Module org.glassfish.metro.wsit.impl
Package com.sun.xml.wss.saml

Class SAMLAssertionFactory

    • Constructor Detail

      • SAMLAssertionFactory

        protected SAMLAssertionFactory()

    • Method Detail

      • newInstance

        public static SAMLAssertionFactory newInstance​(String samlVersion)
                                        throws XWSSecurityException
        Create an instance of SAMLAssertionFactory.
        Parameters:
        samlVersion - A String representing the saml version. Possible values {SAMLAssertionFactory.SAML1_1} & {SAMLAssertionFactory.SAML2_0}
        Throws:
        XWSSecurityException

      • createAction

        public abstract Action createAction​(String action,
                                    String namespace)
                             throws SAMLException
        Creates an Action element.
        Parameters:
        namespace - The attribute "namespace" of Action element
        action - A String representing an action
        Throws:
        SAMLException

      • createAdvice

        public abstract Advice createAdvice​(List assertionidreference,
                                    List assertion,
                                    List otherelement)
                             throws SAMLException
        Creates an Advice element.
        Parameters:
        assertionidreference - A List of AssertionIDReference.
        assertion - A List of Assertion
        otherelement - A List of any element defined as
        Throws:
        SAMLException

      • createAnyType

        public abstract AnyType createAnyType()
                               throws SAMLException
        Creates an AnyType element if the System property "com.sun.xml.wss.saml.binding.jaxb" is set. Otherwise returns null.
        Throws:
        SAMLException

      • createAssertion

        public abstract Assertion createAssertion​(String assertionID,
                                          String issuer,
                                          GregorianCalendar issueInstant,
                                          Conditions conditions,
                                          Advice advice,
                                          List statements)
                                   throws SAMLException
        Creates and return an Assertion from the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.
        Parameters:
        assertionID - AssertionID object contained within this Assertion if null its generated internally.
        issuer - The issuer of this assertion.
        issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
        conditions - Conditions under which the this Assertion is valid.
        advice - Advice applicable for this Assertion.
        statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
        Throws:
        SAMLException - if there is an error in processing input.

      • createAssertion

        public abstract Assertion createAssertion​(String ID,
                                          NameID issuer,
                                          GregorianCalendar issueInstant,
                                          Conditions conditions,
                                          Advice advice,
                                          Subject subject,
                                          List statements)
                                   throws SAMLException
        Creates and return an Assertion from the data members: the ID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion, Subjectand a set of Statement(s) in the assertion.
        Parameters:
        ID - ID object contained within this Assertion if null its generated internally.
        issuer - The issuer of this assertion.
        issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
        conditions - Conditions under which the this Assertion is valid.
        advice - Advice applicable for this Assertion.
        subject - Subject applicable for this Assertion
        statements - List of Statement objects within this Assertion. It could be of type AuthnStatement, AuthzDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
        Throws:
        SAMLException - if there is an error in processing input.

      • createAssertion

        public abstract Assertion createAssertion​(String ID,
                                          NameID issuer,
                                          GregorianCalendar issueInstant,
                                          Conditions conditions,
                                          Advice advice,
                                          Subject subject,
                                          List statements,
                                          jakarta.xml.bind.JAXBContext jcc)
                                   throws SAMLException
        Creates and return an Assertion from the data members: the ID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion, Subject, a set of Statement(s) ,and a jaxbcontext for the assertion.
        Parameters:
        ID - ID object contained within this Assertion if null its generated internally.
        issuer - The issuer of this assertion.
        issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
        conditions - Conditions under which the this Assertion is valid.
        advice - Advice applicable for this Assertion.
        subject - Subject applicable for this Assertion
        statements - List of Statement objects within this Assertion. It could be of type AuthnStatement, AuthzDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
        jcc - JAXBContext to be used for marshaling and unmarshalling the assertions.
        Throws:
        SAMLException - if there is an error in processing input.

      • createAssertion

        public abstract Assertion createAssertion​(Element element)
                                   throws SAMLException
        Creates and returns an Assertion object from the given SAML org.w3c.dom.Element.
        Parameters:
        element - A org.w3c.dom.Element representing DOM tree for Assertion object
        Throws:
        SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

      • createAssertion

        public abstract Assertion createAssertion​(XMLStreamReader reader)
                                   throws SAMLException
        Creates and returns an Assertion object from the given SAML XMLStreamReader.
        Parameters:
        reader - An XMLStreamReader representing the tree for an Assertion object
        Throws:
        SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

      • createAssertionIDReference

        public abstract AssertionIDReference createAssertionIDReference()
                                                         throws SAMLException
        Creates and returns an AssertionIDReference object. AssertionID will be generated automatically.
        Returns:
        null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.
        Throws:
        SAMLException

      • createAssertionIDRef

        public abstract AssertionIDRef createAssertionIDRef()
                                             throws SAMLException
        Creates and returns an AssertionIDRef object. AssertionID will be generated automatically.
        Returns:
        null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.
        Throws:
        SAMLException

      • createAssertionIDReference

        public abstract AssertionIDReference createAssertionIDReference​(String id)
                                                         throws SAMLException
        Creates and returns an AssertionIDReference object.
        Parameters:
        id - String of an AssertionID
        Returns:
        null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.
        Throws:
        SAMLException

      • createAssertionIDRef

        public abstract AssertionIDRef createAssertionIDRef​(String id)
                                             throws SAMLException
        Creates and returns an AssertionIDRef object.
        Parameters:
        id - String of an AssertionID
        Returns:
        null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set otherwise returns AssertionIDReference.
        Throws:
        SAMLException

      • createAttribute

        public abstract Attribute createAttribute​(String name,
                                          String nameSpace,
                                          List values)
                                   throws SAMLException
        Constructs an instance of Attribute.
        Parameters:
        name - A String representing AttributeName (the name of the attribute).
        nameSpace - A String representing the namespace in which AttributeName elements are interpreted.
        values - A List representing the AttributeValue object.
        Throws:
        SAMLException

      • createAttribute

        public abstract Attribute createAttribute​(String name,
                                          List values)
                                   throws SAMLException
        Constructs an instance of Attribute.
        Parameters:
        name - A String representing AttributeName (the name of the attribute).
        values - A List representing the AttributeValue object.
        Throws:
        SAMLException

      • createAttributeDesignator

        public abstract AttributeDesignator createAttributeDesignator​(String name,
                                                              String nameSpace)
                                                       throws SAMLException
        Constructs an instance of AttributeDesignator.
        Parameters:
        name - the name of the attribute.
        nameSpace - the namespace in which AttributeName elements are interpreted.
        Throws:
        SAMLException

      • createAudienceRestrictionCondition

        public abstract AudienceRestrictionCondition createAudienceRestrictionCondition​(List audience)
                                                                         throws SAMLException
        Constructs an instance of AudienceRestrictionCondition. It takes in a List of audience for this condition, each of them being a String.
        Parameters:
        audience - A List of audience to be included within this condition
        Throws:
        SAMLException

      • createAudienceRestriction

        public abstract AudienceRestriction createAudienceRestriction​(List audience)
                                                       throws SAMLException
        Constructs an instance of AudienceRestriction. It takes in a List of audience for this condition, each of them being a String.
        Parameters:
        audience - A List of audience to be included within this condition
        Throws:
        SAMLException

      • createAuthenticationStatement

        public abstract AuthenticationStatement createAuthenticationStatement​(String authMethod,
                                                                      GregorianCalendar authInstant,
                                                                      Subject subject,
                                                                      SubjectLocality subjectLocality,
                                                                      List authorityBinding)
                                                               throws SAMLException
        Constructs an instance of AuthenticationStatement.
        Parameters:
        authMethod - (optional) A String specifies the type of authentication that took place. Pass null if not required.
        authInstant - (optional) A GregorianCalendar object specifing the time at which the authentication that took place. Pass null if not required.
        subject - (required) A Subject object
        subjectLocality - (optional) A SubjectLocality object. Pass null if not required.
        authorityBinding - (optional) A List of AuthorityBinding. Pass null if not required. objects.
        Throws:
        SAMLException

      • createAuthnStatement

        public abstract AuthnStatement createAuthnStatement​(GregorianCalendar authInstant,
                                                    SubjectLocality subjectLocality,
                                                    AuthnContext authnContext,
                                                    String sessionIndex,
                                                    GregorianCalendar sessionNotOnOrAfter)
                                             throws SAMLException
        Constructs an instance of AuthenticationStatement.
        Parameters:
        authInstant - (optional) A GregorianCalendar object specifing the time at which the authentication that took place. Pass null if not required.
        subjectLocality - (optional) A SubjectLocality object. Pass null if not required.
        authnContext - (optional) A AuthnContext object. Pass null if not required. objects.
        Throws:
        SAMLException

      • createAuthorityBinding

        public abstract AuthorityBinding createAuthorityBinding​(QName authKind,
                                                        String location,
                                                        String binding)
                                                 throws SAMLException
        Constructs an instance of AuthorityBinding.
        Parameters:
        authKind - A QName representing the type of SAML protocol queries to which the authority described by this element will respond.
        location - A String representing a URI reference describing how to locate and communicate with the authority.
        binding - A String representing a URI reference identifying the SAML protocol binding to use in communicating with the authority.
        Throws:
        SAMLException

      • createAuthorizationDecisionStatement

        public abstract AuthorizationDecisionStatement createAuthorizationDecisionStatement​(Subject subject,
                                                                                    String resource,
                                                                                    String decision,
                                                                                    List action,
                                                                                    Evidence evidence)
                                                                             throws SAMLException
        Constructs an instance of AuthorizationDecisionStatement.
        Parameters:
        subject - (required) A Subject object
        resource - (required) A String identifying the resource to which access authorization is sought.
        decision - (required) The decision rendered by the issuer with respect to the specified resource.
        action - (required) A List of Action objects specifying the set of actions authorized to be performed on the specified resource.
        evidence - (optional) An Evidence object representing a set of assertions that the issuer replied on in making decisions.
        Throws:
        SAMLException

      • createAuthnDecisionStatement

        public abstract AuthnDecisionStatement createAuthnDecisionStatement​(String resource,
                                                                    String decision,
                                                                    List action,
                                                                    Evidence evidence)
                                                             throws SAMLException
        Constructs an instance of AuthnDecisionStatement.
        Parameters:
        resource - (required) A String identifying the resource to which access authorization is sought.
        decision - (required) The decision rendered by the issuer with respect to the specified resource.
        action - (required) A List of Action objects specifying the set of actions authorized to be performed on the specified resource.
        evidence - (optional) An Evidence object representing a set of assertions that the issuer replied on in making decisions.
        Throws:
        SAMLException

      • createConditions

        public abstract Conditions createConditions​(GregorianCalendar notBefore,
                                            GregorianCalendar notOnOrAfter,
                                            List condition,
                                            List arc,
                                            List doNotCacheCnd)
                                     throws SAMLException
        Constructs an instance of Conditions.
        Parameters:
        notBefore - specifies the earliest time instant at which the assertion is valid.
        notOnOrAfter - specifies the time instant at which the assertion has expired.
        condition -
        arc - the AudienceRestrictionCondition to be added. Can be null, if no audience restriction.
        doNotCacheCnd -
        Throws:
        SAMLException

      • createConditions

        public abstract Conditions createConditions​(GregorianCalendar notBefore,
                                            GregorianCalendar notOnOrAfter,
                                            List condition,
                                            List ar,
                                            List oneTimeUse,
                                            List proxyRestriction)
                                     throws SAMLException
        Constructs an instance of Conditions.
        Parameters:
        notBefore - specifies the earliest time instant at which the assertion is valid.
        notOnOrAfter - specifies the time instant at which the assertion has expired.
        condition -
        ar - the AudienceRestriction to be added. Can be null, if no audience restriction.
        oneTimeUse -
        proxyRestriction -
        Throws:
        SAMLException

      • createEvidence

        public abstract Evidence createEvidence​(List assertionIDRef,
                                        List assertion)
                                 throws SAMLException
        Constructs an Evidence from a List of Assertion and AssertionIDReference objects.
        Parameters:
        assertionIDRef - List of AssertionIDReference objects.
        assertion - List of Assertion objects.
        Throws:
        SAMLException

      • createNameIdentifier

        public abstract NameIdentifier createNameIdentifier​(String name,
                                                    String nameQualifier,
                                                    String format)
                                             throws SAMLException
        Constructs a NameQualifier instance.
        Parameters:
        name - The string representing the name of the Subject
        nameQualifier - The security or administrative domain that qualifies the name of the Subject. This is optional could be null.
        format - The syntax used to describe the name of the Subject. This optional, could be null.
        Throws:
        SAMLException

      • createNameID

        public abstract NameID createNameID​(String name,
                                    String nameQualifier,
                                    String format)
                             throws SAMLException
        Constructs a NameID instance.
        Parameters:
        name - The string representing the name of the Subject
        nameQualifier - The security or administrative domain that qualifies the name of the Subject. This is optional could be null.
        format - The syntax used to describe the name of the Subject. This optional, could be null.
        Throws:
        SAMLException

      • createSubject

        public abstract Subject createSubject​(NameIdentifier nameIdentifier,
                                      SubjectConfirmation subjectConfirmation)
                               throws SAMLException
        Constructs a Subject object from a NameIdentifier object and a SubjectConfirmation object.
        Parameters:
        nameIdentifier - NameIdentifier object.
        subjectConfirmation - SubjectConfirmation object.
        Throws:
        SAMLException

      • createSubject

        public abstract Subject createSubject​(NameID nameID,
                                      SubjectConfirmation subjectConfirmation)
                               throws SAMLException
        Constructs a Subject object from a NameID object and a SubjectConfirmation object.
        Parameters:
        nameID - NameID object.
        subjectConfirmation - SubjectConfirmation object.
        Throws:
        SAMLException

      • createSubjectConfirmation

        public abstract SubjectConfirmation createSubjectConfirmation​(String confirmationMethod)
                                                       throws SAMLException
        Creates and returns a SubjectConfirmation object.
        Parameters:
        confirmationMethod - A URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
        Throws:
        SAMLException

      • createSubjectConfirmation

        public abstract SubjectConfirmation createSubjectConfirmation​(NameID nameID,
                                                              String method)
                                                       throws SAMLException
        Creates and returns a SubjectConfirmation object.
        Parameters:
        nameID - NameID object.
        method - A URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
        Throws:
        SAMLException

      • createSubjectConfirmation

        public abstract SubjectConfirmation createSubjectConfirmation​(List confirmationMethods,
                                                              Element subjectConfirmationData,
                                                              Element keyInfo)
                                                       throws SAMLException
        Constructs a SubjectConfirmation instance.
        Parameters:
        confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
        subjectConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no subjectConfirmationData for the SubjectConfirmation object.
        keyInfo - An XML signature element that specifies a cryptographic key held by the Subject.
        Throws:
        SAMLException

      • createSubjectConfirmation

        public abstract SubjectConfirmation createSubjectConfirmation​(NameID nameID,
                                                              SubjectConfirmationData subjectConfirmationData,
                                                              String confirmationMethods)
                                                       throws SAMLException
        Constructs a SubjectConfirmation instance.
        Parameters:
        nameID - NameID object.
        subjectConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no subjectConfirmationData for the SubjectConfirmation object.
        confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
        Throws:
        SAMLException

      • createSubjectConfirmation

        public abstract SubjectConfirmation createSubjectConfirmation​(NameID nameID,
                                                              KeyInfoConfirmationData keyInfoConfirmationData,
                                                              String confirmationMethods)
                                                       throws SAMLException
        Constructs a SubjectConfirmation instance.
        Parameters:
        nameID - NameID object.
        keyInfoConfirmationData - Additional authentication information to be used by a specific authentication protocol. Can be passed as null if there is no KeyInfoConfirmationData for the SubjectConfirmation object.
        confirmationMethods - A list of confirmationMethods each of which is a URI (String) that identifies a protocol used to authenticate a Subject. Please refer to draft-sstc-core-25 Section 7 for a list of URIs identifying common authentication protocols.
        Throws:
        SAMLException

      • createSubjectLocality

        public abstract SubjectLocality createSubjectLocality​(String ipAddress,
                                                      String dnsAddress)
                                               throws SAMLException
        Constructs an instance of SubjectLocality.
        Parameters:
        ipAddress - String representing the IP Address of the entity that was authenticated.
        dnsAddress - String representing the DNS Address of the entity that was authenticated. As per SAML specification they are both optional, so values can be null.
        Throws:
        SAMLException