org.opensaml.saml2.core.NameIDPolicy Java Examples
The following examples show how to use
org.opensaml.saml2.core.NameIDPolicy.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: NameIDMappingRequestUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
throws UnmarshallingException {
NameIDMappingRequest req = (NameIDMappingRequest) parentSAMLObject;
if (childSAMLObject instanceof BaseID) {
req.setBaseID((BaseID) childSAMLObject);
} else if (childSAMLObject instanceof NameID) {
req.setNameID((NameID) childSAMLObject);
} else if (childSAMLObject instanceof EncryptedID) {
req.setEncryptedID((EncryptedID) childSAMLObject);
} else if (childSAMLObject instanceof NameIDPolicy) {
req.setNameIDPolicy((NameIDPolicy) childSAMLObject);
} else {
super.processChildElement(parentSAMLObject, childSAMLObject);
}
}
Example #2
| Source File: AuthnRequestUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
throws UnmarshallingException {
AuthnRequest req = (AuthnRequest) parentSAMLObject;
if (childSAMLObject instanceof Subject) {
req.setSubject((Subject) childSAMLObject);
} else if (childSAMLObject instanceof NameIDPolicy) {
req.setNameIDPolicy((NameIDPolicy) childSAMLObject);
} else if (childSAMLObject instanceof Conditions) {
req.setConditions((Conditions) childSAMLObject);
} else if (childSAMLObject instanceof RequestedAuthnContext) {
req.setRequestedAuthnContext((RequestedAuthnContext) childSAMLObject);
} else if (childSAMLObject instanceof Scoping) {
req.setScoping((Scoping) childSAMLObject);
} else {
super.processChildElement(parentSAMLObject, childSAMLObject);
}
}
Example #3
| Source File: NameIDPolicyMarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
NameIDPolicy policy = (NameIDPolicy) samlObject;
if (policy.getFormat() != null) {
domElement.setAttributeNS(null, NameIDPolicy.FORMAT_ATTRIB_NAME, policy.getFormat());
}
if (policy.getSPNameQualifier() != null) {
domElement.setAttributeNS(null, NameIDPolicy.SP_NAME_QUALIFIER_ATTRIB_NAME, policy.getSPNameQualifier());
}
if (policy.getAllowCreateXSBoolean() != null) {
domElement.setAttributeNS(null, NameIDPolicy.ALLOW_CREATE_ATTRIB_NAME, policy.getAllowCreateXSBoolean()
.toString());
}
}
Example #4
| Source File: NameIDPolicyUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
NameIDPolicy policy = (NameIDPolicy) samlObject;
if (attribute.getLocalName().equals(NameIDPolicy.FORMAT_ATTRIB_NAME)) {
policy.setFormat(attribute.getValue());
}
if (attribute.getLocalName().equals(NameIDPolicy.SP_NAME_QUALIFIER_ATTRIB_NAME)) {
policy.setSPNameQualifier(attribute.getValue());
}
if (attribute.getLocalName().equals(NameIDPolicy.ALLOW_CREATE_ATTRIB_NAME)) {
policy.setAllowCreate(XSBooleanValue.valueOf(attribute.getValue()));
} else {
super.processAttribute(samlObject, attribute);
}
}
Example #5
| Source File: AuthenticationRequestBuilder.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* Build the NameIDPolicy object
*
* @return NameIDPolicy object
*/
private static NameIDPolicy buildNameIDPolicy(String nameIdPolicyFormat) {
NameIDPolicy nameIDPolicy = new NameIDPolicyBuilder().buildObject();
if (nameIdPolicyFormat == null) {
nameIdPolicyFormat = SAML2SSOAuthenticatorConstants.SAML2_NAME_ID_POLICY_UNSPECIFIED;
}
nameIDPolicy.setFormat(nameIdPolicyFormat);
nameIDPolicy.setAllowCreate(true);
return nameIDPolicy;
}
Example #6
| Source File: AuthReqBuilder.java From carbon-commons with Apache License 2.0 | 5 votes |
|
/**
* Build the NameIDPolicy object
*
* @return NameIDPolicy object
*/
private static NameIDPolicy buildNameIDPolicy() {
NameIDPolicy nameIDPolicy = new NameIDPolicyBuilder().buildObject();
nameIDPolicy.setFormat(SSOConstants.SAML2_NAME_ID_POLICY);
nameIDPolicy.setAllowCreate(true);
return nameIDPolicy;
}
Example #7
| Source File: AuthnRequestImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public NameIDPolicy getNameIDPolicy() {
return this.nameIDPolicy;
}
Example #8
| Source File: AuthnRequestImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public void setNameIDPolicy(NameIDPolicy newNameIDPolicy) {
this.nameIDPolicy = prepareForAssignment(this.nameIDPolicy, newNameIDPolicy);
}
Example #9
| Source File: NameIDPolicyBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public NameIDPolicy buildObject() {
return buildObject(SAMLConstants.SAML20P_NS, NameIDPolicy.DEFAULT_ELEMENT_LOCAL_NAME,
SAMLConstants.SAML20P_PREFIX);
}
Example #10
| Source File: NameIDPolicyBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public NameIDPolicy buildObject(String namespaceURI, String localName, String namespacePrefix) {
return new NameIDPolicyImpl(namespaceURI, localName, namespacePrefix);
}
Example #11
| Source File: NameIDMappingRequestImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public NameIDPolicy getNameIDPolicy() {
return this.nameIDPolicy;
}
Example #12
| Source File: NameIDMappingRequestImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public void setNameIDPolicy(NameIDPolicy newNameIDPolicy) {
this.nameIDPolicy = prepareForAssignment(this.nameIDPolicy, newNameIDPolicy);
}
Example #13
| Source File: DefaultSAML2SSOManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private AuthnRequest buildAuthnRequest(HttpServletRequest request,
boolean isPassive, String idpUrl, AuthenticationContext context) throws SAMLSSOException {
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:assertion", "Issuer", "samlp");
String spEntityId = properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.SP_ENTITY_ID);
if (spEntityId != null && !spEntityId.isEmpty()) {
issuer.setValue(spEntityId);
} else {
issuer.setValue("carbonServer");
}
DateTime issueInstant = new DateTime();
/* Creation of AuthRequestObject */
AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
AuthnRequest authRequest = authRequestBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:protocol",
"AuthnRequest", "samlp");
authRequest.setForceAuthn(isForceAuthenticate(context));
authRequest.setIsPassive(isPassive);
authRequest.setIssueInstant(issueInstant);
String includeProtocolBindingProp = properties
.get(IdentityApplicationConstants.Authenticator.SAML2SSO.INCLUDE_PROTOCOL_BINDING);
if (StringUtils.isEmpty(includeProtocolBindingProp) || Boolean.parseBoolean(includeProtocolBindingProp)) {
authRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
}
String acsUrl = null;
AuthenticatorConfig authenticatorConfig =
FileBasedConfigurationBuilder.getInstance().getAuthenticatorConfigMap()
.get(SSOConstants.AUTHENTICATOR_NAME);
if (authenticatorConfig != null){
String tmpAcsUrl = authenticatorConfig.getParameterMap().get(SSOConstants.ServerConfig.SAML_SSO_ACS_URL);
if(StringUtils.isNotBlank(tmpAcsUrl)){
acsUrl = tmpAcsUrl;
}
}
if(acsUrl == null) {
acsUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
}
authRequest.setAssertionConsumerServiceURL(acsUrl);
authRequest.setIssuer(issuer);
authRequest.setID(SSOUtils.createID());
authRequest.setVersion(SAMLVersion.VERSION_20);
authRequest.setDestination(idpUrl);
String attributeConsumingServiceIndexProp = properties
.get(IdentityApplicationConstants.Authenticator.SAML2SSO.ATTRIBUTE_CONSUMING_SERVICE_INDEX);
if (StringUtils.isNotEmpty(attributeConsumingServiceIndexProp)) {
try {
authRequest.setAttributeConsumingServiceIndex(Integer
.valueOf(attributeConsumingServiceIndexProp));
} catch (NumberFormatException e) {
log.error(
"Error while populating SAMLRequest with AttributeConsumingServiceIndex: "
+ attributeConsumingServiceIndexProp, e);
}
}
String includeNameIDPolicyProp = properties
.get(IdentityApplicationConstants.Authenticator.SAML2SSO.INCLUDE_NAME_ID_POLICY);
if (StringUtils.isEmpty(includeNameIDPolicyProp) || Boolean.parseBoolean(includeNameIDPolicyProp)) {
NameIDPolicyBuilder nameIdPolicyBuilder = new NameIDPolicyBuilder();
NameIDPolicy nameIdPolicy = nameIdPolicyBuilder.buildObject();
nameIdPolicy.setFormat(NameIDType.UNSPECIFIED);
//nameIdPolicy.setSPNameQualifier("Issuer");
nameIdPolicy.setAllowCreate(true);
authRequest.setNameIDPolicy(nameIdPolicy);
}
//Get the inbound SAMLRequest
AuthnRequest inboundAuthnRequest = getAuthnRequest(context);
RequestedAuthnContext requestedAuthnContext = buildRequestedAuthnContext(inboundAuthnRequest);
if (requestedAuthnContext != null) {
authRequest.setRequestedAuthnContext(requestedAuthnContext);
}
Extensions extensions = getSAMLExtensions(request);
if (extensions != null) {
authRequest.setExtensions(extensions);
}
return authRequest;
}
Example #14
| Source File: SAML2SSOManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
protected AuthnRequest buildAuthnRequest(HttpServletRequest request) throws SSOAgentException {
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer =
issuerBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:assertion",
"Issuer", "samlp");
issuer.setValue(ssoAgentConfig.getSAML2().getSPEntityId());
/* NameIDPolicy */
NameIDPolicyBuilder nameIdPolicyBuilder = new NameIDPolicyBuilder();
NameIDPolicy nameIdPolicy = nameIdPolicyBuilder.buildObject();
nameIdPolicy.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
nameIdPolicy.setSPNameQualifier("Issuer");
nameIdPolicy.setAllowCreate(true);
/* AuthnContextClass */
AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
AuthnContextClassRef authnContextClassRef =
authnContextClassRefBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:assertion",
"AuthnContextClassRef",
"saml");
authnContextClassRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
/* AuthnContex */
RequestedAuthnContextBuilder requestedAuthnContextBuilder =
new RequestedAuthnContextBuilder();
RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
DateTime issueInstant = new DateTime();
/* Creation of AuthRequestObject */
AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
AuthnRequest authRequest =
authRequestBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:protocol",
"AuthnRequest", "samlp");
authRequest.setForceAuthn(ssoAgentConfig.getSAML2().isForceAuthn());
authRequest.setIsPassive(ssoAgentConfig.getSAML2().isPassiveAuthn());
authRequest.setIssueInstant(issueInstant);
authRequest.setProtocolBinding(ssoAgentConfig.getSAML2().getHttpBinding());
authRequest.setAssertionConsumerServiceURL(ssoAgentConfig.getSAML2().getACSURL());
authRequest.setIssuer(issuer);
authRequest.setNameIDPolicy(nameIdPolicy);
authRequest.setRequestedAuthnContext(requestedAuthnContext);
authRequest.setID(SSOAgentUtils.createID());
authRequest.setVersion(SAMLVersion.VERSION_20);
authRequest.setDestination(ssoAgentConfig.getSAML2().getIdPURL());
if (request.getAttribute(Extensions.LOCAL_NAME) != null) {
authRequest.setExtensions((Extensions) request.getAttribute(Extensions.LOCAL_NAME));
}
/* Requesting Attributes. This Index value is registered in the IDP */
if (ssoAgentConfig.getSAML2().getAttributeConsumingServiceIndex() != null &&
ssoAgentConfig.getSAML2().getAttributeConsumingServiceIndex().trim().length() > 0) {
authRequest.setAttributeConsumingServiceIndex(Integer.parseInt(
ssoAgentConfig.getSAML2().getAttributeConsumingServiceIndex()));
}
return authRequest;
}
