//Look for unauthorized status
if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
{
try
{
ResponseType errorResponseType =
webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
this.identityURL);
if(this.supportSignature)
webRequestUtil.send(errorResponseType, relayState, response, true,
this.keyManager.getSigningKey());
else
webRequestUtil.send(errorResponseType, relayState, response, false,null);
}
catch (GeneralSecurityException e)
{
throw new ServletException(e);
}
return;
}
if(userPrincipal != null)
{
/**
* Since the container has finished the authentication,
* we can retrieve the original saml message as well as
* any relay state from the SP
*/
samlMessage = (String) session.getNote("SAMLRequest");
relayState = (String) session.getNote("RelayState");
signature = (String) session.getNote("Signature");
sigAlg = (String) session.getNote("sigAlg");
log.trace("Retrieved saml message and relay state from session");
log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
log.trace("Signature=" + signature + "::sigAlg="+ sigAlg);
session.removeNote("SAMLRequest");
if(relayState != null && relayState.length() > 0)
session.removeNote("RelayState");
if(signature != null && signature.length() > 0)
session.removeNote("Signature");
if(sigAlg != null && sigAlg.length() > 0)
session.removeNote("sigAlg");
//Send valid saml response after processing the request
if(samlMessage != null)
{
//Get the SAML Request Message
RequestAbstractType requestAbstractType = null;
ResponseType responseType = null;
try
{
requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
boolean isValid = validate(request.getRemoteAddr(),