/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { try { // TODO Maybe the response should not be logged ? if (log.isTraceEnabled()) { logResponse("Response before signing:"); } if (response instanceof org.opensaml.saml.saml1.core.Response) { for (final org.opensaml.saml.saml1.core.Assertion assertion : ((org.opensaml.saml.saml1.core.Response) response).getAssertions()) { SignatureSupport.signObject(assertion, signatureSigningParameters); } } else if (response instanceof org.opensaml.saml.saml2.core.Response) { for (final org.opensaml.saml.saml2.core.Assertion assertion : ((org.opensaml.saml.saml2.core.Response) response).getAssertions()) { SignatureSupport.signObject(assertion, signatureSigningParameters); } } // TODO Maybe the response should not be logged ? if (log.isTraceEnabled()) { logResponse("Response after signing:"); } } catch (final SecurityException | MarshallingException | SignatureException e) { log.warn("{} Error encountered while signing assertions", getLogPrefix(), e); ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_SIGN); } }
/** * Signs the SAML message represented in the message context if it is a {@link SignableXMLObject} * and the message context contains signing parameters as determined * by {@link #getContextSigningParameters(MessageContext)}. * * @param messageContext current message context * * @throws SecurityException if there is a problem preparing the signature * @throws MarshallingException if there is a problem marshalling the SAMLObject * @throws SignatureException if there is a problem with the signature operation * */ public static void signMessage(@Nonnull final MessageContext<SAMLObject> messageContext) throws SecurityException, MarshallingException, SignatureException { Constraint.isNotNull(messageContext, "Message context cannot be null"); final SAMLObject outboundSAML = messageContext.getMessage(); final SignatureSigningParameters parameters = getContextSigningParameters(messageContext); if (outboundSAML instanceof SignableXMLObject && parameters != null) { SignatureSupport.signObject((SignableXMLObject) outboundSAML, parameters); } }