Example 51 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSAuthnResponseEnvelope method parseXML.
/**
* Returns the <code>FSAuthnResponseEnvelope</code> object.
*
* @param xml the XML string to create this object from
* @return <code>FSAuthnResponseEnvelope</code> object.
* @throws FSMsgException if there is error creating the object.
*/
public static FSAuthnResponseEnvelope parseXML(String xml) throws FSMsgException {
try {
Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug);
Element root = doc.getDocumentElement();
return new FSAuthnResponseEnvelope(root);
} catch (SAMLException ex) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAuthnResponseEnvelope.parseXML: " + "Error while parsing input xml string");
}
throw new FSMsgException("parseError", null);
}
}
Also used :
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
SAMLException(com.sun.identity.saml.common.SAMLException)
Example 52 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSAccountUtils method stringToObject.
/**
* Parses federation information string and put corresponding parts in
* object fields.
*
* @param fedInfoString - String containg federation information.
* @return Account federation information object.
* @throws FSAccountMgmtException if <code>fedInfoString</code> cannot be
* parsed.
*/
public static FSAccountFedInfo stringToObject(String fedInfoString) throws FSAccountMgmtException {
FSAccountFedInfo fedInfoObject = null;
StringTokenizer str = new StringTokenizer(fedInfoString, FED_INFO_DELIM);
String token;
fedInfoObject = new FSAccountFedInfo();
try {
token = str.nextToken();
fedInfoObject.setProviderID(token);
NameIdentifier localNI = null;
NameIdentifier remoteNI = null;
// Local Name Identifier fields.
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
String localName = token;
String localNameQualifier = "";
String localNameFormat = "";
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
localNameQualifier = token;
}
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
localNameFormat = token;
}
try {
localNI = new NameIdentifier(localName, localNameQualifier, localNameFormat);
} catch (SAMLException se) {
FSUtils.debug.error("FSAccountUtils.stringToObject(): " + "SAMLException: ", se);
throw new FSAccountMgmtException(se.getMessage());
}
} else {
// just ignore two tokens.
token = str.nextToken();
token = str.nextToken();
}
fedInfoObject.setLocalNameIdentifier(localNI);
// Remote Name Identifier fields.
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
String remoteName = token;
String remoteNameQualifier = "";
String remoteNameFormat = "";
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
remoteNameQualifier = token;
}
token = str.nextToken();
if (!token.equalsIgnoreCase("null")) {
remoteNameFormat = token;
}
try {
remoteNI = new NameIdentifier(remoteName, remoteNameQualifier, remoteNameFormat);
} catch (SAMLException se) {
FSUtils.debug.error("FSAccountUtils.stringToObject(): " + "SAMLException: ", se);
throw new FSAccountMgmtException(se.getMessage());
}
} else {
// just ignore two tokens.
token = str.nextToken();
token = str.nextToken();
}
fedInfoObject.setRemoteNameIdentifier(remoteNI);
token = str.nextToken();
if (token.equalsIgnoreCase("IDPRole")) {
fedInfoObject.setRole(true);
} else if (token.equalsIgnoreCase("SPRole")) {
fedInfoObject.setRole(false);
} else {
FSUtils.debug.error("FSAccountUtils.stringToObject():" + " You have modified IDP/SP Role" + " in iDS :: set it to IDPRole/SPRole ");
throw new FSAccountMgmtException(IFSConstants.INVALID_ACT_FED_INFO_IN_IDS, null);
}
token = str.nextToken();
if (token.equalsIgnoreCase("Active")) {
fedInfoObject.activateFedStatus();
} else if (token.equalsIgnoreCase("InActive")) {
fedInfoObject.deActivateFedStatus();
} else {
FSUtils.debug.error("FSAccountUtils.stringToObject():" + " You have modified Active/InActive in iDS ");
throw new FSAccountMgmtException(IFSConstants.INVALID_ACT_FED_INFO_IN_IDS, null);
}
if (str.hasMoreTokens()) {
token = str.nextToken();
if (token != null && token.equalsIgnoreCase(IFSConstants.AFFILIATED)) {
fedInfoObject.setAffiliation(true);
}
}
} catch (NoSuchElementException nsee) {
FSUtils.debug.error("FSAccountUtils.stringToObject() : NoSuchElementException: ", nsee);
throw new FSAccountMgmtException(nsee.getMessage());
}
return fedInfoObject;
}
Also used :
StringTokenizer(java.util.StringTokenizer)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
SAMLException(com.sun.identity.saml.common.SAMLException)
NoSuchElementException(java.util.NoSuchElementException)
Example 53 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSDefaultRealmAttributePlugin method getAttributeStatements.
/**
* Returns list of <code>AttributeStatement</code>s by using attribute
* map defined in the configuration.
* @param realm The realm under which the entity resides.
* @param hostEntityId Hosted identity provider entity id.
* @param remoteEntityID Remote provider's entity id
* @param subject Subject subject of the authenticated principal.
* @param token user's session.
* @return list of SAML <code>AttributeStatement<code>s.
*/
public List getAttributeStatements(String realm, String hostEntityId, String remoteEntityID, FSSubject subject, Object token) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttributeStatements");
Map attributeMap = null;
try {
IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
if (metaManager != null) {
IDPDescriptorConfigElement idpConfig = metaManager.getIDPDescriptorConfig(realm, hostEntityId);
if (idpConfig != null) {
Map attributes = IDFFMetaUtils.getAttributes(idpConfig);
attributeMap = FSServiceUtils.parseAttributeConfig((List) attributes.get(IFSConstants.IDP_ATTRIBUTE_MAP));
}
}
} catch (IDFFMetaException me) {
FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" + "Statements: meta exception.", me);
return null;
}
if (attributeMap == null || attributeMap.isEmpty()) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: Attribute map configuration is empty.");
}
return null;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: Attribute map configuration: " + attributeMap);
}
}
List statements = new ArrayList();
List attributes = new ArrayList();
try {
Iterator iter = attributeMap.entrySet().iterator();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
String attributeName = (String) entry.getKey();
String attributeValue = getAttributeValue(token, (String) entry.getValue());
if (attributeValue != null) {
Attribute attr = new Attribute(attributeName, SAMLConstants.assertionSAMLNameSpaceURI, attributeValue);
attributes.add(attr);
}
}
AttributeStatement statement = new AttributeStatement(subject, attributes);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSDefaultAttributePlugin.getAttribute" + "Statements: attribute statement: " + statement.toString());
}
statements.add(statement);
return statements;
} catch (SAMLException ex) {
FSUtils.debug.error("FSDefaultAttributePlugin.getAttribute" + "Statements: SAML Exception", ex);
}
return new ArrayList();
}
Also used :
Attribute(com.sun.identity.saml.assertion.Attribute)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ArrayList(java.util.ArrayList)
SAMLException(com.sun.identity.saml.common.SAMLException)
IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
IDPDescriptorConfigElement(com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement)
Map(java.util.Map)
Example 54 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSRegistrationReturnServlet method doGetPost.
/**
* Handles the request.
* @param request <code>HttpServletRequest</code> object that contains the
* request the client has made of the servlet.
* @param response <code>HttpServletResponse</code> object that contains
* the response the servlet sends to the client.
* @exception ServletException if an input or output error is detected when
* the servlet handles the request
* @exception IOException if the request could not be handled
*/
private void doGetPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
FSUtils.debug.message("FSRegistrationReturnServlet doGetPost...");
String providerAlias = "";
providerAlias = FSServiceUtils.getMetaAlias(request);
if (providerAlias == null || providerAlias.length() < 1) {
FSUtils.debug.error("Unable to retrieve alias, Hosted" + " Provider. Cannot process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("aliasNotFound"));
return;
}
if (metaManager == null) {
FSUtils.debug.error("Cannot retrieve hosted descriptor. " + "Cannot process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString(IFSConstants.FAILED_HOSTED_DESCRIPTOR));
return;
}
String realm = IDFFMetaUtils.getRealmByMetaAlias(providerAlias);
ProviderDescriptorType hostedProviderDesc = null;
BaseConfigType hostedConfig = null;
String hostedEntityId = null;
String hostedProviderRole = null;
try {
hostedProviderRole = metaManager.getProviderRoleByMetaAlias(providerAlias);
hostedEntityId = metaManager.getEntityIDByMetaAlias(providerAlias);
if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.IDP)) {
hostedProviderDesc = metaManager.getIDPDescriptor(realm, hostedEntityId);
hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostedEntityId);
} else if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
hostedProviderDesc = metaManager.getSPDescriptor(realm, hostedEntityId);
hostedConfig = metaManager.getSPDescriptorConfig(realm, hostedEntityId);
}
if (hostedProviderDesc == null) {
throw new IDFFMetaException((String) null);
}
} catch (IDFFMetaException eam) {
FSUtils.debug.error("Unable to find Hosted Provider. not process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString(IFSConstants.FAILED_HOSTED_DESCRIPTOR));
return;
}
this.request = request;
setRegistrationURL(hostedConfig, providerAlias);
// Here we will need to
// 1. verify response signature
// 2. verify response status
// 3. retrieve registration request Id from Map
// 4. if status success then do locally else not do locally and
// 5. show status page or LRURL if found in MAP
// (eg intersiteTransfer)
FSNameRegistrationResponse regisResponse = null;
try {
regisResponse = FSNameRegistrationResponse.parseURLEncodedRequest(request);
} catch (FSMsgException e) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
} catch (SAMLException e) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
}
String remoteEntityId = regisResponse.getProviderId();
ProviderDescriptorType remoteDesc = null;
boolean isIDP = false;
try {
if (hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
remoteDesc = metaManager.getIDPDescriptor(realm, remoteEntityId);
isIDP = true;
} else {
remoteDesc = metaManager.getSPDescriptor(realm, remoteEntityId);
}
} catch (IDFFMetaException e) {
FSUtils.debug.error("FSRegistrationReturnServlet:", e);
}
if (remoteDesc == null) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
}
boolean bVerify = true;
try {
if (FSServiceUtils.isSigningOn()) {
bVerify = verifyResponseSignature(request, remoteDesc, remoteEntityId, isIDP);
}
} catch (SAMLException e) {
bVerify = false;
} catch (FSException e) {
bVerify = false;
}
if (bVerify) {
FSNameRegistrationHandler handlerObj = new FSNameRegistrationHandler();
handlerObj.setHostedDescriptor(hostedProviderDesc);
handlerObj.setHostedDescriptorConfig(hostedConfig);
handlerObj.setHostedEntityId(hostedEntityId);
handlerObj.setHostedProviderRole(hostedProviderRole);
handlerObj.setMetaAlias(providerAlias);
handlerObj.setRemoteEntityId(remoteEntityId);
handlerObj.setRemoteDescriptor(remoteDesc);
handlerObj.setRealm(realm);
handlerObj.processRegistrationResponse(request, response, regisResponse);
return;
} else {
FSUtils.debug.error("FSRegistrationReturnServlet " + "Signature on registration request is invalid" + "Cannot proceed name registration");
String[] data = { FSUtils.bundle.getString(IFSConstants.REGISTRATION_INVALID_SIGNATURE) };
LogUtil.error(Level.INFO, LogUtil.INVALID_SIGNATURE, data);
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
}
}
Also used :
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)
FSNameRegistrationResponse(com.sun.identity.federation.message.FSNameRegistrationResponse)
FSException(com.sun.identity.federation.common.FSException)
SAMLException(com.sun.identity.saml.common.SAMLException)
Example 55 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSRegistrationRequestServlet method doGetPost.
/**
* Handles registration request.
* in the application
* @param request <code>HttpServletRequest</code> object that contains the
* request the client has made of the servlet.
* @param response <code>HttpServletResponse</code> object that contains
* the response the servlet sends to the client.
* @exception IOException if the request could not be handled
*/
private void doGetPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// Alias processing
String providerAlias = FSServiceUtils.getMetaAlias(request);
if (providerAlias == null || providerAlias.length() < 1) {
FSUtils.debug.error("Unable to retrieve alias, Hosted " + "Provider. Cannot process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString("aliasNotFound"));
return;
}
if (metaManager == null) {
FSUtils.debug.error("Cannot retrieve hosted descriptor. " + "Cannot process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString(IFSConstants.FAILED_HOSTED_DESCRIPTOR));
return;
}
String realm = IDFFMetaUtils.getRealmByMetaAlias(providerAlias);
ProviderDescriptorType hostedProviderDesc = null;
BaseConfigType hostedConfig = null;
String hostedEntityId = null;
String hostedProviderRole = null;
try {
hostedProviderRole = metaManager.getProviderRoleByMetaAlias(providerAlias);
hostedEntityId = metaManager.getEntityIDByMetaAlias(providerAlias);
if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.IDP)) {
hostedProviderDesc = metaManager.getIDPDescriptor(realm, hostedEntityId);
hostedConfig = metaManager.getIDPDescriptorConfig(realm, hostedEntityId);
} else if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
hostedProviderDesc = metaManager.getSPDescriptor(realm, hostedEntityId);
hostedConfig = metaManager.getSPDescriptorConfig(realm, hostedEntityId);
}
if (hostedProviderDesc == null) {
throw new IDFFMetaException((String) null);
}
} catch (IDFFMetaException eam) {
FSUtils.debug.error("Unable to find Hosted Provider. not process request");
response.sendError(response.SC_INTERNAL_SERVER_ERROR, FSUtils.bundle.getString(IFSConstants.FAILED_HOSTED_DESCRIPTOR));
return;
}
this.request = request;
setRegistrationURL(hostedConfig, providerAlias);
FSNameRegistrationRequest regisRequest = new FSNameRegistrationRequest();
try {
regisRequest = FSNameRegistrationRequest.parseURLEncodedRequest(request);
} catch (FSMsgException e) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
} catch (SAMLException e) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
return;
}
if (regisRequest == null) {
FSServiceUtils.showErrorPage(response, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_REQUEST_IMPROPER, IFSConstants.REGISTRATION_FAILED);
} else {
doRequestProcessing(request, response, hostedProviderDesc, hostedConfig, hostedProviderRole, realm, hostedEntityId, providerAlias, regisRequest);
}
}
Also used :
BaseConfigType(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)
FSNameRegistrationRequest(com.sun.identity.federation.message.FSNameRegistrationRequest)
SAMLException(com.sun.identity.saml.common.SAMLException)
Aggregations
SAMLException (com.sun.identity.saml.common.SAMLException)86
SessionException (com.sun.identity.plugin.session.SessionException)30
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)26
List (java.util.List)23
SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)19
ArrayList (java.util.ArrayList)19
FSException (com.sun.identity.federation.common.FSException)17
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)17
Iterator (java.util.Iterator)17
XMLSignatureManager (com.sun.identity.saml.xmlsig.XMLSignatureManager)16
SessionProvider (com.sun.identity.plugin.session.SessionProvider)15
Assertion (com.sun.identity.saml.assertion.Assertion)15
Set (java.util.Set)15
Attribute (com.sun.identity.saml.assertion.Attribute)13
Element (org.w3c.dom.Element)13
ParseException (java.text.ParseException)12
Map (java.util.Map)12
Status (com.sun.identity.saml.protocol.Status)11
Document (org.w3c.dom.Document)11
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10
