Examples of com.sun.xml.wss.saml.Assertion

com.sun.xml.wss.saml.Assertion

This interface stands for Assertion element. An Assertion is a package of information that supplies one or more Statement made by an issuer. There are three kinds of assertions Authentication, Authorization Decision and Attribute assertion.

 <Assertion  AssertionID="1124370015917" IssueInstant="2005-08-18T18:30:15.917+05:30" Issuer="CN=Assertion Issuer,OU=AI,O=Assertion Issuer,L=Waltham,ST=MA,C=US" MajorVersion="1" MinorVersion="1" xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> <Conditions NotBefore="2005-08-16T13:21:50.503+05:30" NotOnOrAfter="2005-08-16T15:21:50.504+05:30"/> <Subject xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"> CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US </NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod> </SubjectConfirmation> </Subject> <Attribute AttributeName="attribute1" AttributeNamespace="urn:com:sun:xml:wss:attribute"> <AttributeValue>ATTRIBUTE1</AttributeValue> </Attribute> <Assertion>

                } else {
                    tokenElement = SAMLUtil.locateSamlAssertion (keyId,secureMessage.getSOAPPart ());
                }
                newElement = (Element)element.getOwnerDocument ().importNode (tokenElement, true);
                
                Assertion assertion = null; 
                try {
                    assertion = AssertionUtil.fromElement(tokenElement);
                } catch (Exception e) {
                    throw new XWSSecurityException (e);
                }

View Full Code Here

    }
    @SuppressWarnings("unchecked")
    private static Element resolveSAMLToken (SecurityTokenReference tokenRef, String assertionId,
            FilterProcessingContext context)throws XWSSecurityException {
       
        Assertion ret = (Assertion)context.getTokenCache().get(assertionId); 
        if (ret != null) {
            try {
                return SAMLUtil.toElement(context.getSecurableSoapMessage().getSOAPPart(), ret,null);
            } catch (Exception e) {
                throw new XWSSecurityException (e);

View Full Code Here

            //TODO handler saml, it should be a remote SAML Assertion
            // since a message from the sender cannot have the receivers assertion as part of message
            AuthenticationTokenPolicy.SAMLAssertionBinding samlBinding =
                    (AuthenticationTokenPolicy.SAMLAssertionBinding)keyBinding;
            
            Assertion assertion1 = null;
            Assertion assertion2 = null;
            
            try {
                if (System.getProperty("com.sun.xml.wss.saml.binding.jaxb") == null ) {
                    if (samlBinding.getAssertion().getAttributeNode("ID") != null) {
                        assertion1 = (Assertion)com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion.fromElement(samlBinding.getAssertion());

View Full Code Here

        if ("UsernameToken".equals(tokenName)) {
            // an UsernameToken: get the user name
            name = token.getElementsByTagName("Username").item(0).getFirstChild().getNodeValue();
        } else if ("Assertion".equals(tokenName)) {
            // an SAML assertion
            Assertion assertion = AssertionUtil.fromElement(token);


            com.sun.xml.wss.saml.Subject subject = null;
            NameID nameID = null;


            // SAML 2.0
            try {
                subject = assertion.getSubject();
            } catch (Exception ex) {
                subject = null;
            }


            if (subject != null) {
                nameID = subject.getNameId();
            }


            List<Object> statements = assertion.getStatements();
            for (Object s : statements) {
                if (s instanceof AttributeStatement) {
                    List<Attribute> samlAttrs = ((AttributeStatement) s).getAttributes();
                    for (Attribute samlAttr : samlAttrs) {
                        String attrName = samlAttr.getName();

View Full Code Here

                } else {
                    tokenElement = SAMLUtil.locateSamlAssertion (keyId,secureMessage.getSOAPPart ());
                }
                newElement = (Element)element.getOwnerDocument ().importNode (tokenElement, true);
                
                Assertion assertion = null; 
                try {
                    assertion = AssertionUtil.fromElement(tokenElement);
                } catch (Exception e) {
                    throw new XWSSecurityException (e);
                }

View Full Code Here

    }
    @SuppressWarnings("unchecked")
    private static Element resolveSAMLToken (SecurityTokenReference tokenRef, String assertionId,
            FilterProcessingContext context)throws XWSSecurityException {
       
        Assertion ret = (Assertion)context.getTokenCache().get(assertionId); 
        if (ret != null) {
            try {
                return SAMLUtil.toElement(context.getSecurableSoapMessage().getSOAPPart(), ret,null);
            } catch (Exception e) {
                throw new XWSSecurityException (e);

View Full Code Here

                        MessageConstants.WSSE_SAML_v2_0_KEY_IDENTIFIER_VALUE_TYPE.equals (keyId.getValueType ())) {
                    
                    String assertionID = keyId.getReferenceValue();
                    Element tokenElement = wssContext.getIssuedSAMLToken();
                    if (tokenElement == null) {
                        Assertion samlAssertion = (Assertion)tokenCache.get(assertionID);
                        if (samlAssertion == null) {
                            if (str.getSamlAuthorityBinding() != null) {
                                tokenElement = wssContext.getSecurityEnvironment().
                                        locateSAMLAssertion(
                                        wssContext.getExtraneousProperties(), str.getSamlAuthorityBinding(), assertionID, secureMsg.getSOAPPart());
                            } else {
                                tokenElement = SAMLUtil.locateSamlAssertion(assertionID,secureMsg.getSOAPPart());
                                if (!("true".equals((String)wssContext.getExtraneousProperty(MessageConstants.SAML_SIG_RESOLVED))) || 
                                        "false".equals((String)wssContext.getExtraneousProperty(MessageConstants.SAML_SIG_RESOLVED))){
                                    wssContext.setExtraneousProperty(MessageConstants.SAML_SIG_RESOLVED,"false");
                                }
                            }
                        } else {
                            try {
                                tokenElement = samlAssertion.toElement(null);
                            } catch (Exception e) {
                                logger.log(Level.SEVERE,LogStringsMessages.WSS_1355_UNABLETO_RESOLVE_SAML_ASSERTION(),e.getMessage());
                                throw new KeySelectorException(e);
                            }
                        }

View Full Code Here

            
        // Create the KeyInfo for SubjectConfirmation
        final KeyInfo keyInfo = createKeyInfo(keyType, serCert, context, appliesTo);
            
        // Create SAML assertion
        Assertion assertion = null;
        if (WSTrustConstants.SAML10_ASSERTION_TOKEN_TYPE.equals(tokenType)||
            WSTrustConstants.SAML11_ASSERTION_TOKEN_TYPE.equals(tokenType)){
            assertion = createSAML11Assertion(assertionId, issuer, appliesTo, keyInfo, claimedAttrs, keyType);
        } else if (WSTrustConstants.SAML20_ASSERTION_TOKEN_TYPE.equals(tokenType)){
            assertion = createSAML20Assertion(assertionId, issuer, appliesTo, keyInfo, claimedAttrs, keyType);
        } else{
            log.log(Level.SEVERE, LogStringsMessages.WST_0031_UNSUPPORTED_TOKEN_TYPE(tokenType, appliesTo));
            throw new WSTrustException(LogStringsMessages.WST_0031_UNSUPPORTED_TOKEN_TYPE(tokenType, appliesTo));
        }
            
        // Get the STS's certificate and private key
        Object[] stsCertsAndPrikey = getSTSCertAndPrivateKey();
        final X509Certificate stsCert = (X509Certificate)stsCertsAndPrikey[0];
        final PrivateKey stsPrivKey = (PrivateKey)stsCertsAndPrikey[1];
            
        // Sign the assertion with STS's private key
        Element signedAssertion = null;
        try{            
            signedAssertion = assertion.sign(stsCert, stsPrivKey, true, context.getSignatureAlgorithm(), context.getCanonicalizationAlgorithm());            
            //signedAssertion = assertion.sign(stsCert, stsPrivKey, true);            
            //signedAssertion = assertion.sign(stsCert, stsPrivKey);
        }catch (SAMLException ex){
            log.log(Level.SEVERE,
                    LogStringsMessages.WST_0032_ERROR_CREATING_SAML_ASSERTION(), ex);

View Full Code Here

        
        return keyInfo;
    }
    
    protected Assertion createSAML11Assertion(final String assertionId, final String issuer, final String appliesTo, final KeyInfo keyInfo, final Map<QName, List<String>> claimedAttrs, String keyType) throws WSTrustException{
        Assertion assertion = null;
        try{
                final SAMLAssertionFactory samlFac = SAMLAssertionFactory.newInstance(SAMLAssertionFactory.SAML1_1);
            
            final TimeZone utcTimeZone = TimeZone.getTimeZone("UTC");
            final GregorianCalendar issuerInst = new GregorianCalendar(utcTimeZone);

View Full Code Here

        
        return assertion;
    }
    
    protected Assertion createSAML20Assertion(final String assertionId, final String issuer, final String appliesTo, final KeyInfo keyInfo, final  Map<QName, List<String>> claimedAttrs, String keyType) throws WSTrustException{
        Assertion assertion = null;
        try{
            final SAMLAssertionFactory samlFac = SAMLAssertionFactory.newInstance(SAMLAssertionFactory.SAML2_0);
            
            // Create Conditions
            final TimeZone utcTimeZone = TimeZone.getTimeZone("UTC");

View Full Code Here

0 1 2

TOP

Related Classes of com.sun.xml.wss.saml.Assertion

com.sun.xml.ws.security.trust.impl.DefaultSAMLTokenProvider

com.sun.xml.ws.security.trust.impl.IssueSamlTokenContractImpl

com.sun.xml.ws.security.trust.impl.SBIssuedSamlTokenContractImpl

com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor

com.sun.xml.wss.impl.dsig.DSigResolver

com.sun.xml.wss.impl.dsig.KeySelectorImpl

com.sun.xml.wss.impl.filter.ExportSamlAssertionFilter

com.sun.xml.wss.impl.filter.ImportSamlAssertionFilter

common.SampleSamlValidator

common.SampleSTSAttributeProvider

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.