我正在尝试使用ADFS作为身份提供程序登录Travelocity应用。在index.jsp中,注释所有选项并添加我自己的链接。单击此处进行ADFS登录
单击链接后,它将重定向(首次)到ADFS登录页面(saml请求),并输入用户ID和密码。通过SAML响应成功验证。
点击Oauth2令牌链接后立即进入home.jsp
else {
if(ssoAgentConfig.isOAuth2SAML2GrantEnabled()){
%>
<a href=”token”>Click here for WSO2 Oauth2 Token</a><br/>
<%
}
在SSOAgentfilter中,它进入方法内部,并再次生成相同的saml请求,并进入home.jsp
if (resolver.isPassiveAuthnRequest()) {
LOGGER.log(Level.INFO, “isPassiveAuthnRequest”);
isPassiveAuth = ssoAgentConfig.getSAML2().isPassiveAuthn();
samlSSOManager = new SAML2SSOManager(ssoAgentConfig);
ssoAgentConfig.getSAML2().setPassiveAuthn(true);
redirectUrl = samlSSOManager.buildRedirectRequest(request, false);
LOGGER.log(Level.INFO,”redirectUrl “+ redirectUrl);
ssoAgentConfig.getSAML2().setPassiveAuthn(isPassiveAuth);
response.sendRedirect(redirectUrl);
return;
}
INFO: SLO getRequestURI ==/travelocity.com/home.jsp
Sep 12, 2018 10:46:48 AM org.wso2.sample.is.sso.agent.SSOAgentFilter doFilter
INFO: isSAML2SSOResponse
Sep 12, 2018 10:46:48 AM org.wso2.carbon.identity.sso.agent.saml.SSOAgentHttpSessionListener sessionCreated
WARNING: HTTP Session created without LoggedInSessionBean
INFO: isPassiveAuthnRequest
Sep 12, 2018 8:52:27 AM org.wso2.sample.is.sso.agent.SSOAgentFilter doFilter
INFO: redirectUrl https://localhost.com:9444/samlsso?SAMLRequest=nVTBjto
每次进入isPassiveAuthnRequest逻辑时,我都要调用此方法
if (resolver.isSAML2OAuth2GrantRequest()) {
LOGGER.log(Level.INFO, "isSAML2OAuth2GrantRequest" +resolver.isSAML2OAuth2GrantRequest());
LOGGER.log(Level.INFO, "isSAML2OAuth2GrantRequest");
org.wso2.sample.is.sso.agent.SAML2GrantManager saml2GrantManager = new SAML2GrantManager(ssoAgentConfig);
saml2GrantManager.getAccessToken(request, response);
}
因此,his.request.getSession(false).getAttribute(“ org.wso2.carbon.identity.sso.agent.LoggedInSessionBean”)== null
基本上,我想实现通过saml响应生成OAuth令牌
有什么主意吗?