Example 1 with AssertionBuilder
use of org.opensaml.saml2.core.impl.AssertionBuilder in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createAssertion.
/**
* Differences from createAssertion:
* - the assertion ID is "MultipleHostTrustAssertion" instead of "HostTrustAssertion"
* - there is no overall Subject for the assertion because it's for multiple host
* - each host is identified with host attributes within its own attribute statement
*
* @param hosts
* @return
* @throws ConfigurationException
* @throws UnknownHostException
*/
private Assertion createAssertion(Collection<TxtHostWithAssetTag> hosts) throws ConfigurationException, UnknownHostException {
// Create the assertion
SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
Assertion assertion = (Assertion) assertionBuilder.buildObject();
// ID is arbitrary, only needs to be unique WITHIN THE DOCUMENT, and is required so that the Signature element can refer to it, for example #HostTrustAssertion
assertion.setID("MultipleHostTrustAssertion");
assertion.setIssuer(createIssuer());
DateTime now = new DateTime();
assertion.setIssueInstant(now);
assertion.setVersion(SAMLVersion.VERSION_20);
// assertion.setSubject(createSubject(host));
for (TxtHostWithAssetTag host : hosts) {
assertion.getAttributeStatements().add(createHostAttributes(host.getHost(), host.getTagCertificate(), null));
}
return assertion;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Assertion(org.opensaml.saml2.core.Assertion)
DateTime(org.joda.time.DateTime)
Example 2 with AssertionBuilder
use of org.opensaml.saml2.core.impl.AssertionBuilder in project OpenAttestation by OpenAttestation.
the class SamlGenerator method createAssertion.
/*
private AttributeStatement createHostAttributes(TxtHost host, ManifestType pcrManifest) throws ConfigurationException {
AttributeStatement attrStatement = createHostAttributes(host);
attrStatement.getAttributes().add(createComplexAttribute("Manifest", pcrManifest);
return attrStatement;
}
*/
/**
* Creates an assertion with attributes of the host
*
* ID attribute: see section 5.4.2 "References" of http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
*
* @param host
* @return
*/
private Assertion createAssertion(TxtHost host, X509AttributeCertificate tagCertificate, Map<String, String> vmMetaData) throws ConfigurationException, UnknownHostException {
// Create the assertion
SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
Assertion assertion = (Assertion) assertionBuilder.buildObject();
// ID is arbitrary, only needs to be unique WITHIN THE DOCUMENT, and is required so that the Signature element can refer to it, for example #HostTrustAssertion
assertion.setID("HostTrustAssertion");
assertion.setIssuer(createIssuer());
DateTime now = new DateTime();
assertion.setIssueInstant(now);
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setSubject(createSubject(host));
assertion.getAttributeStatements().add(createHostAttributes(host, tagCertificate, vmMetaData));
return assertion;
}
Also used :
SAMLObjectBuilder(org.opensaml.common.SAMLObjectBuilder)
Assertion(org.opensaml.saml2.core.Assertion)
DateTime(org.joda.time.DateTime)
Example 3 with AssertionBuilder
use of org.opensaml.saml2.core.impl.AssertionBuilder in project cloudstack by apache.
the class SAML2LoginAPIAuthenticatorCmdTest method buildMockResponse.
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
Also used :
Status(org.opensaml.saml2.core.Status)
AttributeStatementBuilder(org.opensaml.saml2.core.impl.AttributeStatementBuilder)
StatusCodeBuilder(org.opensaml.saml2.core.impl.StatusCodeBuilder)
Issuer(org.opensaml.saml2.core.Issuer)
NameID(org.opensaml.saml2.core.NameID)
Assertion(org.opensaml.saml2.core.Assertion)
AssertionBuilder(org.opensaml.saml2.core.impl.AssertionBuilder)
AuthnStatementBuilder(org.opensaml.saml2.core.impl.AuthnStatementBuilder)
StatusCode(org.opensaml.saml2.core.StatusCode)
DateTime(org.joda.time.DateTime)
Subject(org.opensaml.saml2.core.Subject)
Response(org.opensaml.saml2.core.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
NameIDBuilder(org.opensaml.saml2.core.impl.NameIDBuilder)
AttributeStatement(org.opensaml.saml2.core.AttributeStatement)
AuthnStatement(org.opensaml.saml2.core.AuthnStatement)
StatusBuilder(org.opensaml.saml2.core.impl.StatusBuilder)
IssuerBuilder(org.opensaml.saml2.core.impl.IssuerBuilder)
ResponseBuilder(org.opensaml.saml2.core.impl.ResponseBuilder)
SubjectBuilder(org.opensaml.saml2.core.impl.SubjectBuilder)
Aggregations
DateTime (org.joda.time.DateTime)3
Assertion (org.opensaml.saml2.core.Assertion)3
SAMLObjectBuilder (org.opensaml.common.SAMLObjectBuilder)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
AttributeStatement (org.opensaml.saml2.core.AttributeStatement)1
AuthnStatement (org.opensaml.saml2.core.AuthnStatement)1
Issuer (org.opensaml.saml2.core.Issuer)1
NameID (org.opensaml.saml2.core.NameID)1
Response (org.opensaml.saml2.core.Response)1
Status (org.opensaml.saml2.core.Status)1
StatusCode (org.opensaml.saml2.core.StatusCode)1
Subject (org.opensaml.saml2.core.Subject)1
AssertionBuilder (org.opensaml.saml2.core.impl.AssertionBuilder)1
AttributeStatementBuilder (org.opensaml.saml2.core.impl.AttributeStatementBuilder)1
AuthnStatementBuilder (org.opensaml.saml2.core.impl.AuthnStatementBuilder)1
IssuerBuilder (org.opensaml.saml2.core.impl.IssuerBuilder)1
NameIDBuilder (org.opensaml.saml2.core.impl.NameIDBuilder)1
ResponseBuilder (org.opensaml.saml2.core.impl.ResponseBuilder)1
StatusBuilder (org.opensaml.saml2.core.impl.StatusBuilder)1
StatusCodeBuilder (org.opensaml.saml2.core.impl.StatusCodeBuilder)1
