use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class SamlAssertionValidatorImplTest method testValidateUnsignedAssertion.
@Test(expected = AuthenticationFailureException.class)
public void testValidateUnsignedAssertion() throws Exception {
Assertion assertion = createAssertion(false, true, ISSUER, new DateTime().plusDays(3));
Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
samlAssertionValidator.validate(samlAuthenticationToken);
}
use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class SamlAssertionValidatorImplTest method testValidateWithHolderOfKeyAssertion.
@Test
public void testValidateWithHolderOfKeyAssertion() throws Exception {
Assertion assertion = createHolderOfKeyAssertion();
Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
X509Certificate[] certs = { certificate };
samlAuthenticationToken.setX509Certs(certs);
samlAssertionValidator.validate(samlAuthenticationToken);
}
use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class SamlAssertionValidatorImplTest method testValidateExpiredAssertion.
@Test(expected = AuthenticationFailureException.class)
public void testValidateExpiredAssertion() throws Exception {
Assertion assertion = createAssertion(false, true, ISSUER, new DateTime().minusSeconds(10));
Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
samlAssertionValidator.validate(samlAuthenticationToken);
}
use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class SamlRealm method doGetAuthenticationInfo.
/**
* Perform authentication based on the supplied token.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
Object credential = null;
// perform validation
if (token instanceof SAMLAuthenticationToken) {
try {
samlAssertionValidator.validate((SAMLAuthenticationToken) token);
credential = token.getCredentials();
} catch (AuthenticationFailureException e) {
String msg = "Unable to validate request's authentication.";
LOGGER.info(msg);
throw new AuthenticationException(msg, e);
}
}
if (credential == null) {
String msg = "Unable to authenticate credential. A NULL credential was provided in the supplied authentication token. This may be due to an error with the SSO server that created the token.";
LOGGER.info(msg);
throw new AuthenticationException(msg);
}
LOGGER.debug("Received credentials.");
LOGGER.debug("Creating token authentication information with SAML.");
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo();
Element securityToken = checkForSecurityToken(credential);
SimplePrincipalCollection principals = createPrincipalFromToken(securityToken);
simpleAuthenticationInfo.setPrincipals(principals);
simpleAuthenticationInfo.setCredentials(credential);
return simpleAuthenticationInfo;
}
use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class SamlAssertionValidatorImplTest method testValidateInvalidSignature.
@Test(expected = AuthenticationFailureException.class)
public void testValidateInvalidSignature() throws Exception {
Assertion assertion = createAssertion(false, false, "WRONG", new DateTime().minusSeconds(10));
Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
samlAssertionValidator.validate(samlAuthenticationToken);
}
Aggregations