idpMNIPOST.jsp revision 0e107349d3f7763a9c67fb2f32c86c11364c72cf
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%--
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync The contents of this file are subject to the terms
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync of the Common Development and Distribution License
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync (the License). You may not use this file except in
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync compliance with the License.
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync You can obtain a copy of the License at
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync https://opensso.dev.java.net/public/CDDLv1.0.html or
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync opensso/legal/CDDLv1.0.txt
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync See the License for the specific language governing
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync permission and limitations under the License.
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync When distributing Covered Code, include this CDDL
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync Header Notice in each file and include the License file
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync at opensso/legal/CDDLv1.0.txt.
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync If applicable, add the following below the CDDL Header,
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync with the fields enclosed by brackets [] replaced by
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync your own identifying information:
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync "Portions Copyrighted [year] [name of copyright owner]"
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync $Id: idpMNIPOST.jsp,v 1.5 2009/06/24 23:05:30 mrudulahg Exp $
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync--%>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%--
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync Portions Copyrighted 2013-2014 ForgeRock AS
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync--%>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="com.sun.identity.saml2.profile.DoManageNameID" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="java.util.HashMap" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%@ page import="org.owasp.esapi.ESAPI" %>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%--
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync idpMNIHTTPRedirect.jsp processes the ManageNameIDRequest from
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync the Service Provider with HttpRedirect binding.
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync Required parameters to this jsp are : NONE
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync--%>
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync<%
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync try {
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync HashMap paramsMap = new HashMap();
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync paramsMap.put(SAML2Constants.ROLE, SAML2Constants.IDP_ROLE);
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync String samlResponse =
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync request.getParameter(SAML2Constants.SAML_RESPONSE);
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync if (samlRequest != null) {
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync DoManageNameID.processPOSTRequest(request, response, paramsMap);
b8e299dddd091ae24e0c08c45d91b8f937bd14d2vboxsync }
if (samlResponse != null) {
boolean success = DoManageNameID.processMNIResponsePOST(request,
response, paramsMap);
if (success == true) {
String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + relayState, relayState, "URL", 2000, true)) {
relayState = null;
}
if (relayState != null && SAML2Utils.isRelayStateURLValid(request, relayState, SAML2Constants.IDP_ROLE)) {
response.sendRedirect(relayState);
} else {
%>
<jsp:forward
page="/saml2/jsp/default.jsp?message=mniSuccess" />
<%
}
} else {
SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
"requestProcessingMNIError",
SAML2Utils.bundle.getString("requestProcessingMNIError"));
return;
}
}
} catch (SAML2Exception e) {
SAML2Utils.debug.error("Error processing ManageNameIDRequest " , e);
SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
"requestProcessingMNIError",
SAML2Utils.bundle.getString("requestProcessingMNIError") + " " +
e.getMessage());
return;
}
%>