import java.util.Arrays;
import java.util.Iterator;
-import javax.servlet.http.HttpServletRequest;
-
import org.apache.log4j.Logger;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.InvalidCryptoException;
throttle = new Semaphore(config.getMaxThreads());
}
- public static void validateEngineData(HttpServletRequest req) throws InvalidClientDataException {
-
- // TODO this should be pulled out into handlers
-
- if ((req.getRemoteAddr() == null) || (req.getRemoteAddr().equals(""))) { throw new InvalidClientDataException(
- "Unable to obtain client address."); }
- }
-
public Logger getTransactionLog() {
return transactionLog;
SAMLException {
if (relyingParty.getIdentityProvider().getSigningCredential() == null
- || relyingParty.getIdentityProvider().getSigningCredential().getPrivateKey() == null) {
- // TODO error out
- }
+ || relyingParty.getIdentityProvider().getSigningCredential().getPrivateKey() == null) { throw new InvalidCryptoException(
+ SAMLException.RESPONDER, "Invalid signing credential."); }
for (int i = 0; i < assertions.length; i++) {
String assertionAlgorithm;
// Make sure we have an appropriate credential
if (relyingParty.getIdentityProvider().getSigningCredential() == null
- || relyingParty.getIdentityProvider().getSigningCredential().getPrivateKey() == null) {
-
- // TODO error
- }
+ || relyingParty.getIdentityProvider().getSigningCredential().getPrivateKey() == null) { throw new InvalidCryptoException(
+ SAMLException.RESPONDER, "Invalid signing credential."); }
// Sign the response
String responseAlgorithm;
--- /dev/null
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials
+ * provided with the distribution, if any, must include the following acknowledgment: "This product includes software
+ * developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu> Internet2 Project.
+ * Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2, nor
+ * the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please contact
+ * shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2, UCAID, or the
+ * University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name, without prior
+ * written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS PROVIDED BY THE
+ * COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE
+ * DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE. IN NO
+ * EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC.
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.idp.provider;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+import org.w3c.dom.Element;
+
+import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
+import edu.internet2.middleware.shibboleth.idp.IdPProtocolHandler;
+import edu.internet2.middleware.shibboleth.idp.InvalidClientDataException;
+
+/**
+ * @author Walter Hoehn
+ */
+public abstract class SSOHandler extends BaseHandler implements IdPProtocolHandler {
+
+ private static Logger log = Logger.getLogger(BaseHandler.class.getName());
+
+ /**
+ * Required DOM-based constructor.
+ */
+ public SSOHandler(Element config) throws ShibbolethConfigurationException {
+
+ super(config);
+
+ }
+
+ public static void validateEngineData(HttpServletRequest req) throws InvalidClientDataException {
+
+ if ((req.getRemoteAddr() == null) || (req.getRemoteAddr().equals(""))) { throw new InvalidClientDataException(
+ "Unable to obtain client address."); }
+ }
+}
projects / java-idp.git / commitdiff