private void map(String sessionId, Object value) { if (! (value instanceof SamlSession) || sessionId == null) { return; } SamlSession account = (SamlSession) value; idMapper.map(account.getSessionIndex(), account.getPrincipal().getSamlSubject(), sessionId); }
@Override public void saveAccount(SamlSession account) { Session session = request.getSessionInternal(true); session.getSession().setAttribute(SamlSession.class.getName(), account); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK-SAML"); String newId = changeSessionId(session); idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId); }
principal = principalFactory.createPrincipal(request.getContext().getRealm(), samlSession.getPrincipal(), samlSession.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); else if (samlSession.getPrincipal().getName().equals(principal.getName())){ if (!principal.getUserPrincipal().getName().equals(samlSession.getPrincipal().getName())) { throw new RuntimeException("Unknown State");
private void unmap(String sessionId, Object value) { if (! (value instanceof SamlSession) || sessionId == null) { return; } SamlSession samlSession = (SamlSession) value; if (samlSession.getSessionIndex() != null) { idMapper.removeSession(sessionId); } } }
String index = authn == null ? null : authn.getSessionIndex(); final String sessionIndex = index; SamlSession account = new SamlSession(principal, roles, sessionIndex); sessionStore.saveAccount(account); onCreateSession.onSessionCreated(account);
@Override public void logoutAccount() { Session sessionInternal = request.getSessionInternal(false); if (sessionInternal == null) return; HttpSession session = sessionInternal.getSession(); List<String> ids = new LinkedList<String>(); if (session != null) { SamlSession samlSession = (SamlSession)session.getAttribute(SamlSession.class.getName()); if (samlSession != null) { if (samlSession.getSessionIndex() != null) { ids.add(session.getId()); idMapperUpdater.removeSession(idMapper, session.getId()); } session.removeAttribute(SamlSession.class.getName()); } session.removeAttribute(SAML_REDIRECT_URI); } sessionInternal.setPrincipal(null); sessionInternal.setAuthType(null); logoutSessionIds(ids); }
@Override public void sessionIdChanged(Session session, String oldSessionId) { this.httpSessionToSsoCache.remove(oldSessionId); Object value = session.getAttribute(SamlSession.class.getName()); if (value instanceof SamlSession) { SamlSession sess = (SamlSession) value; httpSessionToSsoCache.put(session.getId(), new String[] {sess.getSessionIndex(), sess.getPrincipal().getSamlSubject()}); } } }
.assertionExpiration(30) .issuer(deployment.getEntityID()) .sessionIndex(account.getSessionIndex()) .userPrincipal(account.getPrincipal().getSamlSubject(), account.getPrincipal().getNameIDFormat()) .destination(deployment.getIDP().getSingleLogoutService().getRequestBindingUrl()); BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();