Search in sources :

Example 1 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method processPOSTRequest.

public static void processPOSTRequest(HttpServletRequest request, HttpServletResponse response, Map paramsMap) throws SAML2Exception, IOException, SOAPException, SessionException, ServletException {
    String classMethod = "DoManageNameID.processPOSTRequest:";
    String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
    if (samlRequest == null) {
        SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST, "MissingSAMLRequest", SAML2Utils.bundle.getString("MissingSAMLRequest"));
        throw new SAML2Exception(SAML2Utils.bundle.getString("MissingSAMLRequest"));
    }
    String metaAlias = SAML2MetaUtils.getMetaAliasByUri(request.getRequestURI());
    if (metaAlias == null) {
        logError("MetaAliasNotFound", LogUtil.MISSING_META_ALIAS, metaAlias);
        throw new SAML2Exception(SAML2Utils.bundle.getString("MetaAliasNotFound"));
    }
    String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
    String hostEntityID = metaManager.getEntityByMetaAlias(metaAlias);
    String hostEntityRole = SAML2Utils.getHostEntityRole(paramsMap);
    boolean isSupported = false;
    if (SAML2Constants.IDP_ROLE.equals(hostEntityRole)) {
        isSupported = SAML2Utils.isIDPProfileBindingSupported(realm, hostEntityID, SAML2Constants.MNI_SERVICE, SAML2Constants.HTTP_POST);
    } else {
        isSupported = SAML2Utils.isSPProfileBindingSupported(realm, hostEntityID, SAML2Constants.MNI_SERVICE, SAML2Constants.HTTP_POST);
    }
    if (!isSupported) {
        debug.error(classMethod + "MNI binding: POST is not supported for " + hostEntityID);
        String[] data = { hostEntityID, SAML2Constants.HTTP_POST };
        LogUtil.error(Level.INFO, LogUtil.BINDING_NOT_SUPPORTED, data, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    ManageNameIDRequest mniRequest = null;
    ByteArrayInputStream bis = null;
    try {
        byte[] raw = Base64.decode(samlRequest);
        if (raw != null) {
            bis = new ByteArrayInputStream(raw);
            Document doc = XMLUtils.toDOMDocument(bis, SAML2Utils.debug);
            if (doc != null) {
                mniRequest = ProtocolFactory.getInstance().createManageNameIDRequest(doc.getDocumentElement());
            }
        }
    } catch (SAML2Exception se) {
        debug.error("DoManageNameID.processPOSTRequest:", se);
        SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST, "nullDecodedStrFromSamlResponse", SAML2Utils.bundle.getString("nullDecodedStrFromSamlResponse") + " " + se.getMessage());
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullDecodedStrFromSamlResponse"));
    } catch (Exception e) {
        debug.error("DoManageNameID.processPOSTRequest:", e);
        SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "nullDecodedStrFromSamlResponse", SAML2Utils.bundle.getString("nullDecodedStrFromSamlResponse") + " " + e.getMessage());
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullDecodedStrFromSamlResponse"));
    } finally {
        if (bis != null) {
            try {
                bis.close();
            } catch (Exception ie) {
                if (debug.messageEnabled()) {
                    debug.message("DoManageNameID.processPOSTRequest:", ie);
                }
            }
        }
    }
    if (mniRequest != null) {
        String remoteEntityID = mniRequest.getIssuer().getValue();
        if (remoteEntityID == null) {
            logError("nullRemoteEntityID", LogUtil.MISSING_ENTITY, metaAlias);
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullRemoteEntityID"));
        }
        if (debug.messageEnabled()) {
            debug.message("DoManageNameID.processPOSTRequest: " + "Meta Alias is : " + metaAlias);
            debug.message("DoManageNameID.processPOSTRequest: " + "Host EntityID is : " + hostEntityID);
            debug.message("DoManageNameID.processPOSTRequest: " + "Remote EntityID is : " + remoteEntityID);
        }
        String dest = mniRequest.getDestination();
        boolean valid = verifyMNIRequest(mniRequest, realm, remoteEntityID, hostEntityID, hostEntityRole, dest);
        if (!valid) {
            logError("invalidSignInRequest", LogUtil.MNI_REQUEST_INVALID_SIGNATURE, metaAlias);
            throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignInRequest"));
        }
        ManageNameIDServiceElement mniService = getMNIServiceElement(realm, remoteEntityID, hostEntityRole, SAML2Constants.HTTP_POST);
        String mniURL = mniService.getResponseLocation();
        if (mniURL == null) {
            mniURL = mniService.getLocation();
        }
        ///common for post, redirect, soap
        ManageNameIDResponse mniResponse = processManageNameIDRequest(mniRequest, metaAlias, remoteEntityID, paramsMap, null, SAML2Constants.HTTP_POST, request, response);
        signMNIResponse(mniResponse, realm, hostEntityID, hostEntityRole, remoteEntityID);
        //send MNI Response by POST
        String mniRespString = mniResponse.toXMLString(true, true);
        String encMsg = SAML2Utils.encodeForPOST(mniRespString);
        String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
        try {
            SAML2Utils.postToTarget(request, response, "SAMLResponse", encMsg, "RelayState", relayState, mniURL);
        } catch (Exception e) {
            debug.message("DoManageNameID.processPOSTRequest:", e);
            throw new SAML2Exception("Error posting to target");
        }
    }
    return;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) ManageNameIDRequest(com.sun.identity.saml2.protocol.ManageNameIDRequest) ByteArrayInputStream(java.io.ByteArrayInputStream) Document(org.w3c.dom.Document) ManageNameIDResponse(com.sun.identity.saml2.protocol.ManageNameIDResponse) ServletException(javax.servlet.ServletException) SOAPException(javax.xml.soap.SOAPException) SessionException(com.sun.identity.plugin.session.SessionException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) IOException(java.io.IOException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)

Example 2 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method getMNIBindingInfo.

/**
     * Returns binding information of MNI Service for remote entity 
     * from request or meta configuration.
     *
     * @param request the HttpServletRequest.
     * @param metaAlias entityID of hosted entity.
     * @param hostEntityRole Role of hosted entity.
     * @param remoteEntityID entityID of remote entity.
     * @return return true if the processing is successful.
     * @throws SAML2Exception if no binding information is configured.
     */
public static String getMNIBindingInfo(HttpServletRequest request, String metaAlias, String hostEntityRole, String remoteEntityID) throws SAML2Exception {
    String binding = request.getParameter(SAML2Constants.BINDING);
    try {
        if (binding == null) {
            String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
            ManageNameIDServiceElement mniService = getMNIServiceElement(realm, remoteEntityID, hostEntityRole, null);
            if (mniService != null) {
                binding = mniService.getBinding();
            }
        }
    } catch (SessionException e) {
        logError("invalidSSOToken", LogUtil.INVALID_SSOTOKEN, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
    }
    if (binding == null) {
        logError("UnableTofindBinding", LogUtil.METADATA_ERROR, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("UnableTofindBinding"));
    }
    return binding;
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) SessionException(com.sun.identity.plugin.session.SessionException)

Example 3 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method processHttpRequest.

/**
     * Parses the request parameters and process the ManageNameID
     * Request from the remote entity.
     *
     * @param request the HttpServletRequest.
     * @param response the HttpServletResponse.
     * @param paramsMap Map of all other parameters.
     * @throws SAML2Exception if error occurred while processing the request.
     * @throws SessionException if error processing the request from remote entity.
     * @throws ServletException if request length is invalid.
     */
public static void processHttpRequest(HttpServletRequest request, HttpServletResponse response, Map paramsMap) throws SAML2Exception, SessionException, ServletException {
    String method = "processHttpRequest: ";
    String metaAlias = null;
    String remoteEntityID = null;
    String queryString = null;
    // handle DOS attack
    SAMLUtils.checkHTTPContentLength(request);
    String requestURL = request.getRequestURI();
    metaAlias = SAML2MetaUtils.getMetaAliasByUri(requestURL);
    if (metaAlias == null) {
        logError("MetaAliasNotFound", LogUtil.MISSING_META_ALIAS, metaAlias);
        throw new SAML2Exception(SAML2Utils.bundle.getString("MetaAliasNotFound"));
    }
    String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
    String hostEntity = metaManager.getEntityByMetaAlias(metaAlias);
    String hostRole = SAML2Utils.getHostEntityRole(paramsMap);
    boolean isSupported = false;
    if (SAML2Constants.IDP_ROLE.equals(hostRole)) {
        isSupported = SAML2Utils.isIDPProfileBindingSupported(realm, hostEntity, SAML2Constants.MNI_SERVICE, SAML2Constants.HTTP_REDIRECT);
    } else {
        isSupported = SAML2Utils.isSPProfileBindingSupported(realm, hostEntity, SAML2Constants.MNI_SERVICE, SAML2Constants.HTTP_REDIRECT);
    }
    if (!isSupported) {
        debug.error(method + "MNI binding: Redirect is not supported for " + hostEntity);
        String[] data = { hostEntity, SAML2Constants.HTTP_REDIRECT };
        LogUtil.error(Level.INFO, LogUtil.BINDING_NOT_SUPPORTED, data, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    // Retrieve ManageNameIDRequest 
    ManageNameIDRequest mniRequest = getMNIRequest(request);
    remoteEntityID = mniRequest.getIssuer().getValue();
    if (remoteEntityID == null) {
        logError("nullRemoteEntityID", LogUtil.MISSING_ENTITY, remoteEntityID);
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullRemoteEntityID"));
    }
    boolean needToVerify = SAML2Utils.getWantMNIRequestSigned(realm, hostEntity, hostRole);
    if (needToVerify) {
        queryString = request.getQueryString();
        boolean valid = SAML2Utils.verifyQueryString(queryString, realm, hostRole, remoteEntityID);
        if (!valid) {
            logError("invalidSignInRequest", LogUtil.MNI_REQUEST_INVALID_SIGNATURE, null);
            throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignInRequest"));
        }
    }
    String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
    if (debug.messageEnabled()) {
        debug.message(method + "Meta Alias is : " + metaAlias);
        debug.message(method + "Remote EntityID is : " + remoteEntityID);
        debug.message(method + "Host Entity role is : " + hostRole);
        debug.message(method + "Relay state is : " + relayState);
    }
    try {
        ManageNameIDServiceElement mniService = getMNIServiceElement(realm, remoteEntityID, hostRole, SAML2Constants.HTTP_REDIRECT);
        String mniURL = mniService.getResponseLocation();
        if (mniURL == null) {
            mniURL = mniService.getLocation();
        }
        ManageNameIDResponse mniResponse = processManageNameIDRequest(mniRequest, metaAlias, remoteEntityID, paramsMap, mniURL, SAML2Constants.HTTP_REDIRECT, request, response);
        sendMNIResponse(response, mniResponse, mniURL, relayState, realm, hostEntity, hostRole, remoteEntityID);
    } catch (SAML2MetaException e) {
        logError("metaDataError", LogUtil.METADATA_ERROR, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) ManageNameIDRequest(com.sun.identity.saml2.protocol.ManageNameIDRequest) ManageNameIDResponse(com.sun.identity.saml2.protocol.ManageNameIDResponse) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 4 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class DoManageNameID method initiateManageNameIDRequest.

/**
     * Parses the request parameters and builds the ManageNameID
     * Request to sent to remote Entity.
     *
     * @param request the HttpServletRequest.
     * @param response the HttpServletResponse.
     * @param metaAlias entityID of hosted entity.
     * @param remoteEntityID entityID of remote entity.
     * @param paramsMap Map of all other parameters.
     * @throws SAML2Exception if error initiating request to remote entity.
     */
public static void initiateManageNameIDRequest(HttpServletRequest request, HttpServletResponse response, String metaAlias, String remoteEntityID, Map paramsMap) throws SAML2Exception {
    String method = "DoManageNameID.initiateManageNameIDRequest: ";
    if (metaManager == null) {
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorMetaManager"));
    }
    if (metaAlias == null) {
        logError("MetaAliasNotFound", LogUtil.MISSING_META_ALIAS, metaAlias);
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullEntityID"));
    }
    if (remoteEntityID == null) {
        logError("nullRemoteEntityID", LogUtil.MISSING_ENTITY, remoteEntityID);
        throw new SAML2Exception(SAML2Utils.bundle.getString("nullRemoteEntityID"));
    }
    Object session = null;
    try {
        session = SessionManager.getProvider().getSession(request);
    } catch (SessionException se) {
        if (debug.messageEnabled()) {
            debug.message(method, se);
        }
    }
    String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
    String hostEntityID = metaManager.getEntityByMetaAlias(metaAlias);
    String hostEntityRole = SAML2Utils.getHostEntityRole(paramsMap);
    if (session == null) {
        if (debug.messageEnabled()) {
            debug.message(method + "Session is missing." + "redirect to the authentication service");
        }
        // redirect to the authentication service
        try {
            SAML2Utils.redirectAuthentication(request, response, realm, hostEntityID, hostEntityRole);
        } catch (IOException ioe) {
            logError("UnableToRedirectToAuth", LogUtil.REDIRECT_TO_AUTH, null);
            throw new SAML2Exception(ioe.toString());
        }
        return;
    }
    if (debug.messageEnabled()) {
        debug.message(method + "Meta Alias is : " + metaAlias);
        debug.message(method + "Remote EntityID is : " + remoteEntityID);
        debug.message(method + "Host EntityID is : " + hostEntityID);
    }
    try {
        String binding = SAML2Utils.getParameter(paramsMap, SAML2Constants.BINDING);
        ManageNameIDServiceElement mniService = getMNIServiceElement(realm, remoteEntityID, hostEntityRole, binding);
        if (binding == null) {
            binding = mniService.getBinding();
        }
        if (binding == null) {
            logError("UnableTofindBinding", LogUtil.METADATA_ERROR, null);
            throw new SAML2Exception(SAML2Utils.bundle.getString("UnableTofindBinding"));
        }
        String mniURL = null;
        if (mniService != null) {
            mniURL = mniService.getLocation();
        }
        if (mniURL == null) {
            logError("mniServiceNotFound", LogUtil.METADATA_ERROR, null);
            throw new SAML2Exception(SAML2Utils.bundle.getString("mniServiceNotFound"));
        }
        String requestType = (String) paramsMap.get("requestType");
        boolean changeID = "NewID".equals(requestType);
        String affiliationID = SAML2Utils.getParameter(paramsMap, SAML2Constants.AFFILIATION_ID);
        ManageNameIDRequest mniRequest = createManageNameIDRequest(session, realm, hostEntityID, hostEntityRole, remoteEntityID, mniURL, changeID, affiliationID);
        String relayState = SAML2Utils.getParameter(paramsMap, SAML2Constants.RELAY_STATE);
        if ((relayState == null) || (relayState.equals(""))) {
            relayState = SAML2Utils.getAttributeValueFromSSOConfig(realm, hostEntityID, hostEntityRole, SAML2Constants.DEFAULT_RELAY_STATE);
        }
        // Validate the RelayState URL.
        SAML2Utils.validateRelayStateURL(realm, hostEntityID, relayState, hostEntityRole);
        mniRequest.setDestination(XMLUtils.escapeSpecialCharacters(mniURL));
        saveMNIRequestInfo(request, response, paramsMap, mniRequest, relayState, hostEntityRole, session);
        String mniRequestXMLString = null;
        if (binding.equalsIgnoreCase(SAML2Constants.HTTP_REDIRECT)) {
            mniRequestXMLString = mniRequest.toXMLString(true, true);
            doMNIByHttpRedirect(mniRequestXMLString, mniURL, relayState, realm, hostEntityID, hostEntityRole, remoteEntityID, response);
        } else if (binding.equalsIgnoreCase(SAML2Constants.SOAP)) {
            signMNIRequest(mniRequest, realm, hostEntityID, hostEntityRole, remoteEntityID);
            BaseConfigType config = null;
            if (hostEntityRole.equalsIgnoreCase(SAML2Constants.SP_ROLE)) {
                config = metaManager.getIDPSSOConfig(realm, remoteEntityID);
            } else {
                config = metaManager.getSPSSOConfig(realm, remoteEntityID);
            }
            mniURL = SAML2Utils.fillInBasicAuthInfo(config, mniURL);
            if (!doMNIBySOAP(mniRequest, mniURL, metaAlias, hostEntityRole, request, response)) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("mniFailed"));
            }
        } else if (binding.equalsIgnoreCase(SAML2Constants.HTTP_POST)) {
            signMNIRequest(mniRequest, realm, hostEntityID, hostEntityRole, remoteEntityID);
            mniRequestXMLString = mniRequest.toXMLString(true, true);
            doMNIByPOST(mniRequestXMLString, mniURL, relayState, realm, hostEntityID, hostEntityRole, remoteEntityID, response, request);
        }
    } catch (IOException ioe) {
        logError("errorCreatingMNIRequest", LogUtil.CANNOT_INSTANTIATE_MNI_REQUEST, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("errorCreatingMNIRequest"));
    } catch (SAML2MetaException sme) {
        logError("metaDataError", LogUtil.METADATA_ERROR, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
    } catch (SessionException ssoe) {
        logError("invalidSSOToken", LogUtil.INVALID_SSOTOKEN, null);
        throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) ManageNameIDRequest(com.sun.identity.saml2.protocol.ManageNameIDRequest) SessionException(com.sun.identity.plugin.session.SessionException) IOException(java.io.IOException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 5 with ManageNameIDServiceElement

use of com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement in project OpenAM by OpenRock.

the class SAMLv2ModelImpl method getStandardServiceProviderAttributes.

/**
     * Returns a map with standard service provider attributes and values.
     *
     * @param realm to which the entity belongs.
     * @param entityName is the entity id.
     * @return Map with standard attribute values of Service Provider.
     * @throws AMConsoleException if unable to retrieve the Service Provider
     *     attrubutes based on the realm and entityName passed.
     */
public Map getStandardServiceProviderAttributes(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "SAMLv2", "SP-Standard" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    Map map = new HashMap();
    SPSSODescriptorElement spssoDescriptor = null;
    try {
        SAML2MetaManager samlManager = getSAML2MetaManager();
        spssoDescriptor = samlManager.getSPSSODescriptor(realm, entityName);
        if (spssoDescriptor != null) {
            // retrieve WantAuthnRequestsSigned
            map.put(IS_AUTHN_REQ_SIGNED, returnEmptySetIfValueIsNull(spssoDescriptor.isAuthnRequestsSigned()));
            map.put(WANT_ASSERTIONS_SIGNED, returnEmptySetIfValueIsNull(spssoDescriptor.isWantAssertionsSigned()));
            //retrieve SingleLogoutService
            map.put(SP_SINGLE_LOGOUT_HTTP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_SINGLE_LOGOUT_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_SLO_POST_LOC, Collections.EMPTY_SET);
            map.put(SP_SLO_POST_RESPLOC, Collections.EMPTY_SET);
            map.put(SP_SINGLE_LOGOUT_SOAP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_LOGOUT_DEFAULT, Collections.EMPTY_SET);
            List splogoutList = spssoDescriptor.getSingleLogoutService();
            for (int i = 0; i < splogoutList.size(); i++) {
                SingleLogoutServiceElement spslsElem = (SingleLogoutServiceElement) splogoutList.get(i);
                String tmp = spslsElem.getBinding();
                if (i == 0) {
                    map.put(SP_LOGOUT_DEFAULT, returnEmptySetIfValueIsNull(tmp));
                }
                if (tmp.contains(httpRedirect)) {
                    map.put(SP_SINGLE_LOGOUT_HTTP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                    map.put(SP_SINGLE_LOGOUT_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
                } else if (tmp.contains(httpPost)) {
                    map.put(SP_SLO_POST_LOC, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                    map.put(SP_SLO_POST_RESPLOC, returnEmptySetIfValueIsNull(spslsElem.getResponseLocation()));
                } else if (tmp.contains(soap)) {
                    map.put(SP_SINGLE_LOGOUT_SOAP_LOCATION, returnEmptySetIfValueIsNull(spslsElem.getLocation()));
                }
            }
            //retrieve ManageNameIDService
            map.put(SP_MANAGE_NAMEID_HTTP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_MANAGE_NAMEID_HTTP_RESP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_MNI_POST_LOC, Collections.EMPTY_SET);
            map.put(SP_MNI_POST_RESPLOC, Collections.EMPTY_SET);
            map.put(SP_MANAGE_NAMEID_SOAP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_MANAGE_NAMEID_SOAP_RESP_LOCATION, Collections.EMPTY_SET);
            map.put(SP_MNI_DEFAULT, Collections.EMPTY_SET);
            List manageNameIdList = spssoDescriptor.getManageNameIDService();
            for (int i = 0; i < manageNameIdList.size(); i++) {
                ManageNameIDServiceElement mniElem = (ManageNameIDServiceElement) manageNameIdList.get(i);
                String tmp = mniElem.getBinding();
                if (i == 0) {
                    map.put(SP_MNI_DEFAULT, returnEmptySetIfValueIsNull(tmp));
                }
                if (tmp.contains(httpRedirect)) {
                    map.put(SP_MANAGE_NAMEID_HTTP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                    map.put(SP_MANAGE_NAMEID_HTTP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
                } else if (tmp.contains(httpPost)) {
                    map.put(SP_MNI_POST_LOC, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                    map.put(SP_MNI_POST_RESPLOC, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
                } else if (tmp.contains(soap)) {
                    map.put(SP_MANAGE_NAMEID_SOAP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getLocation()));
                    map.put(SP_MANAGE_NAMEID_SOAP_RESP_LOCATION, returnEmptySetIfValueIsNull(mniElem.getResponseLocation()));
                }
            }
            //retrieve nameid format               
            map.put(NAMEID_FORMAT, (OrderedSet) convertListToSet(spssoDescriptor.getNameIDFormat()));
            //retrieve key descriptor encryption details if present
            map.put(TF_KEY_NAME, Collections.EMPTY_SET);
            map.put(TF_ALGORITHM, Collections.EMPTY_SET);
            if (spssoDescriptor.getKeyDescriptor() != null) {
                getKeyandAlgorithm(spssoDescriptor, map);
            }
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (SAML2MetaException e) {
        debug.warning("SAMLv2ModelImpl.getStandardServiceProviderAttribute:", e);
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "SAMLv2", "SP-Standard", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement) SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement) HashMap(java.util.HashMap) SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Aggregations

ManageNameIDServiceElement (com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)13 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)5 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5 List (java.util.List)5 SessionException (com.sun.identity.plugin.session.SessionException)3 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)3 ManageNameIDRequest (com.sun.identity.saml2.protocol.ManageNameIDRequest)3 Iterator (java.util.Iterator)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2 NameIDMappingServiceElement (com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement)2 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)2 SingleLogoutServiceElement (com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)2 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)2 ManageNameIDResponse (com.sun.identity.saml2.protocol.ManageNameIDResponse)2 IOException (java.io.IOException)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)1 ArtifactResolutionServiceElement (com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)1