text/richtext                  rtx              # Rich Text File
text/tab-separated-values      tsv              #
text/x-setext                  etx              #
text/x-sgml                    sgml sgm         # SGML Document
video/mpeg                     mpeg mpg mpe     # MPEG Movie File
video/quicktime                qt mov           # Quicktime Movie File

  <mime-type type="text/richtext">
    <glob pattern="*.rtx"/>
  </mime-type>

  <mime-type type="text/rtp-enc-aescm128"/>
  <mime-type type="text/rtx"/>
  <mime-type type="text/sgml">
    <glob pattern="*.sgml"/>
    <glob pattern="*.sgm"/>
  </mime-type>
  <mime-type type="text/t140"/>
  <mime-type type="text/tab-separated-values">
    <glob pattern="*.tsv"/>
  </mime-type>

    public String toString() {
        return "{" + getUserId() + "}";
    }

    @Override
    public String getUserId() {
        return nameId;
    }

    /**
     * Gets the SAML user.
     * @return The SAML user.
     */
    public SamlUser getUser() {
        return new SamlUser(nameId, sessionIndex, nameIdFormat, nameidNameQualifier, nameidSPNameQualifier, getDefaultGroupsAsArray(),

import jakarta.servlet.http.HttpSession;

/**
 * Authenticator for SAML.
 */
public class SamlAuthenticator implements SsoAuthenticator {

    /**
     * Constructor.
     */
    public SamlAuthenticator() {
        super();
    }

    private static final Logger logger = LogManager.getLogger(SamlAuthenticator.class);

    /**
     * The prefix for SAML properties.
     */

 * such as metadata requests and logout actions.
 */
public enum SsoResponseType {
    /**
     * Indicates a request for SSO metadata, which is typically used for
     * configuration and discovery in protocols like SAML.
     */
    METADATA,

    /**
     * Indicates a request to perform a logout operation, terminating the
     * user's SSO session.
     */
    LOGOUT;

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 * either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.sso.saml;

import org.codelibs.fess.unit.UnitFessTestCase;

public class SamlAuthenticatorTest extends UnitFessTestCase {

    @Override
    public void setUp() throws Exception {
        super.setUp();
    }

    // Test full integration scenarios
    public void test_fullScenario_ssoEnabled() {
        currentSsoType = "saml";
        final LoginCredential expectedCredential = new TestLoginCredential("samluser");
        final ActionResponse expectedResponse = HtmlResponse.asEmptyBody();
        final String expectedLogoutUrl = "https://saml.example.com/logout";

        testAuthenticator.setLoginCredential(expectedCredential);

	if count > 0 {
		lrg := XferStats{
			Avg:  lavg / float64(count),
			Curr: lcurr / float64(count),
			Peak: lpeak,
		}
		sml := XferStats{
			Avg:  savg / float64(count),
			Curr: scurr / float64(count),
			Peak: speak,
		}
		qs.XferStats[Large] = lrg
		qs.XferStats[Small] = sml
		qs.XferStats[Total] = XferStats{
			Avg:  (savg + lavg) / float64(count),
			Curr: (lcurr + scurr) / float64(count),

        }
    }

    public void test_throwAndCatchWithCause() {
        // Test throwing and catching the exception with cause
        String expectedMessage = "SAML assertion validation failed";
        Exception expectedCause = new IllegalStateException("Invalid SAML response");

        try {
            throw new SsoProcessException(expectedMessage, expectedCause);
        } catch (SsoProcessException e) {

 * Interface for SSO (Single Sign-On) authenticator implementations.
 *
 * This interface defines the contract for SSO authentication providers that can be
 * integrated with Fess. Implementations handle specific SSO protocols like SAML,
 * OAuth, SPNEGO, or other authentication mechanisms. Each authenticator is responsible
 * for obtaining login credentials, resolving user information, and managing SSO
 * lifecycle operations like logout and metadata exchange.