org.aselect.server.request.handler.saml11
Class SAML11RequestHandler

java.lang.Object
  extended by org.aselect.server.request.handler.AbstractRequestHandler
      extended by org.aselect.server.request.handler.saml11.SAML11RequestHandler
All Implemented Interfaces:
IRequestHandler

public class SAML11RequestHandler
extends AbstractRequestHandler

SAML 1.1 SSO request handler.

Description:
Request handler for the following SAML 1.1 SSO Requests.

Concurrency issues:
-

Author:
Alfa & Ariss

Field Summary
 
Fields inherited from class org.aselect.server.request.handler.AbstractRequestHandler
_configManager, _oServletConfig, _oSessionManager, _systemLogger
 
Constructor Summary
SAML11RequestHandler()
           
 
Method Summary
 void destroy()
          Destroys all WebSSO profiles available in the _htWebSSOProfiles Hashtable and destroys the Assertion Session Manager singleton.
 void init(javax.servlet.ServletConfig oServletConfig, java.lang.Object oConfig)
          Initializes the SAML 1.1 Request Handler.
 RequestState process(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Processes a SAML Web SSO request.
 
Methods inherited from class org.aselect.server.request.handler.AbstractRequestHandler
getID, getPattern
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAML11RequestHandler

public SAML11RequestHandler()
Method Detail

init

public void init(javax.servlet.ServletConfig oServletConfig,
                 java.lang.Object oConfig)
          throws ASelectException
Initializes the SAML 1.1 Request Handler.

Description:
Reads the following configuration:

<handler>
 <clientcommunicator>[clientcommunicator]</clientcommunicator>
 <assertion expire='[expire]'>
 <attribute namespace='[namespace]'>
 <applications>
  <application id='[id]' profile='[profile]'/>
   ...
 </applications>
 <websso default='[default]'>
  ...
 </websso>
 <storagemanager id='assertions'>
  ...
 </storagemanager>
</handler>



Specified by:
init in interface IRequestHandler
Overrides:
init in class AbstractRequestHandler
Parameters:
oServletConfig - Servlet Config of the Parent servlet
oConfig - Object containing the RequestHandler configuration
Throws:
ASelectException - if initalization fails
See Also:
AbstractRequestHandler.init(javax.servlet.ServletConfig, java.lang.Object)

process

public RequestState process(javax.servlet.http.HttpServletRequest request,
                            javax.servlet.http.HttpServletResponse response)
                     throws ASelectException
Processes a SAML Web SSO request.

  • Reads an A-Select authenticate response
  • Verifies if the following paramers are available in the response:
    • aselect_credentials
    • rid
  • Sends an A-Select verify_credentials API call request to the A-Select Server
  • Reads the SAML session (with id: saml11_[rid]) created by the Shibboleth Authentication Profile
  • Processes the request with the correct websso profile handler for the specified application


  • Parameters:
    request - HttpServletRequest containing the request
    response - HttpServletResponse containing the response
    Returns:
    RequestState containing the request handling state
    Throws:
    ASelectException - if the request couldn't be processed
    See Also:
    IRequestHandler.process(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)

    destroy

    public void destroy()
    Destroys all WebSSO profiles available in the _htWebSSOProfiles Hashtable and destroys the Assertion Session Manager singleton.

    See Also:
    IRequestHandler.destroy()


    Copyright © 2008 SURFnet BV. All Rights Reserved.