Search in sources :

Example 6 with SubjectConfirmation

use of com.sun.identity.saml.assertion.SubjectConfirmation in project OpenAM by OpenRock.

the class LibSecurityTokenProvider method createAttributeStatement.

private AttributeStatement createAttributeStatement(NameIdentifier senderIdentity, List attributes, boolean isBearer) {
    AttributeStatement attributeStatement = null;
    try {
        Subject subject = null;
        SubjectConfirmation subConfirmation = null;
        if (isBearer) {
            subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_BEARER);
        } else {
            subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_HOLDEROFKEY);
            subConfirmation.setKeyInfo(createKeyInfo());
        }
        subject = new Subject(senderIdentity, subConfirmation);
        return new AttributeStatement(subject, attributes);
    } catch (Exception e) {
        if (debug.messageEnabled()) {
            debug.message("createAttributeStatement: ", e);
        }
    }
    return null;
}
Also used : SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation) AttributeStatement(com.sun.identity.saml.assertion.AttributeStatement) Subject(com.sun.identity.saml.assertion.Subject) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException)

Example 7 with SubjectConfirmation

use of com.sun.identity.saml.assertion.SubjectConfirmation in project OpenAM by OpenRock.

the class LibSecurityTokenProvider method createProxySubject.

/**
     * Creates a <code>ProxySubject</code> object.
     */
private ProxySubject createProxySubject(NameIdentifier senderIdentity, boolean isBear) throws SecurityTokenException, SAMLException {
    SubjectConfirmation subConfirmation = null;
    if (isBear) {
        subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_BEARER);
    } else {
        subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_HOLDEROFKEY);
        subConfirmation.setKeyInfo(createKeyInfo());
    }
    return new ProxySubject(senderIdentity, subConfirmation);
}
Also used : SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation)

Example 8 with SubjectConfirmation

use of com.sun.identity.saml.assertion.SubjectConfirmation in project OpenAM by OpenRock.

the class LibSecurityTokenProvider method createAuthenticationStatement.

/**
     * Creates Authentication Statement for the name identifier.
     */
private AuthenticationStatement createAuthenticationStatement(NameIdentifier senderIdentity, boolean isBearer) throws SecurityTokenException {
    AuthenticationStatement authStatement = null;
    try {
        String authMethod = SAMLServiceManager.getAuthMethodURI(authType);
        Date authInstant = DateUtils.stringToDate(authTime);
        Subject subject = null;
        SubjectConfirmation subConfirmation = null;
        if (isBearer) {
            subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_BEARER);
        } else {
            subConfirmation = new SubjectConfirmation(SAMLConstants.CONFIRMATION_METHOD_HOLDEROFKEY);
            subConfirmation.setKeyInfo(createKeyInfo());
        }
        subject = new Subject(senderIdentity, subConfirmation);
        authStatement = new AuthenticationStatement(authMethod, authInstant, subject);
    } catch (Exception e) {
        debug.error("createAuthenticationStatement: ", e);
        throw new SecurityTokenException(e.getMessage());
    }
    return authStatement;
}
Also used : SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation) AuthenticationStatement(com.sun.identity.saml.assertion.AuthenticationStatement) Date(java.util.Date) Subject(com.sun.identity.saml.assertion.Subject) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException)

Example 9 with SubjectConfirmation

use of com.sun.identity.saml.assertion.SubjectConfirmation in project OpenAM by OpenRock.

the class SecurityAssertion method isBearer.

/**
     * Determines if the <code>SecurityAssertion</code> contains SAML Bearer
     * confirmation method.
     *
     * @return true if the <code>SecurityAssertion</code> contains SAML Bearer
     *         confirmation.
     */
public boolean isBearer() {
    if (_statements == null || _statements.isEmpty()) {
        return false;
    }
    Iterator iter = _statements.iterator();
    while (iter.hasNext()) {
        Object statement = iter.next();
        if (!(statement instanceof SubjectStatement)) {
            continue;
        }
        Subject subject = ((SubjectStatement) statement).getSubject();
        if (subject == null) {
            continue;
        }
        SubjectConfirmation sc = subject.getSubjectConfirmation();
        if (sc == null) {
            continue;
        }
        Set confirmationMethods = sc.getConfirmationMethod();
        if (confirmationMethods == null || confirmationMethods.isEmpty()) {
            continue;
        }
        if (confirmationMethods.contains(SAMLConstants.CONFIRMATION_METHOD_BEARER)) {
            return true;
        }
    }
    return false;
}
Also used : SubjectStatement(com.sun.identity.saml.assertion.SubjectStatement) HashSet(java.util.HashSet) Set(java.util.Set) SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation) Iterator(java.util.Iterator) Subject(com.sun.identity.saml.assertion.Subject)

Example 10 with SubjectConfirmation

use of com.sun.identity.saml.assertion.SubjectConfirmation in project OpenAM by OpenRock.

the class SecurityAssertion method getBearerSubject.

/**
     * Determines if the <code>SecurityAssertion</code> contains SAML Bearer
     * confirmation method. If it is, return its Subject. Otherwise, return
     * null.
     *
     * @return Subject if the <code>SecurityAssertion</code> contains SAML
     *         Bearer confirmation.
     */
public Subject getBearerSubject() {
    if (_statements == null || _statements.isEmpty()) {
        return null;
    }
    Iterator iter = _statements.iterator();
    while (iter.hasNext()) {
        Object statement = iter.next();
        if (!(statement instanceof SubjectStatement)) {
            continue;
        }
        Subject subject = ((SubjectStatement) statement).getSubject();
        if (subject == null) {
            continue;
        }
        SubjectConfirmation sc = subject.getSubjectConfirmation();
        if (sc == null) {
            continue;
        }
        Set confirmationMethods = sc.getConfirmationMethod();
        if (confirmationMethods == null || confirmationMethods.isEmpty()) {
            continue;
        }
        if (confirmationMethods.contains(SAMLConstants.CONFIRMATION_METHOD_BEARER)) {
            return subject;
        }
    }
    return null;
}
Also used : SubjectStatement(com.sun.identity.saml.assertion.SubjectStatement) HashSet(java.util.HashSet) Set(java.util.Set) SubjectConfirmation(com.sun.identity.saml.assertion.SubjectConfirmation) Iterator(java.util.Iterator) Subject(com.sun.identity.saml.assertion.Subject)

Aggregations

SubjectConfirmation (com.sun.identity.saml.assertion.SubjectConfirmation)16 Subject (com.sun.identity.saml.assertion.Subject)9 Set (java.util.Set)9 HashSet (java.util.HashSet)8 Iterator (java.util.Iterator)8 SessionException (com.sun.identity.plugin.session.SessionException)5 AttributeStatement (com.sun.identity.saml.assertion.AttributeStatement)5 Statement (com.sun.identity.saml.assertion.Statement)5 SubjectStatement (com.sun.identity.saml.assertion.SubjectStatement)5 SAMLException (com.sun.identity.saml.common.SAMLException)5 Date (java.util.Date)5 Assertion (com.sun.identity.saml.assertion.Assertion)4 AuthenticationStatement (com.sun.identity.saml.assertion.AuthenticationStatement)4 Conditions (com.sun.identity.saml.assertion.Conditions)4 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Element (org.w3c.dom.Element)4 FSException (com.sun.identity.federation.common.FSException)3 FSAssertion (com.sun.identity.federation.message.FSAssertion)3 FSAuthenticationStatement (com.sun.identity.federation.message.FSAuthenticationStatement)3