Examples with SamlAssertionValidator - org.apache.wss4j.dom.validate.SamlAssertionValidator

Example 1 with SamlAssertionValidator

use of org.apache.wss4j.dom.validate.SamlAssertionValidator in project cxf by apache.

the class PolicyBasedSamlTest method runInInterceptorAndValidateWss.

@Override
protected void runInInterceptorAndValidateWss(Document document, AssertionInfoMap aim, List<CoverageType> types) throws Exception {
    PolicyBasedWSS4JInInterceptor inHandler = this.getInInterceptor(types);
    SoapMessage inmsg = this.getSoapMessageForDom(document, aim);
    // Necessary because the Bearer Assertion does not have an internal signature
    SamlAssertionValidator assertionValidator = new SamlAssertionValidator();
    assertionValidator.setRequireBearerSignature(false);
    inmsg.put(SecurityConstants.SAML2_TOKEN_VALIDATOR, assertionValidator);
    inmsg.put(SecurityConstants.SAML1_TOKEN_VALIDATOR, assertionValidator);
    inHandler.handleMessage(inmsg);
    for (CoverageType type : types) {
        switch(type) {
            case SIGNED:
                this.verifyWss4jSigResults(inmsg);
                break;
            case ENCRYPTED:
                this.verifyWss4jEncResults(inmsg);
                break;
            default:
                fail("Unsupported coverage type.");
        }
    }
}

Also used : PolicyBasedWSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor) SamlAssertionValidator(org.apache.wss4j.dom.validate.SamlAssertionValidator) CoverageType(org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType) SoapMessage(org.apache.cxf.binding.soap.SoapMessage)

Aggregations

SoapMessage (org.apache.cxf.binding.soap.SoapMessage)1 CoverageType (org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType)1 PolicyBasedWSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor)1 SamlAssertionValidator (org.apache.wss4j.dom.validate.SamlAssertionValidator)1