Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

net.geant.edugain.validation
Class SAMLSigner

java.lang.Object
  extended by net.geant.edugain.validation.SAMLSigner

public class SAMLSigner
extends java.lang.Object

This class allows users to sign any SAML version 1.0, 1.1 and 2.0 primitive. For this class to properly work, you have to previously create an instance of Configurator class, so that you are sure eduGAIN is configured and the signature related properties loaded.

To sign a SAML (whatever version) document, follow these simple steps:

Version:
0.7
Author:
Jaime Perez, Olalla Rodriguez

Field Summary
private  java.security.cert.Certificate[] c
           
private  java.lang.String canonicalizationalg
           
private  java.util.ArrayList<java.security.cert.X509Certificate> certchain
           
private  Configurator cfg
           
private  org.opensaml.xml.security.x509.BasicX509Credential credential
           
static java.lang.String DEFAULT_CANONICALIZATION_ALG
           
static java.lang.String DEFAULT_DIGEST_ALG
           
static java.lang.String DEFAULT_SIGNATURE_ALG
           
private  java.lang.String digestalg
           
private  org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory factory
           
private  java.security.Key key
           
private  java.security.KeyStore keystore
           
private  org.apache.log4j.Logger log
           
private  org.opensaml.xml.io.MarshallerFactory mFactory
           
private  java.lang.String signaturealg
           
 
Constructor Summary
SAMLSigner()
          Build a new signer with default properties.
SAMLSigner(java.util.Properties properties)
          Build a new signer with custom properties.
 
Method Summary
 java.util.Collection getChain()
          Get the certificate chain associated with the private key.
 java.lang.String getDigestAlgorithm()
          Get the digest algorithm.
 java.security.Key getKey()
          Get the private key in use.
 java.lang.String getSignatureAlgorithm()
          Get the signature algorithm.
private  void initialize()
          SAMLSigner initialization.
 void setDigestAlgorithm(java.lang.String algorithm)
          Set the digest algorithm.
 void setSignatureAlgorithm(java.lang.String algorithm)
          Set the signature algorithm.
 org.opensaml.SAMLSignedObject sign(org.opensaml.SAMLSignedObject obj)
          Sign OpenSAML1 objects (SAML 1.0).
 org.opensaml.SAMLSignedObject sign(org.opensaml.SAMLSignedObject obj, boolean force)
          Sign OpenSAML1 objects (SAML 1.0).
 org.opensaml.common.SignableSAMLObject sign(org.opensaml.common.SignableSAMLObject obj)
          Sign OpenSAML2 objects (including SAML 1.0, 1.1 and 2.0).
 org.opensaml.common.SignableSAMLObject sign(org.opensaml.common.SignableSAMLObject obj, boolean force)
          Sign OpenSAML2 objects (including SAML 1.0, 1.1 and 2.0).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_SIGNATURE_ALG

public static final java.lang.String DEFAULT_SIGNATURE_ALG
See Also:
Constant Field Values

DEFAULT_DIGEST_ALG

public static final java.lang.String DEFAULT_DIGEST_ALG
See Also:
Constant Field Values

DEFAULT_CANONICALIZATION_ALG

public static final java.lang.String DEFAULT_CANONICALIZATION_ALG
See Also:
Constant Field Values

keystore

private java.security.KeyStore keystore

signaturealg

private java.lang.String signaturealg

digestalg

private java.lang.String digestalg

canonicalizationalg

private java.lang.String canonicalizationalg

certchain

private java.util.ArrayList<java.security.cert.X509Certificate> certchain

c

private java.security.cert.Certificate[] c

key

private java.security.Key key

log

private org.apache.log4j.Logger log

cfg

private Configurator cfg

credential

private org.opensaml.xml.security.x509.BasicX509Credential credential

mFactory

private org.opensaml.xml.io.MarshallerFactory mFactory

factory

private org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory factory
Constructor Detail

SAMLSigner

public SAMLSigner(java.util.Properties properties)
           throws ValidationException
Build a new signer with custom properties.

Parameters:
properties - Properties to use.
Throws:
ValidationException - Thrown if an error occurs.

SAMLSigner

public SAMLSigner()
           throws ValidationException
Build a new signer with default properties.

Throws:
ValidationException - Thrown if an error occurs.
Method Detail

initialize

private void initialize()
                 throws ValidationException
SAMLSigner initialization.

Throws:
ValidationException - Thrown if an error occurs.

getSignatureAlgorithm

public java.lang.String getSignatureAlgorithm()
Get the signature algorithm.

Returns:
String The signature algorithm used to sign the SAMLObject. If no sigalg parameter is configurated in the properties file, "http://www.w3.org/2000/09/xmldsig#sha1" will be returned.

setSignatureAlgorithm

public void setSignatureAlgorithm(java.lang.String algorithm)
Set the signature algorithm.

Parameters:
algorithm - The signature algorithm used to sign the SAMLObject.

getDigestAlgorithm

public java.lang.String getDigestAlgorithm()
Get the digest algorithm.

Returns:
String The digest algorithm used to sign the SAMLObject. If no digalg parameter is configurated in the properties file, "http://www.w3.org/2000/09/xmldsig#rsa-sha1" will be returned.

setDigestAlgorithm

public void setDigestAlgorithm(java.lang.String algorithm)
Set the digest algorithm.

Parameters:
algorithm - The digest algorithm used to sign the SAMLObject.

getKey

public java.security.Key getKey()
Get the private key in use.

Returns:
Key The private key in use.

getChain

public java.util.Collection getChain()
Get the certificate chain associated with the private key.

Returns:
Collection A collection of certificates representing a certificate chain.

sign

public org.opensaml.common.SignableSAMLObject sign(org.opensaml.common.SignableSAMLObject obj)
                                            throws ValidationException,
                                                   org.opensaml.xml.signature.SignatureException
Sign OpenSAML2 objects (including SAML 1.0, 1.1 and 2.0).

Parameters:
obj - The object to be signed.
Returns:
SignableSAMLObject The signed object.
Throws:
ValidationException - Thrown if an error occurs.
org.opensaml.xml.signature.SignatureException

sign

public org.opensaml.common.SignableSAMLObject sign(org.opensaml.common.SignableSAMLObject obj,
                                                   boolean force)
                                            throws ValidationException,
                                                   org.opensaml.xml.signature.SignatureException
Sign OpenSAML2 objects (including SAML 1.0, 1.1 and 2.0).

Parameters:
obj - The object to be signed.
force - Whether to force signing or not.
Returns:
SignableSAMLObject The signed object.
Throws:
ValidationException - Thrown if an error occurs.
org.opensaml.xml.signature.SignatureException

sign

public org.opensaml.SAMLSignedObject sign(org.opensaml.SAMLSignedObject obj)
                                   throws ValidationException
Sign OpenSAML1 objects (SAML 1.0).

Parameters:
obj - The object to be signed.
Returns:
SAMLSignedObject The signed object.
Throws:
ValidationException - Thrown if an error occurs.

sign

public org.opensaml.SAMLSignedObject sign(org.opensaml.SAMLSignedObject obj,
                                          boolean force)
                                   throws ValidationException
Sign OpenSAML1 objects (SAML 1.0).

Parameters:
obj - The object to be signed.
force - Whether to force signing or not.
Returns:
SAMLSignedObject The signed object.
Throws:
ValidationException - Thrown if an error occurs.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD