Example 26 with SingleLogoutServiceElement
use of com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement in project OpenAM by OpenRock.
the class LogoutUtil method getMostAppropriateSLOServiceLocation.
/**
* Based on the preferred SAML binding this method tries to choose the most appropriate
* {@link SingleLogoutServiceElement} that can be used to send the logout request to. The algorithm itself is
* simple:
* <ul>
* <li>When asynchronous binding was used with the initial logout request, it is preferred to use asynchronous
* bindings, but if they are not available, a synchronous binding should be used.</li>
* <li>When synchronous binding is used with the initial request, only synchronous bindings can be used for the
* rest of the entities.</li>
* </ul>
*
* @param sloList The list of SLO endpoints for a given entity.
* @param preferredBinding The binding that was used to initiate the logout request.
* @return The most appropriate SLO service location that can be used for sending the logout request. If there is
* no appropriate logout endpoint, null is returned.
*/
public static SingleLogoutServiceElement getMostAppropriateSLOServiceLocation(List<SingleLogoutServiceElement> sloList, String preferredBinding) {
//shortcut for the case when SLO isn't supported at all
if (sloList.isEmpty()) {
return null;
}
Map<String, SingleLogoutServiceElement> sloBindings = new HashMap<String, SingleLogoutServiceElement>(sloList.size());
for (SingleLogoutServiceElement sloEndpoint : sloList) {
sloBindings.put(sloEndpoint.getBinding(), sloEndpoint);
}
SingleLogoutServiceElement endpoint = sloBindings.get(preferredBinding);
if (endpoint == null) {
//if the requested binding isn't supported let's try to find the most appropriate SLO endpoint
if (preferredBinding.equals(SAML2Constants.HTTP_POST)) {
endpoint = sloBindings.get(SAML2Constants.HTTP_REDIRECT);
} else if (preferredBinding.equals(SAML2Constants.HTTP_REDIRECT)) {
endpoint = sloBindings.get(SAML2Constants.HTTP_POST);
}
if (endpoint == null) {
//we ran out of asynchronous bindings, so our only chance is to try to use SOAP binding
//in case the preferred binding was SOAP from the beginning, then this code will just return null again
endpoint = sloBindings.get(SAML2Constants.SOAP);
}
}
return endpoint;
}
Also used :
SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)
HashMap(java.util.HashMap)
Aggregations
SingleLogoutServiceElement (com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)25
ArrayList (java.util.ArrayList)9
List (java.util.List)8
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)7
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)6
HashMap (java.util.HashMap)6
SessionException (com.sun.identity.plugin.session.SessionException)5
SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)5
IOException (java.io.IOException)4
HashSet (java.util.HashSet)4
Iterator (java.util.Iterator)4
Map (java.util.Map)4
Set (java.util.Set)4
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)3
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)3
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)3
LogoutResponse (com.sun.identity.saml2.protocol.LogoutResponse)3
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2
SingleLogoutManager (com.sun.identity.multiprotocol.SingleLogoutManager)2
SessionProvider (com.sun.identity.plugin.session.SessionProvider)2
