oracle.security.xmlsec.liberty.v12

Class LibAssertion

java.lang.Object

oracle.security.xmlsec.util.XMLNode

oracle.security.xmlsec.util.XMLElement

oracle.security.xmlsec.saml.SAMLMessage

oracle.security.xmlsec.saml.Assertion

oracle.security.xmlsec.liberty.v12.LibAssertion

public class LibAssertion
extends oracle.security.xmlsec.saml.Assertion

Liberty Assertion element used in the AuthnResponse generated by an identity provider in response to an AuthnRequest from a service provider. The Liberty Assertion element is of type lib:AssertionType. This type is an extension of saml:AssertionType with an addition of an InResponseTo attribute and an id attribute. The InResponseTo attribute is used to include the RequestID attribute from the original AuthnRequest element.

See Also:

LibAuthenticationStatement, LibSubject

Field Summary

Fields inherited from class oracle.security.xmlsec.util.XMLNode

node, systemId

Constructor Summary

Constructors

Constructor and Description
LibAssertion(org.w3c.dom.Document owner) Creates a new LibAssertion instance within the specified XML Document.
LibAssertion(org.w3c.dom.Document owner, java.lang.String assertionId, java.lang.String issuer, java.util.Date issueInstant, java.lang.String inResponseTo) Creates a new LibAssertion instance within the specified XML Document.
LibAssertion(org.w3c.dom.Element element) Creates a new LibAssertion instance from the given Element node.
LibAssertion(org.w3c.dom.Element element, java.lang.String systemId) Creates a new LibAssertion instance from the given Element node.

Method Summary

Methods

Modifier and Type	Method and Description
oracle.security.xmlsec.dsig.XSSignature	addSignature(java.lang.String signatureMethod, java.lang.String c14nMethod) Adds a ds:Signature to this assertion, replacing any existing signature.
oracle.security.xmlsec.dsig.XSSignature	addSignature(java.lang.String signatureMethod, java.lang.String c14nMethod, java.lang.String digestMethod) Adds a ds:Signature to this assertion, replacing any existing signature.
protected java.lang.String	getID() Returns the ID attribute if any of this SAML message to be used for the signature operations.
java.lang.String	getInResponseTo() Returns the value of the InResponseTo attribute in this element, or null if the attribute is not specified.
java.util.List	getLibAuthenticationStatements() Returns a List containing the LibAuthenticationStatement objects present in this LibAssertion structure.
void	setInResponseTo(java.lang.String value) Sets the InResponseTo attribute that includes the value from the RequestID attribute of the original AuthnRequest element.

Methods inherited from class oracle.security.xmlsec.saml.Assertion

addStatement, getAdvice, getAssertionID, getAttributeStatements, getAuthenticationStatements, getAuthorizationDecisionStatements, getConditions, getIssueInstant, getIssuer, getLocalNamesPrecedeDSig, getNSURIsPrecedeDSig, setAdvice, setAssertionID, setConditions, setIssueInstant, setIssuer

Methods inherited from class oracle.security.xmlsec.saml.SAMLMessage

clearSignature, getInstance, getMajorVersion, getMinorVersion, getSignature, isSigned, setVersion, sign, sign, verify, verify

Methods inherited from class oracle.security.xmlsec.util.XMLElement

addNSPrefixAttr, addNSPrefixAttr, addNSPrefixAttrDefault, addNSPrefixAttrDefault, getAttribute, getAttributeNode, getAttributeNodeNS, getAttributeNS, getChildElementsByTagName, getChildElementsByTagName, getChildElementsByTagNameNS, getChildElementsByTagNameNS, getDefaultNSPrefix, getElement, getElementsByTagName, getElementsByTagNameNS, getTagName, hasAttribute, hasAttributeNS, removeAttribute, removeAttributeNode, removeAttributeNS, setAttribute, setAttributeNode, setAttributeNodeNS, setAttributeNS, setDefaultNSPrefix

Methods inherited from class oracle.security.xmlsec.util.XMLNode

appendChild, appendChild, appendTo, cloneNode, getAttributes, getChildNodes, getFirstChild, getLastChild, getLocalName, getNamespaceURI, getNextSibling, getNode, getNodeName, getNodeType, getNodeValue, getOwnerDocument, getParentNode, getPrefix, getPreviousSibling, getSystemId, hasAttributes, hasChildNodes, insertBefore, insertBefore, isSupported, normalize, removeChild, removeChild, replaceChild, replaceChild, setNodeValue, setPrefix, setSystemId, toBytesXML, toStringXML

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LibAssertion

public LibAssertion(org.w3c.dom.Element element)
             throws org.w3c.dom.DOMException

Creates a new LibAssertion instance from the given Element node.

Parameters:

element - A Liberty Assertion XML element.

Throws:

org.w3c.dom.DOMException

LibAssertion

public LibAssertion(org.w3c.dom.Element element,
            java.lang.String systemId)
             throws org.w3c.dom.DOMException

Creates a new LibAssertion instance from the given Element node.

Parameters:

element - A Liberty Assertion XML element.

systemId - The URI string system ID for the LibAssertion.

Throws:

org.w3c.dom.DOMException

LibAssertion

public LibAssertion(org.w3c.dom.Document owner)
             throws org.w3c.dom.DOMException

Creates a new LibAssertion instance within the specified XML Document.

Parameters:

owner - The owner document of the new Liberty Assertion element.

Throws:

org.w3c.dom.DOMException

LibAssertion

public LibAssertion(org.w3c.dom.Document owner,
            java.lang.String assertionId,
            java.lang.String issuer,
            java.util.Date issueInstant,
            java.lang.String inResponseTo)
             throws org.w3c.dom.DOMException

Creates a new LibAssertion instance within the specified XML Document.

Parameters:

owner - The owner document of the new Liberty Assertion element.

assertionId - The AssertionID attribute.

issuer - The Issuer attribute.

issueInstant - The IssueInstant attribute.

inResponseTo - The InResponseTo attribute.

Throws:

org.w3c.dom.DOMException

Method Detail

getLibAuthenticationStatements

public java.util.List getLibAuthenticationStatements()

Returns a List containing the LibAuthenticationStatement objects present in this LibAssertion structure.

Returns:

A List of LibAuthenticationStatement objects or an empty List.

setInResponseTo

public void setInResponseTo(java.lang.String value)

Sets the InResponseTo attribute that includes the value from the RequestID attribute of the original AuthnRequest element.

Parameters:

value - The attribute value.

getInResponseTo

public java.lang.String getInResponseTo()

Returns the value of the InResponseTo attribute in this element, or null if the attribute is not specified.

addSignature

public oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod,
                                                   java.lang.String c14nMethod)

Adds a ds:Signature to this assertion, replacing any existing signature. The ds:SignatureValue is not calculated so, at a minimum, one of the sign() methods must be invoked on the returned oracle.security.xmlsec.dsig.XSSignature object. The XSSignature can be used to add a ds:KeyInfo containing, for example, the signer's public key certificate.

The default Reference digest algorithm is SHA-1. Use the addSignature(String signatureMethod, String c14nMethod, String digestMethod) method to specify an alternative message digest algorithm. See XMLURI for algorithm URI string constants.

Note: If this Assertion element has an "id" attribute, then its value is used as the target of the new signature's Reference element. If no "id" attribute is present, as would be the case for a samlp:Response, an XPath Filter transform is added to the signature Reference to identify the Assertion element to be signed.

Overrides:

addSignature in class oracle.security.xmlsec.saml.SAMLMessage

Parameters:

signatureMethod - The URI identifying the signature algorithm to be used.

c14nMethod - The URI identifying the canonicalization algorithm to be used.

Returns:

The newly created signature.

See Also:

XSSignature, XSKeyInfo, XMLURI

addSignature

public oracle.security.xmlsec.dsig.XSSignature addSignature(java.lang.String signatureMethod,
                                                   java.lang.String c14nMethod,
                                                   java.lang.String digestMethod)

Adds a ds:Signature to this assertion, replacing any existing signature. The ds:SignatureValue is not calculated so, at a minimum, one of the sign() methods must be invoked on the returned oracle.security.xmlsec.dsig.XSSignature object. The XSSignature can be used to add a ds:KeyInfo containing, for example, the signer's public key certificate.

See XMLURI for algorithm URI string constants.

Note: If this assertion element has an "id" attribute, then its value is used as the target of the new signature's Reference element. If no "id" attribute is present, as would be the case for a samlp:Request, an XPath Filter transform is added to the signature Reference to identify the assertion element to be signed.

Overrides:

addSignature in class oracle.security.xmlsec.saml.SAMLMessage

Parameters:

signatureMethod - The URI identifying the signature algorithm to be used.

c14nMethod - The URI identifying the canonicalization algorithm to be used.

digestMethod - The URI identifying the message digest algorithm to be used.

Returns:

The newly created signature.

See Also:

XSSignature, XSKeyInfo, XMLURI

getID

protected java.lang.String getID()

Description copied from class: oracle.security.xmlsec.saml.SAMLMessage

Returns the ID attribute if any of this SAML message to be used for the signature operations.

Overrides:

getID in class oracle.security.xmlsec.saml.Assertion