token = getSamlTokenFromCaller(); final boolean result = stsClient.validateToken(token); log.debug("Validation result: " + result); if (result == false)
token = getSamlTokenFromCaller(); final boolean result = stsClient.validateToken(token); log.debug("Validation result: " + result); if (result == false)
/** * <p> * This method validates the specified token and has failover support when more than one endpoint URI has been provided in * the constructor. If a {@code ConnectException} occurs when sending the WS-Trust request to one endpoint, the code makes a * new attempt using the next URI until the request reaches an STS instance or all URIs have been tried. * </p> * * @param token an {@code Element} representing the security token being validated. * @param clientIndex an {@code int} that indicates which of the {@code STSClient} instances should be used to perform the * request. * @return {@code true} if the token was considered valid; {@code false} otherwise. * @throws WSTrustException if a WS-Trust exception is thrown by the STS. */ private boolean validateInternal(Element token, int clientIndex) throws WSTrustException { STSClient client = this.clients[clientIndex]; try { return client.validateToken(token); } catch (RuntimeException e) { // if this was a connection refused exception and we still have clients to try, call the next client. if (this.isCausedByConnectException(e) && clientIndex < this.clients.length - 1) { return this.validateInternal(token, ++clientIndex); } throw e; } }
try return client.validateToken(token);
/** * <p> * This method validates the specified token and has failover support when more than one endpoint URI has been * provided in * the constructor. If a {@code ConnectException} occurs when sending the WS-Trust request to one endpoint, the code * makes a * new attempt using the next URI until the request reaches an STS instance or all URIs have been tried. * </p> * * @param token an {@code Element} representing the security token being validated. * @param clientIndex an {@code int} that indicates which of the {@code STSClient} instances should be used to * perform the * request. * * @return {@code true} if the token was considered valid; {@code false} otherwise. * * @throws WSTrustException if a WS-Trust exception is thrown by the STS. */ private boolean validateInternal(Element token, int clientIndex) throws WSTrustException { STSClient client = this.clients[clientIndex]; try { return client.validateToken(token); } catch (RuntimeException e) { // if this was a connection refused exception and we still have clients to try, call the next client. if (this.isCausedByConnectException(e) && clientIndex < this.clients.length - 1) { return this.validateInternal(token, ++clientIndex); } throw e; } }
/** * <p> * This method validates the specified token and has failover support when more than one endpoint URI has been * provided in * the constructor. If a {@code ConnectException} occurs when sending the WS-Trust request to one endpoint, the code * makes a * new attempt using the next URI until the request reaches an STS instance or all URIs have been tried. * </p> * * @param token an {@code Element} representing the security token being validated. * @param clientIndex an {@code int} that indicates which of the {@code STSClient} instances should be used to * perform the * request. * * @return {@code true} if the token was considered valid; {@code false} otherwise. * * @throws WSTrustException if a WS-Trust exception is thrown by the STS. */ private boolean validateInternal(Element token, int clientIndex) throws WSTrustException { STSClient client = this.clients[clientIndex]; try { return client.validateToken(token); } catch (RuntimeException e) { // if this was a connection refused exception and we still have clients to try, call the next client. if (this.isCausedByConnectException(e) && clientIndex < this.clients.length - 1) { return this.validateInternal(token, ++clientIndex); } throw e; } }
/** * This method will validate the token with the configured STS. * * @return Element The token that was validated. * @throws LoginException If it was not possible to validate the token for any reason. */ public Element invokeSTS(final STSClient stsClient) throws WSTrustException, LoginException { try { // See if a previous stacked login module stored the token. Element token = (Element) getSharedToken(); if (token == null) token = getSamlTokenFromCaller(); final boolean result = stsClient.validateToken(token); logger.debug("SAML Token Validation result: " + result); if (result == false) { // Throw an exception as returing false only says that this login module should be ignored. throw logger.authCouldNotValidateSAMLToken(token); } return token; } catch (final IOException e) { throw logger.authLoginError(e); } catch (final UnsupportedCallbackException e) { throw logger.authLoginError(e); } }
/** * This method will validate the token with the configured STS. * * @return Element The token that was validated. * * @throws LoginException If it was not possible to validate the token for any reason. */ public Element invokeSTS(final STSClient stsClient) throws WSTrustException, LoginException { try { // See if a previous stacked login module stored the token. Element token = (Element) getSharedToken(); if (token == null) token = getSamlTokenFromCaller(); final boolean result = stsClient.validateToken(token); logger.debug("SAML Token Validation result: " + result); if (result == false) { // Throw an exception as returing false only says that this login module should be ignored. throw logger.authCouldNotValidateSAMLToken(token); } return token; } catch (final IOException e) { throw logger.authLoginError(e); } catch (final UnsupportedCallbackException e) { throw logger.authLoginError(e); } }
/** * This method will validate the token with the configured STS. * * @return Element The token that was validated. * * @throws LoginException If it was not possible to validate the token for any reason. */ public Element invokeSTS(final STSClient stsClient) throws WSTrustException, LoginException { try { // See if a previous stacked login module stored the token. Element token = (Element) getSharedToken(); if (token == null) token = getSamlTokenFromCaller(); final boolean result = stsClient.validateToken(token); logger.debug("SAML Token Validation result: " + result); if (result == false) { // Throw an exception as returing false only says that this login module should be ignored. throw logger.authCouldNotValidateSAMLToken(token); } return token; } catch (final IOException e) { throw logger.authLoginError(e); } catch (final UnsupportedCallbackException e) { throw logger.authLoginError(e); } }
boolean isValid = client.validateToken(assertionElement);
boolean isValid = client.validateToken(assertionElement);
/** * Will process in-bound messages and extract a security token from the SOAP Header. This token will then be validated using * by calling the STS.. * * @param messageContext The {@link SOAPMessageContext messageContext}. * @return true If the security token was correctly validated or if this call was an outbound message. * @throws WebServiceException If the security token could not be validated. */ public boolean handleMessage(final SOAPMessageContext messageContext) { if (isOutBound(messageContext)) return true; try { final Element securityToken = extractSecurityToken(messageContext, getSecurityElementQName(), getTokenElementQName()); if (securityToken == null) { throwSecurityTokenUnavailable(); } setUsernameFromMessageContext(messageContext, configBuilder); setPasswordFromMessageContext(messageContext, configBuilder); final STSClient stsClient = createSTSClient(configBuilder); if (stsClient.validateToken(securityToken) == false) { throwFailedAuthentication(); } } catch (final WSTrustException e) { throwInvalidSecurity(); } catch (ParsingException e) { throwInvalidSecurity(); } return true; }
final STSClient stsClient = createSTSClient(configBuilder); if (stsClient.validateToken(securityToken) == false)
final STSClient stsClient = createSTSClient(configBuilder); if (stsClient.validateToken(securityToken) == false)
stsClient = createSTSClient(stsClientConfig); if (stsClient.validateToken(securityToken) == false) { throwFailedAuthentication();
stsClient = createSTSClient(stsClientConfig); if (stsClient.validateToken(securityToken) == false) { throwFailedAuthentication();