use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class DefaultSiteAttributeMapper method getAttributes.
/**
* Returns <code>List</code> of <code>Attribute</code> objects
*
* @param token User's session.
* @param request The HttpServletRerquest object of the request which
* may contains query attributes to be included in the
* Assertion. This could be null if unavailable.
* @param response The HttpServletResponse object. This could be null
* if unavailable.
* @param targetURL value for TARGET query parameter when the user
* accessing the SAML aware servlet or post profile
* servlet. This could be null if unavailabl
* @return <code>List</code> if <code>Attribute</code> objects.
* <code>Attribute</code> is defined in the SAML SDK as part of
* <code>com.sun.identity.saml.assertion</code> package.
* @throws SAMLException if attributes cannot be obtained.
*/
public List getAttributes(Object token, HttpServletRequest request, HttpServletResponse response, String targetURL) throws SAMLException {
Map attrMap = (Map) SAMLServiceManager.getAttribute(SAMLConstants.ATTRIBUTE_MAP);
if ((attrMap == null) || (attrMap.isEmpty())) {
return null;
}
Set localAttrNames = new HashSet();
localAttrNames.addAll(attrMap.values());
Map localValueMap = null;
try {
DataStoreProvider dsProvider = DataStoreProviderManager.getInstance().getDataStoreProvider(SAMLConstants.SAML);
localValueMap = dsProvider.getAttributes(SessionManager.getProvider().getPrincipalName(token), localAttrNames);
} catch (Exception ex) {
if (SAMLUtils.debug.warningEnabled()) {
SAMLUtils.debug.warning("DefaultSiteAttributeMapper." + "getAttributes:", ex);
}
}
List samlAttrs = null;
for (Iterator iter = attrMap.keySet().iterator(); iter.hasNext(); ) {
String samlAttrName = (String) iter.next();
String localAttrName = (String) attrMap.get(samlAttrName);
String attrNamespace = null;
StringTokenizer tokenizer = new StringTokenizer(samlAttrName, "|");
int tokenCount = tokenizer.countTokens();
if (tokenCount == 1) {
attrNamespace = SAMLConstants.assertionSAMLNameSpaceURI;
} else if (tokenCount == 2) {
attrNamespace = tokenizer.nextToken();
samlAttrName = tokenizer.nextToken();
} else {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: invalid saml attribute in attribute " + " map. saml attribute = " + samlAttrName + ", the " + " syntax is namespace|attrName.");
}
continue;
}
String[] localAttrValues = null;
if ((localValueMap != null) && (!localValueMap.isEmpty())) {
Set values = (Set) localValueMap.get(localAttrName);
if ((values == null) || (values.isEmpty())) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: user profile does not have " + "value for " + localAttrName + " but is going to check ssotoken:");
}
} else {
localAttrValues = (String[]) values.toArray(new String[values.size()]);
}
}
if (localAttrValues == null) {
try {
localAttrValues = SessionManager.getProvider().getProperty(token, localAttrName);
} catch (SessionException ex) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute:", ex);
}
}
}
if ((localAttrValues == null) || (localAttrValues.length == 0)) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: user does not have " + localAttrName);
}
} else {
Attribute samlAttr = getSAMLAttribute(samlAttrName, attrNamespace, localAttrValues);
if (samlAttr != null) {
if (samlAttrs == null) {
samlAttrs = new ArrayList();
}
samlAttrs.add(samlAttr);
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultSiteAttributeMapper." + "getAttribute: add atttribute = " + samlAttrName + ", attrNamespace = " + attrNamespace + ", values = " + localAttrValues);
}
}
}
}
return samlAttrs;
}
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class FMSessionProvider method getSession.
/**
* May be used by both SP and IDP side for getting an existing
* session given an session ID.
* @param sessionID the unique session handle.
* @return the corresponding session object.
* @throws SessionException if an error occurred during session
* retrieval.
*/
public Object getSession(String sessionID) throws SessionException {
try {
SSOToken session = SSOTokenManager.getInstance().createSSOToken(sessionID);
SSOTokenManager.getInstance().refreshSession(session);
return session;
} catch (Throwable e) {
throw new SessionException(e);
}
}
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class FMSessionProvider method getProperty.
/**
* Retrieves a property from the session object.
* @param session the session object.
* @param name the property name.
* @return the property values.
* @throws SessionException if getting the property causes an error.
*/
public String[] getProperty(Object session, String name) throws SessionException {
if (session == null || name == null || name.length() == 0) {
return null;
}
if (name.equals(AUTH_METHOD)) {
name = AUTH_TYPE;
}
String values = null;
try {
if (SAML2Constants.IDP_SESSION_INDEX.equals(name)) {
// get session property by ignoring session state
// this propperty could be retrieve when session idle timed out
// need to be able to get value without exception
values = ((SSOToken) session).getProperty(name, true);
} else {
values = ((SSOToken) session).getProperty(name);
}
} catch (SSOException se) {
throw new SessionException(se);
}
if (values == null || values.length() == 0) {
return null;
}
if (name.equals(AUTH_TYPE)) {
String[] retValues = new String[1];
if (values.equalsIgnoreCase(SAMLConstants.AUTH_METHOD_CERT)) {
retValues[0] = SAMLConstants.AUTH_METHOD_CERT_URI;
}
if (values.equalsIgnoreCase(SAMLConstants.AUTH_METHOD_KERBEROS)) {
retValues[0] = SAMLConstants.AUTH_METHOD_KERBEROS_URI;
}
if (SAMLConstants.passwordAuthMethods.contains(values.toLowerCase())) {
retValues[0] = SAMLConstants.AUTH_METHOD_PASSWORD_URI;
}
if (SAMLConstants.tokenAuthMethods.contains(values.toLowerCase())) {
retValues[0] = SAMLConstants.AUTH_METHOD_HARDWARE_TOKEN_URI;
} else {
retValues[0] = SAMLConstants.AUTH_METHOD_URI_PREFIX + values;
}
return retValues;
}
if (name.equals(SAML2Constants.ORGANIZATION)) {
String[] retValues = new String[1];
retValues[0] = DNMapper.orgNameToRealmName(values);
return retValues;
}
String[] returnVals = values.split("\\" + PROPERTY_VALUES_SEPARATOR);
for (int i = 0; i < returnVals.length; i++) {
returnVals[i] = StringUtils.getUnescapedValue(returnVals[i]);
}
return returnVals;
}
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class FMSessionProvider method getSession.
/**
* May be used by both SP and IDP side for getting an existing
* session given a browser initiated HTTP request.
* @param request the browser initiated HTTP request.
* @return the corresponding session object.
* @throws SessionException if an error occurred during session
* retrieval.
*/
public Object getSession(HttpServletRequest request) throws SessionException {
try {
SSOToken session = SSOTokenManager.getInstance().createSSOToken(request);
SSOTokenManager.getInstance().refreshSession(session);
return session;
} catch (Exception ex) {
debug.message("FMSessionProvider.getSession: Could not get the session" + " from the HTTP request: " + ex.getMessage());
throw new SessionException(ex);
}
}
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class MultiProtocolUtils method removeFederationProtocol.
/**
* Updates session property (<code>SingleLogoutManager.FEDERATION_PROTOCOLS
* </code>) with the new protocol information.
* @param session Session Object to be updated
* @param protocol Name of the Federation protocol to be added.
*/
public static void removeFederationProtocol(Object session, String protocol) {
if (SingleLogoutManager.debug.messageEnabled()) {
SingleLogoutManager.debug.message("MPUtils.removeFedProtocol:" + " protocol=" + protocol + ", session=" + session);
}
try {
SessionProvider provider = SessionManager.getProvider();
String[] values = provider.getProperty(session, SingleLogoutManager.FEDERATION_PROTOCOLS);
if (SingleLogoutManager.debug.messageEnabled()) {
SingleLogoutManager.debug.message("MPUtils.removeFedProtocol:" + " current protocols=" + values);
}
if ((values == null) || (values.length == 0)) {
return;
} else {
Set set = new HashSet();
for (int i = 0; i < values.length; i++) {
set.add(values[i]);
}
set.remove(protocol);
String[] newVals = new String[set.size()];
set.toArray(newVals);
provider.setProperty(session, SingleLogoutManager.FEDERATION_PROTOCOLS, newVals);
}
} catch (UnsupportedOperationException ex) {
SingleLogoutManager.debug.warning("MPUtils.addFedProtocol", ex);
} catch (SessionException ex) {
SingleLogoutManager.debug.warning("MPUtils.addFedProtocol2", ex);
}
}
Aggregations