private void map(String sessionId, Object value) { if (! (value instanceof SamlSession) || sessionId == null) { return; } SamlSession account = (SamlSession) value; idMapper.map(account.getSessionIndex(), account.getPrincipal().getSamlSubject(), sessionId); }
@Override public void sessionIdChanged(Session session, String oldSessionId) { this.httpSessionToSsoCache.remove(oldSessionId); Object value = session.getAttribute(SamlSession.class.getName()); if (value instanceof SamlSession) { SamlSession sess = (SamlSession) value; httpSessionToSsoCache.put(session.getId(), new String[] {sess.getSessionIndex(), sess.getPrincipal().getSamlSubject()}); } } }
principal = principalFactory.createPrincipal(request.getContext().getRealm(), samlSession.getPrincipal(), samlSession.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); else if (samlSession.getPrincipal().getName().equals(principal.getName())){ if (!principal.getUserPrincipal().getName().equals(samlSession.getPrincipal().getName())) { throw new RuntimeException("Unknown State");
@Override public void saveAccount(SamlSession account) { Session session = request.getSessionInternal(true); session.getSession().setAttribute(SamlSession.class.getName(), account); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK-SAML"); String newId = changeSessionId(session); idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId); }
.issuer(deployment.getEntityID()) .sessionIndex(account.getSessionIndex()) .userPrincipal(account.getPrincipal().getSamlSubject(), account.getPrincipal().getNameIDFormat()) .destination(deployment.getIDP().getSingleLogoutService().getRequestBindingUrl()); BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();