use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class DefaultNameIdentifierMapper method getNameIdentifier.
/**
* Returns name identifier for assertion subject based on user account.
*
* @param session the session of the user performing the operation.
* @param sourceID source ID for the site from which the assertion
* originated.
* @param destID destination ID for the site for which the assertion will be
* created.
* @return a <code>NameIdentifier</code> for assertion subject.
* @exception SAMLException if an error occurs
*/
public NameIdentifier getNameIdentifier(Object session, String sourceID, String destID, String nameIDFormat) throws SAMLException {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultNameIdentifierMapper." + "getNameIdentifier: sourceID = " + sourceID + ", destID = " + destID);
}
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("DefaultNameIdentifierMapper." + "getNameIdentifier: nameIDFormat = " + nameIDFormat);
}
try {
String nameQualifier = XMLUtils.escapeSpecialCharacters((SessionManager.getProvider().getProperty(session, "Organization")[0]));
String userID = SessionManager.getProvider().getPrincipalName(session);
String name = null;
if (nameIDFormat != null) {
Map nameIDFormatAttrMap = (Map) SAMLServiceManager.getAttribute(SAMLConstants.NAME_ID_FORMAT_MAP);
if ((nameIDFormatAttrMap != null) && (!nameIDFormatAttrMap.isEmpty()) && (nameIDFormatAttrMap.keySet().contains(nameIDFormat))) {
String attrName = (String) nameIDFormatAttrMap.get(nameIDFormat);
try {
DataStoreProvider dsProvider = DataStoreProviderManager.getInstance().getDataStoreProvider(SAMLConstants.SAML);
Set attrValues = dsProvider.getAttribute(userID, attrName);
if ((attrValues != null) && (!attrValues.isEmpty())) {
name = (String) attrValues.iterator().next();
}
} catch (DataStoreProviderException dspe) {
if (SAMLUtils.debug.warningEnabled()) {
SAMLUtils.debug.warning("DefaultNameIdentifierMapper." + "getNameIdentifier:", dspe);
}
}
}
}
if (name == null) {
name = XMLUtils.escapeSpecialCharacters(userID);
} else {
name = XMLUtils.escapeSpecialCharacters(name);
}
return new NameIdentifier(name, nameQualifier, nameIDFormat);
} catch (SessionException sx) {
SAMLUtils.debug.error("DefaultNameIdentifierMapper." + "getNameIdentifier: Invalid Session ", sx);
return null;
} catch (Exception ex) {
SAMLUtils.debug.error("DefaultNameIdentifierMapper." + "getNameIdentifier:", ex);
return null;
}
}
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class AssertionManagerImpl method createAssertion.
public String createAssertion(String ssoToken) throws SAMLException {
checkInitialization();
Object token = null;
try {
SessionProvider sessionProvider = SessionManager.getProvider();
token = sessionProvider.getSession(ssoToken);
} catch (SessionException ssoe) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("AssertionManagerImpl:createAssertion(SSO) " + ssoe);
}
throw (new SAMLException(ssoe.getMessage()));
}
Assertion a = assertionManager.createAssertion(token);
// would be thrown
return (a.toString(true, true));
}
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class AssertionManagerImpl method getAssertionByIdRefToken.
public String getAssertionByIdRefToken(String idref, String ssoToken) throws SAMLException {
checkInitialization();
Object token = null;
try {
SessionProvider sessionProvider = SessionManager.getProvider();
token = sessionProvider.getSession(ssoToken);
} catch (SessionException ssoe) {
if (SAMLUtils.debug.messageEnabled()) {
SAMLUtils.debug.message("AssertionManagerImpl:getAssertionByIdRefToken: " + ssoe);
}
throw (new SAMLException(ssoe.getMessage()));
}
Assertion a = assertionManager.getAssertion(new AssertionIDReference(idref), token);
return (a.toString(true, true));
}
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class Request method toString.
/**
* Returns a String representation of the
* <code><samlp:Request></code> element.
*
* @param includeNS Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @param includeHeader Determines whether the output include the XML
* declaration header.
* @return A string containing the valid XML for this element
*/
public String toString(boolean includeNS, boolean declareNS, boolean includeHeader) {
if (signed && (xmlString != null)) {
return xmlString;
}
StringBuffer xml = new StringBuffer(300);
if (includeHeader) {
xml.append("<?xml version=\"1.0\" encoding=\"").append(SAMLConstants.DEFAULT_ENCODING).append("\" ?>\n");
}
String prefix = "";
String uri = "";
if (includeNS) {
prefix = SAMLConstants.PROTOCOL_PREFIX;
}
if (declareNS) {
uri = SAMLConstants.PROTOCOL_NAMESPACE_STRING;
}
String instantString = DateUtils.toUTCDateFormat(issueInstant);
xml.append("<").append(prefix).append("Request").append(uri).append(" RequestID=\"").append(requestID).append("\"").append(" MajorVersion=\"").append(majorVersion).append("\"").append(" MinorVersion=\"").append(minorVersion).append("\"").append(" IssueInstant=\"").append(instantString).append("\"").append(">\n");
if ((respondWiths != null) && (respondWiths != Collections.EMPTY_LIST)) {
Iterator i = respondWiths.iterator();
String respondWith = null;
while (i.hasNext()) {
respondWith = (String) i.next();
xml.append("<").append(prefix).append("RespondWith>");
if (respondWith.startsWith(SAMLConstants.ASSERTION_PREFIX)) {
xml.append(respondWith);
} else {
try {
xml.append(checkAndGetRespondWith(respondWith));
} catch (SAMLException e) {
SAMLUtils.debug.error("Request.toString: ", e);
xml.append(respondWith);
}
}
xml.append("</").append(prefix).append("RespondWith>\n");
}
}
if (signed) {
if (signatureString != null) {
xml.append(signatureString);
} else if (signature != null) {
signatureString = XMLUtils.print(signature);
xml.append(signatureString);
}
}
Iterator j;
switch(contentType) {
case AUTHENTICATION_QUERY:
xml.append(((AuthenticationQuery) query).toString(includeNS, false));
break;
case AUTHORIZATION_DECISION_QUERY:
xml.append(((AuthorizationDecisionQuery) query).toString(includeNS, false));
break;
case ATTRIBUTE_QUERY:
xml.append(((AttributeQuery) query).toString(includeNS, false));
break;
case ASSERTION_ID_REFERENCE:
j = assertionIDRefs.iterator();
while (j.hasNext()) {
xml.append(((AssertionIDReference) j.next()).toString(true, true));
}
break;
case ASSERTION_ARTIFACT:
j = artifacts.iterator();
while (j.hasNext()) {
xml.append(((AssertionArtifact) j.next()).toString(includeNS, false));
}
break;
default:
break;
}
xml.append("</").append(prefix).append("Request>\n");
return xml.toString();
}
use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.
the class DefaultIDPAccountMapper method getNameID.
/**
* Returns the user's <code>NameID</code>information that contains
* account federation with the corresponding remote and local entities.
*
* @param session Session object.
* @param realm Realm where user resides.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param remoteEntityID <code>EntityID</code> of the remote provider.
* @return the <code>NameID</code> corresponding to the authenticated user.
* null if the authenticated user does not container account
* federation information.
* @exception WSFederationException if any failure.
*/
public NameIdentifier getNameID(Object session, String realm, String hostEntityID, String remoteEntityID) throws WSFederationException {
String userID = null;
try {
SessionProvider sessionProv = SessionManager.getProvider();
userID = sessionProv.getPrincipalName(session);
} catch (SessionException se) {
throw new WSFederationException(WSFederationUtils.bundle.getString("invalidSSOToken"));
}
IDPSSOConfigElement idpConfig = WSFederationUtils.getMetaManager().getIDPSSOConfig(realm, hostEntityID);
String name2 = null;
String attrName = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAMEID_ATTRIBUTE);
if (attrName == null || attrName.length() == 0) {
attrName = WSFederationConstants.UID;
}
try {
Set attrValues = dsProvider.getAttribute(userID, attrName);
if ((attrValues != null) && (!attrValues.isEmpty())) {
name2 = (String) attrValues.iterator().next();
} else {
String[] args = { attrName, userID };
throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "missingNameAttribute", args);
}
} catch (DataStoreProviderException dspe) {
throw new WSFederationException(dspe);
}
String nameIdFormat = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAMEID_FORMAT);
if (nameIdFormat == null || nameIdFormat.length() == 0) {
nameIdFormat = WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN];
}
String strNameIncludesDomain = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAME_INCLUDES_DOMAIN);
boolean nameIncludesDomain = Boolean.valueOf(strNameIncludesDomain);
String name = null;
if (nameIdFormat.equals(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN]) && !nameIncludesDomain) {
// Need to get a domain from somewhere and append it to name2
// Try user profile first
String domainAttribute = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.DOMAIN_ATTRIBUTE);
String upnDomain = null;
if (domainAttribute != null && domainAttribute.length() > 0) {
Set attrValues;
try {
attrValues = dsProvider.getAttribute(userID, domainAttribute);
} catch (DataStoreProviderException dspe) {
throw new WSFederationException(dspe);
}
if ((attrValues != null) && (!attrValues.isEmpty())) {
upnDomain = (String) attrValues.iterator().next();
}
}
if (upnDomain == null || upnDomain.length() == 0) {
// Nothing on the user profile - get from config
upnDomain = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.UPN_DOMAIN);
}
if (upnDomain == null || upnDomain.length() == 0) {
// OK - now we have a problem
throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "noDomainConfigured", null);
}
name = name2 + "@" + upnDomain;
} else {
name = name2;
}
try {
return new NameIdentifier(name, null, nameIdFormat);
} catch (SAMLException se) {
throw new WSFederationException(se);
}
}
Aggregations