protected SingleLogoutService getSingleLogoutService(String entityBaseURL, String entityAlias, String binding) { @SuppressWarnings("unchecked") SAMLObjectBuilder<SingleLogoutService> builder = (SAMLObjectBuilder<SingleLogoutService>) builderFactory .getBuilder(SingleLogoutService.DEFAULT_ELEMENT_NAME); SingleLogoutService logoutService = builder.buildObject(); logoutService.setLocation(getServerURL(entityBaseURL, entityAlias, getSAMLLogoutFilterPath())); logoutService.setBinding(binding); return logoutService; }
if (slos.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { idpMetadata.setSloUrl(slos.getLocation());
private void setSingleLogoutServices(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO) { List<SingleLogoutService> singleLogoutServices = spssoDescriptor.getSingleLogoutServices(); if (singleLogoutServices != null && singleLogoutServices.size() > 0) { boolean foundSingleLogoutServicePostBinding = false; for (SingleLogoutService singleLogoutService : singleLogoutServices) { if (singleLogoutService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { samlssoServiceProviderDO.setSloRequestURL(singleLogoutService.getLocation()); samlssoServiceProviderDO.setSloResponseURL(singleLogoutService.getResponseLocation());//changed foundSingleLogoutServicePostBinding = true; break; } } samlssoServiceProviderDO.setSloRequestURL(singleLogoutServices.get(0).getLocation()); samlssoServiceProviderDO.setSloResponseURL(singleLogoutServices.get(0).getResponseLocation());//chnaged samlssoServiceProviderDO.setDoSingleLogout(true); } else { samlssoServiceProviderDO.setDoSingleLogout(false); } }
public void buildSingleLogOutService(IDPSSODescriptor idpSsoDesc, FederatedAuthenticatorConfig samlFederatedAuthenticatorConfig) throws MetadataException { SingleLogoutService sloServiceDesc = BuilderUtil .createSAMLObject(ConfigElements.FED_METADATA_NS, ConfigElements.SLOSERVICE_DESCRIPTOR, ""); sloServiceDesc.setBinding(IDPMetadataConstant.HTTP_BINDING_REDIRECT_SAML2); sloServiceDesc.setLocation(getFederatedAuthenticatorConfigProperty(samlFederatedAuthenticatorConfig, IdentityApplicationConstants.Authenticator.SAML2SSO.LOGOUT_REQ_URL).getValue()); sloServiceDesc.setResponseLocation(getFederatedAuthenticatorConfigProperty(samlFederatedAuthenticatorConfig, IdentityApplicationConstants.Authenticator.SAML2SSO.LOGOUT_REQ_URL).getValue()); idpSsoDesc.getSingleLogoutServices().add(sloServiceDesc); }
public static String getLogoutBinding(IDPSSODescriptor idp, SPSSODescriptor sp) throws MetadataProviderException { List<SingleLogoutService> logoutServices = idp.getSingleLogoutServices(); if (logoutServices.size() == 0) { throw new MetadataProviderException("IDP doesn't contain any SingleLogout endpoints"); } String binding = null; // Let's find first binding supported by both IDP and SP idp: for (SingleLogoutService idpService : logoutServices) { for (SingleLogoutService spService : sp.getSingleLogoutServices()) { if (idpService.getBinding().equals(spService.getBinding())) { binding = idpService.getBinding(); break idp; } } } // In case there's no common endpoint let's use first available if (binding == null) { binding = idp.getSingleLogoutServices().iterator().next().getBinding(); } return binding; }
public void sendLogoutResponse(SAMLMessageContext context, String statusCode, String statusMessage) throws MetadataProviderException, SAMLException, MessageEncodingException { SAMLObjectBuilder<LogoutResponse> responseBuilder = (SAMLObjectBuilder<LogoutResponse>) builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME); LogoutResponse logoutResponse = responseBuilder.buildObject(); IDPSSODescriptor idpDescriptor = SAMLUtil.getIDPDescriptor(metadata, context.getPeerEntityId()); SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata(); String binding = SAMLUtil.getLogoutBinding(idpDescriptor, spDescriptor); SingleLogoutService logoutService = SAMLUtil.getLogoutServiceForBinding(idpDescriptor, binding); logoutResponse.setID(generateID()); logoutResponse.setIssuer(getIssuer(context.getLocalEntityId())); logoutResponse.setVersion(SAMLVersion.VERSION_20); logoutResponse.setIssueInstant(new DateTime()); logoutResponse.setInResponseTo(context.getInboundSAMLMessageId()); logoutResponse.setDestination(logoutService.getLocation()); Status status = getStatus(statusCode, statusMessage); logoutResponse.setStatus(status); context.setCommunicationProfileId(getProfileIdentifier()); context.setOutboundMessage(logoutResponse); context.setOutboundSAMLMessage(logoutResponse); context.setPeerEntityEndpoint(logoutService); context.setPeerEntityRoleMetadata(idpDescriptor); boolean signMessage = context.getPeerExtendedMetadata().isRequireLogoutResponseSigned(); sendMessage(context, signMessage); }
for (SingleLogoutService singleLogoutService : singleLogoutServices) { if (singleLogoutService != null) { if (singleLogoutService.getBinding() != null && singleLogoutService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) && singleLogoutService.getLocation() != null) { property.setValue(singleLogoutService.getLocation()); foundSingleLogoutServicePostBinding = true; break; for (SingleLogoutService singleLogoutService : singleLogoutServices) { if (singleLogoutService != null) { if (singleLogoutService.getBinding() != null && singleLogoutService.getLocation() != null) { property.setValue(singleLogoutService.getLocation()); foundSingleLogoutServicePostBinding = true; break;
private void setSingleLogoutServices(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){ List<SingleLogoutService> singleLogoutServices = spssoDescriptor.getSingleLogoutServices(); if (singleLogoutServices!=null && singleLogoutServices.size()>0) { boolean foundSingleLogoutServicePostBinding = false; for (SingleLogoutService singleLogoutService : singleLogoutServices) { if (singleLogoutService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { samlssoServiceProviderDO.setSloRequestURL(singleLogoutService.getLocation()); samlssoServiceProviderDO.setSloResponseURL(singleLogoutService.getResponseLocation());//changed foundSingleLogoutServicePostBinding = true; break; } } if (!foundSingleLogoutServicePostBinding) { } samlssoServiceProviderDO.setSloRequestURL(singleLogoutServices.get(0).getLocation()); samlssoServiceProviderDO.setSloResponseURL(singleLogoutServices.get(0).getResponseLocation());//chnaged samlssoServiceProviderDO.setDoSingleLogout(true); } else { samlssoServiceProviderDO.setDoSingleLogout(false); } } private void setX509Certificate(EntityDescriptor entityDescriptor,SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
/** * Returns Single logout service for given binding of the IDP. * * @param descriptor IDP to search for service in * @param binding binding supported by the service * @return SSO service capable of handling the given binding * @throws MetadataProviderException if the service can't be determined */ public static SingleLogoutService getLogoutServiceForBinding(SSODescriptor descriptor, String binding) throws MetadataProviderException { List<SingleLogoutService> services = descriptor.getSingleLogoutServices(); for (SingleLogoutService service : services) { if (binding.equals(service.getBinding())) { return service; } } log.debug("No binding found for IDP with binding " + binding); throw new MetadataProviderException("Binding " + binding + " is not supported for this IDP"); }
boolean found = false; for (SingleLogoutService service : services) { if (response.getDestination().equals(service.getLocation()) && context.getInboundSAMLBinding().equals(service.getBinding())) { found = true; break;
ssoService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); ssoService.setLocation(spMetadata.getSloUrl()); spSSODescriptor.getSingleLogoutServices().add(ssoService); ssoService2.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); ssoService2.setLocation(spMetadata.getSloUrl()); spSSODescriptor.getSingleLogoutServices().add(ssoService2);
protected SingleLogoutService getSingleLogoutService(String entityBaseURL, String entityAlias, String binding) { SAMLObjectBuilder<SingleLogoutService> builder = (SAMLObjectBuilder<SingleLogoutService>) builderFactory.getBuilder(SingleLogoutService.DEFAULT_ELEMENT_NAME); SingleLogoutService logoutService = builder.buildObject(); logoutService.setLocation(getServerURL(entityBaseURL, entityAlias, getSAMLLogoutFilterPath())); logoutService.setBinding(binding); return logoutService; }