View Javadoc

1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security;
21  
22  import org.apache.ws.security.saml.ext.AssertionWrapper;
23  import org.opensaml.common.SAMLVersion;
24  
25  import java.io.Serializable;
26  import java.security.Principal;
27  
28  /**
29   * A principal that represents a SAML Token. It parses the Subject and returns the Subject 
30   * name value as the Principal name.
31   */
32  public class SAMLTokenPrincipal implements Principal, Serializable {
33      private static final long serialVersionUID = 1L;
34      
35      private String name;
36      private AssertionWrapper assertion;
37      
38      public SAMLTokenPrincipal(AssertionWrapper assertion) {
39          this.assertion = assertion;
40          if (assertion.getSamlVersion() == SAMLVersion.VERSION_20) {
41              org.opensaml.saml2.core.Subject subject = assertion.getSaml2().getSubject();
42              if (subject != null && subject.getNameID() != null) {
43                  name = subject.getNameID().getValue();
44              }
45          } else {
46              org.opensaml.saml1.core.Subject samlSubject = null;
47              for (org.opensaml.saml1.core.Statement stmt : assertion.getSaml1().getStatements()) {
48                  if (stmt instanceof org.opensaml.saml1.core.AttributeStatement) {
49                      org.opensaml.saml1.core.AttributeStatement attrStmt = 
50                          (org.opensaml.saml1.core.AttributeStatement) stmt;
51                      samlSubject = attrStmt.getSubject();
52                  } else if (stmt instanceof org.opensaml.saml1.core.AuthenticationStatement) {
53                      org.opensaml.saml1.core.AuthenticationStatement authStmt = 
54                          (org.opensaml.saml1.core.AuthenticationStatement) stmt;
55                      samlSubject = authStmt.getSubject();
56                  } else {
57                      org.opensaml.saml1.core.AuthorizationDecisionStatement authzStmt =
58                          (org.opensaml.saml1.core.AuthorizationDecisionStatement)stmt;
59                      samlSubject = authzStmt.getSubject();
60                  }
61                  if (samlSubject != null) {
62                      break;
63                  }
64              }
65              if (samlSubject != null && samlSubject.getNameIdentifier() != null) {
66                  name = samlSubject.getNameIdentifier().getNameIdentifier();
67              }
68          }
69      }
70      
71      public AssertionWrapper getToken() {
72          return assertion;
73      }
74  
75      public String getName() {
76          return this.name;
77      }
78  
79      public String getId() {
80          if (assertion != null) {
81              return assertion.getId();
82          }
83          return null;
84      }
85      
86  }