/** * @param request * @param isLogout * @param isPassive * @param loginPage * @return return encoded SAML Auth request * @throws SAMLSSOException */ public String buildPostRequest( HttpServletRequest request, boolean isLogout, boolean isPassive, String loginPage, AuthenticationContext context) throws SAMLSSOException { doBootstrap(); RequestAbstractType requestMessage; String signatureAlgoProp = null; String digestAlgoProp = null; String includeCertProp = null; String signatureAlgo = null; String digestAlgo = null; boolean includeCert = false; // get Signature Algorithm signatureAlgoProp = properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.SIGNATURE_ALGORITHM); if (StringUtils.isEmpty(signatureAlgoProp)) { signatureAlgoProp = IdentityApplicationConstants.XML.SignatureAlgorithm.RSA_SHA1; } signatureAlgo = IdentityApplicationManagementUtil.getXMLSignatureAlgorithms().get(signatureAlgoProp); // get Digest Algorithm digestAlgoProp = properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.DIGEST_ALGORITHM); if (StringUtils.isEmpty(digestAlgoProp)) { digestAlgoProp = IdentityApplicationConstants.XML.DigestAlgorithm.SHA1; } digestAlgo = IdentityApplicationManagementUtil.getXMLDigestAlgorithms().get(digestAlgoProp); includeCertProp = properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.INCLUDE_CERT); if (StringUtils.isEmpty(includeCertProp) || Boolean.parseBoolean(includeCertProp)) { includeCert = true; } if (!isLogout) { requestMessage = buildAuthnRequest(request, isPassive, loginPage, context); if (SSOUtils.isAuthnRequestSigned(properties)) { SSOUtils.setSignature( requestMessage, signatureAlgo, digestAlgo, includeCert, new X509CredentialImpl(context.getTenantDomain(), null)); } } else { String username = (String) request.getSession().getAttribute(SSOConstants.LOGOUT_USERNAME); String sessionIndex = (String) request.getSession().getAttribute(SSOConstants.LOGOUT_SESSION_INDEX); String nameQualifier = (String) request.getSession().getAttribute(SSOConstants.NAME_QUALIFIER); String spNameQualifier = (String) request.getSession().getAttribute(SSOConstants.SP_NAME_QUALIFIER); requestMessage = buildLogoutRequest(username, sessionIndex, loginPage, nameQualifier, spNameQualifier); if (SSOUtils.isLogoutRequestSigned(properties)) { SSOUtils.setSignature( requestMessage, signatureAlgo, digestAlgo, includeCert, new X509CredentialImpl(context.getTenantDomain(), null)); } } return SSOUtils.encode(SSOUtils.marshall(requestMessage)); }