log.debug("{} Validation of protocol message signature succeeded, message type: {}", getLogPrefix(), msgType); if (!peerContext.isAuthenticated()) { log.debug("{} Authentication via protocol message signature succeeded for " + "context issuer entity ID {}", getLogPrefix(), contextEntityID);
/** * Validate assertion signature. If none is found and the SAML response did not have one and the SP requires * the assertions to be signed, the validation fails. * * @param signature the signature * @param context the context * @param engine the engine */ protected final void validateAssertionSignature(final Signature signature, final SAML2MessageContext context, final SignatureTrustEngine engine) { final SAMLPeerEntityContext peerContext = context.getSAMLPeerEntityContext(); if (signature != null) { final String entityId = peerContext.getEntityId(); validateSignature(signature, entityId, engine); } else { if (wantsAssertionsSigned(context) && !peerContext.isAuthenticated()) { throw new SAMLSignatureRequiredException("Assertion or response must be signed"); } } }
if (validateSignature(signature, signedContent, algorithmURI, criteriaSet, candidateCredentials)) { log.debug("{} Validation of request simple signature succeeded", getLogPrefix()); if (!peerContext.isAuthenticated()) { log.debug( "{} Authentication via request simple signature succeeded for context issuer entity ID {}", if (validateSignature(signature, signedContent, algorithmURI, criteriaSet, candidateCredentials)) { log.debug("{} Validation of request simple signature succeeded", getLogPrefix()); if (!peerContext.isAuthenticated()) { log.debug("{} Authentication via request simple signature succeeded for derived issuer {}", getLogPrefix(), derivedEntityID);