Examples of org.opensaml.ws.security.SecurityPolicy

org.opensaml.ws.security.SecurityPolicy
A security policy is a collection of {@link SecurityPolicyRule}, evaluated against a {@link MessageContext}, that is meant to determine if a message is well-formed, valid, and otherwise okay to process. Security policies MUST be thread safe and stateless.

        SecurityPolicyResolver policyResolver = messageContext.getSecurityPolicyResolver();
        if (policyResolver == null) {
            return;
        }


        SecurityPolicy policy = null;
        try {
            policy = policyResolver.resolveSingle(messageContext);
            if (policy == null) {
                return;
            }
        } catch (SecurityException e) {
            throw new SOAPClientException("Unable to resolve security policy for inbound SOAP response", e);
        }


        try {
            log.debug("Evaluating security policy for inbound SOAP response");
            policy.evaluate(messageContext);
        } catch (SecurityException e) {
            throw new SOAPClientException("Inbound SOAP response does not meet security policy", e);
        }
    }

View Full Code Here

        SecurityPolicyResolver policyResolver = messageContext.getSecurityPolicyResolver();
        if (policyResolver == null) {
            return;
        }


        SecurityPolicy policy = null;
        try {
            policy = policyResolver.resolveSingle(messageContext);
            if (policy == null) {
                return;
            }
        } catch (SecurityException e) {
            throw new SOAPClientException("Unable to resolve security policy for inbound SOAP response", e);
        }


        try {
            log.debug("Evaluating security policy for inbound SOAP response");
            policy.evaluate(messageContext);
        } catch (SecurityException e) {
            throw new SOAPClientException("Inbound SOAP response does not meet security policy", e);
        }
    }

View Full Code Here

    public void receiveMessage(final SAMLMessageContext context, final SignatureTrustEngine engine) {


        context.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
        context.setInboundSAMLProtocol(SAMLConstants.SAML20P_NS);


        SecurityPolicy policy = new BasicSecurityPolicy();
        policy.getPolicyRules().add(new SAML2HTTPPostSimpleSignRule(engine, parserPool, engine.getKeyInfoResolver()));
        policy.getPolicyRules().add(new SAMLProtocolMessageXMLSignatureSecurityPolicyRule(engine));
        StaticSecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(policy);
        context.setSecurityPolicyResolver(resolver);


        try {
            decoder.decode(context);

View Full Code Here

     * @param samlContext saml context to set the policy to
     * @param binding     binding used to retrieve the message
     */
    protected void populateSecurityPolicy(SAMLMessageContext samlContext, SAMLBinding binding) {


        SecurityPolicy policy = new BasicSecurityPolicy();
        binding.getSecurityPolicy(policy.getPolicyRules(), samlContext);
        StaticSecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(policy);
        samlContext.setSecurityPolicyResolver(resolver);


    }

View Full Code Here

TOP

Related Classes of org.opensaml.ws.security.SecurityPolicy

org.opensaml.ws.soap.client.http.HttpSOAPClient

org.pac4j.saml.sso.Saml2WebSSOProfileHandler

org.springframework.security.saml.processor.SAMLProcessorImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.