Skip to content

Instantly share code, notes, and snippets.

@ikiw

ikiw/AssertionGeneration.java

Last active August 29, 2015 14:11
Show Gist options
  • Save ikiw/3b1985d22c01cd4a1946 to your computer and use it in GitHub Desktop.
Save ikiw/3b1985d22c01cd4a1946 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
AssertionGeneration.java
package com.sap.refapp;
import java.util.List;
import java.io.IOException;
import java.security.Principal;
import java.sql.CallableStatement;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.sap.core.jpaas.security.saml2.service.SAML2BearerAssertionData;
import com.sap.core.jpaas.security.saml2.service.SAML2BearerGenerationService;
import com.sap.security.um.service.UserManagementAccessor;
import com.sap.security.um.user.PersistenceException;
import com.sap.security.um.user.User;
import com.sap.security.um.user.UserProvider;
/**
* Servlet implementation class AssertGen
*/
public class AssertGen extends HttpServlet {
private static final long serialVersionUID = 1L;
private String assertion = null;
/**
* @see HttpServlet#HttpServlet()
*/
public AssertGen() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
Principal userPrincipal = request.getUserPrincipal();
String fname,lname,mail;
String userName = request.getRemoteUser();
User user = null;
try {
UserProvider userProvider = UserManagementAccessor.getUserProvider();
user = userProvider.getUser(userName);
} catch (PersistenceException e) {
e.printStackTrace();
}
try{
fname = user.getAttribute("firstname");
lname = user.getAttribute("lastname");
mail = user.getAttribute("email");
response.getWriter().println("Hello!" + userName + fname + lname + mail);
SAML2BearerAssertionData data = new SAML2BearerAssertionData();
Map<String, List<Object>> attributes = new HashMap<String, List<Object>>();
data.setRecepientURI("http://example.com");
data.setUserId(userName);
List<Object> attValues = new ArrayList<Object>();
attValues.add("TestName");
attributes.put("testname", attValues);
data.setAttributes(attributes);
data.setAudience("http://hostname:port/");
data.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
data.setAssertionIssuer("<App certificate entityID>");
SAML2BearerGenerationService service = SAML2BearerGenerationService.getInstance();
response.getWriter().println("Generate Token");
assertion = service.generateBearerAsserion(data);
response.getWriter().println("SAML Token: " + assertion);
String dbUser = establishConnection();
response.getWriter().println("Database User : " + dbUser);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
}
public String establishConnection(){
String result = null;
try{
Class.forName("com.sap.db.jdbc.Driver");
java.sql.Connection conn = java.sql.DriverManager.getConnection("jdbc:sap://<hostname>:30015","",assertion);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT CURRENT_USER FROM SYS.M_DATABASE");
if(rs.next()){
result = rs.getString("CURRENT_USER");
}
stmt.close();
conn.close();
}catch(Exception e){
System.out.println("Exception: " + e);
}
return result;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment