Examples with ServiceProviderAuthenticationException org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException used on opensource projects

Search in sources :

Example 1 with ServiceProviderAuthenticationException

use of org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException in project MaxKey by dromara.

the class ConsumerEndpoint method consumer.

@RequestMapping(value = "/consumer/saml/v20/{spId}")
public ModelAndView consumer(HttpServletRequest request, HttpServletResponse response, @PathVariable("spId") String spId) throws Exception {
    logger.debug("Attempting authentication.");
    // 初始化SP 证书
    initCredential(spId);
    SAMLMessageContext messageContext = null;
    /*
		try {
			messageContext = bindingAdapter.extractSAMLMessageContext(request);
		} catch (MessageDecodingException me) {
			logger.error("Could not decode SAML Response", me);
			throw new Exception(me);
		} catch (SecurityException se) {
			logger.error("Could not decode SAML Response", se);
			throw new Exception(se);
		}*/
    logger.debug("Message received from issuer: " + messageContext.getInboundMessageIssuer());
    if (!(messageContext.getInboundSAMLMessage() instanceof Response)) {
        logger.error("SAML Message was not a Response");
        throw new Exception();
    }
    List<Assertion> assertionList = ((Response) messageContext.getInboundSAMLMessage()).getAssertions();
    String credentials = extractBindingAdapter.extractSAMLMessage(request);
    // 未认证token
    Response samlResponse = (Response) messageContext.getInboundSAMLMessage();
    AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
    try {
        validatorSuite.validate(samlResponse);
    } catch (ValidationException ve) {
        logger.warn("Response Message failed Validation", ve);
        throw new ServiceProviderAuthenticationException("Invalid SAML REsponse Message", ve);
    }
    checkResponseStatus(samlResponse);
    Assertion assertion = samlResponse.getAssertions().get(0);
    logger.debug("authenticationResponseIssuingEntityName {}", samlResponse.getIssuer().getValue());
    String username = assertion.getSubject().getNameID().getValue();
    logger.debug("assertion.getID() ", assertion.getID());
    logger.debug("assertion.getSubject().getNameID().getValue() ", username);
    logger.debug("assertion.getID() ", assertion.getAuthnStatements());
    LoginCredential loginCredential = new LoginCredential(username, "", ConstsLoginType.SAMLTRUST);
    authenticationProvider.authentication(loginCredential, true);
    ModelAndView mav = new ModelAndView();
    mav.addObject("username", username);
    mav.setViewName("redirect:/appList");
    return mav;
}
Also used : ValidationException(org.opensaml.xml.validation.ValidationException) Assertion(org.opensaml.saml2.core.Assertion) ModelAndView(org.springframework.web.servlet.ModelAndView) MessageDecodingException(org.opensaml.ws.message.decoder.MessageDecodingException) IdentityProviderAuthenticationException(org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException) ValidationException(org.opensaml.xml.validation.ValidationException) SecurityException(org.opensaml.xml.security.SecurityException) ServiceProviderAuthenticationException(org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException) Response(org.opensaml.saml2.core.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) HttpServletRequest(javax.servlet.http.HttpServletRequest) SAMLMessageContext(org.opensaml.common.binding.SAMLMessageContext) ServiceProviderAuthenticationException(org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException) LoginCredential(org.maxkey.authn.LoginCredential) WebAuthenticationDetailsSource(org.springframework.security.web.authentication.WebAuthenticationDetailsSource) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 LoginCredential (org.maxkey.authn.LoginCredential)1 IdentityProviderAuthenticationException (org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException)1 ServiceProviderAuthenticationException (org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException)1 SAMLMessageContext (org.opensaml.common.binding.SAMLMessageContext)1 Assertion (org.opensaml.saml2.core.Assertion)1 Response (org.opensaml.saml2.core.Response)1 MessageDecodingException (org.opensaml.ws.message.decoder.MessageDecodingException)1 SecurityException (org.opensaml.xml.security.SecurityException)1 ValidationException (org.opensaml.xml.validation.ValidationException)1 WebAuthenticationDetailsSource (org.springframework.security.web.authentication.WebAuthenticationDetailsSource)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1 ModelAndView (org.springframework.web.servlet.ModelAndView)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial