Example 21 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class AssertionIDRequestServiceSOAP method doGetPost.
private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// handle DOS attack
SAMLUtils.checkHTTPContentLength(req);
String pathInfo = req.getPathInfo();
if (pathInfo == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AssertionIDRequestServiceSOAP.doGetPost: " + "pathInfo is null.");
}
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
return;
}
String role = null;
int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
if (index > 2) {
role = pathInfo.substring(1, index - 1);
}
String samlAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
String samlAuthorityEntityID = null;
String realm = null;
try {
samlAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(samlAuthorityMetaAlias);
realm = SAML2MetaUtils.getRealmByMetaAlias(samlAuthorityMetaAlias);
} catch (SAML2Exception sme) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", sme);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
return;
}
if (!SAML2Utils.isIDPProfileBindingSupported(realm, samlAuthorityEntityID, SAML2Constants.ASSERTION_ID_REQUEST_SERVICE, SAML2Constants.SOAP)) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:Assertion ID request" + " service SOAP binding is not supported for " + samlAuthorityEntityID);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_BAD_REQUEST, "unsupportedBinding", SAML2Utils.bundle.getString("unsupportedBinding"));
return;
}
AssertionIDRequest assertionIDRequest = null;
try {
SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ASSERTION_ID_REQUEST);
assertionIDRequest = ProtocolFactory.getInstance().createAssertionIDRequest(elem);
} catch (Exception ex) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost:", ex);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAssertionIDRequest", ex.getMessage());
return;
}
SOAPMessage replymsg = null;
try {
Response samlResp = AssertionIDRequestUtil.processAssertionIDRequest(assertionIDRequest, req, resp, samlAuthorityEntityID, role, realm);
replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
} catch (Throwable t) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
}
try {
if (replymsg.saveRequired()) {
replymsg.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
OutputStream os = resp.getOutputStream();
replymsg.writeTo(os);
os.flush();
} catch (SOAPException soap) {
SAML2Utils.debug.error("AssertionIDRequestServiceSOAP.doGetPost", soap);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
return;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.sun.identity.saml2.protocol.Response)
AssertionIDRequest(com.sun.identity.saml2.protocol.AssertionIDRequest)
Element(org.w3c.dom.Element)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
SOAPMessage(javax.xml.soap.SOAPMessage)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 22 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class AttributeServiceSOAP method doGetPost.
private void doGetPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// handle DOS attack
SAMLUtils.checkHTTPContentLength(req);
AttributeQuery attrQuery = null;
try {
SOAPMessage msg = SOAPCommunicator.getInstance().getSOAPMessage(req);
Element elem = SOAPCommunicator.getInstance().getSamlpElement(msg, SAML2Constants.ATTRIBUTE_QUERY);
attrQuery = ProtocolFactory.getInstance().createAttributeQuery(elem);
} catch (Exception ex) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost:", ex);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "failedToCreateAttributeQuery", ex.getMessage());
return;
}
String pathInfo = req.getPathInfo();
if (pathInfo == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("AttributeServiceSOAP.doGetPost: " + "pathInfo is null.");
}
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullPathInfo", SAML2Utils.bundle.getString("nullPathInfo"));
return;
}
String attrQueryProfileAlias = null;
int index = pathInfo.indexOf(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
if (index > 2) {
attrQueryProfileAlias = pathInfo.substring(1, index - 1);
}
String attrAuthorityMetaAlias = SAML2MetaUtils.getMetaAliasByUri(req.getRequestURI());
String attrAuthorityEntityID = null;
String realm = null;
try {
attrAuthorityEntityID = SAML2Utils.getSAML2MetaManager().getEntityByMetaAlias(attrAuthorityMetaAlias);
realm = SAML2MetaUtils.getRealmByMetaAlias(attrAuthorityMetaAlias);
} catch (SAML2Exception sme) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", sme);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidMetaAlias", sme.getMessage());
return;
}
SOAPMessage replymsg = null;
try {
Response samlResp = AttributeQueryUtil.processAttributeQuery(attrQuery, req, resp, attrAuthorityEntityID, realm, attrQueryProfileAlias);
replymsg = SOAPCommunicator.getInstance().createSOAPMessage(samlResp.toXMLString(true, true), false);
} catch (Throwable t) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost: " + "Unable to create SOAP message:", t);
replymsg = SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
}
try {
if (replymsg.saveRequired()) {
replymsg.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(replymsg.getMimeHeaders(), resp);
OutputStream os = resp.getOutputStream();
replymsg.writeTo(os);
os.flush();
} catch (SOAPException soap) {
SAML2Utils.debug.error("AttributeServiceSOAP.doGetPost", soap);
SAMLUtils.sendError(req, resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "soapError", soap.getMessage());
return;
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.sun.identity.saml2.protocol.Response)
AttributeQuery(com.sun.identity.saml2.protocol.AttributeQuery)
Element(org.w3c.dom.Element)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
SOAPMessage(javax.xml.soap.SOAPMessage)
ServletException(javax.servlet.ServletException)
SOAPException(javax.xml.soap.SOAPException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Example 23 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class IDPArtifactResolution method doArtifactResolution.
/**
* This method processes the artifact resolution request coming
* from a service provider. It processes the artifact
* resolution request sent by the service provider and
* sends back a proper SOAPMessage that contains an Assertion.
*
* @param request the <code>HttpServletRequest</code> object
* @param response the <code>HttpServletResponse</code> object
*/
public static void doArtifactResolution(HttpServletRequest request, HttpServletResponse response) {
String classMethod = "IDPArtifactResolution.doArtifactResolution: ";
try {
String idpMetaAlias = request.getParameter(SAML2MetaManager.NAME_META_ALIAS_IN_URI);
if ((idpMetaAlias == null) || (idpMetaAlias.trim().length() == 0)) {
idpMetaAlias = SAML2MetaUtils.getMetaAliasByUri(request.getRequestURI());
}
if ((idpMetaAlias == null) || (idpMetaAlias.trim().length() == 0)) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "unable to get IDP meta alias from request.");
}
String[] data = { idpMetaAlias };
LogUtil.error(Level.INFO, LogUtil.IDP_METADATA_ERROR, data, null);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullIDPMetaAlias", SAML2Utils.bundle.getString("nullIDPMetaAlias"));
return;
}
// retrieve IDP entity id from meta alias
String idpEntityID = null;
String realm = null;
try {
idpEntityID = IDPSSOUtil.metaManager.getEntityByMetaAlias(idpMetaAlias);
if ((idpEntityID == null) || (idpEntityID.trim().length() == 0)) {
SAMLUtils.debug.error(classMethod + "Unable to get IDP Entity ID from meta.");
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.INVALID_IDP, data, null);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "nullIDPEntityID", SAML2Utils.bundle.getString("nullIDPEntityID"));
return;
}
realm = SAML2MetaUtils.getRealmByMetaAlias(idpMetaAlias);
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error(classMethod + "Unable to get IDP Entity ID from meta.");
String[] data = { idpMetaAlias };
LogUtil.error(Level.INFO, LogUtil.IDP_METADATA_ERROR, data, null);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "metaDataError", SAML2Utils.bundle.getString("metaDataError"));
return;
}
if (!SAML2Utils.isIDPProfileBindingSupported(realm, idpEntityID, SAML2Constants.ARTIFACT_RESOLUTION_SERVICE, SAML2Constants.SOAP)) {
SAML2Utils.debug.error(classMethod + "Artifact Resolution Service binding: Redirect is not " + "supported for " + idpEntityID);
String[] data = { idpEntityID, SAML2Constants.SOAP };
LogUtil.error(Level.INFO, LogUtil.BINDING_NOT_SUPPORTED, data, null);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_BAD_REQUEST, "unsupportedBinding", SAML2Utils.bundle.getString("unsupportedBinding"));
return;
}
try {
// Get all the headers from the HTTP request
MimeHeaders headers = getHeaders(request);
// Get the body of the HTTP request
InputStream is = request.getInputStream();
SOAPMessage msg = messageFactory.createMessage(headers, is);
SOAPMessage reply = null;
reply = onMessage(msg, request, response, realm, idpEntityID);
if (reply != null) {
/* Need to call saveChanges because we're
* going to use the MimeHeaders to set HTTP
* response information. These MimeHeaders
* are generated as part of the save. */
if (reply.saveRequired()) {
reply.saveChanges();
}
response.setStatus(HttpServletResponse.SC_OK);
putHeaders(reply.getMimeHeaders(), response);
// Write out the message on the response stream
OutputStream outputStream = response.getOutputStream();
reply.writeTo(outputStream);
outputStream.flush();
} else {
response.setStatus(HttpServletResponse.SC_NO_CONTENT);
}
} catch (SOAPException ex) {
SAML2Utils.debug.error(classMethod + "SOAP error", ex);
String[] data = { idpEntityID };
LogUtil.error(Level.INFO, LogUtil.INVALID_SOAP_MESSAGE, data, null);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "invalidSOAPMessage", SAML2Utils.bundle.getString("invalidSOAPMessage") + " " + ex.getMessage());
return;
} catch (SAML2Exception se) {
SAML2Utils.debug.error(classMethod + "SAML2 error", se);
SAMLUtils.sendError(request, response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "unableToCreateArtifactResponse", SAML2Utils.bundle.getString("unableToCreateArtifactResponse") + " " + se.getMessage());
return;
}
} catch (IOException ioe) {
SAML2Utils.debug.error(classMethod + "I/O rrror", ioe);
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
MimeHeaders(javax.xml.soap.MimeHeaders)
InputStream(java.io.InputStream)
OutputStream(java.io.OutputStream)
SOAPException(javax.xml.soap.SOAPException)
IOException(java.io.IOException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
SOAPMessage(javax.xml.soap.SOAPMessage)
Example 24 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class IDPArtifactResolution method onMessage.
/**
* This method generates a <code>SOAPMessage</code> containing the
* <code>ArtifactResponse</code> that is corresponding to the
* <code>ArtifactResolve</code> contained in the
* <code>SOAPMessage</code> passed in.
*
* @param message <code>SOAPMessage</code> contains a
* <code>ArtifactResolve</code>
* @param request the <code>HttpServletRequest</code> object
* @param realm the realm to where the identity provider belongs
* @param idpEntityID the entity id of the identity provider
*
* @return <code>SOAPMessage</code> contains the
* <code>ArtifactResponse</code>
* @exception SAML2Exception if the operation is not successful
*/
public static SOAPMessage onMessage(SOAPMessage message, HttpServletRequest request, HttpServletResponse response, String realm, String idpEntityID) throws SAML2Exception {
String classMethod = "IDPArtifactResolution.onMessage: ";
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Entering onMessage().");
}
Element reqElem = SOAPCommunicator.getInstance().getSamlpElement(message, "ArtifactResolve");
ArtifactResolve artResolve = ProtocolFactory.getInstance().createArtifactResolve(reqElem);
if (artResolve == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "no valid ArtifactResolve node found in SOAP body.");
}
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "noArtifactResolve", null);
}
String spEntityID = artResolve.getIssuer().getValue();
if (!SAML2Utils.isSourceSiteValid(artResolve.getIssuer(), realm, idpEntityID)) {
SAML2Utils.debug.error(classMethod + spEntityID + " is not trusted issuer.");
String[] data = { idpEntityID, realm, artResolve.getID() };
LogUtil.error(Level.INFO, LogUtil.INVALID_ISSUER_REQUEST, data, null);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "invalidIssuerInRequest", null);
}
SPSSODescriptorElement spSSODescriptor = null;
try {
spSSODescriptor = IDPSSOUtil.metaManager.getSPSSODescriptor(realm, spEntityID);
} catch (SAML2MetaException sme) {
SAML2Utils.debug.error(classMethod, sme);
spSSODescriptor = null;
}
if (spSSODescriptor == null) {
SAML2Utils.debug.error(classMethod + "Unable to get SP SSO Descriptor from meta.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "metaDataError", null);
}
OrderedSet acsSet = SPSSOFederate.getACSUrl(spSSODescriptor, SAML2Constants.HTTP_ARTIFACT);
String acsURL = (String) acsSet.get(0);
//String protocolBinding = (String) acsSet.get(1);
String isArtifactResolveSigned = SAML2Utils.getAttributeValueFromSSOConfig(realm, idpEntityID, SAML2Constants.IDP_ROLE, SAML2Constants.WANT_ARTIFACT_RESOLVE_SIGNED);
if ((isArtifactResolveSigned != null) && (isArtifactResolveSigned.equals(SAML2Constants.TRUE))) {
if (!artResolve.isSigned()) {
SAML2Utils.debug.error(classMethod + "The artifact resolve is not signed " + "when it is expected to be signed.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "ArtifactResolveNotSigned", null);
}
Set<X509Certificate> verificationCerts = KeyUtil.getVerificationCerts(spSSODescriptor, spEntityID, SAML2Constants.SP_ROLE);
if (!artResolve.isSignatureValid(verificationCerts)) {
SAML2Utils.debug.error(classMethod + "artifact resolve verification failed.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "invalidArtifact", null);
}
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "artifact resolve signature verification is successful.");
}
}
Artifact art = artResolve.getArtifact();
if (art == null) {
SAML2Utils.debug.error(classMethod + "Unable to get an artifact from ArtifactResolve.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "invalidArtifactSignature", null);
}
String artStr = art.getArtifactValue();
Response res = (Response) IDPCache.responsesByArtifacts.remove(artStr);
String remoteArtURL = null;
boolean saml2FailoverEnabled = SAML2FailoverUtils.isSAML2FailoverEnabled();
if (res == null) {
// in LB case, artifact may reside on the other server.
String targetServerID = SAML2Utils.extractServerId(art.getMessageHandle());
if (targetServerID == null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "target serverID is null");
}
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "InvalidArtifactId", null);
}
String localServerID = SAML2Utils.getLocalServerID();
boolean localTarget = localServerID.equals(targetServerID);
if (!localTarget) {
if (!SystemConfigurationUtil.isValidServerId(targetServerID)) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "target serverID is not valid: " + targetServerID);
}
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "InvalidArtifactId", null);
}
try {
String remoteServiceURL = SystemConfigurationUtil.getServerFromID(targetServerID);
remoteArtURL = remoteServiceURL + SAML2Utils.removeDeployUri(request.getRequestURI());
SOAPConnection con = SOAPCommunicator.getInstance().openSOAPConnection();
SOAPMessage resMsg = con.call(message, remoteArtURL);
return resMsg;
} catch (Exception ex) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "unable to forward request to remote server. " + "remote url = " + remoteArtURL, ex);
}
if (!saml2FailoverEnabled) {
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "RemoteArtifactResolutionFailed", null);
}
// when the target server is running but the remote call was
// failed to this server (due to a network error)
// and the saml2failover is enabled, we can still find the
// artifact in the SAML2 repository.
// However the cached entry in the target server will not be
// deleted this way.
}
}
if (saml2FailoverEnabled) {
// Check the SAML2 Token Repository
try {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("Artifact=" + artStr);
}
String tmp = (String) SAML2FailoverUtils.retrieveSAML2Token(artStr);
res = ProtocolFactory.getInstance().createResponse(tmp);
} catch (SAML2Exception e) {
SAML2Utils.debug.error(classMethod + " SAML2 ERROR!!!", e);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "UnableToFindResponseInRepo", null);
} catch (SAML2TokenRepositoryException se) {
SAML2Utils.debug.error(classMethod + " There was a problem reading the response " + "from the SAML2 Token Repository using artStr:" + artStr, se);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, "UnableToFindResponseInRepo", null);
}
}
}
if (res == null) {
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.CLIENT_FAULT, saml2FailoverEnabled ? "UnableToFindResponseInRepo" : "UnableToFindResponse", null);
}
// Remove Response from SAML2 Token Repository
try {
if (saml2FailoverEnabled) {
SAML2FailoverUtils.deleteSAML2Token(artStr);
}
} catch (SAML2TokenRepositoryException e) {
SAML2Utils.debug.error(classMethod + " Error deleting the response from the SAML2 Token Repository using artStr:" + artStr, e);
}
Map props = new HashMap();
String nameIDString = SAML2Utils.getNameIDStringFromResponse(res);
if (nameIDString != null) {
props.put(LogUtil.NAME_ID, nameIDString);
}
// check if need to sign the assertion
boolean signAssertion = spSSODescriptor.isWantAssertionsSigned();
if (signAssertion) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "signing the assertion.");
}
}
// encrypt the assertion or its NameID and/or Attribute based
// on SP config setting and sign the assertion.
IDPSSOUtil.signAndEncryptResponseComponents(realm, spEntityID, idpEntityID, res, signAssertion);
ArtifactResponse artResponse = ProtocolFactory.getInstance().createArtifactResponse();
Status status = ProtocolFactory.getInstance().createStatus();
StatusCode statusCode = ProtocolFactory.getInstance().createStatusCode();
statusCode.setValue(SAML2Constants.SUCCESS);
status.setStatusCode(statusCode);
// set the idp entity id as the response issuer
Issuer issuer = AssertionFactory.getInstance().createIssuer();
issuer.setValue(idpEntityID);
artResponse.setStatus(status);
artResponse.setID(SAML2Utils.generateID());
artResponse.setInResponseTo(artResolve.getID());
artResponse.setVersion(SAML2Constants.VERSION_2_0);
artResponse.setIssueInstant(new Date());
artResponse.setAny(res.toXMLString(true, true));
artResponse.setIssuer(issuer);
artResponse.setDestination(XMLUtils.escapeSpecialCharacters(acsURL));
String wantArtifactResponseSigned = SAML2Utils.getAttributeValueFromSSOConfig(realm, spEntityID, SAML2Constants.SP_ROLE, SAML2Constants.WANT_ARTIFACT_RESPONSE_SIGNED);
if ((wantArtifactResponseSigned != null) && (wantArtifactResponseSigned.equals(SAML2Constants.TRUE))) {
KeyProvider kp = KeyUtil.getKeyProviderInstance();
if (kp == null) {
SAML2Utils.debug.error(classMethod + "Unable to get a key provider instance.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "nullKeyProvider", null);
}
String idpSignCertAlias = SAML2Utils.getSigningCertAlias(realm, idpEntityID, SAML2Constants.IDP_ROLE);
if (idpSignCertAlias == null) {
SAML2Utils.debug.error(classMethod + "Unable to get the hosted IDP signing certificate alias.");
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "missingSigningCertAlias", null);
}
String encryptedKeyPass = SAML2Utils.getSigningCertEncryptedKeyPass(realm, idpEntityID, SAML2Constants.IDP_ROLE);
PrivateKey key;
if (encryptedKeyPass == null || encryptedKeyPass.isEmpty()) {
key = kp.getPrivateKey(idpSignCertAlias);
} else {
key = kp.getPrivateKey(idpSignCertAlias, encryptedKeyPass);
}
artResponse.sign(key, kp.getX509Certificate(idpSignCertAlias));
}
String str = artResponse.toXMLString(true, true);
String[] logdata = { idpEntityID, artStr, str };
LogUtil.access(Level.INFO, LogUtil.ARTIFACT_RESPONSE, logdata, null, props);
if (str != null) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "ArtifactResponse message:\n" + str);
}
} else {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Unable to print ArtifactResponse message.");
}
}
SOAPMessage msg = null;
try {
msg = SOAPCommunicator.getInstance().createSOAPMessage(str, false);
} catch (SOAPException se) {
SAML2Utils.debug.error(classMethod + "Unable to create a SOAPMessage and add a document ", se);
return SOAPCommunicator.getInstance().createSOAPFault(SAML2Constants.SERVER_FAULT, "unableToCreateSOAPMessage", null);
}
return msg;
}
Also used :
KeyProvider(com.sun.identity.saml.xmlsig.KeyProvider)
PrivateKey(java.security.PrivateKey)
HashMap(java.util.HashMap)
Issuer(com.sun.identity.saml2.assertion.Issuer)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
SPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)
Element(org.w3c.dom.Element)
SOAPConnection(javax.xml.soap.SOAPConnection)
SOAPMessage(javax.xml.soap.SOAPMessage)
StatusCode(com.sun.identity.saml2.protocol.StatusCode)
ArtifactResolve(com.sun.identity.saml2.protocol.ArtifactResolve)
SOAPException(javax.xml.soap.SOAPException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Status(com.sun.identity.saml2.protocol.Status)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
X509Certificate(java.security.cert.X509Certificate)
Artifact(com.sun.identity.saml2.protocol.Artifact)
SOAPException(javax.xml.soap.SOAPException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)
IOException(java.io.IOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Date(java.util.Date)
Response(com.sun.identity.saml2.protocol.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ArtifactResponse(com.sun.identity.saml2.protocol.ArtifactResponse)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
ArtifactResponse(com.sun.identity.saml2.protocol.ArtifactResponse)
SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 25 with SOAPException
use of javax.xml.soap.SOAPException in project OpenAM by OpenRock.
the class IDPProxyUtil method sendProxyLogoutResponseBySOAP.
public static void sendProxyLogoutResponseBySOAP(SOAPMessage reply, HttpServletResponse resp, PrintWriter out) {
try {
// are generated as part of the save.
if (reply.saveRequired()) {
reply.saveChanges();
}
resp.setStatus(HttpServletResponse.SC_OK);
SAML2Utils.putHeaders(reply.getMimeHeaders(), resp);
// Write out the message on the response stream
ByteArrayOutputStream stream = new ByteArrayOutputStream();
reply.writeTo(stream);
out.println(stream.toString());
out.flush();
} catch (SOAPException se) {
SAML2Utils.debug.error("sendProxyLogoutResponseBySOAP: ", se);
} catch (IOException ie) {
SAML2Utils.debug.error("sendProxyLogoutResponseBySOAP: ", ie);
}
}
Also used :
SOAPException(javax.xml.soap.SOAPException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
Aggregations
SOAPException (javax.xml.soap.SOAPException)120
SOAPMessage (javax.xml.soap.SOAPMessage)68
IOException (java.io.IOException)38
Element (org.w3c.dom.Element)36
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)24
QName (javax.xml.namespace.QName)22
SOAPBody (javax.xml.soap.SOAPBody)18
SOAPElement (javax.xml.soap.SOAPElement)17
Node (org.w3c.dom.Node)17
SOAPFault (javax.xml.soap.SOAPFault)14
Fault (org.apache.cxf.interceptor.Fault)14
SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)13
SOAPPart (javax.xml.soap.SOAPPart)12
XMLStreamException (javax.xml.stream.XMLStreamException)12
OutputStream (java.io.OutputStream)11
Iterator (java.util.Iterator)11
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11
ServletException (javax.servlet.ServletException)10
List (java.util.List)9
MessageFactory (javax.xml.soap.MessageFactory)9
