org.apache.ws.security.saml.SAMLIssuerImpl Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of wss4j Show documentation
Show all versions of wss4j Show documentation
The Apache WSS4J project provides a Java implementation of the primary security standards
for Web Services, namely the OASIS Web Services Security (WS-Security) specifications
from the OASIS Web Services Security TC.
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.ws.security.saml;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.saml.ext.SAMLParms;
import org.apache.ws.security.util.Loader;
import java.util.Properties;
import javax.security.auth.callback.CallbackHandler;
/**
* Builds a WS SAML Assertion and inserts it into the SOAP Envelope. Refer to
* the WS specification, SAML Token profile
*/
public class SAMLIssuerImpl implements SAMLIssuer {
private static final org.apache.commons.logging.Log LOG =
org.apache.commons.logging.LogFactory.getLog(SAMLIssuerImpl.class);
private Properties properties = null;
private CallbackHandler callbackHandler = null;
private String issuer;
private Crypto issuerCrypto = null;
private String issuerKeyPassword = null;
private String issuerKeyName = null;
/**
* Flag indicating what format to put the subject's key material in when
* NOT using Sender Vouches as the confirmation method. The default is
* to use ds:X509Data and include the entire certificate. If this flag
* is set to true, a ds:KeyValue is used instead with just the key material.
*/
private boolean sendKeyValue = false;
/**
* This boolean controls whether the assertion is to be signed or not
*/
private boolean signAssertion = false;
/**
* Constructor.
*/
public SAMLIssuerImpl() {
}
public SAMLIssuerImpl(Properties prop) throws WSSecurityException {
/*
* if no properties .. just return an instance, the rest will be done
* later or this instance is just used to handle certificate
* conversions in this implementation
*/
if (prop == null) {
return;
}
properties = prop;
String cryptoProp =
properties.getProperty("org.apache.ws.security.saml.issuer.cryptoProp.file");
if (cryptoProp != null) {
issuerCrypto = CryptoFactory.getInstance(cryptoProp);
issuerKeyName =
properties.getProperty("org.apache.ws.security.saml.issuer.key.name");
issuerKeyPassword =
properties.getProperty("org.apache.ws.security.saml.issuer.key.password");
}
String sendKeyValueProp =
properties.getProperty("org.apache.ws.security.saml.issuer.sendKeyValue");
if (sendKeyValueProp != null) {
sendKeyValue = Boolean.valueOf(sendKeyValueProp).booleanValue();
}
String signAssertionProp =
properties.getProperty("org.apache.ws.security.saml.issuer.signAssertion");
if (signAssertionProp != null) {
signAssertion = Boolean.valueOf(signAssertionProp).booleanValue();
}
String issuerProp = properties.getProperty("org.apache.ws.security.saml.issuer");
if (issuerProp != null) {
issuer = issuerProp;
}
}
/**
* Creates a new AssertionWrapper.
*
* @return a new AssertionWrapper.
*/
public AssertionWrapper newAssertion() throws WSSecurityException {
if (LOG.isDebugEnabled()) {
LOG.debug(
"Entering AssertionWrapper.newAssertion() ... creating SAML token"
);
}
if (callbackHandler == null && properties != null) {
try {
String samlCallbackClassname =
properties.getProperty("org.apache.ws.security.saml.callback");
Class callbackClass = null;
try {
callbackClass = Loader.loadClass(samlCallbackClassname, CallbackHandler.class);
} catch (ClassNotFoundException ex) {
throw new WSSecurityException(ex.getMessage(), ex);
}
callbackHandler = callbackClass.newInstance();
} catch (InstantiationException ex) {
throw new WSSecurityException(ex.getMessage(), ex);
} catch (IllegalAccessException ex) {
throw new WSSecurityException(ex.getMessage(), ex);
}
}
// Create a new SAMLParms with all of the information from the properties file.
SAMLParms samlParms = new SAMLParms();
samlParms.setIssuer(issuer);
samlParms.setCallbackHandler(callbackHandler);
AssertionWrapper sa = new AssertionWrapper(samlParms);
if (signAssertion) {
sa.signAssertion(issuerKeyName, issuerKeyPassword, issuerCrypto, sendKeyValue);
}
return sa;
}
/**
* Set whether to send the key value or whether to include the entire cert.
* @param sendKeyValue whether to send the key value.
*/
public void setSendKeyValue(boolean sendKeyValue) {
this.sendKeyValue = sendKeyValue;
}
/**
* Get whether to send the key value or whether to include the entire cert.
* @return whether to send the key value
*/
public boolean isSendKeyValue() {
return sendKeyValue;
}
/**
* Set whether to sign the assertion or not.
* @param signAssertion whether to sign the assertion or not.
*/
public void setSignAssertion(boolean signAssertion) {
this.signAssertion = signAssertion;
}
/**
* Get whether to sign the assertion or not
* @return whether to sign the assertion or not
*/
public boolean isSignAssertion() {
return signAssertion;
}
/**
* Set the CallbackHandler to use
* @param callbackHandler the CallbackHandler to use
*/
public void setCallbackHandler(CallbackHandler callbackHandler) {
this.callbackHandler = callbackHandler;
}
/**
* Get the CallbackHandler in use
* @return the CallbackHandler in use
*/
public CallbackHandler getCallbackHandler() {
return callbackHandler;
}
/**
* Set the issuer crypto
* @param issuerCrypto the issuer crypto
*/
public void setIssuerCrypto(Crypto issuerCrypto) {
this.issuerCrypto = issuerCrypto;
}
/**
* @return Returns the issuerCrypto.
*/
public Crypto getIssuerCrypto() {
return issuerCrypto;
}
/**
* Set the issuer name
* @param issuer the issuer name
*/
public void setIssuerName(String issuer) {
this.issuer = issuer;
}
/**
* Get the issuer name
* @return the issuer name
*/
public String getIssuerName() {
return issuer;
}
/**
* Set the issuer key name
* @param issuerKeyName the issuer key name
*/
public void setIssuerKeyName(String issuerKeyName) {
this.issuerKeyName = issuerKeyName;
}
/**
* @return Returns the issuerKeyName.
*/
public String getIssuerKeyName() {
return issuerKeyName;
}
/**
* Set the issuer key password
* @param issuerKeyPassword the issuerKeyPassword.
*/
public void setIssuerKeyPassword(String issuerKeyPassword) {
this.issuerKeyPassword = issuerKeyPassword;
}
/**
* @return Returns the issuerKeyPassword.
*/
public String getIssuerKeyPassword() {
return issuerKeyPassword;
}
}