/** * Commit will package the samlToken set by the login method in a new {@link SamlCredential}. * This new SamlCredential will be put into the Subject public credentials set. */ public boolean commit() throws LoginException { if (success) { final SamlCredential samlCredential = new SamlCredential(samlToken); final boolean added = subject.getPublicCredentials().add(samlCredential); populateSubject(); if (added && log.isDebugEnabled()) log.debug("Added Credential :" + samlCredential); return true; } else { return false; } }
public Element getAssertionAsElement() throws ProcessingException { return SamlCredential.assertionToElement(assertion); }
public SamlCredential(final Element assertion) { if (assertion == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "assertion"); this.assertion = SamlCredential.assertionToString(assertion); }
SamlCredential credential = new SamlCredential(assertion); if (log.isTraceEnabled()) log.trace(credential.getAssertionAsString());
callback.setCredential(new SamlCredential(DocumentUtil.getDocument(callback.getCredential().toString()) .getDocumentElement())); assertionElement = this.credential.getAssertionAsElement(); } catch (Exception e) { throw logger.authErrorHandlingCallback(e);
try assertion = samlCredential.getAssertionAsElement();
String assertionStr = samlCredential.getAssertionAsString(); if(StringUtil.isNullOrEmpty(assertionStr)) throw new RuntimeException(ErrorCodes.NULL_VALUE + "Assertion String is null or empty");
logger.samlAssertionPasingFailed(e); SamlCredential credential = new SamlCredential(assertion); if (logger.isTraceEnabled()) { logger.trace("Assertion included in SOAP payload: " + credential.getAssertionAsString());
callback.setCredential(new SamlCredential(DocumentUtil.getDocument(callback.getCredential().toString()) .getDocumentElement())); assertionElement = this.credential.getAssertionAsElement(); } catch (Exception e) { throw logger.authErrorHandlingCallback(e);
Element assertion = credential.getAssertionAsElement(); String xmlSignatureNSPrefix = findNameSpacePrefix(assertion, JBossSAMLURIConstants.XMLDSIG_NSURI.get()); (Element) xpath.evaluate(expression, credential.getAssertionAsElement(), XPathConstants.NODE); XMLSignature signature = new XMLSignature(sigElement, "");
String assertionStr = samlCredential.getAssertionAsString(); if (StringUtil.isNullOrEmpty(assertionStr)) { throw logger.authSAMLAssertionNullOrEmpty();
/** * Commit will package the samlToken set by the login method in a new {@link SamlCredential}. * This new SamlCredential will be put into the Subject public credentials set. */ public boolean commit() throws LoginException { if (success) { final SamlCredential samlCredential = new SamlCredential(samlToken); final boolean added = subject.getPublicCredentials().add(samlCredential); populateSubject(); if (added && log.isDebugEnabled()) log.debug("Added Credential :" + samlCredential); return true; } else { return false; } }
logger.samlAssertionPasingFailed(e); SamlCredential credential = new SamlCredential(assertion); if (logger.isTraceEnabled()) { logger.trace("Assertion included in SOAP payload: " + credential.getAssertionAsString());
Element assertion = credential.getAssertionAsElement(); String xmlSignatureNSPrefix = findNameSpacePrefix(assertion, JBossSAMLURIConstants.XMLDSIG_NSURI.get()); (Element) xpath.evaluate(expression, credential.getAssertionAsElement(), XPathConstants.NODE); XMLSignature signature = new XMLSignature(sigElement, "");
public SamlCredential(final Element assertion) { if (assertion == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "assertion"); this.assertion = SamlCredential.assertionToString(assertion); }
public Element getAssertionAsElement() throws ProcessingException { return SamlCredential.assertionToElement(assertion); }
String assertionStr = samlCredential.getAssertionAsString(); if (StringUtil.isNullOrEmpty(assertionStr)) { throw logger.authSAMLAssertionNullOrEmpty();
/** * Commit will package the samlToken set by the login method in a new {@link SamlCredential}. This new SamlCredential will * be put into the Subject public credentials set. */ public boolean commit() throws LoginException { if (success) { final SamlCredential samlCredential = new SamlCredential(samlToken); final boolean added = subject.getPublicCredentials().add(samlCredential); populateSubject(); if (added) logger.trace("Added Credential " + samlCredential); return true; } else { return false; } }
/** * This method validates SAML Credential in following steps: <ol> <li>Validate the signing key embedded in SAML token is still * valid, not expired</li> <li>Validate the signing key embedded in SAML token is trusted against a local truststore, such as * certpath validation</li> <li>Validate SAML token is still valid, not expired</li> <li>Validate the SAML signature using the * embedded signing key in SAML token itself as you indicated below</li> </ol> * * If something goes wrong throws LoginException. * * @throws LoginException */ private void validateSAMLCredential() throws LoginException, ConfigurationException, CertificateExpiredException, CertificateNotYetValidException { X509Certificate cert = getX509Certificate(); // public certificate validation validateCertPath(cert); // check time validity of the certificate cert.checkValidity(); boolean sigValid = false; try { sigValid = AssertionUtil.isSignatureValid(credential.getAssertionAsElement(), cert.getPublicKey()); } catch (ProcessingException e) { logger.processingError(e); } if (!sigValid) { throw logger.authSAMLInvalidSignatureError(); } if (AssertionUtil.hasExpired(assertion)) { throw logger.authSAMLAssertionExpiredError(); } }
public SamlCredential(final Element assertion) { if (assertion == null) throw logger.nullArgumentError("assertion"); this.assertion = SamlCredential.assertionToString(assertion); }