spSingleLogoutPOST.jsp revision e8721886dbfd32e88cc7077cbee4b6bb1b44b443
59602f2a7c4e4809941583bed3e94cd26e628f1aTinderbox User DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews The contents of this file are subject to the terms
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews of the Common Development and Distribution License
c57668a2fbbe558c1bd21652813616f2f517c469Tinderbox User (the License). You may not use this file except in
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User compliance with the License.
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User You can obtain a copy of the License at
8de3f14f1c300c3e1ed99084cc03485b42c92bf1Tinderbox User https://opensso.dev.java.net/public/CDDLv1.0.html or
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User See the License for the specific language governing
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User permission and limitations under the License.
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont When distributing Covered Code, include this CDDL
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews Header Notice in each file and include the License file
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews If applicable, add the following below the CDDL Header,
d5637bdbb931ff79fced3d4858d83212ea58ed15Tinderbox User with the fields enclosed by brackets [] replaced by
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews your own identifying information:
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews "Portions Copyrighted [year] [name of copyright owner]"
d5637bdbb931ff79fced3d4858d83212ea58ed15Tinderbox User $Id: spSingleLogoutPOST.jsp,v 1.8 2009/06/24 23:05:31 mrudulahg Exp $
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<%@ page import="com.sun.identity.shared.debug.Debug" %>
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews<%@ page import="com.sun.identity.sae.api.SecureAttrs" %>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<%@ page import="com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement" %>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<%@ page import="com.sun.identity.saml2.meta.SAML2MetaUtils" %>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<%@ page import="com.sun.identity.saml2.meta.SAML2MetaManager" %>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<%@ page import="com.sun.identity.saml2.profile.CacheObject" %>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<%@ page import="com.sun.identity.saml2.profile.SPCache" %>
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User<%@ page import="com.sun.identity.saml2.profile.SPSingleLogout" %>
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User<%@ page import="com.sun.identity.saml2.profile.IDPCache" %>
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt<%@ page import="com.sun.identity.saml2.profile.IDPSingleLogout" %>
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User<%@ page import="com.sun.identity.saml2.protocol.LogoutRequest" %>
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews<%@ page import="com.sun.identity.saml2.assertion.Issuer" %>
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt<%@ page import="com.sun.identity.saml2.profile.IDPProxyUtil" %>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<%@ page import="com.sun.identity.saml2.protocol.ProtocolFactory" %>
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont<%@ page import="java.util.HashMap" %>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<%@ page import="java.util.Map" %>
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt<%@ page import="java.util.Properties" %>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater - receives the LogoutRequest and sends the LogoutResponse to
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont Identity Provider from the Service Provider.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews - receives the LogoutResponse from the Identity Provider.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews Required parameters to this jsp are :
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt - RelayState - the target URL on successful Single Logout
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews - SAMLRequest - the LogoutRequest
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater - SAMLResponse - the LogoutResponse
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews Check the SAML2 Documentation for supported parameters.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews // Retrieves the LogoutRequest or LogoutResponse
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews //Retrieves :
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews //- RelayState - the target URL on successful Single Logout
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews //- SAMLRequest - the LogoutRequest
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews //- SAMLResponse - the LogoutResponse
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews if (relayState != null) {
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews CacheObject tmpRs=
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews (CacheObject) SPCache.relayStateHash.remove(relayState);
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews if ((tmpRs != null)) {
2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt relayState = (String) tmpRs.getObject();
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt String samlResponse = request.getParameter(SAML2Constants.SAML_RESPONSE);
2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt if (samlResponse != null) {
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * Gets and processes the Single <code>LogoutResponse</code> from IDP,
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User * destroys the local session, checks response's issuer
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User * and inResponseTo.
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User * @param request the HttpServletRequest.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * @param response the HttpServletResponse.
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User * @param samlResponse <code>LogoutResponse</code> in the
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews * XML string format.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * @param relayState the target URL on successful
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews * <code>LogoutResponse</code>.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * @throws SAML2Exception if error processing
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User * <code>LogoutResponse</code>.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Map infoMap =
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SPSingleLogout.processLogoutResponse(request,response,
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson samlResponse, relayState);
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User String inRes = (String) infoMap.get("inResponseTo");
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews LogoutRequest origLogoutRequest = (LogoutRequest)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews if (origLogoutRequest != null && !origLogoutRequest.equals("")) {
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User IDPCache.proxySPLogoutReqCache.remove(inRes);
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User } catch (SAML2Exception sse) {
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews SAML2Utils.debug.error("Error processing LogoutResponse :", sse);
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews "LogoutResponseProcessingError",
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SAML2Utils.bundle.getString("LogoutResponseProcessingError") +
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews } catch (Exception e) {
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt SAML2Utils.debug.error("Error processing LogoutResponse ",e);
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews "LogoutResponseProcessingError",
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User SAML2Utils.bundle.getString("LogoutResponseProcessingError") +
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews if (relayState != null && relayState.length() != 0) {
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews "Exception when redirecting to " +
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont relayState, ioe);
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews <jsp:forward page="/saml2/jsp/default.jsp?message=spSloSuccess" />
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox User if (samlRequest != null) {
5747235bf35e7398984fd6b4632743396895ea7aTinderbox User // Logout SP app via SAE first. App is obligated to redirect back
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews // to complete this SLO request.
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User if (processSAELogout(request, response)) {
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User * Gets and processes the Single <code>LogoutRequest</code> from
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater * @param request the HttpServletRequest.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews * @param response the HttpServletResponse.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt * @param samlRequest <code>LogoutRequest</code> in the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews * XML string format.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User * @param relayState the target URL on successful
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater * <code>LogoutRequest</code>.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User * @throws SAML2Exception if error processing
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews * <code>LogoutRequest</code>.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews SPSingleLogout.processLogoutRequest(request,response,
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User samlRequest,relayState);
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User } catch (SAML2Exception sse) {
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SAML2Utils.debug.error("Error processing LogoutRequest :", sse);
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt "LogoutRequestProcessingError",
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews SAML2Utils.bundle.getString("LogoutRequestProcessingError")
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User } catch (Exception e) {
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews SAML2Utils.debug.error("Error processing LogoutRequest ",e);
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews "LogoutRequestProcessingError",
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SAML2Utils.bundle.getString("LogoutRequestProcessingError")
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userboolean processSAELogout(
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews HttpServletRequest request, HttpServletResponse response)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews String saeData = request.getParameter(SecureAttrs.SAE_PARAM_APPRETURN);
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User if (saeData != null) { // App returned back.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews String metaAlias =
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SAML2MetaUtils.getMetaAliasByUri(request.getRequestURI()) ;
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User SAML2MetaManager mm = SAML2Utils.getSAML2MetaManager();
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews String entityId = mm.getEntityByMetaAlias(metaAlias);
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt SPSSOConfigElement spConfig = mm.getSPSSOConfig(realm, entityId);
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews String appSLOUrlStr = null;
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User if (spConfig != null) {
5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox User appSLOUrlStr = SAML2Utils.getAttributeValueFromSPSSOConfig(
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt if (appSLOUrlStr == null) {
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User "spSLOPOST:SAE:appSLOUrl not configured.");
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews return false;
bac4435d473c9a0281507524f084480c34aa942aTinderbox User "spSLOPOST:SAE:processing App SLO"+ appSLOUrlStr);
fab54780409846f7c71f6026d665f18c77c649efTinderbox User StringBuffer appSLOUrl = new StringBuffer(appSLOUrlStr);
7ca715ad1587a68a531ea1cdea07515d7232567eTinderbox User realm, entityId, SAML2Constants.SP_ROLE, appSLOUrlStr);
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User if (hp == null) {
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater "spSLOPOST:SAE:processing App SLO: getSAEAttrs returned null");
bac4435d473c9a0281507524f084480c34aa942aTinderbox User return false;
933799f3641f4f78445d015008bad0038900a82aTinderbox User String cryptoType = (String) hp.get(SecureAttrs.SAE_CRYPTO_TYPE);
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews String secret = null;
933799f3641f4f78445d015008bad0038900a82aTinderbox User String encSecret = null;
4151211e6649332f7b5a55870cbe37128bcc7b29Tinderbox User String encAlg = (String)hp.get(
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews String encStrength = (String)hp.get(
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater SecureAttrs.SAE_CONFIG_ENCRYPTION_KEY_STRENGTH);
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater if (SecureAttrs.SAE_CRYPTO_TYPE_SYM.equals(cryptoType)) {
f525041ae26958385b697cf82a30f108577024b6Tinderbox User // Shared secret between FM-IDP and IDPApp
b02be031b9ff37b042adc8e68e36b8bbc1f672b7Tinderbox User secret = (String) hp.get(SecureAttrs.SAE_CONFIG_SHARED_SECRET );
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater encSecret = secret;
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater // IDPApp's public key
3ec8f7777ea2b04fc1ebb63077f0916f63b1011aTinderbox User secret = (String) hp.get(SecureAttrs.SAE_CONFIG_PRIVATE_KEY_ALIAS);
b02be031b9ff37b042adc8e68e36b8bbc1f672b7Tinderbox User (String) hp.get(SecureAttrs.SAE_CONFIG_PUBLIC_KEY_ALIAS);
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater if (secret == null || secret.length() == 0) {
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater "spSLOPOST:SAE:processing App SLO:getSAEAttrs no secret/key");
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater if (encAlg == null) {
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater encSecret = null;
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews String returnURL = request.getRequestURL()+
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User HashMap map = new HashMap();
f525041ae26958385b697cf82a30f108577024b6Tinderbox User map.put(SecureAttrs.SAE_PARAM_CMD, SecureAttrs.SAE_CMD_LOGOUT);
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater map.put(SecureAttrs.SAE_PARAM_APPSLORETURNURL, returnURL);
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater String saInstanceName = cryptoType + "_" + encAlg + "_" + encStrength;
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User SecureAttrs sa = SecureAttrs.getInstance(saInstanceName);
5e82fe9a56d17bfbd120817d00d28c5952ab4ddcTinderbox User if (sa == null) {
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater Properties prop = new Properties();
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews prop.setProperty(SecureAttrs.SAE_CONFIG_CERT_CLASS,
c26604a73c4ce907ef6392f38b3fac838b1873a9Tinderbox User if (encAlg != null) {
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater SecureAttrs.SAE_CONFIG_DATA_ENCRYPTION_ALG, encAlg);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews if (encStrength != null) {
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews SecureAttrs.SAE_CONFIG_ENCRYPTION_KEY_STRENGTH,encStrength); }
ba8b771c371967dd1254c7fa82ebe4158ee04b24Tinderbox User SecureAttrs.init(saInstanceName, cryptoType, prop);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews sa = SecureAttrs.getInstance(saInstanceName);
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox User if (sa == null) {
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User "spSLOPOST:SAE:processing App SLO:null SecureAttrs instance");
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews return false;
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User String encodedString = sa.getEncodedString(map, secret, encSecret);
757ff043760e4743dda1a10e7d58349275934902Tinderbox User if (encodedString != null) {
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User appSLOUrl.append("&").append(SecureAttrs.SAE_PARAM_DATA)
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews .append("=").append(encodedString);
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater appSLOUrl.append("?").append(SecureAttrs.SAE_PARAM_DATA)
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User .append("=").append(encodedString);
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User SAML2Utils.debug.message("spSLOPOST:SAE:about to redirect"+
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User "spSLOPOST:SAE:SecureAttrs.getEncodedStr failed");
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User } catch (Exception ex) {
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews SAML2Utils.debug.error("spSLOPOST:SAE:SecureAttrs.Fatal:",ex);
e64202536ea72d8f371dd0df9fc763f8d70bf886Tinderbox User return false;