diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-08-26 14:03:58 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-08-26 14:03:58 +0200 |
commit | 52a855d948a6c3090b5d696774896deac95b621f (patch) | |
tree | 34975c9f9c151a82efd8b5e23330eb9bbcf4c284 /id/oa/src/main/java/at/gv/egovernment/moa | |
parent | bb21974ea69b1705ef574569980a82640ca1de69 (diff) | |
download | moa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.tar.gz moa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.tar.bz2 moa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.zip |
Allow multiple alias domains
- Every alias domain is a own EntityID which is the configured PublicURLPrefix
Diffstat (limited to 'id/oa/src/main/java/at/gv/egovernment/moa')
-rw-r--r-- | id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java | 62 |
1 files changed, 43 insertions, 19 deletions
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java index 4bce49465..0b8251386 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java @@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; +import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.saml2.core.AuthnContextClassRef; import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; import org.opensaml.saml2.core.AuthnRequest; @@ -124,7 +125,7 @@ public class Authenticate extends HttpServlet { serviceURL = serviceURL + "/"; //name.setValue(serviceURL); issuer.setValue(serviceURL); - + // subject.setNameID(name); // authReq.setSubject(subject); issuer.setFormat(NameIDType.ENTITY); @@ -155,13 +156,21 @@ public class Authenticate extends HttpServlet { for (SingleSignOnService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { +// //Get the service address for the binding you wish to use +// if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { +// redirectEndpoint = sss; +// } + //Get the service address for the binding you wish to use - if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { + if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { redirectEndpoint = sss; } + } authReq.setDestination(redirectEndpoint.getLocation()); + //authReq.setDestination("http://test.test.test"); + RequestedAuthnContext reqAuthContext = SAML2Utils.createSAMLObject(RequestedAuthnContext.class); @@ -191,32 +200,47 @@ public class Authenticate extends HttpServlet { authReq.setSignature(signer); //generate Http-POST Binding message - VelocityEngine engine = new VelocityEngine(); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); - engine.setProperty("classpath.resource.loader.class", - "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); - engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, - "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); - engine.init(); - - HTTPPostEncoder encoder = new HTTPPostEncoder(engine, - "templates/pvp_postbinding_template.html"); +// VelocityEngine engine = new VelocityEngine(); +// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); +// engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); +// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); +// engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); +// engine.setProperty("classpath.resource.loader.class", +// "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); +// engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, +// "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); +// engine.init(); +// +// HTTPPostEncoder encoder = new HTTPPostEncoder(engine, +// "templates/pvp_postbinding_template.html"); +// HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( +// response, true); +// BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); +// SingleSignOnService service = new SingleSignOnServiceBuilder() +// .buildObject(); +// service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); +// service.setLocation(redirectEndpoint.getLocation());; +// +// context.setOutboundSAMLMessageSigningCredential(authcredential); +// context.setPeerEntityEndpoint(service); +// context.setOutboundSAMLMessage(authReq); +// context.setOutboundMessageTransport(responseAdapter); + + //generate Redirect Binding message + HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( response, true); BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); SingleSignOnService service = new SingleSignOnServiceBuilder() .buildObject(); - service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); - service.setLocation(redirectEndpoint.getLocation());; - + service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + service.setLocation(redirectEndpoint.getLocation()); context.setOutboundSAMLMessageSigningCredential(authcredential); context.setPeerEntityEndpoint(service); context.setOutboundSAMLMessage(authReq); context.setOutboundMessageTransport(responseAdapter); - + //context.setRelayState(relayState); + encoder.encode(context); } catch (Exception e) { |