我想在Wicket应用中使用Web SSO SAML。我想最好是挂载一个 "Web SSO SAML "页面。Page 并尝试使用 OpenSAML 中。
我尝试使用OpenSAML的 HTTPRedirectDeflateEncoder 直接在 HttpServletReponse 像这样。
WebResponse webResponse = (WebResponse) this.getRequestCycle().getResponse();
HttpServletResponse httpServletResponse = (HttpServletResponse) webResponse.getContainerResponse();
然后我用解码器在上面建立一个重定向并提交响应。
但当然,这样做会出错,因为我误用了Wicket的做事方式。
2016-09-23 13:13:16,236 ERROR - ListenerCollection - Error invoking listener: org.apache.wicket.Application$3@4c8f505b
java.lang.IllegalStateException: Response is committed
正确的重定向方式是什么,才能让我访问Wicket的会话等?因为我想防止这种重定向,如果我知道用户的某些属性,而这些属性可能已经有了。WicketSession?
最后我是这样解决的。
public SSOSamlPage(final PageParameters pp) {
final WebResponse webResponse = (WebResponse) this.getRequestCycle().getResponse();
final HttpServletResponse httpServletResponse = (HttpServletResponse) webResponse.getContainerResponse();
final IModel<String> urlModel = Model.of("");
final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder() {
@Override
protected void doEncode() throws MessageEncodingException {
final MessageContext<SAMLObject> messageContext = this.getMessageContext();
LOG.info("setRelayState for PP: {}", pp);
SAMLBindingSupport.setRelayState(messageContext, PageParameterUtils.toBase64(pp));
final SAMLObject outboundMessage = messageContext.getMessage();
final String endpointURL = this.getEndpointURL(messageContext).toString();
this.removeSignature(outboundMessage);
final String encodedMessage = this.deflateAndBase64Encode(outboundMessage);
final String redirectURL = this.buildRedirectURL(messageContext, endpointURL, encodedMessage);
urlModel.setObject(redirectURL);
}
};
....
throw new RedirectToUrlException(urlModel.getObject());