Example 31 with SessionException
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class IDPSingleLogout method destroyAllTokenForUser.
private static void destroyAllTokenForUser(String userToLogout, HttpServletRequest request, HttpServletResponse response) {
Enumeration keys = IDPCache.idpSessionsByIndices.keys();
String idpSessionIndex = null;
IDPSession idpSession = null;
Object idpToken = null;
if (debug.messageEnabled()) {
debug.message("IDPSingleLogout.destroyAllTokenForUser: " + "User to logoutAll : " + userToLogout);
}
while (keys.hasMoreElements()) {
idpSessionIndex = (String) keys.nextElement();
idpSession = IDPCache.idpSessionsByIndices.get(idpSessionIndex);
if (idpSession != null) {
idpToken = idpSession.getSession();
if (idpToken != null) {
try {
String userID = sessionProvider.getPrincipalName(idpToken);
if (userToLogout.equalsIgnoreCase(userID)) {
MultiProtocolUtils.invalidateSession(idpToken, request, response, SingleLogoutManager.SAML2);
IDPCache.idpSessionsByIndices.remove(idpSessionIndex);
IDPCache.authnContextCache.remove(idpSessionIndex);
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setIdpSessionCount((long) IDPCache.idpSessionsByIndices.size());
}
}
} catch (SessionException e) {
debug.error(SAML2Utils.bundle.getString("invalidSSOToken"), e);
continue;
}
}
} else {
IDPCache.idpSessionsByIndices.remove(idpSessionIndex);
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setIdpSessionCount((long) IDPCache.idpSessionsByIndices.size());
}
try {
if (SAML2FailoverUtils.isSAML2FailoverEnabled()) {
SAML2FailoverUtils.deleteSAML2Token(idpSessionIndex);
}
} catch (SAML2TokenRepositoryException se) {
debug.error("IDPSingleLogout.destroyAllTokenForUser: Error while deleting token from " + "SAML2 Token Repository for idpSessionIndex:" + idpSessionIndex, se);
}
IDPCache.authnContextCache.remove(idpSessionIndex);
}
}
}
Also used :
Enumeration(java.util.Enumeration)
SessionException(com.sun.identity.plugin.session.SessionException)
SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)
Example 32 with SessionException
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class LogoutUtil method doLogout.
public static StringBuffer doLogout(String metaAlias, String recipientEntityID, List extensionsList, EndpointType logoutEndpoint, String relayState, String sessionIndex, NameID nameID, HttpServletRequest request, HttpServletResponse response, Map paramsMap, BaseConfigType config) throws SAML2Exception, SessionException {
StringBuffer logoutRequestID = new StringBuffer();
String classMethod = "LogoutUtil.doLogout: ";
String requesterEntityID = metaManager.getEntityByMetaAlias(metaAlias);
String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
String hostEntityRole = SAML2Utils.getHostEntityRole(paramsMap);
String location = null;
String binding = null;
if (logoutEndpoint != null) {
location = logoutEndpoint.getLocation();
binding = logoutEndpoint.getBinding();
} else {
debug.error(classMethod + "Unable to find the recipient's single logout service with the binding " + binding);
throw new SAML2Exception(SAML2Utils.bundle.getString("sloServiceNotfound"));
}
if (debug.messageEnabled()) {
debug.message(classMethod + "Entering ..." + "\nrequesterEntityID=" + requesterEntityID + "\nrecipientEntityID=" + recipientEntityID + "\nbinding=" + binding + "\nrelayState=" + relayState + "\nsessionIndex=" + sessionIndex);
}
// generate unique request ID
String requestID = SAML2Utils.generateID();
if ((requestID == null) || (requestID.length() == 0)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("cannotGenerateID"));
}
// retrieve data from the params map
// destinationURI required if message is signed.
String destinationURI = SAML2Utils.getParameter(paramsMap, SAML2Constants.DESTINATION);
String consent = SAML2Utils.getParameter(paramsMap, SAML2Constants.CONSENT);
Extensions extensions = createExtensions(extensionsList);
Issuer issuer = SAML2Utils.createIssuer(requesterEntityID);
// construct LogoutRequest
LogoutRequest logoutReq = null;
try {
logoutReq = ProtocolFactory.getInstance().createLogoutRequest();
} catch (Exception e) {
debug.error(classMethod + "Unable to create LogoutRequest : ", e);
throw new SAML2Exception(SAML2Utils.bundle.getString("errorCreatingLogoutRequest"));
}
// set required attributes / elements
logoutReq.setID(requestID);
logoutReq.setVersion(SAML2Constants.VERSION_2_0);
logoutReq.setIssueInstant(new Date());
setNameIDForSLORequest(logoutReq, nameID, realm, requesterEntityID, hostEntityRole, recipientEntityID);
// set optional attributes / elements
logoutReq.setDestination(XMLUtils.escapeSpecialCharacters(destinationURI));
logoutReq.setConsent(consent);
logoutReq.setIssuer(issuer);
if (hostEntityRole.equals(SAML2Constants.IDP_ROLE)) {
// use the assertion effective time (in seconds)
int effectiveTime = SAML2Constants.ASSERTION_EFFECTIVE_TIME;
String effectiveTimeStr = SAML2Utils.getAttributeValueFromSSOConfig(realm, requesterEntityID, SAML2Constants.IDP_ROLE, SAML2Constants.ASSERTION_EFFECTIVE_TIME_ATTRIBUTE);
if (effectiveTimeStr != null) {
try {
effectiveTime = Integer.parseInt(effectiveTimeStr);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "got effective time from config:" + effectiveTime);
}
} catch (NumberFormatException nfe) {
SAML2Utils.debug.error(classMethod + "Failed to get assertion effective time from " + "IDP SSO config: ", nfe);
effectiveTime = SAML2Constants.ASSERTION_EFFECTIVE_TIME;
}
}
Date date = new Date();
date.setTime(date.getTime() + effectiveTime * 1000);
logoutReq.setNotOnOrAfter(date);
}
if (extensions != null) {
logoutReq.setExtensions(extensions);
}
if (sessionIndex != null) {
List list = new ArrayList();
list.add(sessionIndex);
logoutReq.setSessionIndex(list);
}
debug.message(classMethod + "Recipient's single logout service location = " + location);
if (destinationURI == null || destinationURI.isEmpty()) {
logoutReq.setDestination(XMLUtils.escapeSpecialCharacters(location));
}
if (debug.messageEnabled()) {
debug.message(classMethod + "SLO Request before signing : ");
debug.message(logoutReq.toXMLString(true, true));
}
if (binding.equals(SAML2Constants.HTTP_REDIRECT)) {
try {
doSLOByHttpRedirect(logoutReq.toXMLString(true, true), location, relayState, realm, requesterEntityID, hostEntityRole, recipientEntityID, response);
logoutRequestID.append(requestID);
String[] data = { location };
LogUtil.access(Level.INFO, LogUtil.REDIRECT_TO_IDP, data, null);
} catch (Exception e) {
debug.error("Exception :", e);
throw new SAML2Exception(SAML2Utils.bundle.getString("errorRedirectingLogoutRequest"));
}
} else if (binding.equals(SAML2Constants.SOAP)) {
logoutRequestID.append(requestID);
signSLORequest(logoutReq, realm, requesterEntityID, hostEntityRole, recipientEntityID);
if (debug.messageEnabled()) {
debug.message(classMethod + "SLO Request after signing : ");
debug.message(logoutReq.toXMLString(true, true));
}
location = SAML2Utils.fillInBasicAuthInfo(config, location);
doSLOBySOAP(requestID, logoutReq, location, realm, requesterEntityID, hostEntityRole, request, response);
} else if (binding.equals(SAML2Constants.HTTP_POST)) {
logoutRequestID.append(requestID);
signSLORequest(logoutReq, realm, requesterEntityID, hostEntityRole, recipientEntityID);
if (debug.messageEnabled()) {
debug.message(classMethod + "SLO Request after signing : ");
debug.message(logoutReq.toXMLString(true, true));
}
doSLOByPOST(requestID, logoutReq.toXMLString(true, true), location, relayState, realm, requesterEntityID, hostEntityRole, response, request);
}
SPCache.logoutRequestIDHash.put(logoutRequestID.toString(), logoutReq);
return logoutRequestID;
}
Also used :
Issuer(com.sun.identity.saml2.assertion.Issuer)
ArrayList(java.util.ArrayList)
Extensions(com.sun.identity.saml2.protocol.Extensions)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Date(java.util.Date)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest)
List(java.util.List)
ArrayList(java.util.ArrayList)
Example 33 with SessionException
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class LogoutUtil method getSLOBindingInfo.
/**
* Returns binding information of SLO Service for remote entity
* from request or meta configuration.
*
* @param request the HttpServletRequest.
* @param metaAlias entityID of hosted entity.
* @param hostEntityRole Role of hosted entity.
* @param remoteEntityID entityID of remote entity.
* @return return true if the processing is successful.
* @throws SAML2Exception if no binding information is configured.
*/
public static String getSLOBindingInfo(HttpServletRequest request, String metaAlias, String hostEntityRole, String remoteEntityID) throws SAML2Exception {
String binding = request.getParameter(SAML2Constants.BINDING);
try {
if (binding == null) {
String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
SingleLogoutServiceElement sloService = getSLOServiceElement(realm, remoteEntityID, hostEntityRole, null);
if (sloService != null) {
binding = sloService.getBinding();
}
}
} catch (SessionException e) {
debug.error("Invalid SSOToken", e);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
if (binding == null) {
debug.error("Incorrect configuration for SingleLogout Service.");
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
return binding;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)
SessionException(com.sun.identity.plugin.session.SessionException)
Example 34 with SessionException
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class SPSingleLogout method processLogoutResponse.
/**
* Gets and processes the Single <code>LogoutResponse</code> from IDP,
* destroys the local session, checks response's issuer
* and inResponseTo.
*
* @param request the HttpServletRequest.
* @param response the HttpServletResponse.
* @param samlResponse <code>LogoutResponse</code> in the
* XML string format.
* @param relayState the target URL on successful
* <code>LogoutResponse</code>.
* @throws SAML2Exception if error processing
* <code>LogoutResponse</code>.
* @throws SessionException if error processing
* <code>LogoutResponse</code>.
*/
public static Map<String, String> processLogoutResponse(HttpServletRequest request, HttpServletResponse response, String samlResponse, String relayState) throws SAML2Exception, SessionException {
String method = "SPSingleLogout:processLogoutResponse : ";
if (debug.messageEnabled()) {
debug.message(method + "samlResponse : " + samlResponse);
debug.message(method + "relayState : " + relayState);
}
String rmethod = request.getMethod();
String binding = SAML2Constants.HTTP_REDIRECT;
if (rmethod.equals("POST")) {
binding = SAML2Constants.HTTP_POST;
}
String metaAlias = SAML2MetaUtils.getMetaAliasByUri(request.getRequestURI());
if ((SPCache.isFedlet) && ((metaAlias == null) || (metaAlias.length() == 0))) {
List spMetaAliases = sm.getAllHostedServiceProviderMetaAliases("/");
if ((spMetaAliases != null) && !spMetaAliases.isEmpty()) {
// get first one
metaAlias = (String) spMetaAliases.get(0);
}
}
if ((metaAlias == null) || (metaAlias.length() == 0)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullSPEntityID"));
}
String realm = SAML2Utils.getRealm(SAML2MetaUtils.getRealmByMetaAlias(metaAlias));
String spEntityID = sm.getEntityByMetaAlias(metaAlias);
if (!SAML2Utils.isSPProfileBindingSupported(realm, spEntityID, SAML2Constants.SLO_SERVICE, binding)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
// Validate the RelayState URL.
SAML2Utils.validateRelayStateURL(realm, spEntityID, relayState, SAML2Constants.SP_ROLE);
LogoutResponse logoutRes = null;
if (rmethod.equals("POST")) {
logoutRes = LogoutUtil.getLogoutResponseFromPost(samlResponse, response);
} else if (rmethod.equals("GET")) {
String decodedStr = SAML2Utils.decodeFromRedirect(samlResponse);
if (decodedStr == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullDecodedStrFromSamlResponse"));
}
logoutRes = ProtocolFactory.getInstance().createLogoutResponse(decodedStr);
}
if (logoutRes == null) {
if (debug.messageEnabled()) {
debug.message("SSingleLogout:processLogoutResponse: logoutRes " + "is null");
}
return null;
}
String idpEntityID = logoutRes.getIssuer().getValue();
Issuer resIssuer = logoutRes.getIssuer();
String inResponseTo = logoutRes.getInResponseTo();
LogoutRequest logoutReq = (LogoutRequest) SPCache.logoutRequestIDHash.remove(inResponseTo);
if (logoutReq == null) {
logoutReq = (LogoutRequest) SAML2Store.getTokenFromStore(inResponseTo);
}
if (logoutReq == null && SAML2FailoverUtils.isSAML2FailoverEnabled()) {
//check the samlFailover cache instead
try {
logoutReq = (LogoutRequest) SAML2FailoverUtils.retrieveSAML2Token(inResponseTo);
} catch (SAML2TokenRepositoryException e) {
throw new SAML2Exception(SAML2Utils.bundle.getString("LogoutRequestIDandInResponseToDoNotMatch"));
}
}
// invoke SPAdapter preSingleLogoutProcess
String userId = null;
if (!SPCache.isFedlet) {
userId = preSingleLogoutProcess(spEntityID, realm, request, response, null, logoutReq, logoutRes, binding);
}
SAML2Utils.verifyResponseIssuer(realm, spEntityID, resIssuer, inResponseTo);
boolean needToVerify = SAML2Utils.getWantLogoutResponseSigned(realm, spEntityID, SAML2Constants.SP_ROLE);
if (debug.messageEnabled()) {
debug.message(method + "metaAlias : " + metaAlias);
debug.message(method + "realm : " + realm);
debug.message(method + "idpEntityID : " + idpEntityID);
debug.message(method + "spEntityID : " + spEntityID);
}
Map<String, String> infoMap = new HashMap<String, String>();
infoMap.put("entityid", spEntityID);
infoMap.put(SAML2Constants.REALM, realm);
if (needToVerify) {
boolean valid = false;
if (rmethod.equals("GET")) {
String queryString = request.getQueryString();
valid = SAML2Utils.verifyQueryString(queryString, realm, SAML2Constants.SP_ROLE, idpEntityID);
} else {
valid = LogoutUtil.verifySLOResponse(logoutRes, realm, idpEntityID, spEntityID, SAML2Constants.SP_ROLE);
}
if (!valid) {
debug.error("SPSingleLogout.processLogoutResponse: " + "Invalid signature in SLO Response.");
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignInResponse"));
}
SPSSODescriptorElement spsso = sm.getSPSSODescriptor(realm, spEntityID);
String loc = getSLOResponseLocationOrLocation(spsso, binding);
if (!SAML2Utils.verifyDestination(logoutRes.getDestination(), loc)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidDestination"));
}
}
if (inResponseTo == null || inResponseTo.length() == 0) {
if (debug.messageEnabled()) {
debug.message("LogoutResponse inResponseTo is null");
}
throw new SAML2Exception(SAML2Utils.bundle.getString("nullInResponseToFromSamlResponse"));
}
if (logoutReq != null) {
if (debug.messageEnabled()) {
debug.message("LogoutResponse inResponseTo matches " + "LogoutRequest ID.");
}
} else {
if (debug.messageEnabled()) {
debug.message("LogoutResponse inResponseTo does not match " + "LogoutRequest ID.");
}
throw new SAML2Exception(SAML2Utils.bundle.getString("LogoutRequestIDandInResponseToDoNotMatch"));
}
infoMap.put("inResponseTo", inResponseTo);
infoMap.put(SAML2Constants.RELAY_STATE, relayState);
// destroy session
try {
Object session = sessionProvider.getSession(request);
if ((session != null) && sessionProvider.isValid(session)) {
sessionProvider.invalidateSession(session, request, response);
}
} catch (SessionException se) {
debug.message("SPSingleLogout.processLogoutResponse() : Unable to invalidate session: " + se.getMessage());
}
if (!SPCache.isFedlet) {
if (isSuccess(logoutRes)) {
// invoke SPAdapter postSingleLogoutSucces
postSingleLogoutSuccess(spEntityID, realm, request, response, userId, logoutReq, logoutRes, binding);
} else {
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "sloFailed", null);
}
} else {
// obtain fedlet adapter
FedletAdapter fedletAdapter = SAML2Utils.getFedletAdapterClass(spEntityID, realm);
if (fedletAdapter != null) {
if (isSuccess(logoutRes)) {
fedletAdapter.onFedletSLOSuccess(request, response, logoutReq, logoutRes, spEntityID, idpEntityID, binding);
} else {
fedletAdapter.onFedletSLOFailure(request, response, logoutReq, logoutRes, spEntityID, idpEntityID, binding);
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "sloFailed", null);
}
}
}
return infoMap;
}
Also used :
LogoutResponse(com.sun.identity.saml2.protocol.LogoutResponse)
Issuer(com.sun.identity.saml2.assertion.Issuer)
HashMap(java.util.HashMap)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
SessionException(com.sun.identity.plugin.session.SessionException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
FedletAdapter(com.sun.identity.saml2.plugins.FedletAdapter)
List(java.util.List)
ArrayList(java.util.ArrayList)
LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest)
SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)
Example 35 with SessionException
use of com.sun.identity.plugin.session.SessionException in project OpenAM by OpenRock.
the class NameIDMapping method initiateNameIDMappingRequest.
/**
* Parses the request parameters and builds the NameIDMappingRequest to
* sent to remote identity provider.
*
* @param session user session.
* @param realm the realm of hosted entity
* @param spEntityID entity ID of hosted service provider
* @param idpEntityID entity ID of remote idendity provider
* @param targetSPEntityID entity ID of target entity ID of service
* provider
* @param targetNameIDFormat format of target Name ID
* @param paramsMap Map of all other parameters
*
* @return the <code>NameIDMappingResponse</code>
* @throws SAML2Exception if error initiating request to remote entity.
*
* @supported.api
*/
public static NameIDMappingResponse initiateNameIDMappingRequest(Object session, String realm, String spEntityID, String idpEntityID, String targetSPEntityID, String targetNameIDFormat, Map paramsMap) throws SAML2Exception {
if (spEntityID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullSPEntityID"));
}
if (idpEntityID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullIDPEntityID"));
}
String userID = null;
try {
userID = sessionProvider.getPrincipalName(session);
} catch (SessionException e) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.createNameIDMappingRequest: ", e);
}
}
if (userID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " IDP EntityID is : " + idpEntityID);
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " SP HOST EntityID is : " + spEntityID);
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " target SP EntityID is : " + targetSPEntityID);
}
try {
// nameIDMappingService
String binding = SAML2Utils.getParameter(paramsMap, SAML2Constants.BINDING);
if (binding == null) {
binding = SAML2Constants.SOAP;
} else if (!binding.equals(SAML2Constants.SOAP)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nimServiceBindingUnsupport"));
}
String nimURL = SAML2Utils.getParameter(paramsMap, "nimURL");
if (nimURL == null) {
NameIDMappingServiceElement nameIDMappingService = getNameIDMappingService(realm, idpEntityID, binding);
if (nameIDMappingService != null) {
nimURL = nameIDMappingService.getLocation();
}
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " nimURL" + nimURL);
}
if (nimURL == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nimServiceNotFound"));
}
NameIDMappingRequest nimRequest = createNameIDMappingRequest(userID, realm, spEntityID, idpEntityID, nimURL, targetSPEntityID, targetNameIDFormat);
signNIMRequest(nimRequest, realm, spEntityID, false);
BaseConfigType config = metaManager.getIDPSSOConfig(realm, idpEntityID);
nimURL = SAML2SDKUtils.fillInBasicAuthInfo(config, nimURL);
return doNIMBySOAP(nimRequest.toXMLString(true, true), nimURL, realm, spEntityID);
} catch (SAML2MetaException sme) {
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NameIDMappingServiceElement(com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
SessionException(com.sun.identity.plugin.session.SessionException)
NameIDMappingRequest(com.sun.identity.saml2.protocol.NameIDMappingRequest)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
SessionException (com.sun.identity.plugin.session.SessionException)121
SessionProvider (com.sun.identity.plugin.session.SessionProvider)55
List (java.util.List)40
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)35
IOException (java.io.IOException)28
ArrayList (java.util.ArrayList)28
Set (java.util.Set)24
SAMLException (com.sun.identity.saml.common.SAMLException)23
Iterator (java.util.Iterator)20
HashMap (java.util.HashMap)18
HashSet (java.util.HashSet)18
Map (java.util.Map)18
FSSession (com.sun.identity.federation.services.FSSession)17
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)17
FSSessionManager (com.sun.identity.federation.services.FSSessionManager)15
FSException (com.sun.identity.federation.common.FSException)13
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)12
SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)11
ServletException (javax.servlet.ServletException)10
DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)9
