Package org.apache.wss4j.common.saml.bean

Examples of org.apache.wss4j.common.saml.bean.ConditionsBean

455
456
457
458
459
460
461
462
463
464
465
            }
        }
       
        // Get the Subject and Conditions
        SubjectBean subjectBean = subjectProvider.getSubject(tokenParameters, doc, secret);
        ConditionsBean conditionsBean = conditionsProvider.getConditions(tokenParameters);
       
        // Set all of the beans on the SamlCallbackHandler
        SamlCallbackHandler handler = new SamlCallbackHandler();
        handler.setTokenProviderParameters(tokenParameters);
        handler.setSubjectBean(subjectBean);
View Full Code Here
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
    /**
     * Get a ConditionsBean object.
     */
    public ConditionsBean getConditions(TokenProviderParameters providerParameters) {
        ConditionsBean conditions = new ConditionsBean();
       
        Lifetime tokenLifetime = providerParameters.getTokenRequirements().getLifetime();
        if (lifetime > 0) {
            if (acceptClientLifetime && tokenLifetime != null
                && tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
                try {
                    XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
                    Date creationTime = fmt.parse(tokenLifetime.getCreated());
                    Date expirationTime = fmt.parse(tokenLifetime.getExpires());
                    if (creationTime == null || expirationTime == null) {
                        LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
                        throw new STSException(
                            "Error in parsing Timestamp Created or Expiration Strings",
                            STSException.INVALID_TIME
                        );
                    }
                   
                    // Check to see if the created time is in the future
                    Date validCreation = new Date();
                    long currentTime = validCreation.getTime();
                    if (futureTimeToLive > 0) {
                        validCreation.setTime(currentTime + futureTimeToLive * 1000L);
                    }
                    if (creationTime.after(validCreation)) {
                        LOG.fine("The Created Time is too far in the future");
                        throw new STSException(
                            "The Created Time is too far in the future", STSException.INVALID_TIME
                        );
                    }
                   
                    long requestedLifetime = expirationTime.getTime() - creationTime.getTime();
                    if (requestedLifetime > (getMaxLifetime() * 1000L)) {
                        StringBuilder sb = new StringBuilder();
                        sb.append("Requested lifetime [").append(requestedLifetime / 1000L);
                        sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
                        sb.append(" sec]");
                        LOG.warning(sb.toString());
                        if (isFailLifetimeExceedance()) {
                            throw new STSException("Requested lifetime exceeds maximum lifetime",
                                    STSException.INVALID_TIME);
                        } else {
                            expirationTime.setTime(creationTime.getTime() + (getMaxLifetime() * 1000L));
                        }
                    }
                   
                    DateTime creationDateTime = new DateTime(creationTime.getTime());
                    DateTime expirationDateTime = new DateTime(expirationTime.getTime());
                   
                    conditions.setNotAfter(expirationDateTime);
                    conditions.setNotBefore(creationDateTime);
                } catch (ParseException e) {
                    LOG.warning("Failed to parse life time element: " + e.getMessage());
                    conditions.setTokenPeriodSeconds(lifetime);
                }
               
            } else {
                conditions.setTokenPeriodSeconds(lifetime);
            }
        } else {
            conditions.setTokenPeriodMinutes(5);
        }
       
        List<AudienceRestrictionBean> audienceRestrictions = createAudienceRestrictions(providerParameters);
        if (audienceRestrictions != null && !audienceRestrictions.isEmpty()) {
            conditions.setAudienceRestrictions(audienceRestrictions);
        }
       
        return conditions;
    }
View Full Code Here
252
253
254
255
256
257
258
259
260
261
262
            attrBeanList.add(attributeBean);
        }

        // Get the Subject and Conditions
        SubjectBean subjectBean = subjectProvider.getSubject(tokenParameters, doc, secret);
        ConditionsBean conditionsBean = conditionsProvider.getConditions(tokenParameters);

        // Set all of the beans on the SamlCallbackHandler
        SamlCallbackHandler handler = new SamlCallbackHandler();
        handler.setTokenProviderParameters(tokenParameters);
        handler.setSubjectBean(subjectBean);
View Full Code Here
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
        callbackHandler.setIssuer("http://cxf.apache.org/issuer");
        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
       
        callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
       
        ConditionsBean conditions = new ConditionsBean();
        conditions.setNotBefore(new DateTime());
        conditions.setNotAfter(new DateTime().plusMinutes(5));
       
        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
        audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org"));
        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
        callbackHandler.setConditions(conditions);
       
        SAMLCallback samlCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
        SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
View Full Code Here
508
509
510
511
512
513
514
515
516
517
518
        }
       
    }
   
    private void createNewConditions(SamlAssertionWrapper assertion, TokenRenewerParameters tokenParameters) {
        ConditionsBean conditions =
            conditionsProvider.getConditions(convertToProviderParameters(tokenParameters));
       
        if (assertion.getSaml1() != null) {
            org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
            saml1Assertion.setIssueInstant(new DateTime());
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
            callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
            callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
            callbackHandler.setIssuer("www.example.com");
            callbackHandler.setSignAssertion(false);

            ConditionsBean conditions = new ConditionsBean();
            conditions.setTokenPeriodMinutes(5);
            callbackHandler.setConditions(conditions);

            InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            String action = WSHandlerConstants.SAML_TOKEN_UNSIGNED;
            Properties properties = new Properties();
View Full Code Here
219
220
221
222
223
224
225
226
227
228
229
230
231
            callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
            callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
            callbackHandler.setIssuer("www.example.com");
            callbackHandler.setSignAssertion(false);

            ConditionsBean conditions = new ConditionsBean();
            conditions.setTokenPeriodMinutes(5);
            conditions.setOneTimeUse(true);
            callbackHandler.setConditions(conditions);

            InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            String action = WSHandlerConstants.SAML_TOKEN_UNSIGNED;
            Properties properties = new Properties();
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
            securityProperties.setActions(actions);
            SAMLCallbackHandlerImpl callbackHandler = new SAMLCallbackHandlerImpl();
            callbackHandler.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
            callbackHandler.setIssuer("www.example.com");

            ConditionsBean conditions = new ConditionsBean();
            DateTime notBefore = new DateTime();
            conditions.setNotBefore(notBefore);
            DateTime notAfter = notBefore.plusMinutes(20);
            conditions.setNotAfter(notAfter);
            callbackHandler.setConditions(conditions);

            securityProperties.setSamlCallbackHandler(callbackHandler);
            securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
            securityProperties.setSignatureUser("transmitter");
View Full Code Here
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
            SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
            callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
            callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
            callbackHandler.setIssuer("www.example.com");

            ConditionsBean conditions = new ConditionsBean();
            DateTime notBefore = new DateTime();
            conditions.setNotBefore(notBefore);
            DateTime notAfter = notBefore.plusMinutes(20);
            conditions.setNotAfter(notAfter);
            callbackHandler.setConditions(conditions);

            InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            String action = WSHandlerConstants.SAML_TOKEN_SIGNED;
            Properties properties = new Properties();
View Full Code Here
177
178
179
180
181
182
183
184
185
186
187
188
189
190
        {
            SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
            callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
            callbackHandler.setIssuer("www.example.com");

            ConditionsBean conditions = new ConditionsBean();
            DateTime notBefore = new DateTime();
            conditions.setNotBefore(notBefore.minusMinutes(5));
            conditions.setNotAfter(notBefore.minusMinutes(3));
            callbackHandler.setConditions(conditions);

            InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            String action = WSHandlerConstants.SAML_TOKEN_SIGNED;
            Properties properties = new Properties();
View Full Code Here
TOP

Related Classes of org.apache.wss4j.common.saml.bean.ConditionsBean

  • org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidatorTest
  • org.apache.cxf.sts.token.provider.DefaultConditionsProvider
  • org.apache.cxf.sts.token.provider.SAMLTokenProvider
  • org.apache.cxf.sts.token.renewer.SAMLTokenRenewer
  • org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler
  • org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler2
  • org.apache.cxf.systest.jaxrs.security.saml.SamlCallbackHandler
  • org.apache.cxf.systest.sts.secure_conv.SCTSAMLTokenProvider
  • org.apache.cxf.systest.ws.saml.SamlTokenTest
  • org.apache.cxf.systest.ws.saml.StaxSamlTokenTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.