Example 1 with NewID
use of com.sun.identity.saml2.protocol.NewID in project OpenAM by OpenRock.
the class DoManageNameID method processManageNameIDRequest.
private static Status processManageNameIDRequest(ManageNameIDRequest mniRequest, String realm, String hostEntityID, String remoteEntityID, String hostRole, String userID) throws Exception {
String method = "processManageNameIDRequest: ";
if (debug.messageEnabled()) {
debug.message(method + "Host EntityID is : " + hostEntityID);
debug.message(method + "Host role is : " + hostRole);
debug.message(method + "Realm is : " + realm);
}
NameID nameID = getNameIDFromMNIRequest(mniRequest, realm, hostEntityID, hostRole);
NameIDInfo oldNameIDInfo = getNameIDInfo(userID, hostEntityID, remoteEntityID, hostRole, realm, nameID.getSPNameQualifier(), true);
NameID oldNameID = null;
if (oldNameIDInfo != null) {
oldNameID = oldNameIDInfo.getNameID();
}
if (oldNameID == null) {
// log manage name id failure
logError("unknownPrinciapl", LogUtil.UNKNOWN_PRINCIPAL, mniRequest.toXMLString(true, true));
return SAML2Utils.generateStatus(SAML2Constants.REQUESTER, SAML2Constants.UNKNOWN_PRINCIPAL, null);
}
List spFedSessions = null;
IDPSession idpSession = null;
// Terminate
if (hostRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
idpSession = removeIDPFedSession(remoteEntityID, oldNameID.getValue());
} else {
spFedSessions = (List) SPCache.fedSessionListsByNameIDInfoKey.remove(oldNameIDInfo.getNameIDInfoKey().toValueString());
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setFedSessionCount((long) SPCache.fedSessionListsByNameIDInfoKey.size());
}
}
if (!AccountUtils.removeAccountFederation(oldNameIDInfo, userID)) {
// log termination failure
logError("unableToTerminate", LogUtil.UNABLE_TO_TERMINATE, userID);
return SAML2Utils.generateStatus(SAML2Constants.RESPONDER, SAML2Utils.bundle.getString("unableToTerminate"));
}
if (mniRequest.getTerminate()) {
// log termination success
logAccess("requestSuccess", LogUtil.SUCCESS_FED_TERMINATION, userID);
return SAML2Utils.generateStatus(SAML2Constants.SUCCESS, SAML2Utils.bundle.getString("requestSuccess"));
}
// newID case
NewID newID = getNewIDFromMNIRequest(mniRequest, realm, hostEntityID, hostRole);
boolean isAffiliation = oldNameIDInfo.isAffiliation();
String spNameQualifier = oldNameID.getSPNameQualifier();
if (hostRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
NameID newNameID = AssertionFactory.getInstance().createNameID();
newNameID.setValue(oldNameID.getValue());
newNameID.setNameQualifier(oldNameID.getNameQualifier());
newNameID.setSPNameQualifier(spNameQualifier);
newNameID.setFormat(oldNameID.getFormat());
newNameID.setSPProvidedID(newID.getValue());
NameIDInfo newNameIDinfo = new NameIDInfo(hostEntityID, (isAffiliation ? spNameQualifier : remoteEntityID), newNameID, SAML2Constants.IDP_ROLE, isAffiliation);
AccountUtils.setAccountFederation(newNameIDinfo, userID);
if (idpSession != null) {
// there are active session using this Name id
NameIDandSPpair pair = new NameIDandSPpair(newNameID, remoteEntityID);
synchronized (IDPCache.idpSessionsByIndices) {
List list = (List) idpSession.getNameIDandSPpairs();
list.add(pair);
}
}
// log new name id success
logAccess("requestSuccess", LogUtil.SUCCESS_NEW_NAMEID, userID);
return SAML2Utils.generateStatus(SAML2Constants.SUCCESS, SAML2Utils.bundle.getString("requestSuccess"));
}
// SP ROLE
NameID newNameID = AssertionFactory.getInstance().createNameID();
newNameID.setValue(newID.getValue());
newNameID.setNameQualifier(oldNameID.getNameQualifier());
newNameID.setSPProvidedID(oldNameID.getSPProvidedID());
newNameID.setSPNameQualifier(spNameQualifier);
newNameID.setFormat(oldNameID.getFormat());
NameIDInfo newNameIDInfo = new NameIDInfo((isAffiliation ? spNameQualifier : hostEntityID), remoteEntityID, newNameID, hostRole, isAffiliation);
AccountUtils.setAccountFederation(newNameIDInfo, userID);
if (spFedSessions != null) {
String newInfoKeyStr = newNameIDInfo.getNameIDInfoKey().toValueString();
String infoKeyAttribute = AccountUtils.getNameIDInfoKeyAttribute();
synchronized (spFedSessions) {
for (Iterator iter = spFedSessions.iterator(); iter.hasNext(); ) {
SPFedSession spFedSession = (SPFedSession) iter.next();
spFedSession.info = newNameIDInfo;
String tokenID = spFedSession.spTokenID;
try {
Object session = sessionProvider.getSession(tokenID);
String[] fromToken = sessionProvider.getProperty(session, infoKeyAttribute);
if ((fromToken == null) || (fromToken.length == 0) || (fromToken[0] == null) || (fromToken[0].length() == 0)) {
String[] values = { newInfoKeyStr };
sessionProvider.setProperty(session, infoKeyAttribute, values);
} else {
if (fromToken[0].indexOf(newInfoKeyStr) == -1) {
String[] values = { fromToken[0] + SAML2Constants.SECOND_DELIM + newInfoKeyStr };
sessionProvider.setProperty(session, infoKeyAttribute, values);
}
}
} catch (SessionException ex) {
debug.error("DoManageNameID." + "processManageNameIDRequest:", ex);
}
}
}
SPCache.fedSessionListsByNameIDInfoKey.put(newInfoKeyStr, spFedSessions);
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setFedSessionCount((long) SPCache.fedSessionListsByNameIDInfoKey.size());
}
}
// log new name id success
logAccess("requestSuccess", LogUtil.SUCCESS_NEW_NAMEID, userID);
return SAML2Utils.generateStatus(SAML2Constants.SUCCESS, SAML2Utils.bundle.getString("requestSuccess"));
}
Also used :
NewID(com.sun.identity.saml2.protocol.NewID)
NameIDInfo(com.sun.identity.saml2.common.NameIDInfo)
NameID(com.sun.identity.saml2.assertion.NameID)
SessionException(com.sun.identity.plugin.session.SessionException)
Iterator(java.util.Iterator)
List(java.util.List)
Example 2 with NewID
use of com.sun.identity.saml2.protocol.NewID in project OpenAM by OpenRock.
the class DoManageNameID method getNewIDFromMNIRequest.
private static NewID getNewIDFromMNIRequest(ManageNameIDRequest request, String realm, String hostEntityID, String hostEntityRole) throws SAML2Exception {
boolean needDecryptIt = SAML2Utils.getWantNameIDEncrypted(realm, hostEntityID, hostEntityRole);
if (!needDecryptIt) {
if (debug.messageEnabled()) {
debug.message("DoManageNameID.getNewIDFromMNIRequest: " + "NamID doesn't need to be decrypted.");
debug.message("DoManageNameID.getNewIDFromMNIRequest: " + "request is " + request);
}
NewID newID = null;
if (request != null) {
newID = request.getNewID();
debug.message("DoManageNameID.getNewIDFromMNIRequest: " + "newid is " + newID.getValue());
}
return newID;
}
NewEncryptedID encryptedID = request.getNewEncryptedID();
return encryptedID.decrypt(KeyUtil.getDecryptionKeys(realm, hostEntityID, hostEntityRole));
}
Also used :
NewID(com.sun.identity.saml2.protocol.NewID)
NewEncryptedID(com.sun.identity.saml2.protocol.NewEncryptedID)
Example 3 with NewID
use of com.sun.identity.saml2.protocol.NewID in project OpenAM by OpenRock.
the class DoManageNameID method initiateManageNameIDRequest.
/**
* Parses the request parameters and builds the ManageNameID
* Request to sent to remote Entity.
*
* @param request the HttpServletRequest.
* @param response the HttpServletResponse.
* @param metaAlias entityID of hosted entity.
* @param remoteEntityID entityID of remote entity.
* @param paramsMap Map of all other parameters.
* @throws SAML2Exception if error initiating request to remote entity.
*/
public static void initiateManageNameIDRequest(HttpServletRequest request, HttpServletResponse response, String metaAlias, String remoteEntityID, Map paramsMap) throws SAML2Exception {
String method = "DoManageNameID.initiateManageNameIDRequest: ";
if (metaManager == null) {
throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorMetaManager"));
}
if (metaAlias == null) {
logError("MetaAliasNotFound", LogUtil.MISSING_META_ALIAS, metaAlias);
throw new SAML2Exception(SAML2Utils.bundle.getString("nullEntityID"));
}
if (remoteEntityID == null) {
logError("nullRemoteEntityID", LogUtil.MISSING_ENTITY, remoteEntityID);
throw new SAML2Exception(SAML2Utils.bundle.getString("nullRemoteEntityID"));
}
Object session = null;
try {
session = SessionManager.getProvider().getSession(request);
} catch (SessionException se) {
if (debug.messageEnabled()) {
debug.message(method, se);
}
}
String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
String hostEntityID = metaManager.getEntityByMetaAlias(metaAlias);
String hostEntityRole = SAML2Utils.getHostEntityRole(paramsMap);
if (session == null) {
if (debug.messageEnabled()) {
debug.message(method + "Session is missing." + "redirect to the authentication service");
}
// redirect to the authentication service
try {
SAML2Utils.redirectAuthentication(request, response, realm, hostEntityID, hostEntityRole);
} catch (IOException ioe) {
logError("UnableToRedirectToAuth", LogUtil.REDIRECT_TO_AUTH, null);
throw new SAML2Exception(ioe.toString());
}
return;
}
if (debug.messageEnabled()) {
debug.message(method + "Meta Alias is : " + metaAlias);
debug.message(method + "Remote EntityID is : " + remoteEntityID);
debug.message(method + "Host EntityID is : " + hostEntityID);
}
try {
String binding = SAML2Utils.getParameter(paramsMap, SAML2Constants.BINDING);
ManageNameIDServiceElement mniService = getMNIServiceElement(realm, remoteEntityID, hostEntityRole, binding);
if (binding == null) {
binding = mniService.getBinding();
}
if (binding == null) {
logError("UnableTofindBinding", LogUtil.METADATA_ERROR, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("UnableTofindBinding"));
}
String mniURL = null;
if (mniService != null) {
mniURL = mniService.getLocation();
}
if (mniURL == null) {
logError("mniServiceNotFound", LogUtil.METADATA_ERROR, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("mniServiceNotFound"));
}
String requestType = (String) paramsMap.get("requestType");
boolean changeID = "NewID".equals(requestType);
String affiliationID = SAML2Utils.getParameter(paramsMap, SAML2Constants.AFFILIATION_ID);
ManageNameIDRequest mniRequest = createManageNameIDRequest(session, realm, hostEntityID, hostEntityRole, remoteEntityID, mniURL, changeID, affiliationID);
String relayState = SAML2Utils.getParameter(paramsMap, SAML2Constants.RELAY_STATE);
if ((relayState == null) || (relayState.equals(""))) {
relayState = SAML2Utils.getAttributeValueFromSSOConfig(realm, hostEntityID, hostEntityRole, SAML2Constants.DEFAULT_RELAY_STATE);
}
// Validate the RelayState URL.
SAML2Utils.validateRelayStateURL(realm, hostEntityID, relayState, hostEntityRole);
mniRequest.setDestination(XMLUtils.escapeSpecialCharacters(mniURL));
saveMNIRequestInfo(request, response, paramsMap, mniRequest, relayState, hostEntityRole, session);
String mniRequestXMLString = null;
if (binding.equalsIgnoreCase(SAML2Constants.HTTP_REDIRECT)) {
mniRequestXMLString = mniRequest.toXMLString(true, true);
doMNIByHttpRedirect(mniRequestXMLString, mniURL, relayState, realm, hostEntityID, hostEntityRole, remoteEntityID, response);
} else if (binding.equalsIgnoreCase(SAML2Constants.SOAP)) {
signMNIRequest(mniRequest, realm, hostEntityID, hostEntityRole, remoteEntityID);
BaseConfigType config = null;
if (hostEntityRole.equalsIgnoreCase(SAML2Constants.SP_ROLE)) {
config = metaManager.getIDPSSOConfig(realm, remoteEntityID);
} else {
config = metaManager.getSPSSOConfig(realm, remoteEntityID);
}
mniURL = SAML2Utils.fillInBasicAuthInfo(config, mniURL);
if (!doMNIBySOAP(mniRequest, mniURL, metaAlias, hostEntityRole, request, response)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("mniFailed"));
}
} else if (binding.equalsIgnoreCase(SAML2Constants.HTTP_POST)) {
signMNIRequest(mniRequest, realm, hostEntityID, hostEntityRole, remoteEntityID);
mniRequestXMLString = mniRequest.toXMLString(true, true);
doMNIByPOST(mniRequestXMLString, mniURL, relayState, realm, hostEntityID, hostEntityRole, remoteEntityID, response, request);
}
} catch (IOException ioe) {
logError("errorCreatingMNIRequest", LogUtil.CANNOT_INSTANTIATE_MNI_REQUEST, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("errorCreatingMNIRequest"));
} catch (SAML2MetaException sme) {
logError("metaDataError", LogUtil.METADATA_ERROR, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
} catch (SessionException ssoe) {
logError("invalidSSOToken", LogUtil.INVALID_SSOTOKEN, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
ManageNameIDServiceElement(com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
ManageNameIDRequest(com.sun.identity.saml2.protocol.ManageNameIDRequest)
SessionException(com.sun.identity.plugin.session.SessionException)
IOException(java.io.IOException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Example 4 with NewID
use of com.sun.identity.saml2.protocol.NewID in project OpenAM by OpenRock.
the class DoManageNameID method setNameIDForMNIRequest.
private static void setNameIDForMNIRequest(ManageNameIDRequest mniRequest, NameID nameID, boolean changeID, String realm, String hostEntity, String hostEntityRole, String remoteEntity) throws SAML2Exception {
String method = "DoManageNameID.setNameIDForMNIRequest: ";
boolean needEncryptIt = false;
if (hostEntityRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
needEncryptIt = SAML2Utils.getWantNameIDEncrypted(realm, remoteEntity, SAML2Constants.SP_ROLE);
} else {
needEncryptIt = SAML2Utils.getWantNameIDEncrypted(realm, remoteEntity, SAML2Constants.IDP_ROLE);
}
NewID newID = null;
if (changeID) {
String newIDValue = SAML2Utils.createNameIdentifier();
newID = ProtocolFactory.getInstance().createNewID(newIDValue);
mniRequest.setNewID(newID);
}
mniRequest.setNameID(nameID);
if (!needEncryptIt) {
if (debug.messageEnabled()) {
debug.message(method + "NamID doesn't need to be encrypted.");
}
return;
}
EncInfo encInfo = null;
if (hostEntityRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
SPSSODescriptorElement spSSODesc = metaManager.getSPSSODescriptor(realm, remoteEntity);
encInfo = KeyUtil.getEncInfo(spSSODesc, remoteEntity, SAML2Constants.SP_ROLE);
} else {
IDPSSODescriptorElement idpSSODesc = metaManager.getIDPSSODescriptor(realm, remoteEntity);
encInfo = KeyUtil.getEncInfo(idpSSODesc, remoteEntity, SAML2Constants.IDP_ROLE);
}
if (debug.messageEnabled()) {
debug.message(method + "realm is : " + realm);
debug.message(method + "hostEntity is : " + hostEntity);
debug.message(method + "Host Entity role is : " + hostEntityRole);
debug.message(method + "remoteEntity is : " + remoteEntity);
}
if (encInfo == null) {
logError("UnableToFindEncryptKeyInfo", LogUtil.METADATA_ERROR, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("UnableToFindEncryptKeyInfo"));
}
EncryptedID encryptedID = nameID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), remoteEntity);
// This non-encrypted NameID will be removed just
// after saveMNIRequestInfo and just before it send to
mniRequest.setEncryptedID(encryptedID);
if (newID != null) {
NewEncryptedID newEncID = newID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), remoteEntity);
// This non-encrypted newID will be removed just
// after saveMNIRequestInfo and just before it send to
mniRequest.setNewEncryptedID(newEncID);
}
}
Also used :
EncInfo(com.sun.identity.saml2.key.EncInfo)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
NewID(com.sun.identity.saml2.protocol.NewID)
NewEncryptedID(com.sun.identity.saml2.protocol.NewEncryptedID)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
NewEncryptedID(com.sun.identity.saml2.protocol.NewEncryptedID)
EncryptedID(com.sun.identity.saml2.assertion.EncryptedID)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 5 with NewID
use of com.sun.identity.saml2.protocol.NewID in project OpenAM by OpenRock.
the class DoManageNameID method checkMNIResponse.
private static boolean checkMNIResponse(ManageNameIDResponse mniResponse, String realm, String hostEntityID, String hostRole, StringBuffer mniUserId) throws SAML2Exception, SessionException {
boolean success = false;
String remoteEntityID = mniResponse.getIssuer().getValue();
String requestID = mniResponse.getInResponseTo();
ManageNameIDRequestInfo reqInfo = getMNIRequestInfo(requestID, hostRole);
if (reqInfo == null) {
logError("invalidInResponseToInResponse", LogUtil.INVALID_MNI_RESPONSE, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidInResponseToInResponse"));
}
String retCode = mniResponse.getStatus().getStatusCode().getValue();
if (retCode.equalsIgnoreCase(SAML2Constants.SUCCESS)) {
Object session = reqInfo.getSession();
if (session == null) {
logError("nullSSOToken", LogUtil.INVALID_SSOTOKEN, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("nullSSOToken"));
}
String userID = sessionProvider.getPrincipalName(session);
mniUserId.append(userID);
ManageNameIDRequest origMniReq = reqInfo.getManageNameIDRequest();
NameID oldNameID = origMniReq.getNameID();
List spFedSessions = null;
NameIDInfo oldNameIDInfo = getNameIDInfo(userID, hostEntityID, remoteEntityID, hostRole, realm, oldNameID.getSPNameQualifier(), true);
if (oldNameIDInfo == null) {
debug.error("DoManageNameID.checkMNIResponse: NameIDInfo " + "not found.");
return false;
}
// Terminate
if (hostRole.equalsIgnoreCase(SAML2Constants.SP_ROLE)) {
String infoKeyStr = oldNameIDInfo.getNameIDInfoKey().toValueString();
spFedSessions = (List) SPCache.fedSessionListsByNameIDInfoKey.remove(infoKeyStr);
removeInfoKeyFromSession(session, infoKeyStr);
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setFedSessionCount((long) SPCache.fedSessionListsByNameIDInfoKey.size());
}
} else {
removeIDPFedSession(remoteEntityID, oldNameID.getValue());
}
if (!AccountUtils.removeAccountFederation(oldNameIDInfo, userID)) {
// log termination failure
logError("unableToTerminate", LogUtil.UNABLE_TO_TERMINATE, userID);
return false;
}
if (origMniReq.getTerminate()) {
// log termination success
logAccess("requestSuccess", LogUtil.SUCCESS_FED_TERMINATION, userID);
return true;
}
// newID case
String newIDValue = origMniReq.getNewID().getValue();
boolean isAffiliation = oldNameIDInfo.isAffiliation();
String spNameQualifier = oldNameID.getSPNameQualifier();
if (hostRole.equalsIgnoreCase(SAML2Constants.SP_ROLE)) {
NameID newNameID = AssertionFactory.getInstance().createNameID();
newNameID.setValue(oldNameID.getValue());
newNameID.setFormat(oldNameID.getFormat());
newNameID.setSPProvidedID(newIDValue);
newNameID.setSPNameQualifier(spNameQualifier);
newNameID.setNameQualifier(oldNameID.getNameQualifier());
NameIDInfo newNameIDInfo = new NameIDInfo((isAffiliation ? spNameQualifier : hostEntityID), remoteEntityID, newNameID, hostRole, isAffiliation);
String newInfoKeyStr = newNameIDInfo.getNameIDInfoKey().toValueString();
if (spFedSessions != null) {
SPCache.fedSessionListsByNameIDInfoKey.put(newInfoKeyStr, spFedSessions);
if ((agent != null) && agent.isRunning() && (saml2Svc != null)) {
saml2Svc.setFedSessionCount((long) SPCache.fedSessionListsByNameIDInfoKey.size());
}
}
AccountUtils.setAccountFederation(newNameIDInfo, userID);
try {
String infoKeyAttribute = AccountUtils.getNameIDInfoKeyAttribute();
String[] fromToken = sessionProvider.getProperty(session, infoKeyAttribute);
if ((fromToken == null) || (fromToken.length == 0) || (fromToken[0] == null) || (fromToken[0].length() == 0)) {
String[] values = { newInfoKeyStr };
sessionProvider.setProperty(session, infoKeyAttribute, values);
} else {
if (fromToken[0].indexOf(newInfoKeyStr) == -1) {
String[] values = { fromToken[0] + SAML2Constants.SECOND_DELIM + newInfoKeyStr };
sessionProvider.setProperty(session, infoKeyAttribute, values);
}
}
} catch (Exception e) {
debug.message("DoManageNameID.checkMNIResponse:", e);
}
} else if (hostRole.equalsIgnoreCase(SAML2Constants.IDP_ROLE)) {
NameID newNameID = AssertionFactory.getInstance().createNameID();
newNameID.setValue(newIDValue);
newNameID.setFormat(oldNameID.getFormat());
newNameID.setSPProvidedID(oldNameID.getSPProvidedID());
newNameID.setSPNameQualifier(spNameQualifier);
newNameID.setNameQualifier(hostEntityID);
NameIDInfo newNameIDInfo = new NameIDInfo(hostEntityID, (isAffiliation ? spNameQualifier : remoteEntityID), newNameID, SAML2Constants.IDP_ROLE, isAffiliation);
AccountUtils.setAccountFederation(newNameIDInfo, userID);
NameIDandSPpair pair = new NameIDandSPpair(newNameID, remoteEntityID);
IDPSession idpSession = (IDPSession) IDPCache.idpSessionsBySessionID.get(sessionProvider.getSessionID(session));
if (idpSession != null) {
synchronized (IDPCache.idpSessionsByIndices) {
List list = (List) idpSession.getNameIDandSPpairs();
list.add(pair);
}
}
}
// log manage name id success
logAccess("newNameIDSuccess", LogUtil.SUCCESS_NEW_NAMEID, userID);
success = true;
} else {
logError("mniFailed", LogUtil.INVALID_MNI_RESPONSE, null);
throw new SAML2Exception(SAML2Utils.bundle.getString("mniFailed"));
}
return success;
}
Also used :
NameIDInfo(com.sun.identity.saml2.common.NameIDInfo)
ManageNameIDRequest(com.sun.identity.saml2.protocol.ManageNameIDRequest)
NameID(com.sun.identity.saml2.assertion.NameID)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
SessionException(com.sun.identity.plugin.session.SessionException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
List(java.util.List)
Aggregations
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)4
SessionException (com.sun.identity.plugin.session.SessionException)3
NewID (com.sun.identity.saml2.protocol.NewID)3
NameID (com.sun.identity.saml2.assertion.NameID)2
NameIDInfo (com.sun.identity.saml2.common.NameIDInfo)2
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)2
ManageNameIDRequest (com.sun.identity.saml2.protocol.ManageNameIDRequest)2
NewEncryptedID (com.sun.identity.saml2.protocol.NewEncryptedID)2
IOException (java.io.IOException)2
List (java.util.List)2
AssertionFactory (com.sun.identity.saml2.assertion.AssertionFactory)1
EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)1
BaseConfigType (com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)1
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)1
ManageNameIDServiceElement (com.sun.identity.saml2.jaxb.metadata.ManageNameIDServiceElement)1
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)1
EncInfo (com.sun.identity.saml2.key.EncInfo)1
ProtocolFactory (com.sun.identity.saml2.protocol.ProtocolFactory)1
Iterator (java.util.Iterator)1
ServletException (javax.servlet.ServletException)1
