org.apache.ws.security.saml
Class SAMLUtil

java.lang.Object
  org.apache.ws.security.saml.SAMLUtil

public class SAMLUtil
extends Object

Utility methods for SAML stuff

Constructor Summary

SAMLUtil()

Method Summary

static String	getAssertionId(Element envelope, String elemName, String nmSpace)
static X509Certificate[]	getCertificatesFromSAML(Element elem) Extracts the certificate(s) from the SAML token reference.
static Set	getClaims(org.opensaml.SAMLAssertion assertion) Extract the URIs of the set of claims available in a SAML 1.0/1.1 assertion.
static SAMLKeyInfo	getSAMLKeyInfo(Element elem, Crypto crypto, CallbackHandler cb) Extract certificates or the key available in the SAMLAssertion
static SAMLKeyInfo	getSAMLKeyInfo(org.opensaml.SAMLAssertion assertion, Crypto crypto, CallbackHandler cb)
static Timestamp	getTimestampForSAMLAssertion(Element assertion) Create a TimeStamp object from the SAML assertion.
static void	validateSignature(org.opensaml.SAMLAssertion assertion, Crypto sigCrypto) Validate the signature of the SAML assertion

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SAMLUtil

public SAMLUtil()

Method Detail

getSAMLKeyInfo

public static SAMLKeyInfo getSAMLKeyInfo(Element elem,
                                         Crypto crypto,
                                         CallbackHandler cb)
                                  throws WSSecurityException

Extract certificates or the key available in the SAMLAssertion

Parameters:

elem -

Returns:

the SAML Key Info

Throws:

WSSecurityException

getSAMLKeyInfo

public static SAMLKeyInfo getSAMLKeyInfo(org.opensaml.SAMLAssertion assertion,
                                         Crypto crypto,
                                         CallbackHandler cb)
                                  throws WSSecurityException

Throws:

WSSecurityException

getCertificatesFromSAML

public static X509Certificate[] getCertificatesFromSAML(Element elem)
                                                 throws WSSecurityException

Extracts the certificate(s) from the SAML token reference.

Parameters:

elem - The element containing the SAML token.

Returns:

an array of X509 certificates

Throws:

WSSecurityException

getAssertionId

public static String getAssertionId(Element envelope,
                                    String elemName,
                                    String nmSpace)
                             throws WSSecurityException

Throws:

WSSecurityException

getTimestampForSAMLAssertion

public static Timestamp getTimestampForSAMLAssertion(Element assertion)
                                              throws WSSecurityException

Create a TimeStamp object from the SAML assertion.

Parameters:

assertion -

Returns:

Throws:

WSSecurityException

getClaims

public static Set getClaims(org.opensaml.SAMLAssertion assertion)

Extract the URIs of the set of claims available in a SAML 1.0/1.1 assertion. This method will iterate through the set of AttributeStatements available and extract the namespaces of the claim.

Parameters:

assertion - SAML 1.0/1.1 assertion

Returns:

A TreeSet instance comprise of all the claims available in a SAML assertion

validateSignature

public static void validateSignature(org.opensaml.SAMLAssertion assertion,
                                     Crypto sigCrypto)
                              throws WSSecurityException

Validate the signature of the SAML assertion

Parameters:

assertion - SAML 1.0/1.1 assertion

sigCrypto - Crypto object containing the certificate of the token issuer

Throws:

WSSecurityException - if the token does not contain certificate information, the certificate of the issuer is not trusted or the signature is invalid.