/** * Finds the user based on the termination request received from a remote provider. * * @param reqTermination the termination request * @return <code>true</code> if the user is found; <code>false</code> otherwise. */ public boolean setUserID(FSFederationTerminationNotification reqTermination) { try { // UserDN needs to be figured from termination request String sourceProviderId = ""; if (managerInst != null) { sourceProviderId = reqTermination.getProviderId(); if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("sourceProviderId : " + sourceProviderId); } String opaqueHandle = (reqTermination.getNameIdentifier()).getName().trim(); if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("processTerminationRequest Handle : " + opaqueHandle); } String associatedDomain = (reqTermination.getNameIdentifier().getNameQualifier()).trim(); if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("Name Qualifier : " + associatedDomain); } if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("Realm : " + realm); } String searchDomain = hostedEntityId; if ((associatedDomain != null) && (associatedDomain.length() != 0) && (!sourceProviderId.equals(associatedDomain))) { searchDomain = associatedDomain; } FSAccountFedInfoKey acctkey = new FSAccountFedInfoKey(searchDomain, opaqueHandle); Map env = new HashMap(); env.put(IFSConstants.FS_USER_PROVIDER_ENV_TERMINATION_KEY, reqTermination); this.userID = managerInst.getUserID(acctkey, realm, env); if (this.userID == null) { acctkey = new FSAccountFedInfoKey(remoteEntityId, opaqueHandle); this.userID = managerInst.getUserID(acctkey, realm, env); if (this.userID == null) { FSUtils.debug.message("UserID is null"); return false; } } if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("user id is " + userID); } return true; } } catch (FSAccountMgmtException e) { FSUtils.debug.error("In FSAccountMgmtException :: ", e); } this.userID = null; return false; }
/** * Processes the termination request received from a remote provider. Invoded when Http redirect * profile is used. * * @param request HTTP request * @param response HTTP response * @param reqTermination the federation termination request received from remote provider */ public void processTerminationRequest( HttpServletRequest request, HttpServletResponse response, FSFederationTerminationNotification reqTermination) { FSUtils.debug.message("Entered FSFedTerminationHandler::processTerminationRequest..."); this.request = request; this.locale = FSServiceUtils.getLocale(request); this.response = response; this.relayState = reqTermination.getRelayState(); setTerminationURL(); if (managerInst == null) { FSUtils.debug.error( "FSSPFedTerminationHandler " + FSUtils.bundle.getString(IFSConstants.FEDERATION_FAILED_ACCOUNT_INSTANCE)); if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message( "FSSPFedTerminationHandler::handleFederationTermination" + "failed to get Account Manager instance"); } returnToSource(); return; } boolean bStatus = updateAccountInformation(reqTermination.getNameIdentifier()); if (!bStatus) { FSUtils.debug.message("Termination request processing failed"); String[] data = { FSUtils.bundle.getString(IFSConstants.TERMINATION_REQUEST_PROCESSING_FAILED) }; LogUtil.error(Level.INFO, LogUtil.TERMINATION_FAILED, data, ssoToken); returnToSource(); return; } FSUtils.debug.message("User sucessfully defederated"); String[] data = {FSUtils.bundle.getString(IFSConstants.TERMINATION_SUCCEEDED)}; LogUtil.access(Level.INFO, LogUtil.TERMINATION_SUCCESS, data, ssoToken); // Call SP Adaper for remote IDP initiated HTTP profile if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) { FederationSPAdapter spAdapter = FSServiceUtils.getSPAdapter(hostedEntityId, hostedConfig); if (spAdapter != null) { FSUtils.debug.message("FSFedTerminationHandler.HTTP"); try { spAdapter.postTerminationNotificationSuccess( hostedEntityId, request, response, userID, reqTermination, IFSConstants.TERMINATION_IDP_HTTP_PROFILE); } catch (Exception e) { // ignore adapter exception FSUtils.debug.error("postTermNotification.IDP/HTTP", e); } } } returnToSource(); return; }
/** * Processes the termination request received from a remote provider. Invoded when SOAP profile is * used. * * @param reqTermination the federation termination request received from remote provider * @return <code>true</code> when the process is successful; <code>false</code> otherwise. */ public boolean processSOAPTerminationRequest( HttpServletRequest request, HttpServletResponse response, FSFederationTerminationNotification reqTermination) { FSUtils.debug.message("Entered FSFedTerminationHandler::processSOAPTerminationRequest"); if (managerInst == null) { FSUtils.debug.error("FSSPFedTerminationHandler " + "Account Manager instance is null"); if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message( "FSSPFedTerminationHandler::handleFederationTermination" + "failed to get Account Manager instance"); } return false; } if (FSUtils.debug.messageEnabled()) { FSUtils.debug.message("Begin processTerminationRequest SOAP profile..."); } boolean bStatus = false; if (reqTermination != null) { boolean bUserStatus = setUserID(reqTermination); if (bUserStatus) { bStatus = updateAccountInformation(reqTermination.getNameIdentifier()); if (!bStatus) { FSUtils.debug.error( "FSFedTerminationHandler " + FSUtils.bundle.getString(IFSConstants.TERMINATION_REQUEST_PROCESSING_FAILED)); return false; } else { FSUtils.debug.message("User sucessfully defederated"); // Call SP Adapter for remote IDP initiated SOAP case if (hostedProviderRole != null && hostedProviderRole.equalsIgnoreCase(IFSConstants.SP)) { FederationSPAdapter spAdapter = FSServiceUtils.getSPAdapter(hostedEntityId, hostedConfig); if (spAdapter != null) { FSUtils.debug.message("FSFedTerminationHandler.SOAP"); try { spAdapter.postTerminationNotificationSuccess( hostedEntityId, request, response, userID, reqTermination, IFSConstants.TERMINATION_IDP_SOAP_PROFILE); } catch (Exception e) { // ignore adapter exception FSUtils.debug.error("postTerm.IDP/SOAP", e); } } } return true; } } else { FSUtils.debug.message("Failed to get UserDN. Invalid termination request"); return false; } } else { FSUtils.debug.error( "FSFedTerminationHandler::processTerminationRequest " + "Federation termination request is improper"); return false; } }