Package com.sun.xml.wss.saml.assertion.saml11.jaxb20

Class Assertion

  • All Implemented Interfaces:
    com.sun.xml.ws.security.Token, Assertion
    public class Assertion
extends AssertionType
implements Assertion
    This object stands for Assertion element. An Assertion is a package of information that supplies one or more Statement made by an issuer. There are three kinds of assertions Au [java] <?xml version="1.0" encoding="UTF-8" standalone="yes"?> [java] <Conditions NotBefore="2005-08-16T13:21:50.503+05:30" NotOnOrAfter="2005-08-16T15:21:50.504+05:30" xmlns="urn:oasis:names:tc:SAML:1.0:assertion"/> [java] <Subject xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> [java] <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US</NameIdentifier> [java] <SubjectConfirmation> [java] <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod> [java] </SubjectConfirmation> [java] </Subject> [java] <Attribute AttributeName="attribute1" AttributeNamespace="urn:com:sun:xml:wss:attribute" xmlns="urn:oasis:names:tc:SAML:1.0:assertion"> [java] <AttributeValue>ATTRIBUTE1</AttributeValue> [java] </Attribute> thentication, Authorization Decision and Attribute assertion.

    • Field Detail

      • XMLNS_URI

        public static final String XMLNS_URI
        XML Information Set REC all namespace attributes (including those named xmlns, whose [prefix] property has no value) have a namespace URI of http://www.w3.org/2000/xmlns/

      • log

        protected static final Logger log

    • Constructor Detail

      • Assertion

        public Assertion​(String assertionID,
                 String issuer,
                 GregorianCalendar issueInstant,
                 Conditions conditions,
                 Advice advice,
                 List statements)
          throws SAMLException
        This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion and a set of Statement(s) in the assertion.
        Parameters:
        assertionID - AssertionID object contained within this Assertion if null its generated internally.
        issuer - The issuer of this assertion.
        issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
        conditions - Conditions under which the this Assertion is valid.
        advice - Advice applicable for this Assertion.
        statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
        Throws:
        SAMLException - if there is an error in processing input.

      • Assertion

        public Assertion​(String assertionID,
                 String issuer,
                 GregorianCalendar issueInstant,
                 Conditions conditions,
                 Advice advice,
                 List statements,
                 jakarta.xml.bind.JAXBContext jcc)
          throws SAMLException
        This constructor is used to populate the data members: the assertionID, the issuer, time when assertion issued, the conditions when creating a new assertion , Advice applicable to this Assertion ,a set of Statement(s) and a JAXBContext for the assertion.
        Parameters:
        assertionID - AssertionID object contained within this Assertion if null its generated internally.
        issuer - The issuer of this assertion.
        issueInstant - Time instant of the issue. It has type dateTime which is built in to the W3C XML Schema Types specification. if null, current time is used.
        conditions - Conditions under which the this Assertion is valid.
        advice - Advice applicable for this Assertion.
        statements - List of Statement objects within this Assertion. It could be of type AuthenticationStatement, AuthorizationDecisionStatement and AttributeStatement. Each Assertion can have multiple type of statements in it.
        jcc - JAXBContext to be used for marshaling and unmarshalling the asertions.
        Throws:
        SAMLException - if there is an error in processing input.

    • Method Detail

      • getVersion

        public String getVersion()
        Description copied from interface: Assertion
        Get the SAML Vertion SAML2.0
        Specified by:
        getVersion in interface Assertion
        Returns:
        An java.lang.String representing saml version.

      • setVersion

        public void setVersion​(String version)
        Specified by:
        setVersion in interface Assertion
        Parameters:
        version - A java.lang.String representing saml version

      • getID

        public String getID()
        Description copied from interface: Assertion
        Get the SAML Assertion ID for SAML2.0
        Specified by:
        getID in interface Assertion
        Returns:
        An java.lang.String representing saml assertion ID.

      • getSamlIssuer

        public String getSamlIssuer()
        Description copied from interface: Assertion
        Get the issuer of SAML Assertion
        Specified by:
        getSamlIssuer in interface Assertion
        Returns:
        An java.lang.String representing saml issuer.

      • getIssueInstance

        public String getIssueInstance()
        Description copied from interface: Assertion
        Gets the value of the issueInstant property.
        Specified by:
        getIssueInstance in interface Assertion
        Returns:
        A String representing the issue timestamp of the SAML Assertion

      • getSubject

        public Subject getSubject()
        Description copied from interface: Assertion
        Gets the value of the subject property of SAML 2.0 This method should be applied only on SAML 2.0 assertion. For SAML1.1 and SAML1.0, first get a list of statements of the SAML assertion by calling getStatements() on the Assertion object, then call the getSubject() on each statement.
        Specified by:
        getSubject in interface Assertion
        Returns:
        A Subject representing Subject of SAML 2.0

      • sign

        public Element sign​(PublicKey pubKey,
                    PrivateKey privKey)
             throws SAMLException
        sign the saml assertion (Enveloped Signature)
        Specified by:
        sign in interface Assertion
        Parameters:
        pubKey - PublicKey to be used for Signature verification
        privKey - PrivateKey to be used for Signature calculation
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert)
             throws SAMLException
        Description copied from interface: Assertion
        Sign the SAML Assertion - Enveloped Signature
        Specified by:
        sign in interface Assertion
        Parameters:
        cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
        privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
        alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert,
                    String sigAlgorithm,
                    String canonicalizationAlgorithm)
             throws SAMLException
        Description copied from interface: Assertion
        Sign the SAML Assertion - Enveloped Signature
        Specified by:
        sign in interface Assertion
        Parameters:
        cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
        privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
        alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature.
        sigAlgorithm - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
        canonicalizationAlgorithm - A javax.xml.crypto.dsig.CanonicalizationMethod representing the canonicalization algorithm used SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(X509Certificate cert,
                    PrivateKey privKey)
             throws SAMLException
        Description copied from interface: Assertion
        Sign the SAML Assertion - Enveloped Signature
        Specified by:
        sign in interface Assertion
        Parameters:
        cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
        privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(DigestMethod digestMethod,
                    String signatureMethod,
                    PublicKey pubKey,
                    PrivateKey privKey)
             throws SAMLException
        sign the saml assertion (Enveloped Signature)
        Specified by:
        sign in interface Assertion
        Parameters:
        digestMethod - DigestMethod to be used
        signatureMethod - SignatureMethod to be used.
        pubKey - PublicKey to be used for Signature verification
        privKey - PrivateKey to be used for Signature calculation
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(DigestMethod digestMethod,
                    String signatureMethod,
                    X509Certificate cert,
                    PrivateKey privKey,
                    boolean alwaysIncludeCert)
             throws SAMLException
        Description copied from interface: Assertion
        Sign the SAML Assertion - Enveloped Signature
        Specified by:
        sign in interface Assertion
        Parameters:
        digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.
        signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
        cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
        privKey - A java.security.PrivateKey representing the private key used for Signature calculation.
        alwaysIncludeCert - A flag to tell whether to incude the certificate in the SAML signature. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • sign

        public Element sign​(DigestMethod digestMethod,
                    String signatureMethod,
                    X509Certificate cert,
                    PrivateKey privKey)
             throws SAMLException
        Description copied from interface: Assertion
        Sign the SAML Assertion - Enveloped Signature
        Specified by:
        sign in interface Assertion
        Parameters:
        digestMethod - A javax.xml.crypto.dsig.DigestMethod representing the digest method used for SAML signature.
        signatureMethod - A javax.xml.crypto.dsig.SignatureMethod representing the signature algorithm used SAML signature.
        cert - A java.security.cert.X509Certificate representing the certificate used for Signature verification
        privKey - A java.security.PrivateKey representing the private key used for Signature calculation. By Default DigestMethod.SHA1, SignatureMethod.RSA_SHA1 and CanonicalizationMethod.EXCLUSIVE will be used.
        Returns:
        An org.w3c.dom.Element representation of Signed SAML Assertion
        Throws:
        SAMLException

      • toElement

        public Element toElement​(Node doc)
                  throws com.sun.xml.wss.XWSSecurityException
        Description copied from interface: Assertion
        Convert SAML Assertion to org.w3c.dom.Element
        Specified by:
        toElement in interface Assertion
        Parameters:
        doc - the context org.w3c.dom.Node for the creation of the resulting org.w3c.dom.Element.
        Returns:
        org.w3c.dom.Element element representation of SAML Assertion
        Throws:
        com.sun.xml.wss.XWSSecurityException

      • isSigned

        public boolean isSigned()

      • fromElement

        public static Assertion fromElement​(Element element)
                             throws SAMLException
        This constructor is used to build Assertion object from a block of existing XML that has already been built into a DOM.
        Parameters:
        element - A org.w3c.dom.Element representing DOM tree for Assertion object
        Throws:
        SAMLException - if it could not process the Element properly, implying that there is an error in the sender or in the element definition.

      • getStatements

        public List<Object> getStatements()
        Description copied from interface: Assertion
        Return all statements presents in the SAML Assertion.
        Specified by:
        getStatements in interface Assertion
        Returns:
        An java.util.List of java.lang.Object representing all statements present inside the SAML assertion.

      • getType

        public String getType()
        Specified by:
        getType in interface com.sun.xml.ws.security.Token

      • getTokenValue

        public Object getTokenValue()
        Specified by:
        getTokenValue in interface com.sun.xml.ws.security.Token

      • verifySignature

        public boolean verifySignature​(PublicKey pubKey)
                        throws SAMLException
        Description copied from interface: Assertion
        Verify the SAML signature with the Public Key
        Specified by:
        verifySignature in interface Assertion
        Parameters:
        pubKey - A java.security.PublicKey representing the public key used for Signature verification
        Returns:
        An Boolean representing whether SAML signature verification is successful or not.
        Throws:
        SAMLException