Examples of SPSSODescriptor

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
        if (!SPSSODescriptor.DEFAULT_ELEMENT_NAME.equals(context.getLocalEntityRole())) {
            throw new SAMLException("WebSSO can only be initialized for local SP, but localEntityRole is: " + context.getLocalEntityRole());
        }

        // Load the entities from the context
        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();
        ExtendedMetadata idpExtendedMetadata = context.getPeerExtendedMetadata();

        if (spDescriptor == null || idpssoDescriptor == null || idpExtendedMetadata == null) {
            throw new SAMLException("SPSSODescriptor, IDPSSODescriptor or IDPExtendedMetadata are not present in the SAMLContext");
        }

        SingleSignOnService ssoService = getSingleSignOnService(options, idpssoDescriptor, spDescriptor);
        AssertionConsumerService consumerService = getAssertionConsumerService(options, idpssoDescriptor, spDescriptor);
        AuthnRequest authRequest = getAuthnRequest(context, options, consumerService, ssoService);

        // TODO optionally implement support for conditions, subject

        context.setCommunicationProfileId(getProfileIdentifier());
        context.setOutboundMessage(authRequest);
        context.setOutboundSAMLMessage(authRequest);
        context.setPeerEntityEndpoint(ssoService);
        context.setPeerEntityRoleMetadata(idpssoDescriptor);
        context.setPeerExtendedMetadata(idpExtendedMetadata);

        if (options.getRelayState() != null) {
            context.setRelayState(options.getRelayState());
        }

        boolean sign = spDescriptor.isAuthnRequestsSigned() || idpssoDescriptor.getWantAuthnRequestsSigned();
        sendMessage(context, sign);

        SAMLMessageStorage messageStorage = context.getMessageStorage();
        if (messageStorage != null) {
            messageStorage.storeMessage(authRequest.getID(), authRequest);
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
    @Override
    public void sendAuthenticationRequest(SAMLMessageContext context, WebSSOProfileOptions options)
            throws SAMLException, MetadataProviderException, MessageEncodingException {

        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        AssertionConsumerService assertionConsumer = getAssertionConsumerService(options, null, spDescriptor);

        // The last parameter refers to the IdP that should receive the message. However,
        // in ECP, we don't know in advance which IdP will be contacted.
        AuthnRequest authRequest = getAuthnRequest(context, options, assertionConsumer, null);

        context.setCommunicationProfileId(getProfileIdentifier());
        context.setOutboundMessage(getEnvelope());
        context.setOutboundSAMLMessage(authRequest);

        SOAPHelper.addHeaderBlock(context, getPAOSRequest(assertionConsumer));
        SOAPHelper.addHeaderBlock(context, getECPRequest(context, options));

        sendMessage(context, spDescriptor.isAuthnRequestsSigned(), SAMLConstants.SAML2_PAOS_BINDING_URI);
       
        HTTPOutTransport outTransport = (HTTPOutTransport) context.getOutboundMessageTransport();
        outTransport.setHeader("Content-Type", "application/vnd.paos+xml");

        SAMLMessageStorage messageStorage = context.getMessageStorage();
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
        super(namespaceURI, elementLocalName);
    }

    /** {@inheritDoc} */
    protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) samlObject;

        if (descriptor.isAuthnRequestsSignedXSBoolean() != null) {
            domElement.setAttributeNS(null, SPSSODescriptor.AUTH_REQUESTS_SIGNED_ATTRIB_NAME,
                    descriptor.isAuthnRequestsSignedXSBoolean().toString());
        }

        if (descriptor.getWantAssertionsSignedXSBoolean() != null) {
            domElement.setAttributeNS(null, SPSSODescriptor.WANT_ASSERTIONS_SIGNED_ATTRIB_NAME,
                    descriptor.getWantAssertionsSignedXSBoolean().toString());
        }

        super.marshallAttributes(samlObject, domElement);
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
    }

    /** {@inheritDoc} */
    protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
            throws UnmarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) parentSAMLObject;

        if (childSAMLObject instanceof AssertionConsumerService) {
            descriptor.getAssertionConsumerServices().add((AssertionConsumerService) childSAMLObject);
        } else if (childSAMLObject instanceof AttributeConsumingService) {
            descriptor.getAttributeConsumingServices().add((AttributeConsumingService) childSAMLObject);
        } else {
            super.processChildElement(parentSAMLObject, childSAMLObject);
        }
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
        }
    }

    /** {@inheritDoc} */
    protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) samlObject;

        if (attribute.getLocalName().equals(SPSSODescriptor.AUTH_REQUESTS_SIGNED_ATTRIB_NAME)) {
            descriptor.setAuthnRequestsSigned(XSBooleanValue.valueOf(attribute.getValue()));
        } else if (attribute.getLocalName().equals(SPSSODescriptor.WANT_ASSERTIONS_SIGNED_ATTRIB_NAME)) {
            descriptor.setWantAssertionsSigned(XSBooleanValue.valueOf(attribute.getValue()));
        } else {
            super.processAttribute(samlObject, attribute);
        }
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

411
412
413
414
415
416
417
418
419
420
421
422
     * @throws org.opensaml.xml.security.SecurityException
     *                             signature can't be validated
     * @throws ValidationException signature is malformed
     */
    protected void verifyAssertionSignature(Signature signature, SAMLMessageContext context) throws SAMLException, org.opensaml.xml.security.SecurityException, ValidationException {
        SPSSODescriptor roleMetadata = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        boolean wantSigned = roleMetadata.getWantAssertionsSigned();
        if (signature != null) {
            verifySignature(signature, context.getPeerEntityMetadata().getEntityID(), context.getLocalTrustEngine());
        } else if (wantSigned) {
            if (!context.isInboundSAMLMessageAuthenticated()) {
                throw new SAMLException("Metadata includes wantAssertionSigned, but neither Response nor included Assertion is signed");
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.