Search in sources :

Example 11 with SessionProvider

use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.

the class FSSSOAndFedHandler method createAuthnResponse.

protected FSAuthnResponse createAuthnResponse(Object ssoToken, String inResponseTo, NameIdentifier userHandle, NameIdentifier idpHandle) {
    FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse:  Called");
    FSAuthnResponse authnResponse = null;
    try {
        String requestID = authnRequest.getRequestID();
        FSAssertionManager am = FSAssertionManager.getInstance(metaAlias);
        FSAssertion assertion = null;
        SessionProvider sessionProvider = SessionManager.getProvider();
        assertion = am.createFSAssertion(sessionProvider.getSessionID(ssoToken), null, realm, spEntityId, userHandle, idpHandle, inResponseTo, authnRequest.getMinorVersion());
        StatusCode statusCode = new StatusCode(IFSConstants.STATUS_CODE_SUCCESS);
        Status status = new Status(statusCode);
        List contents = new ArrayList();
        contents.add(assertion);
        authnResponse = new FSAuthnResponse(null, requestID, status, contents, relayState);
        authnResponse.setMinorVersion(authnRequest.getMinorVersion());
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSSOAndFedHandler.createAuthnResponse: " + "CHECK1: " + hostedEntityId);
        }
        authnResponse.setProviderId(hostedEntityId);
    } catch (FSException se) {
        FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: FSException: ", se);
        return null;
    } catch (SAMLException se) {
        FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SAMLException: ", se);
        return null;
    } catch (SessionException se) {
        FSUtils.debug.error("FSSSOAndFedHandler.createAuthnResponse: " + "SessionException: ", se);
        return null;
    }
    // sign AuthnResponse
    return authnResponse;
}
Also used : Status(com.sun.identity.saml.protocol.Status) FSAuthnResponse(com.sun.identity.federation.message.FSAuthnResponse) FSAssertionManager(com.sun.identity.federation.services.FSAssertionManager) FSAssertion(com.sun.identity.federation.message.FSAssertion) ArrayList(java.util.ArrayList) FSException(com.sun.identity.federation.common.FSException) SessionException(com.sun.identity.plugin.session.SessionException) List(java.util.List) ArrayList(java.util.ArrayList) StatusCode(com.sun.identity.saml.protocol.StatusCode) SAMLException(com.sun.identity.saml.common.SAMLException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Example 12 with SessionProvider

use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.

the class FSSSOAndFedService method handleAuthnRequest.

private void handleAuthnRequest(HttpServletRequest request, HttpServletResponse response, FSAuthnRequest authnRequest, String realm, String hostEntityId, boolean bLECP, String authnContext) {
    // post authn process
    FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
    IDPDescriptorType hostedDesc = null;
    BaseConfigType hostedConfig = null;
    String metaAlias = null;
    try {
        hostedDesc = metaManager.getIDPDescriptor(realm, hostEntityId);
        hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
        if (hostedConfig != null) {
            metaAlias = hostedConfig.getMetaAlias();
        }
    } catch (Exception e) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "Couldn't obtain hosted meta:", e);
        }
    }
    /* Not really useful.
        String nameRegisDone = 
            request.getParameter(IFSConstants.NAMEREGIS_INDICATOR_PARAM);
        boolean doNameRegis = false;
        String doNameRegisStr = 
            IDFFMetaUtils.getFirstAttributeValueFromConfig(
                hostedConfig, IFSConstants.ENABLE_REGISTRATION_AFTER_SSO);
        if (doNameRegisStr != null && doNameRegisStr.equalsIgnoreCase("true")) {
            doNameRegis = true;
        }
        */
    Object ssoToken = null;
    String userID = null;
    try {
        SessionProvider sessionProvider = SessionManager.getProvider();
        ssoToken = sessionProvider.getSession(request);
        if (ssoToken == null) {
            FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is null.");
            return;
        } else if (!sessionProvider.isValid(ssoToken)) {
            FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "session token is not valid.");
            return;
        } else {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "session token is valid.");
            }
        }
        FSSessionManager sessionManager = FSSessionManager.getInstance(metaAlias);
        FSSession session = sessionManager.getSession(ssoToken);
        userID = sessionProvider.getPrincipalName(ssoToken);
        if (session == null) {
            session = new FSSession(sessionProvider.getSessionID(ssoToken));
            session.setAuthnContext(authnContext);
            sessionManager.addSession(userID, session);
        } else {
            session.setAuthnContext(authnContext);
        }
    } catch (SessionException se) {
        FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: ", se);
        return;
    }
    try {
        if (userID == null) {
            LogUtil.error(Level.INFO, LogUtil.USER_NOT_FOUND, null, ssoToken);
            return;
        }
        String remoteEntityID = authnRequest.getProviderId();
        FSAccountManager acctMng = FSAccountManager.getInstance(metaAlias);
        acctMng.readAccountFedInfo(userID, remoteEntityID);
    /* Not useful at all.  Commented out for now.
            if (doNameRegis &&
                (nameRegisDone == null || 
                    !nameRegisDone.equals(IFSConstants.TRUE)) && 
                !authnRequest.getFederate()) 
            {
                // have to do nameregis now 
                Map queryMap = new HashMap();
                queryMap.put(IFSConstants.AUTH_REQUEST_ID,
                    authnRequest.getRequestID());
                queryMap.put(IFSConstants.PROVIDER_ID_KEY,hostEntityId);
                queryMap.put(IFSConstants.AUTHN_CONTEXT,authnContext);
                FSServiceManager instSManager = FSServiceManager.getInstance();
                if (instSManager != null) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message(
                            "FSSSOAndFedService.handleAuthnRequest:" +
                            "FSServiceManager Instance not null");
                    }
                    try {
                        FSNameRegistrationHandler handlerObj = 
                            instSManager.getNameRegistrationHandler(
                                realm, remoteEntityID, IFSConstants.SP); 
                        SPDescriptorType remoteProviderDesc = 
                            metaManager.getSPDescriptor(realm,remoteEntityID);
                        if (handlerObj != null) {
                            handlerObj.setHostedDescriptor(hostedDesc);
                            handlerObj.setHostedDescriptorConfig(hostedConfig);
                            handlerObj.setMetaAlias(metaAlias);
                            handlerObj.setHostedEntityId(hostEntityId);
                            handlerObj.handleNameRegistration(
                                request,
                                response, 
                                ssoToken,
                                (HashMap)queryMap);
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message(
                                    "FSSSOAndFedService.handleAuthnRequest:" +
                                    "Control returned from name registration");
                            }
                            if (!FSServiceUtils.isRegisProfileSOAP(userID,
                                            remoteEntityID,
                                            remoteProviderDesc,
                                            metaAlias,
                                            hostedDesc))
                            {
                                return;
                            }
                        }
                    } catch (Exception ex){
                        FSUtils.debug.error(
                            "FSSSOAndFedService.handleAuthnRequest:Error in " +
                            "invoking Name registration. returning.", ex);
                        return;
                    }
                }
            }
            */
    } catch (FSAccountMgmtException exp) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSSOAndFedService:: handleAuthnRequest()" + " No account information avialable for user. " + "So no invocation " + " of name registration. ", exp);
        }
    }
    handleAuthnRequest(request, response, authnRequest, true, bLECP, realm, hostEntityId, metaAlias, hostedDesc, hostedConfig);
}
Also used : IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType) BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType) FSSession(com.sun.identity.federation.services.FSSession) SessionException(com.sun.identity.plugin.session.SessionException) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) FSAccountManager(com.sun.identity.federation.accountmgmt.FSAccountManager) ServletException(javax.servlet.ServletException) SOAPException(javax.xml.soap.SOAPException) SessionException(com.sun.identity.plugin.session.SessionException) FSException(com.sun.identity.federation.common.FSException) IOException(java.io.IOException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Example 13 with SessionProvider

use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.

the class FSSSOAndFedService method handleAuthnRequest.

private void handleAuthnRequest(HttpServletRequest request, HttpServletResponse response, FSAuthnRequest authnRequest, boolean bPostAuthn, boolean bLECP, String realm, String hostEntityId, String metaAlias, IDPDescriptorType hostedDesc, BaseConfigType hostedConfig) {
    FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
    Object session = null;
    try {
        SessionProvider provider = SessionManager.getProvider();
        session = provider.getSession(request);
        if ((session != null) && (provider.isValid(session))) {
            MultiProtocolUtils.addFederationProtocol(session, SingleLogoutManager.IDFF);
        }
    } catch (SessionException e) {
        FSUtils.debug.warning("FSSSOFedService.handleAuthnRequest: hub", e);
    }
    try {
        if (!bPostAuthn && !authnRequest.getIsPassive()) {
            FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
            sessionService.setAuthnRequest(authnRequest.getRequestID(), authnRequest);
        } else {
            // remove it from authn request map
            FSSessionManager sessionService = FSSessionManager.getInstance(metaAlias);
            sessionService.removeAuthnRequest(authnRequest.getRequestID());
        }
        // handle sso
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "Trying to handle AuthnRequest message: " + authnRequest.toXMLString());
            List extensions = authnRequest.getExtensions();
            if ((extensions != null) && (!extensions.isEmpty())) {
                FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: " + "AuthnRequest extensions: " + ((Extension) extensions.get(0)).getAttributeMap());
                ;
            }
        }
        FSServiceManager sm = FSServiceManager.getInstance();
        FSSSOAndFedHandler handler = null;
        if (!bLECP) {
            handler = sm.getSSOAndFedHandler(request, response, authnRequest, realm);
        } else {
            handler = sm.getLECPProfileHandler(request, response, authnRequest, realm);
        }
        if (handler == null) {
            FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: " + "could not create SSOAndFedHandler");
            String[] data = { FSUtils.bundle.getString("requestProcessingFailed") };
            LogUtil.error(Level.INFO, LogUtil.AUTHN_REQUEST_PROCESSING_FAILED, data, session);
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("requestProcessingFailed"));
            return;
        }
        if ((agent != null) && agent.isRunning() && (idffSvc != null)) {
            idffSvc.incIdAuthnRqt();
        }
        handler.setHostedEntityId(hostEntityId);
        handler.setMetaAlias(metaAlias);
        handler.setHostedDescriptor(hostedDesc);
        handler.setHostedDescriptorConfig(hostedConfig);
        handler.setRealm(realm);
        handler.processAuthnRequest(authnRequest, bPostAuthn);
        return;
    } catch (Exception se) {
        FSUtils.debug.error("FSSSOAndFedService: Exception occured:", se);
        try {
            response.sendError(response.SC_INTERNAL_SERVER_ERROR, se.getMessage());
        } catch (IOException ex) {
            FSUtils.debug.error("FSSSOAndFedService: Exception occured " + ex.getMessage());
        }
        return;
    }
}
Also used : Extension(com.sun.identity.federation.message.common.Extension) FSServiceManager(com.sun.identity.federation.services.FSServiceManager) SessionException(com.sun.identity.plugin.session.SessionException) List(java.util.List) IOException(java.io.IOException) FSSessionManager(com.sun.identity.federation.services.FSSessionManager) ServletException(javax.servlet.ServletException) SOAPException(javax.xml.soap.SOAPException) SessionException(com.sun.identity.plugin.session.SessionException) FSException(com.sun.identity.federation.common.FSException) IOException(java.io.IOException) FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Example 14 with SessionProvider

use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.

the class FSLogoutUtil method destroyLocalSession.

/**
     * Destroys local session.
     * @param ssoToken session of the principal
     * @return <code>true</code> if the local session is deleted;
     *  <code>false</code> otherwise.
     */
protected static boolean destroyLocalSession(Object ssoToken, HttpServletRequest request, HttpServletResponse response) {
    try {
        FSUtils.debug.message("FSLogoutUtil.destroyLocalSession, enter");
        SessionProvider sessionProvider = SessionManager.getProvider();
        if (sessionProvider.isValid(ssoToken)) {
            MultiProtocolUtils.invalidateSession(ssoToken, request, response, SingleLogoutManager.IDFF);
        }
        FSUtils.debug.message("FSLogoutUtil.destroyLocalSession, deleted");
        return true;
    } catch (SessionException e) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("SessionException in destroyLocalSession", e);
        }
        return false;
    }
}
Also used : SessionException(com.sun.identity.plugin.session.SessionException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Example 15 with SessionProvider

use of com.sun.identity.plugin.session.SessionProvider in project OpenAM by OpenRock.

the class FSLogoutUtil method invalidateActiveSessionIds.

/**
     * Destroys the principal's session information
     * maintained by <code>FSSessionManager</code>.
     * @param sessionObjList the Vector of <code>sessionId</code>s
     * @param request <code>HttpServletRequest</code> object
     * @param response <code>HttpServletResponse</code> object
     */
private static void invalidateActiveSessionIds(Vector sessionObjList, HttpServletRequest request, HttpServletResponse response) {
    FSUtils.debug.message("FSLogoutUtil.invalidateActiveSessionIds, start");
    if (sessionObjList != null && !sessionObjList.isEmpty()) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message(sessionObjList.size() + " Active Session exists");
        }
        SessionProvider sessionProvider = null;
        try {
            sessionProvider = SessionManager.getProvider();
        } catch (SessionException se) {
            FSUtils.debug.error("invalidateActiveSessionIds:" + "Couldn't obtain session provider:", se);
            return;
        }
        for (int i = 0; i < sessionObjList.size(); i++) {
            String sessionId = (String) (((FSSession) sessionObjList.elementAt(i)).getSessionID());
            if (sessionId != null) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("To Invalidate session : " + sessionId);
                }
                //Invalidate session
                try {
                    Object ssoToken = sessionProvider.getSession(sessionId);
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Destroying token : " + sessionProvider.getPrincipalName(ssoToken));
                    }
                    MultiProtocolUtils.invalidateSession(ssoToken, request, response, SingleLogoutManager.IDFF);
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Completed Destroying token for sessionID :" + sessionId);
                    }
                } catch (SessionException e) {
                    FSUtils.debug.error("invalidateActiveSessionIds : " + sessionId + " - ", e);
                    continue;
                }
            }
        }
    } else {
        FSUtils.debug.message("No active Session exists");
    }
}
Also used : FSSession(com.sun.identity.federation.services.FSSession) SessionException(com.sun.identity.plugin.session.SessionException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Aggregations

SessionProvider (com.sun.identity.plugin.session.SessionProvider)66 SessionException (com.sun.identity.plugin.session.SessionException)61 SAMLException (com.sun.identity.saml.common.SAMLException)22 List (java.util.List)15 IOException (java.io.IOException)14 FSException (com.sun.identity.federation.common.FSException)13 HashMap (java.util.HashMap)12 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)11 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)10 Set (java.util.Set)10 FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)9 FSSession (com.sun.identity.federation.services.FSSession)9 FSSessionManager (com.sun.identity.federation.services.FSSessionManager)9 ArrayList (java.util.ArrayList)9 Iterator (java.util.Iterator)8 Map (java.util.Map)8 FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)6 Assertion (com.sun.identity.saml.assertion.Assertion)6 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)6 HashSet (java.util.HashSet)6