Example 16 with WSFederationException
use of com.sun.identity.wsfederation.common.WSFederationException in project OpenAM by OpenRock.
the class DefaultIDPAttributeMapper method getSAMLAttribute.
/**
* Returns the SAML <code>Attribute</code> object.
* @param name attribute name.
* @param values attribute values.
* @exception WSFederationException if any failure.
*/
protected Attribute getSAMLAttribute(String name, String[] values) throws WSFederationException {
if (name == null) {
throw new WSFederationException(bundle.getString("nullInput"));
}
List list = new ArrayList();
if (values != null) {
for (int i = 0; i < values.length; i++) {
// Make the AttributeValue element 'by hand', since Attribute
// constructor below is expecting a list of AttributeValue
// elements
String attrValueString = SAMLUtils.makeStartElementTagXML("AttributeValue", true, true) + (XMLUtils.escapeSpecialCharacters(values[i])) + SAMLUtils.makeEndElementTagXML("AttributeValue", true);
list.add(XMLUtils.toDOMDocument(attrValueString, SAMLUtils.debug).getDocumentElement());
}
}
Attribute attribute = null;
try {
attribute = new Attribute(name, WSFederationConstants.CLAIMS_URI, list);
} catch (SAMLException se) {
throw new WSFederationException(se);
}
return attribute;
}
Also used :
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
Attribute(com.sun.identity.saml.assertion.Attribute)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
SAMLException(com.sun.identity.saml.common.SAMLException)
Example 17 with WSFederationException
use of com.sun.identity.wsfederation.common.WSFederationException in project OpenAM by OpenRock.
the class DefaultLibrarySPAccountMapper method getIdentity.
/**
* Returns the user's disntinguished name or the universal ID for the
* corresponding <code>SAML</code> <code>Assertion</code>. This method
* will be invoked by the <code>WS-Federation</code> framework while
* processing the <code>Assertion</code> and retrieves the identity
* information. The implementation of this method checks for
* the user for the corresponding name identifier in the assertion.
*
* @param rstr Request Security Token Response.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param realm realm or the organization name that may be used to find
* the user information.
* @return user's disntinguished name or the universal ID.
* @exception WSFederationException if any failure.
*/
public String getIdentity(RequestSecurityTokenResponse rstr, String hostEntityID, String realm) throws WSFederationException {
if (rstr == null) {
throw new WSFederationException(bundle.getString("nullRstr"));
}
if (hostEntityID == null) {
throw new WSFederationException(bundle.getString("nullHostEntityID"));
}
if (realm == null) {
throw new WSFederationException(bundle.getString("nullRealm"));
}
SAML11RequestedSecurityToken rst = (SAML11RequestedSecurityToken) rstr.getRequestedSecurityToken();
Subject subject = null;
Assertion assertion = rst.getAssertion();
Iterator iter = assertion.getStatement().iterator();
while (iter.hasNext()) {
Statement statement = (Statement) iter.next();
if (statement.getStatementType() == Statement.AUTHENTICATION_STATEMENT) {
subject = ((SubjectStatement) statement).getSubject();
break;
}
}
NameIdentifier nameID = subject.getNameIdentifier();
String userID = null;
String format = nameID.getFormat();
String remoteEntityID = WSFederationUtils.getMetaManager().getEntityByTokenIssuerName(realm, assertion.getIssuer());
if (debug.messageEnabled()) {
debug.message("DefaultLibrarySPAccountMapper.getIdentity(Assertion):" + " realm = " + realm + " hostEntityID = " + hostEntityID);
}
try {
userID = dsProvider.getUserID(realm, getSearchParameters(nameID, realm, hostEntityID, remoteEntityID));
} catch (DataStoreProviderException dse) {
debug.error("DefaultLibrarySPAccountMapper.getIdentity(Assertion): " + "DataStoreProviderException", dse);
throw new WSFederationException(dse);
}
return userID;
}
Also used :
SAML11RequestedSecurityToken(com.sun.identity.wsfederation.profile.SAML11RequestedSecurityToken)
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
SubjectStatement(com.sun.identity.saml.assertion.SubjectStatement)
Statement(com.sun.identity.saml.assertion.Statement)
Assertion(com.sun.identity.saml.assertion.Assertion)
Iterator(java.util.Iterator)
Subject(com.sun.identity.saml.assertion.Subject)
Example 18 with WSFederationException
use of com.sun.identity.wsfederation.common.WSFederationException in project OpenAM by OpenRock.
the class DefaultSPAttributeMapper method getAttributes.
/**
* Returns attribute map for the given list of <code>Attribute</code>
* objects.
* @param attributes list <code>Attribute</code>objects.
* @param userID universal identifier or distinguished name(DN) of the user.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param remoteEntityID <code>EntityID</code> of the remote provider.
* @param realm realm name.
* @return a map of mapped attribute value pair. This map has the
* key as the attribute name and the value as the attribute value
* @exception WSFederationException if any failure.
*/
public Map getAttributes(List attributes, String userID, String hostEntityID, String remoteEntityID, String realm) throws WSFederationException {
if (attributes == null || attributes.size() == 0) {
throw new WSFederationException(bundle.getString("nullAttributes"));
}
if (hostEntityID == null) {
throw new WSFederationException(bundle.getString("nullHostEntityID"));
}
if (realm == null) {
throw new WSFederationException(bundle.getString("nullRealm"));
}
Map<String, Set<String>> map = new HashMap<String, Set<String>>();
Map configMap = getConfigAttributeMap(realm, hostEntityID);
for (Iterator iter = attributes.iterator(); iter.hasNext(); ) {
Attribute attribute = (Attribute) iter.next();
Set<String> values = new HashSet();
try {
List attrValues = attribute.getAttributeValue();
for (Iterator iter2 = attrValues.iterator(); iter2.hasNext(); ) {
Element attrValue = (Element) iter2.next();
values.add(XMLUtils.getElementValue(attrValue));
}
} catch (SAMLException se) {
throw new WSFederationException(se);
}
String attributeName = attribute.getAttributeName();
String localAttribute = (String) configMap.get(attributeName);
if (localAttribute == null || localAttribute.length() == 0) {
localAttribute = attributeName;
}
Set<String> existingValues = map.get(localAttribute);
if (existingValues != null) {
existingValues.addAll(values);
} else {
map.put(localAttribute, values);
}
}
return map;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
HashMap(java.util.HashMap)
Attribute(com.sun.identity.saml.assertion.Attribute)
Element(org.w3c.dom.Element)
SAMLException(com.sun.identity.saml.common.SAMLException)
Iterator(java.util.Iterator)
List(java.util.List)
Map(java.util.Map)
HashMap(java.util.HashMap)
HashSet(java.util.HashSet)
Example 19 with WSFederationException
use of com.sun.identity.wsfederation.common.WSFederationException in project OpenAM by OpenRock.
the class IPSigninRequest method process.
/**
* Processes the sign-in request, returning a response via the
* HttpServletResponse passed to the constructor.
*/
public void process() throws IOException, WSFederationException {
String classMethod = "IPSigninRequest.process: ";
Object session = null;
String idpMetaAlias = WSFederationMetaUtils.getMetaAliasByUri(request.getRequestURI());
if ((idpMetaAlias == null) || (idpMetaAlias.trim().length() == 0)) {
debug.error(classMethod + "unable to get IDP meta alias from request.");
throw new WSFederationException(WSFederationUtils.bundle.getString("IDPMetaAliasNotFound"));
}
WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
// retrieve IDP entity id from meta alias
String idpEntityID = metaManager.getEntityByMetaAlias(idpMetaAlias);
if ((idpEntityID == null) || (idpEntityID.trim().length() == 0)) {
debug.error(classMethod + "Unable to get IDP Entity ID from metaAlias");
throw new WSFederationException(WSFederationUtils.bundle.getString("nullIDPEntityID"));
}
String realm = WSFederationMetaUtils.getRealmByMetaAlias(idpMetaAlias);
String spEntityID = metaManager.getEntityByTokenIssuerName(realm, wtrealm);
if ((spEntityID == null) || (spEntityID.trim().length() == 0)) {
debug.error(classMethod + "Unable to get SP Entity ID from wtrealm");
throw new WSFederationException(WSFederationUtils.bundle.getString("nullIDPEntityID"));
}
// check if the remote provider is valid
if (!metaManager.isTrustedProvider(realm, idpEntityID, spEntityID)) {
debug.error(classMethod + "The remote provider is not valid.");
throw new WSFederationException(WSFederationUtils.bundle.getString("invalidReceiver"));
}
// get the user sso session from the request
try {
session = WSFederationUtils.sessionProvider.getSession(request);
} catch (SessionException se) {
if (debug.messageEnabled()) {
debug.message(classMethod + "Unable to retrieve user session.");
}
session = null;
}
if (session == null) {
// the user has not logged in yet, redirect to auth
redirectAuthentication(idpEntityID, realm);
return;
}
String sessionRealm = getSessionRealm(session);
// If we are in the same realm as the users existing session then we can continue processing
if (realm.equalsIgnoreCase(sessionRealm)) {
// set session property for multi-federation protocol hub
MultiProtocolUtils.addFederationProtocol(session, SingleLogoutManager.WS_FED);
sendResponse(session, idpEntityID, spEntityID, idpMetaAlias, realm);
} else {
// Trigger a re-auth to the new realm if the session realm value is different
if (debug.messageEnabled()) {
debug.message(classMethod + "The users realm: " + sessionRealm + " was different to the IDP's realm: " + realm + ", will re-authenticate to IDP: " + idpEntityID);
}
redirectAuthentication(idpEntityID, realm);
}
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
SessionException(com.sun.identity.plugin.session.SessionException)
Example 20 with WSFederationException
use of com.sun.identity.wsfederation.common.WSFederationException in project OpenAM by OpenRock.
the class RPSigninResponse method getSPAttributeMapper.
private SPAttributeMapper getSPAttributeMapper(Map attributes) throws WSFederationException {
SPAttributeMapper attrMapper = null;
List attrMapperList = (List) attributes.get(SAML2Constants.SP_ATTRIBUTE_MAPPER);
if (attrMapperList != null) {
try {
attrMapper = (SPAttributeMapper) (Class.forName((String) attrMapperList.get(0)).newInstance());
} catch (ClassNotFoundException cfe) {
throw new WSFederationException(cfe);
} catch (InstantiationException ie) {
throw new WSFederationException(ie);
} catch (IllegalAccessException iae) {
throw new WSFederationException(iae);
}
}
if (attrMapper == null) {
throw new WSFederationException(WSFederationUtils.bundle.getString("failedAttrMapper"));
}
return attrMapper;
}
Also used :
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
SPAttributeMapper(com.sun.identity.wsfederation.plugins.SPAttributeMapper)
List(java.util.List)
Aggregations
WSFederationException (com.sun.identity.wsfederation.common.WSFederationException)21
List (java.util.List)14
WSFederationMetaManager (com.sun.identity.wsfederation.meta.WSFederationMetaManager)7
ArrayList (java.util.ArrayList)7
Map (java.util.Map)7
SessionException (com.sun.identity.plugin.session.SessionException)6
HashMap (java.util.HashMap)6
HashSet (java.util.HashSet)5
Iterator (java.util.Iterator)5
IDPSSOConfigElement (com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)4
SPSSOConfigElement (com.sun.identity.wsfederation.jaxb.entityconfig.SPSSOConfigElement)4
Set (java.util.Set)4
DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)3
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)3
SAMLException (com.sun.identity.saml.common.SAMLException)3
FederationElement (com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)3
WSFederationMetaException (com.sun.identity.wsfederation.meta.WSFederationMetaException)3
Date (java.util.Date)3
SessionProvider (com.sun.identity.plugin.session.SessionProvider)2
Attribute (com.sun.identity.saml.assertion.Attribute)2
