/** * Validate an already issued assertion * @param httpServletRequest * @return * @throws Exception */ @POST public String validate(@Context HttpServletRequest httpServletRequest) throws Exception { String base64EncodedAssertion = httpServletRequest.getParameter(ASSERTION_PARAMETER); if(base64EncodedAssertion != null) { AssertionType samlAssertion = parseAssertion(base64EncodedAssertion); SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext(); samlProtocolContext.setIssuedAssertion(samlAssertion); boolean isValid = validate(samlProtocolContext); if(isValid){ return "true"; } } return "false"; } }
/** * Validate an already issued assertion * @param httpServletRequest * @return * @throws Exception */ @POST public String validate(@Context HttpServletRequest httpServletRequest) throws Exception { String base64EncodedAssertion = httpServletRequest.getParameter(ASSERTION_PARAMETER); if(base64EncodedAssertion != null) { AssertionType samlAssertion = parseAssertion(base64EncodedAssertion); SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext(); samlProtocolContext.setIssuedAssertion(samlAssertion); boolean isValid = validate(samlProtocolContext); if(isValid){ return "true"; } } return "false"; } }
samlProtocolContext.setIssuedAssertion(assertion); try
samlProtocolContext.setIssuedAssertion(assertion); try
public void sessionDestroyed(HttpSessionEvent se) { HttpSession httpSession = se.getSession(); if (httpSession == null) throw logger.nullArgumentError("session"); AssertionType assertion = (AssertionType) httpSession.getAttribute(GeneralConstants.ASSERTION); // If the user had logged out, then the assertion would not be available in the session. // The case when the user closes the browser and does not logout, the session will time out on the // server. So we know that the token has not been canceled by the STS. if (assertion != null) { logger.trace("User has closed the browser. So we proceed to cancel the STS issued token."); PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance(); SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext(); samlProtocolContext.setIssuedAssertion(assertion); try { sts.cancelToken(samlProtocolContext); } catch (ProcessingException e) { logger.error(e); } httpSession.removeAttribute(GeneralConstants.ASSERTION); } } }
public void sessionDestroyed(HttpSessionEvent se) { HttpSession httpSession = se.getSession(); if (httpSession == null) throw logger.nullArgumentError("session"); AssertionType assertion = (AssertionType) httpSession.getAttribute(GeneralConstants.ASSERTION); // If the user had logged out, then the assertion would not be available in the session. // The case when the user closes the browser and does not logout, the session will time out on the // server. So we know that the token has not been canceled by the STS. if (assertion != null) { logger.trace("User has closed the browser. So we proceed to cancel the STS issued token."); PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance(); SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext(); samlProtocolContext.setIssuedAssertion(assertion); try { sts.cancelToken(samlProtocolContext); } catch (ProcessingException e) { logger.error(e); } httpSession.removeAttribute(GeneralConstants.ASSERTION); } } }
public void sessionDestroyed(HttpSessionEvent se) { HttpSession httpSession = se.getSession(); if (httpSession == null) throw logger.nullArgumentError("session"); AssertionType assertion = (AssertionType) httpSession.getAttribute(GeneralConstants.ASSERTION); // If the user had logged out, then the assertion would not be available in the session. // The case when the user closes the browser and does not logout, the session will time out on the // server. So we know that the token has not been canceled by the STS. if (assertion != null) { logger.trace("User has closed the browser. So we proceed to cancel the STS issued token."); PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance(); SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext(); samlProtocolContext.setIssuedAssertion(assertion); try { sts.cancelToken(samlProtocolContext); } catch (ProcessingException e) { logger.error(e); } httpSession.removeAttribute(GeneralConstants.ASSERTION); } } }
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(issuedAssertion);
samlProtocolContext.setIssuedAssertion(issuedAssertion);
samlProtocolContext.setIssuedAssertion(issuedAssertion);
samlProtocolContext.setIssuedAssertion(issuedAssertion);
samlProtocolContext.setIssuedAssertion(issuedAssertion);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(assertionType);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(assertionType);
throw logger.processingError(e); samlProtocolContext.setIssuedAssertion(assertionType);