AbstractSamlPolicyValidator (Apache CXF Runtime WS Security 3.0.3 API)

java.lang.Object
- org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractTokenPolicyValidator
- - org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractSamlPolicyValidator

Direct Known Subclasses:

IssuedTokenPolicyValidator, SamlTokenPolicyValidator
```
public abstract class AbstractSamlPolicyValidator
extends AbstractTokenPolicyValidator
```
Some abstract functionality for validating SAML Assertions

Constructor Summary

Constructors
Constructor and Description

AbstractSamlPolicyValidator()

Constructors
Constructor and Description
`AbstractSamlPolicyValidator()`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`checkHolderOfKey(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Certificate[] tlsCerts)` Check the holder-of-key requirements against the received assertion.
`protected boolean`	`compareCredentials(org.apache.wss4j.common.saml.SAMLKeyInfo subjectKeyInfo, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Certificate[] tlsCerts)` Compare the credentials of the assertion to the credentials used in 2-way TLS or those used to verify signatures.
`protected boolean`	`isTokenRequired(org.apache.wss4j.policy.model.AbstractToken token, org.apache.cxf.message.Message message)` Check to see if a token is required or not.

Methods inherited from class org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractTokenPolicyValidator
assertPolicy, assertPolicy, getAllAssertionsByLocalname

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AbstractSamlPolicyValidator
```
public AbstractSamlPolicyValidator()
```
- Method Detail
  - isTokenRequired
```
protected boolean isTokenRequired(org.apache.wss4j.policy.model.AbstractToken token,
                      org.apache.cxf.message.Message message)
```
    Check to see if a token is required or not.
    
    Overrides:
    
    isTokenRequired in class AbstractTokenPolicyValidator
    
    Parameters:
    token - the token
    message - The message
    
    Returns:
    true if the token is required
  - checkHolderOfKey
```
public boolean checkHolderOfKey(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper,
                       List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                       Certificate[] tlsCerts)
```
    Check the holder-of-key requirements against the received assertion. The subject credential of the SAML Assertion must have been used to sign some portion of the message, thus showing proof-of-possession of the private/secret key. Alternatively, the subject credential of the SAML Assertion must match a client certificate credential when 2-way TLS is used.
    
    Parameters:
    assertionWrapper - the SAML Assertion wrapper object
    signedResults - a list of all of the signed results
  - compareCredentials
```
protected boolean compareCredentials(org.apache.wss4j.common.saml.SAMLKeyInfo subjectKeyInfo,
                         List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                         Certificate[] tlsCerts)
```
    Compare the credentials of the assertion to the credentials used in 2-way TLS or those used to verify signatures. Return true on a match
    
    Parameters:
    subjectKeyInfo - the SAMLKeyInfo object
    signedResults - a list of all of the signed results
    
    Returns:
    true if the credentials of the assertion were used to verify a signature

Class AbstractSamlPolicyValidator

Constructor Summary

Method Summary

Methods inherited from class org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractTokenPolicyValidator

Methods inherited from class java.lang.Object

Constructor Detail

AbstractSamlPolicyValidator

Method Detail

isTokenRequired

checkHolderOfKey

compareCredentials