Example 1 with BasicSignatureValidationConfiguration
use of org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration in project cas by apereo.
the class SamlObjectSignatureValidator method getSignatureValidationConfiguration.
/**
* Gets signature validation configuration.
*
* @return the signature validation configuration
*/
protected SignatureValidationConfiguration getSignatureValidationConfiguration() {
final BasicSignatureValidationConfiguration config = DefaultSecurityConfigurationBootstrap.buildDefaultSignatureValidationConfiguration();
final SamlIdPProperties samlIdp = casProperties.getAuthn().getSamlIdp();
if (this.overrideBlackListedSignatureAlgorithms != null && !samlIdp.getAlgs().getOverrideBlackListedSignatureSigningAlgorithms().isEmpty()) {
config.setBlacklistedAlgorithms(this.overrideBlackListedSignatureAlgorithms);
config.setWhitelistMerge(true);
}
if (this.overrideWhiteListedAlgorithms != null && !this.overrideWhiteListedAlgorithms.isEmpty()) {
config.setWhitelistedAlgorithms(this.overrideWhiteListedAlgorithms);
config.setBlacklistMerge(true);
}
LOGGER.debug("Signature validation blacklisted algorithms: [{}]", config.getBlacklistedAlgorithms());
LOGGER.debug("Signature validation whitelisted algorithms: [{}]", config.getWhitelistedAlgorithms());
return config;
}
Also used :
SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)
BasicSignatureValidationConfiguration(org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration)
Aggregations
SamlIdPProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)1
BasicSignatureValidationConfiguration (org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration)1
