Package org.jboss.identity.federation.api.saml.v2.metadata

Examples of org.jboss.identity.federation.api.saml.v2.metadata.SecurityActions


    * @throws GeneralSecurityException
    */
   public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState,
         PrivateKey signingKey) throws JAXBException, SAXException, IOException, GeneralSecurityException
   {
      SAML2Response saml2Response = new SAML2Response();
      
      // Deal with the original request
      StringWriter sw = new StringWriter();
      saml2Response.marshall(responseType, sw);
     
      //URL Encode the Request
      String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());
   
      String urlEncodedRelayState = null;
View Full Code Here


        
         //deal with SAML response from IDP
         byte[] base64DecodedResponse = Base64.decode(samlResponse);
         InputStream is = DeflateUtil.decode(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType;
         try
         {
            responseType = saml2Response.getResponseType(is);
         }
         catch (JAXBException e)
         {
            throw new ParsingException(e);
         }
View Full Code Here

        
         //Place the xacml statement in an assertion
         //Then the assertion goes inside a SAML Response
        
         String ID = IDGenerator.create("ID_");
         SAML2Response saml2Response = new SAML2Response();
         IssuerInfoHolder issuerInfo = new IssuerInfoHolder(this.issuer);
        
         AssertionType assertion = SAMLAssertionFactory.getObjectFactory().createAssertionType();
         assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(xacmlStatement);
         assertion.setID(ID);
         assertion.setVersion(JBossSAMLConstants.VERSION_2_0.get());
         assertion.setIssuer(issuerInfo.getIssuer());
        
         JAXBElement<?> jaxbResponse = JAXBElementMappingUtil.get(saml2Response.createResponseType(ID, issuerInfo, assertion));
        
         //Create a SOAP Envelope to hold the SAML response
         envelope = this.createEnvelope(jaxbResponse);
      }
      catch (JAXBException e)
View Full Code Here

  
   @Override
   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      SAML2Response saml2Response = new SAML2Response();
     
      ResponseType responseType =  super.getResponse(request, userPrincipal);
    
      //If there is a configuration to encrypt
      if(this.idpConfiguration.isEncrypt())
      {
         //Need to encrypt the assertion
         String sp = responseType.getDestination();
         if(sp == null)
            throw new IllegalStateException("Unable to handle encryption as SP url is null");
         try
         {
            URL spurl = new URL(sp);
            PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
            EncryptionType enc = idpConfiguration.getEncryption();
            if(enc == null)
               throw new IllegalStateException("EncryptionType not configured");
            String encAlgo = enc.getEncAlgo().value();
            int keyLength = enc.getKeySize();
            //Generate a key on the fly
            SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);
           
            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);
           
            Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()))
     
            String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
           
            QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
           
            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);
           
           
            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            // TODO Auto-generated catch block
            e.printStackTrace();
         }
         catch (JAXBException e)
         {
            throw new ParsingException(e);
         }
         catch (SAXException e)
         {
            throw new ParsingException(e);
         }
         catch (ParserConfigurationException e)
         {
            throw new ConfigurationException(e);
         }
         catch (IOException e)
         {
            throw new ProcessingException(e);
         }
         catch (TransformerFactoryConfigurationError e)
         {
            throw new ConfigurationException(e);
         }
         catch (TransformerException e)
         {
            throw new ProcessingException(e);
         }
         catch (Exception e)
         {
            throw new ProcessingException(e);
         }
      }
      //Lets see how the response looks like
      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Response.marshall(responseType, sw);
         }
         catch (JAXBException e)
         {
            log.trace(e);
         }
View Full Code Here

   protected ResponseType decryptAssertion(ResponseType responseType)
   throws IOException, GeneralSecurityException, ConfigurationException, ParsingException
   {
      try
      {
         SAML2Response saml2Response = new SAML2Response();
         PrivateKey privateKey = keyManager.getSigningKey();
        
         EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertionOrEncryptedAssertion().get(0);
         Document eetDoc = saml2Response.convert(myEET);
        
         Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);
        
         //Let us use the encrypted doc element to decrypt it
         return  saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));   
      }
      catch (JAXBException e)
      {
         throw new ConfigurationException(e);
      }
View Full Code Here

   {
      log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;    
     
      SAML2Response saml2Response = new SAML2Response();
           
      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
     
     
      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
     
      //Add timed conditions
      saml2Response.createTimedConditions(assertion, assertionValidity);
      //Lets see how the response looks like
      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Response.marshall(responseType, sw);
         }
         catch (JAXBException e)
         {
            log.trace(e);
         }
View Full Code Here

         PrivateKey signingKey) throws IOException, GeneralSecurityException
   {
      if(responseType == null)
         throw new IllegalArgumentException("reponseType is null");

      SAML2Response saml2Response = new SAML2Response();
      ByteArrayOutputStream baos = new ByteArrayOutputStream();
      try
      {
         saml2Response.marshall(responseType, baos);
      }
      catch (SAXException e1)
      {
         log.trace("Parsing Exception in sending response:",e1);
         throw new ParsingException("Parsing Exception in sending response:" , e1);
View Full Code Here

   public ResponseType getErrorResponse(String responseURL, String status,
         String identityURL)
   {
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(status);

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(null);
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(responseURL);
      try
      {
         responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
      }
      catch (ConfigurationException e1)
      {
         log.trace(e1);
         responseType = saml2Response.createResponseType();
      }

      log.debug("ResponseType = ");
      //Lets see how the response looks like
      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Response.marshall(responseType, sw);
         }
         catch (JAXBException e)
         {
            log.trace(e);
         }
View Full Code Here

        
         //deal with SAML response from IDP
         byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);
         InputStream is = new ByteArrayInputStream(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType = saml2Response.getResponseType(is);
                 
         this.isTrusted(responseType.getIssuer().getValue());
        
         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
View Full Code Here

            byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);
            InputStream is = new ByteArrayInputStream(base64DecodedResponse);

            try
            {
               SAML2Response saml2Response = new SAML2Response();
              
               ResponseType responseType = saml2Response.getResponseType(is);
              
               SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder();
              
               boolean validSignature = this.verifySignature(samlDocumentHolder);
              
               if(validSignature == false)
                  throw new IssuerNotTrustedException("Signature in saml document is invalid");
View Full Code Here

TOP

Related Classes of org.jboss.identity.federation.api.saml.v2.metadata.SecurityActions

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.