private void refreshData( AuthenticationSettings authSettings, AuthorizationRequestData rdo, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, MarketplaceRemovedException { if (authSettings.isServiceProvider()) { rdo.setTenantID(getTenantID(rdo, request)); if (!isSamlForward(request)) { return; } rdo.refreshData(request); SAMLCredentials samlCredentials = new SAMLCredentials(request); if (rdo.getUserId() == null) { rdo.setUserId(samlCredentials.getUserId()); } if (rdo.getPassword() == null) { String generatedPassword = samlCredentials.generatePassword(); if (generatedPassword == null) { request.setAttribute(Constants.REQ_ATTR_ERROR_KEY, BaseBean.ERROR_SAML_TIMEOUT); forward(errorPage, request, response); } rdo.setPassword(generatedPassword); // if generated password is null, then timeout!!! } } else { rdo.refreshData(request); // store some parameters if the login fails (needed for login.xhtml) request.setAttribute(Constants.REQ_PARAM_USER_ID, rdo.getUserId()); } }