本文整理汇总了Java中org.opensaml.saml2.core.StatusCode.SUCCESS_URI属性的典型用法代码示例。如果您正苦于以下问题:Java StatusCode.SUCCESS_URI属性的具体用法?Java StatusCode.SUCCESS_URI怎么用?Java StatusCode.SUCCESS_URI使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类org.opensaml.saml2.core.StatusCode的用法示例。
在下文中一共展示了StatusCode.SUCCESS_URI属性的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateResponse
protected void validateResponse(String requestId, String expectedDestination, boolean allowPassive) {
String statusCode = response.getStatus().getStatusCode().getValue();
if (!StatusCode.SUCCESS_URI.equals(statusCode)) {
StatusCode is = response.getStatus().getStatusCode().getStatusCode();
if (is == null || !(StatusCode.NO_PASSIVE_URI.equals(is.getValue()) && allowPassive)) {
String msg = response.getStatus().getStatusMessage() == null ? "" : response.getStatus().getStatusMessage().getMessage();
throw new ValidationException("Got StatusCode " + statusCode + " should be " + StatusCode.SUCCESS_URI + ". Message: " + msg);
}
}
if (!isDestinationOK(expectedDestination)) {
throw new ValidationException("Wrong destination. Expected " + expectedDestination + ", was " + response.getDestination());
}
if (requestId != null && !requestId.equals(response.getInResponseTo())) {
throw new ValidationException("Wrong InResponseTo. Expected " + requestId + ", was " + response.getInResponseTo());
}
}
示例2: handlePost
/**
* Receive and handle a <LogoutRequest> from the Login Site
* @throws IOException
*/
public void handlePost(RequestContext ctx) throws ServletException, IOException {
String statusCode = StatusCode.SUCCESS_URI;
String consent = null;
OIOLogoutRequest logoutRequest = extractRequest(ctx.getRequest());
Audit.log(Operation.LOGOUT_SOAP, false, logoutRequest.getID(), logoutRequest.toXML());
try {
String sessionIndex = logoutRequest.getSessionIndex();
String sessionId = ctx.getSessionHandler().getRelatedSessionId(sessionIndex);
OIOAssertion assertion = ctx.getSessionHandler().getAssertion(sessionId);
String idpEntityId = null;
if (assertion != null) {
idpEntityId = assertion.getIssuer();
}
if (idpEntityId == null) {
log.warn("LogoutRequest received over SOAP for unknown user");
statusCode = StatusCode.NO_SUPPORTED_IDP_URI;
} else {
try {
Metadata metadata = ctx.getIdpMetadata().getMetadata(idpEntityId);
logoutRequest.validateRequest(null, null, metadata.getPublicKeys(), ctx.getSpMetadata().getSingleLogoutServiceSOAPLocation(), metadata.getEntityID());
ctx.getSessionHandler().logOut(sessionId);
Audit.log(Operation.LOGOUT, assertion.getSubjectNameIDValue());
} catch (LogoutRequestValidationException e) {
consent = e.getMessage();
statusCode = StatusCode.AUTHN_FAILED_URI;
}
}
} catch (Throwable t) {
statusCode = StatusCode.AUTHN_FAILED_URI;
consent = t instanceof WrappedException ? t.getCause().getMessage() : t.getMessage();
Audit.logError(Operation.LOGOUT_SOAP, false, logoutRequest.getID(), t);
}
if (log.isDebugEnabled()) log.debug("Logout status: " + statusCode + ", message: " + consent);
OIOLogoutResponse logoutResponse = OIOLogoutResponse.fromRequest(logoutRequest, statusCode, consent, ctx.getSpMetadata().getEntityID(), null);
returnResponse(ctx.getResponse(), logoutResponse, ctx.getCredential());
Audit.log(Operation.LOGOUT_SOAP, true, logoutRequest.getID(), logoutResponse.toXML());
}
示例3: handleGet
public void handleGet(RequestContext ctx) throws ServletException, IOException {
HttpServletRequest request = ctx.getRequest();
HttpSession session = ctx.getSession();
String samlRequest = request.getParameter(Constants.SAML_SAMLREQUEST);
String relayState = request.getParameter(Constants.SAML_RELAYSTATE);
String sigAlg = request.getParameter(Constants.SAML_SIGALG);
String sig = request.getParameter(Constants.SAML_SIGNATURE);
if (log.isDebugEnabled()) {
log.debug("samlRequest...:" + samlRequest);
log.debug("relayState....:" + relayState);
log.debug("sigAlg........:" + sigAlg);
log.debug("signature.....:" + sig);
}
OIOLogoutRequest logoutRequest = OIOLogoutRequest.fromRedirectRequest(request);
if (log.isDebugEnabled())
log.debug("Got InboundSAMLMessage..:" + logoutRequest.toXML());
Audit.log(Operation.LOGOUTREQUEST, false, logoutRequest.getID(), logoutRequest.toXML());
String statusCode = StatusCode.SUCCESS_URI;
String consent = null;
OIOAssertion assertion = ctx.getSessionHandler().getAssertion(session.getId());
String idpEntityId = null;
if (assertion != null) {
idpEntityId = assertion.getIssuer();
}
if (idpEntityId == null) {
log.warn("LogoutRequest received but user is not logged in");
idpEntityId = logoutRequest.getIssuer();
}
if (idpEntityId == null) {
throw new RuntimeException("User is not logged in, and there is no Issuer in the LogoutRequest. Unable to continue.");
} else {
Metadata metadata = ctx.getIdpMetadata().getMetadata(idpEntityId);
try {
logoutRequest.validateRequest(sig, request.getQueryString(), metadata.getPublicKeys(), ctx.getSpMetadata().getSingleLogoutServiceHTTPRedirectLocation(), metadata.getEntityID());
// Logging out
if (assertion != null) {
log.info("Logging user out via SLO HTTP Redirect: " + assertion.getSubjectNameIDValue());
} else {
log.info("Logging user out via SLO HTTP Redirect without active session");
}
ctx.getSessionHandler().logOut(session);
invokeAuthenticationHandler(ctx);
} catch (LogoutRequestValidationException e1) {
consent = e1.getMessage();
statusCode = StatusCode.AUTHN_FAILED_URI;
}
if (log.isDebugEnabled()) {
log.debug("Logout status: " + statusCode + ", message: " + consent);
}
// returning...
OIOLogoutResponse res = OIOLogoutResponse.fromRequest(logoutRequest, statusCode, consent, ctx.getSpMetadata().getEntityID(), metadata.getSingleLogoutServiceResponseLocation());
String url = res.getRedirectURL(ctx.getCredential(), relayState);
Audit.log(Operation.LOGOUTRESPONSE, true, res.getID(), res.toXML());
if (log.isDebugEnabled())
log.debug("sendRedirect to..:" + url);
ctx.getResponse().sendRedirect(url);
}
}
示例4: handlePost
public void handlePost(RequestContext ctx) throws ServletException, IOException {
HttpServletRequest request = ctx.getRequest();
HttpSession session = ctx.getSession();
String samlRequest = request.getParameter(Constants.SAML_SAMLREQUEST);
String relayState = request.getParameter(Constants.SAML_RELAYSTATE);
String sigAlg = request.getParameter(Constants.SAML_SIGALG);
String sig = request.getParameter(Constants.SAML_SIGNATURE);
if (log.isDebugEnabled()) {
log.debug("samlRequest...:" + samlRequest);
log.debug("relayState....:" + relayState);
log.debug("sigAlg........:" + sigAlg);
log.debug("signature.....:" + sig);
}
OIOLogoutRequest logoutRequest = OIOLogoutRequest.fromPostRequest(request);
if (log.isDebugEnabled()) {
log.debug("Got InboundSAMLMessage..:" + logoutRequest.toXML());
}
Audit.log(Operation.LOGOUTREQUEST, false, logoutRequest.getID(), logoutRequest.toXML());
String statusCode = StatusCode.SUCCESS_URI;
String consent = null;
OIOAssertion assertion = ctx.getSessionHandler().getAssertion(session.getId());
String idpEntityId = null;
if (assertion != null) {
idpEntityId = assertion.getIssuer();
}
if (idpEntityId == null) {
log.warn("LogoutRequest received but user is not logged in");
idpEntityId = logoutRequest.getIssuer();
}
if (idpEntityId == null) {
throw new RuntimeException("User is not logged in, and there is no Issuer in the LogoutRequest. Unable to continue.");
}
else {
Metadata metadata = ctx.getIdpMetadata().getMetadata(idpEntityId);
try {
logoutRequest.validateRequest(sig, request.getQueryString(), metadata.getPublicKeys(), ctx.getSpMetadata().getSingleLogoutServiceHTTPPostLocation(), metadata.getEntityID());
// Logging out
if (assertion != null) {
log.info("Logging user out via SLO HTTP POST: " + assertion.getSubjectNameIDValue());
} else {
log.info("Logging user out via SLO HTTP POST without active session");
}
ctx.getSessionHandler().logOut(session);
invokeAuthenticationHandler(ctx);
} catch (LogoutRequestValidationException e1) {
consent = e1.getMessage();
statusCode = StatusCode.AUTHN_FAILED_URI;
}
if (log.isDebugEnabled()) {
log.debug("Logout status: " + statusCode + ", message: " + consent);
}
// respond with a http-redirect. This will not become a problem, since we are switching between redirect and post,
// so the browser should not reach the limit on the amount of redirects in a row
OIOLogoutResponse res = OIOLogoutResponse.fromRequest(logoutRequest, statusCode, consent, ctx.getSpMetadata().getEntityID(), metadata.getSingleLogoutServiceResponseLocation());
String url = res.getRedirectURL(ctx.getCredential(), relayState);
Audit.log(Operation.LOGOUTRESPONSE, true, res.getID(), res.toXML());
if (log.isDebugEnabled())
log.debug("sendRedirect to..:" + url);
ctx.getResponse().sendRedirect(url);
}
}