本文整理汇总了Java中org.opensaml.xml.security.criteria.EntityIDCriteria类的典型用法代码示例。如果您正苦于以下问题:Java EntityIDCriteria类的具体用法?Java EntityIDCriteria怎么用?Java EntityIDCriteria使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
EntityIDCriteria类属于org.opensaml.xml.security.criteria包,在下文中一共展示了EntityIDCriteria类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildCriteriaSet
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/** {@inheritDoc} */
protected CriteriaSet buildCriteriaSet(String entityID, MessageContext messageContext)
throws SecurityPolicyException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Supplied message context was not an instance of SAMLMessageContext, can not build criteria set from SAML metadata parameters");
throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
}
SAMLMessageContext samlContext = (SAMLMessageContext) messageContext;
CriteriaSet criteriaSet = new CriteriaSet();
if (! DatatypeHelper.isEmpty(entityID)) {
criteriaSet.add(new EntityIDCriteria(entityID) );
}
MetadataCriteria mdCriteria =
new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext.getInboundSAMLProtocol());
criteriaSet.add(mdCriteria);
criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
return criteriaSet;
}
示例2: checkCriteriaRequirements
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Check that all necessary credential criteria are available.
*
* @param criteriaSet the credential set to evaluate
*/
protected void checkCriteriaRequirements(CriteriaSet criteriaSet) {
EntityIDCriteria entityCriteria = criteriaSet.get(EntityIDCriteria.class);
MetadataCriteria mdCriteria = criteriaSet.get(MetadataCriteria.class);
if (entityCriteria == null) {
throw new IllegalArgumentException("Entity criteria must be supplied");
}
if (mdCriteria == null) {
throw new IllegalArgumentException("SAML metadata criteria must be supplied");
}
if (DatatypeHelper.isEmpty(entityCriteria.getEntityID())) {
throw new IllegalArgumentException("Credential owner entity ID criteria value must be supplied");
}
if (mdCriteria.getRole() == null) {
throw new IllegalArgumentException("Credential metadata role criteria value must be supplied");
}
}
示例3: buildCriteriaSet
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Build a criteria set suitable for input to the trust engine.
*
* @param entityID the candidate issuer entity ID which is being evaluated
* @param samlContext the message context which is being evaluated
* @return a newly constructly set of criteria suitable for the configured trust engine
* @throws SecurityPolicyException thrown if criteria set can not be constructed
*/
protected CriteriaSet buildCriteriaSet(String entityID, SAMLMessageContext samlContext)
throws SecurityPolicyException {
CriteriaSet criteriaSet = new CriteriaSet();
if (!DatatypeHelper.isEmpty(entityID)) {
criteriaSet.add(new EntityIDCriteria(entityID));
}
MetadataCriteria mdCriteria = new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext
.getInboundSAMLProtocol());
criteriaSet.add(mdCriteria);
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
return criteriaSet;
}
示例4: resolveFromSource
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
@Override
public Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet) throws SecurityException {
try {
credentialSet = new HashSet<Credential>();
Enumeration<String> en = keyStore.aliases();
while (en.hasMoreElements()) {
String alias = en.nextElement();
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
Credential credential = new X509CredentialImpl(cert);
if (criteriaSet.get(EntityIDCriteria.class) != null) {
if (criteriaSet.get(EntityIDCriteria.class).getEntityID().equals(alias)) {
credentialSet.add(credential);
break;
}
} else {
credentialSet.add(credential);
}
}
return credentialSet;
} catch (KeyStoreException e) {
log.error(e);
throw new SecurityException("Error reading certificates from key store");
}
}
示例5: buildCriteriaSet
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Build a criteria set suitable for input to the trust engine.
*
* @param entityID the candidate issuer entity ID which is being evaluated
* @param samlContext the message context which is being evaluated
* @return a newly constructly set of criteria suitable for the configured trust engine
* @throws SecurityPolicyException thrown if criteria set can not be constructed
*/
protected CriteriaSet buildCriteriaSet(String entityID, SAMLMessageContext samlContext)
throws SecurityPolicyException {
CriteriaSet criteriaSet = new CriteriaSet();
if (!DatatypeHelper.isEmpty(entityID)) {
criteriaSet.add(new EntityIDCriteria(entityID));
}
MetadataCriteria mdCriteria = new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext
.getInboundSAMLProtocol());
criteriaSet.add(mdCriteria);
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
return criteriaSet;
}
开发者ID:brainysmith,项目名称:idp-play-bridge,代码行数:25,代码来源:BaseSAMLSimpleSignatureSecurityPolicyRuleExtended.java
示例6: getIDPKeyFromKeystore
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
private X509Credential getIDPKeyFromKeystore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, SecurityException,
java.security.cert.CertificateException {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream inputStream = MockIDPArtifactResolve.class.getResourceAsStream("/keystore-idp.jks");
keystore.load(inputStream, "changeit".toCharArray());
inputStream.close();
Map<String, String> passwordMap = new HashMap<String, String>();
passwordMap.put("test", "changeit");
KeyStoreCredentialResolver resolver = new KeyStoreCredentialResolver(keystore, passwordMap);
Criteria criteria = new EntityIDCriteria("test");
CriteriaSet criteriaSet = new CriteriaSet(criteria);
return (X509Credential)resolver.resolveSingle(criteriaSet);
}
示例7: buildCriteriaSet
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/** {@inheritDoc} */
protected CriteriaSet buildCriteriaSet(String entityID, MessageContext messageContext)
throws SecurityPolicyException {
CriteriaSet criteriaSet = new CriteriaSet();
if (!DatatypeHelper.isEmpty(entityID)) {
criteriaSet.add(new EntityIDCriteria(entityID));
}
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
return criteriaSet;
}
示例8: EvaluableEntityIDCredentialCriteria
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Constructor.
*
* @param criteria the criteria which is the basis for evaluation
*/
public EvaluableEntityIDCredentialCriteria(EntityIDCriteria criteria) {
if (criteria == null) {
throw new NullPointerException("Criteria instance may not be null");
}
entityID = criteria.getEntityID();
}
示例9: checkCriteriaRequirements
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Check that required credential criteria are available.
*
* @param criteriaSet the credential criteria set to evaluate
*/
protected void checkCriteriaRequirements(CriteriaSet criteriaSet) {
EntityIDCriteria entityCriteria = criteriaSet.get(EntityIDCriteria.class);
if (entityCriteria == null) {
log.error("EntityIDCriteria was not specified in the criteria set, resolution can not be attempted");
throw new IllegalArgumentException("No EntityIDCriteria was available in criteria set");
}
}
示例10: resolveFromSource
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/** {@inheritDoc} */
protected Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet) throws SecurityException {
checkCriteriaRequirements(criteriaSet);
String entityID = criteriaSet.get(EntityIDCriteria.class).getEntityID();
MetadataCriteria mdCriteria = criteriaSet.get(MetadataCriteria.class);
QName role = mdCriteria.getRole();
String protocol = mdCriteria.getProtocol();
UsageCriteria usageCriteria = criteriaSet.get(UsageCriteria.class);
UsageType usage = null;
if (usageCriteria != null) {
usage = usageCriteria.getUsage();
} else {
usage = UsageType.UNSPECIFIED;
}
// See Jira issue SIDP-229.
log.debug("Forcing on-demand metadata provider refresh if necessary");
try {
metadata.getMetadata();
} catch (MetadataProviderException e) {
// don't care about errors at this level
}
MetadataCacheKey cacheKey = new MetadataCacheKey(entityID, role, protocol, usage);
Collection<Credential> credentials = retrieveFromCache(cacheKey);
if (credentials == null) {
credentials = retrieveFromMetadata(entityID, role, protocol, usage);
cacheCredentials(cacheKey, credentials);
}
return credentials;
}
示例11: resolve
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
@Override
public Iterable<Credential> resolve(final CriteriaSet criteriaSet) throws SecurityException {
return Arrays.asList(getCredential(criteriaSet.get(EntityIDCriteria.class).getEntityID()));
}
示例12: buildCriteriaSet
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Build a criteria set suitable for input to the trust engine.
*
* @param issuer
* @return
* @throws SecurityPolicyException
*/
private static CriteriaSet buildCriteriaSet(String issuer) {
CriteriaSet criteriaSet = new CriteriaSet();
if (!DatatypeHelper.isEmpty(issuer)) {
criteriaSet.add(new EntityIDCriteria(issuer));
}
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
return criteriaSet;
}
示例13: resolveFromSource
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/** {@inheritDoc} */
protected Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet) throws SecurityException {
checkCriteriaRequirements(criteriaSet);
String entityID = criteriaSet.get(EntityIDCriteria.class).getEntityID();
MetadataCriteria mdCriteria = criteriaSet.get(MetadataCriteria.class);
QName role = mdCriteria.getRole();
String protocol = mdCriteria.getProtocol();
UsageCriteria usageCriteria = criteriaSet.get(UsageCriteria.class);
UsageType usage = null;
if (usageCriteria != null) {
usage = usageCriteria.getUsage();
} else {
usage = UsageType.UNSPECIFIED;
}
MetadataCacheKey cacheKey = new MetadataCacheKey(entityID, role, protocol, usage);
Collection<Credential> credentials = retrieveFromCache(cacheKey);
if (credentials == null) {
credentials = retrieveFromMetadata(entityID, role, protocol, usage);
cacheCredentials(cacheKey, credentials);
}
return credentials;
}
示例14: setUp
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/** {@inheritDoc} */
protected void setUp() throws Exception {
super.setUp();
idpRSAPubKey = SecurityTestHelper.buildJavaRSAPublicKey(idpRSAPubKeyBase64);
idpDSACert = SecurityTestHelper.buildJavaX509Cert(idpDSACertBase64);
idpRSACert = SecurityTestHelper.buildJavaX509Cert(idpRSACertBase64);
keyAuthorityCert = SecurityTestHelper.buildJavaX509Cert(keyAuthorityCertBase64);
Document mdDoc = parser.parse(MetadataCredentialResolverTest.class.getResourceAsStream(mdFileName));
mdProvider = new DOMMetadataProvider(mdDoc.getDocumentElement());
mdProvider.initialize();
//For testing, use default KeyInfo resolver from global security config, per metadata resolver constructor
origGlobalSecurityConfig = Configuration.getGlobalSecurityConfiguration();
BasicSecurityConfiguration newSecConfig = new BasicSecurityConfiguration();
newSecConfig.setDefaultKeyInfoCredentialResolver( SecurityTestHelper.buildBasicInlineKeyInfoResolver() );
Configuration.setGlobalSecurityConfiguration(newSecConfig);
mdResolver = new MetadataCredentialResolver(mdProvider);
entityCriteria = new EntityIDCriteria(idpEntityID);
// by default set protocol to null
mdCriteria = new MetadataCriteria(idpRole, null);
criteriaSet = new CriteriaSet();
criteriaSet.add(entityCriteria);
criteriaSet.add(mdCriteria);
}
示例15: testAssertionSignature
import org.opensaml.xml.security.criteria.EntityIDCriteria; //导入依赖的package包/类
/**
* Creates a simple Assertion, signs it and then verifies the signature.
*
* @throws MarshallingException thrown if the Assertion can not be marshalled into a DOM
* @throws ValidationException thrown if the Signature does not validate
* @throws SignatureException
* @throws UnmarshallingException
* @throws SecurityException
*/
public void testAssertionSignature()
throws MarshallingException, ValidationException, SignatureException, UnmarshallingException, SecurityException{
DateTime now = new DateTime();
Assertion assertion = assertionBuilder.buildObject();
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setID(idGenerator.generateIdentifier());
assertion.setIssueInstant(now);
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue("urn:example.org:issuer");
assertion.setIssuer(issuer);
AuthnStatement authnStmt = authnStatementBuilder.buildObject();
authnStmt.setAuthnInstant(now);
assertion.getAuthnStatements().add(authnStmt);
Signature signature = signatureBuilder.buildObject();
signature.setSigningCredential(goodCredential);
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA);
assertion.setSignature(signature);
Marshaller marshaller = marshallerFactory.getMarshaller(assertion);
marshaller.marshall(assertion);
Signer.signObject(signature);
// Unmarshall new tree around DOM to avoid side effects and Apache xmlsec bug.
Assertion signedAssertion =
(Assertion) unmarshallerFactory.getUnmarshaller(assertion.getDOM()).unmarshall(assertion.getDOM());
StaticCredentialResolver credResolver = new StaticCredentialResolver(goodCredential);
KeyInfoCredentialResolver kiResolver = SecurityTestHelper.buildBasicInlineKeyInfoResolver();
ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credResolver, kiResolver);
CriteriaSet criteriaSet = new CriteriaSet( new EntityIDCriteria("urn:example.org:issuer") );
assertTrue("Assertion signature was not valid",
trustEngine.validate(signedAssertion.getSignature(), criteriaSet));
}