@Override
public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
Credential validatedCredential = super.validate(credential, data);
AssertionWrapper assertion = validatedCredential.getAssertion();
Assertion saml2Assertion = assertion.getSaml2();
if (saml2Assertion == null) {
throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
}
List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements();
if (attributeStatements == null || attributeStatements.isEmpty()) {
throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
}
for (AttributeStatement statement : attributeStatements) {