Example 31 with NameIdentifier
use of com.sun.identity.saml.assertion.NameIdentifier in project OpenAM by OpenRock.
the class IPSigninRequest method sendResponse.
/**
* Sends <code>RequestSecurityTokenResponse</code> containing an
* <code>Assertion</code> back to the requesting service provider
*/
private void sendResponse(Object session, String idpEntityId, String spEntityId, String idpMetaAlias, String realm) throws WSFederationException, IOException {
String classMethod = "IDPSSOFederate.sendResponse: ";
/*
String nameIDFormat = null;
NameIDPolicy policy = authnReq.getNameIDPolicy();
if (policy != null) {
nameIDFormat = policy.getFormat();
}
*/
String acsURL = IDPSSOUtil.getACSurl(spEntityId, realm, wreply);
if ((acsURL == null) || (acsURL.trim().length() == 0)) {
debug.error(classMethod + "no ACS URL found.");
String[] data = { realm, spEntityId, wreply };
LogUtil.error(Level.INFO, LogUtil.NO_ACS_URL, data, null);
throw new WSFederationException(WSFederationUtils.bundle.getString("unableTofindACSURL"));
}
WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
IDPSSOConfigElement idpConfig = metaManager.getIDPSSOConfig(realm, idpEntityId);
if (idpConfig == null) {
debug.error(classMethod + "cannot find configuration for IdP " + idpEntityId);
throw new WSFederationException(WSFederationUtils.bundle.getString("unableToFindIDPConfiguration"));
}
SPSSOConfigElement spConfig = metaManager.getSPSSOConfig(realm, spEntityId);
if (spConfig == null) {
debug.error(classMethod + "cannot find configuration for SP " + spEntityId);
throw new WSFederationException(WSFederationUtils.bundle.getString("unableToFindSPConfiguration"));
}
String authMethod = null;
String authSSOInstant = null;
String userid = null;
try {
authMethod = WSFederationUtils.sessionProvider.getProperty(session, SessionProvider.AUTH_METHOD)[0];
authSSOInstant = WSFederationUtils.sessionProvider.getProperty(session, SessionProvider.AUTH_INSTANT)[0];
userid = WSFederationUtils.sessionProvider.getProperty(session, "UserId")[// ISAuthConstants.USER_ID
0];
} catch (SessionException se) {
throw new WSFederationException(se);
}
IDPAttributeMapper attrMapper = getIDPAttributeMapper(WSFederationMetaUtils.getAttributes(idpConfig));
IDPAccountMapper accountMapper = getIDPAccountMapper(WSFederationMetaUtils.getAttributes(idpConfig));
List attributes = attrMapper.getAttributes(session, idpEntityId, spEntityId, realm);
Date authInstant = null;
if (authSSOInstant == null || authSSOInstant.equals("")) {
authInstant = new Date();
} else {
try {
authInstant = DateUtils.stringToDate(authSSOInstant);
} catch (ParseException pe) {
throw new WSFederationException(pe);
}
}
NameIdentifier ni = accountMapper.getNameID(session, realm, idpEntityId, spEntityId);
int notBeforeSkew = SAML2Constants.NOTBEFORE_ASSERTION_SKEW_DEFAULT;
String notBeforeSkewStr = WSFederationMetaUtils.getAttribute(idpConfig, SAML2Constants.ASSERTION_NOTBEFORE_SKEW_ATTRIBUTE);
if (notBeforeSkewStr != null) {
try {
notBeforeSkew = Integer.parseInt(notBeforeSkewStr);
if (debug.messageEnabled()) {
debug.message(classMethod + "got not before skew from config:" + notBeforeSkew);
}
} catch (NumberFormatException nfe) {
debug.error(classMethod + "Failed to get not before skew from IDP SSO config: ", nfe);
throw new WSFederationException(nfe);
}
}
int effectiveTime = SAML2Constants.ASSERTION_EFFECTIVE_TIME;
String effectiveTimeStr = WSFederationMetaUtils.getAttribute(idpConfig, SAML2Constants.ASSERTION_EFFECTIVE_TIME_ATTRIBUTE);
if (effectiveTimeStr != null) {
try {
effectiveTime = Integer.parseInt(effectiveTimeStr);
if (debug.messageEnabled()) {
debug.message(classMethod + "got effective time from config:" + effectiveTime);
}
} catch (NumberFormatException nfe) {
debug.error(classMethod + "Failed to get assertion effective time from " + "IDP SSO config: ", nfe);
throw new WSFederationException(nfe);
}
}
String strWantAssertionSigned = WSFederationMetaUtils.getAttribute(spConfig, WSFederationConstants.WANT_ASSERTION_SIGNED);
// By default, we want to sign assertions
boolean wantAssertionSigned = (strWantAssertionSigned != null) ? Boolean.parseBoolean(strWantAssertionSigned) : true;
String certAlias = WSFederationMetaUtils.getAttribute(idpConfig, SAML2Constants.SIGNING_CERT_ALIAS);
if (wantAssertionSigned && certAlias == null) {
// SP wants us to sign the assertion, but we don't have a signing
// cert
debug.error(classMethod + "SP wants signed assertion, but no signing cert is " + "configured");
throw new WSFederationException(WSFederationUtils.bundle.getString("noIdPCertAlias"));
}
if (!wantAssertionSigned) {
// SP doesn't want us to sign the assertion, so pass null certAlias
// to indicate no assertion signature required
certAlias = null;
}
// generate a response for the authn request
RequestSecurityTokenResponse rstr = new RequestSecurityTokenResponse(new SAML11RequestedSecurityToken(realm, spEntityId, idpEntityId, notBeforeSkew, effectiveTime, certAlias, authMethod, authInstant, ni, attributes), wtrealm);
if (rstr == null) {
debug.error(classMethod + "response is null");
String errorMsg = WSFederationUtils.bundle.getString("UnableToCreateAssertion");
/*
res = IDPSSOUtil.getErrorResponse(authnReq,
SAML2Constants.RESPONDER, errorMsg, idpEntityID);
*/
return;
} else {
try {
String[] values = { idpMetaAlias };
// Add SP to SP list in session
String[] spList = WSFederationUtils.sessionProvider.getProperty(session, WSFederationConstants.SESSION_SP_LIST);
ArrayList<String> newSpList = (spList != null) ? new ArrayList<String>(Arrays.asList(spList)) : new ArrayList<String>();
if (!newSpList.contains(spEntityId)) {
newSpList.add(spEntityId);
WSFederationUtils.sessionProvider.setProperty(session, WSFederationConstants.SESSION_SP_LIST, newSpList.toArray(new String[0]));
}
} catch (SessionException e) {
debug.error(classMethod + "error setting idpMetaAlias into the session: ", e);
}
try {
postToTarget(rstr, acsURL);
} catch (ServletException se) {
throw new WSFederationException(se);
}
}
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
IDPAccountMapper(com.sun.identity.wsfederation.plugins.IDPAccountMapper)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
SPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.SPSSOConfigElement)
SessionException(com.sun.identity.plugin.session.SessionException)
IDPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)
Date(java.util.Date)
ServletException(javax.servlet.ServletException)
SAML11RequestedSecurityToken(com.sun.identity.wsfederation.profile.SAML11RequestedSecurityToken)
IDPAttributeMapper(com.sun.identity.wsfederation.plugins.IDPAttributeMapper)
ArrayList(java.util.ArrayList)
List(java.util.List)
ParseException(java.text.ParseException)
RequestSecurityTokenResponse(com.sun.identity.wsfederation.profile.RequestSecurityTokenResponse)
Example 32 with NameIdentifier
use of com.sun.identity.saml.assertion.NameIdentifier in project OpenAM by OpenRock.
the class DefaultLibrarySPAccountMapper method getIdentity.
/**
* Returns the user's disntinguished name or the universal ID for the
* corresponding <code>SAML</code> <code>Assertion</code>. This method
* will be invoked by the <code>WS-Federation</code> framework while
* processing the <code>Assertion</code> and retrieves the identity
* information. The implementation of this method checks for
* the user for the corresponding name identifier in the assertion.
*
* @param rstr Request Security Token Response.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param realm realm or the organization name that may be used to find
* the user information.
* @return user's disntinguished name or the universal ID.
* @exception WSFederationException if any failure.
*/
public String getIdentity(RequestSecurityTokenResponse rstr, String hostEntityID, String realm) throws WSFederationException {
if (rstr == null) {
throw new WSFederationException(bundle.getString("nullRstr"));
}
if (hostEntityID == null) {
throw new WSFederationException(bundle.getString("nullHostEntityID"));
}
if (realm == null) {
throw new WSFederationException(bundle.getString("nullRealm"));
}
SAML11RequestedSecurityToken rst = (SAML11RequestedSecurityToken) rstr.getRequestedSecurityToken();
Subject subject = null;
Assertion assertion = rst.getAssertion();
Iterator iter = assertion.getStatement().iterator();
while (iter.hasNext()) {
Statement statement = (Statement) iter.next();
if (statement.getStatementType() == Statement.AUTHENTICATION_STATEMENT) {
subject = ((SubjectStatement) statement).getSubject();
break;
}
}
NameIdentifier nameID = subject.getNameIdentifier();
String userID = null;
String format = nameID.getFormat();
String remoteEntityID = WSFederationUtils.getMetaManager().getEntityByTokenIssuerName(realm, assertion.getIssuer());
if (debug.messageEnabled()) {
debug.message("DefaultLibrarySPAccountMapper.getIdentity(Assertion):" + " realm = " + realm + " hostEntityID = " + hostEntityID);
}
try {
userID = dsProvider.getUserID(realm, getSearchParameters(nameID, realm, hostEntityID, remoteEntityID));
} catch (DataStoreProviderException dse) {
debug.error("DefaultLibrarySPAccountMapper.getIdentity(Assertion): " + "DataStoreProviderException", dse);
throw new WSFederationException(dse);
}
return userID;
}
Also used :
SAML11RequestedSecurityToken(com.sun.identity.wsfederation.profile.SAML11RequestedSecurityToken)
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
SubjectStatement(com.sun.identity.saml.assertion.SubjectStatement)
Statement(com.sun.identity.saml.assertion.Statement)
Assertion(com.sun.identity.saml.assertion.Assertion)
Iterator(java.util.Iterator)
Subject(com.sun.identity.saml.assertion.Subject)
Example 33 with NameIdentifier
use of com.sun.identity.saml.assertion.NameIdentifier in project OpenAM by OpenRock.
the class DefaultPartnerAccountMapper method getUser.
protected void getUser(Subject subject, String sourceID, Map<String, String> map) {
// No need to check SSO in SubjectConfirmation here
// since AssertionManager will handle it without calling account mapper
NameIdentifier nameIdentifier = subject.getNameIdentifier();
if (nameIdentifier != null) {
String name = nameIdentifier.getName();
String org = nameIdentifier.getNameQualifier();
String rootSuffix = SMSEntry.getRootSuffix();
if (name != null && (name.length() != 0)) {
if (org != null && (org.length() != 0)) {
DN dn1 = DN.valueOf(name);
DN dn2 = DN.valueOf(org);
if (dn1.isInScopeOf(dn2, SearchScope.SUBORDINATES)) {
StringBuilder sb = new StringBuilder(50);
for (RDN rdn : dn1) {
sb.append(rdn.toString()).append(",");
}
sb.append(rootSuffix);
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultPAccountMapper: " + "name = " + sb.toString());
}
map.put(NAME, sb.toString());
} else {
SAMLUtils.debug.warning("DefaultPAMapper:to anonymous");
// map to anonymous user
map.put(NAME, ANONYMOUS_USER);
}
} else {
SAMLUtils.debug.warning("DefaultAccountMapper: Org null.");
// map to anonymous user
map.put(NAME, ANONYMOUS_USER);
}
} else {
SAMLUtils.debug.warning("DefaultAccountMapper: Name is null");
// map to anonymous user
map.put(NAME, ANONYMOUS_USER);
}
map.put(ORG, "/");
}
}
Also used :
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
RDN(org.forgerock.opendj.ldap.RDN)
DN(org.forgerock.opendj.ldap.DN)
RDN(org.forgerock.opendj.ldap.RDN)
Example 34 with NameIdentifier
use of com.sun.identity.saml.assertion.NameIdentifier in project OpenAM by OpenRock.
the class NameIDPartnerAccountMapper method getUser.
protected void getUser(Subject subject, String sourceID, Map map) {
// Get name id
NameIdentifier nameIdentifier = subject.getNameIdentifier();
if (nameIdentifier != null) {
String name = nameIdentifier.getName();
if (name != null && (!name.equals(""))) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("NameIDPartnerAccountMapper: name=" + name);
}
map.put(NAME, getUserName(name));
} else {
SAMLUtils.debug.warning("NameIDPAccountMapper: Name is null");
map.put(NAME, ANONYMOUS_USER);
}
String rootSuffix = SMSEntry.getRootSuffix();
map.put(ORG, "/");
}
}
Also used :
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
Example 35 with NameIdentifier
use of com.sun.identity.saml.assertion.NameIdentifier in project OpenAM by OpenRock.
the class FSAssertionArtifactHandler method processAuthnResponse.
/**
* Processes <code>FSAuthnResponse</code>.
* @param authnResponse <code>FSAuthnResponse</code> objec to be processed
*/
public void processAuthnResponse(FSAuthnResponse authnResponse) {
FSUtils.debug.message("FSAssertionArtifactHandler.ProcessAuthnResponse: Called");
this.authnResponse = authnResponse;
// Call SP adapter SPI
FederationSPAdapter spAdapter = FSServiceUtils.getSPAdapter(hostEntityId, hostConfig);
if (spAdapter != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler, POST" + " Invokde spAdapter.preSSOFederationProcess");
}
try {
spAdapter.preSSOFederationProcess(hostEntityId, request, response, authnRequest, authnResponse, null);
} catch (Exception e) {
// log run time exception in Adapter
// implementation, continue
FSUtils.debug.error("FSAssertionArtifactHandler" + " SPAdapter.preSSOFederationSuccess", e);
}
}
String baseURL = FSServiceUtils.getBaseURL(request);
String framedLoginPageURL = FSServiceUtils.getCommonLoginPageURL(hostMetaAlias, authnRequest.getRelayState(), null, request, baseURL);
this.relayState = authnRequest.getRelayState();
if ((this.relayState == null) || (this.relayState.trim().length() == 0)) {
this.relayState = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.PROVIDER_HOME_PAGE_URL);
if ((this.relayState == null) || (this.relayState.trim().length() == 0)) {
this.relayState = baseURL + IFSConstants.SP_DEFAULT_RELAY_STATE;
}
}
try {
if (authnResponse == null) {
String[] data = { FSUtils.bundle.getString("missingAuthnResponse") };
LogUtil.error(Level.INFO, LogUtil.MISSING_AUTHN_RESPONSE, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("missingAuthnResponse") + " AuthnRequest Processing Failed at the IDP " + "Redirecting to the Framed Login Page");
response.sendRedirect(framedLoginPageURL);
return;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler.doPost:Received " + authnResponse.toXMLString());
}
boolean valid = verifyResponseStatus(authnResponse);
if (!valid) {
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
// clean request map
String inResponseTo = authnResponse.getInResponseTo();
sessionManager.removeAuthnRequest(inResponseTo);
String[] data = { authnResponse.toXMLString() };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_RESPONSE, data, ssoToken);
FSUtils.debug.warning("FSAssertionArtifactHandler." + " processAuthnResponse: " + FSUtils.bundle.getString("invalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
if ((spAdapter == null) || !(spAdapter.postSSOFederationFailure(hostEntityId, request, response, authnRequest, authnResponse, null, FederationSPAdapter.INVALID_AUTHN_RESPONSE))) {
response.sendRedirect(framedLoginPageURL);
}
return;
}
// check Assertion
List assertions = authnResponse.getAssertion();
FSSubject validSubject = (FSSubject) validateAssertions(assertions);
if (validSubject == null) {
String[] data = { FSUtils.bundle.getString("invalidAssertion") };
LogUtil.error(Level.INFO, LogUtil.INVALID_ASSERTION, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("InvalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
response.sendRedirect(framedLoginPageURL);
return;
}
FSSessionManager sessionManager = FSSessionManager.getInstance(hostMetaAlias);
if (doFederate) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler." + "processAuthnResponse: Initiate Account Federation");
}
NameIdentifier ni = validSubject.getIDPProvidedNameIdentifier();
if (ni == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler.processAuthnResponse:" + " IDPProvided NameIdentifier is null");
}
ni = validSubject.getNameIdentifier();
}
if (ni != null) {
int returnCode = doAccountFederation(ni);
if (returnCode == FederationSPAdapter.SUCCESS) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler." + "processAuthnResponse: Account federation" + " successful");
}
String inResponseTo = authnResponse.getInResponseTo();
sessionManager.removeAuthnRequest(inResponseTo);
sessionManager.removeLocalSessionToken(inResponseTo);
return;
} else {
String[] data = { FSUtils.bundle.getString("AccountFederationFailed") };
LogUtil.error(Level.INFO, LogUtil.ACCOUNT_FEDERATION_FAILED, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("AccountFederationFailed") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
if (spAdapter == null || !spAdapter.postSSOFederationFailure(hostEntityId, request, response, authnRequest, authnResponse, (FSResponse) samlResponse, returnCode)) {
response.sendRedirect(framedLoginPageURL);
}
}
} else {
throw new FSException("missingNIofSubject", null);
}
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler." + "processAuthnResponse: Initiate SingleSign-On");
}
//check for SPProvidedNameIdentifier
NameIdentifier niIdp = validSubject.getIDPProvidedNameIdentifier();
NameIdentifier ni = validSubject.getNameIdentifier();
if (niIdp == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler.processAuthnResponse:" + " IDPProvided NameIdentifier is null");
}
niIdp = ni;
}
if ((niIdp == null) || (ni == null)) {
String[] data = { FSUtils.bundle.getString("invalidResponse") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_RESPONSE, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + " processAuthnResponse: " + FSUtils.bundle.getString("invalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
response.sendRedirect(framedLoginPageURL);
return;
}
String idpHandle = niIdp.getName();
String spHandle = ni.getName();
int handleType;
if ((idpHandle == null) || (spHandle == null)) {
String[] data = { FSUtils.bundle.getString("invalidResponse") };
LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_RESPONSE, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("invalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
response.sendRedirect(framedLoginPageURL);
return;
}
if (idpHandle.equals(spHandle)) {
ni = niIdp;
handleType = IFSConstants.REMOTE_OPAQUE_HANDLE;
} else {
handleType = IFSConstants.LOCAL_OPAQUE_HANDLE;
}
Map env = new HashMap();
env.put(IFSConstants.FS_USER_PROVIDER_ENV_AUTHNRESPONSE_KEY, authnResponse);
int returnCode = doSingleSignOn(ni, handleType, niIdp, env);
if (returnCode == FederationSPAdapter.SUCCESS) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler." + "processAuthnResponse: Accountfederation successful");
}
String requestID = authnResponse.getInResponseTo();
sessionManager.removeAuthnRequest(requestID);
if (isIDPProxyEnabled(requestID)) {
sendProxyResponse(requestID);
return;
}
String[] data = { this.relayState };
LogUtil.access(Level.INFO, LogUtil.ACCESS_GRANTED_REDIRECT_TO, data, ssoToken);
FSUtils.debug.message("ArtifactHandler.notfederated, postSSO");
if (spAdapter != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAssertionArtifactHandler," + " Invoke spAdapter.postSSOFederationSuccess");
}
try {
if (spAdapter.postSSOFederationSuccess(hostEntityId, request, response, ssoToken, authnRequest, authnResponse, null)) {
// return if the SP spi redirection happened
return;
}
} catch (Exception e) {
// log run time exception in Adapter
// implementation, continue
FSUtils.debug.error("FSAssertionArtifadctHandler" + " SPAdapter.postSSOFederationSuccess:", e);
}
}
redirectToResource(this.relayState);
return;
} else {
String[] data = { FSUtils.bundle.getString("SSOfailed") };
LogUtil.error(Level.INFO, LogUtil.SINGLE_SIGNON_FAILED, data, ssoToken);
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("invalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
if (spAdapter == null || !spAdapter.postSSOFederationFailure(hostEntityId, request, response, authnRequest, authnResponse, null, returnCode)) {
response.sendRedirect(framedLoginPageURL);
}
return;
}
}
} catch (Exception e) {
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: Exception Occured: ", e);
try {
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: " + FSUtils.bundle.getString("invalidResponse") + " AuthnRequest Processing Failed at the IDP" + " Redirecting to the Framed Login Page");
response.sendRedirect(framedLoginPageURL);
} catch (IOException ioe) {
FSUtils.debug.error("FSAssertionArtifactHandler." + "processAuthnResponse: IOException Occured: ", ioe);
return;
}
return;
}
}
Also used :
FSSubject(com.sun.identity.federation.message.FSSubject)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
HashMap(java.util.HashMap)
IOException(java.io.IOException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSException(com.sun.identity.federation.common.FSException)
IOException(java.io.IOException)
FSException(com.sun.identity.federation.common.FSException)
List(java.util.List)
ArrayList(java.util.ArrayList)
FSSessionManager(com.sun.identity.federation.services.FSSessionManager)
FederationSPAdapter(com.sun.identity.federation.plugins.FederationSPAdapter)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)39
SAMLException (com.sun.identity.saml.common.SAMLException)17
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)11
FSAccountFedInfo (com.sun.identity.federation.accountmgmt.FSAccountFedInfo)10
FSException (com.sun.identity.federation.common.FSException)10
SessionException (com.sun.identity.plugin.session.SessionException)10
Map (java.util.Map)10
FSAccountFedInfoKey (com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey)9
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)9
HashMap (java.util.HashMap)8
List (java.util.List)8
Set (java.util.Set)6
IDPProvidedNameIdentifier (com.sun.identity.federation.message.common.IDPProvidedNameIdentifier)5
FSSessionManager (com.sun.identity.federation.services.FSSessionManager)5
SessionProvider (com.sun.identity.plugin.session.SessionProvider)5
Iterator (java.util.Iterator)5
FSAssertion (com.sun.identity.federation.message.FSAssertion)4
FSSubject (com.sun.identity.federation.message.FSSubject)4
EncryptedNameIdentifier (com.sun.identity.federation.message.common.EncryptedNameIdentifier)4
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)4
