Examples of SAMLKeyInfo


Examples of org.apache.ws.security.saml.SAMLKeyInfo

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getSecret() != null);
       
        bus.shutdown(true);
    }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

        String confirmMethod = null;
        if (methods != null && methods.size() > 0) {
            confirmMethod = methods.get(0);
        }
        assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
        SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
        assertTrue(subjectKeyInfo.getCerts() != null);
       
        bus.shutdown(true);
    }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

                // Validate the assertion against schemas/profiles
                validateAssertion(assertion);

                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
   
                trustCredential = validator.validate(trustCredential, requestData);

                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

                    // and the payload
                    XMLSignature signature = message.getContent(XMLSignature.class);
                    if (signature == null) {
                        return false;
                    }
                    SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSignatureKeyInfo();
                    if (!compareCredentials(subjectKeyInfo, signature, tlsCerts)) {
                        return false;
                    }
                }
            }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

                                    Certificate[] tlsCerts) {
        List<String> confirmationMethods = assertionWrapper.getConfirmationMethods();
        for (String confirmationMethod : confirmationMethods) {
            if (OpenSAMLUtil.isMethodHolderOfKey(confirmationMethod)) {
                XMLSignature sig = message.getContent(XMLSignature.class);
                SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
                if (!compareCredentials(subjectKeyInfo, sig, tlsCerts)) {
                    return false;
                }
            }
        }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

        private SecurityToken createSecurityToken(
            AssertionWrapper assertionWrapper
        ) {
            SecurityToken token = new SecurityToken(assertionWrapper.getId());

            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
            if (subjectKeyInfo != null) {
                token.setSecret(subjectKeyInfo.getSecret());
                X509Certificate[] certs = subjectKeyInfo.getCerts();
                if (certs != null && certs.length > 0) {
                    token.setX509Certificate(certs[0], null);
                }
            }
            if (assertionWrapper.getSaml1() != null) {
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

                }
            } else if (actInt.intValue() == WSConstants.ST_SIGNED
                || actInt.intValue() == WSConstants.ST_UNSIGNED) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
                if (samlKeyInfo != null) {
                    X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
                    PublicKey subjectPublicKey = samlKeyInfo.getPublicKey();
                    if ((cert != null && subjectCerts != null
                        && cert.equals(subjectCerts[0]))
                        || (subjectPublicKey != null && subjectPublicKey.equals(publicKey))) {
                        return token;
                    }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

                            ((SAMLAssertion) wser
                                .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
                        String id = assertion.getId();
                        Date created = assertion.getNotBefore();
                        Date expires = assertion.getNotOnOrAfter();
                        SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                                signatureCrypto, tokenCallbackHandler);
                        try {
                            TokenStorage store = rmd.getTokenStorage();
                            if(store.getToken(id) == null) {
                                Token token = new Token(id, (OMElement)assertion.toDOM(), created, expires);
                                token.setSecret(samlKi.getSecret());
                                store.add(token);
                            }
                        } catch (Exception e) {
                            throw new RampartException(
                                    "errorInAddingTokenIntoStore", e);
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

            // Check for compliance against the defined AlgorithmSuite
            AlgorithmSuite algorithmSuite = data.getSamlAlgorithmSuite();
           
            Signature sig = assertion.getSignature();
            KeyInfo keyInfo = sig.getKeyInfo();
            SAMLKeyInfo samlKeyInfo =
                SAMLUtil.getCredentialDirectlyFromKeyInfo(
                    keyInfo.getDOM(), data
                );
           
            if (algorithmSuite != null) {
                AlgorithmSuiteValidator algorithmSuiteValidator = new
                    AlgorithmSuiteValidator(algorithmSuite);

                PublicKey key = null;
                if (samlKeyInfo.getCerts() != null && samlKeyInfo.getCerts()[0] != null) {
                    key = samlKeyInfo.getCerts()[0].getPublicKey();
                } else if (samlKeyInfo.getPublicKey() != null) {
                    key = samlKeyInfo.getPublicKey();
                } else {
                    throw new WSSecurityException(
                        WSSecurityException.FAILURE, "invalidSAMLsecurity",
                        new Object[]{"cannot get certificate or key"}
                    );
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

        RequestData data, WSDocInfo docInfo
    ) throws WSSecurityException {
        Signature sig = getSignature();
        if (sig != null) {
            KeyInfo keyInfo = sig.getKeyInfo();
            SAMLKeyInfo samlKeyInfo =
                SAMLUtil.getCredentialDirectlyFromKeyInfo(keyInfo.getDOM(), data);
            verifySignature(samlKeyInfo);
        } else {
            LOG.debug("AssertionWrapper: no signature to validate");
        }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.