Package org.apache.ws.security.validate

Examples of org.apache.ws.security.validate.Credential

245
246
247
248
249
250
251
252
253
254
255
256
257
       
        // Validate Signature against profiles
        validateSignatureAgainstProfiles(signature, samlKeyInfo);

        // Now verify trust on the signature
        Credential trustCredential = new Credential();
        trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
        trustCredential.setCertificates(samlKeyInfo.getCerts());

        try {
            signatureValidator.validate(trustCredential, requestData);
        } catch (WSSecurityException e) {
            LOG.log(Level.FINE, "Error in validating signature on SAML Response: " + e.getMessage(), e);
View Full Code Here
300
301
302
303
304
305
306
307
308
309
310
311
        AssertionWrapper assertion,
        Crypto sigCrypto,
        CallbackHandler callbackHandler,
        Document doc
    ) throws WSSecurityException {
        Credential credential = new Credential();
        credential.setAssertion(assertion);
       
        RequestData requestData = new RequestData();
        requestData.setSigCrypto(sigCrypto);
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        requestData.setWssConfig(wssConfig);
View Full Code Here
132
133
134
135
136
137
138
139
140
141
142
143
                assertion.parseHOKSubject(data, null);
            } else if (getTLSCertificates(message) == null) {
                throwFault("Assertion must be signed", null);
            }
            if (samlValidator != null) {
                Credential credential = new Credential();
                credential.setAssertion(assertion);
                samlValidator.validate(credential, data);
            }
               
           
            checkSubjectConfirmationData(message, assertion);
View Full Code Here
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
               
                // Validate the assertion against schemas/profiles
                validateAssertion(assertion);

                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
   
                trustCredential = validator.validate(trustCredential, requestData);

                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;
                if (trustCredential.getCertificates() != null) {
                    cert = trustCredential.getCertificates()[0];
                }
               
                if (!certConstraints.matches(cert)) {
                    return response;
                }
View Full Code Here
21
22
23
24
25
26
27
28
29
30
31
32
*/
public class ServerSamlValidator extends SamlAssertionValidator {
   
    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
        AssertionWrapper assertion = validatedCredential.getAssertion();
       
        if (!"alice".equals(assertion.getIssuerString())) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
View Full Code Here
23
24
25
26
27
28
29
30
31
32
33
    }

    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException
    {
        Credential returnedCredential = super.validate(credential, data);

        //
        // Do some custom validation on the assertion
        //
        AssertionWrapper assertion = credential.getAssertion();
View Full Code Here
17
18
19
20
21
22
23
24
25
26
27
/**
*/
public class UTValidator extends STSTokenValidator {
   
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
       
        // Assert the IssuedToken policy
        SoapMessage message = (SoapMessage)data.getMsgContext();
        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
        Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
View Full Code Here
36
37
38
39
40
41
42
43
44
45
46
47
*/
public class CustomSaml2Validator extends SamlAssertionValidator {
   
    @Override
    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential validatedCredential = super.validate(credential, data);
        AssertionWrapper assertion = validatedCredential.getAssertion();
       
        if (!"sts".equals(assertion.getIssuerString())) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
        }
       
View Full Code Here
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
               
                // Validate the assertion against schemas/profiles
                validateAssertion(assertion);

                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
   
                validator.validate(trustCredential, requestData);

                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;
                if (trustCredential.getCertificates() != null) {
                    cert = trustCredential.getCertificates()[0];
                }
               
                if (!certConstraints.matches(cert)) {
                    return response;
                }
View Full Code Here
32
33
34
35
36
37
38
39
40
41
        throws WSSecurityException {
        SignatureTrustValidator validator = new SignatureTrustValidator();
        RequestData data = new RequestData();
        data.setSigCrypto(crypto);
       
        Credential trustCredential = new Credential();
        trustCredential.setPublicKey(publicKey);
        trustCredential.setCertificates(new X509Certificate[]{cert});
        validator.validate(trustCredential, data);
    }
View Full Code Here
TOP

Related Classes of org.apache.ws.security.validate.Credential

  • demo.secure_greeter.server.ServerSamlValidator
  • org.apache.cxf.fediz.core.saml.SamlAssertionValidator
  • org.apache.cxf.fediz.core.saml.SAMLTokenValidator
  • org.apache.cxf.rs.security.common.TrustValidator
  • org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler
  • org.apache.cxf.rs.security.saml.AbstractSamlInHandler
  • org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator
  • org.apache.cxf.sts.token.validator.SAMLTokenValidator
  • org.apache.cxf.sts.token.validator.UsernameTokenValidator
  • org.apache.cxf.sts.token.validator.X509TokenValidator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.