Example 31 with SAML2MetaException
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class LogoutUtil method getSPSLOConfig.
/**
* Returns first SingleLogout configuration in an entity under
* the realm.
* @param realm The realm under which the entity resides.
* @param entityId ID of the entity to be retrieved.
* @param binding bind type need to has to be matched.
* @return <code>SingleLogoutServiceElement</code> for the entity or null
* @throws SAML2MetaException if unable to retrieve the first identity
* provider's SSO configuration.
* @throws SessionException invalid or expired single-sign-on session
*/
public static SingleLogoutServiceElement getSPSLOConfig(String realm, String entityId, String binding) throws SAML2MetaException, SessionException {
SingleLogoutServiceElement slo = null;
SPSSODescriptorElement spSSODesc = metaManager.getSPSSODescriptor(realm, entityId);
if (spSSODesc == null) {
return null;
}
List list = spSSODesc.getSingleLogoutService();
if ((list != null) && !list.isEmpty()) {
if (binding == null) {
return (SingleLogoutServiceElement) list.get(0);
}
Iterator it = list.iterator();
while (it.hasNext()) {
slo = (SingleLogoutServiceElement) it.next();
if (binding.equalsIgnoreCase(slo.getBinding())) {
break;
}
}
}
return slo;
}
Also used :
SingleLogoutServiceElement(com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
Iterator(java.util.Iterator)
List(java.util.List)
ArrayList(java.util.ArrayList)
Example 32 with SAML2MetaException
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class NameIDMapping method initiateNameIDMappingRequest.
/**
* Parses the request parameters and builds the NameIDMappingRequest to
* sent to remote identity provider.
*
* @param session user session.
* @param realm the realm of hosted entity
* @param spEntityID entity ID of hosted service provider
* @param idpEntityID entity ID of remote idendity provider
* @param targetSPEntityID entity ID of target entity ID of service
* provider
* @param targetNameIDFormat format of target Name ID
* @param paramsMap Map of all other parameters
*
* @return the <code>NameIDMappingResponse</code>
* @throws SAML2Exception if error initiating request to remote entity.
*
* @supported.api
*/
public static NameIDMappingResponse initiateNameIDMappingRequest(Object session, String realm, String spEntityID, String idpEntityID, String targetSPEntityID, String targetNameIDFormat, Map paramsMap) throws SAML2Exception {
if (spEntityID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullSPEntityID"));
}
if (idpEntityID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullIDPEntityID"));
}
String userID = null;
try {
userID = sessionProvider.getPrincipalName(session);
} catch (SessionException e) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.createNameIDMappingRequest: ", e);
}
}
if (userID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " IDP EntityID is : " + idpEntityID);
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " SP HOST EntityID is : " + spEntityID);
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " target SP EntityID is : " + targetSPEntityID);
}
try {
// nameIDMappingService
String binding = SAML2Utils.getParameter(paramsMap, SAML2Constants.BINDING);
if (binding == null) {
binding = SAML2Constants.SOAP;
} else if (!binding.equals(SAML2Constants.SOAP)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nimServiceBindingUnsupport"));
}
String nimURL = SAML2Utils.getParameter(paramsMap, "nimURL");
if (nimURL == null) {
NameIDMappingServiceElement nameIDMappingService = getNameIDMappingService(realm, idpEntityID, binding);
if (nameIDMappingService != null) {
nimURL = nameIDMappingService.getLocation();
}
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.initiateNameMappingRequest:" + " nimURL" + nimURL);
}
if (nimURL == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nimServiceNotFound"));
}
NameIDMappingRequest nimRequest = createNameIDMappingRequest(userID, realm, spEntityID, idpEntityID, nimURL, targetSPEntityID, targetNameIDFormat);
signNIMRequest(nimRequest, realm, spEntityID, false);
BaseConfigType config = metaManager.getIDPSSOConfig(realm, idpEntityID);
nimURL = SAML2SDKUtils.fillInBasicAuthInfo(config, nimURL);
return doNIMBySOAP(nimRequest.toXMLString(true, true), nimURL, realm, spEntityID);
} catch (SAML2MetaException sme) {
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NameIDMappingServiceElement(com.sun.identity.saml2.jaxb.metadata.NameIDMappingServiceElement)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
SessionException(com.sun.identity.plugin.session.SessionException)
NameIDMappingRequest(com.sun.identity.saml2.protocol.NameIDMappingRequest)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 33 with SAML2MetaException
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class AttributeQueryUtil method sendAttributeQuery.
/**
* Sends the <code>AttributeQuery</code> to specified
* attribute authority and returns <code>Response</code> coming
* from the attribute authority.
*
* @param attrQuery the <code>AttributeQuery</code> object
* @param request the HTTP Request
* @param response the HTTP Response
* @param attrAuthorityEntityID entity ID of attribute authority
* @param realm the realm of hosted entity
* @param attrQueryProfile the attribute query profile or null to ignore
* @param attrProfile the attribute profile
* @param binding the binding
*
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static void sendAttributeQuery(AttributeQuery attrQuery, HttpServletRequest request, HttpServletResponse response, String attrAuthorityEntityID, String realm, String attrQueryProfile, String attrProfile, String binding) throws SAML2Exception {
AttributeAuthorityDescriptorElement aad = null;
try {
aad = metaManager.getAttributeAuthorityDescriptor(realm, attrAuthorityEntityID);
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuery:", sme);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
if (aad == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
}
if (binding == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
String location = findLocation(aad, binding, attrQueryProfile, attrProfile);
if (location == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
}
if (binding.equalsIgnoreCase(SAML2Constants.HTTP_POST)) {
signAttributeQuery(attrQuery, realm, false);
String encodedReqMsg = SAML2Utils.encodeForPOST(attrQuery.toXMLString(true, true));
SAML2Utils.postToTarget(request, response, "SAMLRequest", encodedReqMsg, null, null, location);
} else {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 34 with SAML2MetaException
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class AttributeQueryUtil method sendAttributeQuery.
/**
* Sends the <code>AttributeQuery</code> to specified
* attribute authority and returns <code>Response</code> coming
* from the attribute authority.
*
* @param attrQuery the <code>AttributeQuery</code> object
* @param attrAuthorityEntityID entity ID of attribute authority
* @param realm the realm of hosted entity
* @param attrQueryProfile the attribute query profile or null to ignore
* @param attrProfile the attribute profile
* @param binding the binding
*
* @return the <code>Response</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static Response sendAttributeQuery(AttributeQuery attrQuery, String attrAuthorityEntityID, String realm, String attrQueryProfile, String attrProfile, String binding) throws SAML2Exception {
AttributeAuthorityDescriptorElement aad = null;
try {
aad = metaManager.getAttributeAuthorityDescriptor(realm, attrAuthorityEntityID);
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuery:", sme);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
if (aad == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
}
if (binding == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
String location = findLocation(aad, binding, attrQueryProfile, attrProfile);
if (location == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
}
if (binding.equalsIgnoreCase(SAML2Constants.SOAP)) {
signAttributeQuery(attrQuery, realm, false);
return sendAttributeQuerySOAP(attrQuery, location, attrAuthorityEntityID, aad);
} else {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 35 with SAML2MetaException
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class AuthnQueryUtil method sendAuthnQuery.
/**
* This method sends the <code>AuthnQuery</code> to specifiied
* authentication authority and returns <code>Response</code> coming
* from the authentication authority.
*
* @param authnQuery the <code>AuthnQuery</code> object
* @param authnAuthorityEntityID entity ID of authentication authority
* @param realm the realm of hosted entity
* @param binding the binding
*
* @return the <code>Response</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static Response sendAuthnQuery(AuthnQuery authnQuery, String authnAuthorityEntityID, String realm, String binding) throws SAML2Exception {
SAML2MetaManager metaManager = SAML2Utils.getSAML2MetaManager();
AuthnAuthorityDescriptorElement aad = null;
try {
aad = metaManager.getAuthnAuthorityDescriptor(realm, authnAuthorityEntityID);
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error("AttributeService.sendAuthnQuery:", sme);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
}
if (aad == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("authnAuthorityNotFound"));
}
if (binding == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
String location = null;
List authnService = aad.getAuthnQueryService();
for (Iterator iter = authnService.iterator(); iter.hasNext(); ) {
AuthnQueryServiceElement authnService1 = (AuthnQueryServiceElement) iter.next();
if (binding.equalsIgnoreCase(authnService1.getBinding())) {
location = authnService1.getLocation();
break;
}
}
if (location == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
if (binding.equalsIgnoreCase(SAML2Constants.SOAP)) {
signAuthnQuery(authnQuery, realm, false);
return sendAuthnQuerySOAP(authnQuery, location, authnAuthorityEntityID, realm, aad);
} else {
throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
AuthnQueryServiceElement(com.sun.identity.saml2.jaxb.metadata.AuthnQueryServiceElement)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)138
List (java.util.List)106
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)90
ArrayList (java.util.ArrayList)80
Iterator (java.util.Iterator)55
Map (java.util.Map)50
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)47
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)44
EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)43
HashMap (java.util.HashMap)41
SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)30
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)29
EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)28
JAXBException (javax.xml.bind.JAXBException)28
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)26
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)24
IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)23
Set (java.util.Set)20
IOException (java.io.IOException)15
HashSet (java.util.HashSet)15
