Examples of org.apache.wss4j.dom.message.WSSecSAMLToken

• org.apache.wss4j.dom.message.WSSecSAMLToken
  Builds a WS SAML Assertion and inserts it into the SOAP Envelope. Refer to the WS specification, SAML Token profile

            SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);

            Crypto crypto = CryptoFactory.getInstance("saml/saml-signed.properties");
            samlAssertion.signAssertion("transmitter", "default", crypto, false);

            WSSecSAMLToken wsSign = new WSSecSAMLToken();

            Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader secHeader = new WSSecHeader();
            secHeader.insertSecurityHeader(doc);

            Document securedDocument = wsSign.build(doc, samlAssertion, secHeader);

            //some test that we can really sure we get what we want from WSS4J
            NodeList nodeList = securedDocument.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
            Assert.assertEquals(nodeList.getLength(), 1);
            Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());

public class SAMLTokenUnsignedAction implements Action {

    public void execute(WSHandler handler, SecurityActionToken actionToken,
                        Document doc, RequestData reqData)
            throws WSSecurityException {
        WSSecSAMLToken builder = new WSSecSAMLToken(reqData.getWssConfig());

        CallbackHandler samlCallbackHandler =
                handler.getCallbackHandler(
                    WSHandlerConstants.SAML_CALLBACK_CLASS,
                    WSHandlerConstants.SAML_CALLBACK_REF,
                    reqData
                );
        if (samlCallbackHandler == null) {
            throw new WSSecurityException(
                WSSecurityException.ErrorCode.FAILURE,
                "noSAMLCallbackHandler"
            );
        }
        SAMLCallback samlCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);

        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
        if (samlCallback.isSignAssertion()) {
            samlAssertion.signAssertion(
                samlCallback.getIssuerKeyName(),
                samlCallback.getIssuerKeyPassword(),
                samlCallback.getIssuerCrypto(),
                samlCallback.isSendKeyValue(),
                samlCallback.getCanonicalizationAlgorithm(),
                samlCallback.getSignatureAlgorithm()
            );
        }

        // add the SAMLAssertion Token to the SOAP Envelope
        builder.build(doc, samlAssertion, reqData.getSecHeader());
    }