org.apache.cxf.ws.security.trust

Class STSSamlAssertionValidator

java.lang.Object

org.apache.wss4j.dom.validate.SignatureTrustValidator

org.apache.wss4j.dom.validate.SamlAssertionValidator

org.apache.cxf.ws.security.trust.STSSamlAssertionValidator

All Implemented Interfaces:

org.apache.wss4j.dom.validate.Validator

public class STSSamlAssertionValidator
extends org.apache.wss4j.dom.validate.SamlAssertionValidator

This class validates a SAML Assertion by invoking the SamlAssertionValidator in WSS4J. It overrides the signature verification, so that if the signature is not trusted, it just sets a boolean. The STSTokenValidator can parse this tag and dispatch the Assertion to the STS for validation.

Constructor Summary

Constructors

Constructor and Description
STSSamlAssertionValidator()

Method Summary

Modifier and Type	Method and Description
boolean	isTrustVerificationSucceeded() Return if trust verification on the signature of the assertion succeeded.
protected org.apache.wss4j.dom.validate.Credential	verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion, org.apache.wss4j.dom.handler.RequestData data) Try to verify trust on the assertion.

Methods inherited from class org.apache.wss4j.dom.validate.SamlAssertionValidator

checkAuthnStatements, checkConditions, checkConditions, checkOneTimeUse, getRequiredSubjectConfirmationMethod, getTtl, isRequireBearerSignature, isRequireStandardSubjectConfirmationMethod, isValidateSignatureAgainstProfile, setFutureTTL, setRequireBearerSignature, setRequiredSubjectConfirmationMethod, setRequireStandardSubjectConfirmationMethod, setTtl, setValidateSignatureAgainstProfile, validate, validateAssertion, verifySubjectConfirmationMethod

Methods inherited from class org.apache.wss4j.dom.validate.SignatureTrustValidator

getCrypto, validateCertificates, validatePublicKey, verifyTrustInCerts

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

STSSamlAssertionValidator

public STSSamlAssertionValidator()

Method Detail

verifySignedAssertion

protected org.apache.wss4j.dom.validate.Credential verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion,
                                                                         org.apache.wss4j.dom.handler.RequestData data)
                                                                  throws org.apache.wss4j.common.ext.WSSecurityException

Try to verify trust on the assertion. If it fails, then set a boolean and return.

Overrides:

verifySignedAssertion in class org.apache.wss4j.dom.validate.SamlAssertionValidator

Parameters:

assertion - The signed Assertion

data - The RequestData context

Returns:

A Credential instance

Throws:

org.apache.wss4j.common.ext.WSSecurityException

isTrustVerificationSucceeded

public boolean isTrustVerificationSucceeded()

Return if trust verification on the signature of the assertion succeeded.

Returns:

if trust verification on the signature of the assertion succeeded