ActiveRequest.java revision 1d684f1accbc962da075532ff3b1ad66459dd750
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
import static org.forgerock.openam.wsfederation.common.ActiveRequestorException.newReceiverException;
* A {@link WSFederationAction} implementation that processes WS-Federation Active Requestor Profile SOAP requests. It
* does so, by processing RST/Issue requests based on the 2005/02 spec, to allow backwards compatibility with legacy
public static final String NO_PROOF_KEY_KEY_TYPE = "http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey";
* Processes the incoming SOAP request {@link #parseAndValidateRequest(SOAPMessage, IDPSSOConfigElement) parsing
* and validating the request}, and then authenticating the end-user using a customizable {@link WsFedAuthenticator}
* implementation. In case of a successful login, a SAML1.1 RequestedSecurityToken is returned in a SOAP message.
final boolean activeRequestorEnabled = Boolean.parseBoolean(WSFederationMetaUtils.getAttribute(idpConfig,
if (!activeRequestorEnabled) {
final SAML11RequestedSecurityToken requestedSecurityToken = WSFederationUtils.createSAML11Token(realm,
private void parseAndValidateRequest(SOAPMessage soapMessage, IDPSSOConfigElement idpConfig) throws SOAPException,
final List<String> trustedAddresses = WSFederationMetaUtils.getAttributes(idpConfig, TRUSTED_ADDRESSES);
throws ActiveRequestorException {
throws WSFederationException {