STSSamlAssertionValidator (Apache CXF JavaDoc 3.0.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Apache CXF API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.cxf.ws.security.trust
Class STSSamlAssertionValidator

java.lang.Object
  org.apache.wss4j.dom.validate.SignatureTrustValidator
      org.apache.wss4j.dom.validate.SamlAssertionValidator
          org.apache.cxf.ws.security.trust.STSSamlAssertionValidator

All Implemented Interfaces:: org.apache.wss4j.dom.validate.Validator

public class STSSamlAssertionValidator
extends org.apache.wss4j.dom.validate.SamlAssertionValidator
extends org.apache.wss4j.dom.validate.SamlAssertionValidator

This class validates a SAML Assertion by invoking the SamlAssertionValidator in WSS4J. It overrides the signature verification, so that if the signature is not trusted, it just sets a boolean. The STSTokenValidator can parse this tag and dispatch the Assertion to the STS for validation.

Constructor Summary
`STSSamlAssertionValidator()`

Method Summary
`boolean`	`isTrustVerificationSucceeded()` Return if trust verification on the signature of the assertion succeeded.
`org.apache.wss4j.dom.validate.Credential`	`validate(org.apache.wss4j.dom.validate.Credential credential, org.apache.wss4j.dom.handler.RequestData data)` Validate the credential argument.
`protected org.apache.wss4j.dom.validate.Credential`	`verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion, org.apache.wss4j.dom.handler.RequestData data)` Try to verify trust on the assertion.

Methods inherited from class org.apache.wss4j.dom.validate.SamlAssertionValidator
`checkConditions, checkOneTimeUse, isValidateSignatureAgainstProfile, setFutureTTL, setValidateSignatureAgainstProfile, validateAssertion`

Methods inherited from class org.apache.wss4j.dom.validate.SignatureTrustValidator
`getCrypto, validateCertificates, validatePublicKey, verifyTrustInCerts`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

STSSamlAssertionValidator

public STSSamlAssertionValidator()

Method Detail

validate

public org.apache.wss4j.dom.validate.Credential validate(org.apache.wss4j.dom.validate.Credential credential,
                                                         org.apache.wss4j.dom.handler.RequestData data)
                                                  throws org.apache.wss4j.common.ext.WSSecurityException

Validate the credential argument. It must contain a non-null AssertionWrapper. A Crypto and a CallbackHandler implementation is also required to be set.

Specified by:: validate in interface org.apache.wss4j.dom.validate.Validator
Overrides:: validate in class org.apache.wss4j.dom.validate.SamlAssertionValidator

Parameters:: credential - the Credential to be validated; data - the RequestData associated with the request
Throws:: org.apache.wss4j.common.ext.WSSecurityException - on a failed validation

verifySignedAssertion

protected org.apache.wss4j.dom.validate.Credential verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion,
                                                                         org.apache.wss4j.dom.handler.RequestData data)
                                                                  throws org.apache.wss4j.common.ext.WSSecurityException

Try to verify trust on the assertion. If it fails, then set a boolean and return.

Overrides:: verifySignedAssertion in class org.apache.wss4j.dom.validate.SamlAssertionValidator

Parameters:: assertion - The signed Assertion; data - The RequestData context
Returns:: A Credential instance
Throws:: org.apache.wss4j.common.ext.WSSecurityException

isTrustVerificationSucceeded

public boolean isTrustVerificationSucceeded()

Return if trust verification on the signature of the assertion succeeded.

Returns:: if trust verification on the signature of the assertion succeeded