JBoss Identity SVN: r519 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp and 2 other directories.
7:41 a.m.
Author: anil.saldhana(a)jboss.com
Date: 2009-05-23 01:41:31 -0400 (Sat, 23 May 2009)
New Revision: 519
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
Log:
JBID-117: generic exception catch clean
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/servlets/CircleOfTrustServlet.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -169,10 +169,11 @@
try
{
trustedProviders = configProvider.loadTrustedProviders(spName);
- }
- catch(Exception e)
+ }
+ catch (ClassNotFoundException e)
{
log("Error obtaining the trusted providers for "+spName);
+ throw new RuntimeException(e);
}
finally
{
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -112,7 +112,18 @@
if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
{
ResponseType errorResponseType = this.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get());
- send(errorResponseType, request.getParameter("RelayState"),
response);
+ try
+ {
+ send(errorResponseType, request.getParameter("RelayState"),
response);
+ }
+ catch (ParsingException e)
+ {
+ log.error(e);
+ }
+ catch (ProcessingException e)
+ {
+ log.error(e);
+ }
return;
}
@@ -140,7 +151,18 @@
if(requestAbstractType != null)
referer = requestAbstractType.getIssuer().getValue();
ResponseType errorResponseType = this.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_RESPONDER.get());
- send(errorResponseType,
request.getParameter("RelayState"), response);
+ try
+ {
+ send(errorResponseType,
request.getParameter("RelayState"), response);
+ }
+ catch (ParsingException e1)
+ {
+ log.error(e1);
+ }
+ catch (ProcessingException e1)
+ {
+ log.error(e1);
+ }
}
}
else
@@ -178,30 +200,38 @@
}
}
- protected void send(ResponseType responseType, String relayState, Response response)
throws ServletException
+ protected void send(ResponseType responseType, String relayState, Response response)
+ throws ParsingException, ProcessingException
{
try
{
SAML2Response saml2Response = new SAML2Response();
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- saml2Response.marshall(responseType, baos);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ saml2Response.marshall(responseType, baos);
- String urlEncodedResponse =
RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());
+ String urlEncodedResponse =
RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());
- String destination = responseType.getDestination();
- log.trace("IDP:Destination=" + destination);
-
- if(relayState != null && relayState.length() > 0)
- relayState = RedirectBindingUtil.urlEncode(relayState);
-
- String finalDest = destination + this.getDestination(urlEncodedResponse,
relayState);
- HTTPRedirectUtil.sendRedirectForResponder(finalDest, response);
- }
- catch(Exception e)
+ String destination = responseType.getDestination();
+ log.trace("IDP:Destination=" + destination);
+
+ if(relayState != null && relayState.length() > 0)
+ relayState = RedirectBindingUtil.urlEncode(relayState);
+
+ String finalDest = destination + this.getDestination(urlEncodedResponse,
relayState);
+ HTTPRedirectUtil.sendRedirectForResponder(finalDest, response);
+ }
+ catch (JAXBException e)
{
- log.error("Exception in send::",e);
- throw new ServletException(e.getLocalizedMessage());
+ throw new ParsingException(e);
}
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (IOException e)
+ {
+ throw new ProcessingException(e);
+ }
}
/**
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -43,8 +43,10 @@
import org.jboss.identity.federation.bindings.interfaces.RoleGenerator;
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
@@ -106,14 +108,15 @@
//Look for unauthorized status
if(response.getStatus() == HttpServletResponse.SC_FORBIDDEN)
{
- ResponseType errorResponseType =
- webRequestUtil.getErrorResponse(referer,
+ try
+ {
+ ResponseType errorResponseType =
+ webRequestUtil.getErrorResponse(referer,
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
this.identityURL);
- try
- {
+
webRequestUtil.send(errorResponseType, relayState, response);
- }
+ }
catch (ParsingException e)
{
throw new ServletException(e);
@@ -138,29 +141,54 @@
{
//Get the SAML Request Message
RequestAbstractType requestAbstractType = null;
- try
- {
- requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
- this.validate(request);
- webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());
+ ResponseType responseType = null;
+
+ try
+ {
+ requestAbstractType = webRequestUtil.getSAMLRequest(samlMessage);
+ this.validate(request);
+ webRequestUtil.isTrusted(requestAbstractType.getIssuer().getValue());
- List<String> roles = rg.generateRoles(userPrincipal);
+ List<String> roles = rg.generateRoles(userPrincipal);
- AuthnRequestType art = (AuthnRequestType) requestAbstractType;
- ResponseType responseType =
- webRequestUtil.getResponse(art.getAssertionConsumerServiceURL(),
- userPrincipal, roles,
- this.identityURL, this.assertionValidity);
- webRequestUtil.send(responseType, relayState, response);
-
- }
- catch (Exception e)
- {
- log.error("Exception:" ,e);
- if(requestAbstractType != null)
- referer = requestAbstractType.getIssuer().getValue();
- sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
- }
+ AuthnRequestType art = (AuthnRequestType) requestAbstractType;
+ responseType =
+ webRequestUtil.getResponse(art.getAssertionConsumerServiceURL(),
+ userPrincipal, roles,
+ this.identityURL, this.assertionValidity);
+ }
+ catch (IssuerNotTrustedException e)
+ {
+ responseType =
+ webRequestUtil.getErrorResponse(referer,
+ JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get(),
+ this.identityURL);
+ }
+ catch (ParsingException e)
+ {
+ responseType =
+ webRequestUtil.getErrorResponse(referer,
+ JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
+ this.identityURL);
+ }
+ catch (ConfigurationException e)
+ {
+ responseType =
+ webRequestUtil.getErrorResponse(referer,
+ JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
+ this.identityURL);
+ }
+ finally
+ {
+ try
+ {
+ webRequestUtil.send(responseType, relayState, response);
+ }
+ catch (ParsingException e)
+ {
+ log.trace(e);
+ }
+ }
return;
}
else
@@ -168,13 +196,20 @@
log.error("No SAML Request Message");
log.trace("Referer="+referer);
- sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
+ try
+ {
+ sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
+ }
+ catch (ConfigurationException e)
+ {
+ log.trace(e);
+ }
}
}
}
protected void sendErrorResponseToSP(String referrer, Response response, String
relayState,
- IDPWebRequestUtil webRequestUtil) throws ServletException, IOException
+ IDPWebRequestUtil webRequestUtil) throws ServletException, IOException,
ConfigurationException
{
ResponseType errorResponseType =
webRequestUtil.getErrorResponse(referrer,
JBossSAMLURIConstants.STATUS_RESPONDER.get(),
@@ -190,6 +225,7 @@
}
+
//***************Lifecycle
/**
* The lifecycle event support for this component.
@@ -287,7 +323,7 @@
started = false;
}
- protected boolean validate(Request request) throws Exception
+ protected boolean validate(Request request)
{
return request.getParameter("SAMLRequest") != null;
}
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebRequestUtil.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -29,7 +29,6 @@
import java.security.Principal;
import java.util.List;
-import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.xml.bind.JAXBException;
import javax.xml.datatype.DatatypeConfigurationException;
@@ -40,7 +39,7 @@
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
import org.jboss.identity.federation.bindings.config.IDPType;
-import org.jboss.identity.federation.bindings.config.TrustType;
+import org.jboss.identity.federation.bindings.config.TrustType;
import org.jboss.identity.federation.bindings.util.HTTPRedirectUtil;
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.RedirectBindingUtil;
@@ -101,7 +100,8 @@
return postProfile;
}
- public RequestAbstractType getSAMLRequest(String samlMessage) throws JAXBException,
SAXException
+ public RequestAbstractType getSAMLRequest(String samlMessage)
+ throws ParsingException
{
InputStream is = null;
SAML2Request saml2Request = new SAML2Request();
@@ -116,7 +116,18 @@
is = new ByteArrayInputStream(samlBytes);
}
- return saml2Request.getRequestType(is);
+ try
+ {
+ return saml2Request.getRequestType(is);
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
}
@@ -124,7 +135,8 @@
Principal userPrincipal,
List<String> roles,
String identityURL,
- long assertionValidity) throws ConfigurationException,
DatatypeConfigurationException, JAXBException, SAXException
+ long assertionValidity)
+ throws ConfigurationException
{
ResponseType responseType = null;
@@ -152,13 +164,31 @@
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
//Add timed conditions
- saml2Response.createTimedConditions(assertion, assertionValidity);
+ try
+ {
+ saml2Response.createTimedConditions(assertion, assertionValidity);
+ }
+ catch (DatatypeConfigurationException e)
+ {
+ throw new ConfigurationException(e);
+ }
//Lets see how the response looks like
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
log.trace("Response="+sw.toString());
}
@@ -273,15 +303,13 @@
* @param status
* @param identityURL
* @return
- * @throws ServletException
+ * @throws ConfigurationException
*/
public ResponseType getErrorResponse(String responseURL, String status,
- String identityURL) throws ServletException
+ String identityURL)
{
if(redirectProfile)
{
- try
- {
ResponseType responseType = null;
SAML2Response saml2Response = new SAML2Response();
@@ -298,24 +326,37 @@
SPInfoHolder sp = new SPInfoHolder();
sp.setResponseDestinationURI(responseURL);
- responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
+ try
+ {
+ responseType = saml2Response.createResponseType(id, sp, idp,
issuerHolder);
+ }
+ catch (ConfigurationException e1)
+ {
+ log.trace(e1);
+ responseType = saml2Response.createResponseType();
+ }
log.debug("ResponseType = ");
//Lets see how the response looks like
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
+ try
+ {
+ saml2Response.marshall(responseType, sw);
+ }
+ catch (JAXBException e)
+ {
+ log.trace(e);
+ }
+ catch (SAXException e)
+ {
+ log.trace(e);
+ }
log.trace("Response="+sw.toString());
}
- return responseType;
- }
- catch(Exception e)
- {
- log.error("Exception in getErrorResponse::",e);
- throw new ServletException(e.getLocalizedMessage());
- }
+ return responseType;
}
return null;
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -102,6 +102,15 @@
}
/**
+ * Create an empty response type
+ * @return
+ */
+ public ResponseType createResponseType()
+ {
+ return JBossSAMLAuthnResponseFactory.createResponseType();
+ }
+
+ /**
* Create a ResponseType
* @param ID
* @param issuerInfo
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-05-23
05:40:53 UTC (rev 518)
+++
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-05-23
05:41:31 UTC (rev 519)
@@ -68,6 +68,15 @@
}
/**
+ * Create an empty response type
+ * @return
+ */
+ public static ResponseType createResponseType()
+ {
+ return SAMLProtocolFactory.getObjectFactory().createResponseType();
+ }
+
+ /**
* Create a ResponseType
* @param ID id of the response
* @param sp holder with the information about the Service Provider
5729
days inactive
5729
days old
jboss-identity-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
jboss-identity-commits@lists.jboss.org