本文整理汇总了Java中org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver类的典型用法代码示例。如果您正苦于以下问题:Java KeyInfoCredentialResolver类的具体用法?Java KeyInfoCredentialResolver怎么用?Java KeyInfoCredentialResolver使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
KeyInfoCredentialResolver类属于org.opensaml.xmlsec.keyinfo包,在下文中一共展示了KeyInfoCredentialResolver类的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildAssertionDecrypter
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
private static Decrypter buildAssertionDecrypter(final WsFederationConfiguration config) {
final List<EncryptedKeyResolver> list = new ArrayList<>();
list.add(new InlineEncryptedKeyResolver());
list.add(new EncryptedElementTypeEncryptedKeyResolver());
list.add(new SimpleRetrievalMethodEncryptedKeyResolver());
LOGGER.debug("Built a list of encrypted key resolvers: [{}]", list);
final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(list);
LOGGER.debug("Building credential instance to decrypt data");
final Credential encryptionCredential = getEncryptionCredential(config);
final KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(encryptionCredential);
final Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
decrypter.setRootInNewDocument(true);
return decrypter;
}
示例2: build
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
@Override
public SignatureTrustEngine build() {
final MetadataCredentialResolver metadataCredentialResolver = new MetadataCredentialResolver();
final BasicRoleDescriptorResolver roleResolver = new BasicRoleDescriptorResolver(metadataResolver);
final KeyInfoCredentialResolver keyResolver =
DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver();
metadataCredentialResolver.setKeyInfoCredentialResolver(keyResolver);
metadataCredentialResolver.setRoleDescriptorResolver(roleResolver);
try {
metadataCredentialResolver.initialize();
roleResolver.initialize();
} catch (final ComponentInitializationException e) {
throw new SAMLException(e);
}
return new ExplicitKeySignatureTrustEngine(metadataCredentialResolver, keyResolver);
}
示例3: buildSignatureTrustEngine
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
/**
* Build signature trust engine.
*
* @param wsFederationConfiguration the ws federation configuration
* @return the signature trust engine
*/
private SignatureTrustEngine buildSignatureTrustEngine(final WsFederationConfiguration wsFederationConfiguration) {
try {
final CredentialResolver resolver = new
StaticCredentialResolver(wsFederationConfiguration.getSigningCertificates());
final KeyInfoCredentialResolver keyResolver =
new StaticKeyInfoCredentialResolver(wsFederationConfiguration.getSigningCertificates());
return new ExplicitKeySignatureTrustEngine(resolver, keyResolver);
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
示例4: buildAssertionDecrypter
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
private Decrypter buildAssertionDecrypter(final WsFederationConfiguration config) {
final List<EncryptedKeyResolver> list = new ArrayList<EncryptedKeyResolver>();
list.add(new InlineEncryptedKeyResolver());
list.add(new EncryptedElementTypeEncryptedKeyResolver());
list.add(new SimpleRetrievalMethodEncryptedKeyResolver());
final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(list);
final Credential encryptionCredential = getEncryptionCredential(config);
final KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(encryptionCredential);
final Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
decrypter.setRootInNewDocument(true);
return decrypter;
}
示例5: buildSignatureTrustEngine
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
/**
* Build signature trust engine.
*
* @param wsFederationConfiguration the ws federation configuration
* @return the signature trust engine
*/
private static SignatureTrustEngine buildSignatureTrustEngine(final WsFederationConfiguration wsFederationConfiguration) {
try {
final CredentialResolver resolver = new
StaticCredentialResolver(wsFederationConfiguration.getSigningCertificates());
final KeyInfoCredentialResolver keyResolver =
new StaticKeyInfoCredentialResolver(wsFederationConfiguration.getSigningCertificates());
return new ExplicitKeySignatureTrustEngine(resolver, keyResolver);
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例6: build
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
@Override
public final Decrypter build() {
final Credential encryptionCredential = this.credentialProvider.getCredential();
final KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(encryptionCredential);
final Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
decrypter.setRootInNewDocument(true);
return decrypter;
}
示例7: validateSignatureOnAuthenticationRequest
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
private void validateSignatureOnAuthenticationRequest(final RequestAbstractType profileRequest, final HttpServletRequest request,
final MessageContext context,
final RoleDescriptorResolver roleDescriptorResolver) throws Exception {
final SAML2HTTPRedirectDeflateSignatureSecurityHandler handler = new SAML2HTTPRedirectDeflateSignatureSecurityHandler();
final SAMLPeerEntityContext peer = context.getSubcontext(SAMLPeerEntityContext.class, true);
peer.setEntityId(SamlIdPUtils.getIssuerFromSamlRequest(profileRequest));
LOGGER.debug("Validating request signature for [{}] via [{}]...", peer.getEntityId(), handler.getClass().getSimpleName());
LOGGER.debug("Resolving role descriptor for [{}]", peer.getEntityId());
final RoleDescriptor roleDescriptor = roleDescriptorResolver.resolveSingle(
new CriteriaSet(new EntityIdCriterion(peer.getEntityId()),
new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME)));
peer.setRole(roleDescriptor.getElementQName());
final SAMLProtocolContext protocol = context.getSubcontext(SAMLProtocolContext.class, true);
protocol.setProtocol(SAMLConstants.SAML20P_NS);
LOGGER.debug("Building security parameters context for signature validation of [{}]", peer.getEntityId());
final SecurityParametersContext secCtx = context.getSubcontext(SecurityParametersContext.class, true);
final SignatureValidationParameters validationParams = new SignatureValidationParameters();
if (overrideBlackListedSignatureAlgorithms != null && !overrideBlackListedSignatureAlgorithms.isEmpty()) {
validationParams.setBlacklistedAlgorithms(this.overrideBlackListedSignatureAlgorithms);
LOGGER.debug("Validation override blacklisted algorithms are [{}]", this.overrideWhiteListedAlgorithms);
}
if (overrideWhiteListedAlgorithms != null && !overrideWhiteListedAlgorithms.isEmpty()) {
validationParams.setWhitelistedAlgorithms(this.overrideWhiteListedAlgorithms);
LOGGER.debug("Validation override whitelisted algorithms are [{}]", this.overrideWhiteListedAlgorithms);
}
LOGGER.debug("Resolving signing credentials for [{}]", peer.getEntityId());
final Credential credential = getSigningCredential(roleDescriptorResolver, profileRequest);
if (credential == null) {
throw new SamlException("Signing credential for validation could not be resolved");
}
final CredentialResolver resolver = new StaticCredentialResolver(credential);
final KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(credential);
final SignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(resolver, keyResolver);
validationParams.setSignatureTrustEngine(trustEngine);
secCtx.setSignatureValidationParameters(validationParams);
handler.setHttpServletRequest(request);
LOGGER.debug("Initializing [{}] to execute signature validation for [{}]", handler.getClass().getSimpleName(), peer.getEntityId());
handler.initialize();
LOGGER.debug("Invoking [{}] to handle signature validation for [{}]", handler.getClass().getSimpleName(), peer.getEntityId());
handler.invoke(context);
LOGGER.debug("Successfully validated request signature for [{}].", profileRequest.getIssuer());
}
示例8: getKeyInfoCredentialResolver
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
@Override
public KeyInfoCredentialResolver getKeyInfoCredentialResolver() {
return DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver();
}
示例9: getKeyInfoCredentialResolver
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; //导入依赖的package包/类
KeyInfoCredentialResolver getKeyInfoCredentialResolver();