...
Code Block | ||
---|---|---|
| ||
class SSOController{ // Route POST "/maestrano/auth/saml/consume/{marketplace}" to this method function consume(Hash requestParameters){ // Retrieve the configuration for the given marketplace marketplace = requestParameters["marketplace"] config = MaestranoConfig.get(marketplace) samlResp = config.getSso().buildResponse(requestParameters["SAMLResponse"]) if(samlResp.isValid()){ // Build MaestranoUser and MaestranoGroup (coming from the SDK) mnoUser = new MaestranoUser(samlResp); mnoGroup = new MaestranoGroup(samlResp); // Build/Map local entities var localGroup = MyGroup.FindOrCreateForMaestrano(marketplace, mnoGroup); var localUser = MyUser.FindOrCreateForMaestrano(marketplace, mnoUser); // Add localUser to the localGroup if not already part of it if (!localGroup.HasMember(localUser)){ localGroup.AddMember(localUser); } var session = getCurrentHttpSession(); session["marketplace"] = marketplace; // Set Maestrano session - used for Single Logout config.getSso().setSession(session, mnoUser); return redirect("/"); }else{ return content("Invalid SAML Response"); } } } |
Examples in
4 What do I have to pay attention to?
...
Warning | ||
---|---|---|
| ||
The virtual email addresses should only be used to create a unique user id, not to send emails to users; for that, you can always reach the user's real email. |
5 SSO Consume process
@RequestMapping(value = "/maestrano/auth/saml/init/{marketplace}", method = RequestMethod.GET) | |
public ModelAndView init(@PathVariable("marketplace") String marketplace, @RequestParam Map<String, String> allRequestParams) |
class SSOController{// Route POST "/maestrano/auth/saml/consume/{marketplace}" to this methodfunction consume(Hash requestParameters){// Retrieve the configuration for the given marketplacemarketplace = requestParameters["marketplace"]config = MaestranoConfig.get(marketplace)samlResp = config.getSso().buildResponse(requestParameters["SAMLResponse"])if(samlResp.isValid()){// Build MaestranoUser and MaestranoGroup (coming from the SDK)mnoUser = new MaestranoUser(samlResp);mnoGroup = new MaestranoGroup(samlResp);// Build/Map local entitiesvar localGroup = MyGroup.FindOrCreateForMaestrano(marketplace, mnoGroup);var localUser = MyUser.FindOrCreateForMaestrano(marketplace, mnoUser); // Add localUser to the localGroup if not already part of itif (!localGroup.HasMember(localUser)){localGroup.AddMember(localUser);}var session = getCurrentHttpSession();session["marketplace"] = marketplace;// Set Maestrano session - used for Single Logoutconfig.getSso().setSession(session, mnoUser);return redirect("/");}else{ return content("Invalid SAML Response");}
}}