Package org.apache.wss4j.dom.saml

Class WSSecSignatureSAML

java.lang.Object
org.apache.wss4j.dom.message.WSSecBase
org.apache.wss4j.dom.message.WSSecSignatureBase
org.apache.wss4j.dom.message.WSSecSignature
org.apache.wss4j.dom.saml.WSSecSignatureSAML
public class WSSecSignatureSAML extends WSSecSignature

  • Constructor Details

    • WSSecSignatureSAML

      public WSSecSignatureSAML(WSSecHeader securityHeader)
      Constructor.

    • WSSecSignatureSAML

      public WSSecSignatureSAML(Document doc)

  • Method Details

    • build

      public Document build(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) throws WSSecurityException
      Builds a signed soap envelope with SAML token. The method first gets an appropriate security header. According to the defined parameters for certificate handling the signature elements are constructed and inserted into the wsse:Signature
      Parameters:
      uCrypto - The user's Crypto instance
      samlAssertion - the complete SAML assertion
      iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates
      iKeyName - Private key to use in case of "sender-Vouches"
      iKeyPW - Password for issuer private key
      Returns:
      A signed SOAP envelope as Document
      Throws:
      WSSecurityException

    • prepare

      public void prepare(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) throws WSSecurityException
      Initialize a WSSec SAML Signature. The method sets up and initializes a WSSec SAML Signature structure after the relevant information was set. After setup of the references to elements to sign may be added. After all references are added they can be signed. This method does not add the Signature element to the security header. See prependSignatureElementToHeader() method.
      Parameters:
      uCrypto - The user's Crypto instance
      samlAssertion - the complete SAML assertion
      iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates
      iKeyName - Private key to use in case of "sender-Vouches"
      iKeyPW - Password for issuer private key
      Throws:
      WSSecurityException

    • prependSAMLElementsToHeader

      public void prependSAMLElementsToHeader()
      Prepend the SAML elements to the elements already in the Security header. The method can be called any time after prepare(). This allows to insert the SAML elements at any position in the Security header. This methods first prepends the SAML security reference if mode is senderVouches, then the SAML token itself,

    • computeSignature

      public void computeSignature(List<Reference> referenceList, Element siblingElement) throws WSSecurityException
      Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().
      Throws:
      WSSecurityException

    • isUseDirectReferenceToAssertion

      public boolean isUseDirectReferenceToAssertion()
      Return whether a Direct Reference is to be used to reference the assertion. The default is false.
      Returns:
      whether a Direct Reference is to be used to reference the assertion

    • setUseDirectReferenceToAssertion

      public void setUseDirectReferenceToAssertion(boolean useDirectReferenceToAssertion)
      Set whether a Direct Reference is to be used to reference the assertion. The default is false.
      Parameters:
      useDirectReferenceToAssertion - whether a Direct Reference is to be used to reference the assertion