if (principal == null) {
LOG.fine("Error in getting principal");
throw new STSException("Error in getting principal", STSException.REQUEST_FAILED);
}
SubjectBean subjectBean =
new SubjectBean(principal.getName(), subjectNameQualifier, confirmationMethod);
LOG.fine("Creating new subject with principal name: " + principal.getName());
if (subjectNameIDFormat != null && subjectNameIDFormat.length() > 0) {
subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
}
if (STSConstants.SYMMETRIC_KEY_KEYTYPE.equals(keyType)) {
Crypto crypto = stsProperties.getEncryptionCrypto();
EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
String encryptionName = encryptionProperties.getEncryptionName();
if (encryptionName == null) {
// Fall back on the STS encryption name
encryptionName = stsProperties.getEncryptionUsername();
}
if (encryptionName == null) {
LOG.fine("No encryption Name is configured for Symmetric KeyType");
throw new STSException("No Encryption Name is configured", STSException.REQUEST_FAILED);
}
CryptoType cryptoType = null;
// Check for using of service endpoint (AppliesTo) as certificate identifier
if (STSConstants.USE_ENDPOINT_AS_CERT_ALIAS.equals(encryptionName)) {
if (providerParameters.getAppliesToAddress() == null) {
throw new STSException("AppliesTo is not initilaized for encryption name "
+ STSConstants.USE_ENDPOINT_AS_CERT_ALIAS);
}
cryptoType = new CryptoType(CryptoType.TYPE.ENDPOINT);
cryptoType.setEndpoint(providerParameters.getAppliesToAddress());
} else {
cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
cryptoType.setAlias(encryptionName);
}
try {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
if ((certs == null) || (certs.length == 0)) {
throw new STSException("Encryption certificate is not found for alias: " + encryptionName);
}
KeyInfoBean keyInfo =
createKeyInfo(certs[0], secret, doc, encryptionProperties, crypto);
subjectBean.setKeyInfo(keyInfo);
} catch (WSSecurityException ex) {
LOG.log(Level.WARNING, "", ex);
throw new STSException(ex.getMessage(), ex);
}
} else if (STSConstants.PUBLIC_KEY_KEYTYPE.equals(keyType)) {
ReceivedKey receivedKey = keyRequirements.getReceivedKey();
KeyInfoBean keyInfo = createKeyInfo(receivedKey.getX509Cert(), receivedKey.getPublicKey());
subjectBean.setKeyInfo(keyInfo);
}
return subjectBean;
}