saml2/jsp/idpSSOInit.jsp

	idpSSOInit.jsp revision e8721886dbfd32e88cc7077cbee4b6bb1b44b443
173N/A<%--
173N/A   DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
173N/A
173N/A   Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
173N/A
173N/A   The contents of this file are subject to the terms
173N/A   of the Common Development and Distribution License
173N/A   (the License). You may not use this file except in
173N/A   compliance with the License.
173N/A
173N/A   You can obtain a copy of the License at
173N/A   https://opensso.dev.java.net/public/CDDLv1.0.html or
173N/A   opensso/legal/CDDLv1.0.txt
173N/A   See the License for the specific language governing
173N/A   permission and limitations under the License.
173N/A
173N/A   When distributing Covered Code, include this CDDL
173N/A   Header Notice in each file and include the License file
173N/A   at opensso/legal/CDDLv1.0.txt.
173N/A   If applicable, add the following below the CDDL Header,
173N/A   with the fields enclosed by brackets [] replaced by
173N/A   your own identifying information:
173N/A   "Portions Copyrighted [year] [name of copyright owner]"
173N/A
173N/A   $Id: idpSSOInit.jsp,v 1.9 2009/06/24 23:05:30 mrudulahg Exp $
173N/A
173N/A--%>
173N/A
173N/A
173N/A
173N/A
173N/A<!-- %@ page import="com.iplanet.am.util.Debug" % -->
173N/A<%@ page import="com.sun.identity.shared.debug.Debug" %>
173N/A
173N/A<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
173N/A<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
173N/A<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
173N/A<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
173N/A<%@ page import="com.sun.identity.saml2.profile.IDPSSOUtil" %>
173N/A
173N/A<%--
173N/A    idpssoinit.jsp initiates Unsolicited SSO at the Identity Provider.
173N/A
173N/A    Following are the list of supported query parameters :
173N/A
173N/A    Required parameters to this jsp are :
173N/A
173N/A    Query Parameter Name    Description
173N/A
173N/A    1. metaAlias        MetaAlias for Identity Provider. The format of
173N/A                this parameter is /realm_name/IDP name.
173N/A
173N/A    2. spEntityID       Identifier for Service Provider.

    Optional Query Parameters :

    Query Parameter Name    Description

    3. RelayState       Target URL on successful complete of SSO/Federation

    4. RelayStateAlias      Specify the parameter(s) to use as the RelayState.
                            e.g. if the request URL has :
                             ?TARGET=http://server:port/uri&RelayStateAlias=TARGET
                            then the TARGET query parameter will be interpreted as
                            RelayState and on successful completion of
                            SSO/Federation user will be redirected to the TARGET URL.


    5. NameIDFormat     NameID format Identifier Value.
                For example,
                                urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
                                urn:oasis:names:tc:SAML:2.0:nameid-format:transient

    6. binding              URI value that identifies a SAML protocol binding to
                            used when returning the Response message.
                            The supported values are :
                                HTTP-Artifact
                                HTTP-POST

                NOTE: There are other SAML defined values for these
                  which are not supported by FM/AM.
    7. affiliationID        affiliation entity ID
--%>
<%
    // Retreive the Request Query Parameters
    // metaAlias and spEntiyID are the required query parameters
    // metaAlias - Identity Provider Entity Id
    // spEntityID - Service Provider Identifier
    try {
        String cachedResID = request.getParameter(SAML2Constants.RES_INFO_ID);
        // if this id is set, then this is a redirect from the COT
        // cookie writer. There is already an assertion response
        // cached in this provider. Send it back directly.
        if ((cachedResID != null) && (cachedResID.length() != 0)) {
            IDPSSOUtil.sendResponse(request, response, cachedResID);
            return;
        }

    String metaAlias = request.getParameter("metaAlias");
        if ((metaAlias ==  null) || (metaAlias.length() == 0)) {
            SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
                "nullIDPEntityID",
        SAML2Utils.bundle.getString("nullIDPEntityID"));
        return;
         }
        String spEntityID = request.getParameter("spEntityID");

        if ((spEntityID == null) || (spEntityID.length() == 0)) {
            SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
                "nullSPEntityID",
        SAML2Utils.bundle.getString("nullSPEntityID"));
        return;
        }
    // get the nameIDPolicy
    String nameIDFormat =
        request.getParameter(SAML2Constants.NAMEID_POLICY_FORMAT);
    String relayState = SAML2Utils.getRelayState(request);
    IDPSSOUtil.doSSOFederate(request,response,null,spEntityID,
                 metaAlias, nameIDFormat,relayState);
    } catch (SAML2Exception sse) {
    SAML2Utils.debug.error("Error processing request " , sse);
    SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
            "requestProcessingError",
        SAML2Utils.bundle.getString("requestProcessingError") + " " +
            sse.getMessage());
    } catch (Exception e) {
        SAML2Utils.debug.error("Error processing request ",e);
    SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
            "requestProcessingError",
        SAML2Utils.bundle.getString("requestProcessingError") + " " +
            e.getMessage());
    }
%>