String appliesToAddress = providerParameters.getAppliesToAddress(); if (appliesToAddress != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress)); audienceRestrictions.add(audienceRestriction); extractAddressFromParticipantsEPR(participants.getPrimaryParticipant()); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction); address = extractAddressFromParticipantsEPR(participant); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction);
/** * Create an AudienceRestrictionCondition object * * @param audienceRestrictionBean of type AudienceRestrictionBean * @return an AudienceRestrictionCondition object */ @SuppressWarnings("unchecked") public static AudienceRestrictionCondition createSamlv1AudienceRestriction(AudienceRestrictionBean audienceRestrictionBean) { if (audienceRestrictionV1Builder == null) { audienceRestrictionV1Builder = (SAMLObjectBuilder<AudienceRestrictionCondition>) builderFactory.getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME); } if (audienceV1Builder == null) { audienceV1Builder = (SAMLObjectBuilder<Audience>) builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME); } AudienceRestrictionCondition audienceRestriction = audienceRestrictionV1Builder.buildObject(); for (String audienceURI : audienceRestrictionBean.getAudienceURIs()) { Audience audience = audienceV1Builder.buildObject(); audience.setUri(audienceURI); audienceRestriction.getAudiences().add(audience); } return audienceRestriction; }
String appliesToAddress = providerParameters.getAppliesToAddress(); if (appliesToAddress != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress)); audienceRestrictions.add(audienceRestriction); extractAddressFromParticipantsEPR(participants.getPrimaryParticipant()); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction); address = extractAddressFromParticipantsEPR(participant); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction);
/** * Create an AudienceRestriction object * * @param audienceRestrictionBean of type AudienceRestrictionBean * @return an AudienceRestriction object */ @SuppressWarnings("unchecked") public static AudienceRestriction createAudienceRestriction( AudienceRestrictionBean audienceRestrictionBean ) { if (audienceRestrictionBuilder == null) { audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>) builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME); } if (audienceBuilder == null) { audienceBuilder = (SAMLObjectBuilder<Audience>) builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME); } AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject(); for (String audienceURI : audienceRestrictionBean.getAudienceURIs()) { Audience audience = audienceBuilder.buildObject(); audience.setAudienceURI(audienceURI); audienceRestriction.getAudiences().add(audience); } return audienceRestriction; }
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( "https://localhost:" + portNumber + "/DoubleItSaml2Transport2")); audienceRestrictions.add(audienceRestriction); audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( "https://localhost:" + portNumber + "/DoubleItSaml2Transport2unknown")); audienceRestrictions.clear();
@Test public void testUnsignedSAML2AudienceRestrictionTokenURI() throws Exception { QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService"); QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort"); URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl"); HelloWorldService service = new HelloWorldService(wsdl, serviceName); String response = new String("Bonjour"); HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class); SamlCallbackHandler callbackHandler = new SamlCallbackHandler(); callbackHandler.setSignAssertion(true); callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER); ConditionsBean conditions = new ConditionsBean(); conditions.setTokenPeriodMinutes(5); List<String> audiences = new ArrayList<>(); audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean)); callbackHandler.setConditions(conditions); Map<String, Object> outProperties = new HashMap<>(); outProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED); outProperties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler); WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties); Client client = ClientProxy.getClient(greeter); client.getOutInterceptors().add(outInterceptor); String reply = greeter.sayHi(); assertNotNull("no response received from service", reply); assertEquals(response, reply); ((java.io.Closeable)greeter).close(); }
@Test public void testUnsignedSAML2AudienceRestrictionTokenServiceName() throws Exception { QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService"); QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort"); URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl"); HelloWorldService service = new HelloWorldService(wsdl, serviceName); String response = new String("Bonjour"); HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class); SamlCallbackHandler callbackHandler = new SamlCallbackHandler(); callbackHandler.setSignAssertion(true); callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER); ConditionsBean conditions = new ConditionsBean(); conditions.setTokenPeriodMinutes(5); List<String> audiences = new ArrayList<>(); audiences.add("{http://cxf.apache.org/hello_world_jms}HelloWorldService"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean)); callbackHandler.setConditions(conditions); Map<String, Object> outProperties = new HashMap<>(); outProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED); outProperties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler); WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties); Client client = ClientProxy.getClient(greeter); client.getOutInterceptors().add(outInterceptor); String reply = greeter.sayHi(); assertNotNull("no response received from service", reply); assertEquals(response, reply); ((java.io.Closeable)greeter).close(); }
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( service.getServiceName().toString())); audienceRestrictions.add(audienceRestriction);
List<String> audiences = new ArrayList<>(); audiences.add("{http://cxf.apache.org/hello_world_jms}BadHelloWorldService"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
List<String> audiences = new ArrayList<>(); audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text.bad"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( service.getServiceName().toString() + ".xyz")); audienceRestrictions.add(audienceRestriction);
conditions.setTokenPeriodMinutes(5); AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(requestIssuer)); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(conditions);
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList("https://sp.example.com/SAML2")); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(audience)); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));