public void testErrorHandling() throws Exception {
   ErrorServlet.authError = null;
   Client client = ClientBuilder.newClient();
   // make sure
   Response response = client.target(APP_SERVER_BASE_URL + "/employee-sig/").request().get();
   response.close();
   SAML2ErrorResponseBuilder builder =
       new SAML2ErrorResponseBuilder()
           .destination(APP_SERVER_BASE_URL + "/employee-sig/saml")
           .issuer(AUTH_SERVER_URL + "/realms/demo")
           .status(JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get());
   BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder().relayState(null);
   Document document = builder.buildDocument();
   URI uri =
       binding
           .redirectBinding(document)
           .generateURI(APP_SERVER_BASE_URL + "/employee-sig/saml", false);
   response = client.target(uri).request().get();
   String errorPage = response.readEntity(String.class);
   response.close();
   Assert.assertTrue(errorPage.contains("Error Page"));
   client.close();
   Assert.assertNotNull(ErrorServlet.authError);
   SamlAuthenticationError error = (SamlAuthenticationError) ErrorServlet.authError;
   Assert.assertEquals(SamlAuthenticationError.Reason.ERROR_STATUS, error.getReason());
   Assert.assertNotNull(error.getStatus());
   ErrorServlet.authError = null;
 }
Example #2
0
 @Override
 public Response sendError(ClientSessionModel clientSession, Error error) {
   try {
     if ("true".equals(clientSession.getClient().getAttribute(SAML_IDP_INITIATED_LOGIN))) {
       if (error == Error.CANCELLED_BY_USER) {
         UriBuilder builder =
             RealmsResource.protocolUrl(uriInfo).path(SamlService.class, "idpInitiatedSSO");
         Map<String, String> params = new HashMap<>();
         params.put("realm", realm.getName());
         params.put("protocol", LOGIN_PROTOCOL);
         params.put(
             "client", clientSession.getClient().getAttribute(SAML_IDP_INITIATED_SSO_URL_NAME));
         URI redirect = builder.buildFromMap(params);
         return Response.status(302).location(redirect).build();
       } else {
         return ErrorPage.error(session, translateErrorToIdpInitiatedErrorMessage(error));
       }
     } else {
       SAML2ErrorResponseBuilder builder =
           new SAML2ErrorResponseBuilder()
               .destination(clientSession.getRedirectUri())
               .issuer(getResponseIssuer(realm))
               .status(translateErrorToSAMLStatus(error).get());
       try {
         JaxrsSAML2BindingBuilder binding =
             new JaxrsSAML2BindingBuilder()
                 .relayState(clientSession.getNote(GeneralConstants.RELAY_STATE));
         Document document = builder.buildDocument();
         return buildErrorResponse(clientSession, binding, document);
       } catch (Exception e) {
         return ErrorPage.error(session, Messages.FAILED_TO_PROCESS_RESPONSE);
       }
     }
   } finally {
     RestartLoginCookie.expireRestartCookie(realm, session.getContext().getConnection(), uriInfo);
     session.sessions().removeClientSession(realm, clientSession);
   }
 }