/** * @return the SAML signature. */ @Override public Signature getSAMLSignature() { return assertion.getSignature(); }
public Signature getSignature() { Signature sig = null; if (saml2 != null && saml2.getSignature() != null) { sig = saml2.getSignature(); } else if (saml1 != null && saml1.getSignature() != null) { sig = saml1.getSignature(); } return sig; }
public Signature getSignature() { Signature sig = null; if (saml2 != null && saml2.getSignature() != null) { sig = saml2.getSignature(); } else if (saml1 != null && saml1.getSignature() != null) { sig = saml1.getSignature(); } return sig; }
/** * Method isSigned returns the signed of this AssertionWrapper object. * * @return the signed (type boolean) of this AssertionWrapper object. */ public boolean isSigned() { if (saml2 != null) { return saml2.isSigned() || saml2.getSignature() != null; } else if (saml1 != null) { return saml1.isSigned() || saml1.getSignature() != null; } return false; }
/** * Method isSigned returns the signed of this AssertionWrapper object. * * @return the signed (type boolean) of this AssertionWrapper object. */ public boolean isSigned() { if (saml2 != null) { return saml2.isSigned() || saml2.getSignature() != null; } else if (saml1 != null) { return saml1.isSigned() || saml1.getSignature() != null; } return false; }
/** * Checks whether the token is valid or not, by verifying the issuer's own * signature. If it has been signed by the token issuer, then it is a valid * token. * * @param token * the token to validate. * @param issuerPBKey Public key which should be used during validation. * @return true if the token has been signed by the issuer. */ private boolean isValid(Token token, PublicKey issuerPBKey) { // extract SAMLAssertion object from token OMElement assertionOMElement = token.getToken(); Assertion samlAssertion; try { samlAssertion = SAMLUtils.buildAssertion((Element) assertionOMElement); log.info("Verifying token validity..."); // check if the token has been signed by the issuer. SignatureValidator validator = new SignatureValidator(samlAssertion.getSignature().getSigningCredential()); validator.validate(samlAssertion.getSignature()); } catch (ValidationException e) { log.error("Signature verification failed on SAML token.", e); return false; } // if there was no exception, then the token is valid return true; }
if (saml2 != null && saml2.getSignature() != null) { sig = saml2.getSignature(); } else if (saml1 != null && saml1.getSignature() != null) { sig = saml1.getSignature();
if (saml2 != null && saml2.getSignature() != null) { sig = saml2.getSignature(); } else if (saml1 != null && saml1.getSignature() != null) { sig = saml1.getSignature();
profileValidator.validate(assertion.getSignature()); } catch (ValidationException e) { X509Credential x509Credential = new X509CredentialImpl(x509Certificate); SignatureValidator signatureValidator = new SignatureValidator(x509Credential); signatureValidator.validate(assertion.getSignature()); if(log.isDebugEnabled()) { log.debug("Signature validation successful");
profileValidator.validate(assertion.getSignature()); } catch (ValidationException e) { X509Credential x509Credential = new X509CredentialImpl(x509Certificate); SignatureValidator signatureValidator = new SignatureValidator(x509Credential); signatureValidator.validate(assertion.getSignature()); if(log.isDebugEnabled()) { log.debug("Signature validation successful");
signObject(assertion.getSignature()); (org.opensaml.saml1.core.Assertion) xmlObject; signObject(saml1.getSignature()); } else if (xmlObject instanceof org.opensaml.saml2.core.RequestAbstractType) { org.opensaml.saml2.core.RequestAbstractType request =
signObject(assertion.getSignature()); (org.opensaml.saml1.core.Assertion) xmlObject; signObject(saml1.getSignature()); } else if (xmlObject instanceof org.opensaml.saml2.core.RequestAbstractType) { org.opensaml.saml2.core.RequestAbstractType request =