• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java SecurityException类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.opensaml.xml.security.SecurityException的典型用法代码示例。如果您正苦于以下问题:Java SecurityException类的具体用法?Java SecurityException怎么用?Java SecurityException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



SecurityException类属于org.opensaml.xml.security包,在下文中一共展示了SecurityException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: getRoleDescriptors

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Get the list of metadata role descriptors which match the given entityID, role and protocol.
 * 
 * @param entityID entity ID of the credential owner
 * @param role role in which the entity is operating
 * @param protocol protocol over which the entity is operating (may be null)
 * @return a list of role descriptors matching the given parameters, or null
 * @throws SecurityException thrown if there is an error retrieving role descriptors from the metadata provider
 */
protected List<RoleDescriptor> getRoleDescriptors(String entityID, QName role, String protocol)
        throws SecurityException {
    try {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving metadata for entity '{}' in role '{}' for protocol '{}'", 
                    new Object[] {entityID, role, protocol});
        }

        if (DatatypeHelper.isEmpty(protocol)) {
            return metadata.getRole(entityID, role);
        } else {
            RoleDescriptor roleDescriptor = metadata.getRole(entityID, role, protocol);
            if (roleDescriptor == null) {
                return null;
            }
            List<RoleDescriptor> roles = new ArrayList<RoleDescriptor>();
            roles.add(roleDescriptor);
            return roles;
        }
    } catch (MetadataProviderException e) {
        log.error("Unable to read metadata from provider", e);
        throw new SecurityException("Unable to read metadata provider", e);
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:34,代码来源:MetadataCredentialResolver.java


示例2: processSecurityPolicy

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Process any {@link SecurityPolicy}s which can be resolved for the message context.
 * 
 * @param messageContext the message context to process
 * @throws SecurityException thrown if the decoded message does not meet the required security constraints
 */
protected void processSecurityPolicy(MessageContext messageContext) throws SecurityException {
    SecurityPolicyResolver policyResolver = messageContext.getSecurityPolicyResolver();
    if (policyResolver != null) {
        Iterable<SecurityPolicy> securityPolicies = policyResolver.resolve(messageContext);
        if (securityPolicies != null) {
            for (SecurityPolicy policy : securityPolicies) {
                if (policy != null) {
                    log.debug("Evaluating security policy of type '{}' for decoded message", policy.getClass()
                            .getName());
                    policy.evaluate(messageContext);
                }
            }
        } else {
            log.debug("No security policy resolved for this message context, no security policy evaluation attempted");
        }
    } else {
        log.debug("No security policy resolver attached to this message context, no security policy evaluation attempted");
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:26,代码来源:BaseMessageDecoder.java


示例3: send

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** {@inheritDoc} */
public void send(String endpoint, SOAPMessageContext messageContext) throws SOAPException, SecurityException {
    PostMethod post = null;
    try {
        post = createPostMethod(endpoint, (HttpSOAPRequestParameters) messageContext.getSOAPRequestParameters(),
                (Envelope) messageContext.getOutboundMessage());

        int result = httpClient.executeMethod(post);
        log.debug("Received HTTP status code of {} when POSTing SOAP message to {}", result, endpoint);

        if (result == HttpStatus.SC_OK) {
            processSuccessfulResponse(post, messageContext);
        } else if (result == HttpStatus.SC_INTERNAL_SERVER_ERROR) {
            processFaultResponse(post, messageContext);
        } else {
            throw new SOAPClientException("Received " + result + " HTTP response status code from HTTP request to "
                    + endpoint);
        }
    } catch (IOException e) {
        throw new SOAPClientException("Unable to send request to " + endpoint, e);
    } finally {
        if (post != null) {
            post.releaseConnection();
        }
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:27,代码来源:HttpSOAPClient.java


示例4: processEntityCertificate

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** Process the value of {@link X509Credential#getEntityCertificate()}.
 * 
 * @param keyInfo the KeyInfo that is being built
 * @param x509Data the X509Data that is being built
 * @param credential the Credential that is being processed
 * @throws SecurityException thrown if the certificate data can not be encoded from the Java certificate object
 */
protected void processEntityCertificate(KeyInfo keyInfo, X509Data x509Data, X509Credential credential) 
        throws SecurityException {
    
    if (credential.getEntityCertificate() == null) {
        return;
    }
    
    java.security.cert.X509Certificate javaCert = credential.getEntityCertificate();
    
    processCertX509DataOptions(x509Data, javaCert);
    processCertKeyNameOptions(keyInfo, javaCert);
    
    // The cert chain includes the entity cert, so don't add a duplicate
    if (options.emitEntityCertificate && ! options.emitEntityCertificateChain) {
        try {
            X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert);
            x509Data.getX509Certificates().add(xmlCert);
        } catch (CertificateEncodingException e) {
            throw new SecurityException("Error generating X509Certificate element " 
                    + "from credential's end-entity certificate", e);
        }
    }
    
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:32,代码来源:X509KeyInfoGeneratorFactory.java


示例5: processEntityCertificateChain

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** Process the value of {@link X509Credential#getEntityCertificateChain()}.
 * 
 * @param keyInfo the KeyInfo that is being built
 * @param x509Data the X509Data that is being built
 * @param credential the Credential that is being processed
 * @throws SecurityException thrown if the certificate data can not be encoded from the Java certificate object
 */
protected void processEntityCertificateChain(KeyInfo keyInfo, X509Data x509Data, X509Credential credential) 
        throws SecurityException {
    
    if (options.emitEntityCertificateChain && credential.getEntityCertificateChain() != null) {
        for (java.security.cert.X509Certificate javaCert : credential.getEntityCertificateChain()) {
            try {
                X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert);
                x509Data.getX509Certificates().add(xmlCert);
            } catch (CertificateEncodingException e) {
                throw new SecurityException("Error generating X509Certificate element " 
                        + "from a certificate in credential's certificate chain", e);
            }
        }
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:23,代码来源:X509KeyInfoGeneratorFactory.java


示例6: processCRLs

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** Process the value of {@link X509Credential#getCRLs()}.
 * 
 * @param keyInfo the KeyInfo that is being built
 * @param x509Data the X509Data that is being built
 * @param credential the Credential that is being processed
 * @throws SecurityException thrown if the CRL data can not be encoded from the Java certificate object
 */
protected void processCRLs(KeyInfo keyInfo, X509Data x509Data, X509Credential credential) 
        throws SecurityException {
    
    if (options.emitCRLs && credential.getCRLs() != null) {
        for (java.security.cert.X509CRL javaCRL : credential.getCRLs()) {
            try {
                X509CRL xmlCRL = KeyInfoHelper.buildX509CRL(javaCRL);
                x509Data.getX509CRLs().add(xmlCRL);
            } catch (CRLException e) {
                throw new SecurityException("Error generating X509CRL element " 
                        + "from a CRL in credential's CRL list", e);
            }
        }
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:23,代码来源:X509KeyInfoGeneratorFactory.java


示例7: validate

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** {@inheritDoc} */
public boolean validate(X509Credential untrustedCredential, CriteriaSet trustBasisCriteria)
    throws SecurityException {
    
    log.debug("Attempting PKIX validation of untrusted credential");

    if (untrustedCredential == null) {
        log.error("X.509 credential was null, unable to perform validation");
        return false;
    }

    if (untrustedCredential.getEntityCertificate() == null) {
        log.error("Untrusted X.509 credential's entity certificate was null, unable to perform validation");
        return false;
    }

    Set<String> trustedNames = null;
    if (pkixResolver.supportsTrustedNameResolution()) {
        trustedNames = pkixResolver.resolveTrustedNames(trustBasisCriteria);
    } else {
        log.debug("PKIX resolver does not support resolution of trusted names, skipping name checking");
    }

    return validate(untrustedCredential, trustedNames, pkixResolver.resolve(trustBasisCriteria));
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:26,代码来源:PKIXX509CredentialTrustEngine.java


示例8: evaluate

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * {@inheritDoc} 
 * 
 * <p>
 * If the set of trusted names is null or empty, or if no supported name types are configured to be
 * checked, then the evaluation is considered successful.
 * </p>
 * 
 */
@SuppressWarnings("unchecked")
public boolean evaluate(X509Credential credential, Set<String> trustedNames) throws SecurityException {
    if (!isNameCheckingActive()) {
        log.debug("No trusted name options are active, skipping name evaluation");
        return true;
    } else if (trustedNames == null || trustedNames.isEmpty()) {
        log.debug("Supplied trusted names are null or empty, skipping name evaluation");
        return true;
    }

    if (log.isDebugEnabled()) {
        log.debug("Checking trusted names against credential: {}",
                X509Util.getIdentifiersToken(credential, x500DNHandler));
        log.debug("Trusted names being evaluated are: {}",
                trustedNames.toString());
    }        
    return processNameChecks(credential, trustedNames);
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:28,代码来源:BasicX509CredentialNameEvaluator.java


示例9: processKeyInfoChild

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Process the given KeyInfo child with the registered providers.
 * 
 * The child element is processed by each provider in the ordered list of providers. The credential or credentials
 * resolved by the first provider to successfully do so are returned and processing of the child element is
 * terminated.
 * 
 * @param kiContext KeyInfo resolution context
 * @param criteriaSet the credential criteria used to resolve credentials
 * @param keyInfoChild the KeyInfo to evaluate
 * @return the collection of resolved credentials, or null
 * @throws SecurityException thrown if there is a provider error processing the KeyInfo child
 */
protected Collection<Credential> processKeyInfoChild(KeyInfoResolutionContext kiContext, CriteriaSet criteriaSet,
        XMLObject keyInfoChild) throws SecurityException {

    for (KeyInfoProvider provider : getProviders()) {

        if (!provider.handles(keyInfoChild)) {
            log.debug("Provider {} doesn't handle objects of type {}, skipping", provider.getClass().getName(),
                    keyInfoChild.getElementQName());
            continue;
        }

        log.debug("Processing KeyInfo child {} with provider {}", keyInfoChild.getElementQName(), provider
                .getClass().getName());
        Collection<Credential> creds = provider.process(this, keyInfoChild, criteriaSet, kiContext);

        if (creds != null && !creds.isEmpty()) {
            log.debug("Credentials successfully extracted from child {} by provider {}", keyInfoChild
                    .getElementQName(), provider.getClass().getName());
            return creds;
        }
    }
    return null;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:37,代码来源:BasicProviderKeyInfoCredentialResolver.java


示例10: initResolutionContext

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Initialize the resolution context that will be used by the providers.
 * 
 * The supplied KeyInfo object is stored in the context, as well as the values of any {@link KeyName} children
 * present. Finally if a credential is resolveble by any registered provider from a plain {@link KeyValue} child,
 * the key from that credential is also stored in the context.
 * 
 * @param kiContext KeyInfo resolution context
 * @param keyInfo the KeyInfo to evaluate
 * @param criteriaSet the credential criteria used to resolve credentials
 * @throws SecurityException thrown if there is an error processing the KeyValue children
 */
protected void initResolutionContext(KeyInfoResolutionContext kiContext, KeyInfo keyInfo, CriteriaSet criteriaSet)
        throws SecurityException {

    kiContext.setKeyInfo(keyInfo);

    // Extract all KeyNames
    kiContext.getKeyNames().addAll(KeyInfoHelper.getKeyNames(keyInfo));
    log.debug("Found {} key names: {}", kiContext.getKeyNames().size(), kiContext.getKeyNames());

    // Extract the Credential based on the (singular) key from an existing KeyValue(s).
    resolveKeyValue(kiContext, criteriaSet, keyInfo.getKeyValues());

    // Extract the Credential based on the (singular) key from an existing DEREncodedKeyValue(s).
    resolveKeyValue(kiContext, criteriaSet, keyInfo.getXMLObjects(DEREncodedKeyValue.DEFAULT_ELEMENT_NAME));
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:28,代码来源:BasicProviderKeyInfoCredentialResolver.java


示例11: resolveKeyValue

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Resolve the key from any KeyValue or DEREncodedKeyValue element that may be present, and store the resulting
 * key in the resolution context.
 * 
 * Each element is processed in turn in document order. Each element will be processed by each provider in
 * the ordered list of registered providers. The key from the first credential successfully resolved
 * will be stored in the resolution context.
 * 
 * Note: This resolver implementation assumes that KeyInfo will not be abused via-a-vis the Signature
 * specificiation, and that therefore all elements (if there are even more than one) will all resolve to the
 * same key value. The KeyInfo might, for example have multiple KeyValue children, containing different
 * representations of the same key. Therefore, only the first credential derived will be be utilized.
 * 
 * @param kiContext KeyInfo resolution context
 * @param criteriaSet the credential criteria used to resolve credentials
 * @param keyValues the KeyValue or DEREncodedKeyValue children to evaluate
 * @throws SecurityException thrown if there is an error resolving the key from the KeyValue
 */
protected void resolveKeyValue(KeyInfoResolutionContext kiContext, CriteriaSet criteriaSet,
        List<? extends XMLObject> keyValues) throws SecurityException {

    for (XMLObject keyValue : keyValues) {
        if (!(keyValue instanceof KeyValue) && !(keyValue instanceof DEREncodedKeyValue)) {
            continue;
        }
        Collection<Credential> creds = processKeyInfoChild(kiContext, criteriaSet, keyValue);
        if (creds != null) {
            for (Credential cred : creds) {
                Key key = extractKeyValue(cred);
                if (key != null) {
                    kiContext.setKey(key);
                    log.debug("Found a credential based on a KeyValue/DEREncodedKeyValue having key type: {}",
                            key.getAlgorithm());
                    return;
                }
            }
        }
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:40,代码来源:BasicProviderKeyInfoCredentialResolver.java


示例12: findCertFromDigest

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Find the certificate from the chain that matches one of the specified digests.
 * 
 * @param certs list of certificates to evaluate
 * @param digests X509 digests to use as search criteria
 * @return the matching certificate, or null
 */
protected X509Certificate findCertFromDigest(List<X509Certificate> certs, List<XMLObject> digests) {
    byte[] certValue;
    byte[] xmlValue;
    
    for (XMLObject xo : digests) {
        if (!(xo instanceof X509Digest)) {
            continue;
        }
        X509Digest digest = (X509Digest) xo;
        if (!DatatypeHelper.isEmpty(digest.getValue())) {
            xmlValue = Base64.decode(digest.getValue());
            for (X509Certificate cert : certs) {
                try {
                    certValue = X509Util.getX509Digest(cert, digest.getAlgorithm());
                    if (certValue != null && Arrays.equals(xmlValue, certValue)) {
                        return cert;
                    }
                } catch (SecurityException e) {
                    // Ignore as no match.
                }
            }
        }
    }
    return null;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:33,代码来源:InlineX509DataProvider.java


示例13: postProcess

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** {@inheritDoc} */
protected void postProcess(KeyInfoResolutionContext kiContext, CriteriaSet criteriaSet,
        List<Credential> credentials) throws SecurityException {
    
    ArrayList<Credential> localCreds = new ArrayList<Credential>();
    
    for (Credential cred : credentials) {
        if (isLocalCredential(cred)) {
            localCreds.add(cred);
        } else if (cred.getPublicKey() != null) {
           localCreds.addAll(resolveByPublicKey(cred.getPublicKey()));
        }
    }
    
    // Also resolve local creds based on any key names that are known
    for (String keyName : kiContext.getKeyNames()) {
        localCreds.addAll(resolveByKeyName(keyName));
    }
    
    credentials.clear();
    credentials.addAll(localCreds);
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:23,代码来源:LocalKeyInfoCredentialResolver.java


示例14: getNextCredentialIterator

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Get the iterator from the next resolver in the chain.
 * 
 * @return an iterator of credentials
 */
private Iterator<Credential> getNextCredentialIterator() {
    while (resolverIterator.hasNext()) {
        currentResolver = resolverIterator.next();
            log.debug("Getting credential iterator from next resolver in chain: {}", currentResolver.getClass().toString());
        try {
            return currentResolver.resolve(critSet).iterator();
        } catch (SecurityException e) {
            log.error(String.format("Error resolving credentials from chaining resolver member '%s'",
                    currentResolver.getClass().getName()), e);
            if (resolverIterator.hasNext()) {
                log.error("Will attempt to resolve credentials from next member of resolver chain");
            }
        }
    }

    log.debug("No more credential resolvers available in the resolver chain");
    currentResolver = null;
    return null;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:25,代码来源:ChainingCredentialResolver.java


示例15: buildCredential

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Build a credential instance from the key store entry.
 * 
 * @param keyStoreEntry the key store entry to process
 * @param entityID the entityID to include in the credential
 * @param usage the usage type to include in the credential
 * @return the new credential instance, appropriate to the type of key store entry being processed
 * @throws SecurityException throw if there is a problem building a credential from the key store entry
 */
protected Credential buildCredential(KeyStore.Entry keyStoreEntry, String entityID, UsageType usage)
        throws SecurityException {

    log.debug("Building credential from keystore entry for entityID {}, usage type {}", entityID, usage);

    Credential credential = null;
    if (keyStoreEntry instanceof KeyStore.PrivateKeyEntry) {
        credential = processPrivateKeyEntry((KeyStore.PrivateKeyEntry) keyStoreEntry, entityID, keystoreUsage);
    } else if (keyStoreEntry instanceof KeyStore.TrustedCertificateEntry) {
        credential = processTrustedCertificateEntry((KeyStore.TrustedCertificateEntry) keyStoreEntry, entityID,
                keystoreUsage);
    } else if (keyStoreEntry instanceof KeyStore.SecretKeyEntry) {
        credential = processSecretKeyEntry((KeyStore.SecretKeyEntry) keyStoreEntry, entityID, keystoreUsage);
    } else {
        throw new SecurityException("KeyStore entry was of an unsupported type: "
                + keyStoreEntry.getClass().getName());
    }
    return credential;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:29,代码来源:KeyStoreCredentialResolver.java


示例16: getEvaluableCriteria

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Extract the evaluable credential criteria from the criteria set.
 * 
 * @param criteriaSet the set of credential criteria to process.
 * @return a set of evaluable Credential criteria
 * @throws SecurityException thrown if there is an error obtaining an instance of EvaluableCredentialCriteria
 *                           from the EvaluableCredentialCriteriaRegistry
 */
private Set<EvaluableCriteria<Credential>> getEvaluableCriteria(CriteriaSet criteriaSet) throws SecurityException {
    Set<EvaluableCriteria<Credential>> evaluable = new HashSet<EvaluableCriteria<Credential>>(criteriaSet.size());
    for (Criteria criteria : criteriaSet) {
        if (criteria instanceof EvaluableCredentialCriteria) {
            evaluable.add((EvaluableCredentialCriteria) criteria);
        } else {
            EvaluableCredentialCriteria evaluableCriteria = 
                EvaluableCredentialCriteriaRegistry.getEvaluator(criteria);
            if (evaluableCriteria != null) {
                evaluable.add(evaluableCriteria);
            }
        }
    }
    return evaluable;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:24,代码来源:AbstractCriteriaFilteringCredentialResolver.java


示例17: checkParamsRaw

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Check the signature and credential criteria for required values.
 * 
 * @param signature the signature to be evaluated
 * @param content the data over which the signature was computed
 * @param algorithmURI the signing algorithm URI which was used
 * @param trustBasisCriteria the set of trusted credential criteria
 * @throws SecurityException thrown if required values are absent or otherwise invalid
 */
protected void checkParamsRaw(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria)
        throws SecurityException {

    if (signature == null || signature.length == 0) {
        throw new SecurityException("Signature byte array was null or empty");
    }
    if (content == null || content.length == 0) {
        throw new SecurityException("Content byte array was null or empty");
    }
    if (DatatypeHelper.isEmpty(algorithmURI)) {
        throw new SecurityException("Signature algorithm was null or empty");
    }
    if (trustBasisCriteria == null) {
        throw new SecurityException("Trust basis criteria set was null");
    }
    if (trustBasisCriteria.isEmpty()) {
        throw new SecurityException("Trust basis criteria set was empty");
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:29,代码来源:BaseSignatureTrustEngine.java


示例18: resolveValidationInfo

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * Resolve and return a set of trusted validation information.
 * 
 * @param trustBasisCriteria criteria used to describe and/or resolve the information which serves as the basis for
 *            trust evaluation
 * @return a pair consisting of an optional set of trusted names, and an iterable of trusted
 *         PKIXValidationInformation
 * @throws SecurityException thrown if there is an error resolving the information from the trusted resolver
 */
protected Pair<Set<String>, Iterable<PKIXValidationInformation>> resolveValidationInfo(
        CriteriaSet trustBasisCriteria) throws SecurityException {

    Set<String> trustedNames = null;
    if (pkixResolver.supportsTrustedNameResolution()) {
        trustedNames = pkixResolver.resolveTrustedNames(trustBasisCriteria);
    } else {
        log.debug("PKIX resolver does not support resolution of trusted names, skipping name checking");
    }
    Iterable<PKIXValidationInformation> validationInfoSet = pkixResolver.resolve(trustBasisCriteria);

    Pair<Set<String>, Iterable<PKIXValidationInformation>> validationPair = 
        new Pair<Set<String>, Iterable<PKIXValidationInformation>>(trustedNames, validationInfoSet);

    return validationPair;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:26,代码来源:PKIXSignatureTrustEngine.java


示例19: decode

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/** {@inheritDoc} */
public void decode(MessageContext messageContext) throws MessageDecodingException, SecurityException {
    log.debug("Beginning to decode message from inbound transport of type: {}", messageContext
            .getInboundMessageTransport().getClass().getName());
    
    doDecode(messageContext);
    
    logDecodedMessage(messageContext);

    processPreSecurityInboundHandlerChain(messageContext);
    log.debug("Successfully processed pre-SecurityPolicy inbound handler chain.");
    
    processSecurityPolicy(messageContext);

    processPostSecurityInboundHandlerChain(messageContext);
    log.debug("Successfully processed post-SecurityPolicy inbound handler chain.");
    
    log.debug("Successfully decoded message.");

    // TODO: This gets executed by BaseSAML2MessageDecoder. Probably needs to be
    // factored out somehow to avoid brittleness in the decode() override.
    checkEndpointURI((SAMLMessageContext) messageContext);
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:24,代码来源:HandlerChainAwareHTTPSOAP11Decoder.java


示例20: validateSignature

import org.opensaml.xml.security.SecurityException; //导入依赖的package包/类
/**
 * @param queryString
 * @param issuer
 * @param alias
 * @param domainName
 * @return
 * @throws SecurityException
 * @throws IdentitySAML2SSOException
 */
@Override
public boolean validateSignature(String queryString, String issuer, String alias,
                                 String domainName) throws SecurityException,
        IdentitySAML2SSOException {
    byte[] signature = getSignature(queryString);
    byte[] signedContent = getSignedContent(queryString);
    String algorithmUri = getSigAlg(queryString);
    CriteriaSet criteriaSet = buildCriteriaSet(issuer);

    // creating the SAML2HTTPRedirectDeflateSignatureRule
    X509CredentialImpl credential =
            SAMLSSOUtil.getX509CredentialImplForTenant(domainName,
                    alias);

    List<Credential> credentials = new ArrayList<Credential>();
    credentials.add(credential);
    CollectionCredentialResolver credResolver = new CollectionCredentialResolver(credentials);
    KeyInfoCredentialResolver kiResolver = SecurityHelper.buildBasicInlineKeyInfoResolver();
    SignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(credResolver, kiResolver);
    return engine.validate(signature, signedContent, algorithmUri, criteriaSet, null);
}
 
开发者ID:wso2-attic,项目名称:carbon-identity,代码行数:31,代码来源:SAML2HTTPRedirectDeflateSignatureValidator.java



注:本文中的org.opensaml.xml.security.SecurityException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java Decoder类代码示例发布时间:2022-05-21
下一篇:
Java QueryUtil类代码示例发布时间:2022-05-21
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap