public abstract class AbstractSamlPolicyValidator extends AbstractSecurityPolicyValidator
Constructor and Description |
---|
AbstractSamlPolicyValidator() |
Modifier and Type | Method and Description |
---|---|
boolean |
checkHolderOfKey(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper,
List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
Certificate[] tlsCerts)
Check the holder-of-key requirements against the received assertion.
|
protected boolean |
compareCredentials(org.apache.wss4j.common.saml.SAMLKeyInfo subjectKeyInfo,
List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
Certificate[] tlsCerts)
Compare the credentials of the assertion to the credentials used in 2-way TLS or those
used to verify signatures.
|
isTokenRequired
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
canValidatePolicy, validatePolicies
public boolean checkHolderOfKey(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Certificate[] tlsCerts)
assertionWrapper
- the SAML Assertion wrapper objectsignedResults
- a list of all of the signed resultsprotected boolean compareCredentials(org.apache.wss4j.common.saml.SAMLKeyInfo subjectKeyInfo, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Certificate[] tlsCerts)
subjectKeyInfo
- the SAMLKeyInfo objectsignedResults
- a list of all of the signed resultsApache CXF