/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: FSReturnLogoutServlet.java,v 1.6 2008/12/19 06:50:47 exu Exp $
*
*/
/**
* Processes <code>ID-FF</code> single logout return (logout response).
*/
/**
* Initiates the servlet.
* @param config the <code>ServletConfig</code> object that contains
* configutation information for this servlet.
* @exception ServletException if an exception occurs that interrupts
* the servlet's normal operation.
*/
throws ServletException
{
}
/**
* Handles the HTTP GET request.
*
* @param request an <code>HttpServletRequest</code> object that contains
* the request the client has made of the servlet.
* @param response an <code>HttpServletResponse</code> object that contains
* the response the servlet sends to the client.
* @exception ServletException if an input or output error is detected when
* the servlet handles the GET request
* @exception IOException if the request for the GET could not be handled
*/
throws ServletException, IOException
{
}
/**
* Handles the HTTP POST request.
*
* @param request an <code>HttpServletRequest</code> object that contains
* the request the client has made of the servlet.
* @param response an <code>HttpServletResponse</code> object that contains
* the response the servlet sends to the client.
* @exception ServletException if an input or output error is detected when
* the servlet handles the POST request
* @exception IOException if the request for the POST could not be handled
*/
throws ServletException, IOException
{
}
/**
* Processes logout response.
* @param request an <code>HttpServletRequest</code> object that contains
* the request the client has made of the servlet.
* @param response an <code>HttpServletResponse</code> object that contains
* the response the servlet sends to the client.
* @exception ServletException if an input or output error is detected when
* the servlet handles the request
* @exception IOException if the request could not be handled
*/
throws ServletException, IOException
{
// Alias processing
}
" Provider. Cannot process request");
return;
}
try {
"FSReturnLogoutRequest: Unable to get principal");
return;
}
} catch (SessionException ssoExp) {
"FSReturnLogoutRequest: Unable to get principal", ssoExp);
}
return;
}
if (metaManager == null) {
return;
}
try {
if (hostedRole != null) {
}
}
if (hostedConfig == null) {
}
} catch (IDFFMetaException e){
return;
}
// Here we will need to
// 1. verify response signature
// 2. verify response status
// 3. retrieve registration request Id from Map
// 4. if status success then do locally else not do locally and
// 5. show status page or LRURL if found in MAP (eg intersiteTransfer)
try {
} catch (FSMsgException e) {
return;
} catch (SAMLException e) {
return;
}
boolean isRemoteIDP = false;
try {
isRemoteIDP = true;
}
} catch (IDFFMetaException e){
}
}
if (remoteDesc == null) {
return;
}
boolean bVerify = true;
if (FSServiceUtils.isSigningOn()) {
try {
} catch (SAMLException e){
bVerify = false;
} catch (FSException e){
bVerify = false;
}
}
// remove session partner in case of logout success or this is IDP
{
}
if (bVerify) {
// check the status on response and update entry
// in ReturnSessionManager only if it is failure
if (localManager != null) {
"update status of logout to failure " +
" in session manager");
}
} else {
}
"FSReturnLogoutServlet, failed logout response " +
return;
}
} else {
"FSReturnLogoutServlet " +
"Signature on logout response is invalid" +
"Cannot proceed logout");
return;
}
.append("/")
}
processLogout.toString()) ;
if ( dispatcher == null ) {
"\ncalling sendErrorPage ");
}
return;
}
return;
}
/**
* Verifies the logout response signature received from the remote end.
* @param request <code>HttpServletRequest</code> containing the signed
* logout response
* @param remoteDescriptor remote provider descriptor
* @param remoteEntityId remote provider's entity id
* @param isRemoteIDP whether the remote provider is an IDP or not
* @return <code>true</code> if the signature is verified; <code>null</code>
* otherwise.
* @exception SAMLException, FSException
*/
private boolean verifyResponseSignature(
boolean isRemoteIDP
) throws SAMLException, FSException
{
"Entered FSReturnLogoutServlet::verifylogoutSignature");
// Verify the signature on the request
"FSReturnLogoutServlet.verifyRegistrationSignature: " +
"couldn't obtain this site's cert.");
}
throw new SAMLResponderException(
}
boolean isValidSign =
if (!isValidSign) {
return false;
} else {
return true;
}
}
}
}
} // FSReturnLogoutServlet