com.sun.identity.saml.servlet

Class SAMLSOAPReceiver

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

com.sun.identity.saml.servlet.SAMLSOAPReceiver

All Implemented Interfaces:

Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

public class SAMLSOAPReceiver
extends javax.servlet.http.HttpServlet

This class defines a SOAP Receiver which supports SOAP over HTTP binding. It's the receiver of SAML requests from external parties for any authentication ,authorization or attribute information for a Subject. Its response which is an Assertion is used by the caller to enable an SSO solution or allow access to resource based on the Statement contained in the assertion sent by it. It supports the following functions:

 1- Accepts an artifact request and returns corresponding assertion.
 2- Accepts assertion id request and returns corresponding assertion.
 3- accept the authentication query and return authentication assertion.
 4- Accept authorization query and return authorization decision assertion.
 5- Accept attribute query and return attribute assertion.
 

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static String	localSAMLServiceID When initialized it represents ID of the local server.

Constructor Summary

Constructors

Constructor and Description
SAMLSOAPReceiver()

Method Summary

Modifier and Type	Method and Description
protected static Set	checkCaller(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) Protected method to check the caller to the servlet.
void	doPost(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) Processes request coming from SOAP.
void	init(javax.servlet.ServletConfig config) Initializes the servlet.

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doGet, doHead, doOptions, doPut, doTrace, getLastModified, service, service

Methods inherited from class javax.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

localSAMLServiceID

public static String localSAMLServiceID

When initialized it represents ID of the local server. It has the format of server_protocol://server_host:server_port. It is used to identify whether the system is in server mode or client mode.

Constructor Detail

SAMLSOAPReceiver

public SAMLSOAPReceiver()

Method Detail

init

public void init(javax.servlet.ServletConfig config)
          throws javax.servlet.ServletException

Initializes the servlet.

Specified by:

init in interface javax.servlet.Servlet

Overrides:

init in class javax.servlet.GenericServlet

Parameters:

config - ServletConfig object.

Throws:

javax.servlet.ServletException - if error occurred during initialization.

doPost

public void doPost(javax.servlet.http.HttpServletRequest req,
                   javax.servlet.http.HttpServletResponse resp)
            throws javax.servlet.ServletException,
                   IOException

Processes request coming from SOAP.

Overrides:

doPost in class javax.servlet.http.HttpServlet

Parameters:

req - HttpServletRequest object.

resp - HttpServletResponse object.

Throws:

javax.servlet.ServletException - if there is an error.

IOException - if there is an error.

checkCaller

protected static Set checkCaller(javax.servlet.http.HttpServletRequest req,
                                 javax.servlet.http.HttpServletResponse resp)
                          throws javax.servlet.ServletException

Protected method to check the caller to the servlet. Returns a set of sourceid whose hostlist contains the passed in certificate's nick name or HttpServletRequest's remote IP address if valid. Else null is returned.

Throws:

javax.servlet.ServletException