org.apache.wss4j.dom.saml

Class WSSecSignatureSAML

java.lang.Object

org.apache.wss4j.dom.message.WSSecBase

org.apache.wss4j.dom.message.WSSecSignatureBase

org.apache.wss4j.dom.message.WSSecSignature

org.apache.wss4j.dom.saml.WSSecSignatureSAML

public class WSSecSignatureSAML
extends WSSecSignature

Field Summary

Fields inherited from class org.apache.wss4j.dom.message.WSSecSignature

bstToken, c14nMethod, certUri, keyInfo, keyInfoUri, secretKey, sig, signatureFactory, signatureValue, strUri

Fields inherited from class org.apache.wss4j.dom.message.WSSecBase

attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user

Constructor Summary

Constructors

Constructor and Description
WSSecSignatureSAML(Document doc)
WSSecSignatureSAML(WSSecHeader securityHeader) Constructor.

Method Summary

Modifier and Type	Method and Description
Document	build(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) Builds a signed soap envelope with SAML token.
void	computeSignature(List<Reference> referenceList, Element siblingElement) Compute the Signature over the references.
boolean	isUseDirectReferenceToAssertion() Return whether a Direct Reference is to be used to reference the assertion.
void	prepare(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) Initialize a WSSec SAML Signature.
void	prependSAMLElementsToHeader() Prepend the SAML elements to the elements already in the Security header.
void	setUseDirectReferenceToAssertion(boolean useDirectReferenceToAssertion) Set whether a Direct Reference is to be used to reference the assertion.

Methods inherited from class org.apache.wss4j.dom.message.WSSecSignature

addReferencesToSign, appendBSTElementToHeader, build, computeSignature, computeSignature, getBinarySecurityTokenElement, getBSTTokenId, getCustomKeyInfoElement, getCustomTokenId, getDigestAlgo, getId, getKeyInfoElement, getSecurityTokenReference, getSecurityTokenReferenceURI, getSigCanonicalization, getSignatureAlgorithm, getSignatureElement, getSignatureValue, isAddInclusivePrefixes, isIncludeSignatureToken, isUseSingleCertificate, marshalKeyInfo, prepare, prependBSTElementToHeader, setAddInclusivePrefixes, setCustomKeyInfoElement, setCustomTokenId, setCustomTokenValueType, setDigestAlgo, setEncrKeySha1value, setIncludeSignatureToken, setSecretKey, setSecurityTokenReference, setSigCanonicalization, setSignatureAlgorithm, setUseSingleCertificate, setX509Certificate

Methods inherited from class org.apache.wss4j.dom.message.WSSecSignatureBase

addReferencesToSign, cleanup, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes

Methods inherited from class org.apache.wss4j.dom.message.WSSecBase

getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WSSecSignatureSAML

public WSSecSignatureSAML(WSSecHeader securityHeader)

Constructor.

WSSecSignatureSAML

public WSSecSignatureSAML(Document doc)

Method Detail

build

public Document build(Crypto uCrypto,
                      SamlAssertionWrapper samlAssertion,
                      Crypto iCrypto,
                      String iKeyName,
                      String iKeyPW)
               throws WSSecurityException

Builds a signed soap envelope with SAML token. The method first gets an appropriate security header. According to the defined parameters for certificate handling the signature elements are constructed and inserted into the wsse:Signature

Parameters:

uCrypto - The user's Crypto instance

samlAssertion - the complete SAML assertion

iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates

iKeyName - Private key to use in case of "sender-Vouches"

iKeyPW - Password for issuer private key

Returns:

A signed SOAP envelope as Document

Throws:

WSSecurityException

prepare

public void prepare(Crypto uCrypto,
                    SamlAssertionWrapper samlAssertion,
                    Crypto iCrypto,
                    String iKeyName,
                    String iKeyPW)
             throws WSSecurityException

Initialize a WSSec SAML Signature. The method sets up and initializes a WSSec SAML Signature structure after the relevant information was set. After setup of the references to elements to sign may be added. After all references are added they can be signed. This method does not add the Signature element to the security header. See prependSignatureElementToHeader() method.

Parameters:

uCrypto - The user's Crypto instance

samlAssertion - the complete SAML assertion

iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates

iKeyName - Private key to use in case of "sender-Vouches"

iKeyPW - Password for issuer private key

Throws:

WSSecurityException

prependSAMLElementsToHeader

public void prependSAMLElementsToHeader()

Prepend the SAML elements to the elements already in the Security header. The method can be called any time after prepare(). This allows to insert the SAML elements at any position in the Security header. This methods first prepends the SAML security reference if mode is senderVouches, then the SAML token itself,

computeSignature

public void computeSignature(List<Reference> referenceList,
                             Element siblingElement)
                      throws WSSecurityException

Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:

WSSecurityException

isUseDirectReferenceToAssertion

public boolean isUseDirectReferenceToAssertion()

Return whether a Direct Reference is to be used to reference the assertion. The default is false.

Returns:

whether a Direct Reference is to be used to reference the assertion

setUseDirectReferenceToAssertion

public void setUseDirectReferenceToAssertion(boolean useDirectReferenceToAssertion)

Set whether a Direct Reference is to be used to reference the assertion. The default is false.

Parameters:

useDirectReferenceToAssertion - whether a Direct Reference is to be used to reference the assertion