FSLoginHelper.java revision 449854c2a07b50ea64d9d6a8b03d18d4afeeee43
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: FSLoginHelper.java,v 1.5 2008/06/25 05:46:54 qcheng Exp $
*
*/
/**
* Helper class for handling login process at Service Provider.
*/
public class FSLoginHelper {
private boolean forceAuthn;
private boolean isPassive;
private boolean isPassiveQuery = false;
static {
}
/**
* Creates a new <code>FSLoginHelper</code> object.
*
* @param request HTTP Servlet request.
*/
+ "BaseURL to " + amserverURI
}
+ passiveQuery);
}
isPassiveQuery = true;
}
}
}
throws FSLoginHelperException
{
try {
if (metaManager != null) {
} else {
+ "could not get meta manager handle "
+ "Cannot proceed so throwing error page");
throw new FSLoginHelperException(
"FSLoginHelper:: could not get meta manager handle.");
}
if (hostDescriptor == null ) {
+ "getHostedProviderByMetaAlias retured null. "
+ "Cannot proceed so throwing error page");
throw new FSLoginHelperException("FSLoginHelper:: could not get"
+ " host provider Descriptor handle.");
}
if (hostConfig != null) {
"FSLoginHelper()::authLevel not null");
tmpObj =
"FSLoginHelper()::Found auth context "
+ "for auth level " + authLevel );
}
break;
}
}
}
+ respondWithString );
+ hostEntityID );
+ forceAuthn );
+ isPassive );
}
} else {
+ "host extended meta is null");
throw new FSLoginHelperException(
"FSLoginHelper::could not get host meta config.");
}
} catch (IDFFMetaException metaExp) {
+ "meta management Failed.", metaExp);
throw new FSLoginHelperException(
"FSLoginHelper::IDFFMetaException:" +
metaExp.getMessage());
+ "General Exception caugth." , exp);
throw new FSLoginHelperException(
}
}
/**
* Returns a Map of headers,lrurl/responsedata.
* @param headers Map of headers
* @param LRURL relay state url
* @param authLevel authentication level
* @param metaAlias meta alias of hosted provider
* @param remoteEntityID remote provider's entity ID
* @param isFedCookiePresent if fed cookie present or not
* @return Map of headers and lrurl/responedata
* @exception FSLoginHelperException if error occurrs
*/
public Map createAuthnRequest(
boolean isFedCookiePresent)
throws FSLoginHelperException
{
if (remoteEntityID != null) {
} else {
}
if (authnRequest == null ) {
"FSLoginHelper.createAuthnRequest()::AuthnRequest is null");
"Please check your Federation Configuration.") ;
}
"FSLoginHelper.createAuthnRequest()::RequestID: " + requestID);
}
//check if dontgotothird level domain flag is off is yes
//if yes then get one provider and and send to intersiteurl
//else send to third level domain for provider id
//also check if there is a single idp if yes go to intersite transfer
//with providerid
boolean isSingleIDP = true;
boolean isSSO = false;
if (remoteEntityID == null) {
isSSO = true;
}
isSingleIDP = false;
}
//*****************
if (isLECPProfile(headers)){
"FSLoginHelper.createAuthnRequest():LECP Request Identified" );
try {
boolean isPassive = false;
//get IDPList from directory
if (idpEntryList == null){
idpEntryList = new ArrayList();
}
}
}
if (FSServiceUtils.isSigningOn ()) {
{
}
}
+ "AuthnRequestEnvelope: "
+ authnRequestEnvelope.toXMLString() );
}
// responseData = authnRequestEnvelope.toBASE64EncodedString();
} catch (Exception e) {
+ "Exception Occured: " + e.getMessage() );
}
return retMap;
}
//*****************
+ "In case where isSSO true and tldURL is true and not "
+ "single idp. So redirecting to thirdlevel domain");
}
} else if (isSSO && !isSingleIDP) {
+ " In case where isSSO true and not a single idp so have "
+ "show common login page");
return retMap;
} else {
boolean noIDP = false;
if (remoteEntityID == null) {
} else {
"FSLoginHelper:: no idps found in config."
+ " Cannot proceed.");
+ "&"
"Please configure you Federation Services for an IDP.");
noIDP = true;
}
}
if (!noIDP) {
+ " Redirecting to intersiteTransfer URL "
+ " with providerID and Base64 encoded SuccintID. "
}
//check for presence of federate cookie
if (!isFedCookiePresent) {
return retMap;
} else {
}
}
}
}
/**
* If this flag is set via the query param, we will always make
* a passive call to the IDP.
*/
if (isPassiveQuery) {
}
+ "redirectURL : " + redirectURL);
}
if (isWMLProfile(headers)) {
} else {
}
return retMap;
}
{
return;
}
authnRequest.setForceAuthn(false);
}
}
try {
continue;
}
}
if (providerStatus == null ||
(providerStatus != null &&
{
}
}
}
} catch (IDFFMetaException ame) {
"FSLoginHelper::getIDPs Error in getting idp List:", ame);
}
"FSLoginHelper::getIDPs returing idpset as " + idpSet);
}
return idpSet;
}
private FSAuthnRequest getAuthnReq(
boolean federate)
throws FSLoginHelperException
{
try {
if (isLECPProfile(headers)) {
} else if(isWMLProfile(headers)) {
}
+ "Federation profile is:" + protocolProfile);
}
if (respondWithString!=null){
while (st.hasMoreTokens()) {
}
} else {
}
// this should be configurable
authnContext = new RequestAuthnContext(
{
} else {
}
federate = true;
}
authnRequest = new FSAuthnRequest(
null,
"FSLoginHelper.getAuthnReq():Error during procesing:", ex);
throw new FSLoginHelperException(
}
return authnRequest;
}
if (redirectURL != null) {
}
return map;
}
if (lecpHeaderValue == null) {
"FSLoginHelper.isLECPProfile checking for "
+ "lower case header: " + header);
}
}
if (lecpHeaderValue != null) {
return true;
} else {
return false;
}
}
return false;
}
if (wmlHeaderValue != null) {
if ((wmlHeaderValue.toLowerCase().
{
"FSLoginHelper.isWMLProfile() :: true ");
return true;
}
}
}
return false;
}
try {
+ "Received COT Set is Invalid");
} else {
+"Multiple COTs found will do polling " );
}
} else {
"FSLoginHelper::getTLDURL() Single COT found");
}
{
+ "found a active cot with cotid : "
+ cotDesc.getCircleOfTrustName());
}
break;
}
}
}
} catch (COTException ame) {
+ "COTException:", ame);
"FSLoginHelper.getTLDURL():General Exception:", exp);
}
+ tldURL);
}
return tldURL;
}
/**
* Creates <code>AuthnRequestEnvelope</code> for <code>LECP</code> profile.
* @param request <code>HttpServletRequest</code> object
* @return xml string of an <code>AuthnRequestEnvelope</code> object
*/
"FSLoginHelper.createAuthnRequestEnvelope(): called" +
}
try {
//FSServiceUtils.getMetaAlias(request);
while(headerNames.hasMoreElements()) {
}
}
if (authnRequest == null ) {
"FSLoginHelper.createAuthnRequest()::AuthnRequest is null");
return errorPage + "&"
"Please check your Federation Configuration.") ;
}
"FSLoginHelper.createAuthnRequest()::RequestID: " +
}
}
//check if dontgotothird level domain flag is off is yes
//if yes then get one provider and and send to intersiteurl
//else send to third level domain for provider id
//also check if there is a single idp if yes go to intersite
//transfer with providerid
//*****************
boolean isPassive = false;
//get IDPList from directory
if (idpEntryList == null){
idpEntryList = new ArrayList();
}
}
}
if (FSServiceUtils.isSigningOn ()) {
if (hostDescriptor.isAuthnRequestsSigned()) {
}
}
+ "AuthnRequestEnvelope: "
+ authnRequestEnvelope.toXMLString() );
}
return authnRequestEnvelope.toXMLString();
} catch (Exception e) {
"FSLoginHelper.createAuthnRequest():Exception Occured: ", e);
return null;
}
}
}