saml2/jsp/fedletXACMLResp.jsp

	fedletXACMLResp.jsp revision 9740fa737ef2ed9453ab46d145777dbbbf6a747b
493N/A<%--
493N/A  The contents of this file are subject to the terms
493N/A  of the Common Development and Distribution License
810N/A  (the License). You may not use this file except in
493N/A  compliance with the License.
493N/A
493N/A  You can obtain a copy of the License at
493N/A  https://opensso.dev.java.net/public/CDDLv1.0.html or
493N/A  opensso/legal/CDDLv1.0.txt
493N/A  See the License for the specific language governing
493N/A  permission and limitations under the License.
493N/A
493N/A  When distributing Covered Code, include this CDDL
493N/A  Header Notice in each file and include the License file
493N/A  at opensso/legal/CDDLv1.0.txt.
810N/A  If applicable, add the following below the CDDL Header,
493N/A  with the fields enclosed by brackets [] replaced by
493N/A  your own identifying information:
493N/A  "Portions Copyrighted [year] [name of copyright owner]"
493N/A
493N/A  Copyright 2009 Sun Microsystems Inc. All Rights Reserved
493N/A--%>
493N/A
493N/A<%--
493N/A   Portions Copyrighted 2013 ForgeRock AS
810N/A--%>
493N/A
493N/A
493N/A<%--
493N/A  fedletXACMLResp.jsp
493N/A  This JSP used by the Fedlet performs the following:
851N/A   1) Retrieves the list of attributes from fedletXACMLQuery.jsp
493N/A   2) Invokes the method to retrieve the policy decision for the Resource URL.
493N/A   3) Displays the Result.
493N/A--%>
493N/A
493N/A<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
810N/A<%@ page import="com.sun.identity.saml2.profile.XACMLQueryUtil" %>
493N/A<%@ page import="org.owasp.esapi.ESAPI" %>
493N/A
810N/A<%
493N/A    String deployuri = request.getRequestURI();
810N/A    int slashLoc = deployuri.indexOf("/", 1);
810N/A    if (slashLoc != -1) {
810N/A        deployuri = deployuri.substring(0, slashLoc);
810N/A    }
810N/A%>
810N/A
851N/A<html>
851N/A<head>
810N/A    <title>Sample Fedlet XACML Query Application</title>
810N/A    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
810N/A    <link rel="stylesheet" type="text/css" href="<%= deployuri %>/com_sun_web_ui/css/css_ns6up.css" />
810N/A</head>
810N/A
810N/A<body>
810N/A<div class="MstDiv"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblTop" title="">
810N/A<tbody><tr>
810N/A<td nowrap="nowrap">&nbsp;</td>
810N/A<td nowrap="nowrap">&nbsp;</td>
810N/A</tr></tbody></table>
810N/A
810N/A<table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblBot" title="">
810N/A<tbody><tr>
810N/A<td class="MstTdTtl" width="99%">
493N/A<div class="MstDivTtl"><img name="ProdName" src="<%= deployuri %>/console/images/PrimaryProductName.png" alt="" /></div></td><td class="MstTdLogo" width="1%"><img name="RMRealm.mhCommon.BrandLogo" src="<%= deployuri %>/com_sun_web_ui/images/other/javalogo.gif" alt="Java(TM) Logo" border="0" height="55" width="31" /></td></tr></tbody></table>
851N/A<table class="MstTblEnd" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td><img name="RMRealm.mhCommon.EndorserLogo" src="<%= deployuri %>/com_sun_web_ui/images/masthead/masthead-sunname.gif" alt="Sun(TM) Microsystems,
851N/AInc." align="right" border="0" height="10" width="108" /></td></tr></tbody></table></div><div class="SkpMedGry1"><a name="SkipAnchor2089" id="SkipAnchor2089"></a></div>
851N/A<div class="SkpMedGry1"><a href="#SkipAnchor4928"><img src="<%= deployuri %>/com_sun_web_ui/images/other/dot.gif" alt="Jump Over Tab Navigation Area. Current Selection is: Access Control" border="0" height="1" width="1" /></a></div>
851N/A
851N/A
851N/A<%
851N/A    try {
851N/A        String idpEntityID = request.getParameter("idpEntityID");
851N/A    if ((idpEntityID == null) ||
851N/A            (idpEntityID.length() == 0)) {
493N/A           response.sendError(response.SC_BAD_REQUEST,
493N/A               SAML2Utils.bundle.getString("nullIDPEntityID"));
493N/A        return;
493N/A    }
493N/A
493N/A        String spEntityID = request.getParameter("spEntityID");
493N/A    if ((spEntityID == null) ||
493N/A            (spEntityID.length() == 0)) {
493N/A           response.sendError(response.SC_BAD_REQUEST,
493N/A               SAML2Utils.bundle.getString("nullSPEntityID"));
493N/A        return;
493N/A    }
493N/A
493N/A        String nameIDValue = request.getParameter("nameIDValue");
810N/A        String newNameIDValue = nameIDValue.replace("%2F","/");
810N/A
810N/A        String resource = request.getParameter("resource");
810N/A        if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + resource,
810N/A            resource, "HTTPParameterValue", 2000, false)){
810N/A                resource = "";
810N/A        }
493N/A        String action = request.getParameter("action");
493N/A    String serviceName = "iPlanetAMWebAgentService";
493N/A
493N/A        String policy_decision = XACMLQueryUtil.getPolicyDecisionForFedlet(
493N/A                                        request,
493N/A                                        spEntityID,
810N/A                                        idpEntityID,
810N/A                                        newNameIDValue,
810N/A                                        serviceName,
810N/A                    resource,
810N/A                                        action);
810N/A
810N/A%>
810N/A<h2> Fedlet XACML Query Response </h2>
810N/A<table border="2" cellspacing="0" cellpadding="7">
851N/A<tr>
851N/A<th>Resource</th>
851N/A<th>Policy Decision</th>
851N/A</tr>
851N/A<%
851N/A       if(resource!=null) resource = ESAPI.encoder().encodeForHTML(resource);
851N/A       out.println("<tr>");
851N/A       out.println("<td>");
851N/A       out.println(resource);
851N/A       out.println("</td>");
851N/A       out.println("<td>");
851N/A       out.println(policy_decision);
851N/A       out.println("</td>");
851N/A%>
851N/A</table>
810N/A<%
810N/A   } catch (Exception ex) {
810N/A   SAML2Utils.debug.error("Error sending XACML Query " , ex);
810N/A   }
810N/A%>
810N/A</body>
810N/A</html>
810N/A