Search in sources :

Example 46 with SessionException

use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.

the class DefaultSiteAttributeMapper method getAttributes.

/**
     * Returns <code>List</code> of <code>Attribute</code> objects
     *
     * @param token  User's session.
     * @param request The HttpServletRerquest object of the request which
     *                may contains query attributes to be included in the
     *                Assertion. This could be null if unavailable.
     * @param response The HttpServletResponse object. This could be null 
     *                if unavailable.
     * @param targetURL value for TARGET query parameter when the user
     *                  accessing the SAML aware servlet or post profile
     *                  servlet. This could be null if unavailabl
     * @return <code>List</code> if <code>Attribute</code> objects.
     *         <code>Attribute</code> is defined in the SAML SDK as part of
     *         <code>com.sun.identity.saml.assertion</code> package.
     * @throws SAMLException if attributes cannot be obtained.
     */
public List getAttributes(Object token, HttpServletRequest request, HttpServletResponse response, String targetURL) throws SAMLException {
    Map attrMap = (Map) SAMLServiceManager.getAttribute(SAMLConstants.ATTRIBUTE_MAP);
    if ((attrMap == null) || (attrMap.isEmpty())) {
        return null;
    }
    Set localAttrNames = new HashSet();
    localAttrNames.addAll(attrMap.values());
    Map localValueMap = null;
    try {
        DataStoreProvider dsProvider = DataStoreProviderManager.getInstance().getDataStoreProvider(SAMLConstants.SAML);
        localValueMap = dsProvider.getAttributes(SessionManager.getProvider().getPrincipalName(token), localAttrNames);
    } catch (Exception ex) {
        if (SAMLUtils.debug.warningEnabled()) {
            SAMLUtils.debug.warning("DefaultSiteAttributeMapper." + "getAttributes:", ex);
        }
    }
    List samlAttrs = null;
    for (Iterator iter = attrMap.keySet().iterator(); iter.hasNext(); ) {
        String samlAttrName = (String) iter.next();
        String localAttrName = (String) attrMap.get(samlAttrName);
        String attrNamespace = null;
        StringTokenizer tokenizer = new StringTokenizer(samlAttrName, "|");
        int tokenCount = tokenizer.countTokens();
        if (tokenCount == 1) {
            attrNamespace = SAMLConstants.assertionSAMLNameSpaceURI;
        } else if (tokenCount == 2) {
            attrNamespace = tokenizer.nextToken();
            samlAttrName = tokenizer.nextToken();
        } else {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: invalid saml attribute in attribute " + " map. saml attribute = " + samlAttrName + ", the " + " syntax is namespace|attrName.");
            }
            continue;
        }
        String[] localAttrValues = null;
        if ((localValueMap != null) && (!localValueMap.isEmpty())) {
            Set values = (Set) localValueMap.get(localAttrName);
            if ((values == null) || (values.isEmpty())) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: user profile does not have " + "value for " + localAttrName + " but is going to check ssotoken:");
                }
            } else {
                localAttrValues = (String[]) values.toArray(new String[values.size()]);
            }
        }
        if (localAttrValues == null) {
            try {
                localAttrValues = SessionManager.getProvider().getProperty(token, localAttrName);
            } catch (SessionException ex) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute:", ex);
                }
            }
        }
        if ((localAttrValues == null) || (localAttrValues.length == 0)) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: user does not have " + localAttrName);
            }
        } else {
            Attribute samlAttr = getSAMLAttribute(samlAttrName, attrNamespace, localAttrValues);
            if (samlAttr != null) {
                if (samlAttrs == null) {
                    samlAttrs = new ArrayList();
                }
                samlAttrs.add(samlAttr);
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: add atttribute = " + samlAttrName + ", attrNamespace = " + attrNamespace + ", values = " + localAttrValues);
                }
            }
        }
    }
    return samlAttrs;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) Attribute(com.sun.identity.saml.assertion.Attribute) DataStoreProvider(com.sun.identity.plugin.datastore.DataStoreProvider) ArrayList(java.util.ArrayList) SessionException(com.sun.identity.plugin.session.SessionException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) StringTokenizer(java.util.StringTokenizer) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) Map(java.util.Map) HashSet(java.util.HashSet)

Example 47 with SessionException

use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.

the class FMSessionProvider method getSession.

/**
     * May be used by both SP and IDP side for getting an existing
     * session given an session ID.
     * @param sessionID the unique session handle.
     * @return the corresponding session object.
     * @throws SessionException if an error occurred during session
     * retrieval.
     */
public Object getSession(String sessionID) throws SessionException {
    try {
        SSOToken session = SSOTokenManager.getInstance().createSSOToken(sessionID);
        SSOTokenManager.getInstance().refreshSession(session);
        return session;
    } catch (Throwable e) {
        throw new SessionException(e);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SessionException(com.sun.identity.plugin.session.SessionException)

Example 48 with SessionException

use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.

the class FMSessionProvider method getProperty.

/**
     * Retrieves a property from the session object.
     * @param session the session object.
     * @param name the property name.
     * @return the property values.
     * @throws SessionException if getting the property causes an error.
     */
public String[] getProperty(Object session, String name) throws SessionException {
    if (session == null || name == null || name.length() == 0) {
        return null;
    }
    if (name.equals(AUTH_METHOD)) {
        name = AUTH_TYPE;
    }
    String values = null;
    try {
        if (SAML2Constants.IDP_SESSION_INDEX.equals(name)) {
            // get session property by ignoring session state
            // this propperty could be retrieve when session idle timed out
            // need to be able to get value without exception
            values = ((SSOToken) session).getProperty(name, true);
        } else {
            values = ((SSOToken) session).getProperty(name);
        }
    } catch (SSOException se) {
        throw new SessionException(se);
    }
    if (values == null || values.length() == 0) {
        return null;
    }
    if (name.equals(AUTH_TYPE)) {
        String[] retValues = new String[1];
        if (values.equalsIgnoreCase(SAMLConstants.AUTH_METHOD_CERT)) {
            retValues[0] = SAMLConstants.AUTH_METHOD_CERT_URI;
        }
        if (values.equalsIgnoreCase(SAMLConstants.AUTH_METHOD_KERBEROS)) {
            retValues[0] = SAMLConstants.AUTH_METHOD_KERBEROS_URI;
        }
        if (SAMLConstants.passwordAuthMethods.contains(values.toLowerCase())) {
            retValues[0] = SAMLConstants.AUTH_METHOD_PASSWORD_URI;
        }
        if (SAMLConstants.tokenAuthMethods.contains(values.toLowerCase())) {
            retValues[0] = SAMLConstants.AUTH_METHOD_HARDWARE_TOKEN_URI;
        } else {
            retValues[0] = SAMLConstants.AUTH_METHOD_URI_PREFIX + values;
        }
        return retValues;
    }
    if (name.equals(SAML2Constants.ORGANIZATION)) {
        String[] retValues = new String[1];
        retValues[0] = DNMapper.orgNameToRealmName(values);
        return retValues;
    }
    String[] returnVals = values.split("\\" + PROPERTY_VALUES_SEPARATOR);
    for (int i = 0; i < returnVals.length; i++) {
        returnVals[i] = StringUtils.getUnescapedValue(returnVals[i]);
    }
    return returnVals;
}
Also used : SessionException(com.sun.identity.plugin.session.SessionException) SSOException(com.iplanet.sso.SSOException)

Example 49 with SessionException

use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.

the class FMSessionProvider method getSession.

/**
     * May be used by both SP and IDP side for getting an existing
     * session given a browser initiated HTTP request.
     * @param request the browser initiated HTTP request.
     * @return the corresponding session object.
     * @throws SessionException if an error occurred during session
     * retrieval.
     */
public Object getSession(HttpServletRequest request) throws SessionException {
    try {
        SSOToken session = SSOTokenManager.getInstance().createSSOToken(request);
        SSOTokenManager.getInstance().refreshSession(session);
        return session;
    } catch (Exception ex) {
        debug.message("FMSessionProvider.getSession: Could not get the session" + " from the HTTP request: " + ex.getMessage());
        throw new SessionException(ex);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SessionException(com.sun.identity.plugin.session.SessionException) SessionException(com.sun.identity.plugin.session.SessionException) SMSException(com.sun.identity.sm.SMSException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException)

Example 50 with SessionException

use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.

the class MultiProtocolUtils method removeFederationProtocol.

/**
     * Updates session property (<code>SingleLogoutManager.FEDERATION_PROTOCOLS
     *  </code>) with the new protocol information.
     * @param session Session Object to be updated
     * @param protocol Name of the Federation protocol to be added.
     */
public static void removeFederationProtocol(Object session, String protocol) {
    if (SingleLogoutManager.debug.messageEnabled()) {
        SingleLogoutManager.debug.message("MPUtils.removeFedProtocol:" + " protocol=" + protocol + ", session=" + session);
    }
    try {
        SessionProvider provider = SessionManager.getProvider();
        String[] values = provider.getProperty(session, SingleLogoutManager.FEDERATION_PROTOCOLS);
        if (SingleLogoutManager.debug.messageEnabled()) {
            SingleLogoutManager.debug.message("MPUtils.removeFedProtocol:" + " current protocols=" + values);
        }
        if ((values == null) || (values.length == 0)) {
            return;
        } else {
            Set set = new HashSet();
            for (int i = 0; i < values.length; i++) {
                set.add(values[i]);
            }
            set.remove(protocol);
            String[] newVals = new String[set.size()];
            set.toArray(newVals);
            provider.setProperty(session, SingleLogoutManager.FEDERATION_PROTOCOLS, newVals);
        }
    } catch (UnsupportedOperationException ex) {
        SingleLogoutManager.debug.warning("MPUtils.addFedProtocol", ex);
    } catch (SessionException ex) {
        SingleLogoutManager.debug.warning("MPUtils.addFedProtocol2", ex);
    }
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) SessionException(com.sun.identity.plugin.session.SessionException) SessionProvider(com.sun.identity.plugin.session.SessionProvider) HashSet(java.util.HashSet)

Aggregations

SessionException (com.sun.identity.plugin.session.SessionException)121 SessionProvider (com.sun.identity.plugin.session.SessionProvider)55 List (java.util.List)40 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)35 IOException (java.io.IOException)28 ArrayList (java.util.ArrayList)28 Set (java.util.Set)24 SAMLException (com.sun.identity.saml.common.SAMLException)23 Iterator (java.util.Iterator)20 HashMap (java.util.HashMap)18 HashSet (java.util.HashSet)18 Map (java.util.Map)18 FSSession (com.sun.identity.federation.services.FSSession)17 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)17 FSSessionManager (com.sun.identity.federation.services.FSSessionManager)15 FSException (com.sun.identity.federation.common.FSException)13 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)12 SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)11 ServletException (javax.servlet.ServletException)10 DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)9