Package com.sun.xml.wss.saml

Class SAMLAssertionFactory

java.lang.Object
com.sun.xml.wss.saml.SAMLAssertionFactory
Direct Known Subclasses:
SAMLAssertion2_1FactoryImpl, SAMLAssertion2_2FactoryImpl
public abstract class SAMLAssertionFactory extends Object
Author:
abhijit.das@Sun.com

  • Field Details

  • Constructor Details

    • SAMLAssertionFactory

      protected SAMLAssertionFactory()

  • Method Details

    • newInstance

      public static SAMLAssertionFactory newInstance(String samlVersion) throws XWSSecurityException
      Create an instance of SAMLAssertionFactory.
      Parameters:
      samlVersion - A String representing the saml version. Possible values {SAMLAssertionFactory.SAML1_1} & {SAMLAssertionFactory.SAML2_0}
      Throws:
      XWSSecurityException

    • createAction

      public abstract Action createAction(String action, String namespace)
      Creates an Action element.
      Parameters:
      namespace - The attribute "namespace" of Action element
      action - A String representing an action

    • createAdvice

      public abstract Advice createAdvice(List assertionidreference, List assertion, List otherelement)
      Creates an Advice element.
      Parameters:
      assertionidreference - A List of AssertionIDReference.
      assertion - A List of Assertion
      otherelement - A List of any element defined as

    • createAnyType

      public abstract AnyType createAnyType()
      Creates an AnyType element if the System property "com.sun.xml.wss.saml.binding.jaxb" is set. Otherwise returns null.

    • createAssertion

      public abstract Assertion createAssertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements) throws SAMLException
      Creates and return an Assertion from the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.
      Parameters:
      assertionID - AssertionID object contained within this Assertion if null its generated internally.
      issuer - The issuer of this assertion.
      issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
      conditions - Conditions under which the this Assertion is valid.
      advice - Advice applicable for this Assertion.
      statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
      Throws:
      SAMLException - if there is an error in processing input.

    • createAssertion

      public abstract Assertion createAssertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements, jakarta.xml.bind.JAXBContext jcc) throws SAMLException
      Throws:
      SAMLException

    • createAssertion

      public abstract Assertion createAssertion(String ID, NameID issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, Subject subject, List statements) throws SAMLException
      Creates and return an Assertion from the data members: the ID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion, Subjectand a set of Statement(s) in the assertion.
      Parameters:
      ID - ID object contained within this Assertion if null its generated internally.
      issuer - The issuer of this assertion.
      issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
      conditions - Conditions under which the this Assertion is valid.
      advice - Advice applicable for this Assertion.
      subject - Subject applicable for this Assertion
      statements - List of Statement objects within this Assertion. It could be of type AuthnStatement, AuthzDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
      Throws:
      SAMLException - if there is an error in processing input.

    • createAssertion

      public abstract Assertion createAssertion(String ID, NameID issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, Subject subject, List statements, jakarta.xml.bind.JAXBContext jcc) throws SAMLException
      Creates and return an Assertion from the data members: the ID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion, Subject, a set of Statement(s) ,and a jaxbcontext for the assertion.
      Parameters:
      ID - ID object contained within this Assertion if null its generated internally.
      issuer - The issuer of this assertion.
      issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
      conditions - Conditions under which the this Assertion is valid.
      advice - Advice applicable for this Assertion.
      subject - Subject applicable for this Assertion
      statements - List of Statement objects within this Assertion. It could be of type AuthnStatement, AuthzDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
      jcc - JAXBContext to be used for marshaling and unmarshalling the assertions.
      Throws:
      SAMLException - if there is an error in processing input.

    • createAssertion

      public abstract Assertion createAssertion(Element element) throws SAMLException
      Creates and returns an Assertion object from the given SAML org.w3c.dom.Element.
      Parameters:
      element - A org.w3c.dom.Element representing DOM tree for Assertion object
      Throws:
      SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

    • createAssertion

      public abstract Assertion createAssertion(XMLStreamReader reader) throws SAMLException
      Creates and returns an Assertion object from the given SAML XMLStreamReader.
      Parameters:
      reader - An XMLStreamReader representing the tree for an Assertion object
      Throws:
      SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

    • createAssertionIDReference

      public abstract AssertionIDReference createAssertionIDReference()
      Creates and returns an AssertionIDReference object. AssertionID will be generated automatically.
      Returns:
      null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.

    • createAssertionIDRef

      public abstract AssertionIDRef createAssertionIDRef()
      Creates and returns an AssertionIDRef object. AssertionID will be generated automatically.
      Returns:
      null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.

    • createAssertionIDReference

      public abstract AssertionIDReference createAssertionIDReference(String id)
      Creates and returns an AssertionIDReference object.
      Parameters:
      id - String of an AssertionID
      Returns:
      null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.

    • createAssertionIDRef

      public abstract AssertionIDRef createAssertionIDRef(String id)
      Creates and returns an AssertionIDRef object.
      Parameters:
      id - String of an AssertionID
      Returns:
      null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.

    • createAttribute

      public abstract Attribute createAttribute(String name, String nameSpace, List values)
      Constructs an instance of Attribute.
      Parameters:
      name - A String representing AttributeName (the name of the attribute).
      nameSpace - A String representing the namespace in which AttributeName elements are interpreted.
      values - A List representing the AttributeValue object.

    • createAttribute

      public abstract Attribute createAttribute(String name, List values)
      Constructs an instance of Attribute.
      Parameters:
      name - A String representing AttributeName (the name of the attribute).
      values - A List representing the AttributeValue object.

    • createAttributeDesignator

      public abstract AttributeDesignator createAttributeDesignator(String name, String nameSpace)
      Constructs an instance of AttributeDesignator.
      Parameters:
      name - the name of the attribute.
      nameSpace - the namespace in which AttributeName elements are interpreted.

    • createAttributeStatement

      public abstract AttributeStatement createAttributeStatement(Subject subj, List attr)
      Constructs an instance of AttributeStatement.
      Parameters:
      subj - SAML Subject
      attr - List of attributes

    • createAttributeStatement

      public abstract AttributeStatement createAttributeStatement(List attr)
      Constructs an instance of AttributeStatement.
      Parameters:
      attr - List of attributes

    • createAudienceRestrictionCondition

      public abstract AudienceRestrictionCondition createAudienceRestrictionCondition(List audience)
      Constructs an instance of AudienceRestrictionCondition. It takes in a List of audience for this condition, each of them being a String.
      Parameters:
      audience - A List of audience to be included within this condition

    • createAudienceRestriction

      public abstract AudienceRestriction createAudienceRestriction(List audience)
      Constructs an instance of AudienceRestriction. It takes in a List of audience for this condition, each of them being a String.
      Parameters:
      audience - A List of audience to be included within this condition

    • createAuthenticationStatement

      public abstract AuthenticationStatement createAuthenticationStatement(String authMethod, GregorianCalendar authInstant, Subject subject, SubjectLocality subjectLocality, List authorityBinding)
      Constructs an instance of AuthenticationStatement.
      Parameters:
      authMethod - (optional) A String specifies the type of authentication that took place. Pass null if not required.
      authInstant - (optional) A GregorianCalendar object specifing the time at which the authentication that took place. Pass null if not required.
      subject - (required) A Subject object
      subjectLocality - (optional) A SubjectLocality object. Pass null if not required.
      authorityBinding - (optional) A List of AuthorityBinding. Pass null if not required. objects.

    • createAuthnStatement

      public abstract AuthnStatement createAuthnStatement(GregorianCalendar authInstant, SubjectLocality subjectLocality, AuthnContext authnContext, String sessionIndex, GregorianCalendar sessionNotOnOrAfter)
      Constructs an instance of AuthenticationStatement.
      Parameters:
      authInstant - (optional) A GregorianCalendar object specifing the time at which the authentication that took place. Pass null if not required.
      subjectLocality - (optional) A SubjectLocality object. Pass null if not required.
      authnContext - (optional) A AuthnContext object. Pass null if not required. objects.

    • createAuthorityBinding

      public abstract AuthorityBinding createAuthorityBinding(QName authKind, String location, String binding)
      Constructs an instance of AuthorityBinding.
      Parameters:
      authKind - A QName representing the type of SAML protocol queries to which the authority described by this element will respond.
      location - A String representing a URI reference describing how to locate and communicate with the authority.
      binding - A String representing a URI reference identifying the SAML protocol binding to use in communicating with the authority.

    • createAuthnContext

      public abstract AuthnContext createAuthnContext()

    • createAuthnContext

      public abstract AuthnContext createAuthnContext(String authContextClassref, String authenticatingAuthority)

    • createAuthorizationDecisionStatement

      public abstract AuthorizationDecisionStatement createAuthorizationDecisionStatement(Subject subject, String resource, String decision, List action, Evidence evidence)
      Constructs an instance of AuthorizationDecisionStatement.
      Parameters:
      subject - (required) A Subject object
      resource - (required) A String identifying the resource to which access authorization is sought.
      decision - (required) The decision rendered by the issuer with respect to the specified resource.
      action - (required) A List of Action objects specifying the set of actions authorized to be performed on the specified resource.
      evidence - (optional) An Evidence object representing a set of assertions that the issuer replied on in making decisions.

    • createAuthnDecisionStatement

      public abstract AuthnDecisionStatement createAuthnDecisionStatement(String resource, String decision, List action, Evidence evidence)
      Constructs an instance of AuthnDecisionStatement.
      Parameters:
      resource - (required) A String identifying the resource to which access authorization is sought.
      decision - (required) The decision rendered by the issuer with respect to the specified resource.
      action - (required) A List of Action objects specifying the set of actions authorized to be performed on the specified resource.
      evidence - (optional) An Evidence object representing a set of assertions that the issuer replied on in making decisions.

    • createConditions

      public abstract Conditions createConditions()
      Constructs an instance of default Conditions object.

    • createConditions

      public abstract Conditions createConditions(GregorianCalendar notBefore, GregorianCalendar notOnOrAfter, List condition, List arc, List doNotCacheCnd)
      Constructs an instance of Conditions.
      Parameters:
      notBefore - specifies the earliest time instant at which the assertion is valid.
      notOnOrAfter - specifies the time instant at which the assertion has expired.
      arc - the AudienceRestrictionCondition to be added. Can be null, if no audience restriction.

    • createConditions

      public abstract Conditions createConditions(GregorianCalendar notBefore, GregorianCalendar notOnOrAfter, List condition, List ar, List oneTimeUse, List proxyRestriction)
      Constructs an instance of Conditions.
      Parameters:
      notBefore - specifies the earliest time instant at which the assertion is valid.
      notOnOrAfter - specifies the time instant at which the assertion has expired.
      ar - the AudienceRestriction to be added. Can be null, if no audience restriction.

    • createDoNotCacheCondition

      public abstract DoNotCacheCondition createDoNotCacheCondition()
      Constructs an instance of DoNotCacheCondition

    • createOneTimeUse

      public abstract OneTimeUse createOneTimeUse()

    • createEvidence

      public abstract Evidence createEvidence(List assertionIDRef, List assertion)
      Constructs an Evidence from a List of Assertion and AssertionIDReference objects.
      Parameters:
      assertionIDRef - List of AssertionIDReference objects.
      assertion - List of Assertion objects.

    • createNameIdentifier

      public abstract NameIdentifier createNameIdentifier(String name, String nameQualifier, String format)
      Constructs a NameQualifier instance.
      Parameters:
      name - The string representing the name of the Subject
      nameQualifier - The security or administrative domain that qualifies the name of the Subject. This is optional could be null.
      format - The syntax used to describe the name of the Subject. This optional, could be null.

    • createNameID

      public abstract NameID createNameID(String name, String nameQualifier, String format)
      Constructs a NameID instance.
      Parameters:
      name - The string representing the name of the Subject
      nameQualifier - The security or administrative domain that qualifies the name of the Subject. This is optional could be null.
      format - The syntax used to describe the name of the Subject. This optional, could be null.

    • createSubject

      public abstract Subject createSubject(NameIdentifier nameIdentifier, SubjectConfirmation subjectConfirmation)
      Constructs a Subject object from a NameIdentifier object and a SubjectConfirmation object.
      Parameters:
      nameIdentifier - NameIdentifier object.
      subjectConfirmation - SubjectConfirmation object.

    • createSubject

      public abstract Subject createSubject(NameID nameID, SubjectConfirmation subjectConfirmation)
      Constructs a Subject object from a NameID object and a SubjectConfirmation object.
      Parameters:
      nameID - NameID object.
      subjectConfirmation - SubjectConfirmation object.

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(String confirmationMethod)
      Creates and returns a SubjectConfirmation object.
      Parameters:
      confirmationMethod - A URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(NameID nameID, String method)
      Creates and returns a SubjectConfirmation object.
      Parameters:
      nameID - NameID object.
      method - A URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(List confirmationMethods, SubjectConfirmationData scd, KeyInfo keyInfo) throws SAMLException
      Throws:
      SAMLException

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(List confirmationMethods, Element subjectConfirmationData, Element keyInfo) throws SAMLException
      Constructs a SubjectConfirmation instance.
      Parameters:
      confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
      subjectConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no subjectConfirmationData for the SubjectConfirmation object.
      keyInfo - An XML signature element that specifies a cryptographic key held by the Subject.
      Throws:
      SAMLException

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(NameID nameID, SubjectConfirmationData subjectConfirmationData, String confirmationMethods) throws SAMLException
      Constructs a SubjectConfirmation instance.
      Parameters:
      nameID - NameID object.
      subjectConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no subjectConfirmationData for the SubjectConfirmation object.
      confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
      Throws:
      SAMLException

    • createSubjectConfirmation

      public abstract SubjectConfirmation createSubjectConfirmation(NameID nameID, KeyInfoConfirmationData keyInfoConfirmationData, String confirmationMethods) throws SAMLException
      Constructs a SubjectConfirmation instance.
      Parameters:
      nameID - NameID object.
      keyInfoConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no KeyInfoConfirmationData for the SubjectConfirmation object.
      confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
      Throws:
      SAMLException

    • createSubjectConfirmationData

      public abstract SubjectConfirmationData createSubjectConfirmationData(String address, String inResponseTo, GregorianCalendar notBefore, GregorianCalendar notOnOrAfter, String recipient, Element keyInfo) throws SAMLException
      Throws:
      SAMLException

    • createSubjectConfirmationData

      public abstract SubjectConfirmationData createSubjectConfirmationData(String address, String inResponseTo, GregorianCalendar notBefore, GregorianCalendar notOnOrAfter, String recipient, KeyInfo keyInfo)

    • createKeyInfoConfirmationData

      public abstract KeyInfoConfirmationData createKeyInfoConfirmationData(Element keyInfo) throws SAMLException
      Throws:
      SAMLException

    • createSubjectLocality

      public abstract SubjectLocality createSubjectLocality()
      Constructs a SubjectLocality instance.

    • createSubjectLocality

      public abstract SubjectLocality createSubjectLocality(String ipAddress, String dnsAddress)
      Constructs an instance of SubjectLocality.
      Parameters:
      ipAddress - String representing the IP Address of the entity that was authenticated.
      dnsAddress - String representing the DNS Address of the entity that was authenticated. As per SAML specification they are both optional, so values can be null.