Example 1 with WSFederationMetaException
use of com.sun.identity.wsfederation.meta.WSFederationMetaException in project OpenAM by OpenRock.
the class DefaultADFSPartnerAccountMapper method getSearchParameters.
/**
* This method simply extracts the NameIDValue and constructs a search map
* according to the configuration.
* @param nameID NameIdentifier for the subject
* @param hostEntityID entity ID of the identity provider
* @param remoteEntityID entity ID of the service provider
*/
protected Map getSearchParameters(NameIdentifier nameID, String realm, String hostEntityID, String remoteEntityID) throws WSFederationException {
String classMethod = "DefaultADFSPartnerAccountMapper.getSearchParameters: ";
// Get configuration for this IdP
IDPSSOConfigElement idpConfig = null;
try {
idpConfig = WSFederationUtils.getMetaManager().getIDPSSOConfig(realm, remoteEntityID);
} catch (WSFederationMetaException wsfme) {
throw new WSFederationException(wsfme);
}
String nameIdAttribute = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAMEID_ATTRIBUTE);
// Search on uid by default
if (nameIdAttribute == null || nameIdAttribute.length() == 0) {
nameIdAttribute = WSFederationConstants.UID;
}
String domainAttribute = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.DOMAIN_ATTRIBUTE);
String strNameIncludesDomain = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAME_INCLUDES_DOMAIN);
boolean nameIncludesDomain = Boolean.valueOf(strNameIncludesDomain);
String nameValue = nameID.getName();
if (nameValue == null || nameValue.length() == 0) {
throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "nullNameID", null);
}
// Now construct the key map
Map keyMap = new HashMap();
String name = null;
if (nameID.getFormat().equals(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN]) && !nameIncludesDomain) {
int atSign = nameValue.indexOf('@');
if (atSign == -1) {
String[] args = { nameValue };
throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "missingAtInUpn", args);
}
name = nameValue.substring(0, atSign);
String upnDomain = nameValue.substring(atSign + 1);
if (domainAttribute != null && domainAttribute.length() > 0) {
HashSet set = new HashSet();
set.add(upnDomain);
keyMap.put(domainAttribute, set);
}
if (debug.messageEnabled()) {
debug.message(classMethod + "domain is " + upnDomain);
}
} else {
name = nameValue;
}
if (debug.messageEnabled()) {
debug.message(classMethod + "name is " + name);
}
HashSet set = new HashSet();
set.add(name);
keyMap.put(nameIdAttribute, set);
return keyMap;
}
Also used :
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
HashMap(java.util.HashMap)
IDPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
HashMap(java.util.HashMap)
Map(java.util.Map)
HashSet(java.util.HashSet)
Example 2 with WSFederationMetaException
use of com.sun.identity.wsfederation.meta.WSFederationMetaException in project OpenAM by OpenRock.
the class ConfigFedMonitoring method getWSFedRoles.
public List getWSFedRoles(String entity, String realm) {
List roles = new ArrayList(4);
boolean isSP = true;
int cnt = 0;
try {
WSFederationMetaManager metaManager = new WSFederationMetaManager();
if (metaManager.getIDPSSOConfig(realm, entity) != null) {
roles.add(IDENTITY_PROVIDER);
}
if (metaManager.getSPSSOConfig(realm, entity) != null) {
roles.add(SERVICE_PROVIDER);
}
//to handle dual roles specifically for WSFED
if (roles.isEmpty()) {
FederationElement fedElem = metaManager.getEntityDescriptor(realm, entity);
if (fedElem != null) {
for (Iterator iter = fedElem.getAny().iterator(); iter.hasNext(); ) {
Object o = iter.next();
if (o instanceof UriNamedClaimTypesOfferedElement) {
roles.add(IDENTITY_PROVIDER);
isSP = false;
} else if (o instanceof TokenIssuerEndpointElement) {
cnt++;
}
}
if ((isSP) || (cnt > 1)) {
roles.add(SERVICE_PROVIDER);
}
}
}
} catch (WSFederationMetaException e) {
debug.warning("ConfigFedMonitoring.getWSFedRoles", e);
}
return (roles != null) ? roles : Collections.EMPTY_LIST;
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
UriNamedClaimTypesOfferedElement(com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
FederationElement(com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)
TokenIssuerEndpointElement(com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)
Example 3 with WSFederationMetaException
use of com.sun.identity.wsfederation.meta.WSFederationMetaException in project OpenAM by OpenRock.
the class DefaultIDPAuthenticationMethodMapper method getIDPAuthnContextInfo.
/**
*
* Returns an <code>IDPAuthenticationTypeInfo</code> object.
*
* @param authenticationType the <code>AuthenticationType</code> from the
* Service Provider
* @param idpEntityID the Entity ID of the Identity Provider
* @param realm the realm to which the Identity Provider belongs
* @return an <code>IDPAuthenticationTypeInfo</code> object
* @throws WSFederationException if an error occurs.
*/
public IDPAuthenticationTypeInfo getIDPAuthnContextInfo(String authenticationType, String idpEntityID, String realm) throws WSFederationException {
String classMethod = "DefaultIDPAuthnContextMapper.getIDPAuthnContextInfo: ";
Map attrs = null;
Set authTypeAndValues = null;
IDPAuthenticationTypeInfo info = null;
List requestedClassRefs = null;
String requestedClassRef = null;
List classRefs = null;
String classRef = null;
try {
IDPSSOConfigElement config = WSFederationUtils.getMetaManager().getIDPSSOConfig(realm, idpEntityID);
attrs = WSFederationMetaUtils.getAttributes(config);
} catch (WSFederationMetaException sme) {
debug.error(classMethod + "get IDPSSOConfig failed:", sme);
throw new WSFederationException(sme);
}
List values = (List) attrs.get(SAML2Constants.IDP_AUTHNCONTEXT_CLASSREF_MAPPING);
if ((values != null) && (values.size() != 0)) {
if (authenticationType != null) {
for (int i = 0; i < values.size(); i++) {
String value = ((String) values.get(i)).trim();
if (debug.messageEnabled()) {
debug.message(classMethod + "configured mapping=" + value);
}
StringTokenizer st = new StringTokenizer(value, "|");
if (st.hasMoreTokens()) {
// the first element is an AuthnContextClassRef
classRef = ((String) st.nextToken()).trim();
if (classRef.equals(authenticationType)) {
authTypeAndValues = new HashSet();
while (st.hasMoreTokens()) {
String authTypeAndValue = ((String) st.nextToken()).trim();
if (authTypeAndValue.length() != 0) {
authTypeAndValues.add(authTypeAndValue);
}
}
break;
}
}
}
}
if (authTypeAndValues == null) {
// no matching authnContextClassRef found in config, or
// no valid requested authn class ref, use the first
// one in the config
String value = ((String) values.get(0)).trim();
StringTokenizer st = new StringTokenizer(value, "|");
if (st.hasMoreTokens()) {
// the first element is an AuthnContextClassRef
classRef = ((String) st.nextToken()).trim();
authTypeAndValues = new HashSet();
while (st.hasMoreTokens()) {
String authTypeAndValue = ((String) st.nextToken()).trim();
if (authTypeAndValue.length() != 0) {
authTypeAndValues.add(authTypeAndValue);
}
}
}
}
info = new IDPAuthenticationTypeInfo(authenticationType, authTypeAndValues);
if (debug.messageEnabled()) {
debug.message(classMethod + "requested AuthnContextClassRef=" + requestedClassRef + "\nreturned AuthnContextClassRef=" + classRef + "\nauthTypeAndValues=" + authTypeAndValues);
}
}
return info;
}
Also used :
StringTokenizer(java.util.StringTokenizer)
HashSet(java.util.HashSet)
Set(java.util.Set)
WSFederationException(com.sun.identity.wsfederation.common.WSFederationException)
List(java.util.List)
IDPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
Map(java.util.Map)
HashSet(java.util.HashSet)
Example 4 with WSFederationMetaException
use of com.sun.identity.wsfederation.meta.WSFederationMetaException in project OpenAM by OpenRock.
the class ValidWReplyExtractor method extractValidDomains.
@Override
public Collection<String> extractValidDomains(final WSFederationEntityInfo entityInfo) {
try {
BaseConfigType config;
final Map<String, List<String>> attrs;
if (SAML2Constants.SP_ROLE.equalsIgnoreCase(entityInfo.role)) {
config = WSFederationUtils.getMetaManager().getSPSSOConfig(entityInfo.realm, entityInfo.entityID);
} else {
config = WSFederationUtils.getMetaManager().getIDPSSOConfig(entityInfo.realm, entityInfo.entityID);
}
if (config == null) {
DEBUG.warning("ValidWReplyExtractor.getValidDomains: Entity config is null for entityInfo: " + entityInfo);
return null;
}
attrs = WSFederationMetaUtils.getAttributes(config);
if (attrs == null) {
DEBUG.warning("ValidWReplyExtractor.getValidDomains: Cannot find extended attributes");
return null;
}
final List<String> values = attrs.get(WSFederationConstants.WREPLY_URL_LIST);
if (values != null && !values.isEmpty()) {
return values;
}
} catch (final WSFederationMetaException sme) {
DEBUG.warning("Unable to retrieve extended configuration", sme);
}
return null;
}
Also used :
BaseConfigType(com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
Example 5 with WSFederationMetaException
use of com.sun.identity.wsfederation.meta.WSFederationMetaException in project OpenAM by OpenRock.
the class IDPSSOUtil method getAuthenticationServiceURL.
/**
* Returns the authentication service <code>URL</code> of the
* identity provider
*
* @param realm the realm name of the identity provider
* @param hostEntityId the entity id of the identity provider
* @param request the <code>HttpServletRequest</code> object
*
* @return the authentication service <code>URL</code> of the
* identity provider
*/
public static String getAuthenticationServiceURL(String realm, String hostEntityId, HttpServletRequest request) {
String classMethod = "IDPSSOUtil.getAuthenticationServiceURL: ";
// Try to get authUrl from system configuration
String authUrl = SystemConfigurationUtil.getProperty(IFSConstants.IDP_LOGIN_URL);
if ((authUrl == null) || (authUrl.trim().length() == 0)) {
// try to get it from IDP config
try {
IDPSSOConfigElement config = WSFederationUtils.getMetaManager().getIDPSSOConfig(realm, hostEntityId);
authUrl = WSFederationMetaUtils.getAttribute(config, SAML2Constants.AUTH_URL);
} catch (WSFederationMetaException sme) {
if (debug.messageEnabled()) {
debug.message(classMethod + "get IDPSSOConfig failed:", sme);
}
}
if (authUrl == null) {
// It's not in IDP config
// need to get it from the request
String uri = request.getRequestURI();
String deploymentURI = uri;
int firstSlashIndex = uri.indexOf("/");
int secondSlashIndex = uri.indexOf("/", firstSlashIndex + 1);
if (secondSlashIndex != -1) {
deploymentURI = uri.substring(0, secondSlashIndex);
}
StringBuffer sb = new StringBuffer(100);
sb.append(request.getScheme()).append("://").append(request.getServerName()).append(":").append(request.getServerPort()).append(deploymentURI).append("/UI/Login?realm=").append(realm);
authUrl = sb.toString();
}
}
if (debug.messageEnabled()) {
debug.message(classMethod + "auth url=:" + authUrl);
}
return authUrl;
}
Also used :
IDPSSOConfigElement(com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
Aggregations
WSFederationMetaException (com.sun.identity.wsfederation.meta.WSFederationMetaException)30
WSFederationMetaManager (com.sun.identity.wsfederation.meta.WSFederationMetaManager)20
List (java.util.List)13
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11
FederationElement (com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement)10
Iterator (java.util.Iterator)10
Map (java.util.Map)9
HashMap (java.util.HashMap)8
JAXBException (javax.xml.bind.JAXBException)8
CLIException (com.sun.identity.cli.CLIException)7
HashSet (java.util.HashSet)7
BaseConfigType (com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType)6
IDPSSOConfigElement (com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement)5
ArrayList (java.util.ArrayList)5
Set (java.util.Set)5
FederationConfigElement (com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement)4
UriNamedClaimTypesOfferedElement (com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement)4
WSFederationException (com.sun.identity.wsfederation.common.WSFederationException)3
TokenIssuerEndpointElement (com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement)3
IOException (java.io.IOException)3
