congrats Icon
New! Announcing Tabnine Chat Beta
Learn More
Tabnine Logo
AssertionUtil.isSignatureValid
Code IndexAdd Tabnine to your IDE (free)

How to use
isSignatureValid
method
in
org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil

Best Java code snippets using org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil.isSignatureValid (Showing top 5 results out of 315)

origin: org.overlord/overlord-commons-auth

/**
 * Validates the SAML assertion's signature is valid.
 */
public static boolean isSAMLAssertionSignatureValid(Document samlAssertion, KeyPair keyPair) {
  return AssertionUtil.isSignatureValid(samlAssertion.getDocumentElement(), keyPair.getPublic());
}
origin: org.picketlink.distribution/picketlink-jbas7

/**
 * This method validates SAML Credential in following steps: <ol> <li>Validate the signing key embedded in SAML token is still
 * valid, not expired</li> <li>Validate the signing key embedded in SAML token is trusted against a local truststore,  such as
 * certpath validation</li> <li>Validate SAML token is still valid, not expired</li> <li>Validate the SAML signature using the
 * embedded signing key in SAML token itself as you indicated below</li> </ol>
 *
 * If something goes wrong throws LoginException.
 *
 * @throws LoginException
 */
private void validateSAMLCredential() throws LoginException, ConfigurationException, CertificateExpiredException, CertificateNotYetValidException {
  X509Certificate cert = getX509Certificate();
  // public certificate validation
  validateCertPath(cert);
  // check time validity of the certificate
  cert.checkValidity();
  boolean sigValid = false;
  try {
    sigValid = AssertionUtil.isSignatureValid(credential.getAssertionAsElement(), cert.getPublicKey());
  } catch (ProcessingException e) {
    logger.processingError(e);
  }
  if (!sigValid) {
    throw logger.authSAMLInvalidSignatureError();
  }
  if (AssertionUtil.hasExpired(assertion)) {
    throw logger.authSAMLAssertionExpiredError();
  }
}
origin: org.picketlink.distribution/picketlink-jbas5

/**
 * This method validates SAML Credential in following steps: <ol> <li>Validate the signing key embedded in SAML token is still
 * valid, not expired</li> <li>Validate the signing key embedded in SAML token is trusted against a local truststore,  such as
 * certpath validation</li> <li>Validate SAML token is still valid, not expired</li> <li>Validate the SAML signature using the
 * embedded signing key in SAML token itself as you indicated below</li> </ol>
 *
 * If something goes wrong throws LoginException.
 *
 * @throws LoginException
 */
private void validateSAMLCredential() throws LoginException, ConfigurationException, CertificateExpiredException, CertificateNotYetValidException {
  X509Certificate cert = getX509Certificate();
  // public certificate validation
  validateCertPath(cert);
  // check time validity of the certificate
  cert.checkValidity();
  boolean sigValid = false;
  try {
    sigValid = AssertionUtil.isSignatureValid(credential.getAssertionAsElement(), cert.getPublicKey());
  } catch (ProcessingException e) {
    logger.processingError(e);
  }
  if (!sigValid) {
    throw logger.authSAMLInvalidSignatureError();
  }
  if (AssertionUtil.hasExpired(assertion)) {
    throw logger.authSAMLAssertionExpiredError();
  }
}
origin: org.picketlink.distribution/picketlink-jbas7

boolean sigValid = AssertionUtil.isSignatureValid(assertionElement, publicKey);
if (!sigValid) {
  throw logger.authSAMLInvalidSignatureError();
origin: org.picketlink.distribution/picketlink-jbas5

boolean sigValid = AssertionUtil.isSignatureValid(assertionElement, publicKey);
if (!sigValid) {
  throw logger.authSAMLInvalidSignatureError();
org.picketlink.identity.federation.core.saml.v2.utilAssertionUtilisSignatureValid

Javadoc

Given an assertion element, validate the signature

Popular methods of AssertionUtil

  • hasExpired
    Verify whether the assertion has expired. You can add in a clock skew to adapt to conditions where i
  • getRoles
    Given an assertion, return the list of roles it may have
  • getExpiration
    Extract the expiration time from an AssertionType
  • asString
    Given AssertionType, convert it into a String
  • createTimedConditions
    Add validity conditions to the SAML2 Assertion
  • createAssertion
    Create an assertion
  • createSAML11TimedConditions
    Add validity conditions to the SAML2 Assertion
  • asDocument
    Given AssertionType, convert it into a DOM Document.
  • createAssertionSubject
    Given a user name, create a SubjectType that can then be inserted into an assertion
  • isAudience
    Checks whether the given assertion is intended for the given org.picketlink.config.federation.SPType

Popular in Java

  • Parsing JSON documents to java classes using gson
  • getSupportFragmentManager (FragmentActivity)
  • scheduleAtFixedRate (ScheduledExecutorService)
  • notifyDataSetChanged (ArrayAdapter)
  • BufferedWriter (java.io)
    Wraps an existing Writer and buffers the output. Expensive interaction with the underlying reader is
  • Runnable (java.lang)
    Represents a command that can be executed. Often used to run code in a different Thread.
  • HttpURLConnection (java.net)
    An URLConnection for HTTP (RFC 2616 [http://tools.ietf.org/html/rfc2616]) used to send and receive d
  • Hashtable (java.util)
    A plug-in replacement for JDK1.5 java.util.Hashtable. This version is based on org.cliffc.high_scale
  • JTextField (javax.swing)
  • Option (scala)
  • Top Sublime Text plugins
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now