コード例 #1
0
  protected EndpointDescriptor resolveClaimsEndpoint(CredentialClaimsRequest requestCredential)
      throws IdentityMediationException {

    for (IdentityMediationEndpoint endpoint : requestCredential.getClaimsChannel().getEndpoints()) {
      // Look for PWD endpoint using Artifacct binding
      if (AuthnCtxClass.PASSWORD_AUTHN_CTX.getValue().equals(endpoint.getType())
          && SSOBinding.SSO_ARTIFACT.getValue().equals(endpoint.getBinding())) {

        if (logger.isDebugEnabled()) logger.debug("Resolved claims endpoint " + endpoint);

        return new EndpointDescriptorImpl(
            endpoint.getName(),
            endpoint.getType(),
            endpoint.getBinding(),
            requestCredential.getClaimsChannel().getLocation() + endpoint.getLocation(),
            endpoint.getResponseLocation() != null
                ? requestCredential.getClaimsChannel().getLocation()
                    + endpoint.getResponseLocation()
                : null);
      }
    }

    return null;
  }
コード例 #2
0
  @Override
  protected ModelAndView onSubmit(
      HttpServletRequest hreq, HttpServletResponse hres, Object o, BindException error)
      throws Exception {

    CollectUsernamePasswordClaims cmd = (CollectUsernamePasswordClaims) o;

    if (logger.isDebugEnabled()) logger.debug("Received CMD" + cmd);

    CredentialClaimsRequest cRequestCredential = cmd.getCredentialClaimsRequest();
    if (logger.isDebugEnabled())
      logger.debug(
          "Collecting usenrame/password claims for request "
              + (cRequestCredential != null ? cRequestCredential.getId() : "NULL"));

    ClaimSet claims = new ClaimSetImpl();
    claims.addClaim(new CredentialClaimImpl("username", cmd.getUsername()));
    claims.addClaim(new CredentialClaimImpl("password", cmd.getPassword()));
    claims.addClaim(new CredentialClaimImpl("rememberMe", cmd.isRememberMe()));

    CredentialClaimsResponse responseCredential =
        new CredentialClaimsResponseImpl(
            idGenerator.generateId(),
            null,
            cRequestCredential.getId(),
            claims,
            cRequestCredential.getRelayState());

    EndpointDescriptor claimsEndpoint = resolveClaimsEndpoint(cRequestCredential);
    if (claimsEndpoint == null) {
      logger.error("No claims endpoint found!");
      // TODO : Create error and redirect to error view using 'IDBusErrArt'
    }

    // We want the binding factory to use a binding component to build this URL, if possible
    Channel claimsChannel = cRequestCredential.getClaimsChannel();
    claimsChannel = getNonSerializedChannel(claimsChannel);

    String claimsEndpointUrl = null;
    if (claimsChannel != null) {

      MediationBindingFactory f = claimsChannel.getIdentityMediator().getBindingFactory();
      MediationBinding b =
          f.createBinding(
              SSOBinding.SSO_ARTIFACT.getValue(), cRequestCredential.getClaimsChannel());

      claimsEndpointUrl = claimsEndpoint.getResponseLocation();
      if (claimsEndpointUrl == null) claimsEndpointUrl = claimsEndpoint.getLocation();

      if (b instanceof AbstractMediationHttpBinding) {
        AbstractMediationHttpBinding httpBinding = (AbstractMediationHttpBinding) b;
        claimsEndpointUrl =
            ((AbstractMediationHttpBinding) b).buildHttpTargetLocation(hreq, claimsEndpoint, true);

      } else {
        logger.warn("Cannot delegate URL construction to binding, non-http binding found " + b);
        claimsEndpointUrl =
            claimsEndpoint.getResponseLocation() != null
                ? claimsEndpoint.getResponseLocation()
                : claimsEndpoint.getLocation();
      }
    } else {

      logger.warn(
          "Cannot delegate URL construction to binding, valid definition of channel "
              + cRequestCredential.getClaimsChannel().getName()
              + " not foud ...");
      claimsEndpointUrl =
          claimsEndpoint.getResponseLocation() != null
              ? claimsEndpoint.getResponseLocation()
              : claimsEndpoint.getLocation();
    }

    if (logger.isDebugEnabled())
      logger.debug("Using claims endpoint URL [" + claimsEndpointUrl + "]");

    Artifact a = getArtifactQueueManager().pushMessage(responseCredential);
    claimsEndpointUrl += "?SSOArt=" + a.getContent();

    if (logger.isDebugEnabled()) logger.debug("Returing claims to " + claimsEndpointUrl);

    hreq.getSession().removeAttribute("CollectUsernamePasswordClaims");

    return new ModelAndView(new RedirectView(claimsEndpointUrl));
  }