Package com.sun.xml.wss.saml.assertion.saml11.jaxb20

Class Assertion

java.lang.Object
com.sun.xml.wss.saml.internal.saml11.jaxb20.AssertionType
com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion
All Implemented Interfaces:
com.sun.xml.ws.security.Token, Assertion
public class Assertion extends AssertionType implements Assertion
This object stands for Assertion element. An Assertion is a package of information that supplies one or more Statement made by an issuer. There are three kinds of assertions Au [java] <?xml version="1.0" encoding="UTF-8" standalone="yes"?> [java] <Conditions NotBefore="2005-08-16T13:21:50.503+05:30" NotOnOrAfter="2005-08-16T15:21:50.504+05:30" xmlns="urn:oasis:names:tc:SAML:1.0:assertion"/> [java] <Subject xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> [java] <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US</NameIdentifier> [java] <SubjectConfirmation> [java] <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod> [java] </SubjectConfirmation> [java] </Subject> [java] <Attribute AttributeName="attribute1" AttributeNamespace="urn:com:sun:xml:wss:attribute" xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> [java] <AttributeValue>ATTRIBUTE1</AttributeValue> [java] </Attribute> thentication, Authorization Decision and Attribute assertion.

  • Field Details

    • XMLNS_URI

      public static final String XMLNS_URI
      XML Information Set REC all namespace attributes (including those named xmlns, whose [prefix] property has no value) have a namespace URI of http://www.w3.org/2000/xmlns/

    • log

      protected static final Logger log

  • Constructor Details

    • Assertion

      public Assertion(AssertionType assertion)

    • Assertion

      public Assertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements) throws SAMLException
      This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.
      Parameters:
      assertionID - AssertionID object contained within this Assertion if null its generated internally.
      issuer - The issuer of this assertion.
      issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
      conditions - Conditions under which the this Assertion is valid.
      advice - Advice applicable for this Assertion.
      statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
      Throws:
      SAMLException - if there is an error in processing input.

    • Assertion

      public Assertion(String assertionID, String issuer, GregorianCalendar issueInstant, Conditions conditions, Advice advice, List statements, javax.xml.bind.JAXBContext jcc) throws SAMLException
      This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion ,a set of Statement(s) and a JAXBContext for the assertion.
      Parameters:
      assertionID - AssertionID object contained within this Assertion if null its generated internally.
      issuer - The issuer of this assertion.
      issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
      conditions - Conditions under which the this Assertion is valid.
      advice - Advice applicable for this Assertion.
      statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
      jcc - JAXBContext to be used for marshaling and unmarshalling the asertions.
      Throws:
      SAMLException - if there is an error in processing input.

  • Method Details

    • getVersion

      public String getVersion()
      Description copied from interface: Assertion
      Get the SAML Vertion SAML2.0
      Specified by:
      getVersion in interface Assertion
      Returns:
      An java.lang.String representing saml version.

    • setVersion

      public void setVersion(String version)
      Specified by:
      setVersion in interface Assertion
      Parameters:
      version - A java.lang.String representing saml version

    • getID

      public String getID()
      Description copied from interface: Assertion
      Get the SAML Assertion ID for SAML2.0
      Specified by:
      getID in interface Assertion
      Returns:
      An java.lang.String representing saml assertion ID.

    • getSamlIssuer

      public String getSamlIssuer()
      Description copied from interface: Assertion
      Get the issuer of SAML Assertion
      Specified by:
      getSamlIssuer in interface Assertion
      Returns:
      An java.lang.String representing saml issuer.

    • getIssueInstance

      public String getIssueInstance()
      Description copied from interface: Assertion
      Gets the value of the issueInstant property.
      Specified by:
      getIssueInstance in interface Assertion
      Returns:
      A String representing the issue timestamp of the SAML Assertion

    • getConditions

      public Conditions getConditions()
      Description copied from class: AssertionType
      Gets the value of the conditions property.
      Specified by:
      getConditions in interface Assertion
      Overrides:
      getConditions in class AssertionType
      Returns:
      possible object is ConditionsType

    • getAdvice

      public Advice getAdvice()
      Description copied from class: AssertionType
      Gets the value of the advice property.
      Specified by:
      getAdvice in interface Assertion
      Overrides:
      getAdvice in class AssertionType
      Returns:
      possible object is AdviceType

    • getSubject

      public Subject getSubject()
      Description copied from interface: Assertion
      Gets the value of the subject property of SAML 2.0 This method should be applied only on SAML 2.0 assertion. For SAML1.1 and SAML1.0, first get a list of statements of the SAML assertion by calling getStatements() on the Assertion object, then call the getSubject() on each statement.
      Specified by:
      getSubject in interface Assertion
      Returns:
      A Subject representing Subject of SAML 2.0

    • sign

      public Element sign(PublicKey pubKey, PrivateKey privKey) throws SAMLException
      sign the saml assertion (Enveloped Signature)
      Specified by:
      sign in interface Assertion
      Parameters:
      pubKey - PublicKey to be used for Signature verification
      privKey - PrivateKey to be used for Signature calculation
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert) throws SAMLException
      Description copied from interface: Assertion
      Sign the SAML Assertion - Enveloped Signature
      Specified by:
      sign in interface Assertion
      Parameters:
      cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
      privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
      alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert, String sigAlgorithm, String canonicalizationAlgorithm) throws SAMLException
      Description copied from interface: Assertion
      Sign the SAML Assertion - Enveloped Signature
      Specified by:
      sign in interface Assertion
      Parameters:
      cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
      privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
      alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature.
      sigAlgorithm - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
      canonicalizationAlgorithm - A javax.xml.crypto.dsig.CanonicalizationMethod representing the canonicalization algorithm used SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(X509Certificate cert, PrivateKey privKey) throws SAMLException
      Description copied from interface: Assertion
      Sign the SAML Assertion - Enveloped Signature
      Specified by:
      sign in interface Assertion
      Parameters:
      cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
      privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(DigestMethod digestMethod, String signatureMethod, PublicKey pubKey, PrivateKey privKey) throws SAMLException
      sign the saml assertion (Enveloped Signature)
      Specified by:
      sign in interface Assertion
      Parameters:
      digestMethod - DigestMethod to be used
      signatureMethod - SignatureMethod to be used.
      pubKey - PublicKey to be used for Signature verification
      privKey - PrivateKey to be used for Signature calculation
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(DigestMethod digestMethod, String signatureMethod, X509Certificate cert, PrivateKey privKey, boolean alwaysIncludeCert) throws SAMLException
      Description copied from interface: Assertion
      Sign the SAML Assertion - Enveloped Signature
      Specified by:
      sign in interface Assertion
      Parameters:
      digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.
      signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
      cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
      privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
      alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • sign

      public Element sign(DigestMethod digestMethod, String signatureMethod, X509Certificate cert, PrivateKey privKey) throws SAMLException
      Description copied from interface: Assertion
      Sign the SAML Assertion - Enveloped Signature
      Specified by:
      sign in interface Assertion
      Parameters:
      digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.
      signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
      cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
      privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
      Returns:
      An org.w3c.dom.Element representation of Signed SAML Assertion
      Throws:
      SAMLException

    • toElement

      public Element toElement(Node doc) throws com.sun.xml.wss.XWSSecurityException
      Description copied from interface: Assertion
      Convert SAML Assertion to org.w3c.dom.Element
      Specified by:
      toElement in interface Assertion
      Parameters:
      doc - the context org.w3c.dom.Node for the creation of the resulting org.w3c.dom.Element.
      Returns:
      org.w3c.dom.Element element representation of SAML Assertion
      Throws:
      com.sun.xml.wss.XWSSecurityException

    • isSigned

      public boolean isSigned()

    • fromElement

      public static Assertion fromElement(Element element) throws SAMLException
      This constructor is used to build Assertion object from a block of existing XML that has already been built into a DOM.
      Parameters:
      element - A org.w3c.dom.Element representing DOM tree for Assertion object
      Throws:
      SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

    • getStatements

      public List<Object> getStatements()
      Description copied from interface: Assertion
      Return all statements presents in the SAML Assertion.
      Specified by:
      getStatements in interface Assertion
      Returns:
      An java.util.List of java.lang.Object representing all statements present inside the SAML assertion.

    • getType

      public String getType()
      Specified by:
      getType in interface com.sun.xml.ws.security.Token

    • getTokenValue

      public Object getTokenValue()
      Specified by:
      getTokenValue in interface com.sun.xml.ws.security.Token

    • verifySignature

      public boolean verifySignature(PublicKey pubKey) throws SAMLException
      Description copied from interface: Assertion
      Verify the SAML signature with the Public Key
      Specified by:
      verifySignature in interface Assertion
      Parameters:
      pubKey - A java.security.PublicKey representing the public key used for Signature verification
      Returns:
      An Boolean representing whether SAML signature verification is successful or not.
      Throws:
      SAMLException