Search in sources :

Example 26 with SAMLException

use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.

the class AssertionManagerClient method createAssertion.

/**
     * Returns an assertion that contains an authentication and attribute
     * statement.
     * @param token User session that contains authentication
     *        information which is needed to create the authentication
     *        statement for the assertion.
     * @param attributes A list of attribute objects which are used to create
     *        the attribute statement.
     * @return The created assertion.
     * @throws SAMLException If the Assertion cannot be created.
     */
public Assertion createAssertion(Object token, List attributes) throws SAMLException {
    if (useLocal) {
        return (assertionManager.createAssertion(token, attributes));
    }
    // Check for null or empty attributes
    if (attributes == null || attributes.isEmpty())
        return (createAssertion(token));
    String assertion = null;
    try {
        List attrs = new LinkedList();
        for (Iterator iter = attributes.iterator(); iter.hasNext(); ) {
            Attribute attribute = (Attribute) iter.next();
            attrs.add(attribute.toString(true, true));
        }
        SessionProvider sessionProvider = SessionManager.getProvider();
        Object[] args = { sessionProvider.getSessionID(token), attrs };
        assertion = (String) stub.send("createAssertion2", args, null, null);
        return (new Assertion(XMLUtils.toDOMDocument(assertion, SAMLUtils.debug).getDocumentElement()));
    } catch (Exception re) {
        if (SAMLUtils.debug.warningEnabled()) {
            SAMLUtils.debug.warning("AMC:createAssertion(SSO, attrs)", re);
        }
        throw (new SAMLException(re.getMessage()));
    }
}
Also used : Attribute(com.sun.identity.saml.assertion.Attribute) Assertion(com.sun.identity.saml.assertion.Assertion) SAMLException(com.sun.identity.saml.common.SAMLException) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) SessionProvider(com.sun.identity.plugin.session.SessionProvider)

Example 27 with SAMLException

use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.

the class FSNameRegistrationRequest method signXML.

/**
     * Signs the <code>FSNameRegistrationRequest</code> object.
     *
     * @param certAlias the Certificate Alias.
     * @throws SAMLException if this object cannot be signed.
     */
public void signXML(String certAlias) throws SAMLException {
    FSUtils.debug.message("FSNameRegistrationRequest.signXML: Called");
    if (signed) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSNameRegistrationRequest.signXML: " + "the assertion is already signed.");
        }
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "alreadySigned", null);
    }
    if (certAlias == null || certAlias.length() == 0) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "cannotFindCertAlias", null);
    }
    try {
        XMLSignatureManager manager = XMLSignatureManager.getInstance();
        if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, null, IFSConstants.ID, this.id, false);
        } else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, null, IFSConstants.REQUEST_ID, this.getRequestID(), false);
        } else {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("invalid minor version.");
            }
        }
        signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug).getDocumentElement();
        signed = true;
        xmlString = this.toXMLString(true, true);
    } catch (Exception e) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "signFailed", null);
    }
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException) SAMLException(com.sun.identity.saml.common.SAMLException) ParseException(java.text.ParseException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Example 28 with SAMLException

use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.

the class FSNameRegistrationResponse method parseXML.

/**
     * Returns the <code>FSNameRegistrationResponse</code> object.
     *
     * @param xml the XML string to be parsed.
     * @return <code>FSNameRegistrationResponsee</code> object created from
     *         the XML string.
     * @throws FSMsgException if there is error creating the object.
     */
public static FSNameRegistrationResponse parseXML(String xml) throws FSMsgException {
    try {
        Document doc = XMLUtils.toDOMDocument(xml, FSUtils.debug);
        Element root = doc.getDocumentElement();
        return new FSNameRegistrationResponse(root);
    } catch (SAMLException ex) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSNameRegistrationResponse.parseXML: " + "Error while parsing input xml string");
        }
        throw new FSMsgException("parseError", null, ex);
    }
}
Also used : FSMsgException(com.sun.identity.federation.message.common.FSMsgException) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) SAMLException(com.sun.identity.saml.common.SAMLException)

Example 29 with SAMLException

use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.

the class FSRequest method toXMLString.

/**
     * Creates a String representation of the <code>&lt;samlp:Request&gt;</code>
     * element.
     *
     * @param includeNS Determines whether or not the name space qualifier
     *        is prepended to the Element when converted
     * @param declareNS Determines whether or not the name space is declared
     *        within the Element.
     * @param includeHeader Determines whether the output include the XML
     *              declaration header.
     * @return a string containing the valid XML for this object.
     */
public String toXMLString(boolean includeNS, boolean declareNS, boolean includeHeader) {
    if (signed && (xmlString != null)) {
        return xmlString;
    }
    StringBuffer xml = new StringBuffer(300);
    if (includeHeader) {
        xml.append("<?xml version=\"1.0\" encoding=\"").append(SAMLConstants.DEFAULT_ENCODING).append("\" ?>\n");
    }
    String prefix = "";
    String libprefix = "";
    String uri = "";
    String liburi = "";
    String uriXSI = "";
    if (includeNS) {
        prefix = SAMLConstants.PROTOCOL_PREFIX;
        libprefix = IFSConstants.LIB_PREFIX;
    }
    if (declareNS) {
        uri = SAMLConstants.PROTOCOL_NAMESPACE_STRING;
        if (minorVersion == IFSConstants.FF_12_SAML_PROTOCOL_MINOR_VERSION) {
            liburi = IFSConstants.LIB_12_NAMESPACE_STRING;
        } else {
            liburi = IFSConstants.LIB_NAMESPACE_STRING;
        }
        uriXSI = IFSConstants.XSI_NAMESPACE_STRING;
    }
    String instantString = DateUtils.toUTCDateFormat(issueInstant);
    xml.append("<").append(prefix).append("Request").append(uri).append(" ").append(liburi).append(" ").append(uriXSI);
    if (minorVersion == IFSConstants.FF_11_SAML_PROTOCOL_MINOR_VERSION) {
        if (id != null && !(id.length() == 0)) {
            xml.append(" id=\"").append(id).append("\"");
        }
    }
    xml.append(" RequestID=\"").append(requestID).append("\"").append(" MajorVersion=\"").append(majorVersion).append("\"").append(" MinorVersion=\"").append(minorVersion).append("\"").append(" IssueInstant=\"").append(instantString).append("\"");
    if (minorVersion == IFSConstants.FF_11_SAML_PROTOCOL_MINOR_VERSION) {
        xml.append(" xsi:type").append("=\"").append(libprefix).append("SignedSAMLRequestType").append("\"");
    }
    xml.append(">");
    if ((respondWiths != null) && (respondWiths != Collections.EMPTY_LIST)) {
        Iterator i = respondWiths.iterator();
        String respondWith = null;
        while (i.hasNext()) {
            respondWith = (String) i.next();
            xml.append("<").append(prefix).append("RespondWith>");
            if (respondWith.startsWith(SAMLConstants.ASSERTION_PREFIX)) {
                xml.append(respondWith);
            } else {
                try {
                    xml.append(checkAndGetRespondWith(respondWith));
                } catch (SAMLException e) {
                    FSUtils.debug.error("Request.toString: ", e);
                    xml.append(respondWith);
                }
            }
            xml.append("</").append(prefix).append("RespondWith>");
        }
    }
    if (signed) {
        if (signatureString != null) {
            xml.append(signatureString);
        } else if (signature != null) {
            signatureString = XMLUtils.print(signature);
            xml.append(signatureString);
        }
    }
    Iterator j;
    switch(contentType) {
        case AUTHENTICATION_QUERY:
            xml.append(((AuthenticationQuery) query).toString(includeNS, false));
            break;
        case AUTHORIZATION_DECISION_QUERY:
            xml.append(((AuthorizationDecisionQuery) query).toString(includeNS, false));
            break;
        case ATTRIBUTE_QUERY:
            xml.append(((AttributeQuery) query).toString(includeNS, false));
            break;
        case ASSERTION_ID_REFERENCE:
            j = assertionIDRefs.iterator();
            while (j.hasNext()) {
                xml.append(((AssertionIDReference) j.next()).toString(true, true));
            }
            break;
        case ASSERTION_ARTIFACT:
            j = artifacts.iterator();
            while (j.hasNext()) {
                xml.append(((AssertionArtifact) j.next()).toString(includeNS, false));
            }
            break;
        default:
            break;
    }
    xml.append("</").append(prefix).append("Request>");
    return xml.toString();
}
Also used : Iterator(java.util.Iterator) SAMLException(com.sun.identity.saml.common.SAMLException)

Example 30 with SAMLException

use of com.sun.identity.saml.common.SAMLException in project OpenAM by OpenRock.

the class FSResponse method signXML.

/**
     * Signs the Response.
     *
     * @param certAlias the Certificate Alias.
     * @throws XMLSignatureException if <code>FSAuthnRequest</code>
     *         cannot be signed.
     */
public void signXML(String certAlias) throws SAMLException {
    FSUtils.debug.message("FSResponse.signXML: Called");
    if (signed) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSResponse.signXML: the assertion is " + "already signed.");
        }
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "alreadySigned", null);
    }
    if (certAlias == null || certAlias.length() == 0) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "cannotFindCertAlias", null);
    }
    try {
        XMLSignatureManager manager = XMLSignatureManager.getInstance();
        if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, IFSConstants.DEF_SIG_ALGO, IFSConstants.ID, this.id, false);
        } else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, IFSConstants.DEF_SIG_ALGO, IFSConstants.RESPONSE_ID, this.getResponseID(), false);
        } else {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("invalid minor version.");
            }
        }
        signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug).getDocumentElement();
        signed = true;
        xmlString = this.toXMLString(true, true);
    } catch (Exception e) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "signFailed", null);
    }
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException) IOException(java.io.IOException) SAMLVersionMismatchException(com.sun.identity.saml.common.SAMLVersionMismatchException) SAMLException(com.sun.identity.saml.common.SAMLException) ParseException(java.text.ParseException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Aggregations

SAMLException (com.sun.identity.saml.common.SAMLException)86 SessionException (com.sun.identity.plugin.session.SessionException)30 FSMsgException (com.sun.identity.federation.message.common.FSMsgException)26 List (java.util.List)23 SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)19 ArrayList (java.util.ArrayList)19 FSException (com.sun.identity.federation.common.FSException)17 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)17 Iterator (java.util.Iterator)17 XMLSignatureManager (com.sun.identity.saml.xmlsig.XMLSignatureManager)16 SessionProvider (com.sun.identity.plugin.session.SessionProvider)15 Assertion (com.sun.identity.saml.assertion.Assertion)15 Set (java.util.Set)15 Attribute (com.sun.identity.saml.assertion.Attribute)13 Element (org.w3c.dom.Element)13 ParseException (java.text.ParseException)12 Map (java.util.Map)12 Status (com.sun.identity.saml.protocol.Status)11 Document (org.w3c.dom.Document)11 BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)10