a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: AssertionManagerClient.java,v 1.8 2008/08/19 19:11:11 veiming Exp $
a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington * Portions Copyrighted 2015 ForgeRock AS.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.Assertion;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.Attribute;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.AssertionIDReference;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.protocol.AssertionArtifact;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.shared.jaxrpc.SOAPClient;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.shared.jaxrpc.JAXRPCHelper;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.session.SessionProvider;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.common.SystemConfigurationUtil;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The class <code>AssertionManagerClient</code> is a <code>final</code> class
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that provides interfaces to create, get and destroy <code>Assertion</code>s.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The class provides mechanisms to manage the <code>Assertion</code>s either
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * locally (i.e., within the same JVM process) or remotely on another instance
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * of OpenAM. The default constructor will manage the <code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion</code>s locally if it detects SAML web services running locally,
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * else will use one of the configured OpenAM servers. The constructor which
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * accepts an <code>URL</code> will always use the URL to manage the assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Having obtained an instance of <code>AssertionManagerClient</code>, its
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * methods can be called to create/get <code>Assertion</code>, and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionArtifact</code>, and to obtain decision from an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Query</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Service name in naming
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static String SERVICE_NAME = "samlassertionmanager";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Flag to determine if AssertionManager is local or remote
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Instance variable to use local service via AssertionManager
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Remote JAX-RPC server for objects that use default constructor
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // If local pointer to AssertionManager instance
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static AssertionManager assertionManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // JAX-RPC remote stub
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default Constructor
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if it cannot be constructed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public AssertionManagerClient() throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Construct the URL for locally defined server.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // This will throw URLNotFoundException if host
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // is not part of Naming platform list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // The following call will throw one of the following
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // exception if service does not exist or does not have
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // permissions: javax.xml.soap.SOAPException
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // java.rmi.RemoteException, java.rmi.ServerException
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub.send("checkForLocal", null, null,null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC(): Using local service");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertionManager = AssertionManager.getInstance();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The following code is commented out since we are not ready
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * to do a fall back function yet, as the rest of OpenAM
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * does not support this. The server specified in AMConfig
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * .properties
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * will only be used to determine the remote server.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /* } catch (URLNotFoundException unfe) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SAMLUtils.debug.warningEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC: No SAML service locally. " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "URLNotFound.", unfe);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub = getRemoteStub();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster checkedForLocal = true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } catch (SOAPException se) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SAMLUtils.debug.warningEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC: No SAML service locally. " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "SOAPException.", se);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub = getRemoteStub();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster checkedForLocal = true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } catch (ServerException se) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SAMLUtils.debug.warningEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC: No SAML service locally. " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "ServerException.", se);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub = getRemoteStub();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster checkedForLocal = true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } catch (RemoteException re) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SAMLUtils.debug.warningEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC: No SAML service locally. " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "RemoteException.", re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub = getRemoteStub();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster checkedForLocal = true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AssertionManagerClient()Exception", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Use the remoteStub if set
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an instance of <code>AssertionManagerClient</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that will use the provided <code>URL</code> for the management
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param url <code>AssertionManager</code> service URL that will be used
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * to create, get and delete assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if it cannot be constructed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public AssertionManagerClient(String url) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Construct the JAX-RPC SOAPClient
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AssertionManagerClient() Exception", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs an instance of <code>AssertionManagerClient</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that will use the provided <code>URLs</code> for the management
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of assertions. In case of server failure, it will fall back
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * to next available server.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param urls an array of <code>AssertionManager</code> service URLs that
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * will be used to create, get and delete assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if it cannot be constructed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public AssertionManagerClient(String[] urls) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Construct the JAX-RPC SOAPClient
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AssertionManagerClient() Exception", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Private method to get the service endpoint URL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static SOAPClient getServiceEndPoint(String protocol,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String hostname, String port, String uri) throws Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Obtain the URL for the service endpoint
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster URL weburl = SystemConfigurationUtil.getServiceURL(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SERVICE_NAME, protocol, hostname, Integer.parseInt(port), uri);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("AssertionManagerClient with URL: " + iurl);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Obtaining the stub for JAX-RPC
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static SOAPClient getRemoteStub() throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Get a valid server from JAXRPCUtil. This throws
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Exception if no servers are found
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster URL u = new URL(JAXRPCHelper.getValidURL(SERVICE_NAME));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub = getServiceEndPoint(u.getProtocol(), u.getHost(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // The following call will check if the JVM contains the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // the service instance also. If this is a server instance also
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // "short-circuit" will be performed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster remoteStub.send("checkForLocal", null, null,null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an assertion that contains an authentication statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token User session that contains authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * information which is needed to create the authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the created assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if the assertion cannot be created.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion createAssertion(Object token) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.createAssertion(token));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { sessionProvider.getSessionID(token) };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("createAssertion", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:createAssertion(SSO)", re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an assertion that contains an authentication and attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token User session that contains authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * information which is needed to create the authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * statement for the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param attributes A list of attribute objects which are used to create
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the attribute statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return The created assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If the Assertion cannot be created.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion createAssertion(Object token, List attributes)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.createAssertion(token, attributes));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Check for null or empty attributes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (attributes == null || attributes.isEmpty())
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster for (Iterator iter = attributes.iterator(); iter.hasNext();) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { sessionProvider.getSessionID(token), attrs };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("createAssertion2", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:createAssertion(SSO, attrs)", re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an <code>AssertionArtifact</code> for the given <code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param assertion The Assertion for which an Artifact needs to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param target The <code>sourceID</code> of the site for which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionArtifact</code> is created. It is in raw String
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * format (not Base64 encoded, for example.) This String can be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * obtained from converting the 20 bytes sequence to char Array,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * then from the char Array to String.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>AssertionArtifact</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if the <code>AssertionArtifact</code> cannot be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public AssertionArtifact createAssertionArtifact(Assertion assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.createAssertionArtifact(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = {assertion.toString(true, true),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Base64.encode(SAMLUtils.stringToByteArray(target)) };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster aa = (String) stub.send("createAssertionArtifact", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:createAssertionArtifact:", re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>Assertion</code> based on the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idRef The <code>AssertionIDReference</code> which references to an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param destID A set of String that representing the destination site id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The destination site id requesting the assertion using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion id reference. This String is compared with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>destID</code> that the assertion is created for originally.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This field is not used (could be null) if the assertion was
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * created without a <code>destID</code> originally. This String can
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * be obtained from converting the 20 byte site id sequence to char
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * array, then a new String from the char array.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the Assertion referenced by the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if an error occurred during the process; or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion could not be found.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion getAssertion(AssertionIDReference idRef, Set destID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertion(idRef, destID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster destSet.add(Base64.encode(SAMLUtils.stringToByteArray(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { idRef.getAssertionIDReference(), destSet };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("getAssertionByIdRef", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertion: " + idRef, re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>Assertion</code> based on the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idRef The <code>AssertionIDReference</code> which references to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * an Assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param destID The destination site id requesting the assertion using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion id reference. This String is compared with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>destID</code> that the assertion is created for originally.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This field is not used (could be null) if the assertion was
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * created without a <code>destID</code> originally. This String can
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * be obtained from converting the 20 byte site id sequence to char
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * array, then a new String from the char array.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the Assertion referenced by the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If an error occurred during the process; or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion could not be found.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion getAssertion(AssertionIDReference idRef, String destID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertion(idRef, destID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // rpc could not handle destID is null or empty string case
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { idRef.getAssertionIDReference(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Base64.encode(SAMLUtils.stringToByteArray(destID)) };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("getAssertionByIdRef2", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertion: " + idRef, re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns assertion associated with the <code>AssertionArtifact</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param artifact An <code>AssertionArtifact</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param destID A Set of String that represents the destination id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The destination site requesting the assertion using the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * artifact. This String is compared with the <code>destID</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that the artifact is created for originally. This field must not
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * be null or empty set.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return The Assertion referenced to by artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If an error occurred during the process, or no
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion maps to the input artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion getAssertion(AssertionArtifact artifact, Set destID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertion(artifact, destID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.error("AssertionManagerClient:getAssertion(" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AssertionArtifact, Set): destID set is null");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster destSet.add(Base64.encode(SAMLUtils.stringToByteArray(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { artifact.getAssertionArtifact(), destSet };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("getAssertion", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertion: " + artifact, re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns assertion associated with the <code>AssertionArtifact</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param artifact An <code>AssertionArtifact</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param destID The destination site requesting the assertion using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the artifact. This String is compared with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>destID</code> that the artifact is created for originally.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return The Assertion referenced to by artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If an error occurred during the process, or no
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion maps to the input artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster protected Assertion getAssertion(AssertionArtifact artifact, String destID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertion(artifact, destID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { artifact.getAssertionArtifact(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Base64.encode(SAMLUtils.stringToByteArray(destID)) };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("getAssertion2", args, null,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertion: " + artifact, re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>Assertion</code> based on the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idRef The <code>AssertionIDReference</code> which references to an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token User session that is allowed to obtain the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This token must have top level administrator role.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the Assertion referenced by the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If an error occurred during the process; or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion could not be found.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Assertion getAssertion(AssertionIDReference idRef, Object token)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertion(idRef, token));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Object[] args = { idRef.getAssertionIDReference(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster assertion = (String) stub.send("getAssertionByIdRefToken",
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (new Assertion(XMLUtils.toDOMDocument(assertion,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertion: " + idRef, re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns all valid <code>AssertionArtifacts</code> managed by
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * this instance (or the identified remote instance) of OpenAM.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token User session which is allowed to get all
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionArtifacts</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A Set of valid <code>AssertionArtifacts</code>. Each element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in the Set is an <code>AssertionArtifact</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * representing an artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException If this method can not gets all valid
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AssertionArtifacts</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Set getAssertionArtifacts(Object token) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertionArtifacts(token));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return ((Set) stub.send("getAssertionArtifacts",
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertionArtifacts: ", re);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns all valid <code>Assertion</code>s managed by this instance
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * (or the identified remote instance) of OpenAM.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param token User session which is allowed to get all Assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A Set of valid Assertion IDs. Each element in the Set is a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String representing an Assertion ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if this method can not gets all valid Assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Set getAssertions(Object token) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return (assertionManager.getAssertions(token));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SessionProvider sessionProvider = SessionManager.getProvider();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.warning("AMC:getAssertions: ", re);