Package org.apache.wss4j.stax.validate

Class SamlTokenValidatorImpl

java.lang.Object
org.apache.wss4j.stax.validate.SignatureTokenValidatorImpl
org.apache.wss4j.stax.validate.SamlTokenValidatorImpl
All Implemented Interfaces:
SamlTokenValidator, SignatureTokenValidator, Validator
public class SamlTokenValidatorImpl extends SignatureTokenValidatorImpl implements SamlTokenValidator

  • Constructor Details

    • SamlTokenValidatorImpl

      public SamlTokenValidatorImpl()

  • Method Details

    • setFutureTTL

      public void setFutureTTL(int newFutureTTL)
      Set the time in seconds in the future within which the NotBefore time of an incoming Assertion is valid. The default is 60 seconds.

    • isValidateSignatureAgainstProfile

      public boolean isValidateSignatureAgainstProfile()
      Whether to validate the signature of the Assertion (if it exists) against the relevant profile. Default is true.

    • setValidateSignatureAgainstProfile

      public void setValidateSignatureAgainstProfile(boolean validateSignatureAgainstProfile)
      Whether to validate the signature of the Assertion (if it exists) against the relevant profile. Default is true.

    • getRequiredSubjectConfirmationMethod

      public String getRequiredSubjectConfirmationMethod()

    • setRequiredSubjectConfirmationMethod

      public void setRequiredSubjectConfirmationMethod(String requiredSubjectConfirmationMethod)

    • validate

      public <T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken> T validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext) throws WSSecurityException
      Specified by:
      validate in interface SamlTokenValidator
      Throws:
      WSSecurityException

    • verifySubjectConfirmationMethod

      protected void verifySubjectConfirmationMethod(SamlAssertionWrapper samlAssertion) throws WSSecurityException
      Check the Subject Confirmation method requirements
      Throws:
      WSSecurityException

    • checkConditions

      protected void checkConditions(SamlAssertionWrapper samlAssertion, List<String> audienceRestrictions) throws WSSecurityException
      Check the Conditions of the Assertion.
      Throws:
      WSSecurityException

    • checkConditions

      protected void checkConditions(SamlAssertionWrapper samlAssertion) throws WSSecurityException
      Check the Conditions of the Assertion.
      Throws:
      WSSecurityException

    • checkAuthnStatements

      protected void checkAuthnStatements(SamlAssertionWrapper samlAssertion) throws WSSecurityException
      Check the AuthnStatements of the Assertion (if any)
      Throws:
      WSSecurityException

    • checkOneTimeUse

      protected void checkOneTimeUse(SamlAssertionWrapper samlAssertion, ReplayCache replayCache) throws WSSecurityException
      Check the "OneTimeUse" Condition of the Assertion. If this is set then the Assertion is cached (if a cache is defined), and must not have been previously cached
      Throws:
      WSSecurityException

    • validateAssertion

      protected void validateAssertion(SamlAssertionWrapper samlAssertion) throws WSSecurityException
      Validate the samlAssertion against schemas/profiles
      Throws:
      WSSecurityException

    • isRequireStandardSubjectConfirmationMethod

      public boolean isRequireStandardSubjectConfirmationMethod()

    • setRequireStandardSubjectConfirmationMethod

      public void setRequireStandardSubjectConfirmationMethod(boolean requireStandardSubjectConfirmationMethod)

    • isRequireBearerSignature

      public boolean isRequireBearerSignature()

    • setRequireBearerSignature

      public void setRequireBearerSignature(boolean requireBearerSignature)

    • getTtl

      public int getTtl()

    • setTtl

      public void setTtl(int ttl)