org.apache.ws.security.saml
Class WSSecSignatureSAML

java.lang.Object
  extended by org.apache.ws.security.message.WSSecBase
      extended by org.apache.ws.security.message.WSSecSignatureBase
          extended by org.apache.ws.security.message.WSSecSignature
              extended by org.apache.ws.security.saml.WSSecSignatureSAML

public class WSSecSignatureSAML
extends WSSecSignature


Field Summary
 
Fields inherited from class org.apache.ws.security.message.WSSecSignature
bstToken, c14nMethod, canonAlgo, certUri, customTokenId, customTokenValueType, document, keyInfo, keyInfoFactory, keyInfoUri, secRef, secretKey, sig, sigAlgo, signatureFactory, signatureValue, strUri, useSingleCert, wsDocInfo
 
Fields inherited from class org.apache.ws.security.message.WSSecBase
callbackLookup, doDebug, keyIdentifierType, parts, password, user
 
Constructor Summary
WSSecSignatureSAML()
          Constructor.
WSSecSignatureSAML(WSSConfig config)
          Constructor.
 
Method Summary
 Document build(Document doc, Crypto uCrypto, AssertionWrapper assertion, Crypto iCrypto, String iKeyName, String iKeyPW, WSSecHeader secHeader)
          Builds a signed soap envelope with SAML token.
 void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList, WSSecHeader secHeader, Element siblingElement)
          Compute the Signature over the references.
 boolean isUseDirectReferenceToAssertion()
          Return whether a Direct Reference is to be used to reference the assertion.
 void prepare(Document doc, Crypto uCrypto, AssertionWrapper assertion, Crypto iCrypto, String iKeyName, String iKeyPW, WSSecHeader secHeader)
          Initialize a WSSec SAML Signature.
 void prependSAMLElementsToHeader(WSSecHeader secHeader)
          Prepend the SAML elements to the elements already in the Security header.
 void setUseDirectReferenceToAssertion(boolean useDirectReferenceToAssertion)
          Set whether a Direct Reference is to be used to reference the assertion.
 
Methods inherited from class org.apache.ws.security.message.WSSecSignature
addReferencesToSign, appendBSTElementToHeader, build, computeSignature, computeSignature, getBinarySecurityTokenElement, getBSTTokenId, getDigestAlgo, getId, getSecurityTokenReference, getSecurityTokenReferenceURI, getSigCanonicalization, getSignatureAlgorithm, getSignatureElement, getSignatureValue, isUseSingleCertificate, prepare, prependBSTElementToHeader, setCustomTokenId, setCustomTokenValueType, setDigestAlgo, setEncrKeySha1value, setSecretKey, setSecurityTokenReference, setSigCanonicalization, setSignatureAlgorithm, setUseSingleCertificate, setX509Certificate
 
Methods inherited from class org.apache.ws.security.message.WSSecSignatureBase
addReferencesToSign, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
 
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, getWsConfig, setBodyID, setCallbackLookup, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

WSSecSignatureSAML

public WSSecSignatureSAML()
Constructor.


WSSecSignatureSAML

public WSSecSignatureSAML(WSSConfig config)
Constructor.

Method Detail

build

public Document build(Document doc,
                      Crypto uCrypto,
                      AssertionWrapper assertion,
                      Crypto iCrypto,
                      String iKeyName,
                      String iKeyPW,
                      WSSecHeader secHeader)
               throws WSSecurityException
Builds a signed soap envelope with SAML token. The method first gets an appropriate security header. According to the defined parameters for certificate handling the signature elements are constructed and inserted into the wsse:Signature

Parameters:
doc - The unsigned SOAP envelope as Document
uCrypto - The user's Crypto instance
assertion - the complete SAML assertion
iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates
iKeyName - Private key to use in case of "sender-Vouches"
iKeyPW - Password for issuer private key
secHeader - The Security header
Returns:
A signed SOAP envelope as Document
Throws:
WSSecurityException

prepare

public void prepare(Document doc,
                    Crypto uCrypto,
                    AssertionWrapper assertion,
                    Crypto iCrypto,
                    String iKeyName,
                    String iKeyPW,
                    WSSecHeader secHeader)
             throws WSSecurityException
Initialize a WSSec SAML Signature. The method sets up and initializes a WSSec SAML Signature structure after the relevant information was set. After setup of the references to elements to sign may be added. After all references are added they can be signed. This method does not add the Signature element to the security header. See prependSignatureElementToHeader() method.

Parameters:
doc - The SOAP envelope as Document
uCrypto - The user's Crypto instance
assertion - the complete SAML assertion
iCrypto - An instance of the Crypto API to handle keystore SAML token issuer and to generate certificates
iKeyName - Private key to use in case of "sender-Vouches"
iKeyPW - Password for issuer private key
secHeader - The Security header
Throws:
WSSecurityException

prependSAMLElementsToHeader

public void prependSAMLElementsToHeader(WSSecHeader secHeader)
Prepend the SAML elements to the elements already in the Security header. The method can be called any time after prepare(). This allows to insert the SAML elements at any position in the Security header. This methods first prepends the SAML security reference if mode is senderVouches, then the SAML token itself,

Parameters:
secHeader - The security header that holds the BST element.

computeSignature

public void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList,
                             WSSecHeader secHeader,
                             Element siblingElement)
                      throws WSSecurityException
Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:
WSSecurityException

isUseDirectReferenceToAssertion

public boolean isUseDirectReferenceToAssertion()
Return whether a Direct Reference is to be used to reference the assertion. The default is false.

Returns:
whether a Direct Reference is to be used to reference the assertion

setUseDirectReferenceToAssertion

public void setUseDirectReferenceToAssertion(boolean useDirectReferenceToAssertion)
Set whether a Direct Reference is to be used to reference the assertion. The default is false.

Parameters:
useDirectReferenceToAssertion - whether a Direct Reference is to be used to reference the assertion


Copyright © 2004-2013 The Apache Software Foundation. All Rights Reserved.