Examples of org.opensaml.xml.security.SecurityException

• org.opensaml.xml.security.SecurityException
  Base exception for security related errors.

    /** {@inheritDoc} */
    protected Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet) throws SecurityException {
        KeyInfoCriteria kiCriteria = criteriaSet.get(KeyInfoCriteria.class);
        if (kiCriteria == null) {
            log.error("No KeyInfo criteria supplied, resolver could not process");
            throw new SecurityException("Credential criteria set did not contain an instance of"
                    + "KeyInfoCredentialCriteria");
        }
        KeyInfo keyInfo = kiCriteria.getKeyInfo();

        // This will be the list of credentials to return.

            if (options.emitEntityCertificate && ! options.emitEntityCertificateChain) {
                try {
                    X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert);
                    x509Data.getX509Certificates().add(xmlCert);
                } catch (CertificateEncodingException e) {
                    throw new SecurityException("Error generating X509Certificate element "
                            + "from credential's end-entity certificate", e);
                }
            }

        }

                for (java.security.cert.X509Certificate javaCert : credential.getEntityCertificateChain()) {
                    try {
                        X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert);
                        x509Data.getX509Certificates().add(xmlCert);
                    } catch (CertificateEncodingException e) {
                        throw new SecurityException("Error generating X509Certificate element "
                                + "from a certificate in credential's certificate chain", e);
                    }
                }
            }
        }

                for (java.security.cert.X509CRL javaCRL : credential.getCRLs()) {
                    try {
                        X509CRL xmlCRL = KeyInfoHelper.buildX509CRL(javaCRL);
                        x509Data.getX509CRLs().add(xmlCRL);
                    } catch (CRLException e) {
                        throw new SecurityException("Error generating X509CRL element "
                                + "from a CRL in credential's CRL list", e);
                    }
                }
            }
        }

        List<X509CRL> crls = null;
        try {
            crls = KeyInfoHelper.getCRLs(x509Data);
        } catch (CRLException e) {
            log.error("Error extracting CRL's from X509Data", e);
            throw new SecurityException("Error extracting CRL's from X509Data", e);
        }

        log.debug("Found {} X509CRLs", crls.size());
        return crls;
    }

        List<X509Certificate> certs = null;
        try {
            certs = KeyInfoHelper.getCertificates(x509Data);
        } catch (CertificateException e) {
            log.error("Error extracting certificates from X509Data", e);
            throw new SecurityException("Error extracting certificates from X509Data", e);
        }
        log.debug("Found {} X509Certificates", certs.size());
        return certs;
    }

                        + X509Util.getIdentifiersToken(untrustedCredential, x500DNHandler) + ": " + e.getMessage());
            }
            return false;
        } catch (GeneralSecurityException e) {
            log.error("PKIX validation failure", e);
            throw new SecurityException("PKIX validation failure", e);
        }
    }

                roles.add(roleDescriptor);
                return roles;
            }
        } catch (MetadataProviderException e) {
            log.error("Unable to read metadata from provider", e);
            throw new SecurityException("Unable to read metadata provider", e);
        }
    }

        try {
            keyStoreEntry = keyStore.getEntry(entityID, keyPassword);
        } catch (UnrecoverableEntryException e) {
            log.error("Unable to retrieve keystore entry for entityID (keystore alias): " + entityID);
            log.error("Check for invalid keystore entityID/alias entry password");
            throw new SecurityException("Could not retrieve entry from keystore", e);
        } catch (GeneralSecurityException e) {
            log.error("Unable to retrieve keystore entry for entityID (keystore alias): " + entityID, e);
            throw new SecurityException("Could not retrieve entry from keystore", e);
        }

        if (keyStoreEntry == null) {
            log.debug("Keystore entry for entity ID (keystore alias) {} does not exist", entityID);
            return Collections.emptySet();

            credential = processTrustedCertificateEntry((KeyStore.TrustedCertificateEntry) keyStoreEntry, entityID,
                    keystoreUsage);
        } else if (keyStoreEntry instanceof KeyStore.SecretKeyEntry) {
            credential = processSecretKeyEntry((KeyStore.SecretKeyEntry) keyStoreEntry, entityID, keystoreUsage);
        } else {
            throw new SecurityException("KeyStore entry was of an unsupported type: "
                    + keyStoreEntry.getClass().getName());
        }
        return credential;
    }