Package org.apache.cxf.ws.security.trust

Class STSSamlAssertionValidator

java.lang.Object

org.apache.wss4j.dom.validate.SignatureTrustValidator

org.apache.wss4j.dom.validate.SamlAssertionValidator

org.apache.cxf.ws.security.trust.STSSamlAssertionValidator

All Implemented Interfaces:

Validator

public class STSSamlAssertionValidator
extends SamlAssertionValidator

This class validates a SAML Assertion by invoking the SamlAssertionValidator in WSS4J. It overrides the signature verification, so that if the signature is not trusted, it just sets a boolean. The STSTokenValidator can parse this tag and dispatch the Assertion to the STS for validation.

Constructor Summary

Constructors

Constructor	Description
STSSamlAssertionValidator()

Method Summary

Modifier and Type	Method	Description
boolean	isTrustVerificationSucceeded()	Return if trust verification on the signature of the assertion succeeded.
protected Credential	verifySignedAssertion(SamlAssertionWrapper assertion, RequestData data)	Try to verify trust on the assertion.

Methods inherited from class org.apache.wss4j.dom.validate.SamlAssertionValidator

checkAuthnStatements, checkConditions, checkConditions, checkOneTimeUse, getRequiredSubjectConfirmationMethod, getTtl, isRequireBearerSignature, isRequireStandardSubjectConfirmationMethod, isValidateSignatureAgainstProfile, setFutureTTL, setRequireBearerSignature, setRequiredSubjectConfirmationMethod, setRequireStandardSubjectConfirmationMethod, setTtl, setValidateSignatureAgainstProfile, validate, validateAssertion, verifySubjectConfirmationMethod

Methods inherited from class org.apache.wss4j.dom.validate.SignatureTrustValidator

getCrypto, validateCertificates, validatePublicKey, verifyTrustInCerts

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

STSSamlAssertionValidator

public STSSamlAssertionValidator()

Method Detail

verifySignedAssertion

protected Credential verifySignedAssertion(SamlAssertionWrapper assertion,
                                           RequestData data)
                                    throws WSSecurityException

Try to verify trust on the assertion. If it fails, then set a boolean and return.

Overrides:

verifySignedAssertion in class SamlAssertionValidator

Parameters:

assertion - The signed Assertion

data - The RequestData context

Returns:

A Credential instance

Throws:

WSSecurityException

isTrustVerificationSucceeded

public boolean isTrustVerificationSucceeded()

Return if trust verification on the signature of the assertion succeeded.

Returns:

if trust verification on the signature of the assertion succeeded