Package org.apache.ws.security.saml.ext

Examples of org.apache.ws.security.saml.ext.AssertionWrapper

915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
            samlParms.setSAMLVersion(SAMLVersion.VERSION_11);
        } else if (token.isUseSamlVersion20Profile11()) {
            samlParms.setSAMLVersion(SAMLVersion.VERSION_20);
        }
        info.setAsserted(true);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
       
        boolean selfSignAssertion =
            MessageUtils.getContextualBoolean(
                message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
            );
        if (selfSignAssertion) {
            Crypto crypto = getSignatureCrypto(null);
           
            String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
            String user = (String)message.getContextualProperty(userNameKey);
            if (crypto != null && StringUtils.isEmpty(user)) {
                try {
                    user = crypto.getDefaultX509Identifier();
                } catch (WSSecurityException e1) {
                    throw new Fault(e1);
                }
            }
            if (StringUtils.isEmpty(user)) {
                policyNotAsserted(token, "No username found.");
                return null;
            }
   
            String password = getPassword(user, token, WSPasswordCallback.SIGNATURE);
        
            // TODO configure using a KeyValue here
            assertion.signAssertion(user, password, crypto, false);
        }
       
        return assertion;
    }
View Full Code Here
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
            if (p != null && isSecurityContextPrincipal(p, wsResult)) {
                msg.put(PRINCIPAL_RESULT, p);
                if (!utWithCallbacks) {
                    WSS4JTokenConverter.convertToken(msg, p);
                }
                AssertionWrapper receivedAssertion = null;
               
                List<String> roles = null;
                if (o.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) != null) {
                    String roleAttributeName = (String)msg.getContextualProperty(
                            SecurityConstants.SAML_ROLE_ATTRIBUTENAME);
                    if (roleAttributeName == null || roleAttributeName.length() == 0) {
                        roleAttributeName = SAML_ROLE_ATTRIBUTENAME_DEFAULT;
                    }
                    receivedAssertion =
                        (AssertionWrapper) o.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                    if (receivedAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
                        roles = this.parseRolesInAssertion(receivedAssertion.getSaml2(), roleAttributeName);
                    } else {
                        roles = this.parseRolesInAssertion(receivedAssertion.getSaml1(), roleAttributeName);
                    }
                    msg.put(SecurityContext.class, createSecurityContext(p, roles));
                } else {
                    msg.put(SecurityContext.class, createSecurityContext(p));
                }
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
            EncryptedData encryptedData = assertion.getEncryptedData();
            Element encryptedDataDOM = encryptedData.getDOM();
           
            Element decAssertion = decryptAssertion(encryptedDataDOM, sigCrypto, callbackHandler);
           
            AssertionWrapper wrapper = new AssertionWrapper(decAssertion);
            samlResponse.getAssertions().add(wrapper.getSaml2());
        }

        // Validate Assertions
        for (org.opensaml.saml2.core.Assertion assertion : samlResponse.getAssertions()) {
            AssertionWrapper wrapper = new AssertionWrapper(assertion);
            validateAssertion(wrapper, sigCrypto, callbackHandler, doc);
        }
    }
View Full Code Here
161
162
163
164
165
166
167
168
169
170
171
        validateResponseAgainstSchemas(samlResponse);
        validateResponseSignature(samlResponse, sigCrypto, callbackHandler);

        // Validate Assertions
        for (org.opensaml.saml1.core.Assertion assertion : samlResponse.getAssertions()) {
            AssertionWrapper wrapper = new AssertionWrapper(assertion);
            validateAssertion(
                wrapper, sigCrypto, callbackHandler, samlResponse.getDOM().getOwnerDocument()
            );
        }
    }
View Full Code Here
168
169
170
171
172
173
174
175
176
177
178
        signedActions.add(WSConstants.UT_SIGN);
        List<WSSecurityEngineResult> signedResults =
            WSS4JUtils.fetchAllActionResults(results, signedActions);
       
        for (WSSecurityEngineResult samlResult : samlResults) {
            AssertionWrapper assertionWrapper =
                (AssertionWrapper)samlResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
           
            TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
            Certificate[] tlsCerts = null;
            if (tlsInfo != null) {
View Full Code Here
103
104
105
106
107
108
109
110
111
112
113
        }        
    }
   
    protected void validateToken(Message message, Element element, String clientId) {
       
        AssertionWrapper wrapper = toWrapper(element);
        // The common SAML assertion validation:
        // signature, subject confirmation, etc
        super.validateToken(message, wrapper);
       
        // This is specific to OAuth2 path
View Full Code Here
242
243
244
245
246
247
248
249
250
251
252
253
254
                if (foundCert.equals(cert)) {
                    return i;
                }
            } else if (actInt.intValue() == WSConstants.ST_SIGNED
                || actInt.intValue() == WSConstants.ST_UNSIGNED) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
                if (samlKeyInfo != null) {
                    X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
                    PublicKey subjectPublicKey = samlKeyInfo.getPublicKey();
                    if ((cert != null && subjectCerts != null
                        && cert.equals(subjectCerts[0]))
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
            reportError("INVALID_RELAY_STATE");
            return false;
        }
        try {
            String assertion = responseState.getAssertion();
            AssertionWrapper assertionWrapper =
                new AssertionWrapper(
                    StaxUtils.read(new StringReader(assertion)).getDocumentElement());
            setSecurityContext(m, assertionWrapper);
        } catch (Exception ex) {
            reportError("INVALID_RESPONSE_STATE");
            return false;
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
                continue;
            }
           
            // All of the received SAML Assertions must conform to the policy
            for (WSSecurityEngineResult result : samlResults) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
               
                if (!checkVersion(samlToken, assertionWrapper)) {
                    ai.setNotAsserted("Wrong SAML Version");
                    continue;
View Full Code Here
367
368
369
370
371
372
373
374
375
376
377
378
379
                if (foundCert.equals(cert)) {
                    return token;
                }
            } else if (actInt.intValue() == WSConstants.ST_SIGNED
                || actInt.intValue() == WSConstants.ST_UNSIGNED) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
                if (samlKeyInfo != null) {
                    X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
                    PublicKey subjectPublicKey = samlKeyInfo.getPublicKey();
                    if ((cert != null && subjectCerts != null
                        && cert.equals(subjectCerts[0]))
View Full Code Here
TOP

Related Classes of org.apache.ws.security.saml.ext.AssertionWrapper

  • com.eviware.soapui.impl.wsdl.support.wss.entries.AutomaticSAMLEntry
  • org.apache.cxf.fediz.core.FederationProcessorTest
  • org.apache.cxf.fediz.core.saml.SAMLTokenValidator
  • org.apache.cxf.fediz.core.SAMLTokenValidatorOldTest
  • org.apache.cxf.fediz.service.idp.beans.STSClientAction
  • org.apache.cxf.fediz.service.idp.STSAuthenticationProvider
  • org.apache.cxf.fediz.sts.realms.ITCrossRealmTest
  • org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthHandler
  • org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler
  • org.apache.cxf.rs.security.saml.AbstractSamlInHandler
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.