aboutsummaryrefslogtreecommitdiff
path: root/id/oa/src/main/java/at/gv/egovernment/moa
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-08-26 14:03:58 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-08-26 14:03:58 +0200
commit52a855d948a6c3090b5d696774896deac95b621f (patch)
tree34975c9f9c151a82efd8b5e23330eb9bbcf4c284 /id/oa/src/main/java/at/gv/egovernment/moa
parentbb21974ea69b1705ef574569980a82640ca1de69 (diff)
downloadmoa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.tar.gz
moa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.tar.bz2
moa-id-spss-52a855d948a6c3090b5d696774896deac95b621f.zip
Allow multiple alias domains
- Every alias domain is a own EntityID which is the configured PublicURLPrefix
Diffstat (limited to 'id/oa/src/main/java/at/gv/egovernment/moa')
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java62
1 files changed, 43 insertions, 19 deletions
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index 4bce49465..0b8251386 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
@@ -124,7 +125,7 @@ public class Authenticate extends HttpServlet {
serviceURL = serviceURL + "/";
//name.setValue(serviceURL);
issuer.setValue(serviceURL);
-
+
// subject.setNameID(name);
// authReq.setSubject(subject);
issuer.setFormat(NameIDType.ENTITY);
@@ -155,13 +156,21 @@ public class Authenticate extends HttpServlet {
for (SingleSignOnService sss :
idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
+// //Get the service address for the binding you wish to use
+// if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+// redirectEndpoint = sss;
+// }
+
//Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
redirectEndpoint = sss;
}
+
}
authReq.setDestination(redirectEndpoint.getLocation());
+ //authReq.setDestination("http://test.test.test");
+
RequestedAuthnContext reqAuthContext =
SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
@@ -191,32 +200,47 @@ public class Authenticate extends HttpServlet {
authReq.setSignature(signer);
//generate Http-POST Binding message
- VelocityEngine engine = new VelocityEngine();
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
- engine.setProperty("classpath.resource.loader.class",
- "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
- engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
- "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
- engine.init();
-
- HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
- "templates/pvp_postbinding_template.html");
+// VelocityEngine engine = new VelocityEngine();
+// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+// engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+// engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+// engine.setProperty("classpath.resource.loader.class",
+// "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+// engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+// "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
+// engine.init();
+//
+// HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+// "templates/pvp_postbinding_template.html");
+// HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+// response, true);
+// BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+// SingleSignOnService service = new SingleSignOnServiceBuilder()
+// .buildObject();
+// service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+// service.setLocation(redirectEndpoint.getLocation());;
+//
+// context.setOutboundSAMLMessageSigningCredential(authcredential);
+// context.setPeerEntityEndpoint(service);
+// context.setOutboundSAMLMessage(authReq);
+// context.setOutboundMessageTransport(responseAdapter);
+
+ //generate Redirect Binding message
+ HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
response, true);
BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
SingleSignOnService service = new SingleSignOnServiceBuilder()
.buildObject();
- service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
- service.setLocation(redirectEndpoint.getLocation());;
-
+ service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ service.setLocation(redirectEndpoint.getLocation());
context.setOutboundSAMLMessageSigningCredential(authcredential);
context.setPeerEntityEndpoint(service);
context.setOutboundSAMLMessage(authReq);
context.setOutboundMessageTransport(responseAdapter);
-
+ //context.setRelayState(relayState);
+
encoder.encode(context);
} catch (Exception e) {