Examples of SamlToken

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

114
115
116
117
118
119
120
121
122
123
124
                        assertTokens(message, SP12Constants.SAML_TOKEN, signed);
                       
                        // Check version against policy
                        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
                        for (AssertionInfo ai : aim.getAssertionInfo(SP12Constants.SAML_TOKEN)) {
                            SamlToken samlToken = (SamlToken)ai.getAssertion();
                            for (WSSecurityEngineResult result : samlResults) {
                                AssertionWrapper assertionWrapper =
                                    (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);

                                if (!checkVersion(samlToken, assertionWrapper)) {
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

192
193
194
195
196
197
198
199
200
201
202
        return assertTokens(message, SP12Constants.SAML_TOKEN, true);
    }

    protected void addToken(SoapMessage message) {
        WSSConfig.init();
        SamlToken tok = (SamlToken)assertTokens(message);

        Header h = findSecurityHeader(message, true);
        try {
            AssertionWrapper wrapper = addSamlToken(tok, message);
            if (wrapper == null) {
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
    public Assertion build(Element element, AssertionBuilderFactory factory) {
       
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

        SamlToken samlToken = new SamlToken(consts);
        samlToken.setOptional(PolicyConstants.isOptional(element));
        samlToken.setIgnorable(PolicyConstants.isIgnorable(element));

        String attribute = element.getAttributeNS(element.getNamespaceURI(), SPConstants.ATTR_INCLUDE_TOKEN);
        if (attribute != null) {
            samlToken.setInclusion(consts.getInclusionFromAttributeValue(attribute));
        }
       
        Element child = DOMUtils.getFirstElement(element);
        boolean foundPolicy = false;
        while (child != null) {
            String ln = child.getLocalName();
            if (org.apache.neethi.Constants.ELEM_POLICY.equals(ln)) {
                foundPolicy = true;
                NodeList policyChildren = child.getChildNodes();
                if (policyChildren != null) {
                    for (int i = 0; i < policyChildren.getLength(); i++) {
                        Node policyChild = policyChildren.item(i);
                        if (policyChild instanceof Element) {
                            QName qname =
                                new QName(policyChild.getNamespaceURI(), policyChild.getLocalName());
                            String localname = qname.getLocalPart();
                            if (SPConstants.SAML_11_TOKEN_10.equals(localname)) {
                                samlToken.setUseSamlVersion11Profile10(true);
                            } else if (SPConstants.SAML_11_TOKEN_11.equals(localname)) {
                                samlToken.setUseSamlVersion11Profile11(true);
                            } else if (SPConstants.SAML_20_TOKEN_11.equals(localname)) {
                                samlToken.setUseSamlVersion20Profile11(true);
                            } else if (SPConstants.REQUIRE_DERIVED_KEYS.equals(localname)) {
                                samlToken.setDerivedKeys(true);
                            } else if (SPConstants.REQUIRE_EXPLICIT_DERIVED_KEYS.equals(localname)) {
                                samlToken.setExplicitDerivedKeys(true);
                            } else if (SPConstants.REQUIRE_IMPLIED_DERIVED_KEYS.equals(localname)) {
                                samlToken.setImpliedDerivedKeys(true);
                            } else if (SPConstants.REQUIRE_KEY_IDENTIFIER_REFERENCE.equals(localname)) {
                                samlToken.setRequireKeyIdentifierReference(true);
                            }
                        }
                    }
                }
            }
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

215
216
217
218
219
220
221
222
223
224
225
    }

    private SamlToken assertSamlTokens(SoapMessage message) {
        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
        Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.SAML_TOKEN);
        SamlToken tok = null;
        for (AssertionInfo ai : ais) {
            tok = (SamlToken)ai.getAssertion();
            ai.setAsserted(true);               
        }
        ais = aim.getAssertionInfo(SP12Constants.SUPPORTING_TOKENS);
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

234
235
236
237
238
239
240
241
242
243
244
    }


    private void addSamlToken(SoapMessage message) {
        WSSConfig.init();
        SamlToken tok = assertSamlTokens(message);

        Header h = findSecurityHeader(message, true);
        try {
            AssertionWrapper wrapper = addSamlToken(tok, message);
            if (wrapper == null) {
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

65
66
67
68
69
70
71
72
73
74
75
        List<WSSecurityEngineResult> samlResults = new ArrayList<WSSecurityEngineResult>();
        WSSecurityUtil.fetchAllActionResults(results, WSConstants.ST_SIGNED, samlResults);
        WSSecurityUtil.fetchAllActionResults(results, WSConstants.ST_UNSIGNED, samlResults);
       
        for (AssertionInfo ai : ais) {
            SamlToken samlToken = (SamlToken)ai.getAssertion();
            ai.setAsserted(true);

            if (!isTokenRequired(samlToken, message)) {
                continue;
            }
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

495
496
497
498
499
500
501
502
503
504
505
506
        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
        if (aim != null) {
            Collection<AssertionInfo> ais = aim.get(SP12Constants.SAML_TOKEN);
            if (ais != null && !ais.isEmpty()) {
                for (AssertionInfo ai : ais) {
                    SamlToken samlToken = (SamlToken)ai.getAssertion();
                    SupportingToken supportingToken = samlToken.getSupportingToken();
                    if (supportingToken != null && supportingToken.getAlgorithmSuite() != null) {
                        AlgorithmSuite algorithmSuite =
                            translateAlgorithmSuite(supportingToken.getAlgorithmSuite());
                        data.setSamlAlgorithmSuite(algorithmSuite);
                        break;
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

66
67
68
69
70
71
72
73
74
75
76
        Collection<AssertionInfo> samlAis = aim.get(SP12Constants.SAML_TOKEN);
        if (samlAis != null && !samlAis.isEmpty()) {
            for (AssertionInfo ai : samlAis) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SamlToken samlToken = (SamlToken)ai.getAssertion();
                ai.setAsserted(true);
               
                boolean tokenRequired = isTokenRequired(samlToken, message);
                if (tokenRequired && assertionWrapper == null) {
                    ai.setNotAsserted(
View Full Code Here

Examples of org.apache.cxf.ws.security.policy.model.SamlToken

66
67
68
69
70
71
72
73
74
75
76
        Collection<AssertionInfo> samlAis = aim.get(SP12Constants.SAML_TOKEN);
        if (samlAis != null && !samlAis.isEmpty()) {
            for (AssertionInfo ai : samlAis) {
                AssertionWrapper assertionWrapper =
                    (AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                SamlToken samlToken = (SamlToken)ai.getAssertion();
                ai.setAsserted(true);
               
                boolean tokenRequired = isTokenRequired(samlToken, message);
                if ((tokenRequired && assertionWrapper == null)
                    || (!tokenRequired && assertionWrapper != null)) {
View Full Code Here

Examples of org.apache.wss4j.policy.model.SamlToken

54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
                               AbstractToken abstractToken) throws WSSPolicyException, XMLSecurityException {
        if (!(tokenSecurityEvent instanceof SamlTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a SamlTokenSecurityEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        SamlTokenSecurityEvent samlTokenSecurityEvent = (SamlTokenSecurityEvent) tokenSecurityEvent;
        SamlToken samlToken = (SamlToken) abstractToken;

        if (samlToken.getIssuerName() != null && !samlToken.getIssuerName().equals(samlTokenSecurityEvent.getIssuerName())) {
            setErrorMessage("IssuerName in Policy (" + samlToken.getIssuerName() + ") didn't match with the one in the SamlToken (" + samlTokenSecurityEvent.getIssuerName() + ")");
            return false;
        }
        if (samlToken.isRequireKeyIdentifierReference() &&
                !WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(samlTokenSecurityEvent.getSecurityToken().getKeyIdentifier())) {
            setErrorMessage("Policy enforces KeyIdentifierReference but we got " + samlTokenSecurityEvent.getSecurityToken().getTokenType());
            return false;
        }
        if (samlToken.getSamlTokenType() != null) {
            final SamlAssertionWrapper samlAssertionWrapper = samlTokenSecurityEvent.getSamlAssertionWrapper();
            switch (samlToken.getSamlTokenType()) {
                case WssSamlV11Token10:
                    if (samlAssertionWrapper.getSamlVersion() != SAMLVersion.VERSION_11) {
                        setErrorMessage("Policy enforces SamlVersion11Profile10 but we got " + samlAssertionWrapper.getSamlVersion());
                        return false;
                    }
                    break;
                case WssSamlV11Token11:
                    if (samlAssertionWrapper.getSamlVersion() != SAMLVersion.VERSION_11) {
                        setErrorMessage("Policy enforces SamlVersion11Profile11 but we got " + samlAssertionWrapper.getSamlVersion());
                        return false;
                    }
                    break;
                case WssSamlV20Token11:
                    if (samlAssertionWrapper.getSamlVersion() != SAMLVersion.VERSION_20) {
                        setErrorMessage("Policy enforces SamlVersion20Profile11 but we got " + samlAssertionWrapper.getSamlVersion());
                        return false;
                    }
                    break;
                case WssSamlV10Token10:
                case WssSamlV10Token11:
                    setErrorMessage("Unsupported token type: " + samlToken.getSamlTokenType());
                    return false;
            }
        }
        //always return true to prevent false alarm in case additional tokens with the same usage
        //appears in the message but do not fulfill the policy and are also not needed to fulfil the policy.
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.