Package org.apache.cxf.ws.security.trust

Class STSSamlAssertionValidator

java.lang.Object
org.apache.wss4j.dom.validate.SignatureTrustValidator
org.apache.wss4j.dom.validate.SamlAssertionValidator
org.apache.cxf.ws.security.trust.STSSamlAssertionValidator
All Implemented Interfaces:
org.apache.wss4j.dom.validate.Validator
public class STSSamlAssertionValidator extends org.apache.wss4j.dom.validate.SamlAssertionValidator
This class validates a SAML Assertion by invoking the SamlAssertionValidator in WSS4J. It overrides the signature verification, so that if the signature is not trusted, it just sets a boolean. The STSTokenValidator can parse this tag and dispatch the Assertion to the STS for validation.

  • Constructor Summary

    Constructors
    Constructor
    Description
    STSSamlAssertionValidator()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    isTrustVerificationSucceeded()
    Return if trust verification on the signature of the assertion succeeded.
    protected org.apache.wss4j.dom.validate.Credential
    verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion, org.apache.wss4j.dom.handler.RequestData data)
    Try to verify trust on the assertion.

    Methods inherited from class org.apache.wss4j.dom.validate.SamlAssertionValidator

    checkAuthnStatements, checkConditions, checkConditions, checkOneTimeUse, getRequiredSubjectConfirmationMethod, getTtl, isRequireBearerSignature, isRequireStandardSubjectConfirmationMethod, isValidateSignatureAgainstProfile, setFutureTTL, setRequireBearerSignature, setRequiredSubjectConfirmationMethod, setRequireStandardSubjectConfirmationMethod, setTtl, setValidateSignatureAgainstProfile, validate, validateAssertion, verifySubjectConfirmationMethod

    Methods inherited from class org.apache.wss4j.dom.validate.SignatureTrustValidator

    getCrypto, validateCertificates, validatePublicKey, verifyTrustInCerts

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • STSSamlAssertionValidator

      public STSSamlAssertionValidator()

  • Method Details

    • verifySignedAssertion

      protected org.apache.wss4j.dom.validate.Credential verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion, org.apache.wss4j.dom.handler.RequestData data) throws org.apache.wss4j.common.ext.WSSecurityException
      Try to verify trust on the assertion. If it fails, then set a boolean and return.
      Overrides:
      verifySignedAssertion in class org.apache.wss4j.dom.validate.SamlAssertionValidator
      Parameters:
      assertion - The signed Assertion
      data - The RequestData context
      Returns:
      A Credential instance
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • isTrustVerificationSucceeded

      public boolean isTrustVerificationSucceeded()
      Return if trust verification on the signature of the assertion succeeded.
      Returns:
      if trust verification on the signature of the assertion succeeded