Class WSFederationMetaSecurityUtils
- java.lang.Object
-
- com.sun.identity.wsfederation.meta.WSFederationMetaSecurityUtils
-
public final class WSFederationMetaSecurityUtils extends Object
TheWSFederationMetaUtilsprovides metadata security related utility methods.
-
-
Field Summary
Fields Modifier and Type Field Description static StringATTR_IDstatic StringATTR_USEstatic StringNS_METAstatic StringNS_XMLENCstatic StringNS_XMLSIGstatic StringPREFIX_XMLENCstatic StringPREFIX_XMLSIGstatic StringTAG_IDP_SSO_DESCRIPTORstatic StringTAG_KEY_DESCRIPTORstatic StringTAG_KEY_INFOstatic StringTAG_SP_SSO_DESCRIPTOR
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static StringbuildX509Certificate(String certAlias)Base64 encodes a certificate from the key store.static StringformatBase64BinaryElement(String xmlstr)Restores Base64 encoded format.static Documentsign(FederationElement descriptor, SPSSOConfigElement spconfig, IDPSSOConfigElement idpconfig)Signs service provider descriptor under entity descriptor if an cert alias is found in service provider config and identity provider descriptor under entity descriptor if an cert alias is found in identity provider config.static voidupdateProviderKeyInfo(String realm, String entityID, String certAlias, boolean isIDP)Updates signing or encryption key info for SP or IDP.static voidverifySignature(Document doc)Verifies signatures in entity descriptor represented by theDocument.
-
-
-
Field Detail
-
NS_META
public static final String NS_META
- See Also:
- Constant Field Values
-
NS_XMLSIG
public static final String NS_XMLSIG
- See Also:
- Constant Field Values
-
NS_XMLENC
public static final String NS_XMLENC
- See Also:
- Constant Field Values
-
PREFIX_XMLSIG
public static final String PREFIX_XMLSIG
- See Also:
- Constant Field Values
-
PREFIX_XMLENC
public static final String PREFIX_XMLENC
- See Also:
- Constant Field Values
-
TAG_KEY_INFO
public static final String TAG_KEY_INFO
- See Also:
- Constant Field Values
-
TAG_KEY_DESCRIPTOR
public static final String TAG_KEY_DESCRIPTOR
- See Also:
- Constant Field Values
-
TAG_SP_SSO_DESCRIPTOR
public static final String TAG_SP_SSO_DESCRIPTOR
- See Also:
- Constant Field Values
-
TAG_IDP_SSO_DESCRIPTOR
public static final String TAG_IDP_SSO_DESCRIPTOR
- See Also:
- Constant Field Values
-
ATTR_USE
public static final String ATTR_USE
- See Also:
- Constant Field Values
-
ATTR_ID
public static final String ATTR_ID
- See Also:
- Constant Field Values
-
-
Method Detail
-
sign
public static Document sign(FederationElement descriptor, SPSSOConfigElement spconfig, IDPSSOConfigElement idpconfig) throws JAXBException, WSFederationMetaException
Signs service provider descriptor under entity descriptor if an cert alias is found in service provider config and identity provider descriptor under entity descriptor if an cert alias is found in identity provider config.- Parameters:
descriptor- The entity descriptor.spconfig- The service provider config.idpconfig- The identity provider config.- Returns:
- Signed
Documentfor the entity descriptor or null if both cert aliases are not found. - Throws:
WSFederationMetaException- if unable to sign the entity descriptor.JAXBException- if the entity descriptor is invalid.
-
verifySignature
public static void verifySignature(Document doc) throws WSFederationMetaException
Verifies signatures in entity descriptor represented by theDocument.- Parameters:
doc- The document.- Throws:
WSFederationMetaException- if unable to verify the entity descriptor.
-
formatBase64BinaryElement
public static String formatBase64BinaryElement(String xmlstr)
Restores Base64 encoded format. JAXB will change- Parameters:
xmlstr- The xml string containing element 'X509Certificate'.- Returns:
- the restored xmls string.
-
buildX509Certificate
public static String buildX509Certificate(String certAlias) throws WSFederationMetaException
Base64 encodes a certificate from the key store.- Parameters:
certAlias- alias of certificate to be encoded.- Returns:
- Base64 encoded certificate
- Throws:
WSFederationMetaException
-
updateProviderKeyInfo
public static void updateProviderKeyInfo(String realm, String entityID, String certAlias, boolean isIDP) throws WSFederationMetaException
Updates signing or encryption key info for SP or IDP. This will update both signing/encryption alias on extended metadata and certificates in standard metadata.- Parameters:
realm- Realm the entity resides.entityID- ID of the entity to be updated.certAlias- Alias of the certificate to be set to the entity. If null, will remove existing key information from the SP or IDP.isIDP- true if this is for IDP signing/encryption alias, false if this is for SP signing/encryption alias- Throws:
WSFederationMetaException- if failed to update the certificate alias for the entity.
-
-