Example 6 with Statement
use of com.sun.identity.saml.assertion.Statement in project OpenAM by OpenRock.
the class SecurityUtils method getCertificate.
/**
* Gets the Certificate from the <code>Assertion</code>.
*
* @param assertion the SAML <code>Assertion</code>.
* @return <code>X509Certificate</code> object.
*/
public static java.security.cert.Certificate getCertificate(SecurityAssertion assertion) {
if (debug.messageEnabled()) {
debug.message("SecurityAssertion = " + assertion.toString());
}
try {
Set statements = assertion.getStatement();
if (statements != null && !(statements.isEmpty())) {
Iterator iterator = statements.iterator();
while (iterator.hasNext()) {
Statement statement = (Statement) iterator.next();
int stype = statement.getStatementType();
Subject subject = null;
if (stype == Statement.AUTHENTICATION_STATEMENT) {
subject = ((AuthenticationStatement) statement).getSubject();
} else if (stype == ResourceAccessStatement.RESOURCEACCESS_STATEMENT) {
ResourceAccessStatement raStatement = (ResourceAccessStatement) statement;
subject = raStatement.getProxySubject();
if (subject == null) {
subject = raStatement.getSubject();
}
} else if (stype == SessionContextStatement.SESSIONCONTEXT_STATEMENT) {
SessionContextStatement scStatement = (SessionContextStatement) statement;
subject = scStatement.getProxySubject();
if (subject == null) {
subject = scStatement.getSubject();
}
}
if (subject != null) {
SubjectConfirmation subConfirm = subject.getSubjectConfirmation();
if (subConfirm.getConfirmationMethod().contains(SAMLConstants.CONFIRMATION_METHOD_HOLDEROFKEY)) {
Element keyinfo = subConfirm.getKeyInfo();
return getCertificate(keyinfo);
}
}
}
} else {
debug.error("Assertion does not contain any Statement.");
}
} catch (Exception e) {
debug.error("getCertificate Exception: ", e);
}
return null;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation)
Statement(com.sun.identity.saml.assertion.Statement)
AuthenticationStatement(com.sun.identity.saml.assertion.AuthenticationStatement)
Element(org.w3c.dom.Element)
Iterator(java.util.Iterator)
Subject(com.sun.identity.saml.assertion.Subject)
XMLSignatureException(com.sun.identity.saml.xmlsig.XMLSignatureException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 7 with Statement
use of com.sun.identity.saml.assertion.Statement in project OpenAM by OpenRock.
the class SAMLSOAPReceiver method checkAgainstRespondWith.
/**
* This method takes in a RespondWith element ( List) and a statement List
* and returns true or false depending on whether the all statement types
* exist in the RespondWith List
*/
private boolean checkAgainstRespondWith(List respondWith, Set statements) {
boolean stFound = false;
Iterator itSt = statements.iterator();
while (itSt.hasNext()) {
// it iterates over statements
stFound = false;
Statement st = (Statement) itSt.next();
Iterator it = respondWith.iterator();
while (it.hasNext()) {
String respWith = (String) it.next();
SAMLUtils.debug.message("matching respondWith element:" + respWith);
switch(st.getStatementType()) {
case Statement.AUTHENTICATION_STATEMENT:
if (respWith.endsWith(":AuthenticationStatement")) {
SAMLUtils.debug.message("matching auth st");
stFound = true;
}
break;
case Statement.AUTHORIZATION_DECISION_STATEMENT:
if (respWith.endsWith(":AuthorizationDecisionStatement")) {
SAMLUtils.debug.message("matching authz st");
stFound = true;
}
break;
case Statement.ATTRIBUTE_STATEMENT:
if (respWith.endsWith(":AttributeStatement")) {
SAMLUtils.debug.message("matching attrib st");
stFound = true;
}
break;
}
if (stFound) {
SAMLUtils.debug.message("match found");
break;
}
}
if (!stFound) {
SAMLUtils.debug.message("mismatch found");
return false;
}
}
return true;
}Example 8 with Statement
use of com.sun.identity.saml.assertion.Statement in project OpenAM by OpenRock.
the class FSAssertion method toXMLString.
/**
* Returns a <code>XML</code> String representation of this object.
*
* @param includeNS determines whether or not the namespace qualifier is
* prepended to the Element when converted
* @param declareNS determines whether or not the namespace is declared
* within the Element.
* @return a string containing the valid <code>XML</code> for this object.
* @throws FSMsgException if there is an error creating
* the <code>XML</code> string.
*/
public java.lang.String toXMLString(boolean includeNS, boolean declareNS) throws FSMsgException {
StringBuffer xml = new StringBuffer(3000);
String NS = "";
String appendNS = "";
String libNS = "";
String libAppendNS = "";
String uriXSI = "";
if (declareNS) {
NS = sc.assertionDeclareStr;
if (minorVersion == IFSConstants.FF_12_POST_ASSERTION_MINOR_VERSION || minorVersion == IFSConstants.FF_12_ART_ASSERTION_MINOR_VERSION) {
libNS = IFSConstants.LIB_12_NAMESPACE_STRING;
} else {
libNS = IFSConstants.LIB_NAMESPACE_STRING;
}
uriXSI = IFSConstants.XSI_NAMESPACE_STRING;
}
if (includeNS) {
appendNS = SAMLConstants.ASSERTION_PREFIX;
libAppendNS = IFSConstants.LIB_PREFIX;
}
String dateStr = null;
if (getIssueInstant() != null) {
dateStr = DateUtils.toUTCDateFormat(getIssueInstant());
}
xml.append(IFSConstants.LEFT_ANGLE).append(appendNS).append(IFSConstants.ASSERTION).append(IFSConstants.SPACE).append(NS).append(IFSConstants.SPACE).append(uriXSI).append(IFSConstants.SPACE).append(libNS).append(IFSConstants.SPACE);
if (minorVersion == IFSConstants.FF_11_ASSERTION_MINOR_VERSION && id != null && !(id.length() == 0)) {
xml.append(IFSConstants.SPACE).append(IFSConstants.ID).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(id).append(IFSConstants.QUOTE).append(IFSConstants.SPACE);
}
xml.append(IFSConstants.MAJOR_VERSION).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(getMajorVersion()).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.MINOR_VERSION).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(minorVersion).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.ASSERTION_ID).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(getAssertionID()).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.ISSUER).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(getIssuer()).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.ISSUE_INSTANT).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(dateStr).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.IN_RESPONSE_TO).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(inResponseTo).append(IFSConstants.QUOTE).append(IFSConstants.SPACE).append(IFSConstants.XSI_TYPE).append(IFSConstants.EQUAL_TO).append(IFSConstants.QUOTE).append(libAppendNS).append(IFSConstants.ASSERTION_TYPE).append(IFSConstants.QUOTE).append(IFSConstants.RIGHT_ANGLE).append(sc.NL);
if (getConditions() != null) {
xml.append(getConditions().toString(includeNS, false));
}
if (getAdvice() != null) {
xml.append(getAdvice().toString(includeNS, false));
}
Iterator i = getStatement().iterator();
while (i.hasNext()) {
Statement st = (Statement) i.next();
if (st instanceof FSAuthenticationStatement) {
xml.append(((FSAuthenticationStatement) st).toXMLString(includeNS, false));
} else if (st instanceof AttributeStatement) {
xml.append(((AttributeStatement) st).toString(includeNS, false));
}
}
if (signed) {
if (signatureString != null) {
xml.append(signatureString);
} else if (signature != null) {
signatureString = XMLUtils.print(signature);
xml.append(signatureString);
}
}
xml.append(IFSConstants.START_END_ELEMENT).append(appendNS).append(IFSConstants.ASSERTION).append(IFSConstants.RIGHT_ANGLE).append(IFSConstants.NL);
return xml.toString();
}
Also used :
AuthorizationDecisionStatement(com.sun.identity.saml.assertion.AuthorizationDecisionStatement)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
Statement(com.sun.identity.saml.assertion.Statement)
AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement)
Iterator(java.util.Iterator)
Example 9 with Statement
use of com.sun.identity.saml.assertion.Statement in project OpenAM by OpenRock.
the class DiscoUtils method getSessionContext.
private static SessionContext getSessionContext(SecurityAssertion assertion) {
if (assertion == null) {
return null;
}
Iterator iter = assertion.getStatement().iterator();
SessionContext context = null;
while (iter.hasNext()) {
Statement st = (Statement) iter.next();
int type = st.getStatementType();
if (type == ResourceAccessStatement.RESOURCEACCESS_STATEMENT) {
context = ((ResourceAccessStatement) st).getSessionContext();
if (context != null) {
return context;
}
} else if (type == SessionContextStatement.SESSIONCONTEXT_STATEMENT) {
context = ((SessionContextStatement) st).getSessionContext();
if (context != null) {
return context;
}
}
}
return null;
}Example 10 with Statement
use of com.sun.identity.saml.assertion.Statement in project OpenAM by OpenRock.
the class SecurityAssertion method toString.
/**
* Creates a String representation of the <code><Assertion></code>
* element.
*
* @param includeNS if true prepends all elements by their Namespace
* name example <code><saml:Assertion></code>;
* @param declareNS if true includes the namespace within the generated
* XML.
* @return A string containing the valid XML for this element.
*/
public java.lang.String toString(boolean includeNS, boolean declareNS) {
if (signed && (xmlString != null)) {
return xmlString;
}
StringBuffer xml = new StringBuffer(3000);
String NS = "";
String appendNS = "";
if (declareNS) {
NS = SAMLConstants.assertionDeclareStr;
}
if (includeNS) {
appendNS = "saml:";
}
String dateStr = null;
if (_issueInstant != null) {
dateStr = DateUtils.toUTCDateFormat(_issueInstant);
}
xml.append("<").append(appendNS).append("Assertion").append(" ").append(NS).append(" ").append("MajorVersion").append("=\"").append(_majorVersion).append("\"").append(" ").append("MinorVersion").append("=\"").append(_minorVersion).append("\"").append(" ").append("AssertionID=\"").append(_assertionID.getAssertionIDReference()).append("\"").append(" ").append("Issuer").append("=\"").append(_issuer).append("\"").append(" ").append("IssueInstant").append("=\"").append(dateStr).append("\"").append(" ").append(">").append(sc.NL);
if (_conditions != null) {
xml.append(_conditions.toString(includeNS, false));
}
if (_advice != null) {
xml.append(_advice.toString(includeNS, false));
}
Iterator i = getStatement().iterator();
while (i.hasNext()) {
Statement st = (Statement) i.next();
xml.append(st.toString(includeNS, declareNS));
}
if (signed && (signatureString != null)) {
xml.append(signatureString);
}
String o = SAMLUtils.makeEndElementTagXML("Assertion", includeNS);
xml.append(o);
return xml.toString();
}
Also used :
SubjectStatement(com.sun.identity.saml.assertion.SubjectStatement)
Statement(com.sun.identity.saml.assertion.Statement)
Iterator(java.util.Iterator)
Aggregations
Statement (com.sun.identity.saml.assertion.Statement)15
Iterator (java.util.Iterator)15
AttributeStatement (com.sun.identity.saml.assertion.AttributeStatement)9
SubjectStatement (com.sun.identity.saml.assertion.SubjectStatement)9
Set (java.util.Set)8
AuthenticationStatement (com.sun.identity.saml.assertion.AuthenticationStatement)7
HashSet (java.util.HashSet)7
Subject (com.sun.identity.saml.assertion.Subject)6
SubjectConfirmation (com.sun.identity.saml.assertion.SubjectConfirmation)5
Assertion (com.sun.identity.saml.assertion.Assertion)4
CharacterIterator (java.text.CharacterIterator)4
StringCharacterIterator (java.text.StringCharacterIterator)4
HashMap (java.util.HashMap)4
List (java.util.List)4
ArrayList (java.util.ArrayList)3
Date (java.util.Date)3
FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)2
FSAssertion (com.sun.identity.federation.message.FSAssertion)2
FSAuthenticationStatement (com.sun.identity.federation.message.FSAuthenticationStatement)2
FSSubject (com.sun.identity.federation.message.FSSubject)2
