fork(17) download

copy

// This file contains the core of the sso - receiving saml request and sending saml responses.
// And maintaining authentication information.
 
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URL;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Scanner;
import java.util.zip.Inflater;
 
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
 
import org.apache.commons.codec.binary.Base64; // To decode from Base64 Strings
import org.apache.xml.security.c14n.Canonicalizer;
import org.jdom.input.DOMBuilder;
import org.jdom.input.SAXBuilder;
import org.jdom.output.XMLOutputter;
import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.Response;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.Unmarshaller;
import org.opensaml.xml.io.UnmarshallerFactory;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.util.XMLHelper;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
// To decode %2f url components
//import org.opensaml.xml.signature.X509Certificate;
 
public class SamlHandler extends HttpServlet {
 
	// set DEBUG to true to enable debug specific actions and pauses.
	private static boolean DEBUG = true;
 
	// Session specific user data
	private String sessionId;
	private String email;
	private String domain;
 
	// Request attributes
	private String req_Id;
	private String req_issuer;
	private String req_issueInstant;
 
	// Common Info
	private String acs;
	private String relayState;
	private String relayStateb64; // To check if relay state is b64 encoded.
	private boolean relayStateIsb64 = false;
 
	// Response attributes
	private String res_Id;
	private String res_issuer;
	private String res_issueInstant;
	private String res_timeout;
	private String res_assertionId;
	private String res_nameId;
	private String res_notonorafter;
	private String res_notbefore;
	private String res_authnInstant; // Can be equal to issueInstance
 
	private String strResponseXML;
	private String strFinalResponse; // The final signed SAML Response.
 
	private Response samlResponseObject; // The SAML Response object
 
	/**
	 * Check the current session state and return true if the current session is
	 * valid.
	 * 
	 * @param request
	 *            - The HttpServletRequest object corresponding to the GET /
	 *            POST request.
	 * @return true if the session is valid.
	 * 
	 */
	public boolean checkSession(HttpServletRequest request) {
 
		try {
 
			HttpSession session = request.getSession(false);
 
			if (session.getAttribute("loggedIn").equals("yes")) {
				System.out.println("Session is valid.");
				// If the session is valid retrieve the user credentials
				// Every user will be uniquely identified by the email and
				// domain.
				email = (String) session.getAttribute("email");
				domain = (String) session.getAttribute("domain");
				sessionId = (String) session.getId();
				return true;
 
			}
 
			else {
				System.out.println("User is not logged in.");
				return false;
 
			}
 
		} catch (Exception e) {
			// If the loggedIn attribute is not set.
			System.out.println("User session invalid / User is not logged in.");
			return false;
		}
 
	}
 
	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
 
		handleSamlRequest(request, response);
 
	}
 
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
 
		handleSamlRequest(request, response);
 
	}
 
	/**
	 * handleSamlRequest method accepts SP's GET / POST request, parses the
	 * SAMLRequest data and responds to the same by issuing a signed
	 * SAMLResponse data
	 * 
	 * @param request
	 *            - HttpServletRequest object
	 * @param response
	 *            - HttpServletResponse object
	 * @return void
	 */
	public void handleSamlRequest(HttpServletRequest request,
			HttpServletResponse response) {
 
		// Validates the current user session before parsing the SAMLRequest
		if (!checkSession(request)) {
			try {
				response.sendRedirect("/SignOut.action");
			} catch (Exception e) {
				System.out
						.println("Exception while trying to redirect to SignOut action.");
				e.printStackTrace();
			}
			return;
		}
 
		// If the session is valid proceed further ...
 
		// Parsing the RelayState
		// ----------------------
		try {
 
			relayState = request.getParameter("RelayState");
 
			System.out.println("\nThe received Relay State is : " + relayState);
 
			// If RelayState is Base64 encoded, it will not contain the text
			// "http"
			// hence 'try' decoding it ...
			if (!relayState.contains("http") && relayState.length() > 1) {
 
				relayStateb64 = relayState;
				relayStateIsb64 = true;
 
				// Base64 decode it
				relayState = new String(Base64.decodeBase64(relayState
						.getBytes("UTF-8")), "UTF-8");
 
				System.out
						.println("\nThe BASE64 Decoded Relay State Parameter is : "
								+ relayStateb64);
 
			}
 
		} catch (Exception e) {
			System.out
					.println("\n\nException while trying to parse the RelayState value.");
			e.printStackTrace();
 
			if (DEBUG) {
				try {
					System.in.read(); // Wait for Enter key to process further
				} catch (Exception e2) {
					System.out.println(e2.toString());
				}
			}
		}
 
		// Parsing the SAMLRequest
		// -----------------------
		try {
 
			String SAMLRequest = request.getParameter("SAMLRequest");
 
			parseAuthnRequest(SAMLRequest, request);
 
		} catch (Exception e) {
			System.out
					.println("Exception while trying to parse the SAMLRequest");
		}
 
		try {
 
			buildResponseXMLString();
			canonicalizeSamlResponse();
			generateSamlResponseObject();
			signSamlResponseObject2();
			encodeSamlResponse();
			postSamlResponse(response);
 
		} catch (Exception e) {
			System.out
					.println("Exception while constructing / posting the SAML Response data ...");
			System.out.println("The error is : " + e.toString());
			e.printStackTrace();
		}
	}
 
	public void parseAuthnRequest(String SAMLRequest, HttpServletRequest request) {
		try {
 
			System.out.println("\n\nThe BASE64 Encoded SAML Request is : "
					+ SAMLRequest);
 
			// SAMLRequest = (new URI(SAMLRequest)).toString();
 
			// System.out.println("\n\nThe URI Decoded SAML Request is s : " +
			// SAMLRequest);
 
			// To decode from Base64
			byte[] decodedSAMLRequestBytes = Base64.decodeBase64(SAMLRequest
					.getBytes("UTF-8"));
 
			SAMLRequest = new String(decodedSAMLRequestBytes, "UTF-8");
 
			System.out
					.println("\n\nThe base 64 decoded SAML Request ( deflated ) is : "
							+ SAMLRequest);
			// It will still be deflated ( compressed )
 
			System.out.println("The Accept-Encoding header data is : "
					+ request.getHeader("Accept-Encoding"));
 
			if (request.getHeader("Accept-Encoding").contains("deflate")) {
 
				try {
 
					// try Inflating it
					Inflater inflater = new Inflater(true);
					inflater.setInput(decodedSAMLRequestBytes);
 
					byte[] xmlMessageBytes = new byte[5000];
					int resultLength = inflater.inflate(xmlMessageBytes);
					inflater.end();
 
					SAMLRequest = new String(xmlMessageBytes, 0, resultLength,
							"UTF-8");
 
					System.out.println("\n\nThe deflated SAMLRequest is : "
							+ SAMLRequest);
 
				} catch (Exception e) {
					System.out
							.println("\n\nException during inflation attempt. Data might be already deflated.");
					e.printStackTrace();
				}
			}
 
			// Parsing the XML
			ByteArrayInputStream is = new ByteArrayInputStream(
					SAMLRequest.getBytes("UTF-8"));
 
			DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory
					.newInstance();
 
			documentBuilderFactory.setNamespaceAware(true);
 
			DocumentBuilder docBuilder = documentBuilderFactory
					.newDocumentBuilder();
 
			Document document = docBuilder.parse(is);
 
			Element element = document.getDocumentElement();
 
			// Code taken from OpenSAML documentation
			// Using OpenSAML library to Unmarshal
 
			DefaultBootstrap.bootstrap(); // Loading default XML Configurations
 
			UnmarshallerFactory unmarshallerFactory = Configuration
					.getUnmarshallerFactory();
 
			Unmarshaller unmarshaller = unmarshallerFactory
					.getUnmarshaller(element);
 
			XMLObject responseXmlObj = unmarshaller.unmarshall(element);
 
			AuthnRequest samlRequestObject = (AuthnRequest) responseXmlObj;
 
			SAMLRequest = samlRequestObject.toString();
 
			System.out.println("\n\nThe received SAML Request is : "
					+ SAMLRequest);
 
			String acsUrl = samlRequestObject.getAssertionConsumerServiceURL();
 
			String requestId = samlRequestObject.getID();
 
			DateTime issueInstance = samlRequestObject.getIssueInstant();
 
			String issuer = samlRequestObject.getIssuer().getValue()
					.toLowerCase().trim();
 
			System.out.println("Parsed SAML Request is : ");
			System.out.println("\n\nacs : " + acsUrl);
			System.out.println("\nrequestId : " + requestId);
			System.out.println("\nissueInstance : " + issueInstance.toString());
			System.out.println("\nissuer : " + issuer);
 
			acs = acsUrl;
			req_Id = requestId;
			req_issueInstant = issueInstance.toString();
			req_issuer = issuer;
 
		} catch (Exception e) {
			System.out
					.println("Exception while processing GET Request from SP. ");
			System.out.println("The error is : " + e.toString());
			e.printStackTrace();
		}
	}
 
	public void buildResponseXMLString() {
 
		try {
 
			// The certificate and template xml file for saml response is stored
			// in the saml-data folder
 
			String strAssertionXMLTemplateFile = "/WEB-INF/classes/saml-data/saml.xml";
			String samlTemplateFileUrl = getServletContext().getResource(
					strAssertionXMLTemplateFile).toString();
			InputStream assertionTemplateFile = new URL(samlTemplateFileUrl)
					.openStream();
 
			// templateXmlString contains the raw SAML Response templates with
			// field handle to be replaced with appropriate parameters
 
			strResponseXML = new Scanner(assertionTemplateFile, "UTF-8")
					.useDelimiter("\\A").next().trim();
 
			assertionTemplateFile.close();
 
			System.out.println("\n\nThe assertion template is : \n"
					+ strResponseXML);
 
			// Id generation
			SecureRandomIdentifierGenerator generator = new
 
			SecureRandomIdentifierGenerator();
 
			res_Id = generator.generateIdentifier().trim();
			res_assertionId = generator.generateIdentifier().trim();
 
			// Other important identifying parameters
			res_issuer = "https://r...content-available-to-author-only...p.com";
			res_nameId = getEmail().trim();
			String dateTimeFormat = "yyyy-MM-dd'T'HH:mm:ss'+05:30'";
			res_issueInstant = new DateTime().toString(dateTimeFormat).trim();
			res_notbefore = new DateTime().toString(dateTimeFormat).trim();
			res_notonorafter = new DateTime().plusMinutes(5)
					.toString(dateTimeFormat).trim();
 
			// Filling the parameters into the template...
			strResponseXML = strResponseXML.replaceAll("_ASSERTION_ID",
					res_assertionId);
			strResponseXML = strResponseXML.replaceAll("_REQUEST_ID", req_Id);
			strResponseXML = strResponseXML.replaceAll("_RESPONSE_ID", res_Id);
			strResponseXML = strResponseXML.replaceAll("_ISSUE_INSTANT",
					res_issueInstant);
			strResponseXML = strResponseXML.replaceAll("_ISSUER", res_issuer);
			strResponseXML = strResponseXML.replaceAll("_NAMEID", res_nameId);
			strResponseXML = strResponseXML.replaceAll("_NOTBEFORE",
					res_notbefore);
			strResponseXML = strResponseXML.replaceAll("_NOTONORAFTER",
					res_notonorafter);
			strResponseXML = strResponseXML.replaceAll("_ACS_URL", acs);
			strResponseXML = strResponseXML.replaceAll("_DOMAIN", domain);
 
			// Replace the handles in strAssertionXML with appropriate
			// parameters
 
			System.out.println("\n\nThe complete SAML Response is : \n"
					+ strResponseXML);
 
		} catch (Exception e) {
			System.out.println("Exception while filling SAML Response ...");
			System.out.println("The error is : " + e.toString());
			e.printStackTrace();
		}
 
	}
 
	public void generateSamlResponseObject() {
		try {
 
			InputStream xmlResponseAsStream = new ByteArrayInputStream(
					strResponseXML.getBytes());
			// Load initial configurations
			DefaultBootstrap.bootstrap();
 
			// Get parser pool manager
			BasicParserPool ppMgr = new BasicParserPool();
			ppMgr.setNamespaceAware(true);
 
			Document parsedDocumentObject = ppMgr.parse(xmlResponseAsStream);
			Element parsedElementObject = parsedDocumentObject
					.getDocumentElement();
 
			// Get apropriate unmarshaller
			UnmarshallerFactory unmarshallerFactory = Configuration
					.getUnmarshallerFactory();
			Unmarshaller unmarshaller = unmarshallerFactory
					.getUnmarshaller(parsedElementObject);
 
			// Unmarshall using the document root element, an EntitiesDescriptor
			// in this case
			Response responseObject = (Response) unmarshaller
					.unmarshall(parsedElementObject);
			// responseObject.
			System.out.println("\nThe unmarshalled saml response is : ");
 
			// System.out.println(XMLHelper.nodeToString(parsedElementObject));
			System.out.println(XMLHelper.nodeToString(parsedElementObject));
 
			xmlResponseAsStream.close();
 
			samlResponseObject = responseObject;
 
			System.out.println("\nThe SAML signature is : "
					+ samlResponseObject.getSignature());
 
		} catch (Exception e) {
			System.out
					.println("Exception while trying to parse samlResponseObject :"
							+ e.toString());
			e.printStackTrace();
 
		}
 
	}
 
	public void canonicalizeSamlResponse() {
 
		try {
 
			// Initializing the Apache XML security library
			org.apache.xml.security.Init.init();
 
			// Canonicalizing the XML String.
			Canonicalizer canonicalizer = Canonicalizer
					.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
 
			byte canonicalizedResponseXML[] = canonicalizer
					.canonicalize(strResponseXML.getBytes("UTF-8"));
 
			strFinalResponse = new String(canonicalizedResponseXML);
 
			System.out.println("\n\nThe Response after canonicalization is : "
					+ strResponseXML);
 
		} catch (Exception e) {
			System.out
					.println("Exception while canonicalizing the SAML Response.");
			e.printStackTrace();
		}
 
	}
 
	public void signSamlResponseObject2() {
 
		try {
 
			String keyStoreFileName = "/WEB-INF/classes/saml-data/keystore.jks";
			InputStream fis = getServletContext().getResource(keyStoreFileName)
					.openStream();
			KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
 
			ks.load(fis, "abc123456*".toCharArray());
			fis.close();
 
			// Get Private Key Entry From keystore
 
			KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) ks
					.getEntry("zohosso", new KeyStore.PasswordProtection(
							"abc123456*".toCharArray()));
 
			PrivateKey privKey = pkEntry.getPrivateKey();
 
			PublicKey pubKey = ks.getCertificate("zohosso").getPublicKey();
 
			X509Certificate cert = (X509Certificate) ks
					.getCertificate("zohosso");
 
			/*
			 * // Getting x509 Certificate from the keystore directly.
			 * 
			 * KeyStore.TrustedCertificateEntry certEntry =
			 * (KeyStore.TrustedCertificateEntry) ks .getEntry("zohosso", new
			 * KeyStore.PasswordProtection( "abc123456*".toCharArray()));
			 * 
			 * X509Certificate cert = (X509Certificate)
			 * certEntry.getTrustedCertificate();
			 */
 
			// Create a DOM XMLSignatureFactory that will be used to generate
			// the
			// enveloped signature.
 
			// String providerName =
			// System.getProperty("jsr105Provider",JSR_105_PROVIDER);
			XMLSignatureFactory sigFactory = XMLSignatureFactory
					.getInstance("DOM");
 
			// Create a Reference to the enveloped document (we are
			// signing the whole document, so a URI of "" signifies that) and
			// also specify the SHA1 digest algorithm and the ENVELOPED
			// Transform.
 
			List envelopedTransform = Collections.singletonList(sigFactory
					.newTransform(Transform.ENVELOPED,
							(TransformParameterSpec) null));
 
			Reference ref = sigFactory.newReference("",
					sigFactory.newDigestMethod(DigestMethod.SHA1, null),
					envelopedTransform, null, null);
 
			SignatureMethod signatureMethod = sigFactory.newSignatureMethod(
					SignatureMethod.DSA_SHA1, null);
 
			CanonicalizationMethod canonicalizationMethod = sigFactory
					.newCanonicalizationMethod(
							CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
							(C14NMethodParameterSpec) null);
 
			// Create the SignedInfo
			SignedInfo signedInfo = sigFactory.newSignedInfo(
					canonicalizationMethod, signatureMethod,
					Collections.singletonList(ref));
 
			// Create a KeyValue containing the DSA PublicKey
			KeyInfoFactory keyInfoFactory = sigFactory.getKeyInfoFactory();
			KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
 
 
			// Creating the x509 certificate data from Certificate object ( cert )
 
			List x509 = new ArrayList();
 
			x509.add(cert);
 
			X509Data x509Data = keyInfoFactory.newX509Data(x509);
 
			// Create a KeyInfo and add the KeyValue to it
			// keyInfoItems.add(Collections.singletonList(keyValuePair));
 
			// Adding the certificate data and the key value pair to the keyInfo 
 
 
			List keyInfoItems = new ArrayList();
 
			keyInfoItems.add(x509Data);
			keyInfoItems.add(keyValuePair);
 
			KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoItems);
 
 
			// Building the org.jdom.Document object from the samlResponse
			// string
			// ------------------------------------------------------------------
			SAXBuilder builder = new SAXBuilder();
			org.jdom.Document doc = builder.build(new ByteArrayInputStream(
					strResponseXML.getBytes()));
			// ------------------------------------------------------------------
 
			// Convert the rootElement extracted from the doc to w3cElement
			// ------------------------------------------------------------------
 
			org.jdom.Element docRootElement = doc.getRootElement();
			doc = docRootElement.getDocument();
 
			XMLOutputter xmlOutputter = new XMLOutputter();
			StringWriter elemStrWriter = new StringWriter();
			xmlOutputter.output(doc, elemStrWriter);
			byte[] xmlBytes = elemStrWriter.toString().getBytes();
			DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
			dbf.setNamespaceAware(true);
			org.w3c.dom.Element w3cElement = dbf.newDocumentBuilder()
					.parse(new ByteArrayInputStream(xmlBytes))
					.getDocumentElement();
 
			// --------------------------------------------------------------------
 
			// Create a DOMSignContext and specify the DSA PrivateKey and
			// location of the resulting XMLSignature's parent element
 
			DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
 
			// compute the correct location to insert the signature xml
			// (location is important because the SAML xsd's enforce sequence on
			// signed
			// info.)
 
			org.w3c.dom.Node xmlSigInsertionPoint = null;
 
			String JSR_105_PROVIDER = "org.jcp.xml.dsig.internal.dom.XMLDSigRI";
			String SAML_PROTOCOL_NS_URI_V20 = "urn:oasis:names:tc:SAML:2.0:protocol";
 
			org.w3c.dom.NodeList nodeList = w3cElement.getElementsByTagNameNS(
					SAML_PROTOCOL_NS_URI_V20, "Extensions");
			if (nodeList.getLength() != 0) {
				xmlSigInsertionPoint = nodeList.item(nodeList.getLength() - 1);
			} else {
				nodeList = w3cElement.getElementsByTagNameNS(
						SAML_PROTOCOL_NS_URI_V20, "Status");
				xmlSigInsertionPoint = nodeList.item(nodeList.getLength() - 1);
			}
			dsc.setNextSibling(xmlSigInsertionPoint);
 
			// Marshal, generate (and sign) the enveloped signature
			XMLSignature signature = sigFactory.newXMLSignature(signedInfo,
					keyInfo);
			signature.sign(dsc);
 
			// Create the root dom element from the w3cElement using DOMBuilder
			DOMBuilder domBuilder = new DOMBuilder();
			org.jdom.Element signedElement = domBuilder.build(w3cElement);
 
			doc.setRootElement((org.jdom.Element) signedElement.detach());
			xmlOutputter = new XMLOutputter();
			strFinalResponse = xmlOutputter.outputString(doc);
 
			System.out.println("The signed SAML Response is : "
					+ strFinalResponse);
 
		} catch (Exception e) {
			System.out
					.println("Exception while attempting to sign the SAML Response.");
			e.printStackTrace();
		}
 
	}
 
	/*
	 * public void signSamlResponseObject() {
	 * 
	 * try {
	 * 
	 * String keyStoreFileName = "/WEB-INF/classes/saml-data/keystore.jks";
	 * InputStream fis = getServletContext().getResource(keyStoreFileName)
	 * .openStream();
	 * 
	 * // Get Default Instance of KeyStore KeyStore ks =
	 * KeyStore.getInstance(KeyStore.getDefaultType());
	 * 
	 * ks.load(fis, "abc123456*".toCharArray()); fis.close();
	 * 
	 * // Get Private Key Entry From keystore KeyStore.PrivateKeyEntry pkEntry =
	 * (KeyStore.PrivateKeyEntry) ks .getEntry("zohosso", new
	 * KeyStore.PasswordProtection( "abc123456*".toCharArray()));
	 * 
	 * PrivateKey pk = pkEntry.getPrivateKey();
	 * 
	 * X509Certificate certificate = (X509Certificate) pkEntry
	 * .getCertificate();
	 * 
	 * BasicX509Credential credential = new BasicX509Credential();
	 * credential.setEntityCertificate(certificate);
	 * 
	 * credential.setPrivateKey(pk);
	 * 
	 * System.out.println("\n\nPrivate Key : " + pk.toString());
	 * 
	 * DefaultBootstrap.bootstrap(); Signature signature = null;
	 * 
	 * signature = (Signature) Configuration.getBuilderFactory()
	 * .getBuilder(Signature.DEFAULT_ELEMENT_NAME)
	 * .buildObject(Signature.DEFAULT_ELEMENT_NAME);
	 * 
	 * signature.setSigningCredential(credential);
	 * 
	 * // This is also the default if a null SecurityConfiguration is //
	 * SecurityConfiguration secConfig = Configuration
	 * .getGlobalSecurityConfiguration(); // If null this would result in the //
	 * default KeyInfoGenerator being used String keyInfoGeneratorProfile =
	 * "XMLSignature";
	 * 
	 * SecurityHelper.prepareSignatureParams(signature, credential, secConfig,
	 * null);
	 * 
	 * samlResponseObject.setSignature(signature);
	 * 
	 * Configuration.getMarshallerFactory() .getMarshaller(samlResponseObject)
	 * .marshall(samlResponseObject);
	 * 
	 * Signer.signObject(signature);
	 * 
	 * ResponseMarshaller marshaller = new ResponseMarshaller(); Element
	 * finalResponseElement = marshaller .marshall(samlResponseObject);
	 * strFinalResponse = XMLHelper.nodeToString(finalResponseElement) .trim();
	 * 
	 * System.out.println("\n\n\nThe final Response as string is : \n\n");
	 * System.out.println(strFinalResponse);
	 * 
	 * File f = new File("finalSamlResponse.xml");
	 * System.out.println("Writing to absolute path : " + f.getAbsolutePath());
	 * FileWriter fw = new FileWriter(f); BufferedWriter finalXmlFile = new
	 * BufferedWriter(fw); finalXmlFile.write(strFinalResponse);
	 * finalXmlFile.close();
	 * 
	 * } catch (Exception e) { System.out
	 * .println("\nException while trying to digitally sign the SAMLResponse Object"
	 * ); System.out.println("The error is : " + e.toString());
	 * e.printStackTrace();
	 * 
	 * } }
	 */
	public void encodeSamlResponse() {
		try {
 
			System.out.println("\n\nAttempting to b64 encode the response ...");
 
			// strFinalResponse =
			// strFinalResponse.replaceAll("<?xml version=\"1.0\", encoding=\"UTF-8\"?>",
			// "");
 
			strFinalResponse = new String(Base64.encodeBase64(strFinalResponse
					.getBytes("UTF-8")), "UTF-8");
 
			// strFinalResponse.replaceAll("(\\r|\\n|\\r\\n)+", "")
 
			strFinalResponse = strFinalResponse.trim();
 
			StringBuilder formattedResponse = new StringBuilder();
 
			// Splitting the final response text to 60 char lines
			for (int i = 0; i < strFinalResponse.length(); i++) {
				if (((i % 60) == 0) && i != 0)
					formattedResponse.append("\n");
 
				formattedResponse.append(strFinalResponse.charAt(i));
			}
 
			strFinalResponse = formattedResponse.toString();
 
			System.out.println("\nThe base64 encoded saml response is : ");
			System.out.println(strFinalResponse);
 
		} catch (Exception e) {
			System.out
					.println("Exception while trying to access session data .");
			System.out.println("The error is : " + e.toString());
			e.printStackTrace();
 
		}
 
	}
 
	public void postSamlResponse(HttpServletResponse responseObject)
			throws IOException {
 
		String relState = relayStateIsb64 ? relayStateb64 : relayState;
		String html = "<HTML>"
				+ "<BODY onload='document.forms[\"saml-form\"].submit()'>"
				+ "<FORM name='saml-form' action='" + acs + "' method='POST'>"
				+ "<INPUT type='hidden' name='RelayState' value='"
				+ relState.trim() + "' />"
				+ "<INPUT type='hidden' name='SAMLResponse' value='"
				+ strFinalResponse + "' />"
				+ "<INPUT type='hidden' value='submit' />";
 
		PrintWriter out = responseObject.getWriter();
		out.write(html);
		out.close();
 
	}
 
	public String getSessionId() {
		return sessionId;
	}
 
	public void setSessionId(String sessionId) {
		this.sessionId = sessionId;
	}
 
	public String getEmail() {
		return email;
	}
 
	public void setEmail(String email) {
		this.email = email;
	}
 
	public String getDomain() {
		return domain;
	}
 
	public void setDomain(String domain) {
		this.domain = domain;
	}
 
	public String getReq_Id() {
		return req_Id;
	}
 
	public void setReq_Id(String req_Id) {
		this.req_Id = req_Id;
	}
 
	public String getReq_issuer() {
		return req_issuer;
	}
 
	public void setReq_issuer(String req_issuer) {
		this.req_issuer = req_issuer;
	}
 
	public String getReq_issueInstant() {
		return req_issueInstant;
	}
 
	public void setReq_issueInstant(String req_issueInstant) {
		this.req_issueInstant = req_issueInstant;
	}
 
	public String getAcs() {
		return acs;
	}
 
	public void setAcs(String acs) {
		this.acs = acs;
	}
 
	public String getRes_Id() {
		return res_Id;
	}
 
	public void setRes_Id(String res_Id) {
		this.res_Id = res_Id;
	}
 
	public String getRes_issuer() {
		return res_issuer;
	}
 
	public void setRes_issuer(String res_issuer) {
		this.res_issuer = res_issuer;
	}
 
	public String getRes_issueInstant() {
		return res_issueInstant;
	}
 
	public void setRes_issueInstant(String res_issueInstant) {
		this.res_issueInstant = res_issueInstant;
	}
 
	public String getRes_timeout() {
		return res_timeout;
	}
 
	public void setRes_timeout(String res_timeout) {
		this.res_timeout = res_timeout;
	}
 
	public String getRes_assertionId() {
		return res_assertionId;
	}
 
	public void setRes_assertionId(String res_assertionId) {
		this.res_assertionId = res_assertionId;
	}
 
	public String getRes_nameId() {
		return res_nameId;
	}
 
	public void setRes_nameId(String res_nameId) {
		this.res_nameId = res_nameId;
	}
 
	public String getRes_notonorafter() {
		return res_notonorafter;
	}
 
	public void setRes_notonorafter(String res_notonorafter) {
		this.res_notonorafter = res_notonorafter;
	}
 
	public String getRes_notbefore() {
		return res_notbefore;
	}
 
	public void setRes_notbefore(String res_notbefore) {
		this.res_notbefore = res_notbefore;
	}
 
	public String getRes_authnInstant() {
		return res_authnInstant;
	}
 
	public void setRes_authnInstant(String res_authnInstant) {
		this.res_authnInstant = res_authnInstant;
	}
 
	public String getStrAssertionXML() {
		return strResponseXML;
	}
 
	public void setStrAssertionXML(String strAssertionXML) {
		this.strResponseXML = strAssertionXML;
	}
 
	public String getStrResponseXML() {
		return strResponseXML;
	}
 
	public void setStrResponseXML(String strResponseXML) {
		this.strResponseXML = strResponseXML;
	}
 
}

Main.java:66: error: class SamlHandler is public, should be declared in a file named SamlHandler.java
public class SamlHandler extends HttpServlet {
       ^
Main.java:22: error: package javax.servlet does not exist
import javax.servlet.ServletException;
                    ^
Main.java:23: error: package javax.servlet.http does not exist
import javax.servlet.http.HttpServlet;
                         ^
Main.java:24: error: package javax.servlet.http does not exist
import javax.servlet.http.HttpServletRequest;
                         ^
Main.java:25: error: package javax.servlet.http does not exist
import javax.servlet.http.HttpServletResponse;
                         ^
Main.java:26: error: package javax.servlet.http does not exist
import javax.servlet.http.HttpSession;
                         ^
Main.java:45: error: package org.apache.commons.codec.binary does not exist
import org.apache.commons.codec.binary.Base64; // To decode from Base64 Strings
                                      ^
Main.java:46: error: package org.apache.xml.security.c14n does not exist
import org.apache.xml.security.c14n.Canonicalizer;
                                   ^
Main.java:47: error: package org.jdom.input does not exist
import org.jdom.input.DOMBuilder;
                     ^
Main.java:48: error: package org.jdom.input does not exist
import org.jdom.input.SAXBuilder;
                     ^
Main.java:49: error: package org.jdom.output does not exist
import org.jdom.output.XMLOutputter;
                      ^
Main.java:50: error: package org.joda.time does not exist
import org.joda.time.DateTime;
                    ^
Main.java:51: error: package org.opensaml does not exist
import org.opensaml.Configuration;
                   ^
Main.java:52: error: package org.opensaml does not exist
import org.opensaml.DefaultBootstrap;
                   ^
Main.java:53: error: package org.opensaml.common.impl does not exist
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
                               ^
Main.java:54: error: package org.opensaml.saml2.core does not exist
import org.opensaml.saml2.core.AuthnRequest;
                              ^
Main.java:55: error: package org.opensaml.saml2.core does not exist
import org.opensaml.saml2.core.Response;
                              ^
Main.java:56: error: package org.opensaml.xml does not exist
import org.opensaml.xml.XMLObject;
                       ^
Main.java:57: error: package org.opensaml.xml.io does not exist
import org.opensaml.xml.io.Unmarshaller;
                          ^
Main.java:58: error: package org.opensaml.xml.io does not exist
import org.opensaml.xml.io.UnmarshallerFactory;
                          ^
Main.java:59: error: package org.opensaml.xml.parse does not exist
import org.opensaml.xml.parse.BasicParserPool;
                             ^
Main.java:60: error: package org.opensaml.xml.util does not exist
import org.opensaml.xml.util.XMLHelper;
                            ^
Main.java:66: error: cannot find symbol
public class SamlHandler extends HttpServlet {
                                 ^
  symbol: class HttpServlet
Main.java:101: error: cannot find symbol
	private Response samlResponseObject; // The SAML Response object
	        ^
  symbol:   class Response
  location: class SamlHandler
Main.java:113: error: cannot find symbol
	public boolean checkSession(HttpServletRequest request) {
	                            ^
  symbol:   class HttpServletRequest
  location: class SamlHandler
Main.java:145: error: cannot find symbol
	public void doPost(HttpServletRequest request, HttpServletResponse response)
	                   ^
  symbol:   class HttpServletRequest
  location: class SamlHandler
Main.java:145: error: cannot find symbol
	public void doPost(HttpServletRequest request, HttpServletResponse response)
	                                               ^
  symbol:   class HttpServletResponse
  location: class SamlHandler
Main.java:146: error: cannot find symbol
			throws ServletException, IOException {
			       ^
  symbol:   class ServletException
  location: class SamlHandler
Main.java:152: error: cannot find symbol
	public void doGet(HttpServletRequest request, HttpServletResponse response)
	                  ^
  symbol:   class HttpServletRequest
  location: class SamlHandler
Main.java:152: error: cannot find symbol
	public void doGet(HttpServletRequest request, HttpServletResponse response)
	                                              ^
  symbol:   class HttpServletResponse
  location: class SamlHandler
Main.java:153: error: cannot find symbol
			throws ServletException, IOException {
			       ^
  symbol:   class ServletException
  location: class SamlHandler
Main.java:170: error: cannot find symbol
	public void handleSamlRequest(HttpServletRequest request,
	                              ^
  symbol:   class HttpServletRequest
  location: class SamlHandler
Main.java:171: error: cannot find symbol
			HttpServletResponse response) {
			^
  symbol:   class HttpServletResponse
  location: class SamlHandler
Main.java:257: error: cannot find symbol
	public void parseAuthnRequest(String SAMLRequest, HttpServletRequest request) {
	                                                  ^
  symbol:   class HttpServletRequest
  location: class SamlHandler
Main.java:807: error: cannot find symbol
	public void postSamlResponse(HttpServletResponse responseObject)
	                             ^
  symbol:   class HttpServletResponse
  location: class SamlHandler
Main.java:117: error: cannot find symbol
			HttpSession session = request.getSession(false);
			^
  symbol:   class HttpSession
  location: class SamlHandler
Main.java:204: error: cannot find symbol
				relayState = new String(Base64.decodeBase64(relayState
				                        ^
  symbol:   variable Base64
  location: class SamlHandler
Main.java:269: error: cannot find symbol
			byte[] decodedSAMLRequestBytes = Base64.decodeBase64(SAMLRequest
			                                 ^
  symbol:   variable Base64
  location: class SamlHandler
Main.java:326: error: cannot find symbol
			DefaultBootstrap.bootstrap(); // Loading default XML Configurations
			^
  symbol:   variable DefaultBootstrap
  location: class SamlHandler
Main.java:328: error: cannot find symbol
			UnmarshallerFactory unmarshallerFactory = Configuration
			^
  symbol:   class UnmarshallerFactory
  location: class SamlHandler
Main.java:328: error: cannot find symbol
			UnmarshallerFactory unmarshallerFactory = Configuration
			                                          ^
  symbol:   variable Configuration
  location: class SamlHandler
Main.java:331: error: cannot find symbol
			Unmarshaller unmarshaller = unmarshallerFactory
			^
  symbol:   class Unmarshaller
  location: class SamlHandler
Main.java:334: error: cannot find symbol
			XMLObject responseXmlObj = unmarshaller.unmarshall(element);
			^
  symbol:   class XMLObject
  location: class SamlHandler
Main.java:336: error: cannot find symbol
			AuthnRequest samlRequestObject = (AuthnRequest) responseXmlObj;
			^
  symbol:   class AuthnRequest
  location: class SamlHandler
Main.java:336: error: cannot find symbol
			AuthnRequest samlRequestObject = (AuthnRequest) responseXmlObj;
			                                  ^
  symbol:   class AuthnRequest
  location: class SamlHandler
Main.java:347: error: cannot find symbol
			DateTime issueInstance = samlRequestObject.getIssueInstant();
			^
  symbol:   class DateTime
  location: class SamlHandler
Main.java:379: error: cannot find symbol
			String samlTemplateFileUrl = getServletContext().getResource(
			                             ^
  symbol:   method getServletContext()
  location: class SamlHandler
Main.java:396: error: cannot find symbol
			SecureRandomIdentifierGenerator generator = new
			^
  symbol:   class SecureRandomIdentifierGenerator
  location: class SamlHandler
Main.java:398: error: cannot find symbol
			SecureRandomIdentifierGenerator();
			^
  symbol:   class SecureRandomIdentifierGenerator
  location: class SamlHandler
Main.java:407: error: cannot find symbol
			res_issueInstant = new DateTime().toString(dateTimeFormat).trim();
			                       ^
  symbol:   class DateTime
  location: class SamlHandler
Main.java:408: error: cannot find symbol
			res_notbefore = new DateTime().toString(dateTimeFormat).trim();
			                    ^
  symbol:   class DateTime
  location: class SamlHandler
Main.java:409: error: cannot find symbol
			res_notonorafter = new DateTime().plusMinutes(5)
			                       ^
  symbol:   class DateTime
  location: class SamlHandler
Main.java:448: error: cannot find symbol
			DefaultBootstrap.bootstrap();
			^
  symbol:   variable DefaultBootstrap
  location: class SamlHandler
Main.java:451: error: cannot find symbol
			BasicParserPool ppMgr = new BasicParserPool();
			^
  symbol:   class BasicParserPool
  location: class SamlHandler
Main.java:451: error: cannot find symbol
			BasicParserPool ppMgr = new BasicParserPool();
			                            ^
  symbol:   class BasicParserPool
  location: class SamlHandler
Main.java:459: error: cannot find symbol
			UnmarshallerFactory unmarshallerFactory = Configuration
			^
  symbol:   class UnmarshallerFactory
  location: class SamlHandler
Main.java:459: error: cannot find symbol
			UnmarshallerFactory unmarshallerFactory = Configuration
			                                          ^
  symbol:   variable Configuration
  location: class SamlHandler
Main.java:461: error: cannot find symbol
			Unmarshaller unmarshaller = unmarshallerFactory
			^
  symbol:   class Unmarshaller
  location: class SamlHandler
Main.java:466: error: cannot find symbol
			Response responseObject = (Response) unmarshaller
			^
  symbol:   class Response
  location: class SamlHandler
Main.java:466: error: cannot find symbol
			Response responseObject = (Response) unmarshaller
			                           ^
  symbol:   class Response
  location: class SamlHandler
Main.java:472: error: cannot find symbol
			System.out.println(XMLHelper.nodeToString(parsedElementObject));
			                   ^
  symbol:   variable XMLHelper
  location: class SamlHandler
Main.java:496: error: package org.apache.xml.security does not exist
			org.apache.xml.security.Init.init();
			                       ^
Main.java:499: error: cannot find symbol
			Canonicalizer canonicalizer = Canonicalizer
			^
  symbol:   class Canonicalizer
  location: class SamlHandler
Main.java:500: error: cannot find symbol
					.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
					             ^
  symbol:   variable Canonicalizer
  location: class SamlHandler
Main.java:499: error: cannot find symbol
			Canonicalizer canonicalizer = Canonicalizer
			                              ^
  symbol:   variable Canonicalizer
  location: class SamlHandler
Main.java:523: error: cannot find symbol
			InputStream fis = getServletContext().getResource(keyStoreFileName)
			                  ^
  symbol:   method getServletContext()
  location: class SamlHandler
Main.java:619: error: cannot find symbol
			SAXBuilder builder = new SAXBuilder();
			^
  symbol:   class SAXBuilder
  location: class SamlHandler
Main.java:619: error: cannot find symbol
			SAXBuilder builder = new SAXBuilder();
			                         ^
  symbol:   class SAXBuilder
  location: class SamlHandler
Main.java:620: error: package org.jdom does not exist
			org.jdom.Document doc = builder.build(new ByteArrayInputStream(
			        ^
Main.java:627: error: package org.jdom does not exist
			org.jdom.Element docRootElement = doc.getRootElement();
			        ^
Main.java:630: error: cannot find symbol
			XMLOutputter xmlOutputter = new XMLOutputter();
			^
  symbol:   class XMLOutputter
  location: class SamlHandler
Main.java:630: error: cannot find symbol
			XMLOutputter xmlOutputter = new XMLOutputter();
			                                ^
  symbol:   class XMLOutputter
  location: class SamlHandler
Main.java:674: error: cannot find symbol
			DOMBuilder domBuilder = new DOMBuilder();
			^
  symbol:   class DOMBuilder
  location: class SamlHandler
Main.java:674: error: cannot find symbol
			DOMBuilder domBuilder = new DOMBuilder();
			                            ^
  symbol:   class DOMBuilder
  location: class SamlHandler
Main.java:675: error: package org.jdom does not exist
			org.jdom.Element signedElement = domBuilder.build(w3cElement);
			        ^
Main.java:677: error: package org.jdom does not exist
			doc.setRootElement((org.jdom.Element) signedElement.detach());
			                            ^
Main.java:678: error: cannot find symbol
			xmlOutputter = new XMLOutputter();
			                   ^
  symbol:   class XMLOutputter
  location: class SamlHandler
Main.java:775: error: cannot find symbol
			strFinalResponse = new String(Base64.encodeBase64(strFinalResponse
			                              ^
  symbol:   variable Base64
  location: class SamlHandler
Note: Main.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
78 errors

Standard output is empty