...
| Warning | ||
|---|---|---|
| ||
The virtual email addresses should only be used to create a unique user id, not to send emails to users; for that, you can always reach the user's real email. |
5 SSO Consume process
| @RequestMapping(value = "/maestrano/auth/saml/init/{marketplace}", method = RequestMethod.GET) | |
| public ModelAndView init(@PathVariable("marketplace") String marketplace, @RequestParam Map<String, String> allRequestParams) |
class SSOController{// Route POST "/maestrano/auth/saml/consume/{marketplace}" to this methodfunction consume(Hash requestParameters){// Retrieve the configuration for the given marketplacemarketplace = requestParameters["marketplace"]config = MaestranoConfig.get(marketplace)samlResp = config.getSso().buildResponse(requestParameters["SAMLResponse"])if(samlResp.isValid()){// Build MaestranoUser and MaestranoGroup (coming from the SDK)mnoUser = new MaestranoUser(samlResp);mnoGroup = new MaestranoGroup(samlResp);// Build/Map local entitiesvar localGroup = MyGroup.FindOrCreateForMaestrano(marketplace, mnoGroup);var localUser = MyUser.FindOrCreateForMaestrano(marketplace, mnoUser); // Add localUser to the localGroup if not already part of itif (!localGroup.HasMember(localUser)){localGroup.AddMember(localUser);}var session = getCurrentHttpSession();session["marketplace"] = marketplace;// Set Maestrano session - used for Single Logoutconfig.getSso().setSession(session, mnoUser);return redirect("/");}else{ return content("Invalid SAML Response");}
}}