@Override public Credential validate(Credential credential, RequestData data) throws WSSecurityException { super.validate(credential, data); log.debug("Entering OJB saml assertion validator"); SamlAssertionWrapper assertion = credential.getSamlAssertion(); if (assertion == null) { log.error("Error: Unable to find assertion."); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); } //Confirm that the assertion is signed, the framework confirms the validity of the signature if (!assertion.isSigned()) { log.error("Error: Assertion is not signed."); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); } return credential; }
@Override public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential validatedCredential = super.validate(credential, data); SamlAssertionWrapper assertion = validatedCredential.getSamlAssertion();
@Override public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential validatedCredential = super.validate(credential, data); SamlAssertionWrapper assertion = validatedCredential.getSamlAssertion(); if (!"sts".equals(assertion.getIssuerString())) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); } Assertion saml2Assertion = assertion.getSaml2(); if (saml2Assertion == null) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); } List<AttributeStatement> attributeStatements = saml2Assertion.getAttributeStatements(); if (attributeStatements == null || attributeStatements.isEmpty()) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); } return validatedCredential; }