Updated attribute request handler to honor new interface.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 5 Sep 2006 18:53:46 +0000 (18:53 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 5 Sep 2006 18:53:46 +0000 (18:53 +0000)
Pushed common functionality into base class.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2013 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_1ArtifactQueryHandler.java
src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_AttributeQueryHandler.java
src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_Base_QueryHandler.java [new file with mode: 0644]

index 05da451..907121c 100644 (file)
@@ -26,10 +26,8 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.log4j.Logger;
-import org.opensaml.NoSuchProviderException;
 import org.opensaml.SAMLAssertion;
 import org.opensaml.SAMLBinding;
-import org.opensaml.SAMLBindingFactory;
 import org.opensaml.SAMLException;
 import org.opensaml.SAMLRequest;
 import org.opensaml.SAMLResponse;
@@ -50,7 +48,7 @@ import edu.internet2.middleware.shibboleth.idp.RequestHandlingException;
 /**
  * @author Walter Hoehn
  */
-public class SAMLv1_1ArtifactQueryHandler extends BaseServiceHandler implements IdPProtocolHandler {
+public class SAMLv1_1ArtifactQueryHandler extends SAMLv1_Base_QueryHandler implements IdPProtocolHandler {
 
        private static Logger log = Logger.getLogger(SAMLv1_1ArtifactQueryHandler.class.getName());
        private SAMLBinding binding;
@@ -58,13 +56,6 @@ public class SAMLv1_1ArtifactQueryHandler extends BaseServiceHandler implements
        public SAMLv1_1ArtifactQueryHandler(Element config) throws ShibbolethConfigurationException {
 
                super(config);
-
-               try {
-                       binding = SAMLBindingFactory.getInstance(SAMLBinding.SOAP);
-               } catch (NoSuchProviderException e) {
-                       log.error("Unable to initialize SAML SOAP binding:" + e);
-                       throw new ShibbolethConfigurationException("Couldn't initialize " + getHandlerName() + " handler.");
-               }
        }
 
        /*
@@ -84,22 +75,8 @@ public class SAMLv1_1ArtifactQueryHandler extends BaseServiceHandler implements
 
                log.info("Received a request to dereference assertion artifacts.");
 
-               // Parse SOAP request and marshall SAML request object
-               SAMLRequest samlRequest = null;
-               try {
-                       samlRequest = binding.receive(request, 1);
-               } catch (SAMLException e) {
-                       log.error("Unable to parse request: " + e);
-                       throw new RequestHandlingException("Invalid request data.");
-               }
+               SAMLRequest samlRequest = parseSAMLRequest(request);
 
-               // If we have DEBUG logging turned on, dump out the request to the log
-               // This takes some processing, so only do it if we need to
-               if (log.isDebugEnabled()) {
-                       log
-                                       .debug("Dumping generated SAML Request:" + System.getProperty("line.separator")
-                                                       + samlRequest.toString());
-               }
                try {
 
                        // Pull credential from request
@@ -218,25 +195,7 @@ public class SAMLv1_1ArtifactQueryHandler extends BaseServiceHandler implements
                        binding.respond(response, samlResponse, null);
 
                } catch (SAMLException e) {
-
-                       log.error("Error while processing request: " + e);
-                       try {
-                               SAMLResponse samlResponse = new SAMLResponse((samlRequest != null) ? samlRequest.getId() : null, null,
-                                               null, e);
-                               if (log.isDebugEnabled()) {
-                                       log.debug("Dumping generated SAML Error Response:" + System.getProperty("line.separator")
-                                                       + samlResponse.toString());
-                               }
-                               binding.respond(response, samlResponse, null);
-                               log.debug("Returning SAML Error Response.");
-                       } catch (SAMLException se) {
-                               try {
-                                       binding.respond(response, null, e);
-                               } catch (SAMLException e1) {
-                                       log.error("Caught exception while responding to requester: " + e.getMessage());
-                                       throw new RequestHandlingException(e1.getMessage());
-                               }
-                       }
+                       respondWithError(response, samlRequest, e);
                }
        }
 
index 0f504b1..1eeaa74 100644 (file)
@@ -16,7 +16,6 @@
 
 package edu.internet2.middleware.shibboleth.idp.provider;
 
-import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.security.Principal;
@@ -64,13 +63,14 @@ import edu.internet2.middleware.shibboleth.common.RelyingParty;
 import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
 import edu.internet2.middleware.shibboleth.idp.IdPProtocolHandler;
 import edu.internet2.middleware.shibboleth.idp.IdPProtocolSupport;
+import edu.internet2.middleware.shibboleth.idp.RequestHandlingException;
 
 /**
  * @author Walter Hoehn
  */
-public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements IdPProtocolHandler {
+public class SAMLv1_AttributeQueryHandler extends SAMLv1_Base_QueryHandler implements IdPProtocolHandler {
 
-       private static Logger log = Logger.getLogger(SAMLv1_AttributeQueryHandler.class.getName());
+       static Logger log = Logger.getLogger(SAMLv1_AttributeQueryHandler.class.getName());
 
        /**
         * Required DOM-based constructor.
@@ -134,13 +134,16 @@ public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements
         *      javax.servlet.http.HttpServletResponse, org.opensaml.SAMLRequest,
         *      edu.internet2.middleware.shibboleth.idp.ProtocolSupport)
         */
-       public SAMLResponse processRequest(HttpServletRequest request, HttpServletResponse response,
-                       SAMLRequest samlRequest, IdPProtocolSupport support) throws SAMLException, IOException, ServletException {
+       public void processRequest(HttpServletRequest request, HttpServletResponse response, IdPProtocolSupport support)
+                       throws RequestHandlingException, ServletException {
+
+               SAMLRequest samlRequest = parseSAMLRequest(request);
 
                if (samlRequest == null || samlRequest.getQuery() == null
                                || !(samlRequest.getQuery() instanceof SAMLAttributeQuery)) {
                        log.error("Protocol Handler can only respond to SAML Attribute Queries.");
-                       throw new SAMLException("General error processing request.");
+                       respondWithError(response, samlRequest, new SAMLException("General error processing request."));
+                       return;
                }
 
                RelyingParty relyingParty = null;
@@ -168,8 +171,8 @@ public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements
                                }
 
                                if (effectiveName == null) {
-                                       log
-                                                       .info("Remote provider not yet identified, attempting to derive requesting provider from credentials.");
+                                       log.info("Remote provider not yet identified, attempting to "
+                                                       + "derive requesting provider from credentials.");
 
                                        // Try the additional candidates.
                                        String[] candidateNames = getCredentialNames(credentials[0]);
@@ -179,7 +182,9 @@ public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements
                                        }
                                }
                        } catch (InvalidProviderCredentialException ipc) {
-                               throw new SAMLException(SAMLException.REQUESTER, "Invalid credentials for request.");
+                               respondWithError(response, samlRequest, new SAMLException(SAMLException.REQUESTER,
+                                               "Invalid credentials for request."));
+                               return;
                        }
                }
 
@@ -204,12 +209,19 @@ public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements
                        log.info("Request contains SAML Subject Confirmation method: (" + method + ").");
                        hasConfirmationMethod = true;
                }
-               if (hasConfirmationMethod) { throw new SAMLException(SAMLException.REQUESTER,
-                               "This SAML authority cannot honor requests containing the supplied SAML Subject Confirmation Method(s)."); }
+               if (hasConfirmationMethod) {
+                       respondWithError(
+                                       response,
+                                       samlRequest,
+                                       new SAMLException(SAMLException.REQUESTER,
+                                                       "This SAML authority cannot honor requests containing the supplied SAML Subject Confirmation Method(s)."));
+                       return;
+               }
 
-               // Map Subject to local principal
-               Principal principal = null;
                try {
+                       // Map Subject to local principal
+                       Principal principal = null;
+
                        SAMLNameIdentifier nameId = attributeQuery.getSubject().getNameIdentifier();
                        log.debug("Name Identifier format: (" + nameId.getFormat() + ").");
                        NameIdentifierMapping mapping = null;
@@ -347,53 +359,54 @@ public class SAMLv1_AttributeQueryHandler extends BaseServiceHandler implements
                                                                + principal.getName() + ").");
                        }
 
-                       return samlResponse;
+                       binding.respond(response, samlResponse, null);
 
                } catch (SAMLException e) {
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException("General error processing request.", e);
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request.", e));
                        } else {
-                               throw new SAMLException("General error processing request.");
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request."));
                        }
                } catch (MetadataProviderException e) {
                        log.error("Encountered an error while looking up metadata: " + e);
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException("General error processing request.", e);
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request.", e));
                        } else {
-                               throw new SAMLException("General error processing request.");
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request."));
                        }
 
                } catch (InvalidNameIdentifierException e) {
                        log.error("Could not associate the request's subject with a principal: " + e);
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException(Arrays.asList(e.getSAMLErrorCodes()), "The supplied Subject was unrecognized.",
-                                               e);
+                               respondWithError(response, samlRequest, new SAMLException(Arrays.asList(e.getSAMLErrorCodes()),
+                                               "The supplied Subject was unrecognized.", e));
                        } else {
-                               throw new SAMLException(Arrays.asList(e.getSAMLErrorCodes()), "The supplied Subject was unrecognized.");
+                               respondWithError(response, samlRequest, new SAMLException(Arrays.asList(e.getSAMLErrorCodes()),
+                                               "The supplied Subject was unrecognized."));
                        }
 
                } catch (NameIdentifierMappingException e) {
                        log.error("Encountered an error while mapping the name identifier from the request: " + e);
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException("General error processing request.", e);
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request.", e));
                        } else {
-                               throw new SAMLException("General error processing request.");
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request."));
                        }
 
                } catch (AAException e) {
                        log.error("Encountered an error while resolving resolving attributes: " + e);
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException("General error processing request.", e);
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request.", e));
                        } else {
-                               throw new SAMLException("General error processing request.");
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request."));
                        }
 
                } catch (CloneNotSupportedException e) {
                        log.error("Encountered an error while cloning request subject for use in response: " + e);
                        if (relyingParty.passThruErrors()) {
-                               throw new SAMLException("General error processing request.", e);
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request.", e));
                        } else {
-                               throw new SAMLException("General error processing request.");
+                               respondWithError(response, samlRequest, new SAMLException("General error processing request."));
                        }
                }
        }
diff --git a/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_Base_QueryHandler.java b/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_Base_QueryHandler.java
new file mode 100644 (file)
index 0000000..4346be7
--- /dev/null
@@ -0,0 +1,80 @@
+
+package edu.internet2.middleware.shibboleth.idp.provider;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.opensaml.NoSuchProviderException;
+import org.opensaml.SAMLBinding;
+import org.opensaml.SAMLBindingFactory;
+import org.opensaml.SAMLException;
+import org.opensaml.SAMLRequest;
+import org.opensaml.SAMLResponse;
+import org.w3c.dom.Element;
+
+import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
+import edu.internet2.middleware.shibboleth.idp.RequestHandlingException;
+
+public abstract class SAMLv1_Base_QueryHandler extends BaseServiceHandler {
+
+       private static Logger log = Logger.getLogger(SAMLv1_Base_QueryHandler.class.getName());
+       protected SAMLBinding binding;
+
+       protected SAMLv1_Base_QueryHandler(Element config) throws ShibbolethConfigurationException {
+
+               super(config);
+
+               try {
+                       binding = SAMLBindingFactory.getInstance(SAMLBinding.SOAP);
+               } catch (NoSuchProviderException e) {
+                       log.error("Unable to initialize SAML SOAP binding:" + e);
+                       throw new ShibbolethConfigurationException("Couldn't initialize " + getHandlerName() + " handler.");
+               }
+       }
+
+       protected SAMLRequest parseSAMLRequest(HttpServletRequest request) throws RequestHandlingException {
+
+               // Parse SOAP request and marshall SAML request object
+               SAMLRequest samlRequest = null;
+               try {
+                       samlRequest = binding.receive(request, 1);
+               } catch (SAMLException e) {
+                       log.error("Unable to parse request: " + e);
+                       throw new RequestHandlingException("Invalid request data.");
+               }
+
+               // If we have DEBUG logging turned on, dump out the request to the log
+               // This takes some processing, so only do it if we need to
+               if (log.isDebugEnabled()) {
+                       log
+                                       .debug("Dumping generated SAML Request:" + System.getProperty("line.separator")
+                                                       + samlRequest.toString());
+               }
+               return samlRequest;
+       }
+
+       protected void respondWithError(HttpServletResponse response, SAMLRequest samlRequest, SAMLException e)
+                       throws RequestHandlingException {
+
+               log.error("Error while processing request: " + e);
+               try {
+                       SAMLResponse samlResponse = new SAMLResponse((samlRequest != null) ? samlRequest.getId() : null, null,
+                                       null, e);
+                       if (log.isDebugEnabled()) {
+                               log.debug("Dumping generated SAML Error Response:" + System.getProperty("line.separator")
+                                               + samlResponse.toString());
+                       }
+                       binding.respond(response, samlResponse, null);
+                       log.debug("Returning SAML Error Response.");
+               } catch (SAMLException se) {
+                       try {
+                               binding.respond(response, null, e);
+                       } catch (SAMLException e1) {
+                               log.error("Caught exception while responding to requester: " + e.getMessage());
+                               throw new RequestHandlingException(e1.getMessage());
+                       }
+               }
+       }
+
+}
\ No newline at end of file