本文整理汇总了Java中gov.nih.nci.cagrid.opensaml.SAMLAssertion.verify方法的典型用法代码示例。如果您正苦于以下问题:Java SAMLAssertion.verify方法的具体用法?Java SAMLAssertion.verify怎么用?Java SAMLAssertion.verify使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类gov.nih.nci.cagrid.opensaml.SAMLAssertion
的用法示例。
在下文中一共展示了SAMLAssertion.verify方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: check
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void check(SAMLAssertion saml, Exception error) throws Exception {
if (error != null) {
getLog().error(error);
throw new Exception(
"An error was encountered authenticating when one was not expected.",
error);
} else {
saml.verify(getExpectedSigningCertificate());
String uid = SAMLUtils.getAttributeValue(saml,
getUserIdAttributeNamespace(), getUserIdAttributeName());
String firstName = SAMLUtils.getAttributeValue(saml,
getFirstNameAttributeNamespace(),
getFirstNameAttributeName());
String lastName = SAMLUtils
.getAttributeValue(saml, getLastNameAttributeNamespace(),
getLastNameAttributeName());
String email = SAMLUtils.getAttributeValue(saml,
getEmailAttributeNamespace(), getEmailAttributeName());
if (!getExpectedUserId().equals(uid)) {
throw new Exception(
"The SAML Assertion was not as expected, the expected user id was "
+ getExpectedUserId()
+ " however the user id received was " + uid
+ ".");
}
if (!getExpectedFirstName().equals(firstName)) {
throw new Exception(
"The SAML Assertion was not as expected, the expected first name was "
+ getExpectedFirstName()
+ " however the first name received was "
+ firstName + ".");
}
if (!getExpectedLastName().equals(lastName)) {
throw new Exception(
"The SAML Assertion was not as expected, the expected last name was "
+ getExpectedLastName()
+ " however the last name received was "
+ lastName + ".");
}
if (!getExpectedEmail().equals(email)) {
throw new Exception(
"The SAML Assertion was not as expected, the expected email was "
+ getExpectedEmail()
+ " however the email received was " + email
+ ".");
}
}
}
示例2: testBasicAuthentication
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void testBasicAuthentication() {
AuthenticationProperties properties = null;
try {
properties = new AuthenticationProperties();
AuthenticationManager manager = new AuthenticationManager(
properties.getPropertiesFile(), SUBJECT_PROVIDER_1_CONF);
// Check supported profiles
Set<QName> profiles = manager.getSupportedAuthenticationProfiles();
assertNotNull(profiles);
assertEquals(1, profiles.size());
assertTrue(profiles
.contains(AuthenticationProfile.BASIC_AUTHENTICATION));
// Test acceptable authentication
BasicAuthentication auth = new BasicAuthentication();
auth.setUserId("jdoe");
auth.setPassword("password");
SAMLAssertion saml = manager.authenticate(auth);
saml.verify(properties.getSigningCertificate());
assertEquals(auth.getUserId(), SAMLUtils.getAttributeValue(saml,
SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE));
assertEquals(Constants.DEFAULT_FIRST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_LAST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_EMAIL, SAMLUtils.getAttributeValue(
saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE));
} catch (Exception e) {
FaultUtil.printFault(e);
fail(e.getMessage());
} finally {
if (properties != null) {
properties.cleanup();
}
}
}
示例3: testDeprecatedBasicAuthentication
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void testDeprecatedBasicAuthentication() {
AuthenticationProperties properties = null;
try {
properties = new AuthenticationProperties();
AuthenticationManager manager = new AuthenticationManager(
properties.getPropertiesFile(), SUBJECT_PROVIDER_1_CONF);
// Check supported profiles
Set<QName> profiles = manager.getSupportedAuthenticationProfiles();
assertNotNull(profiles);
assertEquals(1, profiles.size());
assertTrue(profiles
.contains(AuthenticationProfile.BASIC_AUTHENTICATION));
// Test acceptable authentication
BasicAuthenticationCredential auth = new BasicAuthenticationCredential();
auth.setUserId("jdoe");
auth.setPassword("password");
gov.nih.nci.cagrid.authentication.bean.Credential credential = new gov.nih.nci.cagrid.authentication.bean.Credential();
credential.setBasicAuthenticationCredential(auth);
SAMLAssertion saml = SAMLUtils.stringToSAMLAssertion(manager
.authenticate(credential).getXml());
saml.verify(properties.getSigningCertificate());
assertEquals(auth.getUserId(), SAMLUtils.getAttributeValue(saml,
SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE));
assertEquals(Constants.DEFAULT_FIRST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_LAST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_EMAIL, SAMLUtils.getAttributeValue(
saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE));
} catch (Exception e) {
FaultUtil.printFault(e);
fail(e.getMessage());
} finally {
if (properties != null) {
properties.cleanup();
}
}
}
示例4: testBasicAuthenticationWithOneTimePassword
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void testBasicAuthenticationWithOneTimePassword() {
AuthenticationProperties properties = null;
try {
properties = new AuthenticationProperties();
AuthenticationManager manager = new AuthenticationManager(
properties.getPropertiesFile(), SUBJECT_PROVIDER_2_CONF);
// Check supported profiles
Set<QName> profiles = manager.getSupportedAuthenticationProfiles();
assertNotNull(profiles);
assertEquals(1, profiles.size());
assertTrue(profiles
.contains(AuthenticationProfile.ONE_TIME_PASSWORD));
// Test acceptable authentication
OneTimePassword auth = new OneTimePassword();
auth.setUserId("jdoe");
auth.setOneTimePassword("onetimepassword");
SAMLAssertion saml = manager.authenticate(auth);
saml.verify(properties.getSigningCertificate());
assertEquals(auth.getUserId(), SAMLUtils.getAttributeValue(saml,
SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE));
assertEquals(Constants.DEFAULT_FIRST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_LAST_NAME, SAMLUtils
.getAttributeValue(saml,
SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE));
assertEquals(Constants.DEFAULT_EMAIL, SAMLUtils.getAttributeValue(
saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE));
} catch (Exception e) {
FaultUtil.printFault(e);
fail(e.getMessage());
} finally {
if (properties != null) {
properties.cleanup();
}
}
}
示例5: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void verifySAMLAssertion(SAMLAssertion saml,
AssertionCredentialsManager cm) throws Exception {
assertNotNull(saml);
saml.verify(cm.getIdPCertificate());
try {
// Test against a bad certificate
InputStream resource = TestCase.class
.getResourceAsStream(Constants.BMI_CACERT);
saml.verify(CertUtil.loadCertificate(resource));
assertTrue(false);
} catch (InvalidCryptoException ex) {
}
assertEquals(cm.getIdPCertificate().getSubjectDN().toString(), saml
.getIssuer());
Iterator itr = saml.getStatements();
int count = 0;
boolean authFound = false;
while (itr.hasNext()) {
count = count + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(TEST_UID, auth.getSubject().getNameIdentifier()
.getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth
.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml,
SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml,
SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml,
SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml,
SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(TEST_UID, uid);
assertEquals(TEST_FIRST_NAME, firstName);
assertEquals(TEST_LAST_NAME, lastName);
assertEquals(TEST_EMAIL, email);
}
}
assertEquals(2, count);
assertTrue(authFound);
}
示例6: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void verifySAMLAssertion(SAMLAssertion saml, IdentityProvider idp, Application app) throws Exception {
assertNotNull(saml);
saml.verify(idp.getIdPCertificate());
assertEquals(idp.getIdPCertificate().getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int statementCount = 0;
boolean authFound = false;
while (itr.hasNext()) {
statementCount = statementCount + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(app.getUserId(), auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml, SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml, SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(app.getUserId(), uid);
assertEquals(app.getFirstName(), firstName);
assertEquals(app.getLastName(), lastName);
assertEquals(app.getEmail(), email);
}
}
assertEquals(2, statementCount);
assertTrue(authFound);
}
示例7: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
/** ********************************************************* */
public void verifySAMLAssertion(SAMLAssertion saml, X509Certificate idpCert, Application app) throws Exception {
assertNotNull(saml);
Calendar cal = new GregorianCalendar();
Date now = cal.getTime();
if ((now.before(saml.getNotBefore())) || (now.after(saml.getNotOnOrAfter()))) {
InvalidAssertionFault fault = new InvalidAssertionFault();
fault.setFaultString("The Assertion is not valid at " + now + ", the assertion is valid from "
+ saml.getNotBefore() + " to " + saml.getNotOnOrAfter());
throw fault;
}
saml.verify(idpCert);
assertEquals(idpCert.getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int statementCount = 0;
boolean authFound = false;
while (itr.hasNext()) {
statementCount = statementCount + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(app.getUserId(), auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE,
SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE,
SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml, SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml, SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE,
SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(app.getUserId(), uid);
assertEquals(app.getFirstName(), firstName);
assertEquals(app.getLastName(), lastName);
assertEquals(app.getEmail(), email);
}
}
assertEquals(2, statementCount);
assertTrue(authFound);
}
示例8: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void verifySAMLAssertion(SAMLAssertion saml, AssertionCredentialsManager cm) throws Exception {
assertNotNull(saml);
saml.verify(cm.getIdPCertificate());
try {
// Test against a bad certificate
InputStream resource = TestCase.class.getResourceAsStream(Constants.BMI_CACERT);
saml.verify(CertUtil.loadCertificate(resource));
assertTrue(false);
} catch (InvalidCryptoException ex) {
}
assertEquals(cm.getIdPCertificate().getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int count = 0;
boolean authFound = false;
while (itr.hasNext()) {
count = count + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(TEST_UID, auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE, SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE, SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml, SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml, SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(TEST_UID, uid);
assertEquals(TEST_FIRST_NAME, firstName);
assertEquals(TEST_LAST_NAME, lastName);
assertEquals(TEST_EMAIL, email);
}
}
assertEquals(2, count);
assertTrue(authFound);
}
示例9: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
public void verifySAMLAssertion(SAMLAssertion saml, IdentityProvider idp, Application app) throws Exception {
assertNotNull(saml);
saml.verify(idp.getIdPCertificate());
assertEquals(idp.getIdPCertificate().getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int statementCount = 0;
boolean authFound = false;
while (itr.hasNext()) {
statementCount = statementCount + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(app.getUserId(), auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE, SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE, SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml, SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml, SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(app.getUserId(), uid);
assertEquals(app.getFirstName(), firstName);
assertEquals(app.getLastName(), lastName);
assertEquals(app.getEmail(), email);
}
}
assertEquals(2, statementCount);
assertTrue(authFound);
}
示例10: verifySAMLAssertion
import gov.nih.nci.cagrid.opensaml.SAMLAssertion; //导入方法依赖的package包/类
/** ********************************************************* */
public void verifySAMLAssertion(SAMLAssertion saml, X509Certificate idpCert, Application app) throws Exception {
assertNotNull(saml);
Calendar cal = new GregorianCalendar();
Date now = cal.getTime();
if ((now.before(saml.getNotBefore())) || (now.after(saml.getNotOnOrAfter()))) {
InvalidAssertionException fault = FaultHelper.createFaultException(InvalidAssertionException.class,
"The Assertion is not valid at " + now + ", the assertion is valid from " + saml.getNotBefore() + " to " + saml.getNotOnOrAfter());
throw fault;
}
saml.verify(idpCert);
assertEquals(idpCert.getSubjectDN().toString(), saml.getIssuer());
Iterator itr = saml.getStatements();
int statementCount = 0;
boolean authFound = false;
while (itr.hasNext()) {
statementCount = statementCount + 1;
SAMLStatement stmt = (SAMLStatement) itr.next();
if (stmt instanceof SAMLAuthenticationStatement) {
if (authFound) {
assertTrue(false);
} else {
authFound = true;
}
SAMLAuthenticationStatement auth = (SAMLAuthenticationStatement) stmt;
assertEquals(app.getUserId(), auth.getSubject().getNameIdentifier().getName());
assertEquals("urn:oasis:names:tc:SAML:1.0:am:password", auth.getAuthMethod());
}
if (stmt instanceof SAMLAttributeStatement) {
String uid = Utils.getAttribute(saml, SAMLConstants.UID_ATTRIBUTE_NAMESPACE, SAMLConstants.UID_ATTRIBUTE);
assertNotNull(uid);
String email = Utils.getAttribute(saml, SAMLConstants.EMAIL_ATTRIBUTE_NAMESPACE, SAMLConstants.EMAIL_ATTRIBUTE);
assertNotNull(email);
String firstName = Utils.getAttribute(saml, SAMLConstants.FIRST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.FIRST_NAME_ATTRIBUTE);
assertNotNull(firstName);
String lastName = Utils.getAttribute(saml, SAMLConstants.LAST_NAME_ATTRIBUTE_NAMESPACE, SAMLConstants.LAST_NAME_ATTRIBUTE);
assertNotNull(lastName);
assertEquals(app.getUserId(), uid);
assertEquals(app.getFirstName(), firstName);
assertEquals(app.getLastName(), lastName);
assertEquals(app.getEmail(), email);
}
}
assertEquals(2, statementCount);
assertTrue(authFound);
}