You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/12/06 19:11:44 UTC
svn commit: r1418021 [1/3] - in /webservices/wss4j/trunk:
ws-security-common/src/main/java/org/apache/ws/security/common/saml/
ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/
ws-security-dom/src/main/java/org/apache/ws/securit...
Author: giger
Date: Thu Dec 6 18:11:37 2012
New Revision: 1418021
URL: http://svn.apache.org/viewvc?rev=1418021&view=rev
Log:
Rename AssertionWrapper to SamlAssertionWrapper for better distinctness between
Saml and Policy code
Added:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SamlAssertionWrapper.java
- copied, changed from r1417985, webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java
Removed:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java
Modified:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLCallback.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/ActionBean.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/AuthDecisionStatementBean.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/SAMLTokenPrincipal.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/WSSecurityEngineResult.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenSignedAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenUnsignedAction.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSAMLToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/saml/WSSecSignatureSAML.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/DerivedKeyTokenSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/EncryptedKeySTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/STRParserUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SecurityTokenRefSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SignatureSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/Credential.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/SamlAssertionValidator.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/CustomSamlAssertionValidator.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/SAMLElementCallbackHandler.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/message/ModifiedRequestTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/message/SignaturePartsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/misc/PrincipalTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlAlgorithmSuiteTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlConditionsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlNegativeTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlReferenceTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlTokenDerivedTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlTokenHOKTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlTokenSVTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SamlTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/SignedSamlTokenHOKTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/saml/ext/AssertionSigningTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/validate/ValidatorTest.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/input/SAMLTokenInputHandler.java
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/processor/output/SAMLTokenOutputProcessor.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/saml/SAMLTokenHOKTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/saml/SAMLTokenReferenceTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/saml/SamlTokenDerivedTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/resources/log4j-wss.xml
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLCallback.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLCallback.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLCallback.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLCallback.java Thu Dec 6 18:11:37 2012
@@ -34,7 +34,7 @@ import java.util.List;
/**
- * Class SAMLCallback will be called by the <code>AssertionWrapper</code> during the creation
+ * Class SAMLCallback will be called by the <code>SamlAssertionWrapper</code> during the creation
* of SAML statements (authentication, attribute, and authz decision). Alternatively, the
* "assertionElement" member of this class can be set instead, for a pre-existing SAML
* Assertion.
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java Thu Dec 6 18:11:37 2012
@@ -58,24 +58,24 @@ public final class SAMLUtil {
* Parse a SAML Assertion to obtain a SAMLKeyInfo object from
* the Subject of the assertion
*
- * @param assertion The SAML Assertion
+ * @param samlAssertion The SAML Assertion
* @param keyInfoProcessor A pluggable way to parse the KeyInfo
* @return a SAMLKeyInfo object
* @throws WSSecurityException
*/
public static SAMLKeyInfo getCredentialFromSubject(
- AssertionWrapper assertion,
+ SamlAssertionWrapper samlAssertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler
) throws WSSecurityException {
- if (assertion.getSaml1() != null) {
+ if (samlAssertion.getSaml1() != null) {
return getCredentialFromSubject(
- assertion.getSaml1(), keyInfoProcessor, sigCrypto, callbackHandler
+ samlAssertion.getSaml1(), keyInfoProcessor, sigCrypto, callbackHandler
);
} else {
return getCredentialFromSubject(
- assertion.getSaml2(), keyInfoProcessor, sigCrypto, callbackHandler
+ samlAssertion.getSaml2(), keyInfoProcessor, sigCrypto, callbackHandler
);
}
}
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SamlAssertionWrapper.java (from r1417985, webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SamlAssertionWrapper.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SamlAssertionWrapper.java&p1=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java&r1=1417985&r2=1418021&rev=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SamlAssertionWrapper.java Thu Dec 6 18:11:37 2012
@@ -61,17 +61,17 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
- * Class AssertionWrapper can generate, sign, and validate both SAML v1.1
+ * Class SamlAssertionWrapper can generate, sign, and validate both SAML v1.1
* and SAML v2.0 assertions.
* <p/>
* Created on May 18, 2009
*/
-public class AssertionWrapper {
+public class SamlAssertionWrapper {
/**
* Field log
*/
private static final org.apache.commons.logging.Log LOG =
- org.apache.commons.logging.LogFactory.getLog(AssertionWrapper.class);
+ org.apache.commons.logging.LogFactory.getLog(SamlAssertionWrapper.class);
/**
* Raw SAML assertion data
@@ -129,12 +129,12 @@ public class AssertionWrapper {
private final boolean fromDOM;
/**
- * Constructor AssertionWrapper creates a new AssertionWrapper instance.
+ * Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
*
* @param element of type Element
* @throws WSSecurityException
*/
- public AssertionWrapper(Element element) throws WSSecurityException {
+ public SamlAssertionWrapper(Element element) throws WSSecurityException {
OpenSAMLUtil.initSamlEngine();
parseElement(element);
@@ -142,32 +142,32 @@ public class AssertionWrapper {
}
/**
- * Constructor AssertionWrapper creates a new AssertionWrapper instance.
+ * Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
*
* @param saml2 of type Assertion
*/
- public AssertionWrapper(org.opensaml.saml2.core.Assertion saml2) {
+ public SamlAssertionWrapper(org.opensaml.saml2.core.Assertion saml2) {
this((XMLObject)saml2);
}
/**
- * Constructor AssertionWrapper creates a new AssertionWrapper instance.
+ * Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
*
* @param saml1 of type Assertion
*/
- public AssertionWrapper(org.opensaml.saml1.core.Assertion saml1) {
+ public SamlAssertionWrapper(org.opensaml.saml1.core.Assertion saml1) {
this((XMLObject)saml1);
}
/**
- * Constructor AssertionWrapper creates a new AssertionWrapper instance.
+ * Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
* This is the primary constructor. All other constructor calls should
* be routed to this method to ensure that the wrapper is initialized
* correctly.
*
* @param xmlObject of type XMLObject
*/
- public AssertionWrapper(XMLObject xmlObject) {
+ public SamlAssertionWrapper(XMLObject xmlObject) {
OpenSAMLUtil.initSamlEngine();
this.xmlObject = xmlObject;
@@ -179,7 +179,7 @@ public class AssertionWrapper {
samlVersion = SAMLVersion.VERSION_20;
} else {
LOG.error(
- "AssertionWrapper: found unexpected type "
+ "SamlAssertionWrapper: found unexpected type "
+ (xmlObject != null ? xmlObject.getClass().getName() : null)
);
}
@@ -187,13 +187,13 @@ public class AssertionWrapper {
}
/**
- * Constructor AssertionWrapper creates a new AssertionWrapper instance.
+ * Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
* This constructor is primarily called on the client side to initialize
* the wrapper from a configuration file. <br>
*
* @param samlCallback of type SAMLCallback
*/
- public AssertionWrapper(SAMLCallback samlCallback) throws WSSecurityException {
+ public SamlAssertionWrapper(SAMLCallback samlCallback) throws WSSecurityException {
OpenSAMLUtil.initSamlEngine();
if (samlCallback.getAssertionElement() != null) {
@@ -207,36 +207,36 @@ public class AssertionWrapper {
}
/**
- * Method getSaml1 returns the saml1 of this AssertionWrapper object.
+ * Method getSaml1 returns the saml1 of this SamlAssertionWrapper object.
*
- * @return the saml1 (type Assertion) of this AssertionWrapper object.
+ * @return the saml1 (type Assertion) of this SamlAssertionWrapper object.
*/
public org.opensaml.saml1.core.Assertion getSaml1() {
return saml1;
}
/**
- * Method getSaml2 returns the saml2 of this AssertionWrapper object.
+ * Method getSaml2 returns the saml2 of this SamlAssertionWrapper object.
*
- * @return the saml2 (type Assertion) of this AssertionWrapper object.
+ * @return the saml2 (type Assertion) of this SamlAssertionWrapper object.
*/
public org.opensaml.saml2.core.Assertion getSaml2() {
return saml2;
}
/**
- * Method getXmlObject returns the xmlObject of this AssertionWrapper object.
+ * Method getXmlObject returns the xmlObject of this SamlAssertionWrapper object.
*
- * @return the xmlObject (type XMLObject) of this AssertionWrapper object.
+ * @return the xmlObject (type XMLObject) of this SamlAssertionWrapper object.
*/
public XMLObject getXmlObject() {
return xmlObject;
}
/**
- * Method isCreated returns the created of this AssertionWrapper object.
+ * Method isCreated returns the created of this SamlAssertionWrapper object.
*
- * @return the created (type boolean) of this AssertionWrapper object.
+ * @return the created (type boolean) of this SamlAssertionWrapper object.
*/
public boolean isCreated() {
return saml1 != null || saml2 != null;
@@ -276,9 +276,9 @@ public class AssertionWrapper {
}
/**
- * Method getId returns the id of this AssertionWrapper object.
+ * Method getId returns the id of this SamlAssertionWrapper object.
*
- * @return the id (type String) of this AssertionWrapper object.
+ * @return the id (type String) of this SamlAssertionWrapper object.
*/
public String getId() {
String id = null;
@@ -287,10 +287,10 @@ public class AssertionWrapper {
} else if (saml1 != null) {
id = saml1.getID();
} else {
- LOG.error("AssertionWrapper: unable to return ID - no saml assertion object");
+ LOG.error("SamlAssertionWrapper: unable to return ID - no saml assertion object");
}
if (id == null || id.length() == 0) {
- LOG.error("AssertionWrapper: ID was null, seeting a new ID value");
+ LOG.error("SamlAssertionWrapper: ID was null, seeting a new ID value");
id = IDGenerator.generateID("_");
if (saml2 != null) {
saml2.setID(id);
@@ -302,9 +302,9 @@ public class AssertionWrapper {
}
/**
- * Method getIssuerString returns the issuerString of this AssertionWrapper object.
+ * Method getIssuerString returns the issuerString of this SamlAssertionWrapper object.
*
- * @return the issuerString (type String) of this AssertionWrapper object.
+ * @return the issuerString (type String) of this SamlAssertionWrapper object.
*/
public String getIssuerString() {
if (saml2 != null && saml2.getIssuer() != null) {
@@ -313,7 +313,7 @@ public class AssertionWrapper {
return saml1.getIssuer();
}
LOG.error(
- "AssertionWrapper: unable to return Issuer string - no saml assertion "
+ "SamlAssertionWrapper: unable to return Issuer string - no saml assertion "
+ "object or issuer is null"
);
return null;
@@ -321,9 +321,9 @@ public class AssertionWrapper {
/**
* Method getConfirmationMethods returns the confirmationMethods of this
- * AssertionWrapper object.
+ * SamlAssertionWrapper object.
*
- * @return the confirmationMethods of this AssertionWrapper object.
+ * @return the confirmationMethods of this SamlAssertionWrapper object.
*/
public List<String> getConfirmationMethods() {
List<String> methods = new ArrayList<String>();
@@ -363,9 +363,9 @@ public class AssertionWrapper {
}
/**
- * Method isSigned returns the signed of this AssertionWrapper object.
+ * Method isSigned returns the signed of this SamlAssertionWrapper object.
*
- * @return the signed (type boolean) of this AssertionWrapper object.
+ * @return the signed (type boolean) of this SamlAssertionWrapper object.
*/
public boolean isSigned() {
if (saml2 != null) {
@@ -377,9 +377,9 @@ public class AssertionWrapper {
}
/**
- * Method setSignature sets the signature of this AssertionWrapper object.
+ * Method setSignature sets the signature of this SamlAssertionWrapper object.
*
- * @param signature the signature of this AssertionWrapper object.
+ * @param signature the signature of this SamlAssertionWrapper object.
*/
public void setSignature(Signature signature) {
if (xmlObject instanceof SignableSAMLObject) {
@@ -511,7 +511,7 @@ public class AssertionWrapper {
SAMLUtil.getCredentialDirectlyFromKeyInfo(keyInfo.getDOM(), sigCrypto);
verifySignature(samlKeyInfo);
} else {
- LOG.debug("AssertionWrapper: no signature to validate");
+ LOG.debug("SamlAssertionWrapper: no signature to validate");
}
}
@@ -558,7 +558,7 @@ public class AssertionWrapper {
}
signatureKeyInfo = samlKeyInfo;
} else {
- LOG.debug("AssertionWrapper: no signature to validate");
+ LOG.debug("SamlAssertionWrapper: no signature to validate");
}
}
@@ -595,9 +595,9 @@ public class AssertionWrapper {
/**
- * Method getSamlVersion returns the samlVersion of this AssertionWrapper object.
+ * Method getSamlVersion returns the samlVersion of this SamlAssertionWrapper object.
*
- * @return the samlVersion (type SAMLVersion) of this AssertionWrapper object.
+ * @return the samlVersion (type SAMLVersion) of this SamlAssertionWrapper object.
*/
public SAMLVersion getSamlVersion() {
if (samlVersion == null) {
@@ -701,7 +701,7 @@ public class AssertionWrapper {
samlVersion = SAMLVersion.VERSION_20;
} else {
LOG.error(
- "AssertionWrapper: found unexpected type "
+ "SamlAssertionWrapper: found unexpected type "
+ (xmlObject != null ? xmlObject.getClass().getName() : xmlObject)
);
}
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/ActionBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/ActionBean.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/ActionBean.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/ActionBean.java Thu Dec 6 18:11:37 2012
@@ -21,7 +21,7 @@ package org.apache.ws.security.common.sa
/**
- * Class SamlAction represents the raw data required by the <code>AssertionWrapper</code> when
+ * Class SamlAction represents the raw data required by the <code>SamlAssertionWrapper</code> when
* creating the <code>Action</code> element of the SAML Authorization Decision Statement.
*
* Created on May 19, 2009
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/AuthDecisionStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/AuthDecisionStatementBean.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/AuthDecisionStatementBean.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/bean/AuthDecisionStatementBean.java Thu Dec 6 18:11:37 2012
@@ -24,7 +24,7 @@ import java.util.ArrayList;
/**
- * Class SamlDecision represents the raw data to be used by the <code>AssertionWrapper</code> when
+ * Class SamlDecision represents the raw data to be used by the <code>SamlAssertionWrapper</code> when
* creating SAML Authorization Decision Statements.
*
* Created on May 19, 2009
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/SAMLTokenPrincipal.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/SAMLTokenPrincipal.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/SAMLTokenPrincipal.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/SAMLTokenPrincipal.java Thu Dec 6 18:11:37 2012
@@ -19,7 +19,7 @@
package org.apache.ws.security.dom;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.opensaml.common.SAMLVersion;
import java.io.Serializable;
@@ -33,18 +33,18 @@ public class SAMLTokenPrincipal implemen
private static final long serialVersionUID = 1L;
private String name;
- private AssertionWrapper assertion;
+ private SamlAssertionWrapper samlAssertion;
- public SAMLTokenPrincipal(AssertionWrapper assertion) {
- this.assertion = assertion;
- if (assertion.getSamlVersion() == SAMLVersion.VERSION_20) {
- org.opensaml.saml2.core.Subject subject = assertion.getSaml2().getSubject();
+ public SAMLTokenPrincipal(SamlAssertionWrapper samlAssertion) {
+ this.samlAssertion = samlAssertion;
+ if (samlAssertion.getSamlVersion() == SAMLVersion.VERSION_20) {
+ org.opensaml.saml2.core.Subject subject = samlAssertion.getSaml2().getSubject();
if (subject != null && subject.getNameID() != null) {
name = subject.getNameID().getValue();
}
} else {
org.opensaml.saml1.core.Subject samlSubject = null;
- for (org.opensaml.saml1.core.Statement stmt : assertion.getSaml1().getStatements()) {
+ for (org.opensaml.saml1.core.Statement stmt : samlAssertion.getSaml1().getStatements()) {
if (stmt instanceof org.opensaml.saml1.core.AttributeStatement) {
org.opensaml.saml1.core.AttributeStatement attrStmt =
(org.opensaml.saml1.core.AttributeStatement) stmt;
@@ -68,8 +68,8 @@ public class SAMLTokenPrincipal implemen
}
}
- public AssertionWrapper getToken() {
- return assertion;
+ public SamlAssertionWrapper getToken() {
+ return samlAssertion;
}
public String getName() {
@@ -77,8 +77,8 @@ public class SAMLTokenPrincipal implemen
}
public String getId() {
- if (assertion != null) {
- return assertion.getId();
+ if (samlAssertion != null) {
+ return samlAssertion.getId();
}
return null;
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/WSSecurityEngineResult.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/WSSecurityEngineResult.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/WSSecurityEngineResult.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/WSSecurityEngineResult.java Thu Dec 6 18:11:37 2012
@@ -19,7 +19,7 @@
package org.apache.ws.security.dom;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.message.token.BinarySecurity;
import org.apache.ws.security.dom.message.token.SecurityContextToken;
import org.apache.ws.security.dom.message.token.SignatureConfirmation;
@@ -47,7 +47,7 @@ public class WSSecurityEngineResult exte
/**
* Tag denoting the SAML Assertion found, if applicable.
*
- * The value under this tag is of type AssertionWrapper.
+ * The value under this tag is of type SamlAssertionWrapper.
*/
public static final String TAG_SAML_ASSERTION = "saml-assertion";
@@ -95,13 +95,13 @@ public class WSSecurityEngineResult exte
/**
* Tag denoting a Transformed Token. For certain tokens, the Validator may return
- * an AssertionWrapper instance which corresponds to a transformed version of the
+ * an SamlAssertionWrapper instance which corresponds to a transformed version of the
* initial token. For example, a Username Token credential might be validated
* by an STS and transformed into a SAML Assertion. This tag then holds the
- * transformed AssertionWrapper instance, as a component of the Result corresponding
+ * transformed SamlAssertionWrapper instance, as a component of the Result corresponding
* to the Username Token.
*
- * The value under this tag is of type AssertionWrapper.
+ * The value under this tag is of type SamlAssertionWrapper.
*/
public static final String TAG_TRANSFORMED_TOKEN = "transformed-token";
@@ -235,7 +235,7 @@ public class WSSecurityEngineResult exte
public WSSecurityEngineResult(
int act,
- AssertionWrapper ass
+ SamlAssertionWrapper ass
) {
put(TAG_ACTION, Integer.valueOf(act));
put(TAG_SAML_ASSERTION, ass);
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenSignedAction.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenSignedAction.java Thu Dec 6 18:11:37 2012
@@ -24,7 +24,7 @@ import javax.security.auth.callback.Call
import org.apache.ws.security.common.crypto.Crypto;
import org.apache.ws.security.common.ext.WSPasswordCallback;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.SAMLCallback;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.dom.handler.RequestData;
@@ -71,9 +71,9 @@ public class SAMLTokenSignedAction imple
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
- AssertionWrapper assertion = new AssertionWrapper(samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
if (samlCallback.isSignAssertion()) {
- assertion.signAssertion(
+ samlAssertion.signAssertion(
samlCallback.getIssuerKeyName(),
samlCallback.getIssuerKeyPassword(),
samlCallback.getIssuerCrypto(),
@@ -114,7 +114,7 @@ public class SAMLTokenSignedAction imple
wsSign.build(
doc,
crypto,
- assertion,
+ samlAssertion,
samlCallback.getIssuerCrypto(),
samlCallback.getIssuerKeyName(),
samlCallback.getIssuerKeyPassword(),
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenUnsignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenUnsignedAction.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenUnsignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/action/SAMLTokenUnsignedAction.java Thu Dec 6 18:11:37 2012
@@ -22,7 +22,7 @@ package org.apache.ws.security.dom.actio
import javax.security.auth.callback.CallbackHandler;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.SAMLCallback;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.dom.handler.RequestData;
@@ -52,9 +52,9 @@ public class SAMLTokenUnsignedAction ext
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
- AssertionWrapper assertion = new AssertionWrapper(samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
// add the SAMLAssertion Token to the SOAP Envelope
- builder.build(doc, assertion, reqData.getSecHeader());
+ builder.build(doc, samlAssertion, reqData.getSecHeader());
}
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSAMLToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSAMLToken.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSAMLToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSAMLToken.java Thu Dec 6 18:11:37 2012
@@ -19,9 +19,9 @@
package org.apache.ws.security.dom.message;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.WSSConfig;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
import org.apache.ws.security.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
@@ -40,7 +40,7 @@ public class WSSecSAMLToken extends WSSe
private Document document = null;
- private AssertionWrapper saml = null;
+ private SamlAssertionWrapper saml = null;
public WSSecSAMLToken() {
super();
@@ -61,9 +61,9 @@ public class WSSecSAMLToken extends WSSe
* @param doc
* The SOAP envelope as W3C document
*/
- public void prepare(Document doc, AssertionWrapper assertion) {
+ public void prepare(Document doc, SamlAssertionWrapper samlAssertion) {
document = doc;
- saml = assertion;
+ saml = samlAssertion;
}
/**
@@ -108,13 +108,13 @@ public class WSSecSAMLToken extends WSSe
* <code>wsse:Security</code> header.
*
* @param doc The SOAP envelope as W3C document
- * @param assertion TODO
+ * @param samlAssertion TODO
* @return Document with UsernameToken added
*/
- public Document build(Document doc, AssertionWrapper assertion, WSSecHeader secHeader) {
+ public Document build(Document doc, SamlAssertionWrapper samlAssertion, WSSecHeader secHeader) {
log.debug("Begin add SAMLAssertion token...");
- prepare(doc, assertion);
+ prepare(doc, samlAssertion);
prependToHeader(secHeader);
return doc;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java Thu Dec 6 18:11:37 2012
@@ -30,6 +30,7 @@ import javax.xml.crypto.dsig.XMLValidate
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.namespace.QName;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.w3c.dom.Element;
import org.apache.ws.security.dom.SAMLTokenPrincipal;
@@ -39,7 +40,6 @@ import org.apache.ws.security.dom.WSSecu
import org.apache.ws.security.common.crypto.AlgorithmSuite;
import org.apache.ws.security.common.crypto.AlgorithmSuiteValidator;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.common.util.DOM2Writer;
@@ -78,14 +78,14 @@ public class SAMLTokenProcessor implemen
Validator validator =
data.getValidator(new QName(elem.getNamespaceURI(), elem.getLocalName()));
Credential credential = handleSAMLToken(elem, data, validator, wsDocInfo);
- AssertionWrapper assertion = credential.getAssertion();
+ SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
if (log.isDebugEnabled()) {
- log.debug("SAML Assertion issuer " + assertion.getIssuerString());
+ log.debug("SAML Assertion issuer " + samlAssertion.getIssuerString());
log.debug(DOM2Writer.nodeToString(elem));
}
// See if the token has been previously processed
- String id = assertion.getId();
+ String id = samlAssertion.getId();
Element foundElement = wsDocInfo.getTokenElement(id);
if (elem.equals(foundElement)) {
WSSecurityEngineResult result = wsDocInfo.getResult(id);
@@ -98,13 +98,13 @@ public class SAMLTokenProcessor implemen
wsDocInfo.addTokenElement(elem);
WSSecurityEngineResult result = null;
- if (assertion.isSigned()) {
- result = new WSSecurityEngineResult(WSConstants.ST_SIGNED, assertion);
+ if (samlAssertion.isSigned()) {
+ result = new WSSecurityEngineResult(WSConstants.ST_SIGNED, samlAssertion);
} else {
- result = new WSSecurityEngineResult(WSConstants.ST_UNSIGNED, assertion);
+ result = new WSSecurityEngineResult(WSConstants.ST_UNSIGNED, samlAssertion);
}
- result.put(WSSecurityEngineResult.TAG_ID, assertion.getId());
+ result.put(WSSecurityEngineResult.TAG_ID, samlAssertion.getId());
if (validator != null) {
result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE);
@@ -118,7 +118,7 @@ public class SAMLTokenProcessor implemen
} else if (credential.getPrincipal() != null) {
result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal());
} else {
- result.put(WSSecurityEngineResult.TAG_PRINCIPAL, new SAMLTokenPrincipal(assertion));
+ result.put(WSSecurityEngineResult.TAG_PRINCIPAL, new SAMLTokenPrincipal(samlAssertion));
}
}
wsDocInfo.addResult(result);
@@ -131,12 +131,12 @@ public class SAMLTokenProcessor implemen
Validator validator,
WSDocInfo docInfo
) throws WSSecurityException {
- AssertionWrapper assertion = new AssertionWrapper(token);
- if (assertion.isSigned()) {
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(token);
+ if (samlAssertion.isSigned()) {
// Check for compliance against the defined AlgorithmSuite
AlgorithmSuite algorithmSuite = data.getSamlAlgorithmSuite();
- Signature sig = assertion.getSignature();
+ Signature sig = samlAssertion.getSignature();
KeyInfo keyInfo = sig.getKeyInfo();
SAMLKeyInfo samlKeyInfo =
SAMLUtil.getCredentialDirectlyFromKeyInfo(
@@ -178,17 +178,17 @@ public class SAMLTokenProcessor implemen
algorithmSuiteValidator.checkAsymmetricKeyLength(key);
}
- assertion.verifySignature(samlKeyInfo);
+ samlAssertion.verifySignature(samlKeyInfo);
}
// Parse the HOK subject if it exists
- assertion.parseHOKSubject(
+ samlAssertion.parseHOKSubject(
new WSSSAMLKeyInfoProcessor(data, docInfo), data.getSigVerCrypto(),
data.getCallbackHandler()
);
// Now delegate the rest of the verification to the Validator
Credential credential = new Credential();
- credential.setAssertion(assertion);
+ credential.setSamlAssertion(samlAssertion);
if (validator != null) {
return validator.validate(credential, data);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/saml/WSSecSignatureSAML.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/saml/WSSecSignatureSAML.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/saml/WSSecSignatureSAML.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/saml/WSSecSignatureSAML.java Thu Dec 6 18:11:37 2012
@@ -33,6 +33,7 @@ import javax.xml.crypto.dsig.dom.DOMSign
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.WSConstants;
import org.apache.ws.security.dom.WSDocInfo;
import org.apache.ws.security.dom.WSEncryptionPart;
@@ -40,7 +41,6 @@ import org.apache.ws.security.dom.WSSCon
import org.apache.ws.security.common.crypto.Crypto;
import org.apache.ws.security.common.crypto.CryptoType;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
import org.apache.ws.security.common.saml.OpenSAMLUtil;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
@@ -97,7 +97,7 @@ public class WSSecSignatureSAML extends
* The unsigned SOAP envelope as <code>Document</code>
* @param uCrypto
* The user's Crypto instance
- * @param assertion
+ * @param samlAssertion
* the complete SAML assertion
* @param iCrypto
* An instance of the Crypto API to handle keystore SAML token
@@ -112,11 +112,11 @@ public class WSSecSignatureSAML extends
* @throws WSSecurityException
*/
public Document build(
- Document doc, Crypto uCrypto, AssertionWrapper assertion,
+ Document doc, Crypto uCrypto, SamlAssertionWrapper samlAssertion,
Crypto iCrypto, String iKeyName, String iKeyPW, WSSecHeader secHeader
) throws WSSecurityException {
- prepare(doc, uCrypto, assertion, iCrypto, iKeyName, iKeyPW, secHeader);
+ prepare(doc, uCrypto, samlAssertion, iCrypto, iKeyName, iKeyPW, secHeader);
String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
if (parts == null) {
@@ -180,7 +180,7 @@ public class WSSecSignatureSAML extends
* The SOAP envelope as <code>Document</code>
* @param uCrypto
* The user's Crypto instance
- * @param assertion
+ * @param samlAssertion
* the complete SAML assertion
* @param iCrypto
* An instance of the Crypto API to handle keystore SAML token
@@ -194,7 +194,7 @@ public class WSSecSignatureSAML extends
* @throws WSSecurityException
*/
public void prepare(
- Document doc, Crypto uCrypto, AssertionWrapper assertion, Crypto iCrypto,
+ Document doc, Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto,
String iKeyName, String iKeyPW, WSSecHeader secHeader
) throws WSSecurityException {
@@ -208,7 +208,7 @@ public class WSSecSignatureSAML extends
issuerKeyName = iKeyName;
issuerKeyPW = iKeyPW;
- samlToken = (Element) assertion.toDOM(doc);
+ samlToken = (Element) samlAssertion.toDOM(doc);
//
// Get some information about the SAML token content. This controls how
@@ -217,7 +217,7 @@ public class WSSecSignatureSAML extends
// thats if "senderVouches" is true.
//
String confirmMethod = null;
- List<String> methods = assertion.getConfirmationMethods();
+ List<String> methods = samlAssertion.getConfirmationMethods();
if (methods != null && methods.size() > 0) {
confirmMethod = methods.get(0);
}
@@ -246,7 +246,7 @@ public class WSSecSignatureSAML extends
// token must be signed (by the issuer).
//
else {
- if (userCrypto == null || !assertion.isSigned()) {
+ if (userCrypto == null || !samlAssertion.isSigned()) {
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE,
"invalidSAMLsecurity",
@@ -259,7 +259,7 @@ public class WSSecSignatureSAML extends
data.setWssConfig(getWsConfig());
SAMLKeyInfo samlKeyInfo =
SAMLUtil.getCredentialFromSubject(
- assertion, new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
+ samlAssertion, new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigCrypto(), data.getCallbackHandler()
);
publicKey = samlKeyInfo.getPublicKey();
@@ -348,28 +348,28 @@ public class WSSecSignatureSAML extends
if (useDirectReferenceToAssertion) {
Reference ref = new Reference(doc);
- ref.setURI("#" + assertion.getId());
- if (assertion.getSaml1() != null) {
+ ref.setURI("#" + samlAssertion.getId());
+ if (samlAssertion.getSaml1() != null) {
ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
- } else if (assertion.getSaml2() != null) {
+ } else if (samlAssertion.getSaml2() != null) {
secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
secRefSaml.setReference(ref);
} else {
Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier");
String valueType = null;
- if (assertion.getSaml1() != null) {
+ if (samlAssertion.getSaml1() != null) {
valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE;
secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
- } else if (assertion.getSaml2() != null) {
+ } else if (samlAssertion.getSaml2() != null) {
valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE;
secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
keyId.setAttributeNS(
null, "ValueType", valueType
);
- keyId.appendChild(doc.createTextNode(assertion.getId()));
+ keyId.appendChild(doc.createTextNode(samlAssertion.getId()));
Element elem = secRefSaml.getElement();
elem.appendChild(keyId);
}
@@ -422,28 +422,28 @@ public class WSSecSignatureSAML extends
}
} else if (useDirectReferenceToAssertion) {
Reference ref = new Reference(doc);
- ref.setURI("#" + assertion.getId());
- if (assertion.getSaml1() != null) {
+ ref.setURI("#" + samlAssertion.getId());
+ if (samlAssertion.getSaml1() != null) {
ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
- } else if (assertion.getSaml2() != null) {
+ } else if (samlAssertion.getSaml2() != null) {
secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
secRef.setReference(ref);
} else {
Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier");
String valueType = null;
- if (assertion.getSaml1() != null) {
+ if (samlAssertion.getSaml1() != null) {
valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE;
secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
- } else if (assertion.getSaml2() != null) {
+ } else if (samlAssertion.getSaml2() != null) {
valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE;
secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
}
keyId.setAttributeNS(
null, "ValueType", valueType
);
- keyId.appendChild(doc.createTextNode(assertion.getId()));
+ keyId.appendChild(doc.createTextNode(samlAssertion.getId()));
Element elem = secRef.getElement();
elem.appendChild(keyId);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/DerivedKeyTokenSTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/DerivedKeyTokenSTRParser.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/DerivedKeyTokenSTRParser.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/DerivedKeyTokenSTRParser.java Thu Dec 6 18:11:37 2012
@@ -31,7 +31,7 @@ import javax.security.auth.callback.Call
import org.apache.ws.security.common.crypto.Crypto;
import org.apache.ws.security.common.ext.WSPasswordCallback;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.dom.WSConstants;
@@ -254,12 +254,12 @@ public class DerivedKeyTokenSTRParser im
} else if (WSConstants.SCT == action || WSConstants.BST == action) {
secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
} else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
- AssertionWrapper assertion =
- (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ SamlAssertionWrapper samlAssertion =
+ (SamlAssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
SAMLKeyInfo keyInfo =
- SAMLUtil.getCredentialFromSubject(assertion,
+ SAMLUtil.getCredentialFromSubject(samlAssertion,
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler());
// TODO Handle malformed SAML tokens where they don't have the
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/EncryptedKeySTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/EncryptedKeySTRParser.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/EncryptedKeySTRParser.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/EncryptedKeySTRParser.java Thu Dec 6 18:11:37 2012
@@ -28,7 +28,7 @@ import javax.xml.namespace.QName;
import org.apache.ws.security.common.crypto.Crypto;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.dom.WSConstants;
@@ -96,14 +96,14 @@ public class EncryptedKeySTRParser imple
} else if (secRef.containsKeyIdentifier()) {
if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())
|| WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
- AssertionWrapper assertion =
+ SamlAssertionWrapper samlAssertion =
STRParserUtil.getAssertionFromKeyIdentifier(
secRef, strElement, data, wsDocInfo
);
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
SAMLKeyInfo samlKi =
- SAMLUtil.getCredentialFromSubject(assertion,
+ SAMLUtil.getCredentialFromSubject(samlAssertion,
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler());
certs = samlKi.getCerts();
@@ -209,12 +209,12 @@ public class EncryptedKeySTRParser imple
WSSecurityEngineResult.TAG_X509_CERTIFICATES
);
} else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
- AssertionWrapper assertion =
- (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ SamlAssertionWrapper samlAssertion =
+ (SamlAssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
SAMLKeyInfo keyInfo =
- SAMLUtil.getCredentialFromSubject(assertion,
+ SAMLUtil.getCredentialFromSubject(samlAssertion,
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler());
certs = keyInfo.getCerts();
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/STRParserUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/STRParserUtil.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/STRParserUtil.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/STRParserUtil.java Thu Dec 6 18:11:37 2012
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.ws.security.common.bsp.BSPRule;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.WSConstants;
import org.apache.ws.security.dom.WSDocInfo;
import org.apache.ws.security.dom.WSSecurityEngine;
@@ -48,17 +48,17 @@ public final class STRParserUtil {
}
/**
- * Get an AssertionWrapper object from parsing a SecurityTokenReference that uses
+ * Get an SamlAssertionWrapper object from parsing a SecurityTokenReference that uses
* a KeyIdentifier that points to a SAML Assertion.
*
* @param secRef the SecurityTokenReference to the SAML Assertion
* @param strElement The SecurityTokenReference DOM element
* @param request The RequestData instance used to obtain configuration
* @param wsDocInfo The WSDocInfo object that holds previous results
- * @return an AssertionWrapper object
+ * @return an SamlAssertionWrapper object
* @throws WSSecurityException
*/
- public static AssertionWrapper getAssertionFromKeyIdentifier(
+ public static SamlAssertionWrapper getAssertionFromKeyIdentifier(
SecurityTokenReference secRef,
Element strElement,
RequestData request,
@@ -68,12 +68,12 @@ public final class STRParserUtil {
String type = secRef.getKeyIdentifierValueType();
WSSecurityEngineResult result = wsDocInfo.getResult(keyIdentifierValue);
- AssertionWrapper assertion = null;
+ SamlAssertionWrapper samlAssertion = null;
Element token = null;
if (result != null) {
- assertion =
- (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- return assertion;
+ samlAssertion =
+ (SamlAssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ return samlAssertion;
} else {
token =
secRef.findProcessedTokenElement(
@@ -87,7 +87,7 @@ public final class STRParserUtil {
WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"
);
}
- return new AssertionWrapper(token);
+ return new SamlAssertionWrapper(token);
}
token =
secRef.findUnprocessedTokenElement(
@@ -104,7 +104,7 @@ public final class STRParserUtil {
List<WSSecurityEngineResult> samlResult =
proc.handleToken(token, request, wsDocInfo);
return
- (AssertionWrapper)samlResult.get(0).get(
+ (SamlAssertionWrapper)samlResult.get(0).get(
WSSecurityEngineResult.TAG_SAML_ASSERTION
);
}
@@ -179,23 +179,23 @@ public final class STRParserUtil {
* Check that the SAML token referenced by the SecurityTokenReference argument
* is BSP compliant.
* @param secRef The SecurityTokenReference to the SAML token
- * @param assertion The SAML Token AssertionWrapper object
+ * @param samlAssertion The SAML Token SamlAssertionWrapper object
* @param bspEnforcer a BSPEnforcer instance to enforce BSP rules
* @throws WSSecurityException
*/
public static void checkSamlTokenBSPCompliance(
SecurityTokenReference secRef,
- AssertionWrapper assertion,
+ SamlAssertionWrapper samlAssertion,
BSPEnforcer bspEnforcer
) throws WSSecurityException {
// Check the KeyIdentifier ValueType attributes
if (secRef.containsKeyIdentifier()) {
String valueType = secRef.getKeyIdentifierValueType();
- if (assertion.getSaml1() != null
+ if (samlAssertion.getSaml1() != null
&& !WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType)) {
bspEnforcer.handleBSPRule(BSPRule.R6603);
}
- if (assertion.getSaml2() != null
+ if (samlAssertion.getSaml2() != null
&& !WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)) {
bspEnforcer.handleBSPRule(BSPRule.R6616);
}
@@ -207,15 +207,15 @@ public final class STRParserUtil {
// Check the TokenType attribute
String tokenType = secRef.getTokenType();
- if (assertion.getSaml1() != null && !WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+ if (samlAssertion.getSaml1() != null && !WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
bspEnforcer.handleBSPRule(BSPRule.R6611);
}
- if (assertion.getSaml2() != null && !WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+ if (samlAssertion.getSaml2() != null && !WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
bspEnforcer.handleBSPRule(BSPRule.R6617);
}
// Check the ValueType attribute of the Reference for SAML2
- if (assertion.getSaml2() != null && secRef.containsReference()) {
+ if (samlAssertion.getSaml2() != null && secRef.containsReference()) {
String valueType = secRef.getReference().getValueType();
if (valueType != null && !"".equals(valueType)) {
bspEnforcer.handleBSPRule(BSPRule.R6614);
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SecurityTokenRefSTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SecurityTokenRefSTRParser.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SecurityTokenRefSTRParser.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SecurityTokenRefSTRParser.java Thu Dec 6 18:11:37 2012
@@ -31,7 +31,7 @@ import javax.xml.namespace.QName;
import org.apache.ws.security.common.ext.WSPasswordCallback;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
import org.apache.ws.security.dom.WSConstants;
@@ -130,12 +130,12 @@ public class SecurityTokenRefSTRParser i
secretKey =
getSecretKeyFromToken(secRef.getKeyIdentifierValue(), valueType, data);
if (secretKey == null) {
- AssertionWrapper assertion =
+ SamlAssertionWrapper samlAssertion =
STRParserUtil.getAssertionFromKeyIdentifier(
secRef, strElement,
data, wsDocInfo
);
- secretKey = getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo);
+ secretKey = getSecretKeyFromAssertion(samlAssertion, secRef, data, wsDocInfo);
}
} else if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(valueType)) {
secretKey =
@@ -269,14 +269,14 @@ public class SecurityTokenRefSTRParser i
* Get a SecretKey from a SAML Assertion
*/
private byte[] getSecretKeyFromAssertion(
- AssertionWrapper assertion,
+ SamlAssertionWrapper samlAssertion,
SecurityTokenReference secRef,
RequestData data,
WSDocInfo wsDocInfo
) throws WSSecurityException {
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
SAMLKeyInfo samlKi =
- SAMLUtil.getCredentialFromSubject(assertion,
+ SAMLUtil.getCredentialFromSubject(samlAssertion,
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler());
if (samlKi == null) {
@@ -310,9 +310,9 @@ public class SecurityTokenRefSTRParser i
secretKey = dkt.deriveKey(WSSecurityUtil.getKeyLength(algorithm), secret);
principal = dkt.createPrincipal();
} else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
- AssertionWrapper assertion =
- (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- secretKey = getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo);
+ SamlAssertionWrapper samlAssertion =
+ (SamlAssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ secretKey = getSecretKeyFromAssertion(samlAssertion, secRef, data, wsDocInfo);
} else if (WSConstants.SCT == action || WSConstants.BST == action) {
secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
} else if (WSConstants.UT_NOPASSWORD == action || WSConstants.UT == action) {
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SignatureSTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SignatureSTRParser.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SignatureSTRParser.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/str/SignatureSTRParser.java Thu Dec 6 18:11:37 2012
@@ -19,6 +19,7 @@
package org.apache.ws.security.dom.str;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.CustomTokenPrincipal;
import org.apache.ws.security.dom.SAMLTokenPrincipal;
import org.apache.ws.security.dom.WSConstants;
@@ -29,7 +30,6 @@ import org.apache.ws.security.dom.WSSecu
import org.apache.ws.security.common.crypto.Crypto;
import org.apache.ws.security.common.ext.WSPasswordCallback;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
import org.apache.ws.security.common.saml.OpenSAMLUtil;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.common.saml.SAMLUtil;
@@ -163,30 +163,30 @@ public class SignatureSTRParser implemen
strElement.getOwnerDocument(), wsDocInfo,
data.getCallbackHandler(), uri, secRef.getReference().getValueType()
);
- AssertionWrapper assertion = null;
+ SamlAssertionWrapper samlAssertion = null;
if (processedToken == null) {
List<WSSecurityEngineResult> samlResult =
proc.handleToken(token, data, wsDocInfo);
- assertion =
- (AssertionWrapper)samlResult.get(0).get(
+ samlAssertion =
+ (SamlAssertionWrapper)samlResult.get(0).get(
WSSecurityEngineResult.TAG_SAML_ASSERTION
);
} else {
- assertion = new AssertionWrapper(processedToken);
- assertion.parseHOKSubject(
+ samlAssertion = new SamlAssertionWrapper(processedToken);
+ samlAssertion.parseHOKSubject(
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler()
);
}
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
- SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
+ SAMLKeyInfo keyInfo = samlAssertion.getSubjectKeyInfo();
X509Certificate[] foundCerts = keyInfo.getCerts();
if (foundCerts != null && foundCerts.length > 0) {
certs = new X509Certificate[]{foundCerts[0]};
}
secretKey = keyInfo.getSecret();
- principal = createPrincipalFromSAML(assertion);
+ principal = createPrincipalFromSAML(samlAssertion);
} else if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) {
STRParserUtil.checkEncryptedKeyBSPCompliance(secRef, data.getBSPEnforcer());
Processor proc = data.getWssConfig().getProcessor(WSSecurityEngine.ENCRYPTED_KEY);
@@ -283,19 +283,19 @@ public class SignatureSTRParser implemen
/**
* A method to create a Principal from a SAML Assertion
- * @param assertion An AssertionWrapper object
+ * @param samlAssertion An SamlAssertionWrapper object
* @return A principal
*/
private Principal createPrincipalFromSAML(
- AssertionWrapper assertion
+ SamlAssertionWrapper samlAssertion
) {
- SAMLTokenPrincipal samlPrincipal = new SAMLTokenPrincipal(assertion);
+ SAMLTokenPrincipal samlPrincipal = new SAMLTokenPrincipal(samlAssertion);
String confirmMethod = null;
- List<String> methods = assertion.getConfirmationMethods();
+ List<String> methods = samlAssertion.getConfirmationMethods();
if (methods != null && methods.size() > 0) {
confirmMethod = methods.get(0);
}
- if (OpenSAMLUtil.isMethodHolderOfKey(confirmMethod) && assertion.isSigned()) {
+ if (OpenSAMLUtil.isMethodHolderOfKey(confirmMethod) && samlAssertion.isSigned()) {
trustedCredential = true;
}
return samlPrincipal;
@@ -348,14 +348,14 @@ public class SignatureSTRParser implemen
String valueType = secRef.getKeyIdentifierValueType();
secretKey = getSecretKeyFromToken(secRef.getKeyIdentifierValue(), valueType, data);
if (secretKey == null) {
- AssertionWrapper assertion =
+ SamlAssertionWrapper samlAssertion =
STRParserUtil.getAssertionFromKeyIdentifier(
secRef, secRef.getElement(), data, wsDocInfo
);
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
SAMLKeyInfo samlKi =
- SAMLUtil.getCredentialFromSubject(assertion,
+ SAMLUtil.getCredentialFromSubject(samlAssertion,
new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
data.getSigVerCrypto(), data.getCallbackHandler());
X509Certificate[] foundCerts = samlKi.getCerts();
@@ -364,7 +364,7 @@ public class SignatureSTRParser implemen
}
secretKey = samlKi.getSecret();
publicKey = samlKi.getPublicKey();
- principal = createPrincipalFromSAML(assertion);
+ principal = createPrincipalFromSAML(samlAssertion);
}
}
@@ -520,11 +520,11 @@ public class SignatureSTRParser implemen
principal = dkt.createPrincipal();
((WSDerivedKeyTokenPrincipal)principal).setSecret(secret);
} else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
- AssertionWrapper assertion =
- (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- STRParserUtil.checkSamlTokenBSPCompliance(secRef, assertion, data.getBSPEnforcer());
+ SamlAssertionWrapper samlAssertion =
+ (SamlAssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
- SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
+ SAMLKeyInfo keyInfo = samlAssertion.getSubjectKeyInfo();
if (keyInfo == null) {
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"
@@ -536,7 +536,7 @@ public class SignatureSTRParser implemen
}
secretKey = keyInfo.getSecret();
publicKey = keyInfo.getPublicKey();
- principal = createPrincipalFromSAML(assertion);
+ principal = createPrincipalFromSAML(samlAssertion);
}
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/Credential.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/Credential.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/Credential.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/Credential.java Thu Dec 6 18:11:37 2012
@@ -25,7 +25,7 @@ import java.security.cert.X509Certificat
import javax.security.auth.Subject;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.message.token.BinarySecurity;
import org.apache.ws.security.dom.message.token.SecurityContextToken;
import org.apache.ws.security.dom.message.token.Timestamp;
@@ -43,8 +43,8 @@ public class Credential {
private Timestamp timestamp;
private UsernameToken usernametoken;
private BinarySecurity binarySecurityToken;
- private AssertionWrapper assertion;
- private AssertionWrapper transformedToken;
+ private SamlAssertionWrapper samlAssertion;
+ private SamlAssertionWrapper transformedToken;
private SecurityContextToken securityContextToken;
private Principal principal;
private byte[] secretKey;
@@ -164,34 +164,34 @@ public class Credential {
}
/**
- * Set an AssertionWrapper to be validated
- * @param assertion an AssertionWrapper to be validated
+ * Set an SamlAssertionWrapper to be validated
+ * @param samlAssertion an SamlAssertionWrapper to be validated
*/
- public void setAssertion(AssertionWrapper assertion) {
- this.assertion = assertion;
+ public void setSamlAssertion(SamlAssertionWrapper samlAssertion) {
+ this.samlAssertion = samlAssertion;
}
/**
- * Get an AssertionWrapper to be validated
- * @return an AssertionWrapper to be validated
+ * Get an SamlAssertionWrapper to be validated
+ * @return an SamlAssertionWrapper to be validated
*/
- public AssertionWrapper getAssertion() {
- return assertion;
+ public SamlAssertionWrapper getSamlAssertion() {
+ return samlAssertion;
}
/**
- * Set an AssertionWrapper instance which corresponds to a Transformed Token.
- * @param transformedToken a transformed AssertionWrapper instance
+ * Set an SamlAssertionWrapper instance which corresponds to a Transformed Token.
+ * @param transformedToken a transformed SamlAssertionWrapper instance
*/
- public void setTransformedToken(AssertionWrapper transformedToken) {
+ public void setTransformedToken(SamlAssertionWrapper transformedToken) {
this.transformedToken = transformedToken;
}
/**
- * Get an AssertionWrapper instance which corresponds to a Transformed Token.
- * @return a transformed AssertionWrapper instance
+ * Get an SamlAssertionWrapper instance which corresponds to a Transformed Token.
+ * @return a transformed SamlAssertionWrapper instance
*/
- public AssertionWrapper getTransformedToken() {
+ public SamlAssertionWrapper getTransformedToken() {
return transformedToken;
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/SamlAssertionValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/SamlAssertionValidator.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/SamlAssertionValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/validate/SamlAssertionValidator.java Thu Dec 6 18:11:37 2012
@@ -22,7 +22,7 @@ package org.apache.ws.security.dom.valid
import java.util.List;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.common.saml.OpenSAMLUtil;
import org.apache.ws.security.common.saml.SAMLKeyInfo;
import org.apache.ws.security.dom.handler.RequestData;
@@ -32,8 +32,8 @@ import org.opensaml.xml.validation.Valid
import org.opensaml.xml.validation.ValidatorSuite;
/**
- * This class validates a SAML Assertion, which is wrapped in an "AssertionWrapper" instance.
- * It assumes that the AssertionWrapper instance has already verified the signature on the
+ * This class validates a SAML Assertion, which is wrapped in an "SamlAssertionWrapper" instance.
+ * It assumes that the SamlAssertionWrapper instance has already verified the signature on the
* assertion (done by the SAMLTokenProcessor). It verifies trust in the signature, and also
* checks that the Subject contains a KeyInfo (and processes it) for the holder-of-key case,
* and verifies that the Assertion is signed as well for holder-of-key.
@@ -58,7 +58,7 @@ public class SamlAssertionValidator exte
}
/**
- * Validate the credential argument. It must contain a non-null AssertionWrapper.
+ * Validate the credential argument. It must contain a non-null SamlAssertionWrapper.
* A Crypto and a CallbackHandler implementation is also required to be set.
*
* @param credential the Credential to be validated
@@ -66,38 +66,38 @@ public class SamlAssertionValidator exte
* @throws WSSecurityException on a failed validation
*/
public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
- if (credential == null || credential.getAssertion() == null) {
+ if (credential == null || credential.getSamlAssertion() == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
}
- AssertionWrapper assertion = credential.getAssertion();
+ SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
// Check HOK requirements
String confirmMethod = null;
- List<String> methods = assertion.getConfirmationMethods();
+ List<String> methods = samlAssertion.getConfirmationMethods();
if (methods != null && methods.size() > 0) {
confirmMethod = methods.get(0);
}
if (OpenSAMLUtil.isMethodHolderOfKey(confirmMethod)) {
- if (assertion.getSubjectKeyInfo() == null) {
+ if (samlAssertion.getSubjectKeyInfo() == null) {
LOG.debug("There is no Subject KeyInfo to match the holder-of-key subject conf method");
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKeyInSAMLToken");
}
// The assertion must have been signed for HOK
- if (!assertion.isSigned()) {
+ if (!samlAssertion.isSigned()) {
LOG.debug("A holder-of-key assertion must be signed");
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
}
}
// Check conditions
- checkConditions(assertion);
+ checkConditions(samlAssertion);
// Validate the assertion against schemas/profiles
- validateAssertion(assertion);
+ validateAssertion(samlAssertion);
// Verify trust on the signature
- if (assertion.isSigned()) {
- verifySignedAssertion(assertion, data);
+ if (samlAssertion.isSigned()) {
+ verifySignedAssertion(samlAssertion, data);
}
return credential;
}
@@ -105,17 +105,17 @@ public class SamlAssertionValidator exte
/**
* Verify trust in the signature of a signed Assertion. This method is separate so that
* the user can override if if they want.
- * @param assertion The signed Assertion
+ * @param samlAssertion The signed Assertion
* @param data The RequestData context
* @return A Credential instance
* @throws WSSecurityException
*/
protected Credential verifySignedAssertion(
- AssertionWrapper assertion,
+ SamlAssertionWrapper samlAssertion,
RequestData data
) throws WSSecurityException {
Credential trustCredential = new Credential();
- SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
+ SAMLKeyInfo samlKeyInfo = samlAssertion.getSignatureKeyInfo();
trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
trustCredential.setCertificates(samlKeyInfo.getCerts());
return super.validate(trustCredential, data);
@@ -124,17 +124,17 @@ public class SamlAssertionValidator exte
/**
* Check the Conditions of the Assertion.
*/
- protected void checkConditions(AssertionWrapper assertion) throws WSSecurityException {
+ protected void checkConditions(SamlAssertionWrapper samlAssertion) throws WSSecurityException {
DateTime validFrom = null;
DateTime validTill = null;
- if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)
- && assertion.getSaml2().getConditions() != null) {
- validFrom = assertion.getSaml2().getConditions().getNotBefore();
- validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
- } else if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_11)
- && assertion.getSaml1().getConditions() != null) {
- validFrom = assertion.getSaml1().getConditions().getNotBefore();
- validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
+ if (samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)
+ && samlAssertion.getSaml2().getConditions() != null) {
+ validFrom = samlAssertion.getSaml2().getConditions().getNotBefore();
+ validTill = samlAssertion.getSaml2().getConditions().getNotOnOrAfter();
+ } else if (samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_11)
+ && samlAssertion.getSaml1().getConditions() != null) {
+ validFrom = samlAssertion.getSaml1().getConditions().getNotBefore();
+ validTill = samlAssertion.getSaml1().getConditions().getNotOnOrAfter();
}
if (validFrom != null) {
@@ -153,31 +153,31 @@ public class SamlAssertionValidator exte
}
/**
- * Validate the assertion against schemas/profiles
+ * Validate the samlAssertion against schemas/profiles
*/
- protected void validateAssertion(AssertionWrapper assertion) throws WSSecurityException {
- if (assertion.getSaml1() != null) {
+ protected void validateAssertion(SamlAssertionWrapper samlAssertion) throws WSSecurityException {
+ if (samlAssertion.getSaml1() != null) {
ValidatorSuite schemaValidators =
org.opensaml.Configuration.getValidatorSuite("saml1-schema-validator");
ValidatorSuite specValidators =
org.opensaml.Configuration.getValidatorSuite("saml1-spec-validator");
try {
- schemaValidators.validate(assertion.getSaml1());
- specValidators.validate(assertion.getSaml1());
+ schemaValidators.validate(samlAssertion.getSaml1());
+ specValidators.validate(samlAssertion.getSaml1());
} catch (ValidationException e) {
LOG.debug("Saml Validation error: " + e.getMessage(), e);
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity", e
);
}
- } else if (assertion.getSaml2() != null) {
+ } else if (samlAssertion.getSaml2() != null) {
ValidatorSuite schemaValidators =
org.opensaml.Configuration.getValidatorSuite("saml2-core-schema-validator");
ValidatorSuite specValidators =
org.opensaml.Configuration.getValidatorSuite("saml2-core-spec-validator");
try {
- schemaValidators.validate(assertion.getSaml2());
- specValidators.validate(assertion.getSaml2());
+ schemaValidators.validate(samlAssertion.getSaml2());
+ specValidators.validate(samlAssertion.getSaml2());
} catch (ValidationException e) {
LOG.debug("Saml Validation error: " + e.getMessage(), e);
throw new WSSecurityException(
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/CustomSamlAssertionValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/CustomSamlAssertionValidator.java?rev=1418021&r1=1418020&r2=1418021&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/CustomSamlAssertionValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/ws/security/dom/common/CustomSamlAssertionValidator.java Thu Dec 6 18:11:37 2012
@@ -20,7 +20,7 @@
package org.apache.ws.security.dom.common;
import org.apache.ws.security.common.ext.WSSecurityException;
-import org.apache.ws.security.common.saml.AssertionWrapper;
+import org.apache.ws.security.common.saml.SamlAssertionWrapper;
import org.apache.ws.security.dom.handler.RequestData;
import org.apache.ws.security.dom.validate.Credential;
import org.apache.ws.security.dom.validate.SamlAssertionValidator;
@@ -34,13 +34,13 @@ public class CustomSamlAssertionValidato
//
// Do some custom validation on the assertion
//
- AssertionWrapper assertion = credential.getAssertion();
- if (!"www.example.com".equals(assertion.getIssuerString())) {
+ SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
+ if (!"www.example.com".equals(samlAssertion.getIssuerString())) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
}
- if (assertion.getSaml1() != null) {
+ if (samlAssertion.getSaml1() != null) {
// Get the SAML subject and validate it
- org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
+ org.opensaml.saml1.core.Assertion saml1Assertion = samlAssertion.getSaml1();
org.opensaml.saml1.core.Subject samlSubject = null;
for (org.opensaml.saml1.core.Statement stmt : saml1Assertion.getStatements()) {
if (stmt instanceof org.opensaml.saml1.core.AttributeStatement) {
@@ -71,7 +71,7 @@ public class CustomSamlAssertionValidato
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
}
} else {
- org.opensaml.saml2.core.Assertion saml2Assertion = assertion.getSaml2();
+ org.opensaml.saml2.core.Assertion saml2Assertion = samlAssertion.getSaml2();
org.opensaml.saml2.core.Subject subject = saml2Assertion.getSubject();
String nameIdentifier = subject.getNameID().getValue();
if (nameIdentifier == null || !nameIdentifier.contains("uid=joe")) {