug.error("FSLogoutUtil::getCurrentWorkingAccount" + " readAccountFedInfo failed", e);
}
return null;
}
use of com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType in project OpenAM by OpenRock.
the class IDFFMetaManager method getAffiliateEntity.
/**
* Returns a set of Affiliation Entity Descriptors of which the
* provider identifier is a member of.
*
* @param realm The realm under which the entity resides.
* @param providerID the provider identifier.
* @return a set of Affliation Entity Descriptors. An empty set is
* returned if there are no affiliation descriptors found or
* if there is an retrieving the descriptors.
*/
public Set getAffiliateEntity(String realm, String providerID) {
String classMethod = "IDFFMetaManager:getAffiliateEntity:";
Set affDescSet = new HashSet();
if ((realm == null) || (realm.length() == 0)) {
realm = ROOT_REALM;
}
try {
Set entityIDs = getAllEntities(realm);
if (entityIDs != null && !entityIDs.isEmpty()) {
Iterator eIter = entityIDs.iterator();
while (eIter.hasNext()) {
String entityID = (String) eIter.next();
AffiliationDescriptorType affDesc = getAffiliationDescriptor(realm, entityID);
if (affDesc != null) {
String affId = affDesc.getAffiliationID();
if (isAffiliateMember(realm, providerID, affId)) {
affDescSet.add(affDesc);
}
}
}
}
} catch (IDFFMetaException ide) {
if (debug.messageEnabled()) {
debug.error(classMethod + "Error getting affiliate entities", ide);
}
}
return affDescSet;
}
use of com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType in project OpenAM by OpenRock.
the class IDFFMetaManager method getAffiliationDescriptor.
/**
* Returns the Affiliation Descriptor for the entity identifier.
*
* @param realm The realm under which the entity resides.
* @param entityID Entity Identifier to retrieve Affiliation Descriptor
* from.
* @return <code>AffiliationDescriptorType</code> the Affliation
* descriptor.
* @throws IDFFMetaException if there is an error retreiving the
* affiliation.
*/
public AffiliationDescriptorType getAffiliationDescriptor(String realm, String entityID) throws IDFFMetaException {
AffiliationDescriptorType affiliationDescriptor = null;
EntityDescriptorElement entityDescriptor = getEntityDescriptor(realm, entityID);
if (entityDescriptor != null) {
affiliationDescriptor = entityDescriptor.getAffiliationDescriptor();
}
return affiliationDescriptor;
}
use of com.sun.identity.liberty.ws.meta.jaxb.AffiliationDescriptorType in project OpenAM by OpenRock.
the class IDFFModelImpl method isAffiliate.
/**
* Returns true if entity descriptor is an affiliate.
*
* @param entityName of entity descriptor.
* @return true if entity descriptor is an affiliate.
* @throws AMConsoleException if entity cannot be retrieved.
*/
public boolean isAffiliate(String realm, String entityName) throws AMConsoleException {
boolean isAffiliate = false;
try {
IDFFMetaManager idffManager = getIDFFMetaManager();
AffiliationDescriptorType ad = (AffiliationDescriptorType) idffManager.getAffiliationDescriptor(realm, entityName);
if (ad != null) {
isAffiliate = true;
}
} catch (IDFFMetaException e) {
debug.warning("IDFFModel.isAffiliate", e);
throw new AMConsoleException(getErrorString(e));
}
return isAffiliate;
}
Aggregations