private boolean isSamlEventAllowed(SamlTokenSecurityEvent event, Message msg) { if (event == null) { return false; } boolean allowUnsignedSamlPrincipals = SecurityUtils.getSecurityPropertyBoolean( SecurityConstants.ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL, msg, false ); // The SAML Assertion must be signed by default return event.getSecurityToken() != null && event.getSecurityToken().getSamlAssertionWrapper() != null && (allowUnsignedSamlPrincipals || event.getSecurityToken().getSamlAssertionWrapper().isSigned()); }
public SamlAssertionWrapper getSamlAssertionWrapper() throws WSSecurityException { return ((SAMLTokenPrincipal)getSecurityToken().getPrincipal()).getToken(); } }
String content = child.getTextContent(); if (content.endsWith("SymmetricKey")) { Map<String, Key> subjectKeys = samlTokenSecurityEvent.getSecurityToken().getSecretKey(); if (subjectKeys.isEmpty()) { return "Policy enforces SAML token with a symmetric key"; PublicKey publicKey = samlTokenSecurityEvent.getSecurityToken().getPublicKey(); X509Certificate[] x509Certificate = samlTokenSecurityEvent.getSecurityToken().getX509Certificates(); if (publicKey == null && x509Certificate == null) { return "Policy enforces SAML token with an asymmetric key";
KeyIdentifier keyIdentifier = samlTokenSecurityEvent.getSecurityToken().getKeyIdentifier(); if (!WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(keyIdentifier)) { setErrorMessage("Policy enforces KeyIdentifierReference but we got " + samlTokenSecurityEvent.getSecurityToken().getTokenType()); getPolicyAsserter().unassertPolicy(new QName(namespace, SPConstants.REQUIRE_KEY_IDENTIFIER_REFERENCE), getErrorMessage());
private boolean isSamlEventAllowed(SamlTokenSecurityEvent event, Message msg) { if (event == null) { return false; } boolean allowUnsignedSamlPrincipals = SecurityUtils.getSecurityPropertyBoolean( SecurityConstants.ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL, msg, false ); // The SAML Assertion must be signed by default return event.getSecurityToken() != null && event.getSecurityToken().getSamlAssertionWrapper() != null && (allowUnsignedSamlPrincipals || event.getSecurityToken().getSamlAssertionWrapper().isSigned()); }
findInboundSecurityToken(WSSecurityEventConstants.SAML_TOKEN, messageContext); if (securityToken instanceof SamlSecurityToken && ((SamlSecurityToken)securityToken).getSamlAssertionWrapper() != null) { return ((SamlSecurityToken)securityToken).getSamlAssertionWrapper();
findInboundSecurityToken(WSSecurityEventConstants.SAML_TOKEN, messageContext); if (securityToken instanceof SamlSecurityToken && ((SamlSecurityToken)securityToken).getSamlAssertionWrapper() != null) { return ((SamlSecurityToken)securityToken).getSamlAssertionWrapper();