You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/01/05 14:39:11 UTC
svn commit: r1055456 [2/3] - in /webservices/wss4j/trunk: ./
src/main/java/org/apache/ws/security/
src/main/java/org/apache/ws/security/action/
src/main/java/org/apache/ws/security/handler/
src/main/java/org/apache/ws/security/message/ src/main/java/or...
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,225 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext;
+
+import javax.xml.namespace.QName;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.util.WSSecurityUtil;
+import org.joda.time.DateTime;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.xml.*;
+import org.opensaml.xml.io.*;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.Signer;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+/**
+ * Class OpenSAMLUtil provides static helper methods for the OpenSaml library
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class OpenSAMLUtil {
+ private static final Log log = LogFactory.getLog(OpenSAMLUtil.class);
+
+ private static XMLObjectBuilderFactory builderFactory;
+ private static MarshallerFactory marshallerFactory;
+ private static UnmarshallerFactory unmarshallerFactory;
+ private static boolean samlEngineInitialized = false;
+
+ /**
+ * Initialise the SAML library
+ */
+ public synchronized static void initSamlEngine() {
+ if (!samlEngineInitialized) {
+ log.debug("Initilizing the opensaml2 library...");
+ try {
+ DefaultBootstrap.bootstrap();
+ builderFactory = Configuration.getBuilderFactory();
+ marshallerFactory = Configuration.getMarshallerFactory();
+ unmarshallerFactory = Configuration.getUnmarshallerFactory();
+ samlEngineInitialized = true;
+ log.debug("opensaml2 library bootstrap complete");
+ } catch (ConfigurationException e) {
+ log.error(
+ "Unable to bootstrap the opensaml2 library - all SAML operations will fail",
+ e
+ );
+ }
+ }
+ }
+
+ /**
+ * Convert a SAML Assertion from a DOM Element to an XMLObject
+ *
+ * @param root of type Element
+ * @return XMLObject
+ * @throws UnmarshallingException
+ */
+ public static XMLObject fromDom(Element root) throws UnmarshallingException {
+ Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(root);
+ XMLObject xmlObject = unmarshaller.unmarshall(root);
+
+ if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
+ log.debug("OpenSAMLUtil: found SAML 1 Assertion");
+ } else if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
+ log.debug("OpenSAMLUtil: found SAML 2 Assertion");
+ } else {
+ log.debug("OpenSAMLUtil: found unexpected type " + xmlObject.getClass().getName());
+ }
+
+ return xmlObject;
+ }
+
+ /**
+ * Convert a SAML Assertion from a XMLObject to a DOM Element
+ *
+ * @param xmlObject of type XMLObject
+ * @param doc of type Document
+ * @return Element
+ * @throws MarshallingException
+ * @throws SignatureException
+ */
+ public static Element toDom(
+ XMLObject xmlObject,
+ Document doc
+ ) throws MarshallingException, SignatureException {
+ Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
+ Element element = marshaller.marshall(xmlObject);
+
+ // Sign the assertion if the signature element is present.
+ if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
+ org.opensaml.saml2.core.Assertion saml2 = (org.opensaml.saml2.core.Assertion) xmlObject;
+ // if there is a signature, but it hasn't already been signed
+ if (saml2.getSignature() != null) {
+ log.debug("Signing SAML v2.0 assertion...");
+ Signer.signObject(saml2.getSignature());
+ }
+ } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
+ org.opensaml.saml1.core.Assertion saml1 = (org.opensaml.saml1.core.Assertion) xmlObject;
+ // if there is a signature, but it hasn't already been signed
+ if (saml1.getSignature() != null) {
+ log.debug("Signing SAML v1.1 assertion...");
+ Signer.signObject(saml1.getSignature());
+ }
+ }
+
+ // Reparent the document. This makes sure that the resulting element will be compatible
+ // with the user-supplied document in the future (for example, when we want to add this
+ // element that dom).
+ if (doc != null) {
+ log.debug("Reparenting the SAML token dom to type: " + doc.getClass().getName());
+ Node importedNode = doc.importNode(element, true);
+ element = (Element) importedNode;
+ }
+
+ return element;
+ }
+
+ /**
+ * Method buildSignature ...
+ *
+ * @return Signature
+ */
+ public static Signature buildSignature() {
+ return (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
+ }
+
+ /**
+ * Method buildXMLObject ...
+ *
+ * @param objectQName of type QName
+ * @return XMLObject
+ */
+ public static XMLObject buildXMLObject(QName objectQName) {
+ XMLObjectBuilder builder = builderFactory.getBuilder(objectQName);
+ if (builder == null) {
+ log.fatal("Unable to retrieve builder for object QName " + objectQName);
+ return null;
+ }
+ return
+ builder.buildObject(
+ objectQName.getNamespaceURI(),
+ objectQName.getLocalPart(),
+ objectQName.getPrefix()
+ );
+ }
+
+ /**
+ * Method isMethodSenderVouches ...
+ *
+ * @param confirmMethod of type String
+ * @return boolean
+ */
+ public static boolean isMethodSenderVouches(String confirmMethod) {
+ return
+ confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:")
+ && confirmMethod.endsWith(":cm:sender-vouches");
+ }
+
+ /**
+ * Validate the conditions
+ *
+ * @param notBefore of type DateTime
+ * @param notAfter of type DateTime
+ */
+ public static void validateConditions(DateTime notBefore, DateTime notAfter) {
+ // Make sure that notBefore is before notAfter
+ log.debug("Validating notBefore and notAfter");
+ if (notBefore.isAfter(notAfter)) {
+ throw new IllegalStateException(
+ "The value of notBefore may not be after the value of notAfter"
+ );
+ }
+ }
+
+ /**
+ * Get the Assertion ID
+ *
+ * @param envelope of type Element
+ * @param elemName of type String
+ * @param nmSpace of type String
+ * @return the Assertion ID
+ * @throws WSSecurityException
+ */
+ public static String getAssertionId(
+ Element envelope,
+ String elemName,
+ String nmSpace
+ ) throws WSSecurityException {
+ Element assertionElement =
+ (Element) WSSecurityUtil.findElement(envelope, elemName, nmSpace);
+
+ try {
+ AssertionWrapper assertion = new AssertionWrapper(assertionElement);
+ return assertion.getId();
+ } catch (Exception e1) {
+ log.error(e1);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE,
+ "noXMLSig", null, e1);
+ }
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,178 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext;
+
+import org.apache.ws.security.saml.ext.bean.AttributeStatementBean;
+import org.apache.ws.security.saml.ext.bean.AuthDecisionStatementBean;
+import org.apache.ws.security.saml.ext.bean.AuthenticationStatementBean;
+import org.apache.ws.security.saml.ext.bean.ConditionsBean;
+import org.apache.ws.security.saml.ext.bean.SubjectBean;
+
+import javax.security.auth.callback.Callback;
+import java.util.ArrayList;
+import java.util.List;
+
+
+/**
+ * Class SAMLCallback will be called by the <code>AssertionWrapper</code> during the creation
+ * of SAML statements (authentication, attribute, and auth decision).
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAMLCallback implements Callback {
+
+ /**
+ * SAML subject representation
+ */
+ private SubjectBean subject;
+
+ /**
+ * SAML Conditions representation
+ */
+ private ConditionsBean conditions;
+
+ /**
+ * A list of <code>AuthenticationStatementBean</code> values
+ */
+ private List<AuthenticationStatementBean> authenticationStatementData;
+
+ /**
+ * A list of <code>AttributeStatementBean</code> values
+ */
+ private List<AttributeStatementBean> attributeStatementData;
+
+ /**
+ * A list of <code>AuthDecisionStatementBean</code> values
+ */
+ private List<AuthDecisionStatementBean> authDecisionStatementData;
+
+ /**
+ * Constructor SAMLCallback creates a new SAMLCallback instance.
+ */
+ public SAMLCallback() {
+ authenticationStatementData = new ArrayList<AuthenticationStatementBean>();
+ attributeStatementData = new ArrayList<AttributeStatementBean>();
+ authDecisionStatementData = new ArrayList<AuthDecisionStatementBean>();
+ }
+
+ /**
+ * Method getAuthenticationStatementData returns the authenticationStatementData of this
+ * SAMLCallback object.
+ *
+ * @return the authenticationStatementData (type List<AuthenticationStatementBean>) of
+ * this SAMLCallback object.
+ */
+ public List<AuthenticationStatementBean> getAuthenticationStatementData() {
+ return authenticationStatementData;
+ }
+
+ /**
+ * Method setAuthenticationStatementData sets the authenticationStatementData of this
+ * SAMLCallback object.
+ *
+ * @param authenticationStatementData the authenticationStatementData of this
+ * SAMLCallback object.
+ */
+ public void setAuthenticationStatementData(
+ List<AuthenticationStatementBean> authenticationStatementData
+ ) {
+ this.authenticationStatementData = authenticationStatementData;
+ }
+
+ /**
+ * Method getAttributeStatementData returns the attributeStatementData of this
+ * SAMLCallback object.
+ *
+ * @return the attributeStatementData (type List<AttributeStatementBean>) of this
+ * SAMLCallback object.
+ */
+ public List<AttributeStatementBean> getAttributeStatementData() {
+ return attributeStatementData;
+ }
+
+ /**
+ * Method setAttributeStatementData sets the attributeStatementData of this SAMLCallback object.
+ *
+ * @param attributeStatementData the attributeStatementData of this SAMLCallback object.
+ */
+ public void setAttributeStatementData(List<AttributeStatementBean> attributeStatementData) {
+ this.attributeStatementData = attributeStatementData;
+ }
+
+ /**
+ * Method getAuthDecisionStatementData returns the authDecisionStatementData of this
+ * SAMLCallback object.
+ *
+ * @return the authDecisionStatementData (type List<AuthDecisionStatementBean>) of this
+ * SAMLCallback object.
+ */
+ public List<AuthDecisionStatementBean> getAuthDecisionStatementData() {
+ return authDecisionStatementData;
+ }
+
+ /**
+ * Method setAuthDecisionStatementData sets the authDecisionStatementData of this
+ * SAMLCallback object.
+ *
+ * @param authDecisionStatementData the authDecisionStatementData of this
+ * SAMLCallback object.
+ */
+ public void setAuthDecisionStatementData(
+ List<AuthDecisionStatementBean> authDecisionStatementData
+ ) {
+ this.authDecisionStatementData = authDecisionStatementData;
+ }
+
+ /**
+ * Method getSubject returns the subject of this SAMLCallback object.
+ *
+ * @return the subject (type SubjectBean) of this SAMLCallback object.
+ */
+ public SubjectBean getSubject() {
+ return subject;
+ }
+
+ /**
+ * Method setSubject sets the subject of this SAMLCallback object.
+ *
+ * @param subject the subject of this SAMLCallback object.
+ */
+ public void setSubject(SubjectBean subject) {
+ this.subject = subject;
+ }
+
+ /**
+ * Method getConditions returns the conditions of this SAMLCallback object.
+ *
+ * @return the conditions (type ConditionsBean) of this SAMLCallback object.
+ */
+ public ConditionsBean getConditions() {
+ return conditions;
+ }
+
+ /**
+ * Method setConditions sets the conditions of this SAMLCallback object.
+ *
+ * @param conditions the conditions of this SAMLCallback object.
+ */
+ public void setConditions(ConditionsBean conditions) {
+ this.conditions = conditions;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLParms.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLParms.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLParms.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLParms.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext;
+
+import javax.security.auth.callback.CallbackHandler;
+
+/**
+ * Class SAMLParms is a parameter bean that is used to pass raw material from
+ * the <code>AssertionWrapper</code> to the SAML builders during statement
+ * creation.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAMLParms {
+ private String issuer;
+ private CallbackHandler samlCallbackHandler;
+ private String samlVersion;
+
+ /**
+ * Method getIssuer returns the issuer of this SAMLParms object.
+ *
+ * @return the issuer (type String) of this SAMLParms object.
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Method setIssuer sets the issuer of this SAMLParms object.
+ *
+ * @param issuer the issuer of this SAMLParms object.
+ */
+ public void setIssuer(String issuer) {
+ this.issuer = issuer;
+ }
+
+ /**
+ * Get the CallbackHandler instance used to populate the SAML Assertion content
+ * @return the CallbackHandler instance used to populate the SAML Assertion content
+ */
+ public CallbackHandler getCallbackHandler() {
+ return samlCallbackHandler;
+ }
+
+ /**
+ * Set the CallbackHandler instance used to populate the SAML Assertion content
+ * @param samlCallbackHandler the CallbackHandler instance used to populate the
+ * SAML Assertion content
+ */
+ public void setCallbackHandler(CallbackHandler samlCallbackHandler) {
+ this.samlCallbackHandler = samlCallbackHandler;
+ }
+
+ /**
+ * Method getSamlVersion returns the samlVersion of this SAMLParms object.
+ *
+ * @return the samlVersion (type String) of this SAMLParms object.
+ */
+ public String getSamlVersion() {
+ return samlVersion;
+ }
+
+ /**
+ * Method setSamlVersion sets the samlVersion of this SAMLParms object.
+ *
+ * @param samlVersion the samlVersion of this SAMLParms object.
+ */
+ public void setSamlVersion(String samlVersion) {
+ this.samlVersion = samlVersion;
+ }
+
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+
+/**
+ * Class SamlAction represents the raw data required by the <code>AssertionWrapper</code> when
+ * creating the <code>Action</code> element of the SAML Authorization Decision Statement.
+ *
+ * Created on May 19, 2009
+ */
+public class ActionBean {
+
+ /**
+ * A URI reference representing the namespace in which the name of the specified action is to be
+ * interpreted. If this element is absent, the namespace
+ * urn:oasis:names:tc:SAML:1.0:action:rwedcnegation specified in Section 7.2.2 is in effect.
+ */
+ private String actionNamespace;
+
+ /**
+ * An action sought to be performed on the specified resource (i.e. Read, Write, Update, Delete)
+ */
+ private String contents;
+
+ /**
+ * Constructor SamlAction creates a new SamlAction instance.
+ */
+ public ActionBean() {
+ }
+
+ /**
+ * Constructor SamlAction creates a new SamlAction instance.
+ *
+ * @param actionNamespace of type String
+ * @param contents of type String
+ */
+ public ActionBean(String actionNamespace, String contents) {
+ this.actionNamespace = actionNamespace;
+ this.contents = contents;
+ }
+
+ /**
+ * Method getActionNamespace returns the actionNamespace of this SamlAction object.
+ *
+ * @return the actionNamespace (type String) of this SamlAction object.
+ */
+ public String getActionNamespace() {
+ return actionNamespace;
+ }
+
+ /**
+ * Method setActionNamespace sets the actionNamespace of this SamlAction object.
+ *
+ * @param actionNamespace the actionNamespace of this SamlAction object.
+ */
+ public void setActionNamespace(String actionNamespace) {
+ this.actionNamespace = actionNamespace;
+ }
+
+ /**
+ * Method getContents returns the contents of this SamlAction object.
+ *
+ * @return the contents (type String) of this SamlAction object.
+ */
+ public String getContents() {
+ return contents;
+ }
+
+ /**
+ * Method setContents sets the contents of this SamlAction object.
+ *
+ * @param contents the contents of this SamlAction object.
+ */
+ public void setContents(String contents) {
+ this.contents = contents;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+import java.util.List;
+import java.util.ArrayList;
+
+
+/**
+ * Class SamlAttribute represents an instance of a SAML attribute.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class AttributeBean {
+ private String simpleName;
+ private String qualifiedName;
+ private List<String> attributeValues;
+
+ /**
+ * Constructor SamlAttribute creates a new SamlAttribute instance.
+ */
+ public AttributeBean() {
+ attributeValues = new ArrayList<String>();
+ }
+
+ /**
+ * Constructor SamlAttribute creates a new SamlAttribute instance.
+ *
+ * @param simpleName of type String
+ * @param qualifiedName of type String
+ * @param attributeValues of type List<String>
+ */
+ public AttributeBean(String simpleName, String qualifiedName, List<String> attributeValues) {
+ this();
+ this.simpleName = simpleName;
+ this.qualifiedName = qualifiedName;
+ this.attributeValues = attributeValues;
+ }
+
+ /**
+ * Method getSimpleName returns the simpleName of this SamlAttribute object.
+ *
+ * @return the simpleName (type String) of this SamlAttribute object.
+ */
+ public String getSimpleName() {
+ return simpleName;
+ }
+
+ /**
+ * Method setSimpleName sets the simpleName of this SamlAttribute object.
+ *
+ * @param simpleName the simpleName of this SamlAttribute object.
+ */
+ public void setSimpleName(String simpleName) {
+ this.simpleName = simpleName;
+ }
+
+ /**
+ * Method getQualifiedName returns the qualifiedName of this SamlAttribute object.
+ *
+ * @return the qualifiedName (type String) of this SamlAttribute object.
+ */
+ public String getQualifiedName() {
+ return qualifiedName;
+ }
+
+ /**
+ * Method setQualifiedName sets the qualifiedName of this SamlAttribute object.
+ *
+ * @param qualifiedName the qualifiedName of this SamlAttribute object.
+ */
+ public void setQualifiedName(String qualifiedName) {
+ this.qualifiedName = qualifiedName;
+ }
+
+ /**
+ * Method getAttributeValues returns the attributeValues of this SamlAttribute object.
+ *
+ * @return the attributeValues (type Map) of this SamlAttribute object.
+ */
+ public List<String> getAttributeValues() {
+ return attributeValues;
+ }
+
+ /**
+ * Method setAttributeValues sets the attributeValues of this SamlAttribute object.
+ *
+ * @param attributeValues the attributeValues of this SamlAttribute object.
+ */
+ public void setAttributeValues(List<String> attributeValues) {
+ this.attributeValues = attributeValues;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof AttributeBean)) return false;
+
+ AttributeBean that = (AttributeBean) o;
+
+ if (!attributeValues.equals(that.attributeValues)) return false;
+ if (!qualifiedName.equals(that.qualifiedName)) return false;
+ if (!simpleName.equals(that.simpleName)) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = simpleName.hashCode();
+ result = 31 * result + qualifiedName.hashCode();
+ result = 31 * result + attributeValues.hashCode();
+ return result;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,96 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+import java.util.List;
+import java.util.ArrayList;
+
+
+/**
+ * Class SamlAttributeStatement represents a SAML attribute statement
+ *
+ * Created on May 20, 2009
+ */
+public class AttributeStatementBean {
+ private SubjectBean subject;
+ private List<AttributeBean> attributeBeans;
+
+ /**
+ * Constructor SamlAttributeStatement creates a new SamlAttributeStatement instance.
+ */
+ public AttributeStatementBean() {
+ attributeBeans = new ArrayList<AttributeBean>();
+ }
+
+ /**
+ * Method getSamlAttributes returns the samlAttributes of this SamlAttributeStatement object.
+ *
+ * @return the samlAttributes (type List<SamlAttribute>) of this SamlAttributeStatement object.
+ */
+ public List<AttributeBean> getSamlAttributes() {
+ return attributeBeans;
+ }
+
+ /**
+ * Method setSamlAttributes sets the samlAttributes of this SamlAttributeStatement object.
+ *
+ * @param attributeBeans the samlAttributes of this SamlAttributeStatement object.
+ *
+ */
+ public void setSamlAttributes(List<AttributeBean> attributeBeans) {
+ this.attributeBeans = attributeBeans;
+ }
+
+ /**
+ * Get the Subject
+ * @return the Subject
+ */
+ public SubjectBean getSubject() {
+ return subject;
+ }
+
+ /**
+ * Set the Subject
+ * @param subject the SubjectBean instance to set
+ */
+ public void setSubject(SubjectBean subject) {
+ this.subject = subject;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof AttributeStatementBean)) return false;
+
+ AttributeStatementBean that = (AttributeStatementBean) o;
+
+ if (!attributeBeans.equals(that.attributeBeans)) return false;
+ if (!subject.equals(that.subject)) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = subject.hashCode();
+ result = 31 * result + attributeBeans.hashCode();
+ return result;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,175 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+import java.util.List;
+import java.util.ArrayList;
+
+
+/**
+ * Class SamlDecision represents the raw data to be used by the <code>AssertionWrapper</code> when
+ * creating SAML Authorization Decision Statements.
+ *
+ * Created on May 19, 2009
+ */
+public class AuthDecisionStatementBean {
+
+ /**
+ * The SAML subject
+ */
+ private SubjectBean subject;
+
+ /**
+ * enum representing the possible decision types as specified in the SAML spec
+ */
+ public enum Decision {PERMIT, INDETERMINATE, DENY}
+
+ /**
+ * The decision rendered by the SAML authority with respect to the specified resource
+ */
+ private Decision decision;
+
+ /**
+ * A URI reference identifying the resource to which access authorization is sought
+ */
+ private String resource;
+
+ /**
+ * The set of actions authorized to be performed on the specified resource (one or more)
+ */
+ private List<ActionBean> actionBeans;
+
+ /**
+ * A set of assertions that the SAML authority relied on in making the decision (optional)
+ */
+ private Object evidence;
+
+ /**
+ * Constructor SamlDecision creates a new SamlDecision instance.
+ */
+ public AuthDecisionStatementBean() {
+ actionBeans = new ArrayList<ActionBean>();
+ }
+
+ /**
+ * Constructor SamlDecision creates a new SamlDecision instance.
+ *
+ * @param decision of type Decision
+ * @param resource of type String
+ * @param actionBeans of type List<SamlAction>
+ */
+ public AuthDecisionStatementBean(
+ Decision decision,
+ String resource,
+ List<ActionBean> actionBeans
+ ) {
+ this.decision = decision;
+ this.resource = resource;
+ this.actionBeans = actionBeans;
+ }
+
+ /**
+ * Method getResource returns the resource of this SamlDecision object.
+ *
+ * @return the resource (type String) of this SamlDecision object.
+ */
+ public String getResource() {
+ return resource;
+ }
+
+ /**
+ * Method setResource sets the resource of this SamlDecision object.
+ *
+ * @param resource the resource of this SamlDecision object.
+ */
+ public void setResource(String resource) {
+ this.resource = resource;
+ }
+
+ /**
+ * Method getActions returns the actions of this SamlDecision object.
+ *
+ * @return the actions (type List<SamlAction>) of this SamlDecision object.
+ */
+ public List<ActionBean> getActions() {
+ return actionBeans;
+ }
+
+ /**
+ * Method setActions sets the actions of this SamlDecision object.
+ *
+ * @param actionBeans the actions of this SamlDecision object.
+ */
+ public void setActions(List<ActionBean> actionBeans) {
+ this.actionBeans = actionBeans;
+ }
+
+ /**
+ * Method getDecision returns the decision of this SamlDecision object.
+ *
+ * @return the decision (type Decision) of this SamlDecision object.
+ */
+ public Decision getDecision() {
+ return decision;
+ }
+
+ /**
+ * Method setDecision sets the decision of this SamlDecision object.
+ *
+ * @param decision the decision of this SamlDecision object.
+ */
+ public void setDecision(Decision decision) {
+ this.decision = decision;
+ }
+
+ /**
+ * Method getEvidence returns the evidence of this SamlDecision object.
+ *
+ * @return the evidence (type Object) of this SamlDecision object.
+ */
+ public Object getEvidence() {
+ return evidence;
+ }
+
+ /**
+ * Method setEvidence sets the evidence of this SamlDecision object.
+ *
+ * @param evidence the evidence of this SamlDecision object.
+ */
+ public void setEvidence(Object evidence) {
+ this.evidence = evidence;
+ }
+
+ /**
+ * Get the Subject
+ * @return the Subject
+ */
+ public SubjectBean getSubject() {
+ return subject;
+ }
+
+ /**
+ * Set the Subject
+ * @param subject the SubjectBean instance to set
+ */
+ public void setSubject(SubjectBean subject) {
+ this.subject = subject;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,130 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+import org.joda.time.DateTime;
+
+
+/**
+ * Class AuthenticationStatementBean represents the raw data required to create
+ * a SAML v1.1 or v2.0 authentication statement.
+ *
+ * Created on May 20, 2009
+ */
+public class AuthenticationStatementBean {
+ private SubjectBean subject;
+ DateTime authenticationInstant;
+ private String authenticationMethod;
+
+ /**
+ * Default constructor
+ */
+ public AuthenticationStatementBean() {
+ }
+
+ /**
+ * Construct a new AuthenticationStatementBean
+ *
+ * @param subject the Subject to set
+ * @param authenticationMethod the Authentication Method to set
+ * @param authenticationInstant the Authentication Instant to set
+ */
+ public AuthenticationStatementBean(
+ SubjectBean subject,
+ String authenticationMethod,
+ DateTime authenticationInstant
+ ) {
+ this.subject = subject;
+ this.authenticationMethod = authenticationMethod;
+ this.authenticationInstant = authenticationInstant;
+ }
+
+ /**
+ * Get the Subject
+ * @return the subject
+ */
+ public SubjectBean getSubject() {
+ return subject;
+ }
+
+ /**
+ * Set the subject
+ * @param subject the SubjectBean instance to set
+ */
+ public void setSubject(SubjectBean subject) {
+ this.subject = subject;
+ }
+
+ /**
+ * Get the authentication method
+ * @return the authentication method
+ */
+ public String getAuthenticationMethod() {
+ return authenticationMethod;
+ }
+
+ /**
+ * Set the authentication method
+ * @param authenticationMethod the authentication method
+ */
+ public void setAuthenticationMethod(String authenticationMethod) {
+ this.authenticationMethod = authenticationMethod;
+ }
+
+ /**
+ * Get the authentication instant
+ * @return the authentication instant
+ */
+ public DateTime getAuthenticationInstant() {
+ return authenticationInstant;
+ }
+
+ /**
+ * Set the authentication instant
+ * @param authenticationInstant the authentication instant
+ */
+ public void setAuthenticationInstant(DateTime authenticationInstant) {
+ this.authenticationInstant = authenticationInstant;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof AuthenticationStatementBean)) return false;
+
+ AuthenticationStatementBean that = (AuthenticationStatementBean) o;
+
+ if (authenticationInstant != null ? !authenticationInstant.equals(that.authenticationInstant) : that.authenticationInstant != null)
+ return false;
+ if (authenticationMethod != null ? !authenticationMethod.equals(that.authenticationMethod) : that.authenticationMethod != null)
+ return false;
+ if (subject != null ? !subject.equals(that.subject) : that.subject != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = subject != null ? subject.hashCode() : 0;
+ result = 31 * result + (authenticationInstant != null ? authenticationInstant.hashCode() : 0);
+ result = 31 * result + (authenticationMethod != null ? authenticationMethod.hashCode() : 0);
+ return result;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,152 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+import org.joda.time.DateTime;
+
+
+/**
+ * Class ConditionsBean represents a SAML Conditions object (can be used to create
+ * both SAML v1.1 and v2.0 statements)
+ *
+ * Created on May 20, 2009
+ */
+public class ConditionsBean {
+ private DateTime notBefore;
+ private DateTime notAfter;
+ private int tokenPeriodMinutes;
+
+ /**
+ * Constructor ConditionsBean creates a new ConditionsBean instance.
+ */
+ public ConditionsBean() {
+ }
+
+ /**
+ * Constructor ConditionsBean creates a new ConditionsBean instance.
+ *
+ * @param notBefore The notBefore instance
+ * @param notAfter The notAfter instance
+ */
+ public ConditionsBean(
+ DateTime notBefore,
+ DateTime notAfter
+ ) {
+ this.notBefore = notBefore;
+ this.notAfter = notAfter;
+ }
+
+ /**
+ * Constructor ConditionsBean creates a new ConditionsBean instance.
+ *
+ * @param tokenPeriodMinutes how long the token is valid for in minutes
+ */
+ public ConditionsBean(
+ int tokenPeriodMinutes
+ ) {
+ this.tokenPeriodMinutes = tokenPeriodMinutes;
+ }
+
+ /**
+ * Get the notBefore instance
+ *
+ * @return the notBefore instance
+ */
+ public DateTime getNotBefore() {
+ return notBefore;
+ }
+
+ /**
+ * Set the notBefore instance
+ *
+ * @param notBefore the notBefore instance to set
+ */
+ public void setNotBefore(DateTime notBefore) {
+ this.notBefore = notBefore;
+ }
+
+ /**
+ * Get the notAfter instance
+ *
+ * @return the notAfter instance
+ */
+ public DateTime getNotAfter() {
+ return notAfter;
+ }
+
+ /**
+ * Set the notAfter instance
+ *
+ * @param notAfter the notAfter instance to set
+ */
+ public void setNotAfter(DateTime notAfter) {
+ this.notAfter = notAfter;
+ }
+
+ /**
+ * Get the tokenPeriodMinutes of this object.
+ *
+ * @return the tokenPeriodMinutes (type int)
+ */
+ public int getTokenPeriodMinutes() {
+ return tokenPeriodMinutes;
+ }
+
+ /**
+ * Set the tokenPeriodMinutes.
+ *
+ * @param tokenPeriodMinutes the tokenPeriodMinutes to set
+ */
+ public void setTokenPeriodMinutes(int tokenPeriodMinutes) {
+ this.tokenPeriodMinutes = tokenPeriodMinutes;
+ }
+
+ /**
+ * Method equals ...
+ *
+ * @param o of type Object
+ * @return boolean
+ */
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof ConditionsBean)) return false;
+
+ ConditionsBean that = (ConditionsBean) o;
+
+ if (tokenPeriodMinutes != that.tokenPeriodMinutes) return false;
+ if (!notBefore.equals(that.notBefore)) return false;
+ if (!notAfter.equals(that.notAfter)) return false;
+
+ return true;
+ }
+
+ /**
+ * Method hashCode ...
+ * @return int
+ */
+ @Override
+ public int hashCode() {
+ int result = tokenPeriodMinutes;
+ result = 31 * result + notBefore.hashCode();
+ result = 31 * result + notAfter.hashCode();
+ return result;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,145 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.bean;
+
+
+/**
+ * Class SubjectBean represents a SAML subject (can be used to create
+ * both SAML v1.1 and v2.0 statements)
+ *
+ * Created on May 20, 2009
+ */
+public class SubjectBean {
+ private String subjectName;
+ private String subjectNameQualifier;
+ private String subjectConfirmationMethod;
+
+ /**
+ * Constructor SubjectBean creates a new SubjectBean instance.
+ */
+ public SubjectBean() {
+ }
+
+ /**
+ * Constructor SubjectBean creates a new SubjectBean instance.
+ *
+ * @param subjectName of type String
+ * @param subjectNameQualifier of type String
+ * @param subjectConfirmationMethod of type String
+ */
+ public SubjectBean(
+ String subjectName,
+ String subjectNameQualifier,
+ String subjectConfirmationMethod
+ ) {
+ this.subjectName = subjectName;
+ this.subjectNameQualifier = subjectNameQualifier;
+ this.subjectConfirmationMethod = subjectConfirmationMethod;
+ }
+
+ /**
+ * Method getSubjectName returns the subjectName of this SubjectBean object.
+ *
+ * @return the subjectName (type String) of this SubjectBean object.
+ */
+ public String getSubjectName() {
+ return subjectName;
+ }
+
+ /**
+ * Method setSubjectName sets the subjectName of this SubjectBean object.
+ *
+ * @param subjectName the subjectName of this SubjectBean object.
+ */
+ public void setSubjectName(String subjectName) {
+ this.subjectName = subjectName;
+ }
+
+ /**
+ * Method getSubjectNameQualifier returns the subjectNameQualifier of this SubjectBean object.
+ *
+ * @return the subjectNameQualifier (type String) of this SubjectBean object.
+ */
+ public String getSubjectNameQualifier() {
+ return subjectNameQualifier;
+ }
+
+ /**
+ * Method setSubjectNameQualifier sets the subjectNameQualifier of this SubjectBean object.
+ *
+ * @param subjectNameQualifier the subjectNameQualifier of this SubjectBean object.
+ */
+ public void setSubjectNameQualifier(String subjectNameQualifier) {
+ this.subjectNameQualifier = subjectNameQualifier;
+ }
+
+ /**
+ * Method getSubjectConfirmationMethod returns the subjectConfirmationMethod of
+ * this SubjectBean object.
+ *
+ * @return the subjectConfirmationMethod (type String) of this SubjectBean object.
+ */
+ public String getSubjectConfirmationMethod() {
+ return subjectConfirmationMethod;
+ }
+
+ /**
+ * Method setSubjectConfirmationMethod sets the subjectConfirmationMethod of
+ * this SubjectBean object.
+ *
+ * @param subjectConfirmationMethod the subjectConfirmationMethod of this
+ * SubjectBean object.
+ */
+ public void setSubjectConfirmationMethod(String subjectConfirmationMethod) {
+ this.subjectConfirmationMethod = subjectConfirmationMethod;
+ }
+
+ /**
+ * Method equals ...
+ *
+ * @param o of type Object
+ * @return boolean
+ */
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof SubjectBean)) return false;
+
+ SubjectBean that = (SubjectBean) o;
+
+ if (!subjectName.equals(that.subjectName)) return false;
+ if (!subjectNameQualifier.equals(that.subjectNameQualifier)) return false;
+ if (!subjectConfirmationMethod.equals(that.subjectConfirmationMethod)) return false;
+
+ return true;
+ }
+
+ /**
+ * Method hashCode ...
+ * @return int
+ */
+ @Override
+ public int hashCode() {
+ int result = subjectName.hashCode();
+ result = 31 * result + subjectNameQualifier.hashCode();
+ result = 31 * result + subjectConfirmationMethod.hashCode();
+ return result;
+ }
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,428 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.builder;
+
+import org.apache.ws.security.saml.ext.OpenSAMLUtil;
+import org.apache.ws.security.saml.ext.bean.ActionBean;
+import org.apache.ws.security.saml.ext.bean.AttributeBean;
+import org.apache.ws.security.saml.ext.bean.AttributeStatementBean;
+import org.apache.ws.security.saml.ext.bean.AuthDecisionStatementBean;
+import org.apache.ws.security.saml.ext.bean.AuthenticationStatementBean;
+import org.apache.ws.security.saml.ext.bean.ConditionsBean;
+import org.apache.ws.security.saml.ext.bean.SubjectBean;
+import org.apache.ws.security.util.UUIDGenerator;
+
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObjectBuilder;
+import org.opensaml.common.SAMLVersion;
+
+import org.opensaml.saml1.core.Action;
+import org.opensaml.saml1.core.Assertion;
+import org.opensaml.saml1.core.Attribute;
+import org.opensaml.saml1.core.AttributeStatement;
+import org.opensaml.saml1.core.AttributeValue;
+import org.opensaml.saml1.core.AuthenticationStatement;
+import org.opensaml.saml1.core.AuthorizationDecisionStatement;
+import org.opensaml.saml1.core.Conditions;
+import org.opensaml.saml1.core.ConfirmationMethod;
+import org.opensaml.saml1.core.DecisionTypeEnumeration;
+import org.opensaml.saml1.core.NameIdentifier;
+import org.opensaml.saml1.core.Subject;
+import org.opensaml.saml1.core.SubjectConfirmation;
+
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+
+import java.util.ArrayList;
+import java.util.List;
+
+
+/**
+ * Class SAML1ComponentBuilder provides builder methods that can be used
+ * to construct SAML v1.1 statements using the OpenSaml library.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML1ComponentBuilder {
+
+ private static SAMLObjectBuilder<Assertion> assertionV1Builder;
+
+ private static SAMLObjectBuilder<Conditions> conditionsV1Builder;
+
+ private static SAMLObjectBuilder<AuthenticationStatement> authenticationStatementV1Builder;
+
+ private static SAMLObjectBuilder<Subject> subjectV1Builder;
+
+ private static SAMLObjectBuilder<NameIdentifier> nameIdentifierV1Builder;
+
+ private static SAMLObjectBuilder<SubjectConfirmation>
+ subjectConfirmationV1Builder;
+
+ private static SAMLObjectBuilder<ConfirmationMethod> confirmationMethodV1Builder;
+
+ private static SAMLObjectBuilder<AttributeStatement>
+ attributeStatementV1Builder;
+
+ private static SAMLObjectBuilder<Attribute> attributeV1Builder;
+
+ private static XSStringBuilder stringBuilder;
+
+ private static SAMLObjectBuilder<AuthorizationDecisionStatement>
+ authorizationDecisionStatementV1Builder;
+
+ private static SAMLObjectBuilder<Action> actionElementV1Builder;
+
+ private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+
+ /**
+ * Create a new SAML 1.1 assertion
+ *
+ * @param issuer of type String
+ * @return A SAML 1.1 assertion
+ */
+ public static Assertion createSamlv1Assertion(String issuer) {
+ if (assertionV1Builder == null) {
+ assertionV1Builder = (SAMLObjectBuilder<Assertion>)
+ builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
+ if (assertionV1Builder == null) {
+ throw new IllegalStateException(
+ "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml "
+ + "engine prior using it"
+ );
+ }
+ }
+ Assertion assertion =
+ assertionV1Builder.buildObject(
+ Assertion.DEFAULT_ELEMENT_NAME,
+ Assertion.TYPE_NAME
+ );
+ assertion.setVersion(SAMLVersion.VERSION_11);
+ assertion.setIssuer(issuer);
+ assertion.setIssueInstant(new DateTime()); // now
+ assertion.setID(UUIDGenerator.getUUID());
+ return assertion;
+ }
+
+
+ /**
+ * Create a SAML Subject from a SubjectBean instance
+ *
+ * @param subjectBean A SubjectBean instance
+ * @return A Saml 1.1 subject
+ */
+ public static Subject createSaml1v1Subject(SubjectBean subjectBean) {
+ if (subjectV1Builder == null) {
+ subjectV1Builder = (SAMLObjectBuilder<Subject>)
+ builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
+
+ }
+ if (nameIdentifierV1Builder == null) {
+ nameIdentifierV1Builder = (SAMLObjectBuilder<NameIdentifier>)
+ builderFactory.getBuilder(NameIdentifier.DEFAULT_ELEMENT_NAME);
+ }
+ if (subjectConfirmationV1Builder == null) {
+ subjectConfirmationV1Builder = (SAMLObjectBuilder<SubjectConfirmation>)
+ builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+
+ }
+ if (confirmationMethodV1Builder == null) {
+ confirmationMethodV1Builder = (SAMLObjectBuilder<ConfirmationMethod>)
+ builderFactory.getBuilder(ConfirmationMethod.DEFAULT_ELEMENT_NAME);
+ }
+
+ Subject subject = subjectV1Builder.buildObject();
+ NameIdentifier nameIdentifier = nameIdentifierV1Builder.buildObject();
+ SubjectConfirmation subjectConfirmation = subjectConfirmationV1Builder.buildObject();
+ ConfirmationMethod confirmationMethod = confirmationMethodV1Builder.buildObject();
+
+ nameIdentifier.setNameQualifier(subjectBean.getSubjectNameQualifier());
+ nameIdentifier.setNameIdentifier(subjectBean.getSubjectName());
+ nameIdentifier.setFormat(SAML1Constants.NAMEID_FORMAT_UNSPECIFIED);
+ String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
+
+ if (confirmationMethodStr == null) {
+ confirmationMethodStr = SAML1Constants.CONF_SENDER_VOUCHES;
+ }
+
+ confirmationMethod.setConfirmationMethod(confirmationMethodStr);
+ subjectConfirmation.getConfirmationMethods().add(confirmationMethod);
+ subject.setNameIdentifier(nameIdentifier);
+ subject.setSubjectConfirmation(subjectConfirmation);
+
+ return subject;
+ }
+
+ /**
+ * Create a Conditions object
+ *
+ * @param conditionsBean A ConditionsBean object
+ * @return a Conditions object
+ */
+ public static Conditions createSamlv1Conditions(ConditionsBean conditionsBean) {
+ if (conditionsV1Builder == null) {
+ conditionsV1Builder = (SAMLObjectBuilder<Conditions>)
+ builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
+
+ }
+ Conditions conditions = conditionsV1Builder.buildObject(Conditions.TYPE_NAME);
+
+ if (conditionsBean == null) {
+ DateTime newNotBefore = new DateTime();
+ conditions.setNotBefore(newNotBefore);
+ conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5));
+ return conditions;
+ }
+
+ int tokenPeriodMinutes = conditionsBean.getTokenPeriodMinutes();
+ DateTime notBefore = conditionsBean.getNotBefore();
+ DateTime notAfter = conditionsBean.getNotAfter();
+
+ if (notBefore != null && notAfter != null) {
+ OpenSAMLUtil.validateConditions(notBefore, notAfter);
+ conditions.setNotBefore(notBefore);
+ conditions.setNotOnOrAfter(notAfter);
+ } else {
+ DateTime newNotBefore = new DateTime();
+ conditions.setNotBefore(newNotBefore);
+ conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
+ }
+ return conditions;
+ }
+
+ /**
+ * Create SAML 1.1 authentication statement(s)
+ *
+ * @param authBeans A list of AuthenticationStatementBean objects
+ * @return a list of SAML 1.1 authentication statement(s)
+ */
+ public static List<AuthenticationStatement> createSamlv1AuthenticationStatement(
+ List<AuthenticationStatementBean> authBeans
+ ) {
+ List<AuthenticationStatement> authenticationStatements =
+ new ArrayList<AuthenticationStatement>();
+
+ if (authenticationStatementV1Builder == null) {
+ authenticationStatementV1Builder = (SAMLObjectBuilder<AuthenticationStatement>)
+ builderFactory.getBuilder(AuthenticationStatement.DEFAULT_ELEMENT_NAME);
+ }
+
+ if (authBeans != null && authBeans.size() > 0) {
+ for (AuthenticationStatementBean statementBean : authBeans) {
+ AuthenticationStatement authenticationStatement =
+ authenticationStatementV1Builder.buildObject(
+ AuthenticationStatement.DEFAULT_ELEMENT_NAME,
+ AuthenticationStatement.TYPE_NAME
+ );
+ Subject authSubject =
+ SAML1ComponentBuilder.createSaml1v1Subject(statementBean.getSubject());
+ authenticationStatement.setSubject(authSubject);
+
+ if (statementBean.getAuthenticationInstant() != null) {
+ authenticationStatement.setAuthenticationInstant(
+ statementBean.getAuthenticationInstant()
+ );
+ } else {
+ authenticationStatement.setAuthenticationInstant(new DateTime());
+ }
+
+ authenticationStatement.setAuthenticationMethod(
+ transformAuthenticationMethod(statementBean.getAuthenticationMethod())
+ );
+ authenticationStatements.add(authenticationStatement);
+ }
+ }
+
+ return authenticationStatements;
+ }
+
+ /**
+ * Method transformAuthenticationMethod transforms the user-supplied authentication method
+ * value into one of the supported specification-compliant values.
+ * NOTE: Only "Password" is supported at this time.
+ *
+ * @param sourceMethod of type String
+ * @return String
+ */
+ private static String transformAuthenticationMethod(String sourceMethod) {
+ String transformedMethod = "";
+
+ if ("Password".equals(sourceMethod)) {
+ transformedMethod = SAML1Constants.AUTH_METHOD_PASSWORD;
+ }
+
+ return transformedMethod;
+ }
+
+ /**
+ * Create SAML 1.1 attribute statement(s)
+ *
+ * @param attributeData A list of AttributeStatementBean instances
+ * @return a list of SAML 1.1 attribute statement(s)
+ */
+ public static List<AttributeStatement> createSamlv1AttributeStatement(
+ List<AttributeStatementBean> attributeData
+ ) {
+ if (attributeStatementV1Builder == null) {
+ attributeStatementV1Builder = (SAMLObjectBuilder<AttributeStatement>)
+ builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
+ }
+
+ List<AttributeStatement> attributeStatements = new ArrayList<AttributeStatement>();
+
+ if (attributeData != null && attributeData.size() > 0) {
+ for (AttributeStatementBean statementBean : attributeData) {
+ // Create the attribute statementBean and set the subject
+ AttributeStatement attributeStatement = attributeStatementV1Builder.buildObject();
+ Subject attributeSubject =
+ SAML1ComponentBuilder.createSaml1v1Subject(statementBean.getSubject());
+ attributeStatement.setSubject(attributeSubject);
+ // Add the individual attributes
+ for (AttributeBean values : statementBean.getSamlAttributes()) {
+ Attribute samlAttribute =
+ createSamlv1Attribute(
+ values.getSimpleName(),
+ values.getQualifiedName(),
+ values.getAttributeValues()
+ );
+ attributeStatement.getAttributes().add(samlAttribute);
+ }
+ // Add the completed attribute statementBean to the collection
+ attributeStatements.add(attributeStatement);
+ }
+ }
+
+ return attributeStatements;
+ }
+
+ /**
+ * Create a SAML 1.1 attribute
+ *
+ * @param attributeName the Attribute Name
+ * @param attributeUrn the Attribute Qualified Name
+ * @param values the Attribute Values
+ * @return a SAML 1.1 attribute
+ */
+ public static Attribute createSamlv1Attribute(
+ String attributeName,
+ String attributeUrn,
+ List<String> values
+ ) {
+ if (attributeV1Builder == null) {
+ attributeV1Builder = (SAMLObjectBuilder<Attribute>)
+ builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
+ }
+ if (stringBuilder == null) {
+ stringBuilder = (XSStringBuilder)builderFactory.getBuilder(XSString.TYPE_NAME);
+ }
+
+ Attribute attribute = attributeV1Builder.buildObject();
+ attribute.setAttributeName(attributeName);
+ attribute.setAttributeNamespace(attributeUrn);
+
+ for (String value : values) {
+ XSString attribute1 =
+ stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+ attribute1.setValue(value);
+ attribute.getAttributeValues().add(attribute1);
+ }
+
+ return attribute;
+ }
+
+ /**
+ * Create SAML 1.1 Authorization Decision Statement(s)
+ *
+ * @param authDecisionSubject of type Subject
+ * @param decisionData of type Map
+ * @return a list of SAML 1.1 Authorization Decision Statement(s)
+ */
+ public static List<AuthorizationDecisionStatement> createSamlv1AuthorizationDecisionStatement(
+ List<AuthDecisionStatementBean> decisionData) {
+ List<AuthorizationDecisionStatement> authDecisionStatements = new ArrayList();
+ if (authorizationDecisionStatementV1Builder == null) {
+ authorizationDecisionStatementV1Builder =
+ (SAMLObjectBuilder<AuthorizationDecisionStatement>)
+ builderFactory.getBuilder(AuthorizationDecisionStatement.DEFAULT_ELEMENT_NAME);
+
+ }
+
+ if (decisionData != null && decisionData.size() > 0) {
+ for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
+ AuthorizationDecisionStatement authDecision =
+ authorizationDecisionStatementV1Builder.buildObject();
+ Subject authDecisionSubject =
+ SAML1ComponentBuilder.createSaml1v1Subject(decisionStatementBean.getSubject());
+ authDecision.setSubject(authDecisionSubject);
+
+ authDecision.setResource(decisionStatementBean.getResource());
+ authDecision.setDecision(transformDecisionType(decisionStatementBean.getDecision()));
+
+ for (ActionBean actionBean : decisionStatementBean.getActions()) {
+ Action actionElement = createSamlv1Action(actionBean);
+ authDecision.getActions().add(actionElement);
+ }
+ authDecisionStatements.add(authDecision);
+ }
+ }
+
+ return authDecisionStatements;
+ }
+
+ /**
+ * Create an Action object
+ *
+ * @param actionBean of type SamlAction
+ * @return an Action object
+ */
+ public static Action createSamlv1Action(ActionBean actionBean) {
+ if (actionElementV1Builder == null) {
+ actionElementV1Builder = (SAMLObjectBuilder<Action>)
+ builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
+ }
+
+ Action actionElement = actionElementV1Builder.buildObject();
+ actionElement.setNamespace(actionBean.getActionNamespace());
+ actionElement.setContents(actionBean.getContents());
+
+ return actionElement;
+ }
+
+ /**
+ * Transform a DecisionType
+ *
+ * @param decision of type Decision
+ * @return DecisionTypeEnumeration
+ */
+ private static DecisionTypeEnumeration transformDecisionType(
+ AuthDecisionStatementBean.Decision decision
+ ) {
+ DecisionTypeEnumeration decisionTypeEnum = DecisionTypeEnumeration.DENY;
+ if (decision.equals(AuthDecisionStatementBean.Decision.PERMIT)) {
+ decisionTypeEnum = DecisionTypeEnumeration.PERMIT;
+ } else if (decision.equals(AuthDecisionStatementBean.Decision.INDETERMINATE)) {
+ decisionTypeEnum = DecisionTypeEnumeration.INDETERMINATE;
+ }
+
+ return decisionTypeEnum;
+ }
+
+}
Added: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1Constants.java?rev=1055456&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1Constants.java (added)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1Constants.java Wed Jan 5 13:39:09 2011
@@ -0,0 +1,142 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.saml.ext.builder;
+
+
+/**
+ * Class SAML1Constants provides static constant definitions associated with
+ * the SAML v1.x specification.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML1Constants {
+
+ //
+ // NAME ID FORMAT
+ //
+
+ public static final String NAMEID_FORMAT_UNSPECIFIED =
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+
+ public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+
+ public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+
+ public static final String NAMEID_FORMAT_WINDOWS_DQN =
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+
+ //
+ // SUBJECT CONFIRMATION
+ //
+
+ /**
+ * Assertion Bearer Confirmation Method Identifier
+ */
+ public final static String CONF_BEARER = "urn:oasis:names:tc:SAML:1.0:cm:bearer";
+
+ /**
+ * Holder of Key Confirmation Method Identifier
+ */
+ public final static String CONF_HOLDER_KEY = "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
+
+ /**
+ * Sender Vouches Confirmation Method Identifier
+ */
+ public final static String CONF_SENDER_VOUCHES = "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
+
+ //
+ // AUTH METHOD
+ //
+
+ /**
+ * The authentication was performed by means of a password.
+ */
+ public static final String AUTH_METHOD_PASSWORD =
+ "urn:oasis:names:tc:SAML:1.0:am:password";
+
+ /**
+ * The authentication was performed by means of the Kerberos protocol [RFC 1510],
+ * an instantiation of the Needham-Schroeder symmetric key authentication mechanism [Needham78].
+ */
+ public static final String AUTH_METHOD_KERBEROS = "urn:ietf:rfc:1510";
+
+ /**
+ * The authentication was performed by means of Secure Remote Password protocol as specified in
+ * [RFC 2945].
+ */
+ public static final String AUTH_METHOD_SRP = "urn:ietf:rfc:2945";
+
+ /**
+ * The authentication was performed by means of an unspecified hardware token.
+ */
+ public static final String AUTH_METHOD_HARDWARE_TOKEN =
+ "urn:oasis:names:tc:SAML:1.0:am:HardwareToken";
+
+ /**
+ * The authentication was performed using either the SSL or TLS protocol with certificate
+ * based client authentication. TLS is described in [RFC 2246].
+ */
+ public static final String AUTH_METHOD_TLS_CLIENT = "urn:ietf:rfc:2246";
+
+ /**
+ * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+ * means of an X.509 PKI [X.500][PKIX]. It may have been one of the mechanisms for which a more
+ * specific identifier has been defined.
+ */
+ public static final String AUTH_METHOD_X509 =
+ "urn:oasis:names:tc:SAML:1.0:am:X509-PKI";
+
+ /**
+ * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+ * means of a PGP web of trust [PGP]. It may have been one of the mechanisms for which a more
+ * specific identifier has been defined.
+ */
+ public static final String AUTH_METHOD_PGP =
+ "urn:oasis:names:tc:SAML:1.0:am:PGP";
+
+ /**
+ * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+ * means of a SPKI PKI [SPKI]. It may have been one of the mechanisms for which a more specific
+ * identifier has been defined.
+ */
+ public static final String AUTH_METHOD_SPKI =
+ "urn:oasis:names:tc:SAML:1.0:am:SPKI";
+
+ /**
+ * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+ * means of a XKMS trust service [XKMS]. It may have been one of the mechanisms for which a more
+ * specific identifier has been defined.
+ */
+ public static final String AUTH_METHOD_XKMS =
+ "urn:oasis:names:tc:SAML:1.0:am:XKMS";
+
+ /**
+ * The authentication was performed by means of an XML digital signature [RFC 3075].
+ */
+ public static final String AUTH_METHOD_DSIG = "urn:ietf:rfc:3075";
+
+ /**
+ * The authentication was performed by an unspecified means.
+ */
+ public static final String AUTH_METHOD_UNSPECIFIED =
+ "urn:oasis:names:tc:SAML:1.0:am:unspecified";
+}