本文整理汇总了Java中org.opensaml.security.SAMLSignatureProfileValidator类的典型用法代码示例。如果您正苦于以下问题:Java SAMLSignatureProfileValidator类的具体用法?Java SAMLSignatureProfileValidator怎么用?Java SAMLSignatureProfileValidator使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SAMLSignatureProfileValidator类属于org.opensaml.security包,在下文中一共展示了SAMLSignatureProfileValidator类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: init
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
@Override
public void init() throws IdentityOAuth2Exception {
super.init();
Thread thread = Thread.currentThread();
ClassLoader loader = thread.getContextClassLoader();
thread.setContextClassLoader(this.getClass().getClassLoader());
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException e) {
log.error("Error in bootstrapping the OpenSAML2 library", e);
throw new IdentityOAuth2Exception("Error in bootstrapping the OpenSAML2 library");
} finally {
thread.setContextClassLoader(loader);
}
profileValidator = new SAMLSignatureProfileValidator();
}
示例2: verifyAssertionSignature
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
private void verifyAssertionSignature(Assertion assertion) {
if (!assertion.isSigned()) {
throw new RuntimeException("The SAML Assertion was not signed");
}
try {
SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
profileValidator.validate(assertion.getSignature());
SignatureValidator sigValidator = new SignatureValidator(IDPCredentials.getCredential());
sigValidator.validate(assertion.getSignature());
logger.info("SAML Assertion signature verified");
} catch (ValidationException e) {
throw new RuntimeException(e);
}
}
示例3: SignatureValidationFilter
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
/**
* Constructor.
*
* @param engine the trust engine used to validate signatures on incoming metadata.
*/
public SignatureValidationFilter(SignatureTrustEngine engine) {
if (engine == null) {
throw new IllegalArgumentException("Signature trust engine may not be null");
}
signatureTrustEngine = engine;
sigValidator = new SAMLSignatureProfileValidator();
}
示例4: validateSignature
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
private void validateSignature(SignableSAMLObject obj)
throws WsSrvException, ValidationException {
Signature sig = obj.getSignature();
if (sig == null)
throw new WsSrvException(80, "Signature not found");
SAMLSignatureProfileValidator pvalidator =
new SAMLSignatureProfileValidator();
pvalidator.validate(sig);
SignatureValidator svalidator = new SignatureValidator(_cred);
svalidator.validate(sig);
}
示例5: validateSignature
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
/**
* Validates the XML Signature object
*
* @param signature XMLObject
* @throws SSOAgentException
*/
private void validateSignature(XMLObject signature) throws SSOAgentException{
SignatureImpl signImpl = (SignatureImpl) signature;
try {
SAMLSignatureProfileValidator signatureProfileValidator = new SAMLSignatureProfileValidator();
signatureProfileValidator.validate(signImpl);
} catch (ValidationException ex) {
String logMsg = "Signature do not confirm to SAML signature profile. Possible XML Signature " +
"Wrapping Attack!";
AUDIT_LOG.warn(logMsg);
if (log.isDebugEnabled()) {
log.debug(logMsg, ex);
}
throw new SSOAgentException(logMsg, ex);
}
try {
SignatureValidator validator = new SignatureValidator(
new X509CredentialImpl(ssoAgentConfig.getSAML2().getSSOAgentX509Credential()));
validator.validate(signImpl);
} catch (ValidationException e) {
if (log.isDebugEnabled()) {
log.debug("Validation exception : ", e);
}
throw new SSOAgentException("Signature validation failed for SAML2 Element");
}
}
示例6: validateResponseSignature
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
/**
* 09-03-2014(Milinda) - Copied from pac4j and modify to make it work in this code.
* @param samlResponse
* @param messageContext
* @throws Exception
*/
private void validateResponseSignature(Response samlResponse, SAMLMessageContext messageContext) throws Exception {
if (!samlResponse.isSigned()) {
return;
}
SAMLSignatureProfileValidator signatureProfileValidator = new SAMLSignatureProfileValidator();
try {
signatureProfileValidator.validate(samlResponse.getSignature());
} catch (ValidationException ve) {
log.error("SAML response contains invalid signature profile.");
throw new Exception("Invalid SAML response.", ve);
}
CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
criteriaSet.add(new EntityIDCriteria(messageContext.getPeerEntityId()));
boolean valid;
try {
valid = trustEngine.validate(samlResponse.getSignature(), criteriaSet);
} catch (Exception e) {
throw new Exception("SAML response signature validation failed.", e);
}
if (!valid) {
log.error("Invalid signature in SAML response.");
throw new Exception("Invalid SAML response.");
}
messageContext.setInboundSAMLMessageAuthenticated(true);
}
示例7: validateSignatureFormat
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
private void validateSignatureFormat(Signature signature) {
SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
try {
profileValidator.validate(signature);
} catch (ValidationException e) {
handleSignatureValidationErrors(e);
}
}
示例8: SAMLProtocolMessageXMLSignatureSecurityPolicyRule
import org.opensaml.security.SAMLSignatureProfileValidator; //导入依赖的package包/类
/**
* Constructor.
*
* Signature pre-validator defaults to {@link SAMLSignatureProfileValidator}.
*
* @param engine Trust engine used to verify the signature
*/
public SAMLProtocolMessageXMLSignatureSecurityPolicyRule(TrustEngine<Signature> engine) {
super(engine);
sigValidator = new SAMLSignatureProfileValidator();
}