Package com.sun.identity.federation.services.fednsso

Class FSSSOAndFedHandler

    • Field Detail

      • request

        protected jakarta.servlet.http.HttpServletRequest request

      • response

        protected jakarta.servlet.http.HttpServletResponse response

      • spDescriptor

        protected com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType spDescriptor

      • spConfig

        protected com.sun.identity.federation.jaxb.entityconfig.BaseConfigType spConfig

      • spEntityId

        protected String spEntityId

      • relayState

        protected String relayState

      • ssoToken

        protected Object ssoToken

      • metaAlias

        protected String metaAlias

      • hostedDesc

        protected com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType hostedDesc

      • hostedConfig

        protected com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig

      • realm

        protected String realm

      • hostedEntityId

        protected String hostedEntityId

      • noFedStatus

        protected Status noFedStatus

    • Constructor Detail

      • FSSSOAndFedHandler

        protected FSSSOAndFedHandler()
        Default constructor.

      • FSSSOAndFedHandler

        public FSSSOAndFedHandler​(jakarta.servlet.http.HttpServletRequest request,
                          jakarta.servlet.http.HttpServletResponse response,
                          FSAuthnRequest authnRequest,
                          com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType spDescriptor,
                          com.sun.identity.federation.jaxb.entityconfig.BaseConfigType spConfig,
                          String spEntityId,
                          String relayState,
                          Object ssoToken)
        Constructor.
        Parameters:
        request - HttpServletRequest object
        response - HttpServletResponse object
        authnRequest - authentication request
        spDescriptor - SP's provider descriptor
        spConfig - SP's provider extended meta
        spEntityId - SP's entity id
        relayState - where to go after single sign on is done
        ssoToken - token of the user to be single sign-oned

      • FSSSOAndFedHandler

        public FSSSOAndFedHandler​(jakarta.servlet.http.HttpServletRequest request,
                          jakarta.servlet.http.HttpServletResponse response,
                          FSAuthnRequest authnRequest,
                          com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType spDescriptor,
                          com.sun.identity.federation.jaxb.entityconfig.BaseConfigType spConfig,
                          String spEntityId,
                          String relayState)
        Constructor.
        Parameters:
        request - HttpServletRequest object
        response - HttpServletResponse object
        authnRequest - authentication request
        spDescriptor - SP's provider descriptor
        spConfig - SP's extended meta
        spEntityId - SP's entity id
        relayState - where to go after single sign on is done

      • FSSSOAndFedHandler

        public FSSSOAndFedHandler​(jakarta.servlet.http.HttpServletRequest request,
                          jakarta.servlet.http.HttpServletResponse response)
        Constructor.
        Parameters:
        request - HttpServletRequest object
        response - HttpServletResponse object

    • Method Detail

      • setMetaAlias

        public void setMetaAlias​(String metaAlias)
        Sets meta alias of the host identity provider.
        Parameters:
        metaAlias - meta alias of the provider.

      • setHostedEntityId

        public void setHostedEntityId​(String hostedEntityId)
        Sets host identity provider's entity ID.
        Parameters:
        hostedEntityId - entity ID to be set
        See Also:
        getHostedEntityId()

      • setHostedDescriptor

        public void setHostedDescriptor​(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType hostedDesc)
        Sets host identity provider's meta descriptor.
        Parameters:
        hostedDesc - hosted meta descriptor to be set

      • setHostedDescriptorConfig

        public void setHostedDescriptorConfig​(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig)
        Sets host identity provider's extended meta.
        Parameters:
        hostedConfig - host identity provider's extended meta to be set

      • getRealm

        public String getRealm()
        Gets the realm under which the entity resides.
        Returns:
        the realm under which the entity resides.
        See Also:
        setRealm(String)

      • setRealm

        public void setRealm​(String realm)
        Sets the realm under which the entity resides.
        Parameters:
        realm - The realm under which the entity resides.
        See Also:
        getRealm()

      • processPreAuthnSSO

        public boolean processPreAuthnSSO​(FSAuthnRequest authnRequest)
        Handles authentication request.
        Parameters:
        authnRequest - FSAuthnRequest object
        Returns:
        true if the request is handled successfully; false otherwise.

      • formatLoginURL

        public String formatLoginURL​(String loginUrl,
                             String authnContext)
        Generates local login url.
        Parameters:
        loginUrl - authentication base url
        authnContext - requested AuthnContextRef
        Returns:
        local login url with appropriate parameters

      • processPostAuthnSSO

        public boolean processPostAuthnSSO​(FSAuthnRequest authnRequest)
        Handles authentication request after local login.
        Parameters:
        authnRequest - FSAuthnRequest object
        Returns:
        true if the request is handled successfully; false otherwise.

      • doSingleSignOn

        protected boolean doSingleSignOn​(Object ssoToken,
                                 String inResponseTo)

      • returnErrorResponse

        protected void returnErrorResponse()

      • processSAMLRequest

        public FSResponse processSAMLRequest​(FSSAMLRequest samlRequest)
        Processes SAML request.
        Parameters:
        samlRequest - FSSAMLRequest object
        Returns:
        generated FSResponse object

      • processAuthnRequest

        public void processAuthnRequest​(FSAuthnRequest authnRequest,
                                boolean bPostAuthn)
        Processes authentication request.
        Parameters:
        authnRequest - authentication request
        bPostAuthn - true indicates it's post authentication; false indicates it's pre authentication.

      • sendAuthnResponse

        protected void sendAuthnResponse​(FSAuthnResponse authnResponse)

      • setSPDescriptor

        public void setSPDescriptor​(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType spDescriptor)
        Sets remote SP provider descriptor.
        Parameters:
        spDescriptor - remote SP provider descriptor.
        See Also:
        getProvider()

      • getProvider

        public com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType getProvider()
        Returns remote SP provider descriptor.
        Returns:
        remote SP provider descriptor

      • verifyRequestSignature

        protected boolean verifyRequestSignature​(FSAuthnRequest authnRequest)

      • cleanMetaAlias

        public static String cleanMetaAlias​(jakarta.servlet.http.HttpServletRequest request)
        Removes meta alias from request parameters.
        Parameters:
        request - HttpServletRequest object
        Returns:
        parameter string which doesn't contain meta alias

      • sendProxyAuthnRequest

        protected void sendProxyAuthnRequest​(FSAuthnRequest authnRequest,
                                     String preferredIDP)
                              throws FSException,
                                     IOException
        Sends a new AuthnRequest to the authenticating provider.
        Parameters:
        authnRequest - original AuthnRequest sent by the service provider.
        preferredIDP - IDP to be proxied.
        Throws:
        FSException - for any federation failure.
        IOException - if there is a failure in redirection.

      • isIDPProxyEnabled

        protected boolean isIDPProxyEnabled​(FSAuthnRequest authnRequest)
                             throws FSException
        Checks if the identity provider is configured for proxying the authentication requests for a requesting service provider.
        Parameters:
        authnRequest - Authentication Request.
        Returns:
        true if the IDP is configured for proxying.
        Throws:
        FSException - for any failure.