Example 26 with org.opensaml.saml.saml2.metadata
use of org.opensaml.saml.saml2.metadata in project midpoint by Evolveum.
the class MidpointAssertingPartyMetadataConverter method convert.
public RelyingPartyRegistration.Builder convert(InputStream inputStream, Saml2ProviderAuthenticationModuleType providerConfig) {
EntityDescriptor descriptor = entityDescriptor(inputStream);
IDPSSODescriptor idpssoDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
if (idpssoDescriptor == null) {
throw new Saml2Exception("Metadata response is missing the necessary IDPSSODescriptor element");
}
List<Saml2X509Credential> verification = new ArrayList<>();
List<Saml2X509Credential> encryption = new ArrayList<>();
for (KeyDescriptor keyDescriptor : idpssoDescriptor.getKeyDescriptors()) {
defineKeys(keyDescriptor, verification, encryption);
}
if (verification.isEmpty()) {
throw new Saml2Exception("Metadata response is missing verification certificates, necessary for verifying SAML assertions");
}
RelyingPartyRegistration.Builder builder = RelyingPartyRegistration.withRegistrationId(descriptor.getEntityID()).assertingPartyDetails((party) -> party.entityId(descriptor.getEntityID()).wantAuthnRequestsSigned(Boolean.TRUE.equals(idpssoDescriptor.getWantAuthnRequestsSigned())).verificationX509Credentials((c) -> c.addAll(verification)).encryptionX509Credentials((c) -> c.addAll(encryption)));
List<SigningMethod> signingMethods = signingMethods(idpssoDescriptor);
for (SigningMethod method : signingMethods) {
builder.assertingPartyDetails((party) -> party.signingAlgorithms((algorithms) -> algorithms.add(method.getAlgorithm())));
}
defineSingleSingOnService(idpssoDescriptor, providerConfig.getAuthenticationRequestBinding(), builder);
defineSingleLogoutService(idpssoDescriptor, builder);
return builder;
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
X509Certificate(java.security.cert.X509Certificate)
UsageType(org.opensaml.security.credential.UsageType)
OpenSamlInitializationService(org.springframework.security.saml2.core.OpenSamlInitializationService)
Unmarshaller(org.opensaml.core.xml.io.Unmarshaller)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
ConfigurationService(org.opensaml.core.config.ConfigurationService)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
CertificateException(java.security.cert.CertificateException)
StringUtils(org.apache.commons.lang3.StringUtils)
XMLObjectProviderRegistry(org.opensaml.core.xml.config.XMLObjectProviderRegistry)
KeyInfoSupport(org.opensaml.xmlsec.keyinfo.KeyInfoSupport)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
ArrayList(java.util.ArrayList)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
ParserPool(net.shibboleth.utilities.java.support.xml.ParserPool)
List(java.util.List)
org.opensaml.saml.saml2.metadata(org.opensaml.saml.saml2.metadata)
SigningMethod(org.opensaml.saml.ext.saml2alg.SigningMethod)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
XMLObject(org.opensaml.core.xml.XMLObject)
SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants)
Saml2ProviderAuthenticationModuleType(com.evolveum.midpoint.xml.ns._public.common.common_3.Saml2ProviderAuthenticationModuleType)
InputStream(java.io.InputStream)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
ArrayList(java.util.ArrayList)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
SigningMethod(org.opensaml.saml.ext.saml2alg.SigningMethod)
Example 27 with org.opensaml.saml.saml2.metadata
use of org.opensaml.saml.saml2.metadata in project cas by apereo.
the class SamlProfileSamlNameIdBuilder method buildNameId.
/**
* Build name id.
* If there are no explicitly defined NameIDFormats, include the default format.
* see: http://saml2int.org/profile/current/#section92
*
* @param authnRequest the authn request
* @param assertion the assertion
* @param service the service
* @param adaptor the adaptor
* @return the name id
* @throws SamlException the saml exception
*/
private NameID buildNameId(final AuthnRequest authnRequest, final Assertion assertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
final List<String> supportedNameFormats = adaptor.getSupportedNameIdFormats();
LOGGER.debug("Metadata for [{}] declares support for the following NameIDs [{}]", adaptor.getEntityId(), supportedNameFormats);
if (supportedNameFormats.isEmpty()) {
supportedNameFormats.add(NameIDType.TRANSIENT);
LOGGER.debug("No supported nameId formats could be determined from metadata. Added default [{}]", NameIDType.TRANSIENT);
}
if (StringUtils.isNotBlank(service.getRequiredNameIdFormat())) {
final String fmt = parseAndBuildRequiredNameIdFormat(service);
supportedNameFormats.add(0, fmt);
LOGGER.debug("Added required nameId format [{}] based on saml service configuration for [{}]", fmt, service.getServiceId());
}
String requiredNameFormat = null;
if (authnRequest.getNameIDPolicy() != null) {
requiredNameFormat = authnRequest.getNameIDPolicy().getFormat();
LOGGER.debug("AuthN request indicates [{}] is the required NameID format", requiredNameFormat);
if (NameID.ENCRYPTED.equals(requiredNameFormat)) {
LOGGER.warn("Encrypted NameID formats are not supported");
requiredNameFormat = null;
}
}
if (StringUtils.isNotBlank(requiredNameFormat) && !supportedNameFormats.contains(requiredNameFormat)) {
LOGGER.warn("Required NameID format [{}] in the AuthN request issued by [{}] is not supported based on the metadata for [{}]", requiredNameFormat, SamlIdPUtils.getIssuerFromSamlRequest(authnRequest), adaptor.getEntityId());
throw new SamlException("Required NameID format cannot be provided because it is not supported");
}
for (final String nameFormat : supportedNameFormats) {
try {
LOGGER.debug("Evaluating NameID format [{}]", nameFormat);
final SAML2StringNameIDEncoder encoder = new SAML2StringNameIDEncoder();
encoder.setNameFormat(nameFormat);
if (authnRequest.getNameIDPolicy() != null) {
final String qualifier = authnRequest.getNameIDPolicy().getSPNameQualifier();
LOGGER.debug("NameID qualifier is set to [{}]", qualifier);
encoder.setNameQualifier(qualifier);
}
final IdPAttribute attribute = new IdPAttribute(AttributePrincipal.class.getName());
final IdPAttributeValue<String> value = new StringAttributeValue(assertion.getPrincipal().getName());
LOGGER.debug("NameID attribute value is set to [{}]", assertion.getPrincipal().getName());
attribute.setValues(Collections.singletonList(value));
LOGGER.debug("Encoding NameID based on [{}]", nameFormat);
final NameID nameid = encoder.encode(attribute);
LOGGER.debug("Final NameID encoded is [{}] with value [{}]", nameid.getFormat(), nameid.getValue());
return nameid;
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
}
return null;
}
Also used :
NameID(org.opensaml.saml.saml2.core.NameID)
SamlException(org.apereo.cas.support.saml.SamlException)
IdPAttribute(net.shibboleth.idp.attribute.IdPAttribute)
StringAttributeValue(net.shibboleth.idp.attribute.StringAttributeValue)
SAML2StringNameIDEncoder(net.shibboleth.idp.saml.attribute.encoding.impl.SAML2StringNameIDEncoder)
AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal)
SamlException(org.apereo.cas.support.saml.SamlException)
Example 28 with org.opensaml.saml.saml2.metadata
use of org.opensaml.saml.saml2.metadata in project cas by apereo.
the class SamlProfileSamlSoap11ResponseBuilder method buildResponse.
@Override
protected Envelope buildResponse(final Assertion assertion, final org.jasig.cas.client.validation.Assertion casAssertion, final AuthnRequest authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response) throws SamlException {
final Response ecpResponse = newEcpResponse(adaptor.getAssertionConsumerService().getLocation());
final Header header = newSoapObject(Header.class);
header.getUnknownXMLObjects().add(ecpResponse);
final Body body = newSoapObject(Body.class);
final org.opensaml.saml.saml2.core.Response saml2Response = (org.opensaml.saml.saml2.core.Response) saml2ResponseBuilder.build(authnRequest, request, response, casAssertion, service, adaptor);
body.getUnknownXMLObjects().add(saml2Response);
final Envelope envelope = newSoapObject(Envelope.class);
envelope.setHeader(header);
envelope.setBody(body);
return envelope;
}
Also used :
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(org.opensaml.saml.saml2.ecp.Response)
Header(org.opensaml.soap.soap11.Header)
Envelope(org.opensaml.soap.soap11.Envelope)
Body(org.opensaml.soap.soap11.Body)
Example 29 with org.opensaml.saml.saml2.metadata
use of org.opensaml.saml.saml2.metadata in project ddf by codice.
the class IdpEndpoint method parseServiceProviderMetadata.
private void parseServiceProviderMetadata(List<String> serviceProviderMetadata) {
if (serviceProviderMetadata != null) {
try {
MetadataConfigurationParser metadataConfigurationParser = new MetadataConfigurationParser(serviceProviderMetadata, ed -> {
EntityInformation entityInfo = new EntityInformation.Builder(ed, SUPPORTED_BINDINGS).build();
if (entityInfo != null) {
serviceProviders.put(ed.getEntityID(), entityInfo);
}
});
serviceProviders.putAll(metadataConfigurationParser.getEntryDescriptions().entrySet().stream().map(e -> Maps.immutableEntry(e.getKey(), new EntityInformation.Builder(e.getValue(), SUPPORTED_BINDINGS).build())).filter(e -> nonNull(e.getValue())).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)));
} catch (IOException e) {
LOGGER.warn("Unable to parse SP metadata configuration. Check the configuration for SP metadata.", e);
}
}
}
Also used :
RedirectBinding(org.codice.ddf.security.idp.binding.redirect.RedirectBinding)
Encoded(javax.ws.rs.Encoded)
Produces(javax.ws.rs.Produces)
SOAPException(javax.xml.soap.SOAPException)
SSOConstants(org.apache.cxf.rs.security.saml.sso.SSOConstants)
DOM2Writer(org.apache.wss4j.common.util.DOM2Writer)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
EntityInformation(ddf.security.samlp.impl.EntityInformation)
BasicAuthenticationHandler(org.codice.ddf.security.handler.basic.BasicAuthenticationHandler)
SamlProtocol(ddf.security.samlp.SamlProtocol)
ConstraintViolationException(net.shibboleth.utilities.java.support.logic.ConstraintViolationException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
Document(org.w3c.dom.Document)
Map(java.util.Map)
XMLStreamException(javax.xml.stream.XMLStreamException)
RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext)
UriBuilder(javax.ws.rs.core.UriBuilder)
UsageType(org.opensaml.security.credential.UsageType)
SignableSAMLObject(org.opensaml.saml.common.SignableSAMLObject)
Set(java.util.Set)
ResponseCreator(org.codice.ddf.security.idp.binding.api.ResponseCreator)
StandardCharsets(java.nio.charset.StandardCharsets)
SignableXMLObject(org.opensaml.xmlsec.signature.SignableXMLObject)
IOUtils(org.apache.commons.io.IOUtils)
ResponseUnmarshaller(ddf.security.liberty.paos.impl.ResponseUnmarshaller)
HttpUtils(org.codice.ddf.security.common.HttpUtils)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
GET(javax.ws.rs.GET)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
CookieCache(org.codice.ddf.security.idp.cache.CookieCache)
ArrayList(java.util.ArrayList)
RequestBuilder(ddf.security.liberty.paos.impl.RequestBuilder)
SOAPElement(javax.xml.soap.SOAPElement)
SecurityServiceException(ddf.security.service.SecurityServiceException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
OpenSAMLUtil(org.apache.wss4j.common.saml.OpenSAMLUtil)
BaseAuthenticationToken(org.codice.ddf.security.handler.api.BaseAuthenticationToken)
HandlerResult(org.codice.ddf.security.handler.api.HandlerResult)
Boon(org.boon.Boon)
Request(ddf.security.liberty.paos.Request)
IOException(java.io.IOException)
ConfigurationService(org.opensaml.core.config.ConfigurationService)
Subject(ddf.security.Subject)
SimpleSign(ddf.security.samlp.SimpleSign)
SAMLAuthenticationToken(org.codice.ddf.security.handler.api.SAMLAuthenticationToken)
StringReader(java.io.StringReader)
Soap11(org.apache.cxf.binding.soap.Soap11)
X509Certificate(java.security.cert.X509Certificate)
ServletException(javax.servlet.ServletException)
URL(java.net.URL)
SOAPHeaderElement(javax.xml.soap.SOAPHeaderElement)
XMLInputFactory(javax.xml.stream.XMLInputFactory)
DOMUtils(org.apache.cxf.helpers.DOMUtils)
SecurityAssertionImpl(ddf.security.assertion.impl.SecurityAssertionImpl)
Path(javax.ws.rs.Path)
CryptoType(org.apache.wss4j.common.crypto.CryptoType)
LoggerFactory(org.slf4j.LoggerFactory)
NewCookie(javax.ws.rs.core.NewCookie)
SoapRequestDecoder(org.codice.ddf.security.idp.binding.soap.SoapRequestDecoder)
XMLObjectProviderRegistry(org.opensaml.core.xml.config.XMLObjectProviderRegistry)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
QueryParam(javax.ws.rs.QueryParam)
Consumes(javax.ws.rs.Consumes)
SoapBinding(org.codice.ddf.security.idp.binding.soap.SoapBinding)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
Binding(org.codice.ddf.security.idp.binding.api.Binding)
SAAJInInterceptor(org.apache.cxf.binding.soap.saaj.SAAJInInterceptor)
PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Context(javax.ws.rs.core.Context)
ImmutableSet(com.google.common.collect.ImmutableSet)
StringUtils.isEmpty(org.apache.commons.lang.StringUtils.isEmpty)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
ValidationException(ddf.security.samlp.ValidationException)
UUID(java.util.UUID)
AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef)
Collectors(java.util.stream.Collectors)
SoapMessage(org.apache.cxf.binding.soap.SoapMessage)
RequestUnmarshaller(ddf.security.liberty.paos.impl.RequestUnmarshaller)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Base64(java.util.Base64)
List(java.util.List)
PKIHandler(org.codice.ddf.security.handler.pki.PKIHandler)
RequestMarshaller(ddf.security.liberty.paos.impl.RequestMarshaller)
Response(javax.ws.rs.core.Response)
Optional(java.util.Optional)
ResponseMarshaller(ddf.security.liberty.paos.impl.ResponseMarshaller)
Objects.nonNull(java.util.Objects.nonNull)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
MetadataConfigurationParser(ddf.security.samlp.MetadataConfigurationParser)
RestSecurity(org.codice.ddf.security.common.jaxrs.RestSecurity)
PostBinding(org.codice.ddf.security.idp.binding.post.PostBinding)
ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy)
ResponseBuilder(ddf.security.liberty.paos.impl.ResponseBuilder)
HashMap(java.util.HashMap)
StatusCode(org.opensaml.saml.saml2.core.StatusCode)
XMLInputFactory2(org.codehaus.stax2.XMLInputFactory2)
Node(org.w3c.dom.Node)
SAML2Constants(org.apache.wss4j.common.saml.builder.SAML2Constants)
Assertion(org.opensaml.saml.saml2.core.Assertion)
EncryptionService(ddf.security.encryption.EncryptionService)
HtmlResponseTemplate(ddf.security.samlp.impl.HtmlResponseTemplate)
Cookie(javax.servlet.http.Cookie)
XMLObject(org.opensaml.core.xml.XMLObject)
GuestAuthenticationToken(org.codice.ddf.security.handler.api.GuestAuthenticationToken)
FormParam(javax.ws.rs.FormParam)
POST(javax.ws.rs.POST)
Logger(org.slf4j.Logger)
Iterator(java.util.Iterator)
SystemBaseUrl(org.codice.ddf.configuration.SystemBaseUrl)
MalformedURLException(java.net.MalformedURLException)
ResponseCreatorImpl(org.codice.ddf.security.idp.binding.api.impl.ResponseCreatorImpl)
SamlValidator(ddf.security.samlp.impl.SamlValidator)
Maps(com.google.common.collect.Maps)
URLEncoder(java.net.URLEncoder)
SOAPPart(javax.xml.soap.SOAPPart)
Element(org.w3c.dom.Element)
SystemCrypto(ddf.security.samlp.SystemCrypto)
RelayStates(ddf.security.samlp.impl.RelayStates)
SecurityManager(ddf.security.service.SecurityManager)
Collections(java.util.Collections)
UPAuthenticationToken(org.codice.ddf.security.handler.api.UPAuthenticationToken)
InputStream(java.io.InputStream)
LogoutMessage(ddf.security.samlp.LogoutMessage)
MetadataConfigurationParser(ddf.security.samlp.MetadataConfigurationParser)
UriBuilder(javax.ws.rs.core.UriBuilder)
RequestBuilder(ddf.security.liberty.paos.impl.RequestBuilder)
ResponseBuilder(ddf.security.liberty.paos.impl.ResponseBuilder)
EntityInformation(ddf.security.samlp.impl.EntityInformation)
IOException(java.io.IOException)
Example 30 with org.opensaml.saml.saml2.metadata
use of org.opensaml.saml.saml2.metadata in project ddf by codice.
the class IdpEndpoint method processLogin.
@GET
@Path("/login/sso")
public Response processLogin(@QueryParam(SAML_REQ) String samlRequest, @QueryParam(RELAY_STATE) String relayState, @QueryParam(AUTH_METHOD) String authMethod, @QueryParam(SSOConstants.SIG_ALG) String signatureAlgorithm, @QueryParam(SSOConstants.SIGNATURE) String signature, @QueryParam(ORIGINAL_BINDING) String originalBinding, @Context HttpServletRequest request) {
LOGGER.debug("Processing login request: [ authMethod {} ], [ sigAlg {} ], [ relayState {} ]", authMethod, signatureAlgorithm, relayState);
try {
Binding binding;
String template;
if (!request.isSecure()) {
throw new IllegalArgumentException("Authn Request must use TLS.");
}
//the authn request is always encoded as if it came in via redirect when coming from the web app
Binding redirectBinding = new RedirectBinding(systemCrypto, serviceProviders);
AuthnRequest authnRequest = redirectBinding.decoder().decodeRequest(samlRequest);
String assertionConsumerServiceBinding = ResponseCreator.getAssertionConsumerServiceBinding(authnRequest, serviceProviders);
if (HTTP_POST_BINDING.equals(originalBinding)) {
binding = new PostBinding(systemCrypto, serviceProviders);
template = submitForm;
} else if (HTTP_REDIRECT_BINDING.equals(originalBinding)) {
binding = redirectBinding;
template = redirectPage;
} else {
throw new IdpException(new UnsupportedOperationException("Must use HTTP POST or Redirect bindings."));
}
binding.validator().validateAuthnRequest(authnRequest, samlRequest, relayState, signatureAlgorithm, signature, strictSignature);
if (HTTP_POST_BINDING.equals(assertionConsumerServiceBinding)) {
if (!(binding instanceof PostBinding)) {
binding = new PostBinding(systemCrypto, serviceProviders);
}
} else if (HTTP_REDIRECT_BINDING.equals(assertionConsumerServiceBinding)) {
if (!(binding instanceof RedirectBinding)) {
binding = new RedirectBinding(systemCrypto, serviceProviders);
}
}
org.opensaml.saml.saml2.core.Response encodedSaml = handleLogin(authnRequest, authMethod, request, null, false, false);
LOGGER.debug("Returning SAML Response for relayState: {}" + relayState);
NewCookie newCookie = createCookie(request, encodedSaml);
Response response = binding.creator().getSamlpResponse(relayState, authnRequest, encodedSaml, newCookie, template);
if (newCookie != null) {
cookieCache.addActiveSp(newCookie.getValue(), authnRequest.getIssuer().getValue());
logAddedSp(authnRequest);
}
return response;
} catch (SecurityServiceException e) {
LOGGER.info("Unable to retrieve subject for user.", e);
return Response.status(Response.Status.UNAUTHORIZED).build();
} catch (WSSecurityException e) {
LOGGER.info("Unable to encode SAMLP response.", e);
} catch (SimpleSign.SignatureException e) {
LOGGER.info("Unable to sign SAML response.", e);
} catch (IllegalArgumentException e) {
LOGGER.info(e.getMessage(), e);
return Response.status(Response.Status.BAD_REQUEST).build();
} catch (ValidationException e) {
LOGGER.info("AuthnRequest schema validation failed.", e);
return Response.status(Response.Status.BAD_REQUEST).build();
} catch (IOException e) {
LOGGER.info("Unable to create SAML Response.", e);
} catch (IdpException e) {
LOGGER.info(e.getMessage(), e);
return Response.status(Response.Status.BAD_REQUEST).build();
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
Also used :
RedirectBinding(org.codice.ddf.security.idp.binding.redirect.RedirectBinding)
SoapBinding(org.codice.ddf.security.idp.binding.soap.SoapBinding)
Binding(org.codice.ddf.security.idp.binding.api.Binding)
PostBinding(org.codice.ddf.security.idp.binding.post.PostBinding)
RedirectBinding(org.codice.ddf.security.idp.binding.redirect.RedirectBinding)
SecurityServiceException(ddf.security.service.SecurityServiceException)
ValidationException(ddf.security.samlp.ValidationException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
IOException(java.io.IOException)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Response(javax.ws.rs.core.Response)
SimpleSign(ddf.security.samlp.SimpleSign)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
PostBinding(org.codice.ddf.security.idp.binding.post.PostBinding)
NewCookie(javax.ws.rs.core.NewCookie)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Aggregations
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)22
IOException (java.io.IOException)11
InputStream (java.io.InputStream)9
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)9
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)9
Document (org.w3c.dom.Document)9
AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)8
Element (org.w3c.dom.Element)8
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)7
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7
EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)7
XMLObject (org.opensaml.core.xml.XMLObject)7
SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)7
X509Certificate (java.security.cert.X509Certificate)6
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)6
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)6
SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)6
Test (org.junit.Test)6
IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)6
SimpleSign (ddf.security.samlp.SimpleSign)5
