ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1330310 - /webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
Date Wed, 25 Apr 2012 14:37:00 GMT
Author: coheigea
Date: Wed Apr 25 14:37:00 2012
New Revision: 1330310

URL: http://svn.apache.org/viewvc?rev=1330310&view=rev
Log:
Adding the ability to sign SAML Protocol Requests/Responses when marshalling to DOM

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java?rev=1330310&r1=1330309&r2=1330310&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
Wed Apr 25 14:37:00 2012
@@ -119,36 +119,7 @@ public class OpenSAMLUtil {
                 throw new WSSecurityException("Error marshalling a SAML assertion", ex);
             }
     
-            // Sign the assertion if the signature element is present.
-            if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
-                org.opensaml.saml2.core.Assertion saml2 = 
-                    (org.opensaml.saml2.core.Assertion) xmlObject;
-                // if there is a signature, but it hasn't already been signed
-                if (saml2.getSignature() != null) {
-                    if (log.isDebugEnabled()) {
-                        log.debug("Signing SAML v2.0 assertion...");
-                    }
-                    try {
-                        Signer.signObject(saml2.getSignature());
-                    } catch (SignatureException ex) {
-                        throw new WSSecurityException("Error signing a SAML assertion", ex);
-                    }
-                }
-            } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
-                org.opensaml.saml1.core.Assertion saml1 = 
-                    (org.opensaml.saml1.core.Assertion) xmlObject;
-                // if there is a signature, but it hasn't already been signed
-                if (saml1.getSignature() != null) {
-                    if (log.isDebugEnabled()) {
-                        log.debug("Signing SAML v1.1 assertion...");
-                    }
-                    try {
-                        Signer.signObject(saml1.getSignature());
-                    } catch (SignatureException ex) {
-                        throw new WSSecurityException("Error signing a SAML assertion", ex);
-                    }
-                }
-            }
+            signXMLObject(xmlObject);
         } finally {
             if (frag != null) {
                 while (doc.getFirstChild() != null) {
@@ -160,6 +131,65 @@ public class OpenSAMLUtil {
         return element;
     }
     
+    private static void signXMLObject(XMLObject xmlObject) throws WSSecurityException {
+        if (xmlObject instanceof org.opensaml.saml1.core.Response) {
+            org.opensaml.saml1.core.Response response = 
+                    (org.opensaml.saml1.core.Response)xmlObject;
+            
+            // Sign any Assertions
+            if (response.getAssertions() != null) {
+                for (org.opensaml.saml1.core.Assertion assertion : response.getAssertions())
{
+                    signObject(assertion.getSignature());
+                }
+            }
+            
+            signObject(response.getSignature());
+        } else if (xmlObject instanceof org.opensaml.saml2.core.Response) {
+            org.opensaml.saml2.core.Response response = 
+                    (org.opensaml.saml2.core.Response)xmlObject;
+            
+            // Sign any Assertions
+            if (response.getAssertions() != null) {
+                for (org.opensaml.saml2.core.Assertion assertion : response.getAssertions())
{
+                    signObject(assertion.getSignature());
+                }
+            }
+            
+            signObject(response.getSignature());
+        } else if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
+            org.opensaml.saml2.core.Assertion saml2 = 
+                    (org.opensaml.saml2.core.Assertion) xmlObject;
+            
+            signObject(saml2.getSignature());
+        } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
+            org.opensaml.saml1.core.Assertion saml1 = 
+                    (org.opensaml.saml1.core.Assertion) xmlObject;
+            
+            signObject(saml1.getSignature());
+        } else if (xmlObject instanceof org.opensaml.saml2.core.RequestAbstractType) {
+            org.opensaml.saml2.core.RequestAbstractType request = 
+                    (org.opensaml.saml2.core.RequestAbstractType) xmlObject;
+            
+            
+            signObject(request.getSignature());
+        } else if (xmlObject instanceof org.opensaml.saml1.core.Request) {
+            org.opensaml.saml1.core.Request request = 
+                    (org.opensaml.saml1.core.Request) xmlObject;
+            
+            signObject(request.getSignature());
+        }
+    }
+    
+    private static void signObject(Signature signature) throws WSSecurityException {
+        if (signature != null) {
+            try {
+                Signer.signObject(signature);
+            } catch (SignatureException ex) {
+                throw new WSSecurityException("Error signing a SAML assertion", ex);
+            }
+        }
+    }
+    
     /**
      * Method buildSignature ...
      *



Mime
View raw message