Examples with SAML2Exception com.sun.identity.saml2.common.SAML2Exception used on opensource projects

Search in sources :

Example 66 with SAML2Exception

use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.

the class AssertionIDRequestUtil method sendAssertionIDRequestBySOAP.

private static Response sendAssertionIDRequestBySOAP(AssertionIDRequest assertionIDRequest, String location, String realm, String samlAuthorityEntityID, String role, RoleDescriptorType roled) throws SAML2Exception {
    String aIDReqStr = assertionIDRequest.toXMLString(true, true);
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message("AssertionIDRequestUtil.sendAssertionIDRequestBySOAP: " + "assertionIDRequest = " + aIDReqStr);
        SAML2Utils.debug.message("AssertionIDRequestUtil.sendAssertionIDRequestBySOAP: " + "location = " + location);
    }
    location = fillInBasicAuthInfo(location, realm, samlAuthorityEntityID, role);
    SOAPMessage resMsg = null;
    try {
        resMsg = SOAPCommunicator.getInstance().sendSOAPMessage(aIDReqStr, location, true);
    } catch (SOAPException se) {
        SAML2Utils.debug.error("AssertionIDRequestUtil.sendAssertionIDRequestBySOAP:", se);
        throw new SAML2Exception(SAML2Utils.bundle.getString("errorSendingAssertionIDRequest"));
    }
    Element respElem = SOAPCommunicator.getInstance().getSamlpElement(resMsg, "Response");
    Response response = ProtocolFactory.getInstance().createResponse(respElem);
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message("AssertionIDRequestUtil.sendAssertionIDRequestBySOAP: " + "response = " + response.toXMLString(true, true));
    }
    verifyResponse(response, assertionIDRequest, samlAuthorityEntityID, role, roled);
    return response;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Response(com.sun.identity.saml2.protocol.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) SOAPException(javax.xml.soap.SOAPException) SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) Element(org.w3c.dom.Element) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) SOAPMessage(javax.xml.soap.SOAPMessage)

Example 67 with SAML2Exception

use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.

the class AuthnQueryUtil method signResponse.

private static void signResponse(Response response, String authnAuthorityEntityID, String realm, boolean includeCert) throws SAML2Exception {
    String alias = SAML2Utils.getSigningCertAlias(realm, authnAuthorityEntityID, SAML2Constants.AUTHN_AUTH_ROLE);
    PrivateKey signingKey = keyProvider.getPrivateKey(alias);
    if (signingKey == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("missingSigningCertAlias"));
    }
    X509Certificate signingCert = null;
    if (includeCert) {
        signingCert = keyProvider.getX509Certificate(alias);
    }
    if (signingKey != null) {
        response.sign(signingKey, signingCert);
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) PrivateKey(java.security.PrivateKey) X509Certificate(java.security.cert.X509Certificate)

Example 68 with SAML2Exception

use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.

the class AttributeQueryUtil method verifyAttrQuerySignature.

/**
     * Checks if the attribute query signature is valid.
     *
     * @param attrQuery attribute query
     * @param attrAuthorityEntityID entity ID of attribute authority
     * @param realm the realm of hosted entity
     *
     * @exception SAML2Exception if the attribute query signature is not valid.
     */
public static void verifyAttrQuerySignature(AttributeQuery attrQuery, String attrAuthorityEntityID, String realm) throws SAML2Exception {
    if (!attrQuery.isSigned()) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("attrQueryNotSigned"));
    }
    String requestedEntityID = attrQuery.getIssuer().getValue();
    AttributeQueryDescriptorElement attrqDesc = metaManager.getAttributeQueryDescriptor(realm, requestedEntityID);
    if (attrqDesc == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("attrQueryIssuerNotFound"));
    }
    Set<X509Certificate> signingCerts = KeyUtil.getVerificationCerts(attrqDesc, requestedEntityID, SAML2Constants.ATTR_QUERY_ROLE);
    if (!signingCerts.isEmpty()) {
        boolean valid = attrQuery.isSignatureValid(signingCerts);
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil.verifyAttributeQuery: " + "Signature validity is : " + valid);
        }
        if (!valid) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignatureAttrQuery"));
        }
    } else {
        throw new SAML2Exception(SAML2Utils.bundle.getString("missingSigningCertAlias"));
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement) X509Certificate(java.security.cert.X509Certificate)

Example 69 with SAML2Exception

use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.

the class AttributeQueryUtil method signResponse.

public static void signResponse(Response response, String attrAuthorityEntityID, String realm, boolean includeCert) throws SAML2Exception {
    String alias = SAML2Utils.getSigningCertAlias(realm, attrAuthorityEntityID, SAML2Constants.ATTR_AUTH_ROLE);
    PrivateKey signingKey = keyProvider.getPrivateKey(alias);
    if (signingKey == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("missingSigningCertAlias"));
    }
    X509Certificate signingCert = null;
    if (includeCert) {
        signingCert = keyProvider.getX509Certificate(alias);
    }
    if (signingKey != null) {
        response.sign(signingKey, signingCert);
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) PrivateKey(java.security.PrivateKey) X509Certificate(java.security.cert.X509Certificate)

Example 70 with SAML2Exception

use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.

the class AttributeQueryUtil method filterAttributeValues.

private static Attribute filterAttributeValues(Attribute attr, Attribute desiredAttr) {
    List valuesD = desiredAttr.getAttributeValueString();
    if ((valuesD == null) || (valuesD.isEmpty())) {
        return attr;
    }
    List values = attr.getAttributeValueString();
    if ((values == null) || (values.isEmpty())) {
        return null;
    }
    List newValuesD = new ArrayList();
    for (Iterator iter = valuesD.iterator(); iter.hasNext(); ) {
        String valueD = (String) iter.next();
        if (values.contains(valueD)) {
            newValuesD.add(valueD);
        }
    }
    if (newValuesD.isEmpty()) {
        return null;
    }
    if (newValuesD.size() == valuesD.size()) {
        return desiredAttr;
    }
    try {
        Attribute newAttr = AssertionFactory.getInstance().createAttribute();
        newAttr.setName(desiredAttr.getName());
        newAttr.setNameFormat(desiredAttr.getNameFormat());
        newAttr.setFriendlyName(desiredAttr.getFriendlyName());
        newAttr.setAnyAttribute(desiredAttr.getAnyAttribute());
        newAttr.setAttributeValueString(newValuesD);
        return newAttr;
    } catch (SAML2Exception se) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeQueryUtil.filterAttributeValues:", se);
        }
        return null;
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Attribute(com.sun.identity.saml2.assertion.Attribute) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList)

Aggregations

SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)275 ArrayList (java.util.ArrayList)92 List (java.util.List)86 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)72 Element (org.w3c.dom.Element)64 SessionException (com.sun.identity.plugin.session.SessionException)56 IOException (java.io.IOException)51 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)44 Map (java.util.Map)44 HashMap (java.util.HashMap)43 Iterator (java.util.Iterator)43 Issuer (com.sun.identity.saml2.assertion.Issuer)42 Date (java.util.Date)40 SOAPException (javax.xml.soap.SOAPException)39 SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)39 X509Certificate (java.security.cert.X509Certificate)36 NodeList (org.w3c.dom.NodeList)36 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)35 Node (org.w3c.dom.Node)34 Response (com.sun.identity.saml2.protocol.Response)30
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial