a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FSProxyHandler.java,v 1.3 2008/06/25 05:46:58 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.federation.services.fednsso;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.message.FSAuthnRequest;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.NameIdentifier;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class <code>FSProxyHandler</code> handles the single sign-on requests
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * by a proxy identity provider. This class will be invoked by an identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * provider that is also acting as a proxy and needs to handle
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * browser artifact and post profiles.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class FSProxyHandler extends FSSSOAndFedHandler {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This constructor is primarily used by the proxying identity provider
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * which acts as a service provider for handling single sign-on requests.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request <code>HttpServletRequest</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response <code>HttpServletResponse</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param authnRequest original authentication request that is issued
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * by the service provider.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param spDescriptor requesting service provider descriptor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param spConfig requesting service provider's extended meta Config
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param spEntityId requesting service provider's entity id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param relayState targetURL to be redirected.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ssoToken credentials of a user at a proxy identity provider.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster super(request, response, authnRequest, spDescriptor,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This constructor is primarily used by the identity provider to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * send a proxy authentication request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param request <code>HttpServletRequest</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param response <code>HttpServletResponse</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Does the single sign-on in a proxy IDP with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * requesting service provider.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ssoToken credentials of the user
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param inResponseTo <code>InResponseTo</code> attribute of the request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param spNameIdentifier <code>SP</code> Provided NameIdentifier.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idpNameIdentifier <code>IDP</code> Provided NameIdentifier.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return boolean <code>true</code> if successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSProxyHandler.doSingleSignOn:Init");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String protocolProfile = authnRequest.getProtocolProfile();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster protocolProfile.equals(IFSConstants.SSO_PROF_BROWSER_ART))
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster handler.setHostedDescriptorConfig(hostedConfig);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ssoToken, inResponseTo, spNameIdentifier, idpNameIdentifier);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (protocolProfile.equals(IFSConstants.SSO_PROF_BROWSER_POST)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster handler.setHostedDescriptorConfig(hostedConfig);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ssoToken, inResponseTo, spNameIdentifier, idpNameIdentifier);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSProxyHandler.doProxySingleSignOn:" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Unsupported protocol profile.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;