Package org.apache.cxf.sts.token.provider

Class DefaultSubjectProvider

  • All Implemented Interfaces:
    SubjectProvider
    public class DefaultSubjectProvider
extends Object
implements SubjectProvider
    A default implementation of SubjectProvider to create a SAML Assertion. The Subject name is the name of the current principal, the subject name qualifier is a default URL that can be configured, and the subject confirmation method is created according to the token type and key type. If the Subject Confirmation Method is SymmetricKey or PublicKey, the appropriate KeyInfoBean object is created and attached to the Subject.

    • Constructor Detail

      • DefaultSubjectProvider

        public DefaultSubjectProvider()

    • Method Detail

      • setSubjectNameQualifier

        public void setSubjectNameQualifier​(String subjectNameQualifier)
        Set the SubjectNameQualifier.

      • setSubjectNameIDFormat

        public void setSubjectNameIDFormat​(String subjectNameIDFormat)
        Set the SubjectNameIDFormat.

      • getPrincipal

        protected Principal getPrincipal​(SubjectProviderParameters subjectProviderParameters)
        Get the Principal (which is used as the Subject). By default, we check the following (in order): - A valid OnBehalfOf principal - A valid principal associated with a token received as ValidateTarget - The principal associated with the request. We don't need to check to see if it is "valid" here, as it is not parsed by the STS (but rather the WS-Security layer).

      • createSubjectBean

        protected org.apache.wss4j.common.saml.bean.SubjectBean createSubjectBean​(Principal principal,
                                                                          SubjectProviderParameters subjectProviderParameters)
        Create the SubjectBean using the specified principal.

      • getSubjectConfirmationMethod

        protected String getSubjectConfirmationMethod​(String tokenType,
                                              String keyType)
        Get the SubjectConfirmation method given a tokenType and keyType

      • createKeyInfo

        protected org.apache.wss4j.common.saml.bean.KeyInfoBean createKeyInfo​(SubjectProviderParameters subjectProviderParameters)
        Create and return the KeyInfoBean to be inserted into the SubjectBean

      • createPublicKeyKeyInfo

        protected static org.apache.wss4j.common.saml.bean.KeyInfoBean createPublicKeyKeyInfo​(X509Certificate certificate,
                                                                                      PublicKey publicKey)
        Create a KeyInfoBean that contains an X.509 certificate or Public Key

      • createEncryptedKeyKeyInfo

        protected static org.apache.wss4j.common.saml.bean.KeyInfoBean createEncryptedKeyKeyInfo​(X509Certificate certificate,
                                                                                         byte[] secret,
                                                                                         Document doc,
                                                                                         EncryptionProperties encryptionProperties,
                                                                                         org.apache.wss4j.common.crypto.Crypto encryptionCrypto)
                                                                                  throws org.apache.wss4j.common.ext.WSSecurityException
        Create an EncryptedKey KeyInfo.
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException