Search in sources :

Example 41 with Response

use of com.sun.identity.saml2.protocol.Response in project OpenAM by OpenRock.

the class ResponseImpl method parseElement.

private void parseElement(Element element) throws SAML2Exception {
    // make sure that the input xml block is not null
    if (element == null) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "element input is null.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
    }
    // Make sure this is an Response.
    String tag = null;
    tag = element.getLocalName();
    if ((tag == null) || (!tag.equals("Response"))) {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("ResponseImpl.parseElement: " + "not Response.");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("wrongInput"));
    }
    // handle the attributes of <Response> element
    NamedNodeMap atts = ((Node) element).getAttributes();
    if (atts != null) {
        int length = atts.getLength();
        for (int i = 0; i < length; i++) {
            Attr attr = (Attr) atts.item(i);
            String attrName = attr.getName();
            String attrValue = attr.getValue().trim();
            if (attrName.equals("ID")) {
                responseId = attrValue;
            } else if (attrName.equals("InResponseTo")) {
                inResponseTo = attrValue;
            } else if (attrName.equals("Version")) {
                version = attrValue;
            } else if (attrName.equals("IssueInstant")) {
                try {
                    issueInstant = DateUtils.stringToDate(attrValue);
                } catch (ParseException pe) {
                    throw new SAML2Exception(pe.getMessage());
                }
            } else if (attrName.equals("Destination")) {
                destination = attrValue;
            } else if (attrName.equals("Consent")) {
                consent = attrValue;
            }
        }
    }
    // handle child elements
    NodeList nl = element.getChildNodes();
    Node child;
    String childName;
    int length = nl.getLength();
    for (int i = 0; i < length; i++) {
        child = nl.item(i);
        if ((childName = child.getLocalName()) != null) {
            if (childName.equals("Issuer")) {
                if (issuer != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Issuer.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (signatureString != null || extensions != null || status != null || assertions != null || encAssertions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                issuer = AssertionFactory.getInstance().createIssuer((Element) child);
            } else if (childName.equals("Signature")) {
                if (signatureString != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Signature.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (extensions != null || status != null || assertions != null || encAssertions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                signatureString = XMLUtils.print((Element) child, "UTF-8");
                isSigned = true;
            } else if (childName.equals("Extensions")) {
                if (extensions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:included more than one Extensions.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (status != null || assertions != null || encAssertions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                extensions = ProtocolFactory.getInstance().createExtensions((Element) child);
            } else if (childName.equals("Status")) {
                if (status != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: included more than one Status.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("moreElement"));
                }
                if (assertions != null || encAssertions != null) {
                    if (SAML2SDKUtils.debug.messageEnabled()) {
                        SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element:wrong sequence.");
                    }
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
                }
                status = ProtocolFactory.getInstance().createStatus((Element) child);
            } else if (childName.equals("Assertion")) {
                if (assertions == null) {
                    assertions = new ArrayList();
                }
                Element canoEle = SAMLUtils.getCanonicalElement(child);
                if (canoEle == null) {
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorCanonical"));
                }
                assertions.add(AssertionFactory.getInstance().createAssertion(canoEle));
            } else if (childName.equals("EncryptedAssertion")) {
                if (encAssertions == null) {
                    encAssertions = new ArrayList();
                }
                encAssertions.add(AssertionFactory.getInstance().createEncryptedAssertion((Element) child));
            } else {
                if (SAML2SDKUtils.debug.messageEnabled()) {
                    SAML2SDKUtils.debug.message("ResponseImpl.parse" + "Element: Invalid element:" + childName);
                }
                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidElement"));
            }
        }
    }
    super.validateData();
    if (assertions != null) {
        Iterator iter = assertions.iterator();
        while (iter.hasNext()) {
            ((Assertion) iter.next()).makeImmutable();
        }
        assertions = Collections.unmodifiableList(assertions);
    }
    if (encAssertions != null) {
        encAssertions = Collections.unmodifiableList(encAssertions);
    }
    isMutable = false;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) NamedNodeMap(org.w3c.dom.NamedNodeMap) Node(org.w3c.dom.Node) NodeList(org.w3c.dom.NodeList) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) EncryptedAssertion(com.sun.identity.saml2.assertion.EncryptedAssertion) Assertion(com.sun.identity.saml2.assertion.Assertion) ParseException(java.text.ParseException) Attr(org.w3c.dom.Attr)

Example 42 with Response

use of com.sun.identity.saml2.protocol.Response in project OpenAM by OpenRock.

the class IDPSingleLogoutServiceSOAP method onMessage.

/**
     * Process the incoming SOAP message containing the LogoutRequest and
     * generates outgoing SOAP message containing the LogoutResponse on IDP 
     * side.
     * @param message incoming SOAP message.
     * @param request HTTP servlet request.
     * @param response HTTP servlet response.
     * @param idpEntityID Entity ID of the hosted IDP.
     * @param realm realm of this hosted IDP.
     * @return SOAP message containing the outgoing LogoutResponse.
     */
public SOAPMessage onMessage(SOAPMessage message, HttpServletRequest request, HttpServletResponse response, String idpEntityID, String realm) {
    SAML2Utils.debug.message("IDPSingleLogoutServiceSOAP.onMessage: init");
    // get LogoutRequest element from SOAP message
    LogoutRequest logoutReq = null;
    try {
        Element reqElem = SOAPCommunicator.getInstance().getSamlpElement(message, "LogoutRequest");
        logoutReq = ProtocolFactory.getInstance().createLogoutRequest(reqElem);
    // delay the signature until this server finds the session
    } catch (SAML2Exception se) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "unable to get LogoutRequest from message", se);
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "errorLogoutRequest", se.getMessage());
    }
    if (logoutReq == null) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "LogoutRequest is null");
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "nullLogoutRequest", null);
    }
    LogoutResponse loRes = null;
    try {
        // process LogoutRequestElement
        loRes = IDPSingleLogout.processLogoutRequest(logoutReq, request, response, SAML2Constants.SOAP, null, idpEntityID, realm, false);
        LogoutUtil.signSLOResponse(loRes, realm, idpEntityID, SAML2Constants.IDP_ROLE, logoutReq.getIssuer().getValue());
    } catch (SAML2Exception e) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage;", e);
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponse", e.getMessage());
    }
    if (loRes == null) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "LogoutResponse is null");
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponse", null);
    }
    SOAPMessage msg = null;
    try {
        msg = SOAPCommunicator.getInstance().createSOAPMessage(loRes.toXMLString(true, true), false);
    } catch (SAML2Exception se) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "Unable to create SOAP message:", se);
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponseSOAP", se.getMessage());
    } catch (SOAPException ex) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP.onMessage: " + "Unable to create SOAP message:", ex);
        return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "errorLogoutResponseSOAP", ex.getMessage());
    }
    return msg;
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) LogoutResponse(com.sun.identity.saml2.protocol.LogoutResponse) Element(org.w3c.dom.Element) SOAPException(javax.xml.soap.SOAPException) LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest) SOAPMessage(javax.xml.soap.SOAPMessage)

Example 43 with Response

use of com.sun.identity.saml2.protocol.Response in project OpenAM by OpenRock.

the class IDPSingleLogoutServiceSOAP method doPost.

public void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    try {
        // handle DOS attack
        SAMLUtils.checkHTTPContentLength(req);
        // Get IDP entity ID
        String idpMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
        String idpEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(idpMetaAlias);
        String realm = SAML2MetaUtils.getRealmByMetaAlias(idpMetaAlias);
        if (!SAML2Utils.isIDPProfileBindingSupported(realm, idpEntityID, SAML2Constants.SLO_SERVICE, SAML2Constants.SOAP)) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("unsupportedBinding"));
        }
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("IDPSLOSOAP.doPost : uri =" + req.getRequestURI() + ", idpMetaAlias=" + idpMetaAlias + ", idpEntityID=" + idpEntityID);
        }
        SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
        Map aMap = IDPProxyUtil.getSessionPartners(msg);
        List partners = (List) aMap.get(SAML2Constants.PARTNERS);
        SOAPMessage reply = null;
        reply = onMessage(msg, req, resp, idpEntityID, realm);
        if (reply != null) {
            // IDP Proxy case
            if (partners != null && (!partners.isEmpty())) {
                Element reqElem = SOAPCommunicator.getInstance().getSamlpElement(msg, "LogoutRequest");
                LogoutRequest logoutReq = ProtocolFactory.getInstance().createLogoutRequest(reqElem);
                IDPCache.SOAPMessageByLogoutRequestID.put(logoutReq.getID(), reply);
                IDPProxyUtil.sendProxyLogoutRequestSOAP(req, resp, resp.getWriter(), reply, partners, (IDPSession) aMap.get(SAML2Constants.IDP_SESSION));
            } else {
                if (reply.saveRequired()) {
                    reply.saveChanges();
                }
                resp.setStatus(HttpServletResponse.SC_OK);
                SAML2Utils.putHeaders(reply.getMimeHeaders(), resp);
                // Write out the message on the response stream
                OutputStream os = resp.getOutputStream();
                reply.writeTo(os);
                os.flush();
            }
        } else {
            resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
        }
    } catch (SAML2Exception ex) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP", ex);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "singleLogoutFailed", ex.getMessage());
        return;
    } catch (SOAPException soap) {
        SAML2Utils.debug.error("IDPSingleLogoutServiceSOAP", soap);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "singleLogoutFailed", soap.getMessage());
        return;
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) Element(org.w3c.dom.Element) OutputStream(java.io.OutputStream) SOAPException(javax.xml.soap.SOAPException) List(java.util.List) LogoutRequest(com.sun.identity.saml2.protocol.LogoutRequest) SOAPMessage(javax.xml.soap.SOAPMessage) Map(java.util.Map)

Example 44 with Response

use of com.sun.identity.saml2.protocol.Response in project OpenAM by OpenRock.

the class AssertionIDRequestServiceSOAP method doGetPost.

private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    // handle DOS attack
    SAMLUtils.checkHTTPContentLength(req);
    String pathInfo = req.getPathInfo();
    if (pathInfo == null) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AssertionIDRequestServiceSOAP.doGetPost: " + "pathInfo is null.");
        }
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
        return;
    }
    String role = null;
    int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
    if (index > 2) {
        role = pathInfo.substring(1, index - 1);
    }
    String samlAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
    String samlAuthorityEntityID = null;
    String realm = null;
    try {
        samlAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(samlAuthorityMetaAlias);
        realm = SAML2MetaUtils.getRealmByMetaAlias(samlAuthorityMetaAlias);
    } catch (SAML2Exception sme) {
        SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", sme);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
        return;
    }
    if (!SAML2Utils.isIDPProfileBindingSupported(realm, samlAuthorityEntityID, SAML2Constants.ASSERTION_ID_REQUEST_SERVICE, SAML2Constants.SOAP)) {
        SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:Assertion ID request" + " service SOAP binding is not supported for " + samlAuthorityEntityID);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_BAD_REQUEST, "unsupportedBinding", SAML2Utils.bundle.getString("unsupportedBinding"));
        return;
    }
    AssertionIDRequest assertionIDRequest = null;
    try {
        SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
        Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ASSERTION_ID_REQUEST);
        assertionIDRequest = ProtocolFactory.getInstance().createAssertionIDRequest(elem);
    } catch (Exception ex) {
        SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:", ex);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAssertionIDRequest", ex.getMessage());
        return;
    }
    SOAPMessage replymsg = null;
    try {
        Response samlResp = AssertionIDRequestUtil.processAssertionIDRequest(assertionIDRequest, req, resp, samlAuthorityEntityID, role, realm);
        replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
    } catch (Throwable t) {
        SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
        replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
    }
    try {
        if (replymsg.saveRequired()) {
            replymsg.saveChanges();
        }
        resp.setStatus(HttpServletResponse.SC_OK);
        SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
        OutputStream os = resp.getOutputStream();
        replymsg.writeTo(os);
        os.flush();
    } catch (SOAPException soap) {
        SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", soap);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
        return;
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) HttpServletResponse(javax.servlet.http.HttpServletResponse) Response(com.sun.identity.saml2.protocol.Response) AssertionIDRequest(com.sun.identity.saml2.protocol.AssertionIDRequest) Element(org.w3c.dom.Element) OutputStream(java.io.OutputStream) SOAPException(javax.xml.soap.SOAPException) SOAPMessage(javax.xml.soap.SOAPMessage) ServletException(javax.servlet.ServletException) SOAPException(javax.xml.soap.SOAPException) IOException(java.io.IOException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)

Example 45 with Response

use of com.sun.identity.saml2.protocol.Response in project OpenAM by OpenRock.

the class AttributeServiceSOAP method doGetPost.

private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    // handle DOS attack
    SAMLUtils.checkHTTPContentLength(req);
    AttributeQuery attrQuery = null;
    try {
        SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
        Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ATTRIBUTE_QUERY);
        attrQuery = ProtocolFactory.getInstance().createAttributeQuery(elem);
    } catch (Exception ex) {
        SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost:", ex);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAttributeQuery", ex.getMessage());
        return;
    }
    String pathInfo = req.getPathInfo();
    if (pathInfo == null) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("AttributeServiceSOAP.doGetPost: " + "pathInfo is null.");
        }
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
        return;
    }
    String attrQueryProfileAlias = null;
    int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
    if (index > 2) {
        attrQueryProfileAlias = pathInfo.substring(1, index - 1);
    }
    String attrAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
    String attrAuthorityEntityID = null;
    String realm = null;
    try {
        attrAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrAuthorityMetaAlias);
        realm = SAML2MetaUtils.getRealmByMetaAlias(attrAuthorityMetaAlias);
    } catch (SAML2Exception sme) {
        SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", sme);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
        return;
    }
    SOAPMessage replymsg = null;
    try {
        Response samlResp = AttributeQueryUtil.processAttributeQuery(attrQuery, req, resp, attrAuthorityEntityID, realm, attrQueryProfileAlias);
        replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
    } catch (Throwable t) {
        SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
        replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
    }
    try {
        if (replymsg.saveRequired()) {
            replymsg.saveChanges();
        }
        resp.setStatus(HttpServletResponse.SC_OK);
        SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
        OutputStream os = resp.getOutputStream();
        replymsg.writeTo(os);
        os.flush();
    } catch (SOAPException soap) {
        SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", soap);
        SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
        return;
    }
}
Also used : SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) HttpServletResponse(javax.servlet.http.HttpServletResponse) Response(com.sun.identity.saml2.protocol.Response) AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery) Element(org.w3c.dom.Element) OutputStream(java.io.OutputStream) SOAPException(javax.xml.soap.SOAPException) SOAPMessage(javax.xml.soap.SOAPMessage) ServletException(javax.servlet.ServletException) SOAPException(javax.xml.soap.SOAPException) IOException(java.io.IOException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)

Aggregations

SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)119 List (java.util.List)53 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)45 ArrayList (java.util.ArrayList)41 IOException (java.io.IOException)40 SessionException (com.sun.identity.plugin.session.SessionException)35 Response (com.sun.identity.saml2.protocol.Response)31 SOAPException (javax.xml.soap.SOAPException)31 Issuer (com.sun.identity.saml2.assertion.Issuer)28 HttpServletResponse (javax.servlet.http.HttpServletResponse)28 SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)25 Map (java.util.Map)24 Assertion (com.sun.identity.saml2.assertion.Assertion)23 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)23 SOAPMessage (javax.xml.soap.SOAPMessage)22 IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)20 Date (java.util.Date)20 HashMap (java.util.HashMap)20 Element (org.w3c.dom.Element)20 X509Certificate (java.security.cert.X509Certificate)16