spSingleLogoutPOST.jsp revision 9740fa737ef2ed9453ab46d145777dbbbf6a747b
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync The contents of this file are subject to the terms
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync of the Common Development and Distribution License
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync (the License). You may not use this file except in
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync compliance with the License.
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync You can obtain a copy of the License at
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync https://opensso.dev.java.net/public/CDDLv1.0.html or
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync See the License for the specific language governing
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync permission and limitations under the License.
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync When distributing Covered Code, include this CDDL
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync Header Notice in each file and include the License file
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync If applicable, add the following below the CDDL Header,
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync with the fields enclosed by brackets [] replaced by
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync your own identifying information:
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync "Portions Copyrighted [year] [name of copyright owner]"
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync $Id: spSingleLogoutPOST.jsp,v 1.8 2009/06/24 23:05:31 mrudulahg Exp $
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync Portions Copyrighted 2013 ForgeRock AS
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync<%@ page import="com.sun.identity.sae.api.SecureAttrs" %>
c285785ffc9f35513e0c6e7e2a05df3090dc919cvboxsync<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.meta.SAML2MetaUtils" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.meta.SAML2MetaManager" %>
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync<%@ page import="com.sun.identity.saml2.profile.CacheObject" %>
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync<%@ page import="com.sun.identity.saml2.profile.SPCache" %>
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync<%@ page import="com.sun.identity.saml2.profile.SPSingleLogout" %>
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync<%@ page import="com.sun.identity.saml2.profile.IDPCache" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.protocol.LogoutRequest" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="com.sun.identity.saml2.profile.IDPProxyUtil" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="java.util.HashMap" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="java.util.Map" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="java.util.Properties" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync<%@ page import="org.owasp.esapi.ESAPI" %>
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync - receives the LogoutRequest and sends the LogoutResponse to
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync Identity Provider from the Service Provider.
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync - receives the LogoutResponse from the Identity Provider.
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync Required parameters to this jsp are :
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync - RelayState - the target URL on successful Single Logout
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync - SAMLRequest - the LogoutRequest
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync - SAMLResponse - the LogoutResponse
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync Check the SAML2 Documentation for supported parameters.
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync // Retrieves the LogoutRequest or LogoutResponse
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync //Retrieves :
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync //- RelayState - the target URL on successful Single Logout
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync //- SAMLRequest - the LogoutRequest
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync //- SAMLResponse - the LogoutResponse
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (relayState != null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync CacheObject tmpRs=
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync (CacheObject) SPCache.relayStateHash.remove(relayState);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if ((tmpRs != null)) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync relayState = (String) tmpRs.getObject();
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + relayState, relayState, "URL", 2000, true)) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync relayState = null;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String samlResponse = request.getParameter(SAML2Constants.SAML_RESPONSE);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (samlResponse != null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * Gets and processes the Single <code>LogoutResponse</code> from IDP,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * destroys the local session, checks response's issuer
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * and inResponseTo.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @param request the HttpServletRequest.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @param response the HttpServletResponse.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @param samlResponse <code>LogoutResponse</code> in the
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * XML string format.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @param relayState the target URL on successful
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * <code>LogoutResponse</code>.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @throws SAML2Exception if error processing
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * <code>LogoutResponse</code>.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync Map infoMap =
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SPSingleLogout.processLogoutResponse(request,response,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync samlResponse, relayState);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String inRes = (String) infoMap.get("inResponseTo");
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync LogoutRequest origLogoutRequest = (LogoutRequest)
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (origLogoutRequest != null && !origLogoutRequest.equals("")) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync } catch (SAML2Exception sse) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2Utils.debug.error("Error processing LogoutResponse :", sse);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync "LogoutResponseProcessingError",
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2Utils.bundle.getString("LogoutResponseProcessingError") +
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync } catch (Exception e) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2Utils.debug.error("Error processing LogoutResponse ",e);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync "LogoutResponseProcessingError",
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2Utils.bundle.getString("LogoutResponseProcessingError") +
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync if (relayState != null && !relayState.isEmpty() &&
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync SAML2Utils.isRelayStateURLValid(request, relayState, SAML2Constants.SP_ROLE)) {
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync } catch (java.io.IOException ioe) {
f73c68fe41a3db55167b7266efd6955e5dbd0b47vboxsync "Exception when redirecting to " +
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync relayState, ioe);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync <jsp:forward page="/saml2/jsp/default.jsp?message=spSloSuccess" />
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (samlRequest != null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync // Logout SP app via SAE first. App is obligated to redirect back
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync // to complete this SLO request.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (processSAELogout(request, response)) {
6370012ceb61956d3261edcd6781021cc975e364vboxsync * Gets and processes the Single <code>LogoutRequest</code> from
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync * @param request the HttpServletRequest.
6370012ceb61956d3261edcd6781021cc975e364vboxsync * @param response the HttpServletResponse.
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync * @param samlRequest <code>LogoutRequest</code> in the
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * XML string format.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * @param relayState the target URL on successful
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * <code>LogoutRequest</code>.
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync * @throws SAML2Exception if error processing
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync * <code>LogoutRequest</code>.
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SPSingleLogout.processLogoutRequest(request,response,
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync samlRequest,relayState);
bcf9fab594306cd97251f7f03b8319a158c29ea5vboxsync } catch (SAML2Exception sse) {
6370012ceb61956d3261edcd6781021cc975e364vboxsync SAML2Utils.debug.error("Error processing LogoutRequest :", sse);
6370012ceb61956d3261edcd6781021cc975e364vboxsync SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync "LogoutRequestProcessingError",
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SAML2Utils.bundle.getString("LogoutRequestProcessingError")
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync } catch (Exception e) {
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SAML2Utils.debug.error("Error processing LogoutRequest ",e);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync "LogoutRequestProcessingError",
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2Utils.bundle.getString("LogoutRequestProcessingError")
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsyncboolean processSAELogout(
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync HttpServletRequest request, HttpServletResponse response)
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync String saeData = request.getParameter(SecureAttrs.SAE_PARAM_APPRETURN);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync if (saeData != null) { // App returned back.
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync return false;
464697bd4c58e78f3b3eecc1d51904482bae27f8vboxsync String metaAlias =
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SAML2MetaUtils.getMetaAliasByUri(request.getRequestURI()) ;
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SAML2MetaManager mm = SAML2Utils.getSAML2MetaManager();
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync String entityId = mm.getEntityByMetaAlias(metaAlias);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync SPSSOConfigElement spConfig = mm.getSPSSOConfig(realm, entityId);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String appSLOUrlStr = null;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (spConfig != null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync appSLOUrlStr = SAML2Utils.getAttributeValueFromSPSSOConfig(
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync if (appSLOUrlStr == null) {
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync "spSLOPOST:SAE:appSLOUrl not configured.");
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync return false;
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync "spSLOPOST:SAE:processing App SLO"+ appSLOUrlStr);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync StringBuffer appSLOUrl = new StringBuffer(appSLOUrlStr);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync realm, entityId, SAML2Constants.SP_ROLE, appSLOUrlStr);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync if (hp == null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync "spSLOPOST:SAE:processing App SLO: getSAEAttrs returned null");
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync return false;
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync String cryptoType = (String) hp.get(SecureAttrs.SAE_CRYPTO_TYPE);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String secret = null;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String encSecret = null;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String encAlg = (String)hp.get(
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync String encStrength = (String)hp.get(
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync if (SecureAttrs.SAE_CRYPTO_TYPE_SYM.equals(cryptoType)) {
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync // Shared secret between FM-IDP and IDPApp
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync secret = (String) hp.get(SecureAttrs.SAE_CONFIG_SHARED_SECRET );
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync encSecret = secret;
1e4093b98e92fd2f47c3126f2dfb3ba33d7f77dcvboxsync // IDPApp's public key
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync secret = (String) hp.get(SecureAttrs.SAE_CONFIG_PRIVATE_KEY_ALIAS);
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync encSecret =
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync (String) hp.get(SecureAttrs.SAE_CONFIG_PUBLIC_KEY_ALIAS);
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync if (secret == null || secret.length() == 0) {
c97d00f4828608e3ac87e48fee3dfa8bc4437bf1vboxsync "spSLOPOST:SAE:processing App SLO:getSAEAttrs no secret/key");
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync return false;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (encAlg == null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync encSecret = null;
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync String returnURL = request.getRequestURL()+
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync HashMap map = new HashMap();
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync map.put(SecureAttrs.SAE_PARAM_CMD, SecureAttrs.SAE_CMD_LOGOUT);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync map.put(SecureAttrs.SAE_PARAM_APPSLORETURNURL, returnURL);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync String saInstanceName = cryptoType + "_" + encAlg + "_" + encStrength;
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SecureAttrs sa = SecureAttrs.getInstance(saInstanceName);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync if (sa == null) {
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync Properties prop = new Properties();
1e4093b98e92fd2f47c3126f2dfb3ba33d7f77dcvboxsync prop.setProperty(SecureAttrs.SAE_CONFIG_CERT_CLASS,
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (encAlg != null) {
1e4093b98e92fd2f47c3126f2dfb3ba33d7f77dcvboxsync SecureAttrs.SAE_CONFIG_DATA_ENCRYPTION_ALG, encAlg);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (encStrength != null) {
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SecureAttrs.SAE_CONFIG_ENCRYPTION_KEY_STRENGTH,encStrength); }
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync SecureAttrs.init(saInstanceName, cryptoType, prop);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync sa = SecureAttrs.getInstance(saInstanceName);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync if (sa == null) {
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync "spSLOPOST:SAE:processing App SLO:null SecureAttrs instance");
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync return false;
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync String encodedString = sa.getEncodedString(map, secret, encSecret);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (encodedString != null) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync if (appSLOUrl.indexOf("?") > 0) {
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync appSLOUrl.append("&").append(SecureAttrs.SAE_PARAM_DATA)
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync .append("=").append(encodedString);
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync appSLOUrl.append("?").append(SecureAttrs.SAE_PARAM_DATA)
2c709acd5e2f434e71614aa89020bf8d0776a1e9vboxsync .append("=").append(encodedString);
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync SAML2Utils.debug.message("spSLOPOST:SAE:about to redirect"+
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync appSLOUrl);
80559ecb51cb45f6869d8450a1317ead0dd5129dvboxsync return true;
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync "spSLOPOST:SAE:SecureAttrs.getEncodedStr failed");
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync } catch (Exception ex) {
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync SAML2Utils.debug.error("spSLOPOST:SAE:SecureAttrs.Fatal:",ex);
1fff175c9a0fea173ee52a209224dc6ecbd39572vboxsync return false;