protected boolean checkHolderOfKey(Message message, SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) { List<String> confirmationMethods = assertionWrapper.getConfirmationMethods(); for (String confirmationMethod : confirmationMethods) { if (OpenSAMLUtil.isMethodHolderOfKey(confirmationMethod)) { SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (!compareCredentials(subjectKeyInfo, message, tlsCerts)) { return false; } } } return true; }
String content = child.getTextContent(); if (content.endsWith("SymmetricKey")) { SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo == null || subjectKeyInfo.getSecret() == null) { return false; SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo == null || (subjectKeyInfo.getPublicKey() == null && subjectKeyInfo.getCerts() == null)) {
String content = child.getTextContent(); if (content.endsWith("SymmetricKey")) { SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo == null || subjectKeyInfo.getSecret() == null) { return false; SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo == null || (subjectKeyInfo.getPublicKey() == null && subjectKeyInfo.getCerts() == null)) {
protected boolean checkHolderOfKey(Message message, SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) { List<String> confirmationMethods = assertionWrapper.getConfirmationMethods(); for (String confirmationMethod : confirmationMethods) { if (OpenSAMLUtil.isMethodHolderOfKey(confirmationMethod)) { SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (!compareCredentials(subjectKeyInfo, message, tlsCerts)) { return false; } } } return true; }
return false; SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (!compareCredentials(subjectKeyInfo, signedResults, tlsCerts)) { return false;
for (String method : methods) { if (OpenSAMLUtil.isMethodHolderOfKey(method)) { if (samlAssertion.getSubjectKeyInfo() == null) { LOG.debug("There is no Subject KeyInfo to match the holder-of-key subject conf method"); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKeyInSAMLToken");
for (String method : methods) { if (OpenSAMLUtil.isMethodHolderOfKey(method)) { if (samlAssertion.getSubjectKeyInfo() == null) { LOG.fine("There is no Subject KeyInfo to match the holder-of-key subject conf method"); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKeyInSAMLToken");
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
SamlAssertionWrapper assertion = (SamlAssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); if (assertion != null && assertion.getSubjectKeyInfo() != null && assertion.getSubjectKeyInfo().getSecret() != null) { WSSecurityEngineResult dktResult = getMatchingDerivedKey(assertion.getSubjectKeyInfo().getSecret(), parameters.getResults()); if (dktResult != null) { dktResults.add(dktResult);
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
SamlAssertionWrapper assertion = (SamlAssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); if (assertion != null && assertion.getSubjectKeyInfo() != null && assertion.getSubjectKeyInfo().getSecret() != null) { WSSecurityEngineResult dktResult = getMatchingDerivedKey(assertion.getSubjectKeyInfo().getSecret(), parameters.getResults()); if (dktResult != null) { dktResults.add(dktResult);
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)token.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (samlKeyInfo != null) { X509Certificate[] subjectCerts = samlKeyInfo.getCerts();
); SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo(); if (keyInfo == null) { keyInfo = new SAMLKeyInfo((byte[])null);
); SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo(); if (keyInfo == null) { keyInfo = new SAMLKeyInfo((byte[])null);
private SecurityToken createSecurityToken( SamlAssertionWrapper assertionWrapper ) { SecurityToken token = new SecurityToken(assertionWrapper.getId()); SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo != null) { token.setSecret(subjectKeyInfo.getSecret()); X509Certificate[] certs = subjectKeyInfo.getCerts(); if (certs != null && certs.length > 0) { token.setX509Certificate(certs[0], null); } if (subjectKeyInfo.getPublicKey() != null) { token.setKey(subjectKeyInfo.getPublicKey()); } } if (assertionWrapper.getSaml1() != null) { token.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE); } else if (assertionWrapper.getSaml2() != null) { token.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE); } token.setToken(assertionWrapper.getElement()); return token; }
private SecurityToken createSecurityToken( SamlAssertionWrapper assertionWrapper ) { SecurityToken token = new SecurityToken(assertionWrapper.getId()); SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo(); if (subjectKeyInfo != null) { token.setSecret(subjectKeyInfo.getSecret()); X509Certificate[] certs = subjectKeyInfo.getCerts(); if (certs != null && certs.length > 0) { token.setX509Certificate(certs[0], null); } if (subjectKeyInfo.getPublicKey() != null) { token.setKey(subjectKeyInfo.getPublicKey()); } } if (assertionWrapper.getSaml1() != null) { token.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE); } else if (assertionWrapper.getSaml2() != null) { token.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE); } token.setToken(assertionWrapper.getElement()); return token; }
STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer()); SAMLKeyInfo keyInfo = samlAssertion.getSubjectKeyInfo(); if (keyInfo == null) { throw new WSSecurityException(