private void createEcpRequestHeader(SOAPEnvelope envelope) throws SOAPException { SOAPHeader headers = envelope.getHeader(); SOAPHeaderElement ecpRequestHeader = headers.addHeaderElement(envelope.createQName(JBossSAMLConstants.REQUEST.get(), NS_PREFIX_PROFILE_ECP)); ecpRequestHeader.setMustUnderstand(true); ecpRequestHeader.setActor("http://schemas.xmlsoap.org/soap/actor/next"); ecpRequestHeader.addAttribute(envelope.createName("ProviderName"), deployment.getEntityID()); ecpRequestHeader.addAttribute(envelope.createName("IsPassive"), "0"); ecpRequestHeader.addChildElement(envelope.createQName("Issuer", "saml")).setValue(deployment.getEntityID()); ecpRequestHeader.addChildElement(envelope.createQName("IDPList", "samlp")) .addChildElement(envelope.createQName("IDPEntry", "samlp")) .addAttribute(envelope.createName("ProviderID"), deployment.getIDP().getEntityID()) .addAttribute(envelope.createName("Name"), deployment.getIDP().getEntityID()) .addAttribute(envelope.createName("Loc"), deployment.getIDP().getSingleSignOnService().getRequestBindingUrl()); }
ConditionsValidator.Builder cvb = new ConditionsValidator.Builder(assertion.getID(), assertion.getConditions(), destinationValidator); try { cvb.addAllowedAudience(URI.create(deployment.getEntityID()));
String issuerURL = deployment.getEntityID(); SAML2LogoutResponseBuilder builder = new SAML2LogoutResponseBuilder(); builder.logoutRequestID(request.getID());
public static SAML2AuthnRequestBuilder buildSaml2AuthnRequestBuilder(SamlDeployment deployment) { String issuerURL = deployment.getEntityID(); String nameIDPolicyFormat = deployment.getNameIDPolicyFormat(); if (nameIDPolicyFormat == null) { nameIDPolicyFormat = JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get(); } SingleSignOnService sso = deployment.getIDP().getSingleSignOnService(); SAML2AuthnRequestBuilder authnRequestBuilder = new SAML2AuthnRequestBuilder() .destination(sso.getRequestBindingUrl()) .issuer(issuerURL) .forceAuthn(deployment.isForceAuthentication()).isPassive(deployment.isIsPassive()) .nameIdPolicy(SAML2NameIDPolicyBuilder.format(nameIDPolicyFormat)); if (sso.getResponseBinding() != null) { String protocolBinding = JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get(); if (sso.getResponseBinding() == SamlDeployment.Binding.POST) { protocolBinding = JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get(); } authnRequestBuilder.protocolBinding(protocolBinding); } if (sso.getAssertionConsumerServiceUrl() != null) { authnRequestBuilder.assertionConsumerUrl(sso.getAssertionConsumerServiceUrl()); } return authnRequestBuilder; }
.issuer(deployment.getEntityID()) .sessionIndex(account.getSessionIndex()) .userPrincipal(account.getPrincipal().getSamlSubject(), account.getPrincipal().getNameIDFormat())