Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware SAML 2.0 Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)
E10676-03
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.xmlsec.saml2.core
Class Assertion

java.lang.Object
  extended by oracle.security.xmlsec.util.XMLNode
      extended by oracle.security.xmlsec.util.XMLElement
          extended by oracle.security.xmlsec.saml2.core.Assertion

public class Assertion
extends oracle.security.xmlsec.util.XMLElement

Represents a package of information made or asserted by a SAML authority.

Field Summary
protected static java.lang.String VERSION
           

 

Fields inherited from class oracle.security.xmlsec.util.XMLNode
node, systemId

 

Constructor Summary
  Assertion(org.w3c.dom.Document owner)
          Creates a new Assertion instance.
protected Assertion(org.w3c.dom.Document owner, java.lang.String nsURI, java.lang.String localName)
          Creates a new Assertion instance.
  Assertion(org.w3c.dom.Element element)
          Creates a new Assertion instance from the given Element node.
  Assertion(org.w3c.dom.Element element, java.lang.String systemId)
          Creates a new Assertion instance from the given Element node.

 

Method Summary
 oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod, java.lang.String c14nMethod)
          Creates a new XML-DSIG Signature element and inserts it into this message, replacing any exisiting XML-DSIG Signature element.
 oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod, java.lang.String c14nMethod, java.lang.String digestMethod)
          Creates a new XML-DSIG Signature element and inserts it into this message, replacing any exisiting XML-DSIG Signature element.
 void addStatement(Statement statement)
          Adds a Statement element to this assertion.
protected  void clearSignature()
          Removes any exisiting XML-DSIG Signature elements from this message.
 Advice getAdvice()
          Returns additional information for processing this assertion.
 java.util.List getAttributeStatements()
          Returns a List containing the AttributeStatement elements present in this assertion.
 java.util.List getAuthnStatements()
          Returns a List containing the AuthnStatement elements present in this assertion.
 java.util.List getAuthzDecisionStatements()
          Returns a List containing the AuthzDecisionStatement elements present in this assertion.
 Conditions getConditions()
          Returns the conditions associated with this assertion.
 java.lang.String getID()
          Returns the identifier attribute for this Assertion.
 java.util.Date getIssueInstant()
          Returns the time instant of issuance of this assertion.
 Issuer getIssuer()
          Returns the name of the issuer Assertion.
 oracle.security.xmlsec.dsig.XSSignature getSignature()
          Returns the XML Signature child element from this SAMLMessage element.
 Subject getSubject()
          Returns the subject of this assertion.
 java.lang.String getVersion()
          Returns the version of this Assertion message.
 boolean isSigned()
          Indicates if this element was signed.
 void setAdvice(Advice advice)
          Sets the additional advice that should be considered when validating this assertion.
 void setConditions(Conditions conditions)
          Sets the conditions that must be taken into account when validating this assertion.
 void setID(java.lang.String assertionID)
          Sets the identifier attribute for this Assertion object.
 void setIssueInstant(java.util.Date issueInstant)
          Sets the time instant of issuance of this assertion in UTC time.
 void setIssuer(NameID issuer)
          Sets the issuer of this Assertion.
 void setSubject(Subject subject)
          Sets the Subject of this assertion.
 void setVersion(java.lang.String ver)
          Sets the Version of this Assertion message.
 void sign(java.security.PrivateKey privateKey, java.security.cert.X509Certificate cert)
          Signs this SAMLMessage with the given private key, and includes the given certificate in the KeyInfo child element of the resulting XML-DSIG Signature element.
 void sign(java.security.PrivateKey privateKey, java.security.cert.X509Certificate cert, java.lang.String c14nMethod)
          Signs this SAMLMessage with the given private key, and includes the given certificate in the KeyInfo child element of the resulting XML-DSIG Signature element.
 boolean verify()
          Verifies the signature using a key obtained either from the KeyInfo element (if any is present) or via the oracle.security.xmlsec.keys.retrieval.KeyRetriever mechanism.
 boolean verify(java.security.PublicKey publicKey)
          Verifies the signature with the given public key.

 

Methods inherited from class oracle.security.xmlsec.util.XMLElement
addNSPrefixAttr, addNSPrefixAttr, addNSPrefixAttrDefault, addNSPrefixAttrDefault, getAttribute, getAttributeNode, getAttributeNodeNS, getAttributeNS, getChildElementsByTagName, getChildElementsByTagName, getChildElementsByTagNameNS, getChildElementsByTagNameNS, getDefaultNSPrefix, getElement, getElementsByTagName, getElementsByTagNameNS, getTagName, hasAttribute, hasAttributeNS, removeAttribute, removeAttributeNode, removeAttributeNS, setAttribute, setAttributeNode, setAttributeNodeNS, setAttributeNS, setDefaultNSPrefix

 

Methods inherited from class oracle.security.xmlsec.util.XMLNode
appendChild, appendChild, appendTo, cloneNode, getAttributes, getChildNodes, getFirstChild, getLastChild, getLocalName, getNamespaceURI, getNextSibling, getNode, getNodeName, getNodeType, getNodeValue, getOwnerDocument, getParentNode, getPrefix, getPreviousSibling, getSystemId, hasAttributes, hasChildNodes, insertBefore, insertBefore, isSupported, normalize, removeChild, removeChild, replaceChild, replaceChild, setNodeValue, setPrefix, setSystemId, toBytesXML, toStringXML

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

VERSION

protected static java.lang.String VERSION

Constructor Detail

Assertion

public Assertion(org.w3c.dom.Element element)
          throws org.w3c.dom.DOMException
Creates a new Assertion instance from the given Element node.
Parameters:
element - An Assertion element.
Throws:
org.w3c.dom.DOMException

Assertion

public Assertion(org.w3c.dom.Element element,
                 java.lang.String systemId)
          throws org.w3c.dom.DOMException
Creates a new Assertion instance from the given Element node.
Parameters:
element - An Assertion element.
systemId - The URI string system ID for the Assertion.
Throws:
org.w3c.dom.DOMException

Assertion

public Assertion(org.w3c.dom.Document owner)
          throws org.w3c.dom.DOMException
Creates a new Assertion instance.
Parameters:
owner - The owner document of the new Assertion.
Throws:
org.w3c.dom.DOMException

Assertion

protected Assertion(org.w3c.dom.Document owner,
                    java.lang.String nsURI,
                    java.lang.String localName)
             throws org.w3c.dom.DOMException
Creates a new Assertion instance. This constructor is for use in subclass for extension of the Assertion element.
Parameters:
owner - The owner document of the new Assertion.
nsURI - The namespace URI in which the new Assertion is to be created.
localName - The localName of the element represented by the class that extends this class.
Throws:
org.w3c.dom.DOMException

Method Detail

setVersion

public void setVersion(java.lang.String ver)
Sets the Version of this Assertion message.
Parameters:
ver - The version number String.

getVersion

public java.lang.String getVersion()
Returns the version of this Assertion message.
Returns:
The version String null if none has been set.

setID

public void setID(java.lang.String assertionID)
Sets the identifier attribute for this Assertion object.
Parameters:
assertionID - A unique String value.

getID

public java.lang.String getID()
Returns the identifier attribute for this Assertion.
Returns:
The identifier String or null if none has been set.

setIssueInstant

public void setIssueInstant(java.util.Date issueInstant)
Sets the time instant of issuance of this assertion in UTC time.
Parameters:
issueInstant - The Date object representing the issue time.

getIssueInstant

public java.util.Date getIssueInstant()
Returns the time instant of issuance of this assertion.
Returns:
A Date object representing the issue time or null if none has been set.

setIssuer

public void setIssuer(NameID issuer)
Sets the issuer of this Assertion.
Parameters:
issuer - The name of the issuer.

getIssuer

public Issuer getIssuer()
Returns the name of the issuer Assertion.
Returns:
The name of the issuer or null if none has been set.

setSubject

public void setSubject(Subject subject)
Sets the Subject of this assertion.
Parameters:
subject - A Subject object.

getSubject

public Subject getSubject()
Returns the subject of this assertion.
Returns:
A Subject object or null if none has been set.

setConditions

public void setConditions(Conditions conditions)
Sets the conditions that must be taken into account when validating this assertion.
Parameters:
conditions - A Conditions object containing a collection of condition's.

getConditions

public Conditions getConditions()
Returns the conditions associated with this assertion.
Returns:
A Conditions object containing a set of Condition objects or null if none has been set.

setAdvice

public void setAdvice(Advice advice)
Sets the additional advice that should be considered when validating this assertion.
Parameters:
advice - An Advice object that contains additional information for this assertion.

getAdvice

public Advice getAdvice()
Returns additional information for processing this assertion.
Returns:
An Advice object or null if none has been set.

addStatement

public void addStatement(Statement statement)
Adds a Statement element to this assertion.
Parameters:
statement - The Statement to add.

getAuthnStatements

public java.util.List getAuthnStatements()
Returns a List containing the AuthnStatement elements present in this assertion.
Returns:
A List object of AuthnStatement objects or an empty List.

getAuthzDecisionStatements

public java.util.List getAuthzDecisionStatements()
Returns a List containing the AuthzDecisionStatement elements present in this assertion.
Returns:
A List object of AuthzDecisionStatement objects or an empty List.

getAttributeStatements

public java.util.List getAttributeStatements()
Returns a List containing the AttributeStatement elements present in this assertion.
Returns:
A List object of AttributeStatement objects or an empty List.

getSignature

public oracle.security.xmlsec.dsig.XSSignature getSignature()
Returns the XML Signature child element from this SAMLMessage element.
Returns:
A XSSignature object or null if no signature is present.

isSigned

public boolean isSigned()
Indicates if this element was signed.
Returns:
true if a signature is present, false otherwise.

sign

public void sign(java.security.PrivateKey privateKey,
                 java.security.cert.X509Certificate cert)
          throws oracle.security.xmlsec.dsig.SigningException
Signs this SAMLMessage with the given private key, and includes the given certificate in the KeyInfo child element of the resulting XML-DSIG Signature element. The default canonicalization method is XML-EXCLUSIVE-C14N.
Parameters:
privateKey - The private key to use for the signature computation.
cert - The X509 certificate corresponding to the private key.
Throws:
oracle.security.xmlsec.dsig.SigningException

sign

public void sign(java.security.PrivateKey privateKey,
                 java.security.cert.X509Certificate cert,
                 java.lang.String c14nMethod)
          throws oracle.security.xmlsec.dsig.SigningException
Signs this SAMLMessage with the given private key, and includes the given certificate in the KeyInfo child element of the resulting XML-DSIG Signature element.
Parameters:
privateKey - The private key to use for the signature computation.
cert - The X509 certificate corresponding to the private key.
c14nMethod - The URI identifying the canonicalization method to be applied to the SignedInfo structure.
Throws:
oracle.security.xmlsec.dsig.SigningException

addSignature

public oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod,
                                                            java.lang.String c14nMethod)
Creates a new XML-DSIG Signature element and inserts it into this message, replacing any exisiting XML-DSIG Signature element. The default message digest algorithm is SHA-1.

Note: This method does not compute the SignatureValue or create a KeyInfo child element for the Signature element so, at a minimum, one of the sign() methods must be invoked on the returned XSSignature object.

This method is intended for use by developers who need to customize the Signature element (e.g., add custom Transform elements) the computation of the SignatureValue (e.g., using an HMAC signature algorithm) or the KeyInfo element. For most developers, either the #sign(PrivateKey, X509) or #sign(PrivateKey, X509, String) method should be sufficient.

If the ID attribute is not set, the entire document will be signed and a XPath Transform will be added to ensure that only the saml:Assertion element is signed.

Parameters:
signatureMethod - The value of the Algorithm attribute of the SignatureMethod element contained within the new Signature element's SignedInfo child element (e.g., oracle.security.xmlsec.util.XMLURI.alg_rsaWithSHA1).
c14nMethod - The value of the Algorithm attribute of the CanonicalizationMethod element contained within the new Signature element's SignedInfo child element (e.g., oracle.security.xmlsec.util.XMLURI.alg_c14nWithComments).
Returns:
The new oracle.security.xmlsec.dsig.XSSignature object.

addSignature

public oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod,
                                                            java.lang.String c14nMethod,
                                                            java.lang.String digestMethod)
Creates a new XML-DSIG Signature element and inserts it into this message, replacing any exisiting XML-DSIG Signature element.

Note: This method does not compute the SignatureValue or create a KeyInfo child element for the Signature element so, at a minimum, one of the sign() methods must be invoked on the returned XSSignature object.

This method is intended for use by developers who need to customize the Signature element (e.g., add custom Transform elements) the computation of the SignatureValue (e.g., using an HMAC signature algorithm) or the KeyInfo element. For most developers, either the #sign(PrivateKey, X509) or #sign(PrivateKey, X509, String) method should be sufficient.

If the ID attribute is not set, the entire document will be signed and a XPath Transform will be added to ensure that only the saml:Assertion element is signed.

Parameters:
signatureMethod - The value of the Algorithm attribute of the SignatureMethod element contained within the new Signature element's SignedInfo child element (e.g., oracle.security.xmlsec.util.XMLURI.alg_rsaWithSHA1).
c14nMethod - The value of the Algorithm attribute of the CanonicalizationMethod element contained within the new Signature element's SignedInfo child element (e.g., oracle.security.xmlsec.util.XMLURI.alg_c14nWithComments).
digestMethod - The value of the Algorithm attribute of the DigestMethod element contained within the new Signature element's Reference child element (e.g., oracle.security.xmlsec.util.XMLURI.alg_sha1).
Returns:
The new oracle.security.xmlsec.dsig.XSSignature object.

verify

public boolean verify()
               throws oracle.security.xmlsec.dsig.VerifyException
Verifies the signature using a key obtained either from the KeyInfo element (if any is present) or via the oracle.security.xmlsec.keys.retrieval.KeyRetriever mechanism. Any Manifests referenced by the signature will be validated.
Returns:
true if the verification succeeded, or false if the verification failed.
Throws:
oracle.security.xmlsec.dsig.VerifyException - If an error occurs while verifying the signature, or if no signature is present in this message.

verify

public boolean verify(java.security.PublicKey publicKey)
               throws oracle.security.xmlsec.dsig.VerifyException
Verifies the signature with the given public key. Any Manifests referenced by the signature will be validated.
Parameters:
publicKey - The public key used for verifying the signature.
Returns:
true if the verification succeeded, or false if the verification failed.
Throws:
oracle.security.xmlsec.dsig.VerifyException - If an error occurs while verifying the signature, or if no signature is present in this message.

clearSignature

protected void clearSignature()
Removes any exisiting XML-DSIG Signature elements from this message.

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware SAML 2.0 Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)
E10676-03
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2005, 2011 , Oracle. All rights reserved.