Example 76 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class RequestAbstractImpl method parseDOMElement.
/**
* Parses the Docuemnt Element for this object.
*
* @param element the Document Element of this object.
* @throws SAML2Exception if error parsing the Document Element.
*/
protected void parseDOMElement(Element element) throws SAML2Exception {
parseDOMAttributes(element);
List childElementList = new ArrayList();
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
if (childNode.getNodeType() == Node.ELEMENT_NODE) {
childElementList.add(childNode);
}
}
}
ListIterator iter = childElementList.listIterator();
parseDOMChileElements(iter);
if (iter.hasNext()) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("RequestAbstractImpl." + "parseDOMElement: Unexpected child element found");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
NodeList(org.w3c.dom.NodeList)
List(java.util.List)
ListIterator(java.util.ListIterator)
Example 77 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class ResponseImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
// make sure that the input xml block is not null
if (element == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "element input is null.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
}
// Make sure this is an Response.
String tag = null;
tag = element.getLocalName();
if ((tag == null) || (!tag.equals("Response"))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "not Response.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
// handle the attributes of <Response> element
NamedNodeMap atts = ((Node) element).getAttributes();
if (atts != null) {
int length = atts.getLength();
for (int i = 0; i < length; i++) {
Attr attr = (Attr) atts.item(i);
String attrName = attr.getName();
String attrValue = attr.getValue().trim();
if (attrName.equals("ID")) {
responseId = attrValue;
} else if (attrName.equals("InResponseTo")) {
inResponseTo = attrValue;
} else if (attrName.equals("Version")) {
version = attrValue;
} else if (attrName.equals("IssueInstant")) {
try {
issueInstant = DateUtils.stringToDate(attrValue);
} catch (ParseException pe) {
throw new SAML2Exception(pe.getMessage());
}
} else if (attrName.equals("Destination")) {
destination = attrValue;
} else if (attrName.equals("Consent")) {
consent = attrValue;
}
}
}
// handle child elements
NodeList nl = element.getChildNodes();
Node child;
String childName;
int length = nl.getLength();
for (int i = 0; i < length; i++) {
child = nl.item(i);
if ((childName = child.getLocalName()) != null) {
if (childName.equals("Issuer")) {
if (issuer != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Issuer.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (signatureString != null || extensions != null || status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
issuer = AssertionFactory.getInstance().createIssuer((Element) child);
} else if (childName.equals("Signature")) {
if (signatureString != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Signature.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (extensions != null || status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
signatureString = XMLUtils.print((Element) child, "UTF-8");
isSigned = true;
} else if (childName.equals("Extensions")) {
if (extensions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Extensions.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (status != null || assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
extensions = ProtocolFactory.getInstance().createExtensions((Element) child);
} else if (childName.equals("Status")) {
if (status != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Status.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
}
if (assertions != null || encAssertions != null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
}
status = ProtocolFactory.getInstance().createStatus((Element) child);
} else if (childName.equals("Assertion")) {
if (assertions == null) {
assertions = new ArrayList();
}
Element canoEle = SAMLUtils.getCanonicalElement(child);
if (canoEle == null) {
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorCanonical"));
}
assertions.add(AssertionFactory.getInstance().createAssertion(canoEle));
} else if (childName.equals("EncryptedAssertion")) {
if (encAssertions == null) {
encAssertions = new ArrayList();
}
encAssertions.add(AssertionFactory.getInstance().createEncryptedAssertion((Element) child));
} else {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: Invalid element:" + childName);
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidElement"));
}
}
}
super.validateData();
if (assertions != null) {
Iterator iter = assertions.iterator();
while (iter.hasNext()) {
((Assertion) iter.next()).makeImmutable();
}
assertions = Collections.unmodifiableList(assertions);
}
if (encAssertions != null) {
encAssertions = Collections.unmodifiableList(encAssertions);
}
isMutable = false;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NamedNodeMap(org.w3c.dom.NamedNodeMap)
Node(org.w3c.dom.Node)
NodeList(org.w3c.dom.NodeList)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion)
Assertion(com.sun.identity.saml2.assertion.Assertion)
ParseException(java.text.ParseException)
Attr(org.w3c.dom.Attr)
Example 78 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class RequestedAuthnContextImpl method parseElement.
private void parseElement(Element element) throws SAML2Exception {
String eltName = element.getLocalName();
if (eltName == null) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("parseElement(Element): " + "local name missing");
}
throw new SAML2Exception("");
}
comparison = element.getAttribute(SAML2Constants.COMPARISON);
if (!(eltName.equals(elementName))) {
if (SAML2SDKUtils.debug.messageEnabled()) {
SAML2SDKUtils.debug.message("RequestedAuthnContextImpl: " + "invalid element");
}
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
// set AuthnContextClassRef or AuthnContextDeclRef property
NodeList nl = element.getChildNodes();
int length = nl.getLength();
for (int i = 0; i < length; i++) {
Node child = nl.item(i);
String childName = child.getLocalName();
if (childName == null) {
continue;
}
if (childName.equals("AuthnContextClassRef")) {
if (authnContextDeclRef != null) {
SAML2SDKUtils.debug.error("AuthnContext(Element): Should" + "contain either <AuthnContextClassRef> or " + "<AuthnContextDeclRef>");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
getAuthnContextClassRef().add(XMLUtils.getElementValue((Element) child));
} else if (childName.equals("AuthnContextDeclRef")) {
if (authnContextClassRef != null) {
SAML2SDKUtils.debug.error("AuthnContext(Element): Should" + "contain either <AuthnContextClassRef> or " + "<AuthnContextDeclRef>");
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
}
getAuthnContextDeclRef().add(XMLUtils.getElementValue((Element) child));
}
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 79 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class ScopingImpl method toXMLString.
/**
* Returns a String representation
*
* @param includeNSPrefix determines whether or not the namespace
* qualifier is prepended to the Element when converted
* @param declareNS determines whether or not the namespace is declared
* within the Element.
* @return the String representation of this Object.
* @throws SAML2Exception if String object cannot be created.
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
String xmlElementString = null;
if (idpList != null || (requesterIDList != null && !requesterIDList.isEmpty()) || proxyCount != null) {
validateProxyCount(proxyCount);
StringBuilder xmlString = new StringBuilder(300);
xmlString.append(SAML2Constants.START_TAG);
if (includeNSPrefix) {
xmlString.append(SAML2Constants.PROTOCOL_PREFIX);
}
xmlString.append(SAML2Constants.SCOPING);
if (declareNS) {
xmlString.append(SAML2Constants.PROTOCOL_DECLARE_STR);
}
if (proxyCount != null) {
xmlString.append(SAML2Constants.SPACE).append(PROXYCOUNT).append(SAML2Constants.EQUAL).append(SAML2Constants.QUOTE).append(proxyCount.intValue()).append(SAML2Constants.QUOTE);
}
xmlString.append(SAML2Constants.END_TAG).append(SAML2Constants.NEWLINE);
if (idpList != null) {
xmlString.append(idpList.toXMLString(includeNSPrefix, declareNS)).append(SAML2Constants.NEWLINE);
}
if (requesterIDList != null) {
for (RequesterID reqID : requesterIDList) {
String reqIDStr = reqID.toXMLString(includeNSPrefix, declareNS);
xmlString.append(reqIDStr).append(SAML2Constants.NEWLINE);
}
}
xmlString.append(SAML2Constants.SAML2_END_TAG).append(SAML2Constants.SCOPING).append(SAML2Constants.END_TAG);
xmlElementString = xmlString.toString();
}
return xmlElementString;
}
Also used :
RequesterID(com.sun.identity.saml2.protocol.RequesterID)
Example 80 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class IDPSingleLogoutServiceSOAP method onMessage.
/**
* Process the incoming SOAP message containing the LogoutRequest and
* generates outgoing SOAP message containing the LogoutResponse on IDP
* side.
* @param message incoming SOAP message.
* @param request HTTP servlet request.
* @param response HTTP servlet response.
* @param idpEntityID Entity ID of the hosted IDP.
* @param realm realm of this hosted IDP.
* @return SOAP message containing the outgoing LogoutResponse.
*/
public SOAPMessage onMessage(SOAPMessage message, HttpServletRequest request, HttpServletResponse response, String idpEntityID, String realm) {
SAML2Utils.debug.message("IDPSingleLogoutServiceSOAP.onMessage: init");
// get LogoutRequest element from SOAP message
LogoutRequest logoutReq = null;
try {
Element reqElem = SOAPCommunicator.getInstance().getSamlpElement(message, "LogoutRequest");
logoutReq = ProtocolFactory.getInstance().createLogoutRequest(reqElem);
// delay the signature until this server finds the session
} catch (SAML2Exception se) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "unable to get LogoutRequest from message", se);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "errorLogoutRequest", se.getMessage());
}
if (logoutReq == null) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "LogoutRequest is null");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "nullLogoutRequest", null);
}
LogoutResponse loRes = null;
try {
// process LogoutRequestElement
loRes = IDPSingleLogout.processLogoutRequest(logoutReq, request, response, SAML2Constants.SOAP, null, idpEntityID, realm, false);
LogoutUtil.signSLOResponse(loRes, realm, idpEntityID, SAML2Constants.IDP_ROLE, logoutReq.getIssuer().getValue());
} catch (SAML2Exception e) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage;", e);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponse", e.getMessage());
}
if (loRes == null) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "LogoutResponse is null");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponse", null);
}
SOAPMessage msg = null;
try {
msg = SOAPCommunicator.getInstance().createSOAPMessage(loRes.toXMLString(true, true), false);
} catch (SAML2Exception se) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "Unable to create SOAP message:", se);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponseSOAP", se.getMessage());
} catch (SOAPException ex) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "Unable to create SOAP message:", ex);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponseSOAP", ex.getMessage());
}
return msg;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
LogoutResponse(com.sun.identity.saml2.protocol.LogoutResponse)
Element(org.w3c.dom.Element)
SOAPException(javax.xml.soap.SOAPException)
LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest)
SOAPMessage(javax.xml.soap.SOAPMessage)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)275
ArrayList (java.util.ArrayList)92
List (java.util.List)86
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)72
Element (org.w3c.dom.Element)64
SessionException (com.sun.identity.plugin.session.SessionException)56
IOException (java.io.IOException)51
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)44
Map (java.util.Map)44
HashMap (java.util.HashMap)43
Iterator (java.util.Iterator)43
Issuer (com.sun.identity.saml2.assertion.Issuer)42
Date (java.util.Date)40
SOAPException (javax.xml.soap.SOAPException)39
SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)39
X509Certificate (java.security.cert.X509Certificate)36
NodeList (org.w3c.dom.NodeList)36
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)35
Node (org.w3c.dom.Node)34
Response (com.sun.identity.saml2.protocol.Response)30
