Package org.apache.ws.security.saml.ext.bean

Examples of org.apache.ws.security.saml.ext.bean.ConditionsBean


   
    /**
     * Get a ConditionsBean object.
     */
    public ConditionsBean getConditions(String appliesToAddress, Lifetime tokenLifetime) {
        ConditionsBean conditions = new ConditionsBean();
        if (lifetime > 0) {
            if (acceptClientLifetime && tokenLifetime != null) {
                try {
                    XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
                    Date creationTime = fmt.parse(tokenLifetime.getCreated());
                    Date expirationTime = fmt.parse(tokenLifetime.getExpires());
                   
                    long requestedLifetime = expirationTime.getTime() - creationTime.getTime();
                    if (requestedLifetime > (getMaxLifetime() * 1000L)) {
                        StringBuilder sb = new StringBuilder();
                        sb.append("Requested lifetime [").append(requestedLifetime / 1000L);
                        sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
                        sb.append(" sec]");
                        LOG.warning(sb.toString());
                        if (isFailLifetimeExceedance()) {
                            throw new STSException("Requested lifetime exceeds maximum lifetime",
                                    STSException.INVALID_TIME);
                        } else {
                            expirationTime.setTime(creationTime.getTime() + (getMaxLifetime() * 1000L));
                        }
                    }
                   
                    DateTime creationDateTime = new DateTime(creationTime.getTime());
                    DateTime expirationDateTime = new DateTime(expirationTime.getTime());
                   
                    conditions.setNotAfter(expirationDateTime);
                    conditions.setNotBefore(creationDateTime);
                } catch (ParseException e) {
                    LOG.warning("Failed to parse life time element: " + e.getMessage());
                    conditions.setTokenPeriodMinutes((int)(lifetime / 60L));
                }
               
            } else {
                conditions.setTokenPeriodMinutes((int)(lifetime / 60L));
            }
        } else {
            conditions.setTokenPeriodMinutes(5);
        }
        conditions.setAudienceURI(appliesToAddress);
       
        return conditions;
    }
View Full Code Here


        // Make two invocations...should succeed
        saml2Port.doubleIt(25);
        saml2Port.doubleIt(25);
       
        // Now create a SAML Token with a "OneTimeUse" Condition
        ConditionsBean conditions = new ConditionsBean();
        conditions.setTokenPeriodMinutes(5);
        conditions.setOneTimeUse(true);
           
        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
        callbackHandler.setConditions(conditions);
       
        ((BindingProvider)saml2Port).getRequestContext().put(
View Full Code Here

        DoubleItPortType saml2Port =
                service.getPort(portQName, DoubleItPortType.class);
        updateAddressPort(saml2Port, PORT2);

        // Create a SAML Token with an AudienceRestrictionCondition
        ConditionsBean conditions = new ConditionsBean();
        List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<AudienceRestrictionBean>();
        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
        audienceRestriction.setAudienceURIs(Collections.singletonList(
            "https://localhost:" + PORT2 + "/DoubleItSaml2Transport2"));
        audienceRestrictions.add(audienceRestriction);
        conditions.setAudienceRestrictions(audienceRestrictions);
       
        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
        callbackHandler.setConditions(conditions);
        ((BindingProvider)saml2Port).getRequestContext().put(
            "ws-security.saml-callback-handler", callbackHandler
        );
       
        saml2Port.doubleIt(25);
       
        try {
            // Now use an "unknown" audience restriction
            audienceRestriction = new AudienceRestrictionBean();
            audienceRestriction.setAudienceURIs(Collections.singletonList(
                "https://localhost:" + PORT2 + "/DoubleItSaml2Transport2unknown"));
            audienceRestrictions.clear();
            audienceRestrictions.add(audienceRestriction);
            conditions.setAudienceRestrictions(audienceRestrictions);
            callbackHandler.setConditions(conditions);
           
            saml2Port.doubleIt(25);
            fail("Failure expected on unknown AudienceRestriction");
        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
View Full Code Here

    /**
     * Get a ConditionsBean object.
     */
    public ConditionsBean getConditions(TokenProviderParameters providerParameters) {
        ConditionsBean conditions = getConditions(
            providerParameters.getAppliesToAddress(),
            providerParameters.getTokenRequirements().getLifetime()
        );

        if (conditions != null) {
            List<AudienceRestrictionBean> audienceRestrictions =
                createAudienceRestrictions(providerParameters);
            if (audienceRestrictions != null && !audienceRestrictions.isEmpty()) {
                if (conditions.getAudienceRestrictions() != null) {
                    audienceRestrictions.addAll(conditions.getAudienceRestrictions());
                }
                conditions.setAudienceRestrictions(audienceRestrictions);
            }
        }

        return conditions;
    }
View Full Code Here

   
    /**
     * Get a ConditionsBean object.
     */
    public ConditionsBean getConditions(String appliesToAddress, Lifetime tokenLifetime) {
        ConditionsBean conditions = new ConditionsBean();
        if (lifetime > 0) {
            if (acceptClientLifetime && tokenLifetime != null
                && tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
                try {
                    XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
                    Date creationTime = fmt.parse(tokenLifetime.getCreated());
                    Date expirationTime = fmt.parse(tokenLifetime.getExpires());
                    if (creationTime == null || expirationTime == null) {
                        LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
                        throw new STSException(
                            "Error in parsing Timestamp Created or Expiration Strings",
                            STSException.INVALID_TIME
                        );
                    }
                   
                    // Check to see if the created time is in the future
                    Date validCreation = new Date();
                    long currentTime = validCreation.getTime();
                    if (futureTimeToLive > 0) {
                        validCreation.setTime(currentTime + futureTimeToLive * 1000L);
                    }
                    if (creationTime.after(validCreation)) {
                        LOG.fine("The Created Time is too far in the future");
                        throw new STSException(
                            "The Created Time is too far in the future", STSException.INVALID_TIME
                        );
                    }
                   
                    long requestedLifetime = expirationTime.getTime() - creationTime.getTime();
                    if (requestedLifetime > (getMaxLifetime() * 1000L)) {
                        StringBuilder sb = new StringBuilder();
                        sb.append("Requested lifetime [").append(requestedLifetime / 1000L);
                        sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
                        sb.append(" sec]");
                        LOG.warning(sb.toString());
                        if (isFailLifetimeExceedance()) {
                            throw new STSException("Requested lifetime exceeds maximum lifetime",
                                    STSException.INVALID_TIME);
                        } else {
                            expirationTime.setTime(creationTime.getTime() + (getMaxLifetime() * 1000L));
                        }
                    }
                   
                    DateTime creationDateTime = new DateTime(creationTime.getTime());
                    DateTime expirationDateTime = new DateTime(expirationTime.getTime());
                   
                    conditions.setNotAfter(expirationDateTime);
                    conditions.setNotBefore(creationDateTime);
                } catch (ParseException e) {
                    LOG.warning("Failed to parse life time element: " + e.getMessage());
                    conditions.setTokenPeriodMinutes((int)(lifetime / 60L));
                }
               
            } else {
                conditions.setTokenPeriodMinutes((int)(lifetime / 60L));
            }
        } else {
            conditions.setTokenPeriodMinutes(5);
        }
        if (appliesToAddress != null) {
            AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
            audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress));
            conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
        }
       
        return conditions;
    }
View Full Code Here

    public void testSAML1Conditions() throws Exception {
        SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
        callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("www.example.com");
       
        ConditionsBean conditions = new ConditionsBean();
        DateTime notBefore = new DateTime();
        conditions.setNotBefore(notBefore);
        conditions.setNotAfter(notBefore.plusMinutes(20));
        callbackHandler.setConditions(conditions);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
View Full Code Here

    public void testSAML2InvalidAfterConditions() throws Exception {
        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("www.example.com");
       
        ConditionsBean conditions = new ConditionsBean();
        DateTime notBefore = new DateTime();
        conditions.setNotBefore(notBefore.minusMinutes(5));
        conditions.setNotAfter(notBefore.minusMinutes(3));
        callbackHandler.setConditions(conditions);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
View Full Code Here

    public void testSAML2InvalidBeforeConditions() throws Exception {
        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("www.example.com");
       
        ConditionsBean conditions = new ConditionsBean();
        DateTime notBefore = new DateTime();
        conditions.setNotBefore(notBefore.plusMinutes(2));
        conditions.setNotAfter(notBefore.plusMinutes(5));
        callbackHandler.setConditions(conditions);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
View Full Code Here

    public void testSAML2FutureTTLConditions() throws Exception {
        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("www.example.com");
       
        ConditionsBean conditions = new ConditionsBean();
        DateTime notBefore = new DateTime();
        conditions.setNotBefore(notBefore.plusSeconds(30));
        conditions.setNotAfter(notBefore.plusMinutes(5));
        callbackHandler.setConditions(conditions);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
View Full Code Here

    public void testSAML2OneTimeUse() throws Exception {
        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("www.example.com");
       
        ConditionsBean conditions = new ConditionsBean();
        conditions.setTokenPeriodMinutes(5);
        conditions.setOneTimeUse(true);
           
        callbackHandler.setConditions(conditions);
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
View Full Code Here

TOP

Related Classes of org.apache.ws.security.saml.ext.bean.ConditionsBean

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.