}
context.getInferredSecurityPolicy().append(sig.getPolicy());
return sig;
}
case SAML_ASSERTION_ELEMEMENT :{
SAMLAssertion samlAssertion = new SAMLAssertion(message,context,null,(HashMap) currentParentNS);
context.getSecurityContext().getProcessedSecurityHeaders().add(samlAssertion);
if(samlAssertion.isHOK()){
samlAssertion.validateSignature();
}
samlAssertion.validate(context);
samlAssertion.getKey();
// Set in the extraneous property only if not already set
// workaround in the case where there are two HOK assertions in the request
if(context.getExtraneousProperty(MessageConstants.INCOMING_SAML_ASSERTION) == null && samlAssertion.isHOK() ){
context.getExtraneousProperties().put(MessageConstants.INCOMING_SAML_ASSERTION,samlAssertion);
}
if(context.isTrustMessage() && !context.isClient()){
IssuedTokenContext ctx = null;
if(context.getTrustContext() == null){
ctx = new IssuedTokenContextImpl();
ctx.setAuthnContextClass(MessageConstants.PREVIOUS_SESSION_AUTH_TYPE);
context.setTrustContext(ctx);
}else{
ctx = context.getTrustContext();
if(ctx.getAuthnContextClass() != null){
ctx.setAuthnContextClass(MessageConstants.PREVIOUS_SESSION_AUTH_TYPE);
context.setTrustContext(ctx);
}
}
} else if(!context.isTrustMessage()){
context.getInferredSecurityPolicy().append(samlAssertion.getPolicy());
}
return samlAssertion;
}
default:{
GenericSecuredHeader gsh = new GenericSecuredHeader(message,null,creator, (HashMap) currentParentNS,staxIF, context.getEncHeaderContent());