use of org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler in project pac4j by pac4j.
the class SAML2WebSSOMessageSender method invokeOutboundMessageHandlers.
protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor, final IDPSSODescriptor idpssoDescriptor, final SAML2MessageContext outboundContext) {
try {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
final SAMLOutboundDestinationHandler handlerDest = new SAMLOutboundDestinationHandler();
handlerDest.initialize();
handlerDest.invoke(outboundContext);
boolean signOutboundContext = false;
if (this.isAuthnRequestSigned) {
logger.debug("Authn requests are expected to be always signed before submission");
signOutboundContext = true;
} else if (spDescriptor.isAuthnRequestsSigned()) {
logger.debug("The service provider metadata indicates that authn requests are signed");
signOutboundContext = true;
} else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
logger.debug("The identity provider metadata indicates that authn requests may be signed");
signOutboundContext = true;
}
if (signOutboundContext) {
logger.debug("Signing SAML2 outbound context...");
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.invoke(outboundContext);
}
} catch (final Exception e) {
throw new SAMLException(e);
}
}
use of org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler in project cas by apereo.
the class DefaultSamlIdPObjectSigner method prepareSamlOutboundProtocolMessageSigningHandler.
/**
* Prepare saml outbound protocol message signing handler.
*
* @param <T> the type parameter
* @param outboundContext the outbound context
* @throws Exception the exception
*/
protected <T extends SAMLObject> void prepareSamlOutboundProtocolMessageSigningHandler(final MessageContext outboundContext) throws Exception {
LOGGER.trace("Attempting to sign the outbound SAML message...");
val handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.setSignErrorResponses(casProperties.getAuthn().getSamlIdp().getResponse().isSignError());
handler.invoke(outboundContext);
LOGGER.debug("Signed SAML message successfully");
}
use of org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler in project cas by apereo.
the class BaseSamlObjectSigner method prepareSamlOutboundProtocolMessageSigningHandler.
/**
* Prepare saml outbound protocol message signing handler.
*
* @param <T> the type parameter
* @param outboundContext the outbound context
* @throws Exception the exception
*/
protected <T extends SAMLObject> void prepareSamlOutboundProtocolMessageSigningHandler(final MessageContext<T> outboundContext) throws Exception {
LOGGER.debug("Attempting to sign the outbound SAML message...");
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.setSignErrorResponses(casProperties.getAuthn().getSamlIdp().getResponse().isSignError());
handler.invoke(outboundContext);
LOGGER.debug("Signed SAML message successfully");
}
use of org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler in project cas by apereo.
the class SamlIdPObjectSigner method prepareSamlOutboundProtocolMessageSigningHandler.
/**
* Prepare saml outbound protocol message signing handler.
*
* @param <T> the type parameter
* @param outboundContext the outbound context
* @throws Exception the exception
*/
protected <T extends SAMLObject> void prepareSamlOutboundProtocolMessageSigningHandler(final MessageContext<T> outboundContext) throws Exception {
LOGGER.debug("Attempting to sign the outbound SAML message...");
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.setSignErrorResponses(casProperties.getAuthn().getSamlIdp().getResponse().isSignError());
handler.invoke(outboundContext);
LOGGER.debug("Signed SAML message successfully");
}
use of org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler in project pac4j by pac4j.
the class SAML2LogoutMessageSender method invokeOutboundMessageHandlers.
protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor, final IDPSSODescriptor idpssoDescriptor, final SAML2MessageContext outboundContext) {
try {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
final SAMLOutboundDestinationHandler handlerDest = new SAMLOutboundDestinationHandler();
handlerDest.initialize();
handlerDest.invoke(outboundContext);
if (spDescriptor.isAuthnRequestsSigned()) {
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.setSignErrorResponses(this.signErrorResponses);
handler.invoke(outboundContext);
} else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
logger.warn("IdP wants authn requests signed, it will perhaps reject your authn requests unless you provide a keystore");
}
} catch (final Exception e) {
throw new SAMLException(e);
}
}
Aggregations