Examples of SPSSODescriptor

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
*/
public class SPSSODescriptorMarshaller extends SSODescriptorMarshaller {

    /** {@inheritDoc} */
    protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) samlObject;

        if (descriptor.isAuthnRequestsSignedXSBoolean() != null) {
            domElement.setAttributeNS(null, SPSSODescriptor.AUTH_REQUESTS_SIGNED_ATTRIB_NAME, descriptor
                    .isAuthnRequestsSignedXSBoolean().toString());
        }

        if (descriptor.getWantAssertionsSignedXSBoolean() != null) {
            domElement.setAttributeNS(null, SPSSODescriptor.WANT_ASSERTIONS_SIGNED_ATTRIB_NAME, descriptor
                    .getWantAssertionsSignedXSBoolean().toString());
        }

        super.marshallAttributes(samlObject, domElement);
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
public class SPSSODescriptorUnmarshaller extends SSODescriptorUnmarshaller {

    /** {@inheritDoc} */
    protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
            throws UnmarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) parentSAMLObject;

        if (childSAMLObject instanceof AssertionConsumerService) {
            descriptor.getAssertionConsumerServices().add((AssertionConsumerService) childSAMLObject);
        } else if (childSAMLObject instanceof AttributeConsumingService) {
            descriptor.getAttributeConsumingServices().add((AttributeConsumingService) childSAMLObject);
        } else {
            super.processChildElement(parentSAMLObject, childSAMLObject);
        }
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
        }
    }

    /** {@inheritDoc} */
    protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
        SPSSODescriptor descriptor = (SPSSODescriptor) samlObject;

        if (attribute.getLocalName().equals(SPSSODescriptor.AUTH_REQUESTS_SIGNED_ATTRIB_NAME)) {
            descriptor.setAuthnRequestsSigned(XSBooleanValue.valueOf(attribute.getValue()));
        } else if (attribute.getLocalName().equals(SPSSODescriptor.WANT_ASSERTIONS_SIGNED_ATTRIB_NAME)) {
            descriptor.setWantAssertionsSigned(XSBooleanValue.valueOf(attribute.getValue()));
        } else {
            super.processAttribute(samlObject, attribute);
        }
    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
        if (metadataProvider == null) {
            log.warn("Message context did not contain a metadata provider, unable to evaluate rule");
            return;
        }
       
        SPSSODescriptor spssoRole;
        try {
            spssoRole = (SPSSODescriptor) metadataProvider
                .getRole(messageIssuer, SPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS);
        } catch (MetadataProviderException e) {
            log.warn("Error resolving SPSSODescriptor metadata for entityID '{}': {}", messageIssuer, e.getMessage());
            throw new SecurityPolicyException("Error resolving metadata for entity ID", e);
        }
       
        if (spssoRole == null) {
            log.warn("SPSSODescriptor role metadata for entityID '{}' could not be resolved", messageIssuer);
            return;
        }
       
        if (spssoRole.isAuthnRequestsSigned() == Boolean.TRUE) {
            if (! isMessageSigned(samlMsgCtx)) {
                log.error("SPSSODescriptor for entity ID '{}' indicates AuthnRequests must be signed, "
                        + "but inbound message was not signed", messageIssuer);
                throw new SecurityPolicyException("Inbound AuthnRequest was required to be signed but was not");
            }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
    }

    @SuppressWarnings("unchecked")
    public void sendMessage(final SAMLMessageContext context, final AuthnRequest authnRequest, final String relayState) {

        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();
        SingleSignOnService ssoService = SamlUtils.getSingleSignOnService(idpssoDescriptor, destinationBindingType);

        context.setCommunicationProfileId(SAML2_WEBSSO_PROFILE_URI);
        context.setOutboundMessage(authnRequest);
        context.setOutboundSAMLMessage(authnRequest);
        context.setPeerEntityEndpoint(ssoService);

        if (relayState != null) {
            context.setRelayState(relayState);
        }

        if (spDescriptor.isAuthnRequestsSigned()) {
            context.setOutboundSAMLMessageSigningCredential(credentialProvider.getCredential());
        } else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
            logger.warn("IdP wants authn requests signed, it will perhaps reject your authn requests unless you provide a keystore");
        }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

83
84
85
86
87
88
89
90
91
92
93
    private final XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

    public AuthnRequest build(final SAMLMessageContext context) {

        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();

        SingleSignOnService ssoService = SamlUtils.getSingleSignOnService(idpssoDescriptor, bindingType);
        AssertionConsumerService assertionConsumerService = SamlUtils.getAssertionConsumerService(spDescriptor, null);
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
    protected SPSSODescriptor buildSPSSODescriptor() {

        SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory
                .getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
        SPSSODescriptor spDescriptor = builder.buildObject();

        spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
        spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
        spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);

        spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());

        int index = 0;
        spDescriptor.getAssertionConsumerServices().add(
                getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++,
                        this.defaultACSIndex == index));

        if (credentialProvider != null) {
          spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, getKeyInfo()));
          spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, getKeyInfo()));
        }

        return spDescriptor;

    }
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

60
61
62
63
64
65
66
67
68
69
70
        if (credential == null) {
            return;
        }

        IDPSSODescriptor idpDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();
        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        String binding = SAMLUtil.getLogoutBinding(idpDescriptor, spDescriptor);

        SingleLogoutService logoutServiceIDP = SAMLUtil.getLogoutServiceForBinding(idpDescriptor, binding);
        LogoutRequest logoutRequest = getLogoutRequest(context, credential, logoutServiceIDP);
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

215
216
217
218
219
220
221
222
223
224
225
        SAMLObjectBuilder<LogoutResponse> responseBuilder = (SAMLObjectBuilder<LogoutResponse>) builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME);
        LogoutResponse logoutResponse = responseBuilder.buildObject();

        IDPSSODescriptor idpDescriptor = SAMLUtil.getIDPDescriptor(metadata, context.getPeerEntityId());
        SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
        String binding = SAMLUtil.getLogoutBinding(idpDescriptor, spDescriptor);
        SingleLogoutService logoutService = SAMLUtil.getLogoutServiceForBinding(idpDescriptor, binding);

        logoutResponse.setID(generateID());
        logoutResponse.setIssuer(getIssuer(context.getLocalEntityId()));
View Full Code Here

Examples of org.opensaml.saml2.metadata.SPSSODescriptor

308
309
310
311
312
313
314
315
316
317
318
319
320
321
            }
        }

        // Verify destination
        if (response.getDestination() != null) {
            SPSSODescriptor localDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();

            // Check if destination is correct on this SP
            List<SingleLogoutService> services = localDescriptor.getSingleLogoutServices();
            boolean found = false;
            for (SingleLogoutService service : services) {
                if (response.getDestination().equals(service.getLocation()) &&
                        context.getInboundSAMLBinding().equals(service.getBinding())) {
                    found = true;
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.