/** * Create a default attribute */ private AttributeBean createDefaultAttribute(String tokenType) { AttributeBean attributeBean = new AttributeBean(); if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) { attributeBean.setSimpleName("token-requestor"); attributeBean.setQualifiedName("http://cxf.apache.org/sts"); } else { attributeBean.setQualifiedName("token-requestor"); attributeBean.setNameFormat("http://cxf.apache.org/sts"); } attributeBean.addAttributeValue("authenticated"); return attributeBean; }
public AttributeStatementBean handleClaims(JsonMapObject claims) { if (claims != null) { String role = claims.getStringProperty("role"); if (role != null) { AttributeStatementBean attrBean = new AttributeStatementBean(); AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName(ROLE.toString()); attributeBean.setNameFormat(nameFormat); List<Object> attributes = new ArrayList<>(); attributes.add(role); attributeBean.setAttributeValues(attributes); attrBean.setSamlAttributes(Collections.singletonList(attributeBean)); return attrBean; } } return null; }
/** * Create a default attribute */ private AttributeBean createDefaultAttribute(String tokenType) { AttributeBean attributeBean = new AttributeBean(); if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) { attributeBean.setSimpleName("token-requestor"); attributeBean.setQualifiedName("http://cxf.apache.org/sts"); } else { attributeBean.setQualifiedName("token-requestor"); attributeBean.setNameFormat("http://cxf.apache.org/sts"); } attributeBean.addAttributeValue("authenticated"); return attributeBean; }
private AttributeBean createAttributeBean(AttributeKey attributeKey, List<Object> claimValues) { AttributeBean attributeBean = new AttributeBean(attributeKey.getSimpleName(), attributeKey.getQualifiedName(), claimValues); attributeBean.setNameFormat(attributeKey.getNameFormat()); return attributeBean; }
private AttributeBean createAttributeBean(AttributeKey attributeKey, List<Object> claimValues) { AttributeBean attributeBean = new AttributeBean(attributeKey.getSimpleName(), attributeKey.getQualifiedName(), claimValues); attributeBean.setNameFormat(attributeKey.getNameFormat()); return attributeBean; }
while (claimIterator.hasNext()) { ProcessedClaim claim = claimIterator.next(); AttributeBean attributeBean = new AttributeBean();
while (claimIterator.hasNext()) { ProcessedClaim claim = claimIterator.next(); AttributeBean attributeBean = new AttributeBean();
private void createAndSetStatement(SAMLCallback callback) { AuthenticationStatementBean authBean = new AuthenticationStatementBean(); authBean.setAuthenticationMethod("Password"); callback.setAuthenticationStatementData(Collections.singletonList(authBean)); if (attributeStatements != null && !attributeStatements.isEmpty()) { List<AttributeStatementBean> attrStatementBeans = new ArrayList<>(); for (AttributeStatement attrStatement : attributeStatements) { AttributeStatementBean attrStatementBean = new AttributeStatementBean(); List<AttributeBean> attrBeans = new ArrayList<>(); for (Attribute attribute : attrStatement.getAttributes()) { AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName(attribute.getName()); attributeBean.setNameFormat(attribute.getNameFormat()); List<Object> attributeValues = new ArrayList<>(); for (XMLObject attrVal : attribute.getAttributeValues()) { attributeValues.add(attrVal.getDOM().getTextContent()); } attributeBean.setAttributeValues(attributeValues); attrBeans.add(attributeBean); } attrStatementBean.setSamlAttributes(attrBeans); attrStatementBeans.add(attrStatementBean); } callback.setAttributeStatementData(attrStatementBeans); } }
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof SAMLCallback) { SAMLCallback callback = (SAMLCallback) callbacks[i]; callback.setSamlVersion(SAMLVersion.VERSION_20); callback.setIssuer("alice"); String subjectName = "uid=auth_client"; SubjectBean subjectBean = new SubjectBean( subjectName, null, SAML2Constants.CONF_SENDER_VOUCHES ); callback.setSubject(subjectBean); AttributeStatementBean attrBean = new AttributeStatementBean(); if (subjectBean != null) { attrBean.setSubject(subjectBean); } AttributeBean attributeBean = new AttributeBean(); attributeBean.setQualifiedName("attribute-role"); attributeBean.setAttributeValues(Collections.singletonList((Object)"authenticated-client")); attrBean.setSamlAttributes(Collections.singletonList(attributeBean)); callback.setAttributeStatementData(Collections.singletonList(attrBean)); } } }
public AttributeStatementBean getStatement(TokenProviderParameters providerParameters) { Principal principal = null; if (providerParameters.getTokenRequirements().getValidateTarget() != null) { ReceivedToken receivedToken = providerParameters.getTokenRequirements().getValidateTarget(); if (receivedToken.getState().equals(STATE.VALID)) { principal = receivedToken.getPrincipal(); } } else { principal = providerParameters.getPrincipal(); } String role = "authenticated-user"; if (principal.getName().contains("CN=Carl Client")) { role = "doubleit-user"; } AttributeBean attributeBean = new AttributeBean(); String tokenType = providerParameters.getTokenRequirements().getTokenType(); if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType)) { attributeBean.setQualifiedName("role"); attributeBean.setNameFormat("http://schemas.xmlsoap.org/ws/2005/05/identity/claims"); } else { attributeBean.setSimpleName("role"); attributeBean.setQualifiedName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims"); } attributeBean.setAttributeValues(Collections.singletonList((Object)role)); AttributeStatementBean attributeStatementBean = new AttributeStatementBean(); attributeStatementBean.setSamlAttributes(Collections.singletonList(attributeBean)); return attributeStatementBean; }
attrBean.setSubject(subjectBean); AttributeBean attributeBean = new AttributeBean(); attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED); if (saml2) {
String tokenType ) throws WSSecurityException { AttributeBean parameterBean = new AttributeBean();
String tokenType ) throws WSSecurityException { AttributeBean parameterBean = new AttributeBean();
attrBean.setSubject(subjectBean); AttributeBean attributeBean = new AttributeBean(); if (saml2) { attributeBean.setQualifiedName("subject-role");
attrBean.setSubject(subjectBean); AttributeBean attributeBean = new AttributeBean(); if (saml2) { attributeBean.setQualifiedName("subject-role");
attrBean.setSubject(subjectBean); AttributeBean attributeBean = new AttributeBean(); if (saml2) { attributeBean.setQualifiedName("subject-role");
AttributeBean roleClaim = new AttributeBean(); roleClaim.setSimpleName("subject-role"); roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT); AttributeBean authClaim = new AttributeBean(); authClaim.setSimpleName("http://claims/authentication"); authClaim.setQualifiedName("http://claims/authentication");
AttributeBean roleClaim = new AttributeBean(); roleClaim.setSimpleName("subject-role"); roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT); AttributeBean authClaim = new AttributeBean(); authClaim.setSimpleName("http://claims/authentication"); authClaim.setQualifiedName("http://claims/authentication");