Class WSFederationMetaSecurityUtils


  • public final class WSFederationMetaSecurityUtils
    extends Object
    The WSFederationMetaUtils provides metadata security related utility methods.
    • Method Detail

      • sign

        public static Document sign​(FederationElement descriptor,
                                    SPSSOConfigElement spconfig,
                                    IDPSSOConfigElement idpconfig)
                             throws JAXBException,
                                    WSFederationMetaException
        Signs service provider descriptor under entity descriptor if an cert alias is found in service provider config and identity provider descriptor under entity descriptor if an cert alias is found in identity provider config.
        Parameters:
        descriptor - The entity descriptor.
        spconfig - The service provider config.
        idpconfig - The identity provider config.
        Returns:
        Signed Document for the entity descriptor or null if both cert aliases are not found.
        Throws:
        WSFederationMetaException - if unable to sign the entity descriptor.
        JAXBException - if the entity descriptor is invalid.
      • formatBase64BinaryElement

        public static String formatBase64BinaryElement​(String xmlstr)
        Restores Base64 encoded format. JAXB will change ......... ......... to .................. This method will restore the format.
        Parameters:
        xmlstr - The xml string containing element 'X509Certificate'.
        Returns:
        the restored xmls string.
      • updateProviderKeyInfo

        public static void updateProviderKeyInfo​(String realm,
                                                 String entityID,
                                                 String certAlias,
                                                 boolean isIDP)
                                          throws WSFederationMetaException
        Updates signing or encryption key info for SP or IDP. This will update both signing/encryption alias on extended metadata and certificates in standard metadata.
        Parameters:
        realm - Realm the entity resides.
        entityID - ID of the entity to be updated.
        certAlias - Alias of the certificate to be set to the entity. If null, will remove existing key information from the SP or IDP.
        isIDP - true if this is for IDP signing/encryption alias, false if this is for SP signing/encryption alias
        Throws:
        WSFederationMetaException - if failed to update the certificate alias for the entity.