Example 1 with SOAPBindingException
use of com.sun.identity.liberty.ws.soapbinding.SOAPBindingException in project OpenAM by OpenRock.
the class SPACSUtils method getResponseFromPostECP.
/**
* Obtains <code>SAML Response</code> from <code>SOAPBody</code>.
* Used by ECP profile.
*/
private static ResponseInfo getResponseFromPostECP(HttpServletRequest request, HttpServletResponse response, String orgName, String hostEntityId, SAML2MetaManager metaManager) throws SAML2Exception, IOException {
Message message = null;
try {
message = new Message(SOAPCommunicator.getInstance().getSOAPMessage(request));
} catch (SOAPException soapex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SOAP_MESSAGE_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", soapex.getMessage());
throw new SAML2Exception(soapex.getMessage());
} catch (SOAPBindingException soapex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SOAP_MESSAGE_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", soapex.getMessage());
throw new SAML2Exception(soapex.getMessage());
} catch (SOAPFaultException sfex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.RECEIVE_SOAP_FAULT_ECP, data, null);
String faultString = sfex.getSOAPFaultMessage().getSOAPFault().getFaultString();
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", faultString);
throw new SAML2Exception(faultString);
}
List soapHeaders = message.getOtherSOAPHeaders();
ECPRelayState ecpRelayState = null;
if ((soapHeaders != null) && (!soapHeaders.isEmpty())) {
for (Iterator iter = soapHeaders.iterator(); iter.hasNext(); ) {
Element headerEle = (Element) iter.next();
try {
ecpRelayState = ECPFactory.getInstance().createECPRelayState(headerEle);
break;
} catch (SAML2Exception saml2ex) {
// not ECP RelayState
}
}
}
String relayState = null;
if (ecpRelayState != null) {
relayState = ecpRelayState.getValue();
}
List soapBodies = message.getBodies();
if ((soapBodies == null) || (soapBodies.isEmpty())) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SAML_RESPONSE_FROM_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST, "missingSAMLResponse", SAML2Utils.bundle.getString("missingSAMLResponse"));
throw new SAML2Exception(SAML2Utils.bundle.getString("missingSAMLResponse"));
}
Element resElem = (Element) soapBodies.get(0);
Response resp = null;
try {
resp = ProtocolFactory.getInstance().createResponse(resElem);
} catch (SAML2Exception se) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP:" + "Couldn't create Response:", se);
}
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SAML_RESPONSE_FROM_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateResponse", se.getMessage());
throw se;
}
String idpEntityID = resp.getIssuer().getValue();
IDPSSODescriptorElement idpDesc = null;
try {
idpDesc = metaManager.getIDPSSODescriptor(orgName, idpEntityID);
} catch (SAML2MetaException se) {
String[] data = { orgName, idpEntityID };
LogUtil.error(Level.INFO, LogUtil.IDP_META_NOT_FOUND, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToGetIDPSSODescriptor", se.getMessage());
throw se;
}
Set<X509Certificate> certificates = KeyUtil.getVerificationCerts(idpDesc, idpEntityID, SAML2Constants.IDP_ROLE);
List assertions = resp.getAssertion();
if ((assertions != null) && (!assertions.isEmpty())) {
for (Iterator iter = assertions.iterator(); iter.hasNext(); ) {
Assertion assertion = (Assertion) iter.next();
if (!assertion.isSigned()) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP: " + " Assertion is not signed.");
}
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.ECP_ASSERTION_NOT_SIGNED, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "assertionNotSigned", SAML2Utils.bundle.getString("assertionNotSigned"));
throw new SAML2Exception(SAML2Utils.bundle.getString("assertionNotSigned"));
} else if (!assertion.isSignatureValid(certificates)) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP: " + " Assertion signature is invalid.");
}
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.ECP_ASSERTION_INVALID_SIGNATURE, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "invalidSignature", SAML2Utils.bundle.getString("invalidSignature"));
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignature"));
}
}
}
return new ResponseInfo(resp, SAML2Constants.PAOS, relayState);
}
Also used :
Message(com.sun.identity.liberty.ws.soapbinding.Message)
SOAPMessage(javax.xml.soap.SOAPMessage)
SOAPBindingException(com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)
SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
ArtifactResolutionServiceElement(com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)
Element(org.w3c.dom.Element)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Assertion(com.sun.identity.saml2.assertion.Assertion)
SOAPFaultException(com.sun.identity.liberty.ws.soapbinding.SOAPFaultException)
X509Certificate(java.security.cert.X509Certificate)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Response(com.sun.identity.saml2.protocol.Response)
ArtifactResponse(com.sun.identity.saml2.protocol.ArtifactResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SOAPException(javax.xml.soap.SOAPException)
ECPRelayState(com.sun.identity.saml2.ecp.ECPRelayState)
Iterator(java.util.Iterator)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 2 with SOAPBindingException
use of com.sun.identity.liberty.ws.soapbinding.SOAPBindingException in project OpenAM by OpenRock.
the class PPRequestHandler method processDSTRequest.
/**
* Processes query/modify request.
* @param request query or modify object.
* @param requestMsg Request Message.
* @param responseMsg Response Message.
* @return Object processed response object.
* @exception SOAPFaultException for the interaction redirects
* @exception Exception for any failure.
*/
public Object processDSTRequest(Object request, Message requestMsg, Message responseMsg) throws SOAPFaultException, DSTException {
IDPPUtils.debug.message("PPRequestHandler:processRequest:Init");
try {
IDPPServiceManager serviceManager = IDPPServiceManager.getInstance();
String providerID = serviceManager.getProviderID();
ProviderHeader ph = new ProviderHeader(providerID);
responseMsg.setProviderHeader(ph);
if (serviceManager.isServiceInstanceUpdateEnabled()) {
ServiceInstanceUpdateHeader siuHeader = getServiceInstanceUpdateHeader();
responseMsg.setServiceInstanceUpdateHeader(siuHeader);
}
if (request instanceof QueryElement) {
QueryElement query = (QueryElement) request;
Document doc = IDPPUtils.getDocumentBuilder().newDocument();
IDPPUtils.getMarshaller().setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapperImpl());
IDPPUtils.getMarshaller().marshal(query, doc);
return processQueryRequest(query, providerID, requestMsg, doc);
} else if (request instanceof ModifyElement) {
ModifyElement modify = (ModifyElement) request;
Document doc = IDPPUtils.getDocumentBuilder().newDocument();
IDPPUtils.getMarshaller().setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapperImpl());
IDPPUtils.getMarshaller().marshal(modify, doc);
return processModifyRequest(modify, providerID, requestMsg, doc);
} else {
IDPPUtils.debug.error("PPRequestHandler:processRequest:invalid" + " Request.");
throw new DSTException(IDPPUtils.bundle.getString("invalidRequest"));
}
} catch (IDPPException ie) {
IDPPUtils.debug.error("PPRequestHandler:processRequest fail", ie);
throw new DSTException(ie);
} catch (JAXBException je) {
IDPPUtils.debug.error("PPRequestHandler:processRequest fail", je);
throw new DSTException(IDPPUtils.bundle.getString("jaxbFailure"));
} catch (SOAPBindingException sbe) {
IDPPUtils.debug.error("PPRequestHandler:processRequest fail", sbe);
throw new DSTException(sbe);
}
}
Also used :
ModifyElement(com.sun.identity.liberty.ws.idpp.jaxb.ModifyElement)
ProviderHeader(com.sun.identity.liberty.ws.soapbinding.ProviderHeader)
SOAPBindingException(com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)
JAXBException(javax.xml.bind.JAXBException)
ServiceInstanceUpdateHeader(com.sun.identity.liberty.ws.soapbinding.ServiceInstanceUpdateHeader)
NamespacePrefixMapperImpl(com.sun.identity.liberty.ws.soapbinding.NamespacePrefixMapperImpl)
DSTException(com.sun.identity.liberty.ws.dst.DSTException)
QueryElement(com.sun.identity.liberty.ws.idpp.jaxb.QueryElement)
Document(org.w3c.dom.Document)
Example 3 with SOAPBindingException
use of com.sun.identity.liberty.ws.soapbinding.SOAPBindingException in project OpenAM by OpenRock.
the class DSTClient method sendMessage.
/**
* Sends the SOAP Message to the data service.
* @param List of Request Objects.
* @return List of Response Objects.
* @exception DSTException for failure.
*/
private List sendMessage(List requestObjects) throws DSTException, InteractionRedirectException {
DSTUtils.debug.message("DSTClient:sendMessage:Init");
if (requestObjects == null || requestObjects.size() == 0) {
DSTUtils.debug.message("DSTClient:sendMessage: requestobj are null");
throw new DSTException(DSTUtils.bundle.getString("nullInputParams"));
}
try {
Message msg = null;
ProviderHeader provH = null;
if (providerID != null) {
provH = new ProviderHeader(providerID);
}
if (securityProfile == Message.X509_TOKEN) {
if (token == null) {
throw new DSTException(DSTUtils.bundle.getString("nullToken"));
}
DSTUtils.debug.message("DSTClient:sendMessage:using x509");
msg = new Message(provH, token);
} else if (securityProfile == Message.SAML_TOKEN) {
DSTUtils.debug.message("DSTClient:sendMessage:using SAML");
msg = new Message(provH, assertion);
} else if (securityProfile == Message.BEARER_TOKEN) {
DSTUtils.debug.message("DSTClient:sendMessage:using Bearer");
msg = new Message(provH, assertion);
} else if (securityProfile == Message.ANONYMOUS) {
DSTUtils.debug.message("DSTClient:sendMessage:using Anonymous");
msg = new Message(provH);
} else {
throw new DSTException(DSTUtils.bundle.getString("invalidSecurityProfile"));
}
msg.setSOAPBodies(requestObjects);
msg.setWSFVersion(wsfVersion);
if (clientAuthEnabled) {
msg.setClientAuthentication(clientAuthEnabled);
}
if (DSTUtils.debug.messageEnabled()) {
DSTUtils.debug.message("DSTClient:sendMessage: request:" + msg.toString());
}
Message response = null;
if (httpRequest != null) {
response = handleInteraction(msg);
} else {
response = Client.sendRequest(msg, soapURI, certAlias, soapAction);
}
if (DSTUtils.debug.messageEnabled()) {
DSTUtils.debug.message("DSTClient:sendMessage:response = " + response.toString());
}
serviceInstanceUpdateHeader = response.getServiceInstanceUpdateHeader();
return response.getBodies();
} catch (SOAPBindingException sbe) {
DSTUtils.debug.error("DSTClient:sendMessage:soapbindexception", sbe);
throw new DSTException(sbe);
} catch (SOAPFaultException sfe) {
DSTUtils.debug.error("DSTClient:sendMessage:soapfault", sfe);
serviceInstanceUpdateHeader = sfe.getSOAPFaultMessage().getServiceInstanceUpdateHeader();
throw new DSTException(sfe);
}
}
Also used :
Message(com.sun.identity.liberty.ws.soapbinding.Message)
ProviderHeader(com.sun.identity.liberty.ws.soapbinding.ProviderHeader)
SOAPBindingException(com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)
SOAPFaultException(com.sun.identity.liberty.ws.soapbinding.SOAPFaultException)
Example 4 with SOAPBindingException
use of com.sun.identity.liberty.ws.soapbinding.SOAPBindingException in project OpenAM by OpenRock.
the class DiscoveryClient method createRequest.
private Message createRequest() throws DiscoveryException {
if (!processed) {
processResourceOffering();
processed = true;
}
// create new Message according to different secuMechID
Message req = null;
ProviderHeader provH = null;
if (providerID != null) {
try {
provH = new ProviderHeader(providerID);
} catch (SOAPBindingException sbe) {
throw new DiscoveryException(sbe.getMessage());
}
}
if (clientMech == Message.X509_TOKEN) {
DiscoSDKUtils.debug.message("DiscoveryClient.createRequest: mech=x509");
try {
req = new Message(provH, token);
} catch (SOAPBindingException sbe) {
throw new DiscoveryException(sbe.getMessage());
}
} else if ((clientMech == Message.SAML_TOKEN) || (clientMech == Message.BEARER_TOKEN)) {
if (DiscoSDKUtils.debug.messageEnabled()) {
DiscoSDKUtils.debug.message("DiscoveryClient.createRequest: " + "mech=saml or bearer");
}
try {
req = new Message(provH, assertion);
} catch (SOAPBindingException sbe) {
throw new DiscoveryException(sbe.getMessage());
}
} else {
if (DiscoSDKUtils.debug.messageEnabled()) {
DiscoSDKUtils.debug.message("DiscoveryClient.createRequest: " + "mech=anon");
}
try {
req = new Message(provH);
} catch (SOAPBindingException sbe) {
throw new DiscoveryException(sbe.getMessage());
}
}
if (clientAuth) {
req.setClientAuthentication(clientAuth);
}
req.setWSFVersion(wsfVersion);
return req;
}
Also used :
Message(com.sun.identity.liberty.ws.soapbinding.Message)
ProviderHeader(com.sun.identity.liberty.ws.soapbinding.ProviderHeader)
SOAPBindingException(com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)
Aggregations
SOAPBindingException (com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)4
Message (com.sun.identity.liberty.ws.soapbinding.Message)3
ProviderHeader (com.sun.identity.liberty.ws.soapbinding.ProviderHeader)3
SOAPFaultException (com.sun.identity.liberty.ws.soapbinding.SOAPFaultException)2
DSTException (com.sun.identity.liberty.ws.dst.DSTException)1
ModifyElement (com.sun.identity.liberty.ws.idpp.jaxb.ModifyElement)1
QueryElement (com.sun.identity.liberty.ws.idpp.jaxb.QueryElement)1
NamespacePrefixMapperImpl (com.sun.identity.liberty.ws.soapbinding.NamespacePrefixMapperImpl)1
ServiceInstanceUpdateHeader (com.sun.identity.liberty.ws.soapbinding.ServiceInstanceUpdateHeader)1
Assertion (com.sun.identity.saml2.assertion.Assertion)1
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)1
ECPRelayState (com.sun.identity.saml2.ecp.ECPRelayState)1
IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)1
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)1
ArtifactResolutionServiceElement (com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)1
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)1
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)1
ArtifactResponse (com.sun.identity.saml2.protocol.ArtifactResponse)1
Response (com.sun.identity.saml2.protocol.Response)1
