- if (conf.isEnabled(SPConfig::OutOfProcess)) {
- // When out of process, we run natively and directly process the message.
- // RelayState will be fully handled during message processing.
- string relayState, providerId;
- string key = processMessage(request.getApplication(), request, providerId, relayState);
- return sendRedirect(request, key.c_str(), providerId.c_str(), relayState.c_str());
- }
- else {
- // When not out of process, we remote all the message processing.
- DDF in = wrap(request);
- DDFJanitor jin(in);
- in.addmember("application_id").string(request.getApplication().getId());
- DDF out=request.getServiceProvider().getListenerService()->send(in);
- DDFJanitor jout(out);
-
- // If it worked, we have a session key.
- if (!out["key"].isstring())
- throw FatalProfileException("Remote processing of SSO profile did not return a usable session key.");
+
+ try {
+ if (conf.isEnabled(SPConfig::OutOfProcess)) {
+ // When out of process, we run natively and directly process the message.
+ // RelayState will be fully handled during message processing.
+ string providerId;
+ string key = processMessage(request.getApplication(), request, providerId, relayState);
+ return sendRedirect(request, key.c_str(), providerId.c_str(), relayState.c_str());
+ }
+ else {
+ // When not out of process, we remote all the message processing.
+ DDF out,in = wrap(request);
+ DDFJanitor jin(in), jout(out);
+
+ in.addmember("application_id").string(request.getApplication().getId());
+ try {
+ out=request.getServiceProvider().getListenerService()->send(in);
+ }
+ catch (XMLToolingException& ex) {
+ // Try for RelayState recovery.
+ if (ex.getProperty("RelayState"))
+ relayState = ex.getProperty("RelayState");
+ try {
+ recoverRelayState(request, relayState);
+ }
+ catch (exception& ex2) {
+ m_log.error("trapped an error during RelayState recovery while handling an error: %s", ex2.what());
+ }
+ throw;
+ }
+
+ // We invoke RelayState recovery one last time on this side of the boundary.
+ if (out["RelayState"].isstring())
+ relayState = out["RelayState"].string();
+ recoverRelayState(request, relayState);
+
+ // If it worked, we have a session key.
+ if (!out["key"].isstring())
+ throw FatalProfileException("Remote processing of SSO profile did not return a usable session key.");