Examples with SAML2MetaException com.sun.identity.saml2.meta.SAML2MetaException used on opensource projects

Search in sources :

Example 36 with SAML2MetaException

use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.

the class SAML2IDPProxyImpl method getPreferredIDP.

/**
     * Returns a list of preferred IDP providerIDs.
     * @param authnRequest original authnrequest
     * @param hostProviderID ProxyIDP providerID.
     * @param realm Realm
     * @param request HttpServletRequest
     * @param response HttpServletResponse
     * @return a list of providerID's of the authenticating providers to be
     *     proxied or <code>null</code> to disable the proxying and continue
     *     for the localauthenticating provider.
     * @exception SAML2Exception if error occurs.
     */
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
    String classMethod = "SAML2IDPProxyImpl.getPreferredIDP:";
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message(classMethod + "Init.");
    }
    try {
        SAML2MetaManager sm = new SAML2MetaManager();
        // Retreive MetaData
        if (sm == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("errorMetaManager"));
        }
        SPSSOConfigElement spEntityCfg = sm.getSPSSOConfig(realm, authnRequest.getIssuer().getValue());
        Map spConfigAttrsMap = null;
        if (spEntityCfg != null) {
            spConfigAttrsMap = SAML2MetaUtils.getAttributes(spEntityCfg);
        }
        String useIntroductionForProxying = SPSSOFederate.getParameter(spConfigAttrsMap, SAML2Constants.USE_INTRODUCTION_FOR_IDP_PROXY);
        List providerIDs = new ArrayList();
        if (useIntroductionForProxying == null || !useIntroductionForProxying.equals("true")) {
            List proxyIDPs = null;
            if ((spConfigAttrsMap != null) && (!spConfigAttrsMap.isEmpty())) {
                proxyIDPs = (List) spConfigAttrsMap.get(SAML2Constants.IDP_PROXY_LIST);
            }
            if (proxyIDPs == null || proxyIDPs.isEmpty()) {
                SAML2Utils.debug.error("SAML2IDPProxyImpl.getPrefferedIDP:" + "Preferred IDPs are null.");
                return null;
            }
            providerIDs.add(proxyIDPs.iterator().next());
            return providerIDs;
        } else {
            /* IDP Proxy with introduction cookie case*/
            String idpEntityID = null;
            List cotList = (List) spConfigAttrsMap.get("cotlist");
            String cotListStr = (String) cotList.iterator().next();
            CircleOfTrustManager cotManager = new CircleOfTrustManager();
            CircleOfTrustDescriptor cotDesc = cotManager.getCircleOfTrust(realm, cotListStr);
            String readerURL = cotDesc.getSAML2ReaderServiceURL();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(classMethod + "SAMLv2 idp" + "discovery reader URL = " + readerURL);
            }
            if (readerURL != null && (!readerURL.equals(""))) {
                String rID = SAML2Utils.generateID();
                String redirectURL = SAML2Utils.getRedirectURL(readerURL, rID, request);
                if (SAML2Utils.debug.messageEnabled()) {
                    SAML2Utils.debug.error(classMethod + "Redirect url = " + redirectURL);
                }
                if (redirectURL != null) {
                    response.sendRedirect(redirectURL);
                    Map aMap = new HashMap();
                    SPCache.reqParamHash.put(rID, aMap);
                    providerIDs.add(rID);
                    return providerIDs;
                }
            }
        }
        return null;
    } catch (SAML2MetaException ex) {
        SAML2Utils.debug.error(classMethod + "meta Exception in retrieving the preferred IDP", ex);
        return null;
    } catch (COTException sme) {
        SAML2Utils.debug.error(classMethod + "Error retreiving COT ", sme);
        return null;
    } catch (Exception e) {
        SAML2Utils.debug.error(classMethod + "Exception in retrieving the preferred IDP", e);
        return null;
    }
}
Also used : CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager) HashMap(java.util.HashMap) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) ArrayList(java.util.ArrayList) CircleOfTrustDescriptor(com.sun.identity.cot.CircleOfTrustDescriptor) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) COTException(com.sun.identity.cot.COTException) COTException(com.sun.identity.cot.COTException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 37 with SAML2MetaException

use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.

the class SAML2ProviderManager method isNameIDEncryptionEnabled.

/**
     * Returns whether the specified provider requires name ID encryption
     * or not.
     * @param providerID provider ID.
     * @return true if the specified provider requires name ID encryption,
     *     false if it doesn't.
     */
public boolean isNameIDEncryptionEnabled(String providerID) {
    BaseConfigType config = null;
    try {
        config = metaManager.getSPSSOConfig("/", providerID);
        if (config == null) {
            config = metaManager.getIDPSSOConfig("/", providerID);
        }
    } catch (SAML2MetaException smex) {
        SAML2Utils.debug.error("SAML2ProviderManager.isNameIDEncryptionEnabled:", smex);
    }
    if (config == null) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("SAML2ProviderManager.isNameIDEncryptionEnabled:" + "config not found.");
        }
        return false;
    }
    String wantEncrypted = null;
    Map attrMap = SAML2MetaUtils.getAttributes(config);
    if ((attrMap != null) && !attrMap.isEmpty()) {
        List values = (List) attrMap.get(SAML2Constants.WANT_NAMEID_ENCRYPTED);
        if ((values != null) && (!values.isEmpty())) {
            wantEncrypted = (String) values.get(0);
        }
    }
    return ((wantEncrypted != null) && wantEncrypted.equalsIgnoreCase("true"));
}
Also used : BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType) List(java.util.List) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) Map(java.util.Map)

Example 38 with SAML2MetaException

use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.

the class AssertionIDRequestUtil method getRoleDescriptorAndLocation.

private static RoleDescriptorType getRoleDescriptorAndLocation(String samlAuthorityEntityID, String role, String realm, String binding, StringBuffer location) throws SAML2Exception {
    List aIDReqServices = null;
    RoleDescriptorType roled = null;
    try {
        if (role == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
        } else if (role.equals(SAML2Constants.IDP_ROLE)) {
            IDPSSODescriptorElement idpd = metaManager.getIDPSSODescriptor(realm, samlAuthorityEntityID);
            if (idpd == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("idpNotFound"));
            }
            aIDReqServices = idpd.getAssertionIDRequestService();
            roled = idpd;
        } else if (role.equals(SAML2Constants.AUTHN_AUTH_ROLE)) {
            AuthnAuthorityDescriptorElement attrd = metaManager.getAuthnAuthorityDescriptor(realm, samlAuthorityEntityID);
            if (attrd == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("authnAuthorityNotFound"));
            }
            aIDReqServices = attrd.getAssertionIDRequestService();
            roled = attrd;
        } else if (role.equals(SAML2Constants.ATTR_AUTH_ROLE)) {
            AttributeAuthorityDescriptorElement aad = metaManager.getAttributeAuthorityDescriptor(realm, samlAuthorityEntityID);
            if (aad == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("attrAuthorityNotFound"));
            }
            aIDReqServices = aad.getAssertionIDRequestService();
            roled = aad;
        } else {
            throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedRole"));
        }
    } catch (SAML2MetaException sme) {
        SAML2Utils.debug.error("AssertionIDRequest.getRoleDescriptorAndLocation:", sme);
        throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
    }
    if (binding == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    if ((aIDReqServices == null) || (aIDReqServices.isEmpty())) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("aIDReqServiceNotFound"));
    }
    for (Iterator iter = aIDReqServices.iterator(); iter.hasNext(); ) {
        AssertionIDRequestServiceElement aIDReqService = (AssertionIDRequestServiceElement) iter.next();
        if (binding.equalsIgnoreCase(aIDReqService.getBinding())) {
            location.append(aIDReqService.getLocation());
            break;
        }
    }
    if (location.length() == 0) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
    }
    return roled;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AuthnAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AuthnAuthorityDescriptorElement) AssertionIDRequestServiceElement(com.sun.identity.saml2.jaxb.metadata.AssertionIDRequestServiceElement) RoleDescriptorType(com.sun.identity.saml2.jaxb.metadata.RoleDescriptorType) AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement) Iterator(java.util.Iterator) List(java.util.List) ArrayList(java.util.ArrayList) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 39 with SAML2MetaException

use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.

the class ConfigureGoogleApps method updateSPMeta.

private void updateSPMeta(String realm, String cot, String domainId) throws WorkflowException {
    String metadata = "<EntityDescriptor entityID=\"google.com/a/" + domainId + "\"" + " xmlns=\"urn" + ":oasis:names:tc:SAML:2.0:metadata\">" + "<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:nam" + "es:tc:SAML:2.0:protocol\"> <NameIDFormat>urn:oasis:names:t" + "c:SAML:1.1:nameid-format:unspecified</NameIDFormat>" + "<AssertionConsumerService index=\"1\" Binding=\"urn:oasis:na" + "mes:tc:SAML:2.0:bindings:HTTP-POST\"" + " Location=\"https://www.google.com/a/" + domainId + "/acs\" />" + "</SPSSODescriptor></EntityDescriptor>";
    String extendedMeta = null;
    try {
        EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
        String eId = e.getEntityID();
        String metaAlias = generateMetaAliasForSP(realm);
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        extendedMeta = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(eId, map, null, false);
    } catch (SAML2MetaException ex) {
        throw new WorkflowException(ex.getMessage());
    } catch (JAXBException ex) {
        throw new WorkflowException(ex.getMessage());
    }
    String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
    String entityId = results[1];
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
}
Also used : HashMap(java.util.HashMap) JAXBException(javax.xml.bind.JAXBException) COTException(com.sun.identity.cot.COTException) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 40 with SAML2MetaException

use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.

the class ConfigureGoogleApps method updateIDPMeta.

private void updateIDPMeta(String realm, String entityId) throws WorkflowException {
    try {
        SAML2MetaManager samlManager = new SAML2MetaManager();
        EntityConfigElement entityConfig = samlManager.getEntityConfig(realm, entityId);
        IDPSSOConfigElement idpssoConfig = samlManager.getIDPSSOConfig(realm, entityId);
        List attrList = idpssoConfig.getAttribute();
        if (idpssoConfig != null) {
            for (Iterator it = attrList.iterator(); it.hasNext(); ) {
                AttributeElement avpnew = (AttributeElement) it.next();
                String name = avpnew.getName();
                if (name.equals("nameIDFormatMap")) {
                    for (Iterator itt = avpnew.getValue().listIterator(); itt.hasNext(); ) {
                        String temp = (String) itt.next();
                        if (temp.contains("unspecified")) {
                            itt.remove();
                        }
                    }
                    avpnew.getValue().add(0, nameidMapping);
                }
            }
        }
        samlManager.setEntityConfig(realm, entityConfig);
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    }
}
Also used : Iterator(java.util.Iterator) IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement) List(java.util.List) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) AttributeElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeElement) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)138 List (java.util.List)106 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)90 ArrayList (java.util.ArrayList)80 Iterator (java.util.Iterator)55 Map (java.util.Map)50 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)47 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)44 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)43 HashMap (java.util.HashMap)41 SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)30 BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)29 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)28 JAXBException (javax.xml.bind.JAXBException)28 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)26 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)24 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)23 Set (java.util.Set)20 IOException (java.io.IOException)15 HashSet (java.util.HashSet)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial