Example 71 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class AttributeQueryUtil method sendAttributeQuerySOAP.
private static Response sendAttributeQuerySOAP(AttributeQuery attrQuery, String attributeServiceURL, String attrAuthorityEntityID, AttributeAuthorityDescriptorElement aad) throws SAML2Exception {
String attrQueryXMLString = attrQuery.toXMLString(true, true);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "attrQueryXMLString = " + attrQueryXMLString);
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "attributeServiceURL = " + attributeServiceURL);
}
SOAPMessage resMsg = null;
try {
resMsg = SOAPCommunicator.getInstance().sendSOAPMessage(attrQueryXMLString, attributeServiceURL, true);
} catch (SOAPException se) {
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuerySOAP: ", se);
throw new SAML2Exception(SAML2Utils.bundle.getString("errorSendingAttributeQuery"));
}
Element respElem = SOAPCommunicator.getInstance().getSamlpElement(resMsg, "Response");
Response response = ProtocolFactory.getInstance().createResponse(respElem);
Status status = response.getStatus();
if (!SAML2Constants.SUCCESS.equals(status.getStatusCode().getValue())) {
String message = status.getStatusMessage() == null ? "" : status.getStatusMessage();
String detail = status.getStatusDetail() == null ? "" : status.getStatusDetail().toXMLString();
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuerySOAP: " + "Non-Success status " + status.getStatusCode().getValue() + ", message: " + message + ", detail: " + detail);
Object[] args = { status.getStatusCode().getValue(), message, detail };
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "failureStatusAttributeQuery", args);
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "response = " + response.toXMLString(true, true));
}
verifyResponse(response, attrQuery, attrAuthorityEntityID, aad);
return response;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Response(com.sun.identity.saml2.protocol.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Status(com.sun.identity.saml2.protocol.Status)
SOAPException(javax.xml.soap.SOAPException)
AttributeServiceElement(com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement)
AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement)
AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
AttributeAuthorityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeAuthorityConfigElement)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
Element(org.w3c.dom.Element)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
SOAPMessage(javax.xml.soap.SOAPMessage)
Example 72 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class ECPIDPFinder method getPreferredIDP.
/**
* Returns a list of preferred IDP providerID's.
* @param authnRequest original authnrequest
* @param hostProviderID hosted providerID.
* @param realm Realm
* @param request HttpServletRequest
* @param response HttpServletResponse
* @return a list of IDP providerID's or null if not found.
* @exception SAML2Exception if error occurs.
*/
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
SPSSOConfigElement spssoconfig = SAML2Utils.getSAML2MetaManager().getSPSSOConfig(realm, hostProviderID);
Map attributes = SAML2MetaUtils.getAttributes(spssoconfig);
List idps = (List) attributes.get(SAML2Constants.ECP_REQUEST_IDP_LIST);
if ((idps == null) || (idps.isEmpty())) {
return null;
}
return idps;
}
Also used :
SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)
List(java.util.List)
Map(java.util.Map)
Example 73 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class SMAdapter method postSingleSignOnSuccess.
/**
* Invokes after Single-Sign-On processing succeeded.
* @param hostedEntityID Entity ID for the hosted SP
* @param realm Realm of the hosted SP.
* @param request servlet request
* @param response servlet response
* @param session user's session
* @param authnRequest the original authentication request sent from SP,
* null if this is IDP initiated SSO.
* @param ssoResponse response from IDP
* @param profile protocol profile used, one of the following values:
* <code>SAML2Constants.HTTP_POST</code>,
* <code>SAML2Constants.HTTP_ARTIFACT</code>,
* <code>SAML2Constants.PAOS</code>
* @param isFederation true if this is federation case, false otherwise.
* @return true if browser redirection happened after processing,
* false otherwise. Default to false.
* @exception SAML2Exception if user want to fail the process.
*/
public boolean postSingleSignOnSuccess(String hostedEntityID, String realm, HttpServletRequest request, HttpServletResponse response, Object session, AuthnRequest authnRequest, Response ssoResponse, String profile, boolean isFederation) throws SAML2Exception {
try {
SSOToken ssoToken = (SSOToken) session;
String famSession = ssoToken.getTokenID().toString();
/*
Cookie[] cookies = request.getCookies();
for (int i=0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
if(cookie.getName().equals(famCookieName)) {
famSession = cookie.getValue();
}
}
*/
if (famSession == null) {
throw new SAML2Exception("No OpenSSO Session found");
}
UserCredentials uc = new UserCredentials("FMTOKEN", "FMTOKEN" + famSession);
SessionDef sd = new SessionDef();
ResourceContextDef rcd = new ResourceContextDef(agentID, agentHostName, resource, "GET");
RealmDef rd = new RealmDef();
int retCode = agentAPI.isProtected(agentIP, rcd, rd);
if (retCode != AgentAPI.YES) {
System.out.println("Agent is not protected.");
throw new SAML2Exception("Agent is not protected");
}
AttributeList al = new AttributeList();
int status = agentAPI.login(agentIP, rcd, rd, uc, sd, al);
if (status != AgentAPI.YES) {
throw new SAML2Exception("Agent authentication failed");
}
Cookie smCookie = new Cookie(smCookieName, sd.spec);
smCookie.setDomain(cookieDomain);
response.addCookie(smCookie);
return false;
} catch (Exception ex) {
ex.printStackTrace();
throw new SAML2Exception(ex.getMessage());
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Cookie(javax.servlet.http.Cookie)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 74 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class OAMAdapter method postSingleSignOnSuccess.
/**
* Invokes after Single-Sign-On processing succeeded.
* @param hostedEntityID Entity ID for the hosted SP
* @param realm Realm of the hosted SP.
* @param request servlet request
* @param response servlet response
* @param session user's session
* @param authnRequest the original authentication request sent from SP,
* null if this is IDP initiated SSO.
* @param ssoResponse response from IDP
* @param profile protocol profile used, one of the following values:
* <code>SAML2Constants.HTTP_POST</code>,
* <code>SAML2Constants.HTTP_ARTIFACT</code>,
* <code>SAML2Constants.PAOS</code>
* @param isFederation true if this is federation case, false otherwise.
* @return true if browser redirection happened after processing,
* false otherwise. Default to false.
* @exception SAML2Exception if user want to fail the process.
*/
public boolean postSingleSignOnSuccess(String hostedEntityID, String realm, HttpServletRequest request, HttpServletResponse response, Object session, AuthnRequest authnRequest, Response ssoResponse, String profile, boolean isFederation) throws SAML2Exception {
try {
SSOToken ssoToken = (SSOToken) session;
String famSession = ssoToken.getTokenID().toString();
if (famSession == null) {
throw new SAML2Exception("No OpenSSO Session found");
}
ObResourceRequest orq = new ObResourceRequest(protocol, resource, action);
if (orq.isProtected()) {
ObAuthenticationScheme authScheme = new ObAuthenticationScheme(orq);
System.out.println("Authentication scheme is " + authScheme.getName());
Hashtable creds = new Hashtable();
creds.put("famsession", famSession);
ObUserSession userSession = new ObUserSession(orq, creds);
if (userSession.getStatus() == ObUserSession.LOGGEDIN) {
System.out.println("logged in principal: " + userSession.getUserIdentity());
String sessionid = userSession.getSessionToken();
System.out.println("User session: " + sessionid);
Cookie oamCookie = new Cookie(oamCookieName, sessionid);
oamCookie.setDomain(cookieDomain);
response.addCookie(oamCookie);
}
}
return false;
} catch (Exception ex) {
ex.printStackTrace();
throw new SAML2Exception(ex.getMessage());
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Cookie(javax.servlet.http.Cookie)
Hashtable(java.util.Hashtable)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 75 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class RequestAbstractImpl method parseDOMChileElements.
/**
* Parses child elements of the Docuemnt Element for this object.
*
* @param iter the child elements iterator.
* @throws SAML2Exception if error parsing the Document Element.
*/
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
while (iter.hasNext()) {
Element childElement = (Element) iter.next();
String localName = childElement.getLocalName();
if (SAML2Constants.ISSUER.equals(localName)) {
validateIssuer();
nameID = assertionFactory.createIssuer(childElement);
} else if (SAML2Constants.SIGNATURE.equals(localName)) {
validateSignature();
signatureString = XMLUtils.print(childElement);
isSigned = true;
} else if (SAML2Constants.EXTENSIONS.equals(localName)) {
validateExtensions();
extensions = protoFactory.createExtensions(childElement);
} else {
iter.previous();
break;
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
Element(org.w3c.dom.Element)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)275
ArrayList (java.util.ArrayList)92
List (java.util.List)86
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)72
Element (org.w3c.dom.Element)64
SessionException (com.sun.identity.plugin.session.SessionException)56
IOException (java.io.IOException)51
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)44
Map (java.util.Map)44
HashMap (java.util.HashMap)43
Iterator (java.util.Iterator)43
Issuer (com.sun.identity.saml2.assertion.Issuer)42
Date (java.util.Date)40
SOAPException (javax.xml.soap.SOAPException)39
SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)39
X509Certificate (java.security.cert.X509Certificate)36
NodeList (org.w3c.dom.NodeList)36
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)35
Node (org.w3c.dom.Node)34
Response (com.sun.identity.saml2.protocol.Response)30
