Package org.apache.cxf.sts.token.provider

Class DefaultSubjectProvider

java.lang.Object
org.apache.cxf.sts.token.provider.DefaultSubjectProvider
All Implemented Interfaces:
SubjectProvider
public class DefaultSubjectProvider extends Object implements SubjectProvider
A default implementation of SubjectProvider to create a SAML Assertion. The Subject name is the name of the current principal, the subject name qualifier is a default URL that can be configured, and the subject confirmation method is created according to the token type and key type. If the Subject Confirmation Method is SymmetricKey or PublicKey, the appropriate KeyInfoBean object is created and attached to the Subject.

  • Constructor Details

    • DefaultSubjectProvider

      public DefaultSubjectProvider()

  • Method Details

    • setSubjectNameQualifier

      public void setSubjectNameQualifier(String subjectNameQualifier)
      Set the SubjectNameQualifier.

    • setSubjectNameIDFormat

      public void setSubjectNameIDFormat(String subjectNameIDFormat)
      Set the SubjectNameIDFormat.

    • getSubject

      public org.apache.wss4j.common.saml.bean.SubjectBean getSubject(SubjectProviderParameters subjectProviderParameters)
      Get a SubjectBean object.
      Specified by:
      getSubject in interface SubjectProvider

    • getPrincipal

      protected Principal getPrincipal(SubjectProviderParameters subjectProviderParameters)
      Get the Principal (which is used as the Subject). By default, we check the following (in order): - A valid OnBehalfOf principal - A valid principal associated with a token received as ValidateTarget - The principal associated with the request. We don't need to check to see if it is "valid" here, as it is not parsed by the STS (but rather the WS-Security layer).

    • createSubjectBean

      protected org.apache.wss4j.common.saml.bean.SubjectBean createSubjectBean(Principal principal, SubjectProviderParameters subjectProviderParameters)
      Create the SubjectBean using the specified principal.

    • getSubjectConfirmationMethod

      protected String getSubjectConfirmationMethod(String tokenType, String keyType)
      Get the SubjectConfirmation method given a tokenType and keyType

    • createKeyInfo

      protected org.apache.wss4j.common.saml.bean.KeyInfoBean createKeyInfo(SubjectProviderParameters subjectProviderParameters)
      Create and return the KeyInfoBean to be inserted into the SubjectBean

    • createPublicKeyKeyInfo

      protected static org.apache.wss4j.common.saml.bean.KeyInfoBean createPublicKeyKeyInfo(X509Certificate certificate, PublicKey publicKey)
      Create a KeyInfoBean that contains an X.509 certificate or Public Key

    • createEncryptedKeyKeyInfo

      protected static org.apache.wss4j.common.saml.bean.KeyInfoBean createEncryptedKeyKeyInfo(X509Certificate certificate, byte[] secret, Document doc, EncryptionProperties encryptionProperties, org.apache.wss4j.common.crypto.Crypto encryptionCrypto) throws org.apache.wss4j.common.ext.WSSecurityException
      Create an EncryptedKey KeyInfo.
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException