Example 81 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class IDPSingleLogoutServiceSOAP method doPost.
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
try {
// handle DOS attack
SAMLUtils.checkHTTPContentLength(req);
// Get IDP entity ID
String idpMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
String idpEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(idpMetaAlias);
String realm = SAML2MetaUtils.getRealmByMetaAlias(idpMetaAlias);
if (!SAML2Utils.isIDPProfileBindingSupported(realm, idpEntityID, SAML2Constants.SLO_SERVICE, SAML2Constants.SOAP)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("IDPSLOSOAP.doPost : uri =" + req.getRequestURI() + ", idpMetaAlias=" + idpMetaAlias + ", idpEntityID=" + idpEntityID);
}
SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
Map aMap = IDPProxyUtil.getSessionPartners(msg);
List partners = (List) aMap.get(SAML2Constants.PARTNERS);
SOAPMessage reply = null;
reply = onMessage(msg, req, resp, idpEntityID, realm);
if (reply != null) {
// IDP Proxy case
if (partners != null && (!partners.isEmpty())) {
Element reqElem = SOAPCommunicator.getInstance().getSamlpElement(msg, "LogoutRequest");
LogoutRequest logoutReq = ProtocolFactory.getInstance().createLogoutRequest(reqElem);
IDPCache.SOAPMessageByLogoutRequestID.put(logoutReq.getID(), reply);
IDPProxyUtil.sendProxyLogoutRequestSOAP(req, resp, resp.getWriter(), reply, partners, (IDPSession) aMap.get(SAML2Constants.IDP_SESSION));
} else {
if (reply.saveRequired()) {
reply.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(reply.getMimeHeaders(), resp);
// Write out the message on the response stream
OutputStream os = resp.getOutputStream();
reply.writeTo(os);
os.flush();
}
} else {
resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
}
} catch (SAML2Exception ex) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP", ex);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "singleLogoutFailed", ex.getMessage());
return;
} catch (SOAPException soap) {
SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP", soap);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "singleLogoutFailed", soap.getMessage());
return;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Element(org.w3c.dom.Element)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
List(java.util.List)
LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest)
SOAPMessage(javax.xml.soap.SOAPMessage)
Map(java.util.Map)
Example 82 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class AssertionIDRequestServiceSOAP method doGetPost.
private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// handle DOS attack
SAMLUtils.checkHTTPContentLength(req);
String pathInfo = req.getPathInfo();
if (pathInfo == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AssertionIDRequestServiceSOAP.doGetPost: " + "pathInfo is null.");
}
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
return;
}
String role = null;
int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
if (index > 2) {
role = pathInfo.substring(1, index - 1);
}
String samlAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
String samlAuthorityEntityID = null;
String realm = null;
try {
samlAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(samlAuthorityMetaAlias);
realm = SAML2MetaUtils.getRealmByMetaAlias(samlAuthorityMetaAlias);
} catch (SAML2Exception sme) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", sme);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
return;
}
if (!SAML2Utils.isIDPProfileBindingSupported(realm, samlAuthorityEntityID, SAML2Constants.ASSERTION_ID_REQUEST_SERVICE, SAML2Constants.SOAP)) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:Assertion ID request" + " service SOAP binding is not supported for " + samlAuthorityEntityID);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_BAD_REQUEST, "unsupportedBinding", SAML2Utils.bundle.getString("unsupportedBinding"));
return;
}
AssertionIDRequest assertionIDRequest = null;
try {
SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ASSERTION_ID_REQUEST);
assertionIDRequest = ProtocolFactory.getInstance().createAssertionIDRequest(elem);
} catch (Exception ex) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:", ex);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAssertionIDRequest", ex.getMessage());
return;
}
SOAPMessage replymsg = null;
try {
Response samlResp = AssertionIDRequestUtil.processAssertionIDRequest(assertionIDRequest, req, resp, samlAuthorityEntityID, role, realm);
replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
} catch (Throwable t) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
}
try {
if (replymsg.saveRequired()) {
replymsg.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
OutputStream os = resp.getOutputStream();
replymsg.writeTo(os);
os.flush();
} catch (SOAPException soap) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", soap);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
return;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.sun.identity.saml2.protocol.Response)
AssertionIDRequest(com.sun.identity.saml2.protocol.AssertionIDRequest)
Element(org.w3c.dom.Element)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
SOAPMessage(javax.xml.soap.SOAPMessage)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 83 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class AttributeServiceSOAP method doGetPost.
private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// handle DOS attack
SAMLUtils.checkHTTPContentLength(req);
AttributeQuery attrQuery = null;
try {
SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ATTRIBUTE_QUERY);
attrQuery = ProtocolFactory.getInstance().createAttributeQuery(elem);
} catch (Exception ex) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost:", ex);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAttributeQuery", ex.getMessage());
return;
}
String pathInfo = req.getPathInfo();
if (pathInfo == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeServiceSOAP.doGetPost: " + "pathInfo is null.");
}
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
return;
}
String attrQueryProfileAlias = null;
int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
if (index > 2) {
attrQueryProfileAlias = pathInfo.substring(1, index - 1);
}
String attrAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
String attrAuthorityEntityID = null;
String realm = null;
try {
attrAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrAuthorityMetaAlias);
realm = SAML2MetaUtils.getRealmByMetaAlias(attrAuthorityMetaAlias);
} catch (SAML2Exception sme) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", sme);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
return;
}
SOAPMessage replymsg = null;
try {
Response samlResp = AttributeQueryUtil.processAttributeQuery(attrQuery, req, resp, attrAuthorityEntityID, realm, attrQueryProfileAlias);
replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
} catch (Throwable t) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
}
try {
if (replymsg.saveRequired()) {
replymsg.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
OutputStream os = resp.getOutputStream();
replymsg.writeTo(os);
os.flush();
} catch (SOAPException soap) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", soap);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
return;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.sun.identity.saml2.protocol.Response)
AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery)
Element(org.w3c.dom.Element)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
SOAPMessage(javax.xml.soap.SOAPMessage)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 84 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class LogoutResponseImpl method parseElement.
/**
* Parses the Docuemnt Element for this object.
*
* @param element the Document Element of this object.
* @throws SAML2Exception if error parsing the Document Element.
*/
private void parseElement(Element element) throws SAML2Exception {
AssertionFactory assertionFactory = AssertionFactory.getInstance();
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
responseId = element.getAttribute(SAML2Constants.ID);
validateID(responseId);
version = element.getAttribute(SAML2Constants.VERSION);
validateVersion(version);
String issueInstantStr = element.getAttribute(SAML2Constants.ISSUE_INSTANT);
validateIssueInstant(issueInstantStr);
destination = element.getAttribute(SAML2Constants.DESTINATION);
consent = element.getAttribute(SAML2Constants.CONSENT);
inResponseTo = element.getAttribute(SAML2Constants.INRESPONSETO);
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals(SAML2Constants.ISSUER)) {
issuer = assertionFactory.createIssuer((Element) childNode);
} else if (cName.equals(SAML2Constants.SIGNATURE)) {
signatureString = XMLUtils.getElementString((Element) childNode);
isSigned = true;
} else if (cName.equals(SAML2Constants.EXTENSIONS)) {
extensions = protoFactory.createExtensions((Element) childNode);
} else if (cName.equals(SAML2Constants.STATUS)) {
status = protoFactory.createStatus((Element) childNode);
validateStatus();
}
}
}
}
}
Also used :
ProtocolFactory(com.sun.identity.saml2.protocol.ProtocolFactory)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
Example 85 with SAML2Exception
use of com.sun.identity.saml2.common.SAML2Exception in project OpenAM by OpenRock.
the class AssertionIDRequestImpl method parseDOMChileElements.
/**
* Parses child elements of the Docuemnt Element for this object.
*
* @param iter the child elements iterator.
* @throws SAML2Exception if error parsing the Document Element.
*/
protected void parseDOMChileElements(ListIterator iter) throws SAML2Exception {
super.parseDOMChileElements(iter);
AssertionFactory aFactory = AssertionFactory.getInstance();
while (iter.hasNext()) {
Element childElement = (Element) iter.next();
String localName = childElement.getLocalName();
if (SAML2Constants.ASSERTION_ID_REF.equals(localName)) {
AssertionIDRef assertionIDRef = aFactory.createAssertionIDRef(childElement);
if (assertionIDRefs == null) {
assertionIDRefs = new ArrayList();
}
assertionIDRefs.add(assertionIDRef);
} else {
iter.previous();
break;
}
}
if (assertionIDRefs == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("schemaViolation"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AssertionFactory(com.sun.identity.saml2.assertion.AssertionFactory)
AssertionIDRef(com.sun.identity.saml2.assertion.AssertionIDRef)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)275
ArrayList (java.util.ArrayList)92
List (java.util.List)86
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)72
Element (org.w3c.dom.Element)64
SessionException (com.sun.identity.plugin.session.SessionException)56
IOException (java.io.IOException)51
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)44
Map (java.util.Map)44
HashMap (java.util.HashMap)43
Iterator (java.util.Iterator)43
Issuer (com.sun.identity.saml2.assertion.Issuer)42
Date (java.util.Date)40
SOAPException (javax.xml.soap.SOAPException)39
SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)39
X509Certificate (java.security.cert.X509Certificate)36
NodeList (org.w3c.dom.NodeList)36
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)35
Node (org.w3c.dom.Node)34
Response (com.sun.identity.saml2.protocol.Response)30
