Package org.jboss.identity.federation.saml.v2.assertion

Examples of org.jboss.identity.federation.saml.v2.assertion.ObjectFactory


         {
            String referer = request.getHeader("Referer");
           
            if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
            {
               ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_AUTHNFAILED.get());
               try
               {
                  send(errorResponseType, request.getParameter("RelayState"), response);
               }
               catch (ParsingException e)
               {
                 log.error(e);
               }
               catch (ProcessingException e)
               {
                  log.error(e);
              
               return;
            }

            //User is authenticated as we are on the return path
            userPrincipal = request.getPrincipal();
            if(userPrincipal != null)
            {
               //Send valid saml response after processing the request
               if(containsSAMLRequestMessage)
               {
                  RequestAbstractType requestAbstractType =  null;
                  try
                  {
                     requestAbstractType = getSAMLRequest(request);
                     boolean isValid = this.validate(request);
                     if(!isValid)
                        throw new GeneralSecurityException("Validity Checks Failed");
                    
                     this.isTrusted(requestAbstractType.getIssuer().getValue());
                    
                     ResponseType responseType = this.getResponse(request, userPrincipal);
                     send(responseType, request.getParameter("RelayState"), response);
                  }
                  catch (Exception e)
                  {
                     log.error("Exception:" ,e);
                     if(requestAbstractType != null)
                        referer = requestAbstractType.getIssuer().getValue();
                     ResponseType errorResponseType = this.getErrorResponse(referer, JBossSAMLURIConstants.STATUS_RESPONDER.get());
                     try
                     {
                        send(errorResponseType, request.getParameter("RelayState"), response);
                     }
                     catch (ParsingException e1)
View Full Code Here


    * @throws ProcessingException
    */
   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      ResponseType responseType = null;

      String samlMessage = getSAMLMessage(request);
      InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
      SAML2Request saml2Request = new SAML2Request();
     
      AuthnRequestType authnRequestType = null;
      try
      {
         authnRequestType = saml2Request.getAuthnRequestType(is);
      }
      catch (JAXBException e2)
      {
         throw new ParsingException(e2);
      }
      catch (SAXException e2)
      {
         throw new ParsingException(e2);
      }
      if(authnRequestType == null)
         throw new IllegalStateException("AuthnRequest is null");

      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Request.marshall(authnRequestType, sw);
         }
         catch (SAXException e)
         {
            log.trace(e);
         }
         catch (JAXBException e)
         {
            log.trace(e);
         }
         log.trace("IDPRedirectValve::AuthnRequest="+sw.toString());
      }
      SAML2Response saml2Response = new SAML2Response();
           
      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL());
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
      //Add information on the roles
      List<String> roles = rg.generateRoles(userPrincipal);
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
     
      //Add timed conditions
View Full Code Here

  
   private ResponseType getErrorResponse(String responseURL, String status) throws ServletException
   {
      try
      {
         ResponseType responseType = null;
        
         SAML2Response saml2Response = new SAML2Response();
              
         //Create a response type
         String id = IDGenerator.create("ID_");
View Full Code Here

      //Look for unauthorized status
      if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
      {
         try
         {
            ResponseType errorResponseType =
              webRequestUtil.getErrorResponse(referer,
                  JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                  this.identityURL);
        
            if(this.supportSignature)
               webRequestUtil.send(errorResponseType, relayState, response, true,
                     this.keyManager.getSigningKey());
            else
               webRequestUtil.send(errorResponseType, relayState, response, false,null);
           
         }
         catch (GeneralSecurityException e)
         {
            throw new ServletException(e);
        
         return;
     
     
      if(userPrincipal != null)
      {
         /**
          * Since the container has finished the authentication,
          * we can retrieve the original saml message as well as
          * any relay state from the SP
          */
         samlMessage = (String) session.getNote("SAMLRequest");
         relayState = (String) session.getNote("RelayState");
         signature = (String) session.getNote("Signature");
         sigAlg = (String) session.getNote("sigAlg");
        
         log.trace("Retrieved saml message and relay state from session");
         log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
         log.trace("Signature=" + signature + "::sigAlg="+ sigAlg);
        
        
         session.removeNote("SAMLRequest");
        
         if(relayState != null && relayState.length() > 0)
            session.removeNote("RelayState");
        
         if(signature != null && signature.length() > 0)
            session.removeNote("Signature");
         if(sigAlg != null && sigAlg.length() > 0)
            session.removeNote("sigAlg");
        
         //Send valid saml response after processing the request
         if(samlMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            ResponseType responseType = null;
           
               try
               {
                  requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
                  boolean isValid = validate(request.getRemoteAddr(),
View Full Code Here

   protected void sendErrorResponseToSP(String referrer, Response response, String relayState,
         IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException
   {
      log.trace("About to send error response to SP:" + referrer);
     
      ResponseType errorResponseType =
         webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(),
               this.identityURL);
      try
      {
         if(this.supportSignature)
View Full Code Here

         byte[] base64DecodedResponse = Base64.decode(samlResponse);
         InputStream is = DeflateUtil.decode(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType;
         try
         {
            responseType = saml2Response.getResponseType(is);
         }
         catch (JAXBException e)
         {
            throw new ParsingException(e);
         }
         catch (SAXException e)
         {
            throw new ParsingException(e);
         }
                 
         this.isTrusted(responseType.getIssuer().getValue());
        
         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
            throw new IllegalStateException("No assertions in reply from IDP");
        
         Object assertion = assertions.get(0);
         if(assertion instanceof EncryptedElementType)
View Full Code Here

   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      SAML2Response saml2Response = new SAML2Response();
     
      ResponseType responseType =  super.getResponse(request, userPrincipal);
    
      //If there is a configuration to encrypt
      if(this.idpConfiguration.isEncrypt())
      {
         //Need to encrypt the assertion
         String sp = responseType.getDestination();
         if(sp == null)
            throw new IllegalStateException("Unable to handle encryption as SP url is null");
         try
         {
            URL spurl = new URL(sp);
            PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
            EncryptionType enc = idpConfiguration.getEncryption();
            if(enc == null)
               throw new IllegalStateException("EncryptionType not configured");
            String encAlgo = enc.getEncAlgo().value();
            int keyLength = enc.getKeySize();
            //Generate a key on the fly
            SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);
           
            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);
           
            Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()))
     
            String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
           
            QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
           
            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);
           
           
            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            // TODO Auto-generated catch block
            e.printStackTrace();
View Full Code Here

         long assertionValidity)
   throws ConfigurationException, IssueInstantMissingException
   {
      log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;    
     
      SAML2Response saml2Response = new SAML2Response();
           
      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
     
     
      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
     
      //Add timed conditions
View Full Code Here

    * @throws ConfigurationException  
    */
   public ResponseType getErrorResponse(String responseURL, String status,
         String identityURL)
   {
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");
View Full Code Here

         byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);
         InputStream is = new ByteArrayInputStream(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType = saml2Response.getResponseType(is);
                 
         this.isTrusted(responseType.getIssuer().getValue());
        
         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
            throw new IllegalStateException("No assertions in reply from IDP");
        
         Object assertion = assertions.get(0);
         if(assertion instanceof EncryptedElementType)
View Full Code Here

TOP

Related Classes of org.jboss.identity.federation.saml.v2.assertion.ObjectFactory

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.