com.sun.xml.wss.saml.assertion.saml11.jaxb20

Class Assertion

java.lang.Object

com.sun.xml.wss.saml.internal.saml11.jaxb20.AssertionType

com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion

All Implemented Interfaces:

Token, Assertion

public class Assertion
extends AssertionType
implements Assertion

This object stands for Assertion element. An Assertion is a package of information that supplies one or more Statement made by an issuer. There are three kinds of assertions Au [java] <?xml version="1.0" encoding="UTF-8" standalone="yes"?> [java] [java] [java] CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US [java] [java] urn:oasis:names:tc:SAML:1.0:cm:sender-vouches [java] [java] [java] [java] ATTRIBUTE1 [java] thentication, Authorization Decision and Attribute assertion.

Field Summary

Fields

Modifier and Type	Field and Description
protected static Logger	log
static String	XMLNS_URI XML Information Set REC all namespace attributes (including those named xmlns, whose [prefix] property has no value) have a namespace URI of http://www.w3.org/2000/xmlns/

Fields inherited from class com.sun.xml.wss.saml.internal.saml11.jaxb20.AssertionType

advice, assertionID, conditions, issueInstant, issuer, majorVersion, minorVersion, signature, statementOrSubjectStatementOrAuthenticationStatement

Constructor Summary

Constructors

Constructor and Description
Assertion(AssertionType assertion)
Assertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements) This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.
Assertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements, JAXBContext jcc) This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion ,a set of Statement(s) and a JAXBContext for the assertion.

Method Summary

Modifier and Type	Method and Description
static Assertion	fromElement(Element element) This constructor is used to build Assertion object from a block of existing XML that has already been built into a DOM.
Advice	getAdvice() Gets the value of the advice property.
Conditions	getConditions() Gets the value of the conditions property.
String	getID() Get the SAML Assertion ID for SAML2.0
String	getIssueInstance() Gets the value of the issueInstant property.
String	getSamlIssuer() Get the issuer of SAML Assertion
List<Object>	getStatements() Return all statements presents in the SAML Assertion.
Subject	getSubject() Gets the value of the subject property of SAML 2.0 This method should be applied only on SAML 2.0 assertion.
Object	getTokenValue()
String	getType()
String	getVersion() Get the SAML Vertion SAML2.0
boolean	isSigned()
void	setVersion(String version)
Element	sign(DigestMethod digestMethod, String signatureMethod, PublicKey pubKey, PrivateKey privKey) sign the saml assertion (Enveloped Signature)
Element	sign(DigestMethod digestMethod, String signatureMethod, X509Certificate cert, PrivateKey privKey) Sign the SAML Assertion - Enveloped Signature
Element	sign(DigestMethod digestMethod, String signatureMethod, X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert) Sign the SAML Assertion - Enveloped Signature
Element	sign(PublicKey pubKey, PrivateKey privKey) sign the saml assertion (Enveloped Signature)
Element	sign(X509Certificate cert, PrivateKey privKey) Sign the SAML Assertion - Enveloped Signature
Element	sign(X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert) Sign the SAML Assertion - Enveloped Signature
Element	sign(X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert, String sigAlgorithm, String canonicalizationAlgorithm) Sign the SAML Assertion - Enveloped Signature
Element	toElement(Node doc) Convert SAML Assertion to org.w3c.dom.Element
boolean	verifySignature(PublicKey pubKey) Verify the SAML signature with the Public Key

Methods inherited from class com.sun.xml.wss.saml.internal.saml11.jaxb20.AssertionType

getAssertionID, getIssueInstant, getIssuer, getMajorVersion, getMinorVersion, getSignature, getStatementOrSubjectStatementOrAuthenticationStatement, setAdvice, setAssertionID, setConditions, setIssueInstant, setIssuer, setMajorVersion, setMinorVersion, setSignature

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.sun.xml.wss.saml.Assertion

getAssertionID, getMajorVersion, getMinorVersion, setMajorVersion, setMinorVersion

Field Detail

XMLNS_URI

public static final String XMLNS_URI

XML Information Set REC all namespace attributes (including those named xmlns, whose [prefix] property has no value) have a namespace URI of http://www.w3.org/2000/xmlns/

log

protected static final Logger log

Constructor Detail

Assertion

public Assertion(AssertionType assertion)

Assertion

public Assertion(String assertionID,
                 String issuer,
                 GregorianCalendar issueInstant,
                 Conditions conditions,
                 Advice advice,
                 List statements)
          throws SAMLException

This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.

Parameters:

assertionID - AssertionID object contained within this Assertion if null its generated internally.

issuer - The issuer of this assertion.

issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.

conditions - Conditions under which the this Assertion is valid.

advice - Advice applicable for this Assertion.

statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.

Throws:

SAMLException - if there is an error in processing input.

Assertion

public Assertion(String assertionID,
                 String issuer,
                 GregorianCalendar issueInstant,
                 Conditions conditions,
                 Advice advice,
                 List statements,
                 JAXBContext jcc)
          throws SAMLException

This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion ,a set of Statement(s) and a JAXBContext for the assertion.

Parameters:

assertionID - AssertionID object contained within this Assertion if null its generated internally.

issuer - The issuer of this assertion.

issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.

conditions - Conditions under which the this Assertion is valid.

advice - Advice applicable for this Assertion.

statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.

jcc - JAXBContext to be used for marshaling and unmarshalling the asertions.

Throws:

SAMLException - if there is an error in processing input.

Method Detail

getVersion

public String getVersion()

Description copied from interface: Assertion

Get the SAML Vertion SAML2.0

Specified by:

getVersion in interface Assertion

Returns:

An java.lang.String representing saml version.

setVersion

public void setVersion(String version)

Specified by:

setVersion in interface Assertion

Parameters:

version - A java.lang.String representing saml version

getID

public String getID()

Description copied from interface: Assertion

Get the SAML Assertion ID for SAML2.0

Specified by:

getID in interface Assertion

Returns:

An java.lang.String representing saml assertion ID.

getSamlIssuer

public String getSamlIssuer()

Description copied from interface: Assertion

Get the issuer of SAML Assertion

Specified by:

getSamlIssuer in interface Assertion

Returns:

An java.lang.String representing saml issuer.

getIssueInstance

public String getIssueInstance()

Description copied from interface: Assertion

Gets the value of the issueInstant property.

Specified by:

getIssueInstance in interface Assertion

Returns:

A String representing the issue timestamp of the SAML Assertion

getConditions

public Conditions getConditions()

Description copied from class: AssertionType

Gets the value of the conditions property.

Specified by:

getConditions in interface Assertion

Overrides:

getConditions in class AssertionType

Returns:

possible object is ConditionsType

getAdvice

public Advice getAdvice()

Description copied from class: AssertionType

Gets the value of the advice property.

Specified by:

getAdvice in interface Assertion

Overrides:

getAdvice in class AssertionType

Returns:

possible object is AdviceType

getSubject

public Subject getSubject()

Description copied from interface: Assertion

Gets the value of the subject property of SAML 2.0 This method should be applied only on SAML 2.0 assertion. For SAML1.1 and SAML1.0, first get a list of statements of the SAML assertion by calling getStatements() on the Assertion object, then call the getSubject() on each statement.

Specified by:

getSubject in interface Assertion

Returns:

A Subject representing Subject of SAML 2.0

sign

public Element sign(PublicKey pubKey,
                    PrivateKey privKey)
             throws SAMLException

sign the saml assertion (Enveloped Signature)

Specified by:

sign in interface Assertion

Parameters:

pubKey - PublicKey to be used for Signature verification

privKey - PrivateKey to be used for Signature calculation

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert)
             throws SAMLException

Description copied from interface: Assertion

Sign the SAML Assertion - Enveloped Signature

Specified by:

sign in interface Assertion

Parameters:

cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification

privKey - A java.security.PrivateKey representing the private key used for Signature calculation.

alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert,
                    String sigAlgorithm,
                    String canonicalizationAlgorithm)
             throws SAMLException

Description copied from interface: Assertion

Sign the SAML Assertion - Enveloped Signature

Specified by:

sign in interface Assertion

Parameters:

cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification

privKey - A java.security.PrivateKey representing the private key used for Signature calculation.

alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature.

sigAlgorithm - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.

canonicalizationAlgorithm - A javax.xml.crypto.dsig.CanonicalizationMethod representing the canonicalization algorithm used SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(X509Certificate cert,
                    PrivateKey privKey)
             throws SAMLException

Description copied from interface: Assertion

Sign the SAML Assertion - Enveloped Signature

Specified by:

sign in interface Assertion

Parameters:

cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification

privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(DigestMethod digestMethod,
                    String signatureMethod,
                    PublicKey pubKey,
                    PrivateKey privKey)
             throws SAMLException

sign the saml assertion (Enveloped Signature)

Specified by:

sign in interface Assertion

Parameters:

digestMethod - DigestMethod to be used

signatureMethod - SignatureMethod to be used.

pubKey - PublicKey to be used for Signature verification

privKey - PrivateKey to be used for Signature calculation

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(DigestMethod digestMethod,
                    String signatureMethod,
                    X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert)
             throws SAMLException

Description copied from interface: Assertion

Sign the SAML Assertion - Enveloped Signature

Specified by:

sign in interface Assertion

Parameters:

digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.

signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.

cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification

privKey - A java.security.PrivateKey representing the private key used for Signature calculation.

alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

sign

public Element sign(DigestMethod digestMethod,
                    String signatureMethod,
                    X509Certificate cert,
                    PrivateKey privKey)
             throws SAMLException

Description copied from interface: Assertion

Sign the SAML Assertion - Enveloped Signature

Specified by:

sign in interface Assertion

Parameters:

digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.

signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.

cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification

privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.

Returns:

An org.w3c.dom.Element representation of Signed SAML Assertion

Throws:

SAMLException

toElement

public Element toElement(Node doc)
                  throws XWSSecurityException

Description copied from interface: Assertion

Convert SAML Assertion to org.w3c.dom.Element

Specified by:

toElement in interface Assertion

Parameters:

doc - the context org.w3c.dom.Node for the creation of the resulting org.w3c.dom.Element.

Returns:

org.w3c.dom.Element element representation of SAML Assertion

Throws:

XWSSecurityException

isSigned

public boolean isSigned()

fromElement

public static Assertion fromElement(Element element)
                             throws SAMLException

This constructor is used to build Assertion object from a block of existing XML that has already been built into a DOM.

Parameters:

element - A org.w3c.dom.Element representing DOM tree for Assertion object

Throws:

SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

getStatements

public List<Object> getStatements()

Description copied from interface: Assertion

Return all statements presents in the SAML Assertion.

Specified by:

getStatements in interface Assertion

Returns:

An java.util.List of java.lang.Object representing all statements present inside the SAML assertion.

getType

public String getType()

Specified by:

getType in interface Token

getTokenValue

public Object getTokenValue()

Specified by:

getTokenValue in interface Token

verifySignature

public boolean verifySignature(PublicKey pubKey)
                        throws SAMLException

Description copied from interface: Assertion

Verify the SAML signature with the Public Key

Specified by:

verifySignature in interface Assertion

Parameters:

pubKey - A java.security.PublicKey representing the public key used for Signature verification

Returns:

An Boolean representing whether SAML signature verification is successful or not.

Throws:

SAMLException