我想在我的Wicket应用程序中使用Web SSO SAML。我认为安装Page并尝试使用OpenSAML是个好主意。
我尝试直接在HTTPRedirectDeflateEncoder上使用OpenSAML的HttpServletReponse,如下所示:
WebResponse webResponse = (WebResponse) this.getRequestCycle().getResponse();
HttpServletResponse httpServletResponse = (HttpServletResponse) webResponse.getContainerResponse();
然后我使用解码器,它构建一个重定向并提交响应。
但当然,这会导致错误,因为我错误地使用了Wicket-way做的事情。
2016-09-23 13:13:16,236 ERROR - ListenerCollection - Error invoking listener: org.apache.wicket.Application$3@4c8f505b
java.lang.IllegalStateException: Response is committed
以可以访问Wicket会话等方式进行重定向的正确方法是什么?因为如果我知道用户的某些属性(可能已经有WicketSession?
答案 0 :(得分:0)
我最终像这样解决了它:
public SSOSamlPage(final PageParameters pp) {
final WebResponse webResponse = (WebResponse) this.getRequestCycle().getResponse();
final HttpServletResponse httpServletResponse = (HttpServletResponse) webResponse.getContainerResponse();
final IModel<String> urlModel = Model.of("");
final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder() {
@Override
protected void doEncode() throws MessageEncodingException {
final MessageContext<SAMLObject> messageContext = this.getMessageContext();
LOG.info("setRelayState for PP: {}", pp);
SAMLBindingSupport.setRelayState(messageContext, PageParameterUtils.toBase64(pp));
final SAMLObject outboundMessage = messageContext.getMessage();
final String endpointURL = this.getEndpointURL(messageContext).toString();
this.removeSignature(outboundMessage);
final String encodedMessage = this.deflateAndBase64Encode(outboundMessage);
final String redirectURL = this.buildRedirectURL(messageContext, endpointURL, encodedMessage);
urlModel.setObject(redirectURL);
}
};
....
throw new RedirectToUrlException(urlModel.getObject());