Search in sources :

Example 1 with MessageReplayRule

use of org.opensaml.common.binding.security.MessageReplayRule in project MaxKey by dromara.

the class MetadataGenerator method samlmtest.

@SuppressWarnings({ "unchecked", "rawtypes" })
public void samlmtest() {
    try {
        KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
        keyStoreLoader.setKeystorePassword("secret");
        keyStoreLoader.setKeystoreFile(new FileSystemResource("D:/JavaIDE/cert/idp-keystore.jks"));
        keyStoreLoader.afterPropertiesSet();
        KeyStore trustKeyStore = keyStoreLoader.getKeyStore();
        IssueInstantRule issueInstantRule = new IssueInstantRule(90, 300);
        ReplayCache replayCache = new ReplayCache(new MapBasedStorageService(), 14400000);
        MessageReplayRule messageReplayRule = new MessageReplayRule(replayCache);
        TrustResolver trustResolver = new TrustResolver(trustKeyStore, "idp", keyStoreLoader.getKeystorePassword(), issueInstantRule, messageReplayRule, "POST");
        CredentialResolver credentialResolver = (CredentialResolver) trustResolver.getKeyStoreCredentialResolver();
        CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new EntityIDCriteria("idp"));
        criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
        Credential signingCredential = null;
        try {
            signingCredential = credentialResolver.resolveSingle(criteriaSet);
        } catch (SecurityException e) {
            System.out.println("Credential resolve error : " + e);
            throw new Exception(e);
        }
        IDPSSODescriptor descriptor = buildIDPSSODescriptor();
        descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", null));
        descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI));
        descriptor.getSingleLogoutServices().add(getSingleLogoutService("http://sso.maxkey.org/slo", null));
        descriptor.getKeyDescriptors().add(generateEncryptionKeyDescriptor(signingCredential));
        descriptor.getKeyDescriptors().add(generateSignKeyDescriptor(signingCredential));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.TRANSIENT));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.PERSISTENT));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.EMAIL));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.ENTITY));
        descriptor.getContactPersons().add(getContactPerson("maxkey", "shi", "ming", "shimingxy@163.com", "18724229876", null));
        descriptor.setOrganization(getOrganization("maxkey", "maxkey", "http://sso.maxkey.org"));
        String entityId = "http://www.test.com";
        EntityDescriptor entityDescriptor = buildEntityDescriptor(entityId, descriptor);
        String descriptorelementxml = XMLHelper.prettyPrintXML(marshallerMetadata(entityDescriptor));
        System.out.println("descriptor elementxm:\\n");
        System.out.println(descriptorelementxml);
        logger.info(descriptorelementxml);
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : EntityIDCriteria(org.opensaml.xml.security.criteria.EntityIDCriteria) Credential(org.opensaml.xml.security.credential.Credential) KeyStoreLoader(org.maxkey.crypto.keystore.KeyStoreLoader) MapBasedStorageService(org.opensaml.util.storage.MapBasedStorageService) IDPSSODescriptor(org.opensaml.saml2.metadata.IDPSSODescriptor) ReplayCache(org.opensaml.util.storage.ReplayCache) SecurityException(org.opensaml.xml.security.SecurityException) FileSystemResource(org.springframework.core.io.FileSystemResource) LocalizedString(org.opensaml.saml2.metadata.LocalizedString) KeyStore(java.security.KeyStore) IssueInstantRule(org.opensaml.common.binding.security.IssueInstantRule) SecurityException(org.opensaml.xml.security.SecurityException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException) ConfigurationException(org.opensaml.xml.ConfigurationException) EntityDescriptor(org.opensaml.saml2.metadata.EntityDescriptor) UsageCriteria(org.opensaml.xml.security.criteria.UsageCriteria) CriteriaSet(org.opensaml.xml.security.CriteriaSet) MessageReplayRule(org.opensaml.common.binding.security.MessageReplayRule) CredentialResolver(org.opensaml.xml.security.credential.CredentialResolver) TrustResolver(org.maxkey.authz.saml.common.TrustResolver)

Aggregations

KeyStore (java.security.KeyStore)1 TrustResolver (org.maxkey.authz.saml.common.TrustResolver)1 KeyStoreLoader (org.maxkey.crypto.keystore.KeyStoreLoader)1 IssueInstantRule (org.opensaml.common.binding.security.IssueInstantRule)1 MessageReplayRule (org.opensaml.common.binding.security.MessageReplayRule)1 EntityDescriptor (org.opensaml.saml2.metadata.EntityDescriptor)1 IDPSSODescriptor (org.opensaml.saml2.metadata.IDPSSODescriptor)1 LocalizedString (org.opensaml.saml2.metadata.LocalizedString)1 MapBasedStorageService (org.opensaml.util.storage.MapBasedStorageService)1 ReplayCache (org.opensaml.util.storage.ReplayCache)1 ConfigurationException (org.opensaml.xml.ConfigurationException)1 UnmarshallingException (org.opensaml.xml.io.UnmarshallingException)1 CriteriaSet (org.opensaml.xml.security.CriteriaSet)1 SecurityException (org.opensaml.xml.security.SecurityException)1 Credential (org.opensaml.xml.security.credential.Credential)1 CredentialResolver (org.opensaml.xml.security.credential.CredentialResolver)1 EntityIDCriteria (org.opensaml.xml.security.criteria.EntityIDCriteria)1 UsageCriteria (org.opensaml.xml.security.criteria.UsageCriteria)1 FileSystemResource (org.springframework.core.io.FileSystemResource)1