org.opensaml.saml2.core.EncryptedAssertion Java Examples
The following examples show how to use
org.opensaml.saml2.core.EncryptedAssertion.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SamlHelperTest.java From secure-data-service with Apache License 2.0 | 6 votes |
|
@Test
public void testIsAssertionEncrypted() {
Response samlResponse = Mockito.mock(Response.class);
Mockito.when(samlResponse.getEncryptedAssertions()).thenReturn(null);
boolean result = samlHelper.isAssertionEncrypted(samlResponse);
Assert.assertFalse(result);
Mockito.when(samlResponse.getEncryptedAssertions()).thenReturn(new ArrayList<EncryptedAssertion>());
result = samlHelper.isAssertionEncrypted(samlResponse);
Assert.assertFalse(result);
EncryptedAssertion encryptedAssertion = Mockito.mock(EncryptedAssertion.class);
List<EncryptedAssertion> assertionList = new ArrayList<EncryptedAssertion>();
assertionList.add(encryptedAssertion);
Mockito.when(samlResponse.getEncryptedAssertions()).thenReturn(assertionList);
result = samlHelper.isAssertionEncrypted(samlResponse);
Assert.assertTrue(result);
}
Example #2
| Source File: EvidenceUnmarshaller.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
Evidence evidence = (Evidence) parentObject;
if (childObject instanceof AssertionIDRef) {
evidence.getAssertionIDReferences().add((AssertionIDRef) childObject);
} else if (childObject instanceof AssertionURIRef) {
evidence.getAssertionURIReferences().add((AssertionURIRef) childObject);
} else if (childObject instanceof Assertion) {
evidence.getAssertions().add((Assertion) childObject);
} else if (childObject instanceof EncryptedAssertion) {
evidence.getEncryptedAssertions().add((EncryptedAssertion) childObject);
} else {
super.processChildElement(parentObject, childObject);
}
}
Example #3
| Source File: SamlHelper.java From secure-data-service with Apache License 2.0 | 6 votes |
|
protected Assertion decryptAssertion(EncryptedAssertion encryptedAssertion, KeyStore.PrivateKeyEntry keystoreEntry) {
BasicX509Credential decryptionCredential = new BasicX509Credential();
decryptionCredential.setPrivateKey(keystoreEntry.getPrivateKey());
StaticKeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(decryptionCredential);
ChainingEncryptedKeyResolver keyResolver = new ChainingEncryptedKeyResolver();
keyResolver.getResolverChain().add(new InlineEncryptedKeyResolver());
keyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver());
keyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver());
Decrypter decrypter = new Decrypter(null, resolver, keyResolver);
decrypter.setRootInNewDocument(true);
Assertion assertion = null;
try {
assertion = decrypter.decrypt(encryptedAssertion);
} catch (DecryptionException e) {
raiseSamlValidationError("Unable to decrypt SAML assertion", null);
}
return assertion;
}
Example #4
| Source File: SAMLClient.java From saml-sdk-java with Apache License 2.0 | 6 votes |
|
/**
* Decrypt an assertion using the privkey stored in SPConfig.
*/
private Assertion decrypt(EncryptedAssertion encrypted)
throws DecryptionException
{
if (spConfig.getPrivateKey() == null)
throw new DecryptionException("Encrypted assertion found but no SP key available");
BasicCredential cred = new BasicCredential();
cred.setPrivateKey(spConfig.getPrivateKey());
StaticKeyInfoCredentialResolver resolver =
new StaticKeyInfoCredentialResolver(cred);
Decrypter decrypter =
new Decrypter(null, resolver, new InlineEncryptedKeyResolver());
decrypter.setRootInNewDocument(true);
return decrypter.decrypt(encrypted);
}
Example #5
| Source File: SamlHelperTest.java From secure-data-service with Apache License 2.0 | 5 votes |
|
@Test
public void testPeerDecryption() {
Resource peerAssertionResource = new ClassPathResource("saml/peerEncryptedAssertion.xml");
EncryptedAssertion encAssertion = createAssertion(peerAssertionResource);
Assertion assertion = samlHelper.decryptAssertion(encAssertion, encryptPKEntry);
verifyAssertion(assertion);
}
Example #6
| Source File: ResponseUnmarshaller.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
throws UnmarshallingException {
Response resp = (Response) parentSAMLObject;
if (childSAMLObject instanceof Assertion) {
resp.getAssertions().add((Assertion) childSAMLObject);
} else if (childSAMLObject instanceof EncryptedAssertion) {
resp.getEncryptedAssertions().add((EncryptedAssertion) childSAMLObject);
} else {
super.processChildElement(parentSAMLObject, childSAMLObject);
}
}
Example #7
| Source File: SamlHelperTest.java From secure-data-service with Apache License 2.0 | 5 votes |
|
@Test
public void testInlineDecryption() {
Resource inlineAssertionResource = new ClassPathResource("saml/inlineEncryptedAssertion.xml");
EncryptedAssertion encAssertion = createAssertion(inlineAssertionResource);
Assertion assertion = samlHelper.decryptAssertion(encAssertion, encryptPKEntry);
verifyAssertion(assertion);
}
Example #8
| Source File: SAMLClient.java From saml-sdk-java with Apache License 2.0 | 5 votes |
|
/**
* Retrieve all supplied assertions, decrypting any encrypted
* assertions if necessary.
*/
private List<Assertion> getAssertions(Response response)
throws DecryptionException
{
List<Assertion> assertions = new ArrayList<Assertion>();
assertions.addAll(response.getAssertions());
for (EncryptedAssertion e : response.getEncryptedAssertions()) {
assertions.add(decrypt(e));
}
return assertions;
}
Example #9
| Source File: SAMLResponseBuilder.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* Build SAML response using IdP configuration & user name
*
* @param ssoIdPConfigs
* @param userName
* @return SAML Response object
* @throws IdentityException
*/
public Response buildSAMLResponse(SAMLSSOServiceProviderDO ssoIdPConfigs, String userName)
throws IdentityException {
if (log.isDebugEnabled()) {
log.debug("Building SAML Response for the consumer '" +
ssoIdPConfigs.getAssertionConsumerUrl() + "'");
}
Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
response.setIssuer(SAMLSSOUtil.getIssuer());
response.setID(SAMLSSOUtil.createID());
response.setDestination(ssoIdPConfigs.getAssertionConsumerUrl());
response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
response.setVersion(SAMLVersion.VERSION_20);
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter =
new DateTime(issueInstant.getMillis() +
SAMLSSOUtil.getSAMLResponseValidityPeriod() * 60 *
1000);
response.setIssueInstant(issueInstant);
Assertion assertion = buildSAMLAssertion(ssoIdPConfigs, notOnOrAfter, userName);
if (ssoIdPConfigs.isDoEnableEncryptedAssertion()) {
String domainName = MultitenantUtils.getTenantDomain(userName);
String alias = ssoIdPConfigs.getCertAlias();
if (alias != null) {
EncryptedAssertion encryptedAssertion =
SAMLSSOUtil.setEncryptedAssertion(assertion,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256,
alias,
domainName);
response.getEncryptedAssertions().add(encryptedAssertion);
}
} else {
response.getAssertions().add(assertion);
}
if (ssoIdPConfigs.isDoSignResponse()) {
SAMLSSOUtil.setSignature(response, ssoIdPConfigs.getSigningAlgorithmUri(), ssoIdPConfigs
.getDigestAlgorithmUri(), new SignKeyDataHolder(userName));
}
return response;
}
Example #10
| Source File: Decrypter.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Decrypt the specified EncryptedAssertion.
*
* @param encryptedAssertion the EncryptedAssertion to decrypt
* @return an Assertion
* @throws DecryptionException thrown when decryption generates an error
*/
public Assertion decrypt(EncryptedAssertion encryptedAssertion) throws DecryptionException {
SAMLObject samlObject = decryptData(encryptedAssertion);
if (! (samlObject instanceof Assertion)) {
throw new DecryptionException("Decrypted SAMLObject was not an instance of Assertion");
}
return (Assertion) samlObject;
}
Example #11
| Source File: DefaultSSOEncrypter.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential cred, String alias, String encryptionAlgorithm) throws IdentityException {
try {
Credential symmetricCredential = SecurityHelper.getSimpleCredential(
SecurityHelper.generateSymmetricKey(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256));
EncryptionParameters encParams = new EncryptionParameters();
encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256);
encParams.setEncryptionCredential(symmetricCredential);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
keyEncryptionParameters.setEncryptionCredential(cred);
Encrypter encrypter = new Encrypter(encParams, keyEncryptionParameters);
encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE);
EncryptedAssertion encrypted = encrypter.encrypt(assertion);
return encrypted;
} catch (Exception e) {
throw IdentityException.error("Error while Encrypting Assertion", e);
}
}
Example #12
| Source File: DefaultResponseBuilder.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public Response buildResponse(SAMLSSOAuthnReqDTO authReqDTO, String sessionId)
throws IdentityException {
if (log.isDebugEnabled()) {
log.debug("Building SAML Response for the consumer '"
+ authReqDTO.getAssertionConsumerURL() + "'");
}
Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
response.setIssuer(SAMLSSOUtil.getIssuer());
response.setID(SAMLSSOUtil.createID());
if (!authReqDTO.isIdPInitSSOEnabled()) {
response.setInResponseTo(authReqDTO.getId());
}
response.setDestination(authReqDTO.getAssertionConsumerURL());
response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
response.setVersion(SAMLVersion.VERSION_20);
DateTime issueInstant = new DateTime();
DateTime notOnOrAfter = new DateTime(issueInstant.getMillis()
+ SAMLSSOUtil.getSAMLResponseValidityPeriod() * 60 * 1000L);
response.setIssueInstant(issueInstant);
Assertion assertion = SAMLSSOUtil.buildSAMLAssertion(authReqDTO, notOnOrAfter, sessionId);
if (authReqDTO.isDoEnableEncryptedAssertion()) {
String domainName = authReqDTO.getTenantDomain();
String alias = authReqDTO.getCertAlias();
if (alias != null) {
EncryptedAssertion encryptedAssertion = SAMLSSOUtil.setEncryptedAssertion(assertion,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, alias, domainName);
response.getEncryptedAssertions().add(encryptedAssertion);
}
} else {
response.getAssertions().add(assertion);
}
if (authReqDTO.isDoSignResponse()) {
SAMLSSOUtil.setSignature(response, authReqDTO.getSigningAlgorithmUri(), authReqDTO.getDigestAlgorithmUri
(), new SignKeyDataHolder(authReqDTO.getUser().getAuthenticatedSubjectIdentifier()));
}
return response;
}
Example #13
| Source File: SAML2SSOManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
protected void processSSOResponse(HttpServletRequest request) throws SSOAgentException {
LoggedInSessionBean sessionBean = new LoggedInSessionBean();
sessionBean.setSAML2SSO(sessionBean.new SAML2SSO());
String saml2ResponseString =
new String(Base64.decode(request.getParameter(
SSOAgentConstants.SAML2SSO.HTTP_POST_PARAM_SAML2_RESP)), Charset.forName("UTF-8"));
Response saml2Response = (Response) SSOAgentUtils.unmarshall(saml2ResponseString);
sessionBean.getSAML2SSO().setResponseString(saml2ResponseString);
sessionBean.getSAML2SSO().setSAMLResponse(saml2Response);
Assertion assertion = null;
if (ssoAgentConfig.getSAML2().isAssertionEncrypted()) {
List<EncryptedAssertion> encryptedAssertions = saml2Response.getEncryptedAssertions();
EncryptedAssertion encryptedAssertion = null;
if (!CollectionUtils.isEmpty(encryptedAssertions)) {
encryptedAssertion = encryptedAssertions.get(0);
try {
assertion = getDecryptedAssertion(encryptedAssertion);
} catch (Exception e) {
if (log.isDebugEnabled()) {
log.debug("Assertion decryption failure : ", e);
}
throw new SSOAgentException("Unable to decrypt the SAML2 Assertion");
}
}
} else {
List<Assertion> assertions = saml2Response.getAssertions();
if (assertions != null && !assertions.isEmpty()) {
assertion = assertions.get(0);
}
}
if (assertion == null) {
if (isNoPassive(saml2Response)) {
LOGGER.log(Level.FINE, "Cannot authenticate in passive mode");
return;
}
throw new SSOAgentException("SAML2 Assertion not found in the Response");
}
String idPEntityIdValue = assertion.getIssuer().getValue();
if (idPEntityIdValue == null || idPEntityIdValue.isEmpty()) {
throw new SSOAgentException("SAML2 Response does not contain an Issuer value");
} else if (!idPEntityIdValue.equals(ssoAgentConfig.getSAML2().getIdPEntityId())) {
throw new SSOAgentException("SAML2 Response Issuer verification failed");
}
sessionBean.getSAML2SSO().setAssertion(assertion);
// Cannot marshall SAML assertion here, before signature validation due to a weird issue in OpenSAML
// Get the subject name from the Response Object and forward it to login_action.jsp
String subject = null;
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
subject = assertion.getSubject().getNameID().getValue();
}
if (subject == null) {
throw new SSOAgentException("SAML2 Response does not contain the name of the subject");
}
sessionBean.getSAML2SSO().setSubjectId(subject); // set the subject
request.getSession().setAttribute(SSOAgentConstants.SESSION_BEAN_NAME, sessionBean);
// validate audience restriction
validateAudienceRestriction(assertion);
// validate signature
validateSignature(saml2Response, assertion);
// Marshalling SAML2 assertion after signature validation due to a weird issue in OpenSAML
sessionBean.getSAML2SSO().setAssertionString(marshall(assertion));
((LoggedInSessionBean) request.getSession().getAttribute(
SSOAgentConstants.SESSION_BEAN_NAME)).getSAML2SSO().
setSubjectAttributes(getAssertionStatements(assertion));
//For removing the session when the single sign out request made by the SP itself
if (ssoAgentConfig.getSAML2().isSLOEnabled()) {
String sessionId = assertion.getAuthnStatements().get(0).getSessionIndex();
if (sessionId == null) {
throw new SSOAgentException("Single Logout is enabled but IdP Session ID not found in SAML2 Assertion");
}
((LoggedInSessionBean) request.getSession().getAttribute(
SSOAgentConstants.SESSION_BEAN_NAME)).getSAML2SSO().setSessionIndex(sessionId);
SSOAgentSessionManager.addAuthenticatedSession(request.getSession(false));
}
request.getSession().setAttribute(SSOAgentConstants.SESSION_BEAN_NAME, sessionBean);
}
Example #14
| Source File: DefaultSAML2SSOManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private void processSSOResponse(HttpServletRequest request) throws SAMLSSOException {
Response samlResponse = (Response) unmarshall(new String(Base64.decode(request.getParameter(
SSOConstants.HTTP_POST_PARAM_SAML2_RESP))));
Assertion assertion = null;
if (SSOUtils.isAssertionEncryptionEnabled(properties)) {
List<EncryptedAssertion> encryptedAssertions = samlResponse.getEncryptedAssertions();
EncryptedAssertion encryptedAssertion = null;
if (CollectionUtils.isNotEmpty(encryptedAssertions)) {
encryptedAssertion = encryptedAssertions.get(0);
try {
assertion = getDecryptedAssertion(encryptedAssertion);
} catch (Exception e) {
throw new SAMLSSOException("Unable to decrypt the SAML Assertion", e);
}
}
} else {
List<Assertion> assertions = samlResponse.getAssertions();
if (CollectionUtils.isNotEmpty(assertions)) {
assertion = assertions.get(0);
}
}
if (assertion == null) {
if (samlResponse.getStatus() != null &&
samlResponse.getStatus().getStatusCode() != null &&
samlResponse.getStatus().getStatusCode().getValue().equals(
SSOConstants.StatusCodes.IDENTITY_PROVIDER_ERROR) &&
samlResponse.getStatus().getStatusCode().getStatusCode() != null &&
samlResponse.getStatus().getStatusCode().getStatusCode().getValue().equals(
SSOConstants.StatusCodes.NO_PASSIVE)) {
return;
}
throw new SAMLSSOException("SAML Assertion not found in the Response");
}
// Get the subject name from the Response Object and forward it to login_action.jsp
String subject = null;
String nameQualifier = null;
String spNameQualifier = null;
if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
subject = assertion.getSubject().getNameID().getValue();
}
if (subject == null) {
throw new SAMLSSOException("SAML Response does not contain the name of the subject");
}
request.getSession().setAttribute("username", subject); // get the subject
nameQualifier = assertion.getSubject().getNameID().getNameQualifier();
spNameQualifier = assertion.getSubject().getNameID().getSPNameQualifier();
// validate audience restriction
validateAudienceRestriction(assertion);
// validate signature this SP only looking for assertion signature
validateSignature(samlResponse, assertion);
request.getSession(false).setAttribute("samlssoAttributes", getAssertionStatements(assertion));
//For removing the session when the single sign out request made by the SP itself
if (SSOUtils.isLogoutEnabled(properties)) {
String sessionId = assertion.getAuthnStatements().get(0).getSessionIndex();
if (sessionId == null) {
throw new SAMLSSOException("Single Logout is enabled but IdP Session ID not found in SAML Assertion");
}
request.getSession().setAttribute(SSOConstants.IDP_SESSION, sessionId);
request.getSession().setAttribute(SSOConstants.LOGOUT_USERNAME, nameQualifier);
request.getSession().setAttribute(SSOConstants.SP_NAME_QUALIFIER, spNameQualifier);
}
}
Example #15
| Source File: AuthnResponseGenerator.java From MaxKey with Apache License 2.0 | 4 votes |
|
public Response generateAuthnResponse( AppsSAML20Details saml20Details,
AuthnRequestInfo authnRequestInfo,
HashMap<String,String>attributeMap,
BindingAdapter bindingAdapter){
Response authResponse = new ResponseBuilder().buildObject();
//builder Assertion
Assertion assertion = assertionGenerator.generateAssertion(
saml20Details,
bindingAdapter,
saml20Details.getSpAcsUrl(),
authnRequestInfo.getAuthnRequestID(),
saml20Details.getAudience(),
Integer.parseInt(saml20Details.getValidityInterval()),
attributeMap);
//Encrypt
if(Boolean.isTrue(saml20Details.getEncrypted())) {
logger.info("begin to encrypt assertion");
try {
// Assume this contains a recipient's RSA public
EncryptionParameters encryptionParameters = new EncryptionParameters();
encryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
logger.info("encryption assertion Algorithm : "+EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setEncryptionCredential(bindingAdapter.getSpSigningCredential());
// kekParams.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
logger.info("keyEncryption Algorithm : "+EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
KeyInfoGeneratorFactory keyInfoGeneratorFactory = Configuration
.getGlobalSecurityConfiguration()
.getKeyInfoGeneratorManager().getDefaultManager()
.getFactory(bindingAdapter.getSpSigningCredential());
keyEncryptionParameters.setKeyInfoGenerator(keyInfoGeneratorFactory.newInstance());
Encrypter encrypter = new Encrypter(encryptionParameters, keyEncryptionParameters);
encrypter.setKeyPlacement(KeyPlacement.PEER);
EncryptedAssertion encryptedAssertion = encrypter.encrypt(assertion);
authResponse.getEncryptedAssertions().add(encryptedAssertion);
}catch(Exception e) {
logger.info("Unable to encrypt assertion .",e);
}
}else {
authResponse.getAssertions().add(assertion);
}
authResponse.setIssuer(issuerGenerator.generateIssuer());
authResponse.setID(idService.generateID());
authResponse.setIssueInstant(timeService.getCurrentDateTime());
authResponse.setInResponseTo(authnRequestInfo.getAuthnRequestID());
authResponse.setDestination(saml20Details.getSpAcsUrl());
authResponse.setStatus(statusGenerator.generateStatus(StatusCode.SUCCESS_URI));
logger.debug("authResponse.isSigned "+authResponse.isSigned());
return authResponse;
}
Example #16
| Source File: EncryptedAssertionBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public EncryptedAssertion buildObject(String namespaceURI, String localName, String namespacePrefix) {
return new EncryptedAssertionImpl(namespaceURI, localName, namespacePrefix);
}
Example #17
| Source File: EncryptedAssertionBuilder.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public EncryptedAssertion buildObject() {
return buildObject(SAMLConstants.SAML20_NS, EncryptedAssertion.DEFAULT_ELEMENT_LOCAL_NAME,
SAMLConstants.SAML20_PREFIX);
}
Example #18
| Source File: EvidenceImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public List<EncryptedAssertion> getEncryptedAssertions() {
return (List<EncryptedAssertion>) evidence.subList(EncryptedAssertion.DEFAULT_ELEMENT_NAME);
}
Example #19
| Source File: ResponseImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public List<EncryptedAssertion> getEncryptedAssertions() {
return (List<EncryptedAssertion>) indexedChildren.subList(EncryptedAssertion.DEFAULT_ELEMENT_NAME);
}
Example #20
| Source File: AdviceImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public List<EncryptedAssertion> getEncryptedAssertions() {
return (List<EncryptedAssertion>) indexedChildren.subList(EncryptedAssertion.DEFAULT_ELEMENT_NAME);
}
Example #21
| Source File: SSOEncrypter.java From carbon-identity with Apache License 2.0 | 2 votes |
|
/**
* Encrypt the SAML assertion
*
* @param assertion SAML assertion to be encrypted
* @param cred Encrypting credential
* @param alias Certificate alias against which use to Encrypt the assertion.
* @param encryptionAlgorithm Encryption algorithm
* @return SAML EncryptedAssertion
* @throws IdentityException
*/
public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential cred, String alias,
String encryptionAlgorithm) throws IdentityException;
Example #22
| Source File: Encrypter.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Encrypt the specified Assertion.
*
* @param assertion the Assertion to encrypt
* @return an EncryptedAssertion
* @throws EncryptionException thrown when encryption generates an error
*/
public EncryptedAssertion encrypt(Assertion assertion) throws EncryptionException {
return (EncryptedAssertion) encrypt(assertion, EncryptedAssertion.DEFAULT_ELEMENT_NAME);
}
