Example 16 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class AttributeQueryUtil method sendAttributeQuerySOAP.
private static Response sendAttributeQuerySOAP(AttributeQuery attrQuery, String attributeServiceURL, String attrAuthorityEntityID, AttributeAuthorityDescriptorElement aad) throws SAML2Exception {
String attrQueryXMLString = attrQuery.toXMLString(true, true);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "attrQueryXMLString = " + attrQueryXMLString);
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "attributeServiceURL = " + attributeServiceURL);
}
SOAPMessage resMsg = null;
try {
resMsg = SOAPCommunicator.getInstance().sendSOAPMessage(attrQueryXMLString, attributeServiceURL, true);
} catch (SOAPException se) {
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuerySOAP: ", se);
throw new SAML2Exception(SAML2Utils.bundle.getString("errorSendingAttributeQuery"));
}
Element respElem = SOAPCommunicator.getInstance().getSamlpElement(resMsg, "Response");
Response response = ProtocolFactory.getInstance().createResponse(respElem);
Status status = response.getStatus();
if (!SAML2Constants.SUCCESS.equals(status.getStatusCode().getValue())) {
String message = status.getStatusMessage() == null ? "" : status.getStatusMessage();
String detail = status.getStatusDetail() == null ? "" : status.getStatusDetail().toXMLString();
SAML2Utils.debug.error("AttributeQueryUtil.sendAttributeQuerySOAP: " + "Non-Success status " + status.getStatusCode().getValue() + ", message: " + message + ", detail: " + detail);
Object[] args = { status.getStatusCode().getValue(), message, detail };
throw new SAML2Exception(SAML2Utils.BUNDLE_NAME, "failureStatusAttributeQuery", args);
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeQueryUtil.sendAttributeQuerySOAP: " + "response = " + response.toXMLString(true, true));
}
verifyResponse(response, attrQuery, attrAuthorityEntityID, aad);
return response;
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Response(com.sun.identity.saml2.protocol.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Status(com.sun.identity.saml2.protocol.Status)
SOAPException(javax.xml.soap.SOAPException)
AttributeServiceElement(com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement)
AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement)
AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
AttributeAuthorityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeAuthorityConfigElement)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
Element(org.w3c.dom.Element)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
SOAPMessage(javax.xml.soap.SOAPMessage)
Example 17 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class SOAPCommunicator method createSOAPFault.
/**
* Forms a SOAP Fault and puts it in the SOAP Message Body.
*
* @param faultCode Fault code.
* @param faultString Fault string.
* @param detail Fault details.
* @return SOAP Fault in the SOAP Message Body or null if unable to generate the message.
*/
public SOAPMessage createSOAPFault(final String faultCode, final String faultString, final String detail) {
try {
SOAPMessage message = messageFactory.createMessage();
SOAPEnvelope envelope = message.getSOAPPart().getEnvelope();
SOAPFault fault = envelope.getBody().addFault();
fault.setFaultCode(envelope.createName(faultCode, null, SOAPConstants.URI_NS_SOAP_ENVELOPE));
fault.setFaultString(SAML2Utils.bundle.getString(faultString));
if (StringUtils.isNotEmpty(detail)) {
Detail faultDetail = fault.addDetail();
SOAPElement faultDetailEntry = (SOAPElement) faultDetail.addDetailEntry(envelope.createName("Problem"));
faultDetailEntry.addAttribute(envelope.createName("details"), SAML2Utils.bundle.getString(detail));
}
return message;
} catch (SOAPException e) {
debug.error("createSOAPFault:", e);
return null;
}
}
Also used :
SOAPException(javax.xml.soap.SOAPException)
SOAPElement(javax.xml.soap.SOAPElement)
SOAPFault(javax.xml.soap.SOAPFault)
SOAPEnvelope(javax.xml.soap.SOAPEnvelope)
SOAPMessage(javax.xml.soap.SOAPMessage)
Detail(javax.xml.soap.Detail)
Example 18 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class SOAPCommunicator method getSOAPBody.
/**
* Returns SOAP body as DOM Element from SOAPMessage.
*
* @param message SOAPMessage object.
* @return SOAP body, return null if unable to get the SOAP body element.
*/
public Element getSOAPBody(final SOAPMessage message) throws SAML2Exception {
debug.message("SOAPCommunicator.getSOAPBody : start");
// check the SOAP message for any SOAP
// related errors before passing control to SAML processor
ByteArrayOutputStream byteArrayOut = new ByteArrayOutputStream();
try {
message.writeTo(byteArrayOut);
} catch (IOException ie) {
debug.error("SOAPCommunicator.getSOAPBody : writeTo IO", ie);
throw new SAML2Exception(ie.getMessage());
} catch (SOAPException se) {
debug.error("SOAPCommunicator.getSOAPBody : writeTo SOAP", se);
throw new SAML2Exception(se.getMessage());
}
ByteArrayInputStream byteArrayIn = new ByteArrayInputStream(byteArrayOut.toByteArray());
Document doc = XMLUtils.toDOMDocument(byteArrayIn, debug);
Element root = doc.getDocumentElement();
if (debug.messageEnabled()) {
debug.message("SOAPCommunicator.getSOAPBody : soap body =\n" + XMLUtils.print((Node) root));
}
String rootName = doc.getDocumentElement().getLocalName();
if (StringUtils.isEmpty(rootName)) {
debug.error("SOAPCommunicator.getSOAPBody : no local name");
throw new SAML2Exception(SAML2Utils.bundle.getString("missingLocalName"));
}
if (!(rootName.equals("Envelope")) || (!(SAMLConstants.SOAP_URI.equals(root.getNamespaceURI())))) {
debug.error("SOAPCommunicator.getSOAPBody : either root " + "element is not Envelope or invalid name space or prefix");
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSOAPElement"));
}
NodeList nodeList = root.getChildNodes();
int length = nodeList.getLength();
if (length <= 0) {
debug.error("SOAPCommunicator.getSOAPBody: no msg body");
throw new SAML2Exception(SAML2Utils.bundle.getString("missingSOAPBody"));
}
for (int i = 0; i < length; i++) {
Node child = nodeList.item(i);
if (child.getNodeType() != Node.ELEMENT_NODE) {
debug.message("SOAPCommunicator.getSOAPBody: " + child);
continue;
}
String childName = child.getLocalName();
if (debug.messageEnabled()) {
debug.message("SOAPCommunicator.getSOAPBody: local name= " + childName);
}
if (childName.equals("Body") && SAMLConstants.SOAP_URI.equals(child.getNamespaceURI())) {
// found the Body element
return (Element) child;
}
}
throw new SAML2Exception(SAML2Utils.bundle.getString("missingSOAPBody"));
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
SOAPException(javax.xml.soap.SOAPException)
SOAPElement(javax.xml.soap.SOAPElement)
Element(org.w3c.dom.Element)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
Document(org.w3c.dom.Document)
Example 19 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class SPACSUtils method getResponseFromArtifact.
// Retrieves response using artifact profile.
private static Response getResponseFromArtifact(String samlArt, String hostEntityId, HttpServletRequest request, HttpServletResponse response, String orgName, SAML2MetaManager sm) throws SAML2Exception, IOException {
// decide which IDP and which artifact resolution service
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromArtifact: " + "samlArt = " + samlArt);
}
Artifact art = null;
try {
art = ProtocolFactory.getInstance().createArtifact(samlArt.trim());
String[] data = { samlArt.trim() };
LogUtil.access(Level.INFO, LogUtil.RECEIVED_ARTIFACT, data, null);
} catch (SAML2Exception se) {
SAML2Utils.debug.error("SPACSUtils.getResponseFromArtifact: " + "Unable to decode and parse artifact string:" + samlArt);
SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST, "errorObtainArtifact", SAML2Utils.bundle.getString("errorObtainArtifact"));
throw se;
}
String idpEntityID = getIDPEntityID(art, request, response, orgName, sm);
IDPSSODescriptorElement idp = null;
try {
idp = sm.getIDPSSODescriptor(orgName, idpEntityID);
} catch (SAML2MetaException se) {
String[] data = { orgName, idpEntityID };
LogUtil.error(Level.INFO, LogUtil.IDP_META_NOT_FOUND, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToGetIDPSSODescriptor", se.getMessage());
throw se;
}
String location = getIDPArtifactResolutionServiceUrl(art.getEndpointIndex(), idpEntityID, idp, request, response);
// create ArtifactResolve message
ArtifactResolve resolve = null;
SOAPMessage resMsg = null;
try {
resolve = ProtocolFactory.getInstance().createArtifactResolve();
resolve.setID(SAML2Utils.generateID());
resolve.setVersion(SAML2Constants.VERSION_2_0);
resolve.setIssueInstant(new Date());
resolve.setArtifact(art);
resolve.setDestination(XMLUtils.escapeSpecialCharacters(location));
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(hostEntityId);
resolve.setIssuer(issuer);
String needArtiResolveSigned = SAML2Utils.getAttributeValueFromSSOConfig(orgName, idpEntityID, SAML2Constants.IDP_ROLE, SAML2Constants.WANT_ARTIFACT_RESOLVE_SIGNED);
if (needArtiResolveSigned != null && needArtiResolveSigned.equals("true")) {
// or save it somewhere?
String signAlias = getAttributeValueFromSPSSOConfig(orgName, hostEntityId, sm, SAML2Constants.SIGNING_CERT_ALIAS);
if (signAlias == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("missingSigningCertAlias"));
}
KeyProvider kp = KeyUtil.getKeyProviderInstance();
if (kp == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullKeyProvider"));
}
resolve.sign(kp.getPrivateKey(signAlias), kp.getX509Certificate(signAlias));
}
String resolveString = resolve.toXMLString(true, true);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromArtifact: " + "ArtifactResolve=" + resolveString);
}
SOAPConnection con = SOAPCommunicator.getInstance().openSOAPConnection();
SOAPMessage msg = SOAPCommunicator.getInstance().createSOAPMessage(resolveString, true);
IDPSSOConfigElement config = null;
config = sm.getIDPSSOConfig(orgName, idpEntityID);
location = SAML2Utils.fillInBasicAuthInfo(config, location);
resMsg = con.call(msg, location);
} catch (SAML2Exception s2e) {
SAML2Utils.debug.error("SPACSUtils.getResponseFromArtifact: " + "couldn't create ArtifactResolve:", s2e);
String[] data = { hostEntityId, art.getArtifactValue() };
LogUtil.error(Level.INFO, LogUtil.CANNOT_CREATE_ARTIFACT_RESOLVE, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "errorCreateArtifactResolve", SAML2Utils.bundle.getString("errorCreateArtifactResolve"));
throw s2e;
} catch (SOAPException se) {
SAML2Utils.debug.error("SPACSUtils.getResponseFromGet: " + "couldn't get ArtifactResponse. SOAP error:", se);
String[] data = { hostEntityId, location };
LogUtil.error(Level.INFO, LogUtil.CANNOT_GET_SOAP_RESPONSE, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "errorInSOAPCommunication", SAML2Utils.bundle.getString("errorInSOAPCommunication"));
throw new SAML2Exception(se.getMessage());
}
Response result = getResponseFromSOAP(resMsg, resolve, request, response, idpEntityID, idp, orgName, hostEntityId, sm);
String[] data = { hostEntityId, idpEntityID, art.getArtifactValue(), "" };
if (LogUtil.isAccessLoggable(Level.FINE)) {
data[3] = result.toXMLString();
}
LogUtil.access(Level.INFO, LogUtil.GOT_RESPONSE_FROM_ARTIFACT, data, null);
return result;
}
Also used :
KeyProvider(com.sun.identity.saml.xmlsig.KeyProvider)
Issuer(com.sun.identity.saml2.assertion.Issuer)
SOAPConnection(javax.xml.soap.SOAPConnection)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
SOAPMessage(javax.xml.soap.SOAPMessage)
Artifact(com.sun.identity.saml2.protocol.Artifact)
Date(java.util.Date)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Response(com.sun.identity.saml2.protocol.Response)
ArtifactResponse(com.sun.identity.saml2.protocol.ArtifactResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ArtifactResolve(com.sun.identity.saml2.protocol.ArtifactResolve)
SOAPException(javax.xml.soap.SOAPException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 20 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class SPACSUtils method getResponseFromPostECP.
/**
* Obtains <code>SAML Response</code> from <code>SOAPBody</code>.
* Used by ECP profile.
*/
private static ResponseInfo getResponseFromPostECP(HttpServletRequest request, HttpServletResponse response, String orgName, String hostEntityId, SAML2MetaManager metaManager) throws SAML2Exception, IOException {
Message message = null;
try {
message = new Message(SOAPCommunicator.getInstance().getSOAPMessage(request));
} catch (SOAPException soapex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SOAP_MESSAGE_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", soapex.getMessage());
throw new SAML2Exception(soapex.getMessage());
} catch (SOAPBindingException soapex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SOAP_MESSAGE_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", soapex.getMessage());
throw new SAML2Exception(soapex.getMessage());
} catch (SOAPFaultException sfex) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.RECEIVE_SOAP_FAULT_ECP, data, null);
String faultString = sfex.getSOAPFaultMessage().getSOAPFault().getFaultString();
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateSOAPMessage", faultString);
throw new SAML2Exception(faultString);
}
List soapHeaders = message.getOtherSOAPHeaders();
ECPRelayState ecpRelayState = null;
if ((soapHeaders != null) && (!soapHeaders.isEmpty())) {
for (Iterator iter = soapHeaders.iterator(); iter.hasNext(); ) {
Element headerEle = (Element) iter.next();
try {
ecpRelayState = ECPFactory.getInstance().createECPRelayState(headerEle);
break;
} catch (SAML2Exception saml2ex) {
// not ECP RelayState
}
}
}
String relayState = null;
if (ecpRelayState != null) {
relayState = ecpRelayState.getValue();
}
List soapBodies = message.getBodies();
if ((soapBodies == null) || (soapBodies.isEmpty())) {
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SAML_RESPONSE_FROM_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST, "missingSAMLResponse", SAML2Utils.bundle.getString("missingSAMLResponse"));
throw new SAML2Exception(SAML2Utils.bundle.getString("missingSAMLResponse"));
}
Element resElem = (Element) soapBodies.get(0);
Response resp = null;
try {
resp = ProtocolFactory.getInstance().createResponse(resElem);
} catch (SAML2Exception se) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP:" + "Couldn't create Response:", se);
}
String[] data = { hostEntityId };
LogUtil.error(Level.INFO, LogUtil.CANNOT_INSTANTIATE_SAML_RESPONSE_FROM_ECP, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToCreateResponse", se.getMessage());
throw se;
}
String idpEntityID = resp.getIssuer().getValue();
IDPSSODescriptorElement idpDesc = null;
try {
idpDesc = metaManager.getIDPSSODescriptor(orgName, idpEntityID);
} catch (SAML2MetaException se) {
String[] data = { orgName, idpEntityID };
LogUtil.error(Level.INFO, LogUtil.IDP_META_NOT_FOUND, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "failedToGetIDPSSODescriptor", se.getMessage());
throw se;
}
Set<X509Certificate> certificates = KeyUtil.getVerificationCerts(idpDesc, idpEntityID, SAML2Constants.IDP_ROLE);
List assertions = resp.getAssertion();
if ((assertions != null) && (!assertions.isEmpty())) {
for (Iterator iter = assertions.iterator(); iter.hasNext(); ) {
Assertion assertion = (Assertion) iter.next();
if (!assertion.isSigned()) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP: " + " Assertion is not signed.");
}
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.ECP_ASSERTION_NOT_SIGNED, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "assertionNotSigned", SAML2Utils.bundle.getString("assertionNotSigned"));
throw new SAML2Exception(SAML2Utils.bundle.getString("assertionNotSigned"));
} else if (!assertion.isSignatureValid(certificates)) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPACSUtils.getResponseFromPostECP: " + " Assertion signature is invalid.");
}
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.ECP_ASSERTION_INVALID_SIGNATURE, data, null);
SAMLUtils.sendError(request, response, response.SC_INTERNAL_SERVER_ERROR, "invalidSignature", SAML2Utils.bundle.getString("invalidSignature"));
throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSignature"));
}
}
}
return new ResponseInfo(resp, SAML2Constants.PAOS, relayState);
}
Also used :
Message(com.sun.identity.liberty.ws.soapbinding.Message)
SOAPMessage(javax.xml.soap.SOAPMessage)
SOAPBindingException(com.sun.identity.liberty.ws.soapbinding.SOAPBindingException)
SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
ArtifactResolutionServiceElement(com.sun.identity.saml2.jaxb.metadata.ArtifactResolutionServiceElement)
Element(org.w3c.dom.Element)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Assertion(com.sun.identity.saml2.assertion.Assertion)
SOAPFaultException(com.sun.identity.liberty.ws.soapbinding.SOAPFaultException)
X509Certificate(java.security.cert.X509Certificate)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Response(com.sun.identity.saml2.protocol.Response)
ArtifactResponse(com.sun.identity.saml2.protocol.ArtifactResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SOAPException(javax.xml.soap.SOAPException)
ECPRelayState(com.sun.identity.saml2.ecp.ECPRelayState)
Iterator(java.util.Iterator)
List(java.util.List)
ArrayList(java.util.ArrayList)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Aggregations
SOAPException (javax.xml.soap.SOAPException)78
SOAPMessage (javax.xml.soap.SOAPMessage)46
IOException (java.io.IOException)35
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)24
Element (org.w3c.dom.Element)23
Response (com.sun.identity.saml2.protocol.Response)10
OutputStream (java.io.OutputStream)10
ServletException (javax.servlet.ServletException)9
SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)8
Iterator (java.util.Iterator)8
HttpServletResponse (javax.servlet.http.HttpServletResponse)8
SOAPBody (javax.xml.soap.SOAPBody)8
SOAPElement (javax.xml.soap.SOAPElement)8
EngineException (org.apache.stanbol.enhancer.servicesapi.EngineException)8
IDPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)7
List (java.util.List)7
SOAPPart (javax.xml.soap.SOAPPart)7
Issuer (com.sun.identity.saml2.assertion.Issuer)6
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)6
ByteArrayOutputStream (java.io.ByteArrayOutputStream)6
