Apache CXF API

org.apache.cxf.ws.security.trust
Class STSStaxTokenValidator

java.lang.Object
  extended by org.apache.wss4j.stax.validate.SignatureTokenValidatorImpl
      extended by org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
          extended by org.apache.cxf.ws.security.trust.STSStaxTokenValidator
All Implemented Interfaces:
org.apache.wss4j.stax.validate.BinarySecurityTokenValidator, org.apache.wss4j.stax.validate.SamlTokenValidator, org.apache.wss4j.stax.validate.SignatureTokenValidator, org.apache.wss4j.stax.validate.UsernameTokenValidator, org.apache.wss4j.stax.validate.Validator

public class STSStaxTokenValidator
extends org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
implements org.apache.wss4j.stax.validate.BinarySecurityTokenValidator, org.apache.wss4j.stax.validate.UsernameTokenValidator

A Streaming SAML Token Validator implementation to validate a received Token to a SecurityTokenService (STS). TODO Refactor this class a bit better...


Constructor Summary
STSStaxTokenValidator()
           
STSStaxTokenValidator(boolean alwaysValidateToSts)
          Construct a new instance.
 
Method Summary
 org.apache.xml.security.stax.securityToken.InboundSecurityToken validate(org.apache.wss4j.binding.wss10.BinarySecurityTokenType binarySecurityTokenType, org.apache.wss4j.stax.validate.TokenContext tokenContext)
           
<T extends org.apache.wss4j.stax.securityToken.SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
T
validate(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, org.apache.wss4j.stax.validate.TokenContext tokenContext)
           
<T extends org.apache.wss4j.stax.securityToken.UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
T
validate(org.apache.wss4j.binding.wss10.UsernameTokenType usernameTokenType, org.apache.wss4j.stax.validate.TokenContext tokenContext)
           
 
Methods inherited from class org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
checkConditions, checkOneTimeUse, isValidateSignatureAgainstProfile, setFutureTTL, setValidateSignatureAgainstProfile, validateAssertion
 
Methods inherited from class org.apache.wss4j.stax.validate.SignatureTokenValidatorImpl
validate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.wss4j.stax.validate.SignatureTokenValidator
validate
 

Constructor Detail

STSStaxTokenValidator

public STSStaxTokenValidator()

STSStaxTokenValidator

public STSStaxTokenValidator(boolean alwaysValidateToSts)
Construct a new instance.

Parameters:
alwaysValidateToSts - whether to always validate the token to the STS
Method Detail

validate

public <T extends org.apache.wss4j.stax.securityToken.SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken> T validate(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertionWrapper,
                                                                                                                                                     org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken,
                                                                                                                                                     org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                                                                                          throws org.apache.wss4j.common.ext.WSSecurityException
Specified by:
validate in interface org.apache.wss4j.stax.validate.SamlTokenValidator
Overrides:
validate in class org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
Throws:
org.apache.wss4j.common.ext.WSSecurityException

validate

public org.apache.xml.security.stax.securityToken.InboundSecurityToken validate(org.apache.wss4j.binding.wss10.BinarySecurityTokenType binarySecurityTokenType,
                                                                                org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                         throws org.apache.wss4j.common.ext.WSSecurityException
Specified by:
validate in interface org.apache.wss4j.stax.validate.BinarySecurityTokenValidator
Throws:
org.apache.wss4j.common.ext.WSSecurityException

validate

public <T extends org.apache.wss4j.stax.securityToken.UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken> T validate(org.apache.wss4j.binding.wss10.UsernameTokenType usernameTokenType,
                                                                                                                                                         org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                                                                                              throws org.apache.wss4j.common.ext.WSSecurityException
Specified by:
validate in interface org.apache.wss4j.stax.validate.UsernameTokenValidator
Throws:
org.apache.wss4j.common.ext.WSSecurityException

Apache CXF API

Apache CXF