Example 56 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSRegistrationRequestServlet method doRequestProcessing.
/**
* Called when a registration request is received from
* a remote provider. Initiates registration request processing.
* @param request <code>HTTPServletRequest</code> object received via a
* HTTP Redirect
* @param response <code>HTTPServletResponse</code> object to send the
* response back to user agent
* @param hostedProviderDesc the provider for whom request is received
* @param hostedConfig hosted provider's extended meta
* @param hostedProviderRole hosted provider's role
* @param realm the realm under which the provider resides
* @param hostedEntityId hosted provider's entity ID
* @param providerAlias hosted provider's meta alias
* @param regisRequest the federation registration request
*/
private void doRequestProcessing(HttpServletRequest request, HttpServletResponse response, ProviderDescriptorType hostedProviderDesc, BaseConfigType hostedConfig, String hostedProviderRole, String realm, String hostedEntityId, String providerAlias, FSNameRegistrationRequest regisRequest) {
FSUtils.debug.message("Entered FSRegistrationRequestServlet::doRequestProcessing");
String remoteEntityId = regisRequest.getProviderId();
String retURL = null;
ProviderDescriptorType remoteDesc = null;
boolean isIDP = false;
try {
if (hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
remoteDesc = metaManager.getIDPDescriptor(realm, remoteEntityId);
isIDP = true;
} else {
remoteDesc = metaManager.getSPDescriptor(realm, remoteEntityId);
}
retURL = remoteDesc.getRegisterNameIdentifierServiceReturnURL();
} catch (IDFFMetaException e) {
FSUtils.debug.error("FSRegistrationRequestServlet.doRequest " + "Processing: Can not retrieve remote provider data." + remoteEntityId);
String[] data = { remoteEntityId, realm };
LogUtil.error(Level.INFO, LogUtil.INVALID_PROVIDER, data);
FSServiceUtils.returnToSource(response, retURL, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_FAILED, IFSConstants.METADATA_ERROR);
return;
}
boolean bVerify = true;
if (FSServiceUtils.isSigningOn()) {
try {
if (remoteDesc != null) {
FSUtils.debug.message("Calling verifyRegistrationSignature");
bVerify = verifyRegistrationSignature(request, remoteDesc, remoteEntityId, isIDP);
} else {
FSUtils.debug.error("Cannot retrieve provider descriptor.");
String[] data = { remoteEntityId, realm };
LogUtil.error(Level.INFO, LogUtil.INVALID_PROVIDER, data);
FSServiceUtils.returnToSource(response, retURL, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_FAILED, IFSConstants.METADATA_ERROR);
return;
}
} catch (FSException e) {
FSUtils.debug.error("FSRegistrationRequestServlet::processRegistrationRequest " + "Signature on registration request is invalid" + "Cannot proceed federation registration");
String[] data = { FSUtils.bundle.getString(IFSConstants.REGISTRATION_INVALID_SIGNATURE) };
LogUtil.error(Level.INFO, LogUtil.INVALID_SIGNATURE, data);
FSServiceUtils.returnToSource(response, retURL, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_FAILED, IFSConstants.METADATA_ERROR);
return;
} catch (SAMLException e) {
FSUtils.debug.error("FSRegistrationRequestServlet::processRegistrationRequest" + "Signature on registration request is invalid" + "Cannot proceed federation registration");
String[] data = { FSUtils.bundle.getString(IFSConstants.REGISTRATION_INVALID_SIGNATURE) };
LogUtil.error(Level.INFO, LogUtil.INVALID_SIGNATURE, data);
FSServiceUtils.returnToSource(response, retURL, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_FAILED, IFSConstants.METADATA_ERROR);
return;
}
}
if (bVerify) {
// Check if trusted provider
if (metaManager.isTrustedProvider(realm, hostedEntityId, remoteEntityId)) {
FSNameRegistrationHandler regisHandler = new FSNameRegistrationHandler();
if (regisHandler != null) {
regisHandler.setHostedDescriptor(hostedProviderDesc);
regisHandler.setHostedDescriptorConfig(hostedConfig);
regisHandler.setRemoteDescriptor(remoteDesc);
regisHandler.setRemoteEntityId(remoteEntityId);
regisHandler.setHostedEntityId(hostedEntityId);
regisHandler.setHostedProviderRole(hostedProviderRole);
regisHandler.setMetaAlias(providerAlias);
regisHandler.setRealm(realm);
regisHandler.processRegistrationRequest(request, response, regisRequest);
return;
} else {
FSUtils.debug.error("Unable to get registration " + "handler. User account Not valid");
}
} else {
FSUtils.debug.error("Remote provider not in trusted list");
}
} else {
FSUtils.debug.error("FSRegistrationRequestServlet::doRequestProcesing " + "Signature on registration request is invalid" + "Cannot proceed name registration");
String[] data = { FSUtils.bundle.getString(IFSConstants.REGISTRATION_INVALID_SIGNATURE) };
LogUtil.error(Level.INFO, LogUtil.INVALID_SIGNATURE, data);
}
FSServiceUtils.returnToSource(response, retURL, COMMON_ERROR_PAGE, IFSConstants.REGISTRATION_FAILED, IFSConstants.METADATA_ERROR);
return;
}
Also used :
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)
FSException(com.sun.identity.federation.common.FSException)
SAMLException(com.sun.identity.saml.common.SAMLException)
Example 57 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSSingleLogoutHandler method verifyResponseSignature.
private boolean verifyResponseSignature(SOAPMessage msg) {
FSUtils.debug.message("Entered FSLogoutResponse::verifyResponseSignature");
try {
X509Certificate cert = KeyUtil.getVerificationCert(remoteDescriptor, remoteEntityId, !hostedRole.equalsIgnoreCase(IFSConstants.IDP));
if (cert == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Logout.verifyResponseSignature" + "couldn't obtain this site's cert.");
}
throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT));
}
XMLSignatureManager manager = XMLSignatureManager.getInstance();
Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
return manager.verifyXMLSignature(doc, cert);
} catch (SAMLException e) {
FSUtils.debug.error("Error in verifying response:", e);
return false;
}
}
Also used :
XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager)
Document(org.w3c.dom.Document)
SAMLException(com.sun.identity.saml.common.SAMLException)
X509Certificate(java.security.cert.X509Certificate)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
Example 58 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSNameRegistrationHandler method generateNameIdentifier.
/**
* Generates the <code>SPProvidedNameIdentifier</code> that will be
* communicated to the IDP. The IDP will in all future communication use
* this Name Identifier instead of the
* <code>IDPProvidedNameIdentifier</code>.
* @return Service Provider generated Name identifier
*/
private NameIdentifier generateNameIdentifier() {
try {
FSUtils.debug.message("Entered FSNameRegistrationHandler::generateNameIdentifier");
NameIdentifier nameIdentifier;
FSNameIdentifierHelper nameHelper = new FSNameIdentifierHelper(hostedConfig);
String handleName = nameHelper.createNameIdentifier();
if (handleName == null || handleName.trim().length() < 1) {
FSUtils.debug.error("FSNameIdentifierHelper::createNameIdentif" + "ier returned null");
return null;
} else {
FSUtils.debug.message("To set nameIdentifier");
nameIdentifier = new NameIdentifier(handleName, remoteEntityId);
nameIdentifier.setFormat(IFSConstants.NI_FEDERATED_FORMAT_URI);
FSUtils.debug.message("completed set nameIdentifier");
return nameIdentifier;
}
} catch (SAMLException e) {
String[] data = { FSUtils.bundle.getString(IFSConstants.REGISTRATION_FAILED_SP_NAME_IDENTIFIER) };
LogUtil.error(Level.INFO, "REGISTRATION_FAILED_SP_NAME_IDENTIFIER", data, ssoToken);
return null;
}
}
Also used :
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
IDPProvidedNameIdentifier(com.sun.identity.federation.message.common.IDPProvidedNameIdentifier)
SPProvidedNameIdentifier(com.sun.identity.federation.message.common.SPProvidedNameIdentifier)
OldProvidedNameIdentifier(com.sun.identity.federation.message.common.OldProvidedNameIdentifier)
SAMLException(com.sun.identity.saml.common.SAMLException)
FSNameIdentifierHelper(com.sun.identity.federation.services.util.FSNameIdentifierHelper)
Example 59 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSNameRegistrationHandler method doRemoteRegistration.
/**
* Initiates federation registration at remote end.
* The registration request is constructed and based on the profile the
* request is sent over SOAP or as HTTP redirect. Profile is always based on
* the SPs profile.
* @return <code>true</code> if the process is successful;
* <code>false</code> otherwise.
*/
private boolean doRemoteRegistration() {
FSUtils.debug.message("Entered FSNameRegistrationHandler::doRemoteRegistration");
try {
try {
if (acctInfo == null) {
acctInfo = managerInst.readAccountFedInfo(userID, remoteEntityId);
}
} catch (FSAccountMgmtException e) {
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::doRemoteRegistration create" + " request start");
}
FSNameRegistrationRequest regisRequest = createNameRegistrationRequest(acctInfo);
if (regisRequest == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::Registration request could " + "not be formed");
}
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::Registration request formed" + "successfully");
}
// Find out which profile to use
boolean isSOAPProfile = true;
if (acctInfo.isRoleIDP()) {
List hostProfiles = hostedDescriptor.getRegisterNameIdentifierProtocolProfile();
if (hostProfiles == null || hostProfiles.isEmpty()) {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration no registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
String hostProfile = (String) hostProfiles.iterator().next();
if (hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_SOAP_PROFILE) || hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_SOAP_PROFILE)) {
isSOAPProfile = true;
} else if (hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_HTTP_PROFILE) || hostProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_HTTP_PROFILE)) {
isSOAPProfile = false;
} else {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration Invalid registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
} else {
List remoteProfiles = remoteDescriptor.getRegisterNameIdentifierProtocolProfile();
if (remoteProfiles == null || remoteProfiles.isEmpty()) {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration no registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
String remoteProfile = (String) remoteProfiles.iterator().next();
if (remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_SOAP_PROFILE) || remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_SOAP_PROFILE)) {
isSOAPProfile = true;
} else if (remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_SP_HTTP_PROFILE) || remoteProfile.equalsIgnoreCase(IFSConstants.REGISTRATION_IDP_HTTP_PROFILE)) {
isSOAPProfile = false;
} else {
FSUtils.debug.error("FSNameRegistrationHandler::" + "doRemoteRegistration Invalid registration profile" + " cannot process request");
returnLocallyAtSource(response, false);
return false;
}
}
if (isSOAPProfile) {
FSSOAPService instSOAP = FSSOAPService.getInstance();
if (instSOAP != null) {
FSUtils.debug.message("Signing suceeded. To call bindRegistrationRequest");
regisRequest.setID(IFSConstants.REGISTRATIONID);
SOAPMessage msgRegistration = instSOAP.bind(regisRequest.toXMLString(true, true));
if (msgRegistration != null) {
SOAPMessage retSOAPMessage = null;
try {
if (FSServiceUtils.isSigningOn()) {
int minorVersion = regisRequest.getMinorVersion();
if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
msgRegistration = signRegistrationRequest(msgRegistration, IFSConstants.ID, regisRequest.getID());
} else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
msgRegistration = signRegistrationRequest(msgRegistration, IFSConstants.REQUEST_ID, regisRequest.getRequestID());
} else {
FSUtils.debug.message("invalid minor version.");
}
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("calling " + "sendRegistrationMessage");
}
retSOAPMessage = instSOAP.sendMessage(msgRegistration, remoteDescriptor.getSoapEndpoint());
} catch (SOAPException e) {
FSUtils.debug.error("Error in sending request ", e);
returnLocallyAtSource(response, false);
return false;
} catch (Exception ex) {
FSUtils.debug.error("Error in sending request:", ex);
returnLocallyAtSource(response, false);
return false;
}
if (retSOAPMessage == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("sendRegistrationMessage" + "return response is null");
}
returnLocallyAtSource(response, false);
return false;
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("calling" + "parseSOAPMessage after return from IDP");
}
Element elt = instSOAP.parseSOAPMessage(retSOAPMessage);
if (FSServiceUtils.isSigningOn() && regisResponse != null) {
if (!verifyResponseSignature(retSOAPMessage, acctInfo.isRoleIDP())) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Response " + "signature verification failed");
FSUtils.debug.message("Name registration" + " failed in doRemoteRegistration");
}
returnLocallyAtSource(response, false);
return false;
}
}
FSUtils.debug.message("Response signature verification succeeded");
if (elt.getLocalName().equalsIgnoreCase(IFSConstants.NAME_REGISTRATION_RESPONSE)) {
FSNameRegistrationResponse regisResponse = null;
try {
regisResponse = new FSNameRegistrationResponse(elt);
} catch (SAMLException e) {
regisResponse = null;
}
if (regisResponse != null) {
String responseStatus = ((regisResponse.getStatus()).getStatusCode()).getValue();
if (responseStatus.equals(IFSConstants.SAML_SUCCESS)) {
FSUtils.debug.message("Name registration Successful");
// do local update
oldAcctKey = (FSAccountFedInfoKey) returnMap.get("OldAccountKey");
if (oldAcctKey != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Get OldAcctKet Name : " + oldAcctKey.getName() + "\nGet OldAcctKet Qualifier:" + oldAcctKey.getNameSpace());
}
} else {
FSUtils.debug.message("OldAccount Key is null");
}
newAcctKey = (FSAccountFedInfoKey) returnMap.get("AccountKey");
if (newAcctKey != null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Get newAcctKey Name : " + newAcctKey.getName() + "\nGet newAcctKey Qualifier:" + newAcctKey.getNameSpace());
}
} else {
FSUtils.debug.message("newAcctKey Key is null");
}
newAcctInfo = (FSAccountFedInfo) returnMap.get("AccountInfo");
userID = (String) returnMap.get("userID");
regisSource = (String) returnMap.get("RegisSource");
returnURL = (String) returnMap.get(IFSConstants.LRURL);
boolean bStatus = doCommonRegistration();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("doCommonRegistration returns " + bStatus);
}
// Call SP Adapter
if (bStatus && hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) {
FSUtils.debug.message("doRemoteRegis");
callPostRegisterNameIdentifierSuccess(request, response, userID, regisRequest, regisResponse, IFSConstants.NAME_REGISTRATION_SP_SOAP_PROFILE);
}
returnLocallyAtSource(response, bStatus);
return bStatus;
} else if (responseStatus.equals(IFSConstants.FEDERATION_NOT_EXISTS_STATUS)) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Name " + "registration Failed. " + "Federation does not exist");
}
returnLocallyAtSource(response, false);
return false;
} else if (responseStatus.equals(IFSConstants.REGISTRATION_FAILURE_STATUS)) {
FSUtils.debug.message("Name registration Failed.");
returnLocallyAtSource(response, false);
return false;
}
}
}
}
}
returnLocallyAtSource(response, false);
return false;
} else {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSNameRegistrationHandler::doRemoteRegistration " + "In Redirect profile");
}
// addition of relay state
FSNameIdentifierHelper nameHelper = new FSNameIdentifierHelper(hostedConfig);
String newId = nameHelper.createNameIdentifier();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Registration Id : " + newId);
}
regisRequest.setRelayState(newId);
// add information to FSRegistrationMap
HashMap valMap = new HashMap();
valMap.put("SSODetails", regisMap);
valMap.put("ReturnEntry", returnMap);
if (returnURL != null) {
valMap.put(IFSConstants.LRURL, returnURL);
}
FSRegistrationManager registInst = FSRegistrationManager.getInstance(metaAlias);
registInst.setRegistrationMapInfo(newId, valMap);
// sat1 add null checks
Set ketSet = valMap.keySet();
Iterator iter = ketSet.iterator();
String key = null;
String value = null;
while (iter.hasNext()) {
key = (String) iter.next();
value = (String) regisMap.get(key);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Putting in Map Key : " + key + "\nPutting in Map Value : " + value);
}
}
String urlEncodedRequest = regisRequest.toURLEncodedQueryString();
// Sign the request querystring
if (FSServiceUtils.isSigningOn()) {
String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
if (certAlias == null || certAlias.length() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSBrowserArtifactConsumerHandler:: " + "signSAMLRequest:" + "couldn't obtain this site's cert alias.");
}
throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
}
urlEncodedRequest = FSSignatureUtil.signAndReturnQueryString(urlEncodedRequest, certAlias);
}
StringBuffer redirectURL = new StringBuffer();
String retURL = remoteDescriptor.getRegisterNameIdentifierServiceURL();
redirectURL.append(retURL);
if (retURL.indexOf(IFSConstants.QUESTION_MARK) == -1) {
redirectURL.append(IFSConstants.QUESTION_MARK);
} else {
redirectURL.append(IFSConstants.AMPERSAND);
}
redirectURL.append(urlEncodedRequest);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Request to be sent : " + redirectURL.toString());
}
// end of addition
response.sendRedirect(redirectURL.toString());
return true;
}
} catch (IOException e) {
FSUtils.debug.error("FSNameRegistrationHandler" + FSUtils.bundle.getString(IFSConstants.FEDERATION_REDIRECT_FAILED));
} catch (FSMsgException e) {
FSUtils.debug.error("FSNameRegistrationHandler::doRemoteRegistration " + FSUtils.bundle.getString(IFSConstants.TERMINATION_FAILED_SEND_REMOTE));
} catch (SAMLResponderException e) {
FSUtils.debug.error("FSNameRegistrationHandler::doRemoteRegistration " + FSUtils.bundle.getString(IFSConstants.TERMINATION_FAILED_SEND_REMOTE));
}
returnLocallyAtSource(response, false);
return false;
}
Also used :
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
Set(java.util.Set)
HashMap(java.util.HashMap)
Element(org.w3c.dom.Element)
FSNameRegistrationRequest(com.sun.identity.federation.message.FSNameRegistrationRequest)
FSSOAPService(com.sun.identity.federation.services.FSSOAPService)
IOException(java.io.IOException)
SOAPMessage(javax.xml.soap.SOAPMessage)
SAMLException(com.sun.identity.saml.common.SAMLException)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
FSMsgException(com.sun.identity.federation.message.common.FSMsgException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
SAMLException(com.sun.identity.saml.common.SAMLException)
IOException(java.io.IOException)
FSNameIdentifierHelper(com.sun.identity.federation.services.util.FSNameIdentifierHelper)
SOAPException(javax.xml.soap.SOAPException)
FSNameRegistrationResponse(com.sun.identity.federation.message.FSNameRegistrationResponse)
Iterator(java.util.Iterator)
List(java.util.List)
FSAccountMgmtException(com.sun.identity.federation.accountmgmt.FSAccountMgmtException)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
Example 60 with SAMLException
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class FSNameRegistrationHandler method verifyResponseSignature.
/**
* Verifies the Name registration response received
* from the IDP before processing locally.
* @param msg the response message
* @param isIDP whether the remote provider is an IDP or not
* @return <code>true</code> if signature is valid; <code>false</code>
* otherwise.
*/
protected boolean verifyResponseSignature(SOAPMessage msg, boolean isIDP) {
FSUtils.debug.message("Entered FSNameRegistrationHandler::verifyResponseSignature");
try {
X509Certificate cert = KeyUtil.getVerificationCert(remoteDescriptor, remoteEntityId, isIDP);
if (cert == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("Registration.verifyResponseSignature" + "couldn't obtain this site's cert .");
}
throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT));
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("NameRegistration.verifyResponseSignature" + ": Provider's cert is found.");
}
XMLSignatureManager manager = XMLSignatureManager.getInstance();
Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
return manager.verifyXMLSignature(doc, cert);
} catch (SAMLException e) {
FSUtils.debug.error("Error in verifying response ", e);
return false;
}
}
Also used :
XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager)
Document(org.w3c.dom.Document)
SAMLException(com.sun.identity.saml.common.SAMLException)
X509Certificate(java.security.cert.X509Certificate)
SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)
Aggregations
SAMLException (com.sun.identity.saml.common.SAMLException)86
SessionException (com.sun.identity.plugin.session.SessionException)30
FSMsgException (com.sun.identity.federation.message.common.FSMsgException)26
List (java.util.List)23
SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)19
ArrayList (java.util.ArrayList)19
FSException (com.sun.identity.federation.common.FSException)17
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)17
Iterator (java.util.Iterator)17
XMLSignatureManager (com.sun.identity.saml.xmlsig.XMLSignatureManager)16
SessionProvider (com.sun.identity.plugin.session.SessionProvider)15
Assertion (com.sun.identity.saml.assertion.Assertion)15
Set (java.util.Set)15
Attribute (com.sun.identity.saml.assertion.Attribute)13
Element (org.w3c.dom.Element)13
ParseException (java.text.ParseException)12
Map (java.util.Map)12
Status (com.sun.identity.saml.protocol.Status)11
Document (org.w3c.dom.Document)11
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10
