com.sun.identity.wsfederation.profile

Class SAML11RequestedSecurityToken

java.lang.Object

com.sun.identity.wsfederation.profile.SAML11RequestedSecurityToken

All Implemented Interfaces:

RequestedSecurityToken

public class SAML11RequestedSecurityToken
extends Object
implements RequestedSecurityToken

SAML11RequestedSecurityToken represents a concrete RequestedSecurityToken - one containing a SAML 1.1 assertion.

Field Summary

Fields

Modifier and Type	Field and Description
protected Assertion	assertion
protected Element	assertionE
protected boolean	signed
protected String	xmlString

Constructor Summary

Constructors

Constructor and Description
SAML11RequestedSecurityToken(Node token) Creates a SAML11RequestedSecurityToken given a DOM Node
SAML11RequestedSecurityToken(String realm, String spTokenIssuerName, String idpEntityId, int notBeforeSkew, int effectiveTime, String certAlias, String authMethod, Date authInstant, NameIdentifier ni, List attributes) Creates a SAML11RequestedSecurityToken.

Method Summary

Modifier and Type	Method and Description
Assertion	getAssertion()
List	getAttributes()
String	getIssuer()
String	getTokenId()
String	toString() This method marshalls the token, returning a String comprising the textual XML representation.
Map<String,Object>	verifyToken(String realm, String hostEntityId, int timeskew) Verifies the token's validity, checking the signature, validity period etc.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

assertion

protected Assertion assertion

xmlString

protected String xmlString

signed

protected boolean signed

assertionE

protected Element assertionE

Constructor Detail

SAML11RequestedSecurityToken

public SAML11RequestedSecurityToken(Node token)
                             throws WSFederationException

Creates a SAML11RequestedSecurityToken given a DOM Node

Parameters:

token - a DOM Node representing a RequestedSecurityToken

Throws:

WSFederationException

SAML11RequestedSecurityToken

public SAML11RequestedSecurityToken(String realm,
                                    String spTokenIssuerName,
                                    String idpEntityId,
                                    int notBeforeSkew,
                                    int effectiveTime,
                                    String certAlias,
                                    String authMethod,
                                    Date authInstant,
                                    NameIdentifier ni,
                                    List attributes)
                             throws WSFederationException

Creates a SAML11RequestedSecurityToken.

Parameters:

realm - the realm of the entities.

spTokenIssuerName - The name of the SP Token Issuer.

idpEntityId - identity provifer entity ID - issuer of the token.

notBeforeSkew - number of seconds to subtract from current time to form Assertion notBefore time.

effectiveTime - length of time, in seconds, from Assertion's notBefore time to its notOnOrAfter time.

certAlias - alias of the signing certificate. null means do not sign the assertion

authMethod - mechanism by which the subject authenticated to the identity provider

authInstant - time at which the subject authenticated to the identity provider

ni - SAML 1.1 NameIdentitifer for the subject

attributes - List of com.sun.identity.saml.assertion.Attribute to include in the Assertion

Throws:

WSFederationException - in case of error.

Method Detail

getTokenId

public String getTokenId()

Specified by:

getTokenId in interface RequestedSecurityToken

Returns:

the unique identifier of the RequestedSecurityToken. Maps to the SAML 1.1 Assertion's AssertionID

getIssuer

public String getIssuer()

Specified by:

getIssuer in interface RequestedSecurityToken

Returns:

the issuer of the RequestedSecurityToken.

getAttributes

public List getAttributes()

Specified by:

getAttributes in interface RequestedSecurityToken

Returns:

a list of attributes of type com.sun.identity.saml.assertion.Attribute

getAssertion

public Assertion getAssertion()

Returns:

the underlying SAML 1.1 Assertion

toString

public String toString()

This method marshalls the token, returning a String comprising the textual XML representation.

Overrides:

toString in class Object

Returns:

The textual XML representation of the token.

verifyToken

public Map<String,Object> verifyToken(String realm,
                                      String hostEntityId,
                                      int timeskew)
                               throws WSFederationException

Verifies the token's validity, checking the signature, validity period etc.

Specified by:

verifyToken in interface RequestedSecurityToken

Parameters:

realm - the realm of the local entity

hostEntityId - the local entity ID

timeskew - permitted skew between service provider and identity provider clocks, in seconds

Returns:

a Map of relevant data including Subject and the List of Assertions.

Throws:

WSFederationException - in case of any error - invalid token signature, token expired etc.