Examples with XMLSignatureManager com.sun.identity.saml.xmlsig.XMLSignatureManager used on opensource projects

Search in sources :

Example 21 with XMLSignatureManager

use of com.sun.identity.saml.xmlsig.XMLSignatureManager in project OpenAM by OpenRock.

the class FSAuthnResponse method signXML.

/**
     * Signs the <code>Response</code>.
     *
     * @param certAlias the Certificate Alias
     * @throws SAMLException if <code>Response</code>
     *         cannot be signed.
     */
public void signXML(String certAlias) throws SAMLException {
    FSUtils.debug.message("FSAuthnResponse.signXML: Called");
    if (signed) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnResponse.signXML: the assertion is " + "already signed.");
        }
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "alreadySigned", null);
    }
    if (certAlias == null || certAlias.length() == 0) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "cannotFindCertAlias", null);
    }
    try {
        XMLSignatureManager manager = XMLSignatureManager.getInstance();
        if (minorVersion == IFSConstants.FF_11_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, IFSConstants.DEF_SIG_ALGO, IFSConstants.ID, this.id, false);
        } else if (minorVersion == IFSConstants.FF_12_PROTOCOL_MINOR_VERSION) {
            signatureString = manager.signXML(this.toXMLString(true, true), certAlias, IFSConstants.DEF_SIG_ALGO, IFSConstants.RESPONSE_ID, this.getResponseID(), false);
        } else {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("invalid minor version.");
            }
        }
        signature = XMLUtils.toDOMDocument(signatureString, FSUtils.debug).getDocumentElement();
        signed = true;
        xmlString = this.toXMLString(true, true);
    } catch (Exception e) {
        throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "signFailed", null);
    }
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException) SAMLVersionMismatchException(com.sun.identity.saml.common.SAMLVersionMismatchException) SAMLException(com.sun.identity.saml.common.SAMLException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException) ParseException(java.text.ParseException) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Example 22 with XMLSignatureManager

use of com.sun.identity.saml.xmlsig.XMLSignatureManager in project OpenAM by OpenRock.

the class FSSOAPReceiver method verifyRequestSignature.

/**
     * Verifies the signature on the request received from a remote trusted 
     * provider.
     * @param elt containing the logout request in the XML message
     * @param msg request soap message
     * @param cert Certificate to be used in verifying the signature.
     * @return boolean <code>true</code> if signature verfication successful;
     *  otherwise return <code>false.
     */
protected boolean verifyRequestSignature(Element elt, SOAPMessage msg, X509Certificate cert) {
    FSUtils.debug.message("FSSOAPReceiver::verifyRequestSignature: Called");
    try {
        if (cert == null) {
            FSUtils.debug.error("FSSOAPReceiver.verifyRequestSignature" + ": couldn't obtain this site's cert.");
            throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT));
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSOAPReceiver::verifyRequestSignature: " + "Provider's cert is found. " + "\nxmlString to be verified: " + XMLUtils.print(elt));
        }
        XMLSignatureManager manager = XMLSignatureManager.getInstance();
        Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
        return manager.verifyXMLSignature(doc, cert);
    } catch (Exception e) {
        FSUtils.debug.error("FSSOPAReceiver::verifyRequestSignature " + " Exception occured while verifying signature:", e);
        return false;
    }
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) Document(org.w3c.dom.Document) SOAPException(javax.xml.soap.SOAPException) SystemConfigurationException(com.sun.identity.common.SystemConfigurationException) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) FSMsgException(com.sun.identity.federation.message.common.FSMsgException) FSException(com.sun.identity.federation.common.FSException)

Example 23 with XMLSignatureManager

use of com.sun.identity.saml.xmlsig.XMLSignatureManager in project OpenAM by OpenRock.

the class FSSOAPReceiver method signResponse.

/**
     * Signs SOAP Response before sending it to the provider.
     * @param msg the response message to be sent to provider
     * @param idAttrName name of the id attribute to be signed
     * @param id the value of the id attributer to be signed
     * @param hostedConfig hosted provider's extended meta
     * @return SOAPMessage the signed response message
     * @exception SAMLException, FSMsgException if error occurrs
     */
protected SOAPMessage signResponse(SOAPMessage msg, String idAttrName, String id, BaseConfigType hostedConfig) throws SAMLException, FSMsgException {
    FSUtils.debug.message("FSSOAPReceiver::Entered signResponse::");
    String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
    if (certAlias == null || certAlias.length() == 0) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSOAPReceiver.signResponse:" + " couldn't obtain this site's cert alias.");
        }
        throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
    }
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("signResponse::Provider's certAlias is found: " + certAlias);
    }
    XMLSignatureManager manager = XMLSignatureManager.getInstance();
    Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
    String xpath = "//*[local-name()=\'ProviderID\']";
    manager.signXML(doc, certAlias, SystemConfigurationUtil.getProperty(SAMLConstants.XMLSIG_ALGORITHM), idAttrName, id, false, xpath);
    return FSServiceUtils.convertDOMToSOAP(doc);
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) Document(org.w3c.dom.Document)

Example 24 with XMLSignatureManager

use of com.sun.identity.saml.xmlsig.XMLSignatureManager in project OpenAM by OpenRock.

the class FSFedTerminationHandler method signTerminationRequest.

/**
     * Signs Federation termination request before sending it to the remote 
     * provider.
     * @param msg <code>SOAPMessage</code> which includes termination request
     *  to be sent to remote provider
     * @param idAttrName name of the id attribute to be signed
     * @param id the value of the id attributer to be signed
     * @return signed termination request in <code>SOAPMessage</code>
     * @exception SAMLException if an error occurred during signing
     */
protected SOAPMessage signTerminationRequest(SOAPMessage msg, String idAttrName, String id) throws SAMLException {
    FSUtils.debug.message("FSSPFedTerminationHandler.signTerminationRequest: Called");
    String certAlias = IDFFMetaUtils.getFirstAttributeValueFromConfig(hostedConfig, IFSConstants.SIGNING_CERT_ALIAS);
    if (certAlias == null || certAlias.length() == 0) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSPFedTerminationHandler.signTerminationRequest: couldn't" + "obtain this site's cert alias.");
        }
        throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
    }
    if (FSUtils.debug.messageEnabled()) {
        FSUtils.debug.message("FSSPFedTerminationHandler.signTerminationRequest: Provider's " + "certAlias is found: " + certAlias);
    }
    XMLSignatureManager manager = XMLSignatureManager.getInstance();
    Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
    String xpath = "//*[local-name()=\'ProviderID\']";
    manager.signXML(doc, certAlias, SystemConfigurationUtil.getProperty(SAMLConstants.XMLSIG_ALGORITHM), idAttrName, id, false, xpath);
    return FSServiceUtils.convertDOMToSOAP(doc);
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) Document(org.w3c.dom.Document) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Example 25 with XMLSignatureManager

use of com.sun.identity.saml.xmlsig.XMLSignatureManager in project OpenAM by OpenRock.

the class FSSingleLogoutHandler method verifyResponseSignature.

private boolean verifyResponseSignature(SOAPMessage msg) {
    FSUtils.debug.message("Entered FSLogoutResponse::verifyResponseSignature");
    try {
        X509Certificate cert = KeyUtil.getVerificationCert(remoteDescriptor, remoteEntityId, !hostedRole.equalsIgnoreCase(IFSConstants.IDP));
        if (cert == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("Logout.verifyResponseSignature" + "couldn't obtain this site's cert.");
            }
            throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT));
        }
        XMLSignatureManager manager = XMLSignatureManager.getInstance();
        Document doc = (Document) FSServiceUtils.createSOAPDOM(msg);
        return manager.verifyXMLSignature(doc, cert);
    } catch (SAMLException e) {
        FSUtils.debug.error("Error in verifying response:", e);
        return false;
    }
}
Also used : XMLSignatureManager(com.sun.identity.saml.xmlsig.XMLSignatureManager) Document(org.w3c.dom.Document) SAMLException(com.sun.identity.saml.common.SAMLException) X509Certificate(java.security.cert.X509Certificate) SAMLResponderException(com.sun.identity.saml.common.SAMLResponderException)

Aggregations

XMLSignatureManager (com.sun.identity.saml.xmlsig.XMLSignatureManager)34 SAMLException (com.sun.identity.saml.common.SAMLException)22 SAMLResponderException (com.sun.identity.saml.common.SAMLResponderException)22 Document (org.w3c.dom.Document)17 FSMsgException (com.sun.identity.federation.message.common.FSMsgException)15 ParseException (java.text.ParseException)10 FSException (com.sun.identity.federation.common.FSException)7 X509Certificate (java.security.cert.X509Certificate)7 SAMLVersionMismatchException (com.sun.identity.saml.common.SAMLVersionMismatchException)5 IOException (java.io.IOException)5 FSAssertion (com.sun.identity.federation.message.FSAssertion)4 SystemConfigurationException (com.sun.identity.common.SystemConfigurationException)3 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)3 SessionException (com.sun.identity.plugin.session.SessionException)3 FSAccountMgmtException (com.sun.identity.federation.accountmgmt.FSAccountMgmtException)2 FSNameIdentifierMappingResponse (com.sun.identity.federation.message.FSNameIdentifierMappingResponse)2 FSResponse (com.sun.identity.federation.message.FSResponse)2 IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)2 PrintWriter (java.io.PrintWriter)2 Iterator (java.util.Iterator)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial