Package org.apache.cxf.ws.security.trust

Class STSStaxTokenValidator

  • All Implemented Interfaces:
    org.apache.wss4j.stax.validate.BinarySecurityTokenValidator, org.apache.wss4j.stax.validate.SamlTokenValidator, org.apache.wss4j.stax.validate.SignatureTokenValidator, org.apache.wss4j.stax.validate.UsernameTokenValidator, org.apache.wss4j.stax.validate.Validator
    public class STSStaxTokenValidator
extends org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
implements org.apache.wss4j.stax.validate.BinarySecurityTokenValidator, org.apache.wss4j.stax.validate.UsernameTokenValidator
    A Streaming SAML Token Validator implementation to validate a received Token to a SecurityTokenService (STS). TODO Refactor this class a bit better...

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.apache.xml.security.stax.securityToken.InboundSecurityToken validate​(org.apache.wss4j.binding.wss10.BinarySecurityTokenType binarySecurityTokenType, org.apache.wss4j.stax.validate.TokenContext tokenContext)  
      <T extends org.apache.wss4j.stax.securityToken.UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
      T      		 validate​(org.apache.wss4j.binding.wss10.UsernameTokenType usernameTokenType, org.apache.wss4j.stax.validate.TokenContext tokenContext)  
      <T extends org.apache.wss4j.stax.securityToken.SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
      T      		 validate​(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, org.apache.wss4j.stax.validate.TokenContext tokenContext)  

      • Methods inherited from class org.apache.wss4j.stax.validate.SamlTokenValidatorImpl

        checkAuthnStatements, checkConditions, checkConditions, checkOneTimeUse, getRequiredSubjectConfirmationMethod, getTtl, isRequireBearerSignature, isRequireStandardSubjectConfirmationMethod, isValidateSignatureAgainstProfile, setFutureTTL, setRequireBearerSignature, setRequiredSubjectConfirmationMethod, setRequireStandardSubjectConfirmationMethod, setTtl, setValidateSignatureAgainstProfile, validateAssertion, verifySubjectConfirmationMethod

      • Methods inherited from class org.apache.wss4j.stax.validate.SignatureTokenValidatorImpl

        validate

      • Methods inherited from interface org.apache.wss4j.stax.validate.SignatureTokenValidator

        validate

    • Constructor Detail

      • STSStaxTokenValidator

        public STSStaxTokenValidator()

      • STSStaxTokenValidator

        public STSStaxTokenValidator​(boolean alwaysValidateToSts)
        Construct a new instance.
        Parameters:
        alwaysValidateToSts - whether to always validate the token to the STS

    • Method Detail

      • validate

        public <T extends org.apache.wss4j.stax.securityToken.SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken> T validate​(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertionWrapper,
                                                                                                                                                      org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken,
                                                                                                                                                      org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                                                                                               throws org.apache.wss4j.common.ext.WSSecurityException
        Specified by:
        validate in interface org.apache.wss4j.stax.validate.SamlTokenValidator
        Overrides:
        validate in class org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • validate

        public org.apache.xml.security.stax.securityToken.InboundSecurityToken validate​(org.apache.wss4j.binding.wss10.BinarySecurityTokenType binarySecurityTokenType,
                                                                                org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                         throws org.apache.wss4j.common.ext.WSSecurityException
        Specified by:
        validate in interface org.apache.wss4j.stax.validate.BinarySecurityTokenValidator
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • validate

        public <T extends org.apache.wss4j.stax.securityToken.UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken> T validate​(org.apache.wss4j.binding.wss10.UsernameTokenType usernameTokenType,
                                                                                                                                                          org.apache.wss4j.stax.validate.TokenContext tokenContext)
                                                                                                                                                   throws org.apache.wss4j.common.ext.WSSecurityException
        Specified by:
        validate in interface org.apache.wss4j.stax.validate.UsernameTokenValidator
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException