org.apache.ws.security.saml.ext

Class AssertionWrapper

java.lang.Object

org.apache.ws.security.saml.ext.AssertionWrapper

public class AssertionWrapper
extends Object

Class AssertionWrapper can generate, sign, and validate both SAML v1.1 and SAML v2.0 assertions.

Created on May 18, 2009

Constructor Summary

Constructors

Constructor and Description
AssertionWrapper(org.opensaml.saml2.core.Assertion saml2) Constructor AssertionWrapper creates a new AssertionWrapper instance.
AssertionWrapper(org.opensaml.saml1.core.Assertion saml1) Constructor AssertionWrapper creates a new AssertionWrapper instance.
AssertionWrapper(Element element) Constructor AssertionWrapper creates a new AssertionWrapper instance.
AssertionWrapper(SAMLParms parms) Constructor AssertionWrapper creates a new AssertionWrapper instance.
AssertionWrapper(org.opensaml.xml.XMLObject xmlObject) Constructor AssertionWrapper creates a new AssertionWrapper instance.

Method Summary

Methods

Modifier and Type	Method and Description
String	assertionToString() Method assertionToString ...
List<String>	getConfirmationMethods() Method getConfirmationMethods returns the confirmationMethods of this AssertionWrapper object.
Element	getElement() Get the Assertion as a DOM Element.
String	getId() Method getId returns the id of this AssertionWrapper object.
String	getIssuerString() Method getIssuerString returns the issuerString of this AssertionWrapper object.
org.opensaml.saml1.core.Assertion	getSaml1() Method getSaml1 returns the saml1 of this AssertionWrapper object.
org.opensaml.saml2.core.Assertion	getSaml2() Method getSaml2 returns the saml2 of this AssertionWrapper object.
org.opensaml.common.SAMLVersion	getSamlVersion() Method getSamlVersion returns the samlVersion of this AssertionWrapper object.
org.opensaml.xml.signature.Signature	getSignature()
SAMLKeyInfo	getSignatureKeyInfo() Get the SAMLKeyInfo associated with the signature of the assertion
byte[]	getSignatureValue() Get the SignatureValue bytes of the signed SAML Assertion
SAMLKeyInfo	getSubjectKeyInfo() Get the SAMLKeyInfo associated with the Subject KeyInfo
org.opensaml.xml.XMLObject	getXmlObject() Method getXmlObject returns the xmlObject of this AssertionWrapper object.
boolean	isCreated() Method isCreated returns the created of this AssertionWrapper object.
boolean	isSigned() Method isSigned returns the signed of this AssertionWrapper object.
void	parseHOKSubject(RequestData data, WSDocInfo docInfo) This method parses the KeyInfo of the Subject for the holder-of-key confirmation method, as required by the SAML Token spec.
void	setSignature(org.opensaml.xml.signature.Signature signature) Method setSignature sets the signature of this AssertionWrapper object.
void	setSignature(org.opensaml.xml.signature.Signature signature, String signatureDigestAlgorithm) Method setSignature sets the signature of this SamlAssertionWrapper object.
void	signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue) Create an enveloped signature on the assertion that has been created.
void	signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm) Create an enveloped signature on the assertion that has been created.
void	signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm, String signatureDigestAlgorithm) Create an enveloped signature on the assertion that has been created.
Element	toDOM(Document doc) Create a DOM from the current XMLObject content.
void	validateSignatureAgainstProfile() Validate the signature of the Assertion against the Profile.
void	verifySignature(RequestData data, WSDocInfo docInfo) Verify the signature of this assertion
void	verifySignature(SAMLKeyInfo samlKeyInfo) Verify the signature of this assertion

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AssertionWrapper

public AssertionWrapper(Element element)
                 throws WSSecurityException

Constructor AssertionWrapper creates a new AssertionWrapper instance.

Parameters:

element - of type Element

Throws:

UnmarshallingException - when

WSSecurityException

AssertionWrapper

public AssertionWrapper(org.opensaml.saml2.core.Assertion saml2)

Constructor AssertionWrapper creates a new AssertionWrapper instance.

Parameters:

saml2 - of type Assertion

AssertionWrapper

public AssertionWrapper(org.opensaml.saml1.core.Assertion saml1)

Constructor AssertionWrapper creates a new AssertionWrapper instance.

Parameters:

saml1 - of type Assertion

AssertionWrapper

public AssertionWrapper(org.opensaml.xml.XMLObject xmlObject)

Constructor AssertionWrapper creates a new AssertionWrapper instance. This is the primary constructor. All other constructor calls should be routed to this method to ensure that the wrapper is initialized correctly.

Parameters:

xmlObject - of type XMLObject

AssertionWrapper

public AssertionWrapper(SAMLParms parms)
                 throws WSSecurityException

Constructor AssertionWrapper creates a new AssertionWrapper instance. This constructor is primarily called on the client side to initialize the wrapper from a configuration file.

Parameters:

parms - of type SAMLParms

Throws:

WSSecurityException

Method Detail

getSaml1

public org.opensaml.saml1.core.Assertion getSaml1()

Method getSaml1 returns the saml1 of this AssertionWrapper object.

Returns:

the saml1 (type Assertion) of this AssertionWrapper object.

getSaml2

public org.opensaml.saml2.core.Assertion getSaml2()

Method getSaml2 returns the saml2 of this AssertionWrapper object.

Returns:

the saml2 (type Assertion) of this AssertionWrapper object.

getXmlObject

public org.opensaml.xml.XMLObject getXmlObject()

Method getXmlObject returns the xmlObject of this AssertionWrapper object.

Returns:

the xmlObject (type XMLObject) of this AssertionWrapper object.

isCreated

public boolean isCreated()

Method isCreated returns the created of this AssertionWrapper object.

Returns:

the created (type boolean) of this AssertionWrapper object.

toDOM

public Element toDOM(Document doc)
              throws WSSecurityException

Create a DOM from the current XMLObject content. If the user-supplied doc is not null, reparent the returned Element so that it is compatible with the user-supplied document.

Parameters:

doc - of type Document

Returns:

Element

Throws:

WSSecurityException

assertionToString

public String assertionToString()
                         throws WSSecurityException

Method assertionToString ...

Returns:

String

Throws:

WSSecurityException

getId

public String getId()

Method getId returns the id of this AssertionWrapper object.

Returns:

the id (type String) of this AssertionWrapper object.

getIssuerString

public String getIssuerString()

Method getIssuerString returns the issuerString of this AssertionWrapper object.

Returns:

the issuerString (type String) of this AssertionWrapper object.

getConfirmationMethods

public List<String> getConfirmationMethods()

Method getConfirmationMethods returns the confirmationMethods of this AssertionWrapper object.

Returns:

the confirmationMethods of this AssertionWrapper object.

isSigned

public boolean isSigned()

Method isSigned returns the signed of this AssertionWrapper object.

Returns:

the signed (type boolean) of this AssertionWrapper object.

setSignature

public void setSignature(org.opensaml.xml.signature.Signature signature)

Method setSignature sets the signature of this AssertionWrapper object.

Parameters:

signature - the signature of this AssertionWrapper object.

setSignature

public void setSignature(org.opensaml.xml.signature.Signature signature,
                String signatureDigestAlgorithm)

Method setSignature sets the signature of this SamlAssertionWrapper object.

Parameters:

signature - the signature of this SamlAssertionWrapper object.

signatureDigestAlgorithm - the signature digest algorithm to use

signAssertion

public void signAssertion(String issuerKeyName,
                 String issuerKeyPassword,
                 Crypto issuerCrypto,
                 boolean sendKeyValue)
                   throws WSSecurityException

Create an enveloped signature on the assertion that has been created.

Parameters:

issuerKeyName - the Issuer KeyName to use with the issuerCrypto argument

issuerKeyPassword - the Issuer Password to use with the issuerCrypto argument

issuerCrypto - the Issuer Crypto instance

sendKeyValue - whether to send the key value or not

Throws:

WSSecurityException

signAssertion

public void signAssertion(String issuerKeyName,
                 String issuerKeyPassword,
                 Crypto issuerCrypto,
                 boolean sendKeyValue,
                 String canonicalizationAlgorithm,
                 String signatureAlgorithm)
                   throws WSSecurityException

Create an enveloped signature on the assertion that has been created.

Parameters:

issuerKeyName - the Issuer KeyName to use with the issuerCrypto argument

issuerKeyPassword - the Issuer Password to use with the issuerCrypto argument

issuerCrypto - the Issuer Crypto instance

sendKeyValue - whether to send the key value or not

canonicalizationAlgorithm - the canonicalization algorithm to be used for signing

signatureAlgorithm - the signature algorithm to be used for signing

Throws:

WSSecurityException

signAssertion

public void signAssertion(String issuerKeyName,
                 String issuerKeyPassword,
                 Crypto issuerCrypto,
                 boolean sendKeyValue,
                 String canonicalizationAlgorithm,
                 String signatureAlgorithm,
                 String signatureDigestAlgorithm)
                   throws WSSecurityException

Create an enveloped signature on the assertion that has been created.

Parameters:

issuerKeyName - the Issuer KeyName to use with the issuerCrypto argument

issuerKeyPassword - the Issuer Password to use with the issuerCrypto argument

issuerCrypto - the Issuer Crypto instance

sendKeyValue - whether to send the key value or not

canonicalizationAlgorithm - the canonicalization algorithm to be used for signing

signatureAlgorithm - the signature algorithm to be used for signing

signatureDigestAlgorithm - the signature Digest algorithm to use

Throws:

WSSecurityException

verifySignature

public void verifySignature(RequestData data,
                   WSDocInfo docInfo)
                     throws WSSecurityException

Verify the signature of this assertion

Throws:

org.opensaml.xml.validation.ValidationException

WSSecurityException

verifySignature

public void verifySignature(SAMLKeyInfo samlKeyInfo)
                     throws WSSecurityException

Verify the signature of this assertion

Throws:

org.opensaml.xml.validation.ValidationException

WSSecurityException

validateSignatureAgainstProfile

public void validateSignatureAgainstProfile()
                                     throws WSSecurityException

Validate the signature of the Assertion against the Profile. This does not actually verify the signature itself (see the verifySignature method for this)

Throws:

WSSecurityException

getSignature

public org.opensaml.xml.signature.Signature getSignature()

parseHOKSubject

public void parseHOKSubject(RequestData data,
                   WSDocInfo docInfo)
                     throws WSSecurityException

This method parses the KeyInfo of the Subject for the holder-of-key confirmation method, as required by the SAML Token spec. It then stores the SAMLKeyInfo object that has been obtained for future processing by the SignatureProcessor.

Throws:

WSSecurityException

getSamlVersion

public org.opensaml.common.SAMLVersion getSamlVersion()

Method getSamlVersion returns the samlVersion of this AssertionWrapper object.

Returns:

the samlVersion (type SAMLVersion) of this AssertionWrapper object.

getElement

public Element getElement()

Get the Assertion as a DOM Element.

Returns:

the assertion as a DOM Element

getSignatureKeyInfo

public SAMLKeyInfo getSignatureKeyInfo()

Get the SAMLKeyInfo associated with the signature of the assertion

Returns:

the SAMLKeyInfo associated with the signature of the assertion

getSubjectKeyInfo

public SAMLKeyInfo getSubjectKeyInfo()

Get the SAMLKeyInfo associated with the Subject KeyInfo

Returns:

the SAMLKeyInfo associated with the Subject KeyInfo

getSignatureValue

public byte[] getSignatureValue()
                         throws WSSecurityException

Get the SignatureValue bytes of the signed SAML Assertion

Returns:

the SignatureValue bytes of the signed SAML Assertion

Throws:

WSSecurityException