Examples of org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType

• org.jboss.identity.federation.saml.v2.protocol.StatusType
  3.org/2001/XMLSchema}boolean" default="false" /> <attribute name="ReturnContext" type="{http://www.w3.org/2001/XMLSchema}boolean" default="false" /> </extension> </complexContent> </complexType>

            try
            {
               SAML2Response saml2Response = new SAML2Response();

               ResponseType responseType = saml2Response.getResponseType(is);

               SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder();

               boolean validSignature = this.verifySignature(samlDocumentHolder);

               if(validSignature == false)
                  throw new IssuerNotTrustedException("Signature in saml document is invalid");

               this.isTrusted(responseType.getIssuer().getValue());

               List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
               if(assertions.size() == 0)
                  throw new IllegalStateException("No assertions in reply from IDP");

               Object assertion = assertions.get(0);
               if(assertion instanceof EncryptedElementType)

   }

   protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
   {
      Document samlResponse = samlDocumentHolder.getSamlDocument();
      ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject();

      String issuerID = response.getIssuer().getValue();

      if(issuerID == null)
         throw new IssuerNotTrustedException("Issue missing");

      URL issuerURL;

      Document samlResponseDocument = null;

      if(trace)
         log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);


      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);

      //Add timed conditions

    */
   public Document getErrorResponse(String responseURL, String status,
         String identityURL, boolean supportSignature)
   {
      Document samlResponse = null;
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      subjectType.getContent().add(jaxbSubjectConfirmationType);

      assertionType.setSubject(subjectType);

      ResponseType responseType = createResponseType(ID, issuerInfo, assertionType);
      //InResponseTo ID
      responseType.setInResponseTo(sp.getRequestID());
      //Destination
      responseType.setDestination(responseDestinationURI);

      return responseType;
   }

    * @throws ConfigurationException
    */
   public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertionType)
   throws ConfigurationException
   {
      ResponseType responseType = SAMLProtocolFactory.getObjectFactory().createResponseType();
      responseType.setVersion(issuerInfo.getSamlVersion());

      //ID
      responseType.setID(ID);

      //Issuer
      NameIDType issuer = issuerInfo.getIssuer();
      responseType.setIssuer(issuer);

      //Status
      String statusCode = issuerInfo.getStatusCode();
      if(statusCode == null)
         throw new IllegalArgumentException("issuerInfo missing status code");

      responseType.setStatus(createStatusType(statusCode) );

      XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();

      //IssueInstant
      responseType.setIssueInstant(issueInstant);
      if(assertionType.getIssueInstant() == null)
         assertionType.setIssueInstant(issueInstant);

      responseType.getAssertionOrEncryptedAssertion().add(assertionType);
      return responseType;
   }

    * @param statusCodeURI
    * @return
    */
   public static StatusType createStatusType(String statusCodeURI)
   {
      StatusCodeType sct = SAMLProtocolFactory.getObjectFactory().createStatusCodeType();
      sct.setValue(statusCodeURI);

      StatusType statusType = SAMLProtocolFactory.getObjectFactory().createStatusType();
      statusType.setStatusCode(sct);
      return statusType;
   }

      if(request == null)
         throw new IllegalArgumentException("request is null");
      if(responseType == null)
         throw new IllegalArgumentException("response type is null");

      StatusType statusType = responseType.getStatus();
      if(statusType == null)
         throw new IllegalArgumentException("Status Type from the IDP is null");

      String statusValue = statusType.getStatusCode().getValue();
      if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
         throw new SecurityException("IDP forbid the user");

      List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
      if(assertions.size() == 0)

      if(request == null)
         throw new IllegalArgumentException("request is null");
      if(responseType == null)
         throw new IllegalArgumentException("response type is null");

      StatusType statusType = responseType.getStatus();
      if(statusType == null)
         throw new IllegalArgumentException("Status Type from the IDP is null");

      String statusValue = statusType.getStatusCode().getValue();
      if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
         throw new SecurityException("IDP forbid the user");

      List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
      if(assertions.size() == 0)

   public static StatusType createStatusType(String statusCodeURI)
   {
      StatusCodeType sct = SAMLProtocolFactory.getObjectFactory().createStatusCodeType();
      sct.setValue(statusCodeURI);

      StatusType statusType = SAMLProtocolFactory.getObjectFactory().createStatusType();
      statusType.setStatusCode(sct);
      return statusType;
   }