Author: anil.saldhana(a)jboss.com
Date: 2011-07-06 00:33:33 -0400 (Wed, 06 Jul 2011)
New Revision: 1063
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
Log:
break the long invoke method into sub methods
Modified:
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
---
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06
04:09:10 UTC (rev 1062)
+++
federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2011-07-06
04:33:33 UTC (rev 1063)
@@ -329,327 +329,397 @@
log.trace(builder.toString());
}
- if (isNotNull(samlRequestMessage))
- session.removeNote(GeneralConstants.SAML_REQUEST_KEY);
- if (isNotNull(samlResponseMessage))
- session.removeNote(GeneralConstants.SAML_RESPONSE_KEY);
+ //Send valid saml response after processing the request
+ if (samlRequestMessage != null)
+ {
+ processSAMLRequestMessage(webRequestUtil, request, response);
+ }
+ else if (isNotNull(samlResponseMessage))
+ {
+ processSAMLResponseMessage(webRequestUtil, request, response);
+ }
+ else
+ {
+ log.error("No SAML Request or Response Message");
+ if (trace)
+ log.trace("Referer=" + referer);
- if (isNotNull(relayState))
- session.removeNote(GeneralConstants.RELAY_STATE);
+ try
+ {
+ sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
+ }
+ catch (ConfigurationException e)
+ {
+ if (trace)
+ log.trace(e);
+ }
+ }
+ }
+ }
- if (isNotNull(signature))
- session.removeNote("Signature");
- if (isNotNull(sigAlg))
- session.removeNote("sigAlg");
+ protected void processSAMLRequestMessage(IDPWebRequestUtil webRequestUtil, Request
request, Response response)
+ throws IOException
+ {
+ Principal userPrincipal = request.getPrincipal();
+ Session session = request.getSessionInternal();
+ SAMLDocumentHolder samlDocumentHolder = null;
+ SAML2Object samlObject = null;
- boolean willSendRequest = false;
+ Document samlResponse = null;
+ String destination = null;
- SAMLDocumentHolder samlDocumentHolder = null;
- SAML2Object samlObject = null;
+ Boolean requestedPostProfile = null;
- Document samlResponse = null;
- String destination = null;
+ //Get the SAML Request Message
+ RequestAbstractType requestAbstractType = null;
+ String samlRequestMessage = (String)
session.getNote(GeneralConstants.SAML_REQUEST_KEY);
- Boolean requestedPostProfile = null;
+ String relayState = (String) session.getNote(GeneralConstants.RELAY_STATE);
+ String signature = (String) session.getNote("Signature");
+ String sigAlg = (String) session.getNote("sigAlg");
- //Send valid saml response after processing the request
- if (samlRequestMessage != null)
- {
- //Get the SAML Request Message
- RequestAbstractType requestAbstractType = null;
+ boolean willSendRequest = false;
- try
- {
- samlDocumentHolder =
webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
- samlObject = samlDocumentHolder.getSamlObject();
+ String referer = request.getHeader("Referer");
- boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
- boolean isValid = validate(request.getRemoteAddr(),
request.getQueryString(), new SessionHolder(
- samlRequestMessage, signature, sigAlg), isPost);
+ cleanUpSessionNote(request);
- if (!isValid)
- throw new GeneralSecurityException("Validation check
failed");
+ try
+ {
+ samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
+ samlObject = samlDocumentHolder.getSamlObject();
- String issuer = null;
- IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
- ProtocolContext protocolContext = new HTTPContext(request, response,
context.getServletContext());
- //Create the request/response
- SAML2HandlerRequest saml2HandlerRequest = new
DefaultSAML2HandlerRequest(protocolContext,
- idpIssuer.getIssuer(), samlDocumentHolder, HANDLER_TYPE.IDP);
- saml2HandlerRequest.setRelayState(relayState);
+ boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
+ boolean isValid = validate(request.getRemoteAddr(), request.getQueryString(),
new SessionHolder(
+ samlRequestMessage, signature, sigAlg), isPost);
- String assertionID = (String)
session.getSession().getAttribute(GeneralConstants.ASSERTION_ID);
+ if (!isValid)
+ throw new GeneralSecurityException("Validation check failed");
- //Set the options on the handler request
- Map<String, Object> requestOptions = new HashMap<String,
Object>();
- if (this.ignoreIncomingSignatures)
- requestOptions.put(GeneralConstants.IGNORE_SIGNATURES, Boolean.TRUE);
- requestOptions.put(GeneralConstants.ROLE_GENERATOR, roleGenerator);
- requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY,
this.assertionValidity);
- requestOptions.put(GeneralConstants.CONFIGURATION,
this.idpConfiguration);
- if (assertionID != null)
- requestOptions.put(GeneralConstants.ASSERTION_ID, assertionID);
+ String issuer = null;
+ IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
+ ProtocolContext protocolContext = new HTTPContext(request, response,
context.getServletContext());
+ //Create the request/response
+ SAML2HandlerRequest saml2HandlerRequest = new
DefaultSAML2HandlerRequest(protocolContext,
+ idpIssuer.getIssuer(), samlDocumentHolder, HANDLER_TYPE.IDP);
+ saml2HandlerRequest.setRelayState(relayState);
- if (this.keyManager != null)
- {
- String remoteHost = request.getRemoteAddr();
- if (trace)
- {
- log.trace("Remote Host=" + remoteHost);
- }
- PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager,
remoteHost);
- requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
- requestOptions.put(GeneralConstants.DECRYPTING_KEY,
keyManager.getSigningKey());
- }
+ String assertionID = (String)
session.getSession().getAttribute(GeneralConstants.ASSERTION_ID);
- Map<String, Object> attribs =
this.attribManager.getAttributes(userPrincipal, attributeKeys);
- requestOptions.put(GeneralConstants.ATTRIBUTES, attribs);
+ //Set the options on the handler request
+ Map<String, Object> requestOptions = new HashMap<String, Object>();
+ if (this.ignoreIncomingSignatures)
+ requestOptions.put(GeneralConstants.IGNORE_SIGNATURES, Boolean.TRUE);
+ requestOptions.put(GeneralConstants.ROLE_GENERATOR, roleGenerator);
+ requestOptions.put(GeneralConstants.ASSERTIONS_VALIDITY,
this.assertionValidity);
+ requestOptions.put(GeneralConstants.CONFIGURATION, this.idpConfiguration);
+ if (assertionID != null)
+ requestOptions.put(GeneralConstants.ASSERTION_ID, assertionID);
- saml2HandlerRequest.setOptions(requestOptions);
+ if (this.keyManager != null)
+ {
+ String remoteHost = request.getRemoteAddr();
+ if (trace)
+ {
+ log.trace("Remote Host=" + remoteHost);
+ }
+ PublicKey validatingKey = CoreConfigUtil.getValidatingKey(keyManager,
remoteHost);
+ requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey);
+ requestOptions.put(GeneralConstants.DECRYPTING_KEY,
keyManager.getSigningKey());
+ }
- List<String> roles = roleGenerator.generateRoles(userPrincipal);
- session.getSession().setAttribute(GeneralConstants.ROLES_ID, roles);
+ Map<String, Object> attribs =
this.attribManager.getAttributes(userPrincipal, attributeKeys);
+ requestOptions.put(GeneralConstants.ATTRIBUTES, attribs);
- SAML2HandlerResponse saml2HandlerResponse = new
DefaultSAML2HandlerResponse();
+ saml2HandlerRequest.setOptions(requestOptions);
- Set<SAML2Handler> handlers = chain.handlers();
+ List<String> roles = roleGenerator.generateRoles(userPrincipal);
+ session.getSession().setAttribute(GeneralConstants.ROLES_ID, roles);
- if (trace)
- {
- log.trace("Handlers are=" + handlers);
- }
+ SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();
- if (samlObject instanceof RequestAbstractType)
- {
- requestAbstractType = (RequestAbstractType) samlObject;
- issuer = requestAbstractType.getIssuer().getValue();
- webRequestUtil.isTrusted(issuer);
+ Set<SAML2Handler> handlers = chain.handlers();
- if (handlers != null)
- {
- try
- {
- chainLock.lock();
- for (SAML2Handler handler : handlers)
- {
- handler.handleRequestType(saml2HandlerRequest,
saml2HandlerResponse);
- willSendRequest = saml2HandlerResponse.getSendRequest();
- }
- }
- finally
- {
- chainLock.unlock();
- }
- }
- }
- else
- throw new RuntimeException("Unknown type:" +
samlObject.getClass().getName());
+ if (trace)
+ {
+ log.trace("Handlers are=" + handlers);
+ }
- samlResponse = saml2HandlerResponse.getResultingDocument();
- relayState = saml2HandlerResponse.getRelayState();
+ if (samlObject instanceof RequestAbstractType)
+ {
+ requestAbstractType = (RequestAbstractType) samlObject;
+ issuer = requestAbstractType.getIssuer().getValue();
+ webRequestUtil.isTrusted(issuer);
- destination = saml2HandlerResponse.getDestination();
-
- requestedPostProfile = saml2HandlerResponse.isPostBindingForResponse();
- }
- catch (Exception e)
+ if (handlers != null)
{
- String status = JBossSAMLURIConstants.STATUS_AUTHNFAILED.get();
- if (e instanceof IssuerNotTrustedException)
- {
- status = JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get();
- }
- log.error("Exception in processing request:", e);
- samlResponse = webRequestUtil.getErrorResponse(referer, status,
this.identityURL,
- this.signOutgoingMessages);
- }
- finally
- {
try
{
- boolean postProfile = webRequestUtil.hasSAMLRequestInPostProfile();
- if (postProfile)
- recycle(response);
-
- WebRequestUtilHolder holder = webRequestUtil.getHolder();
-
holder.setResponseDoc(samlResponse).setDestination(destination).setRelayState(relayState)
-
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
- .setServletResponse(response);
-
- if (requestedPostProfile != null)
- holder.setPostBindingRequested(requestedPostProfile);
- else
- holder.setPostBindingRequested(postProfile);
-
- if (this.signOutgoingMessages)
+ chainLock.lock();
+ for (SAML2Handler handler : handlers)
{
-
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
+ handler.handleRequestType(saml2HandlerRequest,
saml2HandlerResponse);
+ willSendRequest = saml2HandlerResponse.getSendRequest();
}
-
- webRequestUtil.send(holder);
}
- catch (ParsingException e)
+ finally
{
- if (trace)
- log.trace("Parsing exception:", e);
+ chainLock.unlock();
}
- catch (GeneralSecurityException e)
- {
- if (trace)
- log.trace("Security Exception:", e);
- }
}
- return;
}
- else if (isNotNull(samlResponseMessage))
+ else
+ throw new RuntimeException("Unknown type:" +
samlObject.getClass().getName());
+
+ samlResponse = saml2HandlerResponse.getResultingDocument();
+ relayState = saml2HandlerResponse.getRelayState();
+
+ destination = saml2HandlerResponse.getDestination();
+
+ requestedPostProfile = saml2HandlerResponse.isPostBindingForResponse();
+ }
+ catch (Exception e)
+ {
+ String status = JBossSAMLURIConstants.STATUS_AUTHNFAILED.get();
+ if (e instanceof IssuerNotTrustedException)
{
- StatusResponseType statusResponseType = null;
- try
+ status = JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get();
+ }
+ log.error("Exception in processing request:", e);
+ samlResponse = webRequestUtil.getErrorResponse(referer, status,
this.identityURL, this.signOutgoingMessages);
+ }
+ finally
+ {
+ try
+ {
+ boolean postProfile = webRequestUtil.hasSAMLRequestInPostProfile();
+ if (postProfile)
+ recycle(response);
+
+ WebRequestUtilHolder holder = webRequestUtil.getHolder();
+
holder.setResponseDoc(samlResponse).setDestination(destination).setRelayState(relayState)
+
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
+ .setServletResponse(response);
+
+ if (requestedPostProfile != null)
+ holder.setPostBindingRequested(requestedPostProfile);
+ else
+ holder.setPostBindingRequested(postProfile);
+
+ if (this.signOutgoingMessages)
{
- samlDocumentHolder =
webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
- samlObject = samlDocumentHolder.getSamlObject();
+
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
+ }
- boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
- boolean isValid = false;
+ webRequestUtil.send(holder);
+ }
+ catch (ParsingException e)
+ {
+ if (trace)
+ log.trace("Parsing exception:", e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ if (trace)
+ log.trace("Security Exception:", e);
+ }
+ }
+ return;
+ }
- String remoteAddress = request.getRemoteAddr();
+ protected void processSAMLResponseMessage(IDPWebRequestUtil webRequestUtil, Request
request, Response response)
+ throws ServletException, IOException
+ {
+ Session session = request.getSessionInternal();
+ SAMLDocumentHolder samlDocumentHolder = null;
+ SAML2Object samlObject = null;
- if (isPost)
- {
- //Validate
- SAML2Signature samlSignature = new SAML2Signature();
+ Document samlResponse = null;
+ String destination = null;
- if (ignoreIncomingSignatures == false && signOutgoingMessages
== true)
- {
- PublicKey publicKey = keyManager.getValidatingKey(remoteAddress);
- isValid =
samlSignature.validate(samlDocumentHolder.getSamlDocument(), publicKey);
- }
- else
- isValid = true;
- }
- else
- {
- isValid = validate(remoteAddress, request.getQueryString(), new
SessionHolder(samlResponseMessage,
- signature, sigAlg), isPost);
- }
+ Boolean requestedPostProfile = null;
- if (!isValid)
- throw new GeneralSecurityException("Validation check
failed");
+ //Get the SAML Response Message
+ String samlResponseMessage = (String)
session.getNote(GeneralConstants.SAML_RESPONSE_KEY);
+ String relayState = (String) session.getNote(GeneralConstants.RELAY_STATE);
+ String signature = (String) session.getNote("Signature");
+ String sigAlg = (String) session.getNote("sigAlg");
- String issuer = null;
- IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
- ProtocolContext protocolContext = new HTTPContext(request, response,
context.getServletContext());
- //Create the request/response
- SAML2HandlerRequest saml2HandlerRequest = new
DefaultSAML2HandlerRequest(protocolContext,
- idpIssuer.getIssuer(), samlDocumentHolder, HANDLER_TYPE.IDP);
- saml2HandlerRequest.setRelayState(relayState);
+ boolean willSendRequest = false;
- SAML2HandlerResponse saml2HandlerResponse = new
DefaultSAML2HandlerResponse();
+ String referer = request.getHeader("Referer");
- Set<SAML2Handler> handlers = chain.handlers();
+ cleanUpSessionNote(request);
- if (samlObject instanceof StatusResponseType)
- {
- statusResponseType = (StatusResponseType) samlObject;
- issuer = statusResponseType.getIssuer().getValue();
- webRequestUtil.isTrusted(issuer);
+ StatusResponseType statusResponseType = null;
+ try
+ {
+ samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
+ samlObject = samlDocumentHolder.getSamlObject();
- if (handlers != null)
- {
- try
- {
- chainLock.lock();
- for (SAML2Handler handler : handlers)
- {
- handler.reset();
- handler.handleStatusResponseType(saml2HandlerRequest,
saml2HandlerResponse);
- willSendRequest = saml2HandlerResponse.getSendRequest();
- }
- }
- finally
- {
- chainLock.unlock();
- }
- }
- }
- else
- throw new RuntimeException("Unknown type:" +
samlObject.getClass().getName());
+ boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
+ boolean isValid = false;
- samlResponse = saml2HandlerResponse.getResultingDocument();
- relayState = saml2HandlerResponse.getRelayState();
+ String remoteAddress = request.getRemoteAddr();
- destination = saml2HandlerResponse.getDestination();
- requestedPostProfile = saml2HandlerResponse.isPostBindingForResponse();
- }
- catch (Exception e)
+ if (isPost)
+ {
+ //Validate
+ SAML2Signature samlSignature = new SAML2Signature();
+
+ if (ignoreIncomingSignatures == false && signOutgoingMessages ==
true)
{
- String status = JBossSAMLURIConstants.STATUS_AUTHNFAILED.get();
- if (e instanceof IssuerNotTrustedException)
- {
- status = JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get();
- }
- log.error("Exception in processing request:", e);
- samlResponse = webRequestUtil.getErrorResponse(referer, status,
this.identityURL,
- this.signOutgoingMessages);
+ PublicKey publicKey = keyManager.getValidatingKey(remoteAddress);
+ isValid = samlSignature.validate(samlDocumentHolder.getSamlDocument(),
publicKey);
}
- finally
+ else
+ isValid = true;
+ }
+ else
+ {
+ isValid = validate(remoteAddress, request.getQueryString(), new
SessionHolder(samlResponseMessage,
+ signature, sigAlg), isPost);
+ }
+
+ if (!isValid)
+ throw new GeneralSecurityException("Validation check failed");
+
+ String issuer = null;
+ IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
+ ProtocolContext protocolContext = new HTTPContext(request, response,
context.getServletContext());
+ //Create the request/response
+ SAML2HandlerRequest saml2HandlerRequest = new
DefaultSAML2HandlerRequest(protocolContext,
+ idpIssuer.getIssuer(), samlDocumentHolder, HANDLER_TYPE.IDP);
+ saml2HandlerRequest.setRelayState(relayState);
+
+ SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();
+
+ Set<SAML2Handler> handlers = chain.handlers();
+
+ if (samlObject instanceof StatusResponseType)
+ {
+ statusResponseType = (StatusResponseType) samlObject;
+ issuer = statusResponseType.getIssuer().getValue();
+ webRequestUtil.isTrusted(issuer);
+
+ if (handlers != null)
{
try
{
- boolean postProfile = webRequestUtil.hasSAMLRequestInPostProfile();
- if (postProfile)
- recycle(response);
-
- WebRequestUtilHolder holder = webRequestUtil.getHolder();
- if (destination == null)
- throw new ServletException("Destination is null");
-
holder.setResponseDoc(samlResponse).setDestination(destination).setRelayState(relayState)
-
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
-
.setServletResponse(response).setPostBindingRequested(requestedPostProfile);
-
- if (requestedPostProfile != null)
- holder.setPostBindingRequested(requestedPostProfile);
- else
- holder.setPostBindingRequested(postProfile);
-
- if (this.signOutgoingMessages)
+ chainLock.lock();
+ for (SAML2Handler handler : handlers)
{
-
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
+ handler.reset();
+ handler.handleStatusResponseType(saml2HandlerRequest,
saml2HandlerResponse);
+ willSendRequest = saml2HandlerResponse.getSendRequest();
}
- webRequestUtil.send(holder);
}
- catch (ParsingException e)
+ finally
{
- if (trace)
- log.trace("Parsing exception:", e);
+ chainLock.unlock();
}
- catch (GeneralSecurityException e)
- {
- if (trace)
- log.trace("Security Exception:", e);
- }
}
- return;
}
else
+ throw new RuntimeException("Unknown type:" +
samlObject.getClass().getName());
+
+ samlResponse = saml2HandlerResponse.getResultingDocument();
+ relayState = saml2HandlerResponse.getRelayState();
+
+ destination = saml2HandlerResponse.getDestination();
+ requestedPostProfile = saml2HandlerResponse.isPostBindingForResponse();
+ }
+ catch (Exception e)
+ {
+ String status = JBossSAMLURIConstants.STATUS_AUTHNFAILED.get();
+ if (e instanceof IssuerNotTrustedException)
{
- log.error("No SAML Request or Response Message");
- if (trace)
- log.trace("Referer=" + referer);
+ status = JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get();
+ }
+ log.error("Exception in processing request:", e);
+ samlResponse = webRequestUtil.getErrorResponse(referer, status,
this.identityURL, this.signOutgoingMessages);
+ }
+ finally
+ {
+ try
+ {
+ boolean postProfile = webRequestUtil.hasSAMLRequestInPostProfile();
+ if (postProfile)
+ recycle(response);
- try
+ WebRequestUtilHolder holder = webRequestUtil.getHolder();
+ if (destination == null)
+ throw new ServletException("Destination is null");
+
holder.setResponseDoc(samlResponse).setDestination(destination).setRelayState(relayState)
+
.setAreWeSendingRequest(willSendRequest).setPrivateKey(null).setSupportSignature(false)
+
.setServletResponse(response).setPostBindingRequested(requestedPostProfile);
+
+ if (requestedPostProfile != null)
+ holder.setPostBindingRequested(requestedPostProfile);
+ else
+ holder.setPostBindingRequested(postProfile);
+
+ if (this.signOutgoingMessages)
{
- sendErrorResponseToSP(referer, response, relayState, webRequestUtil);
+
holder.setPrivateKey(keyManager.getSigningKey()).setSupportSignature(true);
}
- catch (ConfigurationException e)
- {
- if (trace)
- log.trace(e);
- }
+ webRequestUtil.send(holder);
}
+ catch (ParsingException e)
+ {
+ if (trace)
+ log.trace("Parsing exception:", e);
+ }
+ catch (GeneralSecurityException e)
+ {
+ if (trace)
+ log.trace("Security Exception:", e);
+ }
}
+ return;
}
+ protected void cleanUpSessionNote(Request request)
+ {
+ Session session = request.getSessionInternal();
+ /**
+ * Since the container has finished the authentication,
+ * we can retrieve the original saml message as well as
+ * any relay state from the SP
+ */
+ String samlRequestMessage = (String)
session.getNote(GeneralConstants.SAML_REQUEST_KEY);
+
+ String samlResponseMessage = (String)
session.getNote(GeneralConstants.SAML_RESPONSE_KEY);
+ String relayState = (String) session.getNote(GeneralConstants.RELAY_STATE);
+ String signature = (String) session.getNote("Signature");
+ String sigAlg = (String) session.getNote("sigAlg");
+
+ if (trace)
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append("Retrieved saml messages and relay state from
session");
+ builder.append("saml Request message=").append(samlRequestMessage);
+ builder.append("::").append("SAMLResponseMessage=");
+ builder.append(samlResponseMessage).append(":").append("relay
state=").append(relayState);
+
+
builder.append("Signature=").append(signature).append("::sigAlg=").append(sigAlg);
+ log.trace(builder.toString());
+ }
+
+ if (isNotNull(samlRequestMessage))
+ session.removeNote(GeneralConstants.SAML_REQUEST_KEY);
+ if (isNotNull(samlResponseMessage))
+ session.removeNote(GeneralConstants.SAML_RESPONSE_KEY);
+
+ if (isNotNull(relayState))
+ session.removeNote(GeneralConstants.RELAY_STATE);
+
+ if (isNotNull(signature))
+ session.removeNote("Signature");
+ if (isNotNull(sigAlg))
+ session.removeNote("sigAlg");
+ }
+
protected void sendErrorResponseToSP(String referrer, Response response, String
relayState,
IDPWebRequestUtil webRequestUtil) throws ServletException, IOException,
ConfigurationException
{