Java Code Examples for org.opensaml.common.binding.SAMLMessageContext#getPeerEntityRole()

The following examples show how to use org.opensaml.common.binding.SAMLMessageContext#getPeerEntityRole() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BaseSAML1MessageDecoder.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/**
 * Populates the peer's entity metadata if a metadata provide is present in the message context. Populates the
 * peer's role descriptor if the entity metadata was available and the role name is present in the message context.
 * 
 * @param messageContext current message context
 * 
 * @throws MessageDecodingException thrown if there is a problem populating the message context
 */
protected void populateRelyingPartyMetadata(SAMLMessageContext messageContext) throws MessageDecodingException {
    MetadataProvider metadataProvider = messageContext.getMetadataProvider();
    try {
        if (metadataProvider != null) {
            EntityDescriptor relyingPartyMD = metadataProvider.getEntityDescriptor(messageContext
                    .getInboundMessageIssuer());
            messageContext.setPeerEntityMetadata(relyingPartyMD);

            QName relyingPartyRole = messageContext.getPeerEntityRole();
            if (relyingPartyMD != null && relyingPartyRole != null) {
                List<RoleDescriptor> roles = relyingPartyMD.getRoleDescriptors(relyingPartyRole,
                        SAMLConstants.SAML11P_NS);
                if (roles != null && roles.size() > 0) {
                    messageContext.setPeerEntityRoleMetadata(roles.get(0));
                }
            }
        }
    } catch (MetadataProviderException e) {
        log.error("Error retrieving metadata for relying party " + messageContext.getInboundMessageIssuer(), e);
        throw new MessageDecodingException("Error retrieving metadata for relying party "
                + messageContext.getInboundMessageIssuer(), e);
    }
}
Example 2
Source File: BaseSAMLSimpleSignatureSecurityPolicyRule.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/**
 * Build a criteria set suitable for input to the trust engine.
 * 
 * @param entityID the candidate issuer entity ID which is being evaluated
 * @param samlContext the message context which is being evaluated
 * @return a newly constructly set of criteria suitable for the configured trust engine
 * @throws SecurityPolicyException thrown if criteria set can not be constructed
 */
protected CriteriaSet buildCriteriaSet(String entityID, SAMLMessageContext samlContext)
        throws SecurityPolicyException {

    CriteriaSet criteriaSet = new CriteriaSet();
    if (!DatatypeHelper.isEmpty(entityID)) {
        criteriaSet.add(new EntityIDCriteria(entityID));
    }

    MetadataCriteria mdCriteria = new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext
            .getInboundSAMLProtocol());
    criteriaSet.add(mdCriteria);

    criteriaSet.add(new UsageCriteria(UsageType.SIGNING));

    return criteriaSet;
}
Example 3
Source File: BaseSAMLXMLSignatureSecurityPolicyRule.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/** {@inheritDoc} */
protected CriteriaSet buildCriteriaSet(String entityID, MessageContext messageContext)
    throws SecurityPolicyException {
    if (!(messageContext instanceof SAMLMessageContext)) {
        log.error("Supplied message context was not an instance of SAMLMessageContext, can not build criteria set from SAML metadata parameters");
        throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
    }
    
    SAMLMessageContext samlContext = (SAMLMessageContext) messageContext;
    
    CriteriaSet criteriaSet = new CriteriaSet();
    if (! DatatypeHelper.isEmpty(entityID)) {
        criteriaSet.add(new EntityIDCriteria(entityID) );
    }
    
    MetadataCriteria mdCriteria = 
        new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext.getInboundSAMLProtocol());
    criteriaSet.add(mdCriteria);
    
    criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
    
    return criteriaSet;
}
Example 4
Source File: SAMLMDClientCertAuthRule.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/** {@inheritDoc} */
protected CriteriaSet buildCriteriaSet(String entityID, MessageContext messageContext) 
    throws SecurityPolicyException {
    
    if (!(messageContext instanceof SAMLMessageContext)) {
        log.error("Supplied message context was not an instance of SAMLMessageContext, can not build criteria set from SAML metadata parameters");
        throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
    }
    
    SAMLMessageContext samlContext = (SAMLMessageContext) messageContext;

    CriteriaSet criteriaSet = super.buildCriteriaSet(entityID, messageContext);
    MetadataCriteria mdCriteria = 
        new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext.getInboundSAMLProtocol());
    criteriaSet.add(mdCriteria);

    return criteriaSet;
}
Example 5
Source File: BaseSAML2MessageDecoder.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
/**
 * Populates the peer's entity metadata if a metadata provide is present in the message context. Populates the
 * peer's role descriptor if the entity metadata was available and the role name is present in the message context.
 * 
 * @param messageContext current message context
 * 
 * @throws MessageDecodingException thrown if there is a problem populating the message context
 */
protected void populateRelyingPartyMetadata(SAMLMessageContext messageContext) throws MessageDecodingException {
    MetadataProvider metadataProvider = messageContext.getMetadataProvider();
    try {
        if (metadataProvider != null) {
            EntityDescriptor relyingPartyMD = metadataProvider.getEntityDescriptor(messageContext
                    .getInboundMessageIssuer());
            messageContext.setPeerEntityMetadata(relyingPartyMD);

            QName relyingPartyRole = messageContext.getPeerEntityRole();
            if (relyingPartyMD != null && relyingPartyRole != null) {
                List<RoleDescriptor> roles = relyingPartyMD.getRoleDescriptors(relyingPartyRole,
                        SAMLConstants.SAML11P_NS);
                if (roles != null && roles.size() > 0) {
                    messageContext.setPeerEntityRoleMetadata(roles.get(0));
                }
            }
        }
    } catch (MetadataProviderException e) {
        log.error("Error retrieving metadata for relying party " + messageContext.getInboundMessageIssuer(), e);
        throw new MessageDecodingException("Error retrieving metadata for relying party "
                + messageContext.getInboundMessageIssuer(), e);
    }
}