Examples of org.apache.ws.security.saml.SAMLKeyInfo

org.apache.ws.security.saml.SAMLKeyInfo
This holds key/cert information extracted from a SAML assertion

                signature.getCanonicalizationAlgorithm());
        
        // Verify Signature
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("client_certchain");
        SAMLKeyInfo keyInfo = new SAMLKeyInfo(issuerCrypto.getX509Certificates(cryptoType));
        
        Document doc = dbf.newDocumentBuilder().newDocument();
        
        Element assertionElement = assertion.toDOM(doc);
        doc.appendChild(assertionElement);

View Full Code Here

        Assert.assertTrue(assertionString.contains(customSignatureDigestAlgorithm));


        // Verify Signature
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("client_certchain");
        SAMLKeyInfo keyInfo = new SAMLKeyInfo(issuerCrypto.getX509Certificates(cryptoType));
        
        assertion = new AssertionWrapper(assertionElement);
        assertion.verifySignature(keyInfo);
    }

View Full Code Here

            // Parse the HOK subject if it exists
            assertion.parseHOKSubject(
                requestData, new WSDocInfo(((Element)tokenToRenew.getToken()).getOwnerDocument())
            );
        
            SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
            if (keyInfo == null) {
                keyInfo = new SAMLKeyInfo((byte[])null);
            }
            if (!popValidator.checkProofOfPossession(tokenParameters, keyInfo)) {
                throw new STSException(
                    "Failed to verify the proof of possession of the key associated with the "
                    + "saml token. No matching key found in the request.",

View Full Code Here

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getSecret() != null);
        
        bus.shutdown(true);
    }

View Full Code Here

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getCerts() != null);
        
        bus.shutdown(true);
    }

View Full Code Here

                // Validate the assertion against schemas/profiles
                validateAssertion(assertion);


                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
    
                validator.validate(trustCredential, requestData);


                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;

View Full Code Here

        private SecurityToken createSecurityToken(
            AssertionWrapper assertionWrapper
        ) {
            SecurityToken token = new SecurityToken(assertionWrapper.getId());


            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
            if (subjectKeyInfo != null) {
                token.setSecret(subjectKeyInfo.getSecret());
                X509Certificate[] certs = subjectKeyInfo.getCerts();
                if (certs != null && certs.length > 0) {
                    token.setX509Certificate(certs[0], null);
                }
            }
            if (assertionWrapper.getSaml1() != null) {

View Full Code Here

                    requestData, new WSDocInfo(validateTargetElement.getOwnerDocument())
                );


                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
    
                validator.validate(trustCredential, requestData);


                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;

View Full Code Here

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getSecret() != null);
    }

View Full Code Here

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getCerts() != null);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.ws.security.saml.SAMLKeyInfo

org.apache.cxf.fediz.core.saml.SamlAssertionValidator

org.apache.cxf.fediz.core.saml.SAMLTokenValidator

org.apache.cxf.fediz.core.saml.SAMLUtil

org.apache.cxf.fediz.service.sts.realms.SamlRealmCodec

org.apache.cxf.rs.security.saml.AbstractSamlInHandler

org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator

org.apache.cxf.sts.operation.IssueSamlUnitTest

org.apache.cxf.sts.token.renewer.SAMLTokenRenewer

org.apache.cxf.sts.token.validator.SAMLTokenValidator

org.apache.cxf.systest.sts.issueunit.IssueUnitTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.