HttpHeaders headers = new HttpHeadersImpl(m);
Map<String, Cookie> cookies = headers.getCookies();
Cookie securityContextCookie = cookies.get(SSOConstants.SECURITY_CONTEXT_TOKEN);
ResponseState responseState = getValidResponseState(securityContextCookie, m);
if (responseState == null) {
return false;
}
Cookie relayStateCookie = cookies.get(SSOConstants.RELAY_STATE);
if (relayStateCookie == null) {
reportError("MISSING_RELAY_COOKIE");
return false;
}
String originalRelayState = responseState.getRelayState();
if (!originalRelayState.equals(relayStateCookie.getValue())) {
// perhaps the response state should also be removed
reportError("INVALID_RELAY_STATE");
return false;
}
try {
String assertion = responseState.getAssertion();
SamlAssertionWrapper assertionWrapper =
new SamlAssertionWrapper(
StaxUtils.read(new StringReader(assertion)).getDocumentElement());
setSecurityContext(m, assertionWrapper);
} catch (Exception ex) {