String contextName = request.getServletContext().getContextPath();
if (contextName == null || contextName.isEmpty()) {
contextName = "/";
}
FederationContext fedConfig = getContextConfiguration(contextName);
FederationProcessor wfProc = new FederationProcessorImpl();
try {
wfRes = wfProc.processRequest(wfReq, fedConfig);
} catch (ProcessingException ex) {
LOG.error("Federation processing failed: " + ex.getMessage());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return false;
}
// Validate the AudienceRestriction in Security Token (e.g. SAML)
// against the configured list of audienceURIs
if (wfRes.getAudience() != null) {
List<String> audienceURIs = fedConfig.getAudienceUris();
boolean validAudience = false;
for (String a : audienceURIs) {
if (wfRes.getAudience().startsWith(a)) {
validAudience = true;
break;