a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: SecurityTokenManagerServlet.java,v 1.2 2008/06/25 05:47:21 qcheng Exp $
4a5a82da9bbab0a3ea1701c3ae9334c678d24ca5Mark de Reeper * Portions Copyrighted 2013 ForgeRock, Inc.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
4a5a82da9bbab0a3ea1701c3ae9334c678d24ca5Mark de Reeperimport org.forgerock.openam.utils.ClientUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.xml.rpc.server.http.JAXRPCServlet;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class provides remote interfaces for the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SecurityTokenManager</code> class using JAX-RPC. Since JAX-RPC does not
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * provide a mechanism to obtain <code>HttpServletRequest</code> and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>HttpServletResponse </code>, it is currently extending Sun's
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implementation of <code>JAXRPCServlet</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This classes uses the same security mechanism used by <code>SAMLSOAPReceiver
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * </code> for validating the caller.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class SecurityTokenManagerServlet extends JAXRPCServlet {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "SecurityTokenManagerServlet: processing request from server: ";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Overrides JAXRPCServlet's doPost method to perform the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * security check on the caller. The logic is implemented
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in SAMLSOAPReceiver.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request the <code>HttpServletRequest</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response the <code>HttpServletResponse</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws ServletException if there is an error.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void doPost(HttpServletRequest request, HttpServletResponse response)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SecurityTokenManager.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SecurityTokenManager.debug.message(DEBUG_SUCCESS_MSG +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Call JAXRPC servlet's doPost