5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome<%--

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome The contents of this file are subject to the terms

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome of the Common Development and Distribution License

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome (the License). You may not use this file except in

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome compliance with the License.

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome You can obtain a copy of the License at

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome https://opensso.dev.java.net/public/CDDLv1.0.html or

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome opensso/legal/CDDLv1.0.txt

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome See the License for the specific language governing

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome permission and limitations under the License.

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome When distributing Covered Code, include this CDDL

5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome Header Notice in each file and include the License file

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash at opensso/legal/CDDLv1.0.txt.

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash If applicable, add the following below the CDDL Header,

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash with the fields enclosed by brackets [] replaced by

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash your own identifying information:

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash "Portions Copyrighted [year] [name of copyright owner]"

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash $Id: multi.jsp,v 1.1 2009/07/02 22:00:17 exu Exp $

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash--%>

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash<%--

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash Portions Copyrighted 2013 ForgeRock AS

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash--%>

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash<%@page

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash import="com.sun.identity.wsfederation.common.WSFederationConstants"

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash import="com.sun.identity.plugin.session.SessionManager"

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash import="com.sun.identity.wsfederation.common.WSFederationUtils"

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash import="org.owasp.esapi.ESAPI"

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash%><%

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash // handle multi-federation protocol case

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash Object uSession = null;

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash try {

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash uSession = SessionManager.getProvider().getSession(request);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash } catch (Exception e) {

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if ((uSession == null) || !SessionManager.getProvider().isValid(uSession)) {

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash String wreply = request.getParameter(WSFederationConstants.LOGOUT_WREPLY);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + wreply,

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash wreply, "URL", 2000, true)){

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash wreply = null;

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if ((wreply != null) && (wreply.length() != 0)) {

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash response.sendRedirect(wreply);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash } else {

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash String logout = request.getParameter(WSFederationConstants.LOGOUT_WREPLY);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + logout,

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash logout, "URL", 2000, true)){

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash logout = null;

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash request.setAttribute(WSFederationConstants.LOGOUT_WREPLY, logout);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash String realm = request.getParameter(

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash WSFederationConstants.REALM_PARAM);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + realm,

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash realm, "HTTPParameterValue", 2000, true)){

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash realm = null;

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash request.setAttribute(WSFederationConstants.REALM_PARAM, realm);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash String entityID = request.getParameter(

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash WSFederationConstants.ENTITYID_PARAM);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + entityID,

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash entityID, "HTTPParameterValue", 2000, true)){

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash entityID = null;

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash request.setAttribute(WSFederationConstants.ENTITYID_PARAM, entityID);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash WSFederationUtils.processMultiProtocolLogout(request, response, uSession);

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash }

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash%>

4890a7493fa5781f7cd15fa207cbcb58cc418882Will Fiveash