Example 26 with NameID
use of com.sun.identity.saml2.assertion.NameID in project OpenAM by OpenRock.
the class SubjectConfirmationImpl method processElement.
private void processElement(Element element) throws SAML2Exception {
if (element == null) {
SAML2SDKUtils.debug.error("SubjectConfirmationImpl." + "processElement(): invalid root element");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
SAML2SDKUtils.debug.error("SubjectConfirmationImpl.processElement(): local name missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_local_name"));
}
if (!elemName.equals(SUBJECT_CONFIRMATION_ELEMENT)) {
SAML2SDKUtils.debug.error("SubjectConfirmationImpl.processElement(): invalid local name " + elemName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_local_name"));
}
// starts processing attributes
String attrValue = element.getAttribute(METHOD_ATTR);
if ((attrValue == null) || (attrValue.length() == 0)) {
SAML2SDKUtils.debug.error("SubjectConfirmationImpl.processElement(): method missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_confirmation_method"));
}
method = attrValue;
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes < 1) {
return;
}
int nextElem = 0;
Node child = (Node) nodes.item(nextElem);
while (child.getNodeType() != Node.ELEMENT_NODE) {
if (++nextElem >= numOfNodes) {
return;
}
child = (Node) nodes.item(nextElem);
}
String childName = child.getLocalName();
if (childName != null) {
if (childName.equals(SUBJECT_CONFIRMATION_DATA_ELEMENT)) {
subjectConfirmationData = AssertionFactory.getInstance().createSubjectConfirmationData((Element) child);
} else if (childName.equals(BASE_ID_ELEMENT)) {
baseId = AssertionFactory.getInstance().createBaseID((Element) child);
} else if (childName.equals(NAME_ID_ELEMENT)) {
nameId = AssertionFactory.getInstance().createNameID((Element) child);
} else if (childName.equals(ENCRYPTED_ID_ELEMENT)) {
encryptedId = AssertionFactory.getInstance().createEncryptedID((Element) child);
} else {
SAML2SDKUtils.debug.error("SubjectConfirmationImpl.processElement(): " + "unexpected subelement " + childName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unexpected_subelement"));
}
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 27 with NameID
use of com.sun.identity.saml2.assertion.NameID in project OpenAM by OpenRock.
the class SAML2Utils method getNameIDStringFromResponse.
/**
* Obtains the value of NameID from Response.
*
* @param response <code>Response</code> object
* @return value of the NameID from the first Assertion in the response.
* null if the response is null, or no assertion in the response, or
* no NameID in the assertion.
*/
public static String getNameIDStringFromResponse(Response response) {
if (response != null) {
List assertions = response.getAssertion();
if ((assertions != null) && (assertions.size() > 0)) {
Assertion assertion = (Assertion) assertions.get(0);
Subject subject = assertion.getSubject();
if (subject != null) {
NameID nameID = subject.getNameID();
if (nameID != null) {
return nameID.getValue();
}
}
}
}
return null;
}Example 28 with NameID
use of com.sun.identity.saml2.assertion.NameID in project OpenAM by OpenRock.
the class SubjectImpl method makeImmutable.
/**
* Makes the object immutable
*/
public void makeImmutable() {
if (isMutable) {
if (subjectConfirmations != null) {
int length = subjectConfirmations.size();
for (int i = 0; i < length; i++) {
SubjectConfirmation subjectConfirmation = (SubjectConfirmation) subjectConfirmations.get(i);
subjectConfirmation.makeImmutable();
}
subjectConfirmations = Collections.unmodifiableList(subjectConfirmations);
}
if (baseId != null) {
baseId.makeImmutable();
}
if (nameId != null) {
nameId.makeImmutable();
}
isMutable = false;
}
}
Also used :
SubjectConfirmation(com.sun.identity.saml2.assertion.SubjectConfirmation)
Example 29 with NameID
use of com.sun.identity.saml2.assertion.NameID in project OpenAM by OpenRock.
the class SubjectImpl method processElement.
private void processElement(Element element) throws SAML2Exception {
if (element == null) {
SAML2SDKUtils.debug.error("SubjectImpl.processElement(): invalid root element");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
SAML2SDKUtils.debug.error("SubjectImpl.processElement(): local name missing");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_local_name"));
}
if (!elemName.equals(SUBJECT_ELEMENT)) {
SAML2SDKUtils.debug.error("SubjectImpl.processElement(): invalid local name " + elemName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes < 1) {
SAML2SDKUtils.debug.error("SubjectImpl.processElement(): subject has no subelements");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
}
int nextElem = 0;
Node child = (Node) nodes.item(nextElem);
while (child.getNodeType() != Node.ELEMENT_NODE) {
if (++nextElem >= numOfNodes) {
SAML2SDKUtils.debug.error("SubjectImpl.processElement():" + " subject has no subelements");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
}
child = (Node) nodes.item(nextElem);
}
String childName = child.getLocalName();
if (childName != null) {
if (childName.equals(SUBJECT_CONFIRMATION_ELEMENT)) {
subjectConfirmations.add(AssertionFactory.getInstance().createSubjectConfirmation((Element) child));
} else if (childName.equals(BASE_ID_ELEMENT)) {
baseId = AssertionFactory.getInstance().createBaseID((Element) child);
} else if (childName.equals(NAME_ID_ELEMENT)) {
nameId = AssertionFactory.getInstance().createNameID((Element) child);
} else if (childName.equals(ENCRYPTED_ID_ELEMENT)) {
encryptedId = AssertionFactory.getInstance().createEncryptedID((Element) child);
} else {
SAML2SDKUtils.debug.error("SubjectImpl.processElement(): " + "unexpected subelement " + childName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unexpected_subelement"));
}
}
if (++nextElem >= numOfNodes) {
return;
}
// The next subelements are all <SubjectConfirmation>
while (nextElem < numOfNodes) {
child = (Node) nodes.item(nextElem);
if (child.getNodeType() == Node.ELEMENT_NODE) {
childName = child.getLocalName();
if (childName != null) {
if (childName.equals(SUBJECT_CONFIRMATION_ELEMENT)) {
subjectConfirmations.add(AssertionFactory.getInstance().createSubjectConfirmation((Element) child));
} else {
SAML2SDKUtils.debug.error("SubjectImpl." + "processElement(): unexpected subelement " + childName);
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unexpected_subelement"));
}
}
}
nextElem++;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 30 with NameID
use of com.sun.identity.saml2.assertion.NameID in project OpenAM by OpenRock.
the class SAMLv2ModelImpl method getStandardServiceProviderAttributes.
/**
* Returns a map with standard service provider attributes and values.
*
* @param realm to which the entity belongs.
* @param entityName is the entity id.
* @return Map with standard attribute values of Service Provider.
* @throws AMConsoleException if unable to retrieve the Service Provider
* attrubutes based on the realm and entityName passed.
*/
public Map getStandardServiceProviderAttributes(String realm, String entityName) throws AMConsoleException {
String[] params = { realm, entityName, "SAMLv2", "SP-Standard" };
logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
Map map = new HashMap();
SPSSODescriptorElement spssoDescriptor = null;
try {
SAML2MetaManager samlManager = getSAML2MetaManager();
spssoDescriptor = samlManager.getSPSSODescriptor(realm, entityName);
if (spssoDescriptor != null) {
// retrieve WantAuthnRequestsSigned
map.put(IS_AUTHN_REQ_SIGNED, returnEmptySetIfValueIsNull(spssoDescriptor.isAuthnRequestsSigned()));
map.put(WANT_ASSERTIONS_SIGNED, returnEmptySetIfValueIsNull(spssoDescriptor.isWantAssertionsSigned()));
//retrieve SingleLogoutService
map.put(SP_SINGLE_LOGOUT_HTTP_LOCATION, Collections.EMPTY_SET);
map.put(SP_SINGLE_LOGOUT_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
map.put(SP_SLO_POST_LOC, Collections.EMPTY_SET);
map.put(SP_SLO_POST_RESPLOC, Collections.EMPTY_SET);
map.put(SP_SINGLE_LOGOUT_SOAP_LOCATION, Collections.EMPTY_SET);
map.put(SP_LOGOUT_DEFAULT, Collections.EMPTY_SET);
List splogoutList = spssoDescriptor.getSingleLogoutService();
for (int i = 0; i < splogoutList.size(); i++) {
SingleLogoutServiceElement spslsElem = (SingleLogoutServiceElement) splogoutList.get(i);
String tmp = spslsElem.getBinding();
if (i == 0) {
map.put(SP_LOGOUT_DEFAULT, returnEmptySetIfValueIsNull(tmp));
}
if (tmp.contains(httpRedirect)) {
map.put(SP_SINGLE_LOGOUT_HTTP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
map.put(SP_SINGLE_LOGOUT_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
} else if (tmp.contains(httpPost)) {
map.put(SP_SLO_POST_LOC, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
map.put(SP_SLO_POST_RESPLOC, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
} else if (tmp.contains(soap)) {
map.put(SP_SINGLE_LOGOUT_SOAP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
}
}
//retrieve ManageNameIDService
map.put(SP_MANAGE_NAMEID_HTTP_LOCATION, Collections.EMPTY_SET);
map.put(SP_MANAGE_NAMEID_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
map.put(SP_MNI_POST_LOC, Collections.EMPTY_SET);
map.put(SP_MNI_POST_RESPLOC, Collections.EMPTY_SET);
map.put(SP_MANAGE_NAMEID_SOAP_LOCATION, Collections.EMPTY_SET);
map.put(SP_MANAGE_NAMEID_SOAP_RESP_LOCATION, Collections.EMPTY_SET);
map.put(SP_MNI_DEFAULT, Collections.EMPTY_SET);
List manageNameIdList = spssoDescriptor.getManageNameIDService();
for (int i = 0; i < manageNameIdList.size(); i++) {
ManageNameIDServiceElement mniElem = (ManageNameIDServiceElement) manageNameIdList.get(i);
String tmp = mniElem.getBinding();
if (i == 0) {
map.put(SP_MNI_DEFAULT, returnEmptySetIfValueIsNull(tmp));
}
if (tmp.contains(httpRedirect)) {
map.put(SP_MANAGE_NAMEID_HTTP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
map.put(SP_MANAGE_NAMEID_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
} else if (tmp.contains(httpPost)) {
map.put(SP_MNI_POST_LOC, returnEmptySetIfValueIsNull(mniElem.getLocation()));
map.put(SP_MNI_POST_RESPLOC, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
} else if (tmp.contains(soap)) {
map.put(SP_MANAGE_NAMEID_SOAP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
map.put(SP_MANAGE_NAMEID_SOAP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
}
}
//retrieve nameid format
map.put(NAMEID_FORMAT, (OrderedSet) convertListToSet(spssoDescriptor.getNameIDFormat()));
//retrieve key descriptor encryption details if present
map.put(TF_KEY_NAME, Collections.EMPTY_SET);
map.put(TF_ALGORITHM, Collections.EMPTY_SET);
if (spssoDescriptor.getKeyDescriptor() != null) {
getKeyandAlgorithm(spssoDescriptor, map);
}
}
logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
} catch (SAML2MetaException e) {
debug.warning("SAMLv2ModelImpl.getStandardServiceProviderAttribute:", e);
String strError = getErrorString(e);
String[] paramsEx = { realm, entityName, "SAMLv2", "SP-Standard", strError };
logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
throw new AMConsoleException(strError);
}
return map;
}
Also used :
ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)
SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)
HashMap(java.util.HashMap)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)46
NameID (com.sun.identity.saml2.assertion.NameID)33
List (java.util.List)25
ArrayList (java.util.ArrayList)22
EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)18
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)15
HashMap (java.util.HashMap)14
SessionException (com.sun.identity.plugin.session.SessionException)12
NameIDInfo (com.sun.identity.saml2.common.NameIDInfo)12
Map (java.util.Map)11
Subject (com.sun.identity.saml2.assertion.Subject)10
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)10
Element (org.w3c.dom.Element)10
Date (java.util.Date)9
Iterator (java.util.Iterator)9
AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)8
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)8
Assertion (com.sun.identity.saml2.assertion.Assertion)7
Issuer (com.sun.identity.saml2.assertion.Issuer)7
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)7
