1. 技术文章
  2. SAMLResponse null in ACS request url :using onelogin toolkit

SAMLResponse null in ACS request url :using onelogin toolkit

跟風遠走 提交于 2019-12-12 03:41:45

问题


I am using Onelogin 2.0 toolkit . Instead of having Login and ACS as jsp files I have added them as rest services. I am getting this error when my IdP redirects to ACS Service Url.

SAML Response not found, Only supported HTTP_POST Binding

In request to ACS service SAMLResponse parameter is coming as null. How can I fix this ?

@Path("/saml")
public class SAMLAuthService {
    @Context
    HttpServletRequest request;

    @Context
    HttpServletResponse response;

    @GET
    @Produces(MediaType.APPLICATION_JSON)
    @Path("/dologin")
    public void SAMLLogin(){
        try {
            Auth auth = new Auth(CommonUtils.samlPropertyFileName,request, response);
            System.out.println("Calling SAML Login::");
            auth.login();
        } catch (Exception e) {
            e.printStackTrace();

        }
    }

    @POST
    @Produces(MediaType.APPLICATION_JSON)
    @Path("/acs")
    public Response SAMLACS()
            throws ExecException {
        Response samlResponse = null;
        try {
            System.out.println("Calling SAML ACS::");
            Auth auth = new Auth(CommonUtils.samlPropertyFileName,request, response);
            auth.processResponse();
            if (!auth.isAuthenticated()) {
                System.out.println("Not Authenticated");
            }

            List<String> errors = auth.getErrors();
            if (!errors.isEmpty()) {
                if (auth.isDebugActive()) {
                    String errorReason = auth.getLastErrorReason();
                    if (errorReason != null && !errorReason.isEmpty()) {
                        System.out.println(errorReason);
                    }
                }
            } else {
                Map<String, List<String>> attributes = auth.getAttributes();
                String nameId = auth.getNameId();
                System.out.println("NameId::"+nameId);
                if (attributes.isEmpty()) {
                    System.out.println("No Attributes");
                }
                else {
                    Collection<String> keys = attributes.keySet();
                    for(String name :keys){
                        List<String> values = attributes.get(name);
                        System.out.println(name+"::");
                        for(String value :values) {
                            System.out.print(value);
                        }

                    }
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return samlResponse;
    }

}

回答1:


The Auth constructor that you are using expects a HttpServletRequest request object with a SAMLResponse POST parameter

If you don't have that HttpServletRequest object, you can build it using the makeHttpRequest

You can use the SAML Tracer to analyze the SAML flow between the IdP and the SP. You may be sure that the IdP is sending a SAMLResponse. I'm not familiar with the "Rest approach" you are using, but you may see the way to get the SAMLResponse and build the HttpServletRequest object injecting that parameter.



来源:https://stackoverflow.com/questions/40175122/samlresponse-null-in-acs-request-url-using-onelogin-toolkit

标签
java
web-services
saml-2.0
onelogin
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!