use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.
the class FSSSOAndFedHandler method createAuthnResponse.
protected FSAuthnResponse createAuthnResponse(Object ssoToken, String inResponseTo, NameIdentifier userHandle, NameIdentifier idpHandle) {
FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse: Called");
FSAuthnResponse authnResponse = null;
try {
String requestID = authnRequest.getRequestID();
FSAssertionManager am = FSAssertionManager.getInstance(metaAlias);
FSAssertion assertion = null;
SessionProvider sessionProvider = SessionManager.getProvider();
assertion = am.createFSAssertion(sessionProvider.getSessionID(ssoToken), null, realm, spEntityId, userHandle, idpHandle, inResponseTo, authnRequest.getMinorVersion());
StatusCode statusCode = new StatusCode(IFSConstants.STATUS_CODE_SUCCESS);
Status status = new Status(statusCode);
List contents = new ArrayList();
contents.add(assertion);
authnResponse = new FSAuthnResponse(null, requestID, status, contents, relayState);
authnResponse.setMinorVersion(authnRequest.getMinorVersion());
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse: " + "CHECK1: " + hostedEntityId);
}
authnResponse.setProviderId(hostedEntityId);
} catch (FSException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: FSException: ", se);
return null;
} catch (SAMLException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SAMLException: ", se);
return null;
} catch (SessionException se) {
FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SessionException: ", se);
return null;
}
// sign AuthnResponse
return authnResponse;
}
use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.
the class FSSSOAndFedService method handleAuthnRequest.
private void handleAuthnRequest(HttpServletRequest request, HttpServletResponse response, FSAuthnRequest authnRequest, String realm, String hostEntityId, boolean bLECP, String authnContext) {
// post authn process
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
IDPDescriptorType hostedDesc = null;
BaseConfigType hostedConfig = null;
String metaAlias = null;
try {
hostedDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
if (hostedConfig != null) {
metaAlias = hostedConfig.getMetaAlias();
}
} catch (Exception e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "Couldn't obtain hosted meta:", e);
}
}
/* Not really useful.
String nameRegisDone =
request.getParameter(IFSConstants.NAMEREGIS_INDICATOR_PARAM);
boolean doNameRegis = false;
String doNameRegisStr =
IDFFMetaUtils.getFirstAttributeValueFromConfig(
hostedConfig, IFSConstants.ENABLE_REGISTRATION_AFTER_SSO);
if (doNameRegisStr != null && doNameRegisStr.equalsIgnoreCase("true")) {
doNameRegis = true;
}
*/
Object ssoToken = null;
String userID = null;
try {
SessionProvider sessionProvider = SessionManager.getProvider();
ssoToken = sessionProvider.getSession(request);
if (ssoToken == null) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is null.");
return;
} else if (!sessionProvider.isValid(ssoToken)) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is not valid.");
return;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "session token is valid.");
}
}
FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
FSSession session = sessionManager.getSession(ssoToken);
userID = sessionProvider.getPrincipalName(ssoToken);
if (session == null) {
session = new FSSession(sessionProvider.getSessionID(ssoToken));
session.setAuthnContext(authnContext);
sessionManager.addSession(userID, session);
} else {
session.setAuthnContext(authnContext);
}
} catch (SessionException se) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: ", se);
return;
}
try {
if (userID == null) {
LogUtil.error(Level.INFO, LogUtil.USER_NOT_FOUND, null, ssoToken);
return;
}
String remoteEntityID = authnRequest.getProviderId();
FSAccountManager acctMng = FSAccountManager.getInstance(metaAlias);
acctMng.readAccountFedInfo(userID, remoteEntityID);
/* Not useful at all. Commented out for now.
if (doNameRegis &&
(nameRegisDone == null ||
!nameRegisDone.equals(IFSConstants.TRUE)) &&
!authnRequest.getFederate())
{
// have to do nameregis now
Map queryMap = new HashMap();
queryMap.put(IFSConstants.AUTH_REQUEST_ID,
authnRequest.getRequestID());
queryMap.put(IFSConstants.PROVIDER_ID_KEY,hostEntityId);
queryMap.put(IFSConstants.AUTHN_CONTEXT,authnContext);
FSServiceManager instSManager = FSServiceManager.getInstance();
if (instSManager != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message(
"FSSSOAndFedService.handleAuthnRequest:" +
"FSServiceManager Instance not null");
}
try {
FSNameRegistrationHandler handlerObj =
instSManager.getNameRegistrationHandler(
realm, remoteEntityID, IFSConstants.SP);
SPDescriptorType remoteProviderDesc =
metaManager.getSPDescriptor(realm,remoteEntityID);
if (handlerObj != null) {
handlerObj.setHostedDescriptor(hostedDesc);
handlerObj.setHostedDescriptorConfig(hostedConfig);
handlerObj.setMetaAlias(metaAlias);
handlerObj.setHostedEntityId(hostEntityId);
handlerObj.handleNameRegistration(
request,
response,
ssoToken,
(HashMap)queryMap);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message(
"FSSSOAndFedService.handleAuthnRequest:" +
"Control returned from name registration");
}
if (!FSServiceUtils.isRegisProfileSOAP(userID,
remoteEntityID,
remoteProviderDesc,
metaAlias,
hostedDesc))
{
return;
}
}
} catch (Exception ex){
FSUtils.debug.error(
"FSSSOAndFedService.handleAuthnRequest:Error in " +
"invoking Name registration. returning.", ex);
return;
}
}
}
*/
} catch (FSAccountMgmtException exp) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService:: handleAuthnRequest()" + " No account information avialable for user. " + "So no invocation " + " of name registration. ", exp);
}
}
handleAuthnRequest(request, response, authnRequest, true, bLECP, realm, hostEntityId, metaAlias, hostedDesc, hostedConfig);
}
use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.
the class FSSSOAndFedService method handleAuthnRequest.
private void handleAuthnRequest(HttpServletRequest request, HttpServletResponse response, FSAuthnRequest authnRequest, boolean bPostAuthn, boolean bLECP, String realm, String hostEntityId, String metaAlias, IDPDescriptorType hostedDesc, BaseConfigType hostedConfig) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
Object session = null;
try {
SessionProvider provider = SessionManager.getProvider();
session = provider.getSession(request);
if ((session != null) && (provider.isValid(session))) {
MultiProtocolUtils.addFederationProtocol(session, SingleLogoutManager.IDFF);
}
} catch (SessionException e) {
FSUtils.debug.warning("FSSSOFedService.handleAuthnRequest: hub", e);
}
try {
if (!bPostAuthn && !authnRequest.getIsPassive()) {
FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
sessionService.setAuthnRequest(authnRequest.getRequestID(), authnRequest);
} else {
// remove it from authn request map
FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
sessionService.removeAuthnRequest(authnRequest.getRequestID());
}
// handle sso
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "Trying to handle AuthnRequest message: " + authnRequest.toXMLString());
List extensions = authnRequest.getExtensions();
if ((extensions != null) && (!extensions.isEmpty())) {
FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "AuthnRequest extensions: " + ((Extension) extensions.get(0)).getAttributeMap());
;
}
}
FSServiceManager sm = FSServiceManager.getInstance();
FSSSOAndFedHandler handler = null;
if (!bLECP) {
handler = sm.getSSOAndFedHandler(request, response, authnRequest, realm);
} else {
handler = sm.getLECPProfileHandler(request, response, authnRequest, realm);
}
if (handler == null) {
FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "could not create SSOAndFedHandler");
String[] data = { FSUtils.bundle.getString("requestProcessingFailed") };
LogUtil.error(Level.INFO, LogUtil.AUTHN_REQUEST_PROCESSING_FAILED, data, session);
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("requestProcessingFailed"));
return;
}
if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
idffSvc.incIdAuthnRqt();
}
handler.setHostedEntityId(hostEntityId);
handler.setMetaAlias(metaAlias);
handler.setHostedDescriptor(hostedDesc);
handler.setHostedDescriptorConfig(hostedConfig);
handler.setRealm(realm);
handler.processAuthnRequest(authnRequest, bPostAuthn);
return;
} catch (Exception se) {
FSUtils.debug.error("FSSSOAndFedService: Exception occured:", se);
try {
response.sendError(response.SC_INTERNAL_SERVER_ERROR, se.getMessage());
} catch (IOException ex) {
FSUtils.debug.error("FSSSOAndFedService: Exception occured " + ex.getMessage());
}
return;
}
}
use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.
the class FSLogoutUtil method destroyLocalSession.
/**
* Destroys local session.
* @param ssoToken session of the principal
* @return <code>true</code> if the local session is deleted;
* <code>false</code> otherwise.
*/
protected static boolean destroyLocalSession(Object ssoToken, HttpServletRequest request, HttpServletResponse response) {
try {
FSUtils.debug.message("FSLogoutUtil.destroyLocalSession, enter");
SessionProvider sessionProvider = SessionManager.getProvider();
if (sessionProvider.isValid(ssoToken)) {
MultiProtocolUtils.invalidateSession(ssoToken, request, response, SingleLogoutManager.IDFF);
}
FSUtils.debug.message("FSLogoutUtil.destroyLocalSession, deleted");
return true;
} catch (SessionException e) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("SessionException in destroyLocalSession", e);
}
return false;
}
}
use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.
the class FSLogoutUtil method invalidateActiveSessionIds.
/**
* Destroys the principal's session information
* maintained by <code>FSSessionManager</code>.
* @param sessionObjList the Vector of <code>sessionId</code>s
* @param request <code>HttpServletRequest</code> object
* @param response <code>HttpServletResponse</code> object
*/
private static void invalidateActiveSessionIds(Vector sessionObjList, HttpServletRequest request, HttpServletResponse response) {
FSUtils.debug.message("FSLogoutUtil.invalidateActiveSessionIds, start");
if (sessionObjList != null && !sessionObjList.isEmpty()) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message(sessionObjList.size() + " Active Session exists");
}
SessionProvider sessionProvider = null;
try {
sessionProvider = SessionManager.getProvider();
} catch (SessionException se) {
FSUtils.debug.error("invalidateActiveSessionIds:" + "Couldn't obtain session provider:", se);
return;
}
for (int i = 0; i < sessionObjList.size(); i++) {
String sessionId = (String) (((FSSession) sessionObjList.elementAt(i)).getSessionID());
if (sessionId != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("To Invalidate session : " + sessionId);
}
//Invalidate session
try {
Object ssoToken = sessionProvider.getSession(sessionId);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Destroying token : " + sessionProvider.getPrincipalName(ssoToken));
}
MultiProtocolUtils.invalidateSession(ssoToken, request, response, SingleLogoutManager.IDFF);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Completed Destroying token for sessionID :" + sessionId);
}
} catch (SessionException e) {
FSUtils.debug.error("invalidateActiveSessionIds : " + sessionId + " - ", e);
continue;
}
}
}
} else {
FSUtils.debug.message("No active Session exists");
}
}
Aggregations