Package org.jboss.identity.federation.web.util

Examples of org.jboss.identity.federation.web.util.IDPWebRequestUtil


            log.trace("Login Filters have not been configured");
         response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
      }
     
     
      IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request,
            idpConfiguration, keyManager);

      if(userPrincipal != null)
      {
         if(trace)
         {
            log.trace("Retrieved saml message and relay state from session");
            log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
         }
         session.removeAttribute("SAMLRequest");

         if(relayState != null && relayState.length() > 0)
            session.removeAttribute("RelayState");

         //Send valid saml response after processing the request
         if(samlMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            Document samlResponse = null;
            String destination = null;
            try
            {
               requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
               boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
               boolean isValid = validate(request.getRemoteAddr(),
                     request.getQueryString(),
                     new SessionHolder(samlMessage, null, null), isPost);
              
               if(!isValid)
                  throw new GeneralSecurityException("Validation check failed");

               webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());

              
               List<String> roles = (List<String>) session.getAttribute(ROLES_ID);
               if(roles == null)
               {
                  roles = rg.generateRoles(userPrincipal);
                  session.setAttribute(ROLES_ID, roles);
               }
                 

               if(trace)
                  log.trace("Roles have been determined:Creating response");

               AuthnRequestType art = (AuthnRequestType) requestAbstractType;
               destination = art.getAssertionConsumerServiceURL();

               samlResponse =
                  webRequestUtil.getResponse(destination,
                        userPrincipal, roles,
                        this.identityURL, this.assertionValidity, this.signOutgoingMessages);
            }
            catch (IssuerNotTrustedException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
                        this.identityURL, this.signOutgoingMessages)
            }
            catch (ParsingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (ConfigurationException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (IssueInstantMissingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch(GeneralSecurityException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            finally
            {
               try
               {
                  if(this.signOutgoingMessages)
                     webRequestUtil.send(samlResponse, destination,relayState, response, true,
                           this.keyManager.getSigningKey());
                  else
                     webRequestUtil.send(samlResponse, destination, relayState, response, false,null);
               }
               catch (ParsingException e)
               {
                  if(trace) log.trace(e);
               }
View Full Code Here


            log.trace("Login Filters have not been configured");
         response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
      }
     
     
      IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request,
            idpConfiguration, keyManager);
      webRequestUtil.setAttributeManager(this.attribManager);
      webRequestUtil.setAttributeKeys(attributeKeys);

      if(userPrincipal != null)
      {
         if(trace)
         {
            log.trace("Retrieved saml message and relay state from session");
            log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
         }
         session.removeAttribute("SAMLRequest");

         if(relayState != null && relayState.length() > 0)
            session.removeAttribute("RelayState");

         //Send valid saml response after processing the request
         if(samlMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            Document samlResponse = null;
            String destination = null;
            try
            {
               requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
               boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
               boolean isValid = validate(request.getRemoteAddr(),
                     request.getQueryString(),
                     new SessionHolder(samlMessage, null), isPost);
              
               if(!isValid)
                  throw new GeneralSecurityException("Validation check failed");

               webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());

              
               List<String> roles = (List<String>) session.getAttribute(ROLES_ID);
               if(roles == null)
               {
                  roles = rg.generateRoles(userPrincipal);
                  session.setAttribute(ROLES_ID, roles);
               }
                 

               if(trace)
                  log.trace("Roles have been determined:Creating response");

               AuthnRequestType art = (AuthnRequestType) requestAbstractType;
               destination = art.getAssertionConsumerServiceURL();

               samlResponse =
                  webRequestUtil.getResponse(destination,
                        userPrincipal, roles,
                        this.identityURL, this.assertionValidity, this.signOutgoingMessages);
            }
            catch (IssuerNotTrustedException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
                        this.identityURL, this.signOutgoingMessages)
            }
            catch (ParsingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (ConfigurationException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (IssueInstantMissingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch(GeneralSecurityException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            finally
            {
               try
               {
                  if(samlResponse == null)
                     throw new ServletException("SAML Response has not been generated");
                 
                  if(this.signOutgoingMessages)
                     webRequestUtil.send(samlResponse, destination,relayState, response, true,
                           this.keyManager.getSigningKey());
                  else
                     webRequestUtil.send(samlResponse, destination, relayState, response, false,null);
               }
               catch (ParsingException e)
               {
                  if(trace) log.trace(e);
               }
View Full Code Here

               log.trace("Referer in finally block="+ referer + ":user principal=" + userPrincipal);
         }
      }
     
     
      IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration, keyManager);
      webRequestUtil.setAttributeManager(this.attribManager);
      webRequestUtil.setAttributeKeys(attributeKeys);
     
      Document samlErrorResponse = null;
      //Look for unauthorized status
      if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
      {
         try
         {
            samlErrorResponse =
              webRequestUtil.getErrorResponse(referer,
                  JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                  this.identityURL, this.signOutgoingMessages);
        
            if(this.signOutgoingMessages)
               webRequestUtil.send(samlErrorResponse, referer, relayState, response, true,
                     this.keyManager.getSigningKey());
            else
               webRequestUtil.send(samlErrorResponse, referer,relayState, response, false,null);
           
         }
         catch (GeneralSecurityException e)
         {
            throw new ServletException(e);
        
         return;
     
     
      if(userPrincipal != null)
      {
         /**
          * Since the container has finished the authentication,
          * we can retrieve the original saml message as well as
          * any relay state from the SP
          */
         samlMessage = (String) session.getNote("SAMLRequest");
         relayState = (String) session.getNote("RelayState");
         signature = (String) session.getNote("Signature");
         sigAlg = (String) session.getNote("sigAlg");
        
         if(trace)
         {
            log.trace("Retrieved saml message and relay state from session");
            log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
            log.trace("Signature=" + signature + "::sigAlg="+ sigAlg);
         }
        
         session.removeNote("SAMLRequest");
        
         if(relayState != null && relayState.length() > 0)
            session.removeNote("RelayState");
        
         if(signature != null && signature.length() > 0)
            session.removeNote("Signature");
         if(sigAlg != null && sigAlg.length() > 0)
            session.removeNote("sigAlg");
        
         //Send valid saml response after processing the request
         if(samlMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            Document samlResponse = null;
            String destination = null;
               try
               {
                  requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
                  boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
                  boolean isValid = validate(request.getRemoteAddr(),
                        request.getQueryString(),
                        new SessionHolder(samlMessage, signature, sigAlg), isPost);
                  if(!isValid)
                     throw new GeneralSecurityException("Validation check failed");
                 
                  webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());

                  List<String> roles = rg.generateRoles(userPrincipal);
                 
                  log.trace("Roles have been determined:Creating response");

                  AuthnRequestType art = (AuthnRequestType) requestAbstractType;
                  destination = art.getAssertionConsumerServiceURL();
                 
                  samlResponse =
                     webRequestUtil.getResponse(destination,
                           userPrincipal, roles,
                           this.identityURL, this.assertionValidity, this.signOutgoingMessages);
               }
               catch (IssuerNotTrustedException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                        webRequestUtil.getErrorResponse(referer,
                            JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
                            this.identityURL, this.signOutgoingMessages)
               }
               catch (ParsingException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch (ConfigurationException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch (IssueInstantMissingException e)
               {
                  if(trace) log.trace(e);
                 
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch(GeneralSecurityException e)
               {
                  if(trace) log.trace(e);
                 
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               finally
               {
                  try
                  {
                     if(webRequestUtil.hasSAMLRequestInPostProfile())
                        recycle(response);
                    
                     if(this.signOutgoingMessages)
                        webRequestUtil.send(samlResponse, destination,relayState, response, true,
                              this.keyManager.getSigningKey());
                     else
                        webRequestUtil.send(samlResponse, destination, relayState, response, false,null);
                  }
                  catch (ParsingException e)
                  {
                     if(trace) log.trace(e);
                  }
View Full Code Here

         if(trace)
            log.trace("Login Filters have not been configured");
         response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
      }     
     
      IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request,
            idpConfiguration, keyManager);
      webRequestUtil.setAttributeManager(this.attribManager);
      webRequestUtil.setAttributeKeys(attributeKeys);

      if(userPrincipal != null)
      {
         if(trace)
         {
            log.trace("Retrieved saml message and relay state from session");
            log.trace("saml Request message=" + samlRequestMessage + "::relay state="+ relayState);
            log.trace("saml Response message=" + samlResponseMessage + "::relay state="+ relayState);
         }
         session.removeAttribute("SAMLRequest");
         session.removeAttribute("SAMLResponse");

         if(relayState != null && relayState.length() > 0)
            session.removeAttribute("RelayState");
        
         SAML2Object samlObject = null;
         String destination = null;
         Document samlResponse = null;
        
         if(samlResponseMessage != null)
         {
            StatusResponseType statusResponseType = null;
            try
            {
               samlObject = webRequestUtil.getSAMLObject(samlResponseMessage);
              
               boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
               boolean isValid = validate(request.getRemoteAddr(),
                     request.getQueryString(),
                     new SessionHolder(samlResponseMessage, null), isPost);
              
               if(!isValid)
                  throw new GeneralSecurityException("Validation check failed");

               String issuer = null;
               IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
               ProtocolContext protocolContext = new HTTPContext(request,response, context);
               //Create the request/response
               SAML2HandlerRequest saml2HandlerRequest =
                  new DefaultSAML2HandlerRequest(protocolContext,
                        idpIssuer.getIssuer(), samlObject,
                        HANDLER_TYPE.IDP);
               saml2HandlerRequest.setRelayState(relayState);
              
               Map<String, Object> requestOptions = new HashMap<String, Object>();
               requestOptions.put("ROLE_GENERATOR", rg);
               saml2HandlerRequest.setOptions(requestOptions);
              
               SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();

               Set<SAML2Handler> handlers = chain.handlers();
              
               if(samlObject instanceof StatusResponseType)
               {
                  statusResponseType = (StatusResponseType) samlObject;
                  issuer = statusResponseType.getIssuer().getValue();
                  webRequestUtil.isTrusted(issuer);
                 
                  if(handlers != null)
                  {
                     for(SAML2Handler handler: handlers)
                     {
                        handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse);
                     }
                  } 
               }
               else
                  throw new RuntimeException("Unknown type:" + samlObject.getClass().getName());

               samlResponse = saml2HandlerResponse.getResultingDocument();
               relayState = saml2HandlerResponse.getRelayState();
              
               destination = saml2HandlerResponse.getDestination();
            }
            catch(Exception e)
            {
               throw new RuntimeException(e);
            }
             
         }
         else
         //Send valid saml response after processing the request
         if(samlRequestMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            StatusResponseType statusResponseType = null;
           
            try
            {
               samlObject = webRequestUtil.getSAMLObject(samlRequestMessage);
              
               boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
               boolean isValid = validate(request.getRemoteAddr(),
                     request.getQueryString(),
                     new SessionHolder(samlRequestMessage, null), isPost);
              
               if(!isValid)
                  throw new GeneralSecurityException("Validation check failed");

               String issuer = null;
               IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
               ProtocolContext protocolContext = new HTTPContext(request,response, context);
               //Create the request/response
               SAML2HandlerRequest saml2HandlerRequest =
                  new DefaultSAML2HandlerRequest(protocolContext,
                        idpIssuer.getIssuer(), samlObject,
                        HANDLER_TYPE.IDP);
               saml2HandlerRequest.setRelayState(relayState);
              
               Map<String, Object> requestOptions = new HashMap<String, Object>();
               requestOptions.put(GeneralConstants.ROLE_GENERATOR, rg);
               requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY, this.assertionValidity);
               requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration);
               Map<String,Object> attribs  = this.attribManager.getAttributes(userPrincipal, attributeKeys);
               requestOptions.put(GeneralConstants.ATTRIBUTES, attribs);
              
               saml2HandlerRequest.setOptions(requestOptions);
              
               List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID);
               if(roles == null)
               {
                  roles = rg.generateRoles(userPrincipal);
                  session.setAttribute(GeneralConstants.ROLES_ID, roles);
               }
              
               SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();

               Set<SAML2Handler> handlers = chain.handlers();
              
               if(samlObject instanceof RequestAbstractType)
               {
                  requestAbstractType = (RequestAbstractType) samlObject;
                  issuer = requestAbstractType.getIssuer().getValue();
                  webRequestUtil.isTrusted(issuer);
                 
                  if(handlers != null)
                  {
                     for(SAML2Handler handler: handlers)
                     {
                        handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse);
                     }
                  }
               }
               else
                  throw new RuntimeException("Unknown type:" + samlObject.getClass().getName());

               samlResponse = saml2HandlerResponse.getResultingDocument();
               relayState = saml2HandlerResponse.getRelayState();
              
               destination = saml2HandlerResponse.getDestination();
              
              
               //requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
              
              
               /*//RequestAbstractType
               if(requestAbstractType != null)
               {
                  List<String> roles = (List<String>) session.getAttribute(ROLES_ID);
                  if(roles == null)
                  {
                     roles = rg.generateRoles(userPrincipal);
                     session.setAttribute(ROLES_ID, roles);
                  }
                    
                  if(trace)
                     log.trace("Roles have been determined:Creating response");
                 
                  if(requestAbstractType instanceof LogoutRequestType)
                  {
                     LogoutRequestType lot = (LogoutRequestType) requestAbstractType;
                    
                  }

                  AuthnRequestType art = (AuthnRequestType) requestAbstractType;
                  destination = art.getAssertionConsumerServiceURL();

                  samlResponse =
                     webRequestUtil.getResponse(destination,
                           userPrincipal, roles,
                           this.identityURL, this.assertionValidity, this.signOutgoingMessages);  
               }
               else
               {
                  //status response type
               }*/
            }
            catch (IssuerNotTrustedException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
                        this.identityURL, this.signOutgoingMessages)
            }
            catch (ParsingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (ConfigurationException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch (IssueInstantMissingException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
            catch(GeneralSecurityException e)
            {
               if(trace) log.trace(e);

               samlResponse =
                  webRequestUtil.getErrorResponse(referer,
                        JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                        this.identityURL, this.signOutgoingMessages);
            }
           
         }
         else
         {
            log.error("No SAML Request Message");
            if(trace) log.trace("Referer="+referer);

            try
            {
               sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
               return;
            }
            catch (ConfigurationException e)
            {
               if(trace) log.trace(e);
            }
         }
        
         try
         {
            if(samlResponse == null)
               throw new ServletException("SAML Response has not been generated");

            if(this.signOutgoingMessages)
               webRequestUtil.send(samlResponse, destination,relayState, response, true,
                     this.keyManager.getSigningKey());
            else
               webRequestUtil.send(samlResponse, destination, relayState, response, false,null);
         }
         catch (ParsingException e)
         {
            if(trace) log.trace(e);
         }
View Full Code Here

               log.trace("Referer in finally block="+ referer + ":user principal=" + userPrincipal);
         }
      }
     
     
      IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration, keyManager);
      webRequestUtil.setAttributeManager(this.attribManager);
      webRequestUtil.setAttributeKeys(attributeKeys);
     
      Document samlErrorResponse = null;
      //Look for unauthorized status
      if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
      {
         try
         {
            samlErrorResponse =
              webRequestUtil.getErrorResponse(referer,
                  JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                  this.identityURL, this.signOutgoingMessages);
        
            if(this.signOutgoingMessages)
               webRequestUtil.send(samlErrorResponse, referer, relayState, response, true,
                     this.keyManager.getSigningKey());
            else
               webRequestUtil.send(samlErrorResponse, referer,relayState, response, false,null);
           
         }
         catch (GeneralSecurityException e)
         {
            throw new ServletException(e);
        
         return;
     
     
      if(userPrincipal != null)
      {
         /**
          * Since the container has finished the authentication,
          * we can retrieve the original saml message as well as
          * any relay state from the SP
          */
         samlMessage = (String) session.getNote("SAMLRequest");
         relayState = (String) session.getNote("RelayState");
         signature = (String) session.getNote("Signature");
         sigAlg = (String) session.getNote("sigAlg");
        
         if(trace)
         {
            log.trace("Retrieved saml message and relay state from session");
            log.trace("saml message=" + samlMessage + "::relay state="+ relayState);
            log.trace("Signature=" + signature + "::sigAlg="+ sigAlg);
         }
        
         session.removeNote("SAMLRequest");
        
         if(relayState != null && relayState.length() > 0)
            session.removeNote("RelayState");
        
         if(signature != null && signature.length() > 0)
            session.removeNote("Signature");
         if(sigAlg != null && sigAlg.length() > 0)
            session.removeNote("sigAlg");
        
         //Send valid saml response after processing the request
         if(samlMessage != null)
         {
            //Get the SAML Request Message
            RequestAbstractType requestAbstractType =  null;
            Document samlResponse = null;
            String destination = null;
               try
               {
                  requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
                  boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
                  boolean isValid = validate(request.getRemoteAddr(),
                        request.getQueryString(),
                        new SessionHolder(samlMessage, signature, sigAlg), isPost);
                  if(!isValid)
                     throw new GeneralSecurityException("Validation check failed");
                 
                  webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());

                  List<String> roles = rg.generateRoles(userPrincipal);
                 
                  log.trace("Roles have been determined:Creating response");

                  AuthnRequestType art = (AuthnRequestType) requestAbstractType;
                  destination = art.getAssertionConsumerServiceURL();
                 
                  samlResponse =
                     webRequestUtil.getResponse(destination,
                           userPrincipal, roles,
                           this.identityURL, this.assertionValidity, this.signOutgoingMessages);
               }
               catch (IssuerNotTrustedException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                        webRequestUtil.getErrorResponse(referer,
                            JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
                            this.identityURL, this.signOutgoingMessages)
               }
               catch (ParsingException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch (ConfigurationException e)
               {
                  if(trace) log.trace(e);
                  
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch (IssueInstantMissingException e)
               {
                  if(trace) log.trace(e);
                 
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               catch(GeneralSecurityException e)
               {
                  if(trace) log.trace(e);
                 
                  samlResponse =
                     webRequestUtil.getErrorResponse(referer,
                         JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
                         this.identityURL, this.signOutgoingMessages);
               }
               finally
               {
                  try
                  {
                     if(webRequestUtil.hasSAMLRequestInPostProfile())
                        recycle(response);
                    
                     if(this.signOutgoingMessages)
                        webRequestUtil.send(samlResponse, destination,relayState, response, true,
                              this.keyManager.getSigningKey());
                     else
                        webRequestUtil.send(samlResponse, destination, relayState, response, false,null);
                  }
                  catch (ParsingException e)
                  {
                     if(trace) log.trace(e);
                  }
View Full Code Here

TOP

Related Classes of org.jboss.identity.federation.web.util.IDPWebRequestUtil

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.