Package com.mulesoft.modules.wss.internal.inbound

Class SamlValidator

java.lang.Object
org.apache.wss4j.dom.validate.SignatureTrustValidator
org.apache.wss4j.dom.validate.SamlAssertionValidator
com.mulesoft.modules.wss.internal.inbound.SamlValidator
All Implemented Interfaces:
org.apache.wss4j.dom.validate.Validator
public class SamlValidator extends org.apache.wss4j.dom.validate.SamlAssertionValidator

  • Constructor Summary

    Constructors
    Constructor
    Description
    SamlValidator(org.apache.wss4j.dom.handler.RequestData data)
    data.getSigVerCrypto() checks if signature verification is enabled in that case, trust will be validated against configured trust-store

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.apache.wss4j.dom.validate.Credential
    verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertion, org.apache.wss4j.dom.handler.RequestData data)
     

    Methods inherited from class org.apache.wss4j.dom.validate.SamlAssertionValidator

    checkAuthnStatements, checkConditions, checkConditions, checkOneTimeUse, getRequiredSubjectConfirmationMethod, getTtl, isRequireBearerSignature, isRequireStandardSubjectConfirmationMethod, isValidateSignatureAgainstProfile, setFutureTTL, setRequireBearerSignature, setRequiredSubjectConfirmationMethod, setRequireStandardSubjectConfirmationMethod, setTtl, setValidateSignatureAgainstProfile, validate, validateAssertion, verifySubjectConfirmationMethod

    Methods inherited from class org.apache.wss4j.dom.validate.SignatureTrustValidator

    getCrypto, validateCertificates, validatePublicKey, verifyTrustInCerts

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • SamlValidator

      public SamlValidator(org.apache.wss4j.dom.handler.RequestData data)
      data.getSigVerCrypto() checks if signature verification is enabled in that case, trust will be validated against configured trust-store
      Parameters:
      data -

  • Method Details

    • verifySignedAssertion

      protected org.apache.wss4j.dom.validate.Credential verifySignedAssertion(org.apache.wss4j.common.saml.SamlAssertionWrapper samlAssertion, org.apache.wss4j.dom.handler.RequestData data) throws org.apache.wss4j.common.ext.WSSecurityException
      Overrides:
      verifySignedAssertion in class org.apache.wss4j.dom.validate.SamlAssertionValidator
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException