idpMNIPOST.jsp revision 0e107349d3f7763a9c67fb2f32c86c11364c72cf
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews The contents of this file are subject to the terms
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson of the Common Development and Distribution License
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson (the License). You may not use this file except in
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson compliance with the License.
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson You can obtain a copy of the License at
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews https://opensso.dev.java.net/public/CDDLv1.0.html or
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews See the License for the specific language governing
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews permission and limitations under the License.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews When distributing Covered Code, include this CDDL
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews Header Notice in each file and include the License file
f5d30e2864e048a42c4dc1134993ae7efdb5d6c3Mark Andrews If applicable, add the following below the CDDL Header,
3389b6215abbffc02cc1b6e640f05987ca9f816fMark Andrews with the fields enclosed by brackets [] replaced by
b5ad6dfea4cc3e7d1d322ac99f1e5a31096837c4Mark Andrews your own identifying information:
f202f2587b9ba4753afba49b796f599cc12b4d0fAndreas Gustafsson "Portions Copyrighted [year] [name of copyright owner]"
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein $Id: idpMNIPOST.jsp,v 1.5 2009/06/24 23:05:30 mrudulahg Exp $
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein Portions Copyrighted 2013-2014 ForgeRock AS
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="com.sun.identity.saml2.profile.DoManageNameID" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="java.util.HashMap" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<%@ page import="org.owasp.esapi.ESAPI" %>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein idpMNIHTTPRedirect.jsp processes the ManageNameIDRequest from
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein the Service Provider with HttpRedirect binding.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein Required parameters to this jsp are : NONE
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein HashMap paramsMap = new HashMap();
f5d30e2864e048a42c4dc1134993ae7efdb5d6c3Mark Andrews paramsMap.put(SAML2Constants.ROLE, SAML2Constants.IDP_ROLE);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein String samlRequest = request.getParameter(SAML2Constants.SAML_REQUEST);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein String samlResponse =
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein request.getParameter(SAML2Constants.SAML_RESPONSE);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if (samlRequest != null) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein DoManageNameID.processPOSTRequest(request, response, paramsMap);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if (samlResponse != null) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein boolean success = DoManageNameID.processMNIResponsePOST(request,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein response, paramsMap);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if (success == true) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein String relayState = request.getParameter(SAML2Constants.RELAY_STATE);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + relayState, relayState, "URL", 2000, true)) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein relayState = null;
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if (relayState != null && SAML2Utils.isRelayStateURLValid(request, relayState, SAML2Constants.IDP_ROLE)) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <jsp:forward
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein page="/saml2/jsp/default.jsp?message=mniSuccess" />
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein "requestProcessingMNIError",
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein SAML2Utils.bundle.getString("requestProcessingMNIError"));
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein } catch (SAML2Exception e) {
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein SAML2Utils.debug.error("Error processing ManageNameIDRequest " , e);
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein "requestProcessingMNIError",
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein SAML2Utils.bundle.getString("requestProcessingMNIError") + " " +