org.apache.cxf.ws.security.wss4j.policyvalidators
Class AbstractSamlPolicyValidator
java.lang.Object
org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractTokenPolicyValidator
org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractSamlPolicyValidator
- Direct Known Subclasses:
- IssuedTokenPolicyValidator, SamlTokenPolicyValidator
public abstract class AbstractSamlPolicyValidator
- extends AbstractTokenPolicyValidator
Some abstract functionality for validating SAML Assertions
Method Summary |
boolean |
checkHolderOfKey(org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
List<org.apache.ws.security.WSSecurityEngineResult> signedResults,
Certificate[] tlsCerts)
Check the holder-of-key requirements against the received assertion. |
protected boolean |
isTokenRequired(Token token,
Message message)
Check to see if a token is required or not. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
AbstractSamlPolicyValidator
public AbstractSamlPolicyValidator()
isTokenRequired
protected boolean isTokenRequired(Token token,
Message message)
- Check to see if a token is required or not.
- Overrides:
isTokenRequired
in class AbstractTokenPolicyValidator
- Parameters:
token
- the tokenmessage
- The message
- Returns:
- true if the token is required
checkHolderOfKey
public boolean checkHolderOfKey(org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
List<org.apache.ws.security.WSSecurityEngineResult> signedResults,
Certificate[] tlsCerts)
- Check the holder-of-key requirements against the received assertion. The subject
credential of the SAML Assertion must have been used to sign some portion of
the message, thus showing proof-of-possession of the private/secret key. Alternatively,
the subject credential of the SAML Assertion must match a client certificate credential
when 2-way TLS is used.
- Parameters:
assertionWrapper
- the SAML Assertion wrapper objectsignedResults
- a list of all of the signed results
Apache CXF