spMNIPOST.jsp revision 0fdab8904a8fe223f6934b878769fe45e7651c60
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews The contents of this file are subject to the terms
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews of the Common Development and Distribution License
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews (the License). You may not use this file except in
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews compliance with the License.
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews You can obtain a copy of the License at
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews https://opensso.dev.java.net/public/CDDLv1.0.html or
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews See the License for the specific language governing
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews permission and limitations under the License.
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews When distributing Covered Code, include this CDDL
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews Header Notice in each file and include the License file
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews If applicable, add the following below the CDDL Header,
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews with the fields enclosed by brackets [] replaced by
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews your own identifying information:
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews "Portions Copyrighted [year] [name of copyright owner]"
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews $Id: spMNIPOST.jsp,v 1.5 2009/06/24 23:05:30 mrudulahg Exp $
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews Portions Copyrighted 2013 ForgeRock AS
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="com.sun.identity.saml2.profile.DoManageNameID" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="java.util.HashMap" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews<%@ page import="org.owasp.esapi.ESAPI" %>
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews spMNIHTTPRedirect.jsp processes the ManageNameIDRequest from
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews the Service Provider with HttpRedirect binding.
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews Required parameters to this jsp are : NONE
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews HashMap paramsMap = new HashMap();
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews paramsMap.put(SAML2Constants.ROLE, SAML2Constants.SP_ROLE);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews String samlResponse =
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews request.getParameter(SAML2Constants.SAML_RESPONSE);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews if (samlRequest != null) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews DoManageNameID.processPOSTRequest(request, response, paramsMap);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews if (samlResponse != null) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews boolean success = DoManageNameID.processMNIResponsePOST(request,
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews response, paramsMap);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews if (success == true) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + relayState,
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews relayState, "URL", 2000, true)) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews relayState = null;
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews if (relayState != null &&
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAML2Utils.isRelayStateURLValid(request, relayState, SAML2Constants.SP_ROLE)) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews <jsp:forward
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews page="/saml2/jsp/default.jsp?message=mniSuccess" />
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews "requestProcessingMNIError",
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAML2Utils.bundle.getString("requestProcessingMNIError"));
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews } catch (SAML2Exception e) {
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAML2Utils.debug.error("Error processing ManageNameIDRequest " , e);
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews "requestProcessingMNIError",
49c1e0d18d6f8b894ce2e6b485ef666599a83c21Mark Andrews SAML2Utils.bundle.getString("requestProcessingMNIError") + " " +