All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.ws.security.message.WSSecSAMLToken Maven / Gradle / Ivy

Go to download

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC.

There is a newer version: 1.6.19
Show newest version
/*
 * Copyright  2003-2004 The Apache Software Foundation.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 */
package org.apache.ws.security.message;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.util.WSSecurityUtil;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/**
 * Builds a WS SAML Assertion and inserts it into the SOAP Envelope. Refer to
 * the WS specification, SAML Token profile
 *
 * @author Davanum Srinivas ([email protected]).
 */
public class WSSecSAMLToken extends WSSecBase {

    private static Log log = LogFactory.getLog(WSSecSAMLToken.class.getName());
    
    private Document document = null;
    
    private SAMLAssertion saml = null;

    /**
     * Constructor.
     */
    public WSSecSAMLToken() {
    }

    /**
     * Creates a SAML token.
     * 
     * The method prepares and initializes a WSSec UsernameToken structure after
     * the relevant information was set. A Before calling
     * prepare() all parameters such as user, password,
     * passwordType etc. must be set. A complete UsernameToken is
     * constructed.
     * 
     * @param doc
     *            The SOAP envelope as W3C document
     */
    public void prepare(Document doc, SAMLAssertion assertion) {
        document = doc;
        saml = assertion;
    }

    /**
     * Prepends the SAML Assertion to the elements already in the
     * Security header.
     * 
     * The method can be called any time after prepare().
     * This allows to insert the SAML assertion at any position in the
     * Security header.
     * 
     * @param secHeader
     *            The security header that holds the Signature element.
     */
    public void prependToHeader(WSSecHeader secHeader) {
        Element element = null;        
        try {
            element = (Element) saml.toDOM(document);
        } catch (SAMLException ex) {
            throw new RuntimeException(ex.toString());
        }
        
        WSSecurityUtil.prependChildElement(document, secHeader
                .getSecurityHeader(), element, false);
    }
    
    /**
     * Get the id generated during prepare().
     * 
     * Returns the the value of wsu:Id attribute of this Timestamp. 
     * 
     * @return Return the wsu:Id of this token or null if prepareToken()
     * was not called before.
     */
    public String getId() {
        if (saml == null) {
            return null;
        }
        return saml.getId();
    }
    
    /**
     * Adds a new SAMLAssertion to a soap envelope.
     * 

* A complete SAMLAssertion is added to the * wsse:Security header. * * @param doc The SOAP envelope as W3C document * @param assertion TODO * @return Document with UsernameToken added */ public Document build(Document doc, SAMLAssertion assertion, WSSecHeader secHeader) { log.debug("Begin add SAMLAssertion token..."); prepare(doc, assertion); prependToHeader(secHeader); return doc; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy