if (assertion.getSignature() != null) { final SignaturePrevalidator validator = new SAMLSignatureProfileValidator(); try { validator.validate(assertion.getSignature()); valid = engine.validate(assertion.getSignature(), criteriaSet); } catch (final SecurityException e) { LOGGER.warn(e.getMessage(), e);
return false; val signature = assertion.getSignature(); if (signature == null) { LOGGER.warn("No signature is attached to the assertion to validate");
private void signAssertion( SamlAssertionWrapper assertion, TokenRenewerParameters tokenParameters ) throws Exception { if (signToken) { STSPropertiesMBean stsProperties = tokenParameters.getStsProperties(); String realm = tokenParameters.getRealm(); RealmProperties samlRealm = null; if (realm != null && realmMap.containsKey(realm)) { samlRealm = realmMap.get(realm); } signToken(assertion, samlRealm, stsProperties, tokenParameters.getKeyRequirements()); } else { if (assertion.getSaml1().getSignature() != null) { assertion.getSaml1().setSignature(null); } else if (assertion.getSaml2().getSignature() != null) { assertion.getSaml2().setSignature(null); } } }
private void signAssertion( SamlAssertionWrapper assertion, TokenRenewerParameters tokenParameters ) throws Exception { if (signToken) { STSPropertiesMBean stsProperties = tokenParameters.getStsProperties(); String realm = tokenParameters.getRealm(); RealmProperties samlRealm = null; if (realm != null && realmMap.containsKey(realm)) { samlRealm = realmMap.get(realm); } signToken(assertion, samlRealm, stsProperties, tokenParameters.getKeyRequirements()); } else { if (assertion.getSaml1().getSignature() != null) { assertion.getSaml1().setSignature(null); } else if (assertion.getSaml2().getSignature() != null) { assertion.getSaml2().setSignature(null); } } }
private static void signXMLObject(XMLObject xmlObject) throws WSSecurityException { if (xmlObject instanceof org.opensaml.saml.saml1.core.Response) { org.opensaml.saml.saml1.core.Response response = (org.opensaml.saml.saml1.core.Response)xmlObject; // Sign any Assertions if (response.getAssertions() != null) { for (org.opensaml.saml.saml1.core.Assertion assertion : response.getAssertions()) { signObject(assertion.getSignature()); } } signObject(response.getSignature()); } else if (xmlObject instanceof org.opensaml.saml.saml2.core.Response) { org.opensaml.saml.saml2.core.Response response = (org.opensaml.saml.saml2.core.Response)xmlObject; // Sign any Assertions if (response.getAssertions() != null) { for (org.opensaml.saml.saml2.core.Assertion assertion : response.getAssertions()) { signObject(assertion.getSignature()); } } signObject(response.getSignature()); } else if (xmlObject instanceof SignableSAMLObject) { signObject(((SignableSAMLObject)xmlObject).getSignature()); } }