com.sun.xml.wss.saml.SAMLAssertionFactory Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of wsit-impl Show documentation
Show all versions of wsit-impl Show documentation
This module contains the Metro WSIT runtime code.
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved.
*
* The contents of this file are subject to the terms of either the GNU
* General Public License Version 2 only ("GPL") or the Common Development
* and Distribution License("CDDL") (collectively, the "License"). You
* may not use this file except in compliance with the License. You can
* obtain a copy of the License at
* https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
* or packager/legal/LICENSE.txt. See the License for the specific
* language governing permissions and limitations under the License.
*
* When distributing the software, include this License Header Notice in each
* file and include the License file at packager/legal/LICENSE.txt.
*
* GPL Classpath Exception:
* Oracle designates this particular file as subject to the "Classpath"
* exception as provided by Oracle in the GPL Version 2 section of the License
* file that accompanied this code.
*
* Modifications:
* If applicable, add the following below the License Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyright [year] [name of copyright owner]"
*
* Contributor(s):
* If you wish your version of this file to be governed by only the CDDL or
* only the GPL Version 2, indicate your decision by adding "[Contributor]
* elects to include this software in this distribution under the [CDDL or GPL
* Version 2] license." If you don't indicate a single choice of license, a
* recipient has the option to distribute your version of this file under
* either the CDDL, the GPL Version 2 or to extend the choice of license to
* its licensees as provided above. However, if you add GPL Version 2 code
* and therefore, elected the GPL Version 2 license, then the option applies
* only if the new code is made subject to such option by the copyright
* holder.
*/
/*
* SAMLAssertionFactory.java
*
* Created on August 18, 2005, 11:46 AM
*
* To change this template, choose Tools | Options and locate the template under
* the Source Creation and Management node. Right-click the template and choose
* Open. You can then make changes to the template in the Source Editor.
*/
package com.sun.xml.wss.saml;
import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
import com.sun.xml.wss.XWSSecurityException;
import java.util.GregorianCalendar;
import java.util.List;
import javax.xml.namespace.QName;
import org.w3c.dom.Element;
import com.sun.xml.wss.saml.impl.SAMLAssertion2_1FactoryImpl;
import com.sun.xml.wss.saml.impl.SAMLAssertion2_2FactoryImpl;
import com.sun.xml.wss.saml.impl.SAMLAssertion1_1FactoryImpl;
import javax.xml.bind.JAXBContext;
import javax.xml.stream.XMLStreamReader;
/**
*
* @author [email protected]
*/
public abstract class SAMLAssertionFactory {
/**
* SAML Version 1.1 & SAML Version 2.0
*/
public static final String SAML1_1 = "Saml1.1";
public static final String SAML2_0 = "Saml2.0";
public static String SAML_VER_CHECK = null;
protected SAMLAssertionFactory() {
//do nothing
}
/**
*
* Create an instance of SAMLAssertionFactory.
*
* @param samlVersion A String representing the saml version. Possible values {SAMLAssertionFactory.SAML1_1} & {SAMLAssertionFactory.SAML2_0}
*/
public static SAMLAssertionFactory newInstance(String samlVersion) throws XWSSecurityException {
if ( samlVersion.intern() == SAML1_1) {
SAML_VER_CHECK = SAML1_1;
if ( System.getProperty("com.sun.xml.wss.saml.binding.jaxb") != null )
return new SAMLAssertion1_1FactoryImpl();
return new SAMLAssertion2_1FactoryImpl();
} else if (samlVersion.intern() == SAML2_0 && System.getProperty("com.sun.xml.wss.saml.binding.jaxb")== null ){
SAML_VER_CHECK = SAML2_0;
return new SAMLAssertion2_2FactoryImpl();
} else {
throw new XWSSecurityException("Unsupported SAML Version");
}
}
/**
* Creates an Action element.
* @param namespace The attribute "namespace" of
* Action element
* @param action A String representing an action
*/
public abstract Action createAction(String action, String namespace) throws SAMLException;
/**
* Creates an Advice element.
* @param assertionidreference A List of AssertionIDReference.
* @param assertion A List of Assertion
* @param otherelement A List of any element defined as
*/
public abstract Advice createAdvice(List assertionidreference, List assertion, List otherelement) throws SAMLException;
/**
* Creates an AnyType element if the System property "com.sun.xml.wss.saml.binding.jaxb"
* is set. Otherwise returns null.
*/
public abstract AnyType createAnyType() throws SAMLException;
/**
* Creates and return an Assertion from the data members: the
* assertionID, the issuer, time when assertion issued,
* the conditions when creating a new assertion , Advice
* applicable to this Assertion and a set of
* Statement(s) in the assertion.
*
* @param assertionID AssertionID object contained within this
* Assertion if null its generated internally.
* @param issuer The issuer of this assertion.
* @param issueInstant Time instant of the issue. It has type
* dateTime which is built in to the W3C XML Schema
* Types specification. if null, current time is used.
* @param conditions Conditions under which the this
* Assertion is valid.
* @param advice Advice applicable for this
* Assertion.
* @param statements List of Statement objects within this
* Assertion. It could be of type
* AuthenticationStatement,
* AuthorizationDecisionStatement and
* AttributeStatement. Each Assertion can have
* multiple type of statements in it.
* @exception SAMLException if there is an error in processing input.
*/
public abstract Assertion createAssertion(
String assertionID,
java.lang.String issuer,
GregorianCalendar issueInstant,
Conditions conditions,
Advice advice,
List statements) throws SAMLException;
public abstract Assertion createAssertion(
String assertionID,
java.lang.String issuer,
GregorianCalendar issueInstant,
Conditions conditions,
Advice advice,
List statements,JAXBContext jcc) throws SAMLException;
/**
* Creates and return an Assertion from the data members: the
* ID, the issuer, time when assertion issued,
* the conditions when creating a new assertion , Advice
* applicable to this Assertion, Subjectand a set of
* Statement(s) in the assertion.
*
* @param ID ID object contained within this
* Assertion if null its generated internally.
* @param issuer The issuer of this assertion.
* @param issueInstant Time instant of the issue. It has type
* dateTime which is built in to the W3C XML Schema
* Types specification. if null, current time is used.
* @param conditions Conditions under which the this
* Assertion is valid.
* @param advice Advice applicable for this
* Assertion.
* @param subject Subject applicable for this Assertion
* @param statements List of Statement objects within this
* Assertion. It could be of type
* AuthnStatement,
* AuthzDecisionStatement and
* AttributeStatement. Each Assertion can have
* multiple type of statements in it.
* @exception SAMLException if there is an error in processing input.
*/
public abstract Assertion createAssertion(
String ID,
NameID issuer,
GregorianCalendar issueInstant,
Conditions conditions,
Advice advice,
Subject subject,
List statements) throws SAMLException;
/**
* Creates and return an Assertion from the data members: the
* ID, the issuer, time when assertion issued,
* the conditions when creating a new assertion , Advice
* applicable to this Assertion, Subject, a set of
* Statement(s) ,and a jaxbcontext for the assertion.
*
* @param ID ID object contained within this
* Assertion if null its generated internally.
* @param issuer The issuer of this assertion.
* @param issueInstant Time instant of the issue. It has type
* dateTime which is built in to the W3C XML Schema
* Types specification. if null, current time is used.
* @param conditions Conditions under which the this
* Assertion is valid.
* @param advice Advice applicable for this
* Assertion.
* @param subject Subject applicable for this Assertion
* @param statements List of Statement objects within this
* Assertion. It could be of type
* AuthnStatement,
* AuthzDecisionStatement and
* AttributeStatement. Each Assertion can have
* multiple type of statements in it.
* @param jcc JAXBContext to be used for marshaling and unmarshalling the assertions.
* @exception SAMLException if there is an error in processing input.
*/
public abstract Assertion createAssertion(
String ID,
NameID issuer,
GregorianCalendar issueInstant,
Conditions conditions,
Advice advice,
Subject subject,
List statements,JAXBContext jcc) throws SAMLException;
/**
* Creates and returns an Assertion object from the given SAML org.w3c.dom.Element.
*
* @param element A org.w3c.dom.Element representing
* DOM tree for Assertion object
* @exception SAMLException if it could not process the Element properly,
* implying that there is an error in the sender or in the
* element definition.
*/
public abstract Assertion createAssertion(org.w3c.dom.Element element) throws SAMLException;
/**
* Creates and returns an Assertion object from the given SAML XMLStreamReader.
*
* @param reader An XMLStreamReader representing
* the tree for an Assertion object
* @exception SAMLException if it could not process the Element properly,
* implying that there is an error in the sender or in the
* element definition.
*/
public abstract Assertion createAssertion(XMLStreamReader reader) throws SAMLException;
/**
* Creates and returns an AssertionIDReference object. AssertionID
* will be generated automatically.
*
* @return null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set
* otherwise returns AssertionIDReference.
*/
public abstract AssertionIDReference createAssertionIDReference() throws SAMLException;
/**
* Creates and returns an AssertionIDRef object. AssertionID
* will be generated automatically.
*
* @return null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set
* otherwise returns AssertionIDReference.
*/
public abstract AssertionIDRef createAssertionIDRef() throws SAMLException;
/**
* Creates and returns an AssertionIDReference object.
*
* @param id String of an AssertionID
*
* @return null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set
* otherwise returns AssertionIDReference.
*/
public abstract AssertionIDReference createAssertionIDReference(String id) throws SAMLException;
/**
* Creates and returns an AssertionIDRef object.
*
* @param id String of an AssertionID
*
* @return null if the system property "com.sun.xml.wss.saml.binding.jaxb" is not set
* otherwise returns AssertionIDReference.
*/
public abstract AssertionIDRef createAssertionIDRef(String id) throws SAMLException;
/**
* Constructs an instance of Attribute.
*
* @param name A String representing AttributeName (the name
* of the attribute).
* @param nameSpace A String representing the namespace in which
* AttributeName elements are interpreted.
* @param values A List representing the AttributeValue object.
*/
public abstract Attribute createAttribute(String name, String nameSpace, List values) throws SAMLException;
/**
* Constructs an instance of Attribute.
*
* @param name A String representing AttributeName (the name
* of the attribute).
* @param values A List representing the AttributeValue object.
*/
public abstract Attribute createAttribute(String name, List values) throws SAMLException;
/**
* Constructs an instance of AttributeDesignator.
*
* @param name the name of the attribute.
* @param nameSpace the namespace in which AttributeName
* elements are interpreted.
*/
public abstract AttributeDesignator createAttributeDesignator(String name, String nameSpace) throws SAMLException;
/**
*
* Constructs an instance of AttributeStatement.
* @param subj SAML Subject
* @param attr List of attributes
*/
public abstract AttributeStatement createAttributeStatement(Subject subj, List attr) throws SAMLException;
/**
*
* Constructs an instance of AttributeStatement.
*
* @param attr List of attributes
*/
public abstract AttributeStatement createAttributeStatement(List attr) throws SAMLException;
/**
* Constructs an instance of AudienceRestrictionCondition.
* It takes in a List of audience for this
* condition, each of them being a String.
* @param audience A List of audience to be included within this condition
*/
public abstract AudienceRestrictionCondition createAudienceRestrictionCondition(List audience) throws SAMLException;
/**
* Constructs an instance of AudienceRestriction.
* It takes in a List of audience for this
* condition, each of them being a String.
* @param audience A List of audience to be included within this condition
*/
public abstract AudienceRestriction createAudienceRestriction(List audience) throws SAMLException;
/**
* Constructs an instance of AuthenticationStatement.
*
* @param authMethod (optional) A String specifies the type of authentication
* that took place. Pass null if not required.
* @param authInstant (optional) A GregorianCalendar object specifing the time at which the
* authentication that took place. Pass null if not required.
* @param subject (required) A Subject object
* @param subjectLocality (optional) A SubjectLocality object. Pass null if not required.
* @param authorityBinding (optional) A List of AuthorityBinding. Pass null if not required.
* objects.
*/
public abstract AuthenticationStatement createAuthenticationStatement(
String authMethod, GregorianCalendar authInstant, Subject subject,
SubjectLocality subjectLocality, List authorityBinding) throws SAMLException;
/**
* Constructs an instance of AuthenticationStatement.
*
* @param authInstant (optional) A GregorianCalendar object specifing the time at which the
* authentication that took place. Pass null if not required.
* @param subjectLocality (optional) A SubjectLocality object. Pass null if not required.
* @param authnContext (optional) A AuthnContext object. Pass null if not required.
* objects.
*/
public abstract AuthnStatement createAuthnStatement(
GregorianCalendar authInstant, SubjectLocality subjectLocality, AuthnContext authnContext,
String sessionIndex, GregorianCalendar sessionNotOnOrAfter) throws SAMLException;
/**
*Constructs an instance of AuthorityBinding.
*@param authKind A QName representing the type of SAML protocol queries
* to which the authority described by this element will
* respond.
*@param location A String representing a URI reference describing how to locate and communicate with the
* authority.
*@param binding A String representing a URI reference identifying the SAML
* protocol binding to use in communicating with the authority.
*/
public abstract AuthorityBinding createAuthorityBinding(QName authKind, String location, String binding) throws SAMLException;
public abstract AuthnContext createAuthnContext() throws SAMLException;
public abstract AuthnContext createAuthnContext(String authContextClassref, String authenticatingAuthority) throws SAMLException;
/**
* Constructs an instance of AuthorizationDecisionStatement.
*
* @param subject (required) A Subject object
* @param resource (required) A String identifying the resource to which
* access authorization is sought.
* @param decision (required) The decision rendered by the issuer with
* respect to the specified resource.
* @param action (required) A List of Action objects specifying the set of
* actions authorized to be performed on the specified resource.
* @param evidence (optional) An Evidence object representing a set of
* assertions that the issuer replied on in making decisions.
*/
public abstract AuthorizationDecisionStatement createAuthorizationDecisionStatement(
Subject subject, String resource, String decision, List action, Evidence evidence) throws SAMLException;
/**
* Constructs an instance of AuthnDecisionStatement.
*
* @param resource (required) A String identifying the resource to which
* access authorization is sought.
* @param decision (required) The decision rendered by the issuer with
* respect to the specified resource.
* @param action (required) A List of Action objects specifying the set of
* actions authorized to be performed on the specified resource.
* @param evidence (optional) An Evidence object representing a set of
* assertions that the issuer replied on in making decisions.
*/
public abstract AuthnDecisionStatement createAuthnDecisionStatement(
String resource, String decision, List action, Evidence evidence) throws SAMLException;
/**
* Constructs an instance of default Conditions object.
*/
public abstract Conditions createConditions() throws SAMLException;
/**
* Constructs an instance of Conditions.
*
* @param notBefore specifies the earliest time instant at which the
* assertion is valid.
* @param notOnOrAfter specifies the time instant at which the assertion
* has expired.
* @param condition
* @param arc the AudienceRestrictionCondition to be
* added. Can be null, if no audience restriction.
* @param doNotCacheCnd
*/
public abstract Conditions createConditions(
GregorianCalendar notBefore,
GregorianCalendar notOnOrAfter,
List condition,
List arc,
List doNotCacheCnd) throws SAMLException;
/**
* Constructs an instance of Conditions.
*
* @param notBefore specifies the earliest time instant at which the
* assertion is valid.
* @param notOnOrAfter specifies the time instant at which the assertion
* has expired.
* @param condition
* @param ar the AudienceRestriction to be
* added. Can be null, if no audience restriction.
* @param oneTimeUse
* @param proxyRestriction
*/
public abstract Conditions createConditions(
GregorianCalendar notBefore,
GregorianCalendar notOnOrAfter,
List condition,
List ar,
List oneTimeUse,
List proxyRestriction) throws SAMLException;
/**
* Constructs an instance of DoNotCacheCondition
*/
public abstract DoNotCacheCondition createDoNotCacheCondition() throws SAMLException;
public abstract OneTimeUse createOneTimeUse() throws SAMLException;
/**
* Constructs an Evidence from a List of Assertion and
* AssertionIDReference objects.
*
* @param assertionIDRef List of AssertionIDReference objects.
* @param assertion List of Assertion objects.
*/
public abstract Evidence createEvidence(List assertionIDRef, List assertion) throws SAMLException;
/**
* Constructs a NameQualifier instance.
*
* @param name The string representing the name of the Subject
* @param nameQualifier The security or administrative domain that qualifies
* the name of the Subject. This is optional could be
* null.
* @param format The syntax used to describe the name of the
* Subject. This optional, could be null.
*/
public abstract NameIdentifier createNameIdentifier(String name, String nameQualifier, String format) throws SAMLException;
/**
* Constructs a NameID instance.
*
* @param name The string representing the name of the Subject
* @param nameQualifier The security or administrative domain that qualifies
* the name of the Subject. This is optional could be
* null.
* @param format The syntax used to describe the name of the
* Subject. This optional, could be null.
*/
public abstract NameID createNameID(String name, String nameQualifier, String format) throws SAMLException;
/**
* Constructs a Subject object from a NameIdentifier
* object and a SubjectConfirmation object.
*
* @param nameIdentifier NameIdentifier object.
* @param subjectConfirmation SubjectConfirmation object.
*/
public abstract Subject createSubject(NameIdentifier nameIdentifier, SubjectConfirmation subjectConfirmation) throws SAMLException;
/**
* Constructs a Subject object from a NameID
* object and a SubjectConfirmation object.
*
* @param nameID NameID object.
* @param subjectConfirmation SubjectConfirmation object.
*/
public abstract Subject createSubject(NameID nameID, SubjectConfirmation subjectConfirmation) throws SAMLException;
/**
* Creates and returns a SubjectConfirmation object.
*
* @param confirmationMethod A URI (String) that identifies a protocol used
* to authenticate a Subject. Please refer to
* draft-sstc-core-25 Section 7 for a list of URIs
* identifying common authentication protocols.
*/
public abstract SubjectConfirmation createSubjectConfirmation(String confirmationMethod) throws SAMLException;
/**
* Creates and returns a SubjectConfirmation object.
*
* @param nameID NameID object.
* @param method A URI (String) that identifies a protocol used
* to authenticate a Subject. Please refer to
* draft-sstc-core-25 Section 7 for a list of URIs
* identifying common authentication protocols.
*/
public abstract SubjectConfirmation createSubjectConfirmation(NameID nameID,String method) throws SAMLException;
public abstract SubjectConfirmation createSubjectConfirmation(
List confirmationMethods,SubjectConfirmationData scd,KeyInfo keyInfo) throws SAMLException ;
/**
* Constructs a SubjectConfirmation instance.
*
* @param confirmationMethods A list of confirmationMethods
* each of which is a URI (String) that identifies a protocol
* used to authenticate a Subject. Please refer to
* draft-sstc-core-25 Section 7 for
* a list of URIs identifying common authentication protocols.
* @param subjectConfirmationData Additional authentication information to
* be used by a specific authentication protocol. Can be passed as
* null if there is no subjectConfirmationData for the
* SubjectConfirmation object.
* @param keyInfo An XML signature element that specifies a cryptographic
* key held by the Subject.
*/
public abstract SubjectConfirmation createSubjectConfirmation(
List confirmationMethods, Element subjectConfirmationData,
Element keyInfo) throws SAMLException;
/**
* Constructs a SubjectConfirmation instance.
*
* @param nameID NameID object.
* @param subjectConfirmationData Additional authentication information to
* be used by a specific authentication protocol. Can be passed as
* null if there is no subjectConfirmationData for the
* SubjectConfirmation object.
* @param confirmationMethods A list of confirmationMethods
* each of which is a URI (String) that identifies a protocol
* used to authenticate a Subject. Please refer to
* draft-sstc-core-25 Section 7 for
* a list of URIs identifying common authentication protocols.
*
*/
public abstract SubjectConfirmation createSubjectConfirmation(
NameID nameID, SubjectConfirmationData subjectConfirmationData,
String confirmationMethods) throws SAMLException;
/**
* Constructs a SubjectConfirmation instance.
*
* @param nameID NameID object.
* @param keyInfoConfirmationData Additional authentication information to
* be used by a specific authentication protocol. Can be passed as
* null if there is no KeyInfoConfirmationData for the
* SubjectConfirmation object.
* @param confirmationMethods A list of confirmationMethods
* each of which is a URI (String) that identifies a protocol
* used to authenticate a Subject. Please refer to
* draft-sstc-core-25 Section 7 for
* a list of URIs identifying common authentication protocols.
*
*/
public abstract SubjectConfirmation createSubjectConfirmation(
NameID nameID, KeyInfoConfirmationData keyInfoConfirmationData,
String confirmationMethods) throws SAMLException;
public abstract SubjectConfirmationData createSubjectConfirmationData(
String address, String inResponseTo, GregorianCalendar notBefore,
GregorianCalendar notOnOrAfter, String recipient, Element keyInfo) throws SAMLException;
public abstract SubjectConfirmationData createSubjectConfirmationData(
String address, String inResponseTo, GregorianCalendar notBefore,
GregorianCalendar notOnOrAfter, String recipient, KeyInfo keyInfo) throws SAMLException;
public abstract KeyInfoConfirmationData createKeyInfoConfirmationData(Element keyInfo) throws SAMLException;
/**
* Constructs a SubjectLocality instance.
*/
public abstract SubjectLocality createSubjectLocality() throws SAMLException;
/**
* Constructs an instance of SubjectLocality.
*
* @param ipAddress String representing the IP Address of the entity
* that was authenticated.
* @param dnsAddress String representing the DNS Address of the entity that
* was authenticated. As per SAML specification they are both
* optional, so values can be null.
*/
public abstract SubjectLocality createSubjectLocality(String ipAddress, String dnsAddress) throws SAMLException;
}