saml2/jsp/idpSSOInit.jsp

	idpSSOInit.jsp revision c36b3d48cd721148c2ed02c273ecf4f38e1add70
cac0964f155bdb6daba7ecf5628ed2fec3763275orlikowski<%--
9a28fdd4b3e9d196cccecc6e1f3e05e23c4c4566orlikowski   DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
cb5d3f2f217d457dada4883addb1dc9f3f17bb85fielding
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   The contents of this file are subject to the terms
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   of the Common Development and Distribution License
ce3da141a81ef0e22f46e496675f602e3c483b88rbb   (the License). You may not use this file except in
5f2291abcd42608c746100d566d711c97a099fcadreid   compliance with the License.
5f2291abcd42608c746100d566d711c97a099fcadreid
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   You can obtain a copy of the License at
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   https://opensso.dev.java.net/public/CDDLv1.0.html or
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   opensso/legal/CDDLv1.0.txt
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   See the License for the specific language governing
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   permission and limitations under the License.
1ccb67ea7d1f2a3747d285835fd0ce0d123b66b2orlikowski
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   When distributing Covered Code, include this CDDL
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   Header Notice in each file and include the License file
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   at opensso/legal/CDDLv1.0.txt.
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   If applicable, add the following below the CDDL Header,
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   with the fields enclosed by brackets [] replaced by
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   your own identifying information:
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb   "Portions Copyrighted [year] [name of copyright owner]"
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   $Id: idpSSOInit.jsp,v 1.9 2009/06/24 23:05:30 mrudulahg Exp $
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb   Portions Copyrighted 2013-2015 ForgeRock AS.
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb--%>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="com.sun.identity.saml2.common.SAML2Constants" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="com.sun.identity.saml2.common.SAML2Exception" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="com.sun.identity.saml2.common.SAML2Utils" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="com.sun.identity.saml.common.SAMLUtils" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="com.sun.identity.saml2.profile.IDPSSOUtil" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%@ page import="java.io.PrintWriter" %>
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb<%--
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb    idpssoinit.jsp initiates Unsolicited SSO at the Identity Provider.
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb    Following are the list of supported query parameters :
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb    Required parameters to this jsp are :
05b7ad99e5d197b06c761fef0e06a44e353cbc54rbb
bb7f455a6c49400b3dfcb3dfb84f9c3a32947a08rbb    Query Parameter Name    Description
bb7f455a6c49400b3dfcb3dfb84f9c3a32947a08rbb
bb7f455a6c49400b3dfcb3dfb84f9c3a32947a08rbb    1. metaAlias        MetaAlias for Identity Provider. The format of
bb7f455a6c49400b3dfcb3dfb84f9c3a32947a08rbb                this parameter is /realm_name/IDP name.

    2. spEntityID       Identifier for Service Provider.

    Optional Query Parameters :

    Query Parameter Name    Description

    3. RelayState       Target URL on successful complete of SSO/Federation

    4. RelayStateAlias      Specify the parameter(s) to use as the RelayState.
                            e.g. if the request URL has :
                             ?TARGET=http://server:port/uri&RelayStateAlias=TARGET
                            then the TARGET query parameter will be interpreted as
                            RelayState and on successful completion of
                            SSO/Federation user will be redirected to the TARGET URL.


    5. NameIDFormat     NameID format Identifier Value.
                For example,
                                urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
                                urn:oasis:names:tc:SAML:2.0:nameid-format:transient

    6. binding              URI value that identifies a SAML protocol binding to
                            used when returning the Response message.
                            The supported values are :
                                HTTP-Artifact
                                HTTP-POST

                NOTE: There are other SAML defined values for these
                  which are not supported by FM/AM.
    7. affiliationID        affiliation entity ID
--%>
<%
    // Retrieve the Request Query Parameters
    // metaAlias and spEntiyID are the required query parameters
    // metaAlias - Identity Provider Entity Id
    // spEntityID - Service Provider Identifier
    try {
        String cachedResID = request.getParameter(SAML2Constants.RES_INFO_ID);
        // if this id is set, then this is a redirect from the COT
        // cookie writer. There is already an assertion response
        // cached in this provider. Send it back directly.
        if ((cachedResID != null) && (cachedResID.length() != 0)) {
            IDPSSOUtil.sendResponse(request, response, new PrintWriter(out, true), cachedResID);
            return;
        }

    String metaAlias = request.getParameter("metaAlias");
        if ((metaAlias ==  null) || (metaAlias.length() == 0)) {
            SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
                "nullIDPEntityID",
        SAML2Utils.bundle.getString("nullIDPEntityID"));
        return;
         }
        String spEntityID = request.getParameter("spEntityID");

        if ((spEntityID == null) || (spEntityID.length() == 0)) {
            SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
                "nullSPEntityID",
        SAML2Utils.bundle.getString("nullSPEntityID"));
        return;
        }
    // get the nameIDPolicy
    String nameIDFormat =
        request.getParameter(SAML2Constants.NAMEID_POLICY_FORMAT);
    String relayState = SAML2Utils.getRelayState(request);
    IDPSSOUtil.doSSOFederate(request, response, new PrintWriter(out, true), null, spEntityID,
                 metaAlias, nameIDFormat,relayState);
    } catch (SAML2Exception sse) {
        SAML2Utils.debug.error("Error processing request " , sse);
        SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
            "requestProcessingError",
            SAML2Utils.bundle.getString("requestProcessingError") + " " +
            sse.getMessage());
        return;
    } catch (Exception e) {
        SAML2Utils.debug.error("Error processing request ",e);
        SAMLUtils.sendError(request, response, response.SC_BAD_REQUEST,
            "requestProcessingError",
            SAML2Utils.bundle.getString("requestProcessingError") + " " +
            e.getMessage());
        return;
    }
%>