1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20 package org.apache.ws.security.message;
21
22 import org.apache.ws.security.WSSConfig;
23 import org.apache.ws.security.WSSecurityException;
24 import org.apache.ws.security.saml.ext.AssertionWrapper;
25 import org.apache.ws.security.util.WSSecurityUtil;
26
27 import org.w3c.dom.Document;
28 import org.w3c.dom.Element;
29
30 /**
31 * Builds a WS SAML Assertion and inserts it into the SOAP Envelope. Refer to
32 * the WS specification, SAML Token profile
33 *
34 * @author Davanum Srinivas (dims@yahoo.com).
35 */
36 public class WSSecSAMLToken extends WSSecBase {
37
38 private static org.apache.commons.logging.Log log =
39 org.apache.commons.logging.LogFactory.getLog(WSSecSAMLToken.class);
40
41 private Document document = null;
42
43 private AssertionWrapper saml = null;
44
45 public WSSecSAMLToken() {
46 super();
47 }
48 public WSSecSAMLToken(WSSConfig config) {
49 super(config);
50 }
51
52 /**
53 * Creates a SAML token.
54 *
55 * The method prepares and initializes a WSSec UsernameToken structure after
56 * the relevant information was set. A Before calling
57 * <code>prepare()</code> all parameters such as user, password,
58 * passwordType etc. must be set. A complete <code>UsernameToken</code> is
59 * constructed.
60 *
61 * @param doc
62 * The SOAP envelope as W3C document
63 */
64 public void prepare(Document doc, AssertionWrapper assertion) {
65 document = doc;
66 saml = assertion;
67 }
68
69 /**
70 * Prepends the SAML Assertion to the elements already in the
71 * Security header.
72 *
73 * The method can be called any time after <code>prepare()</code>.
74 * This allows to insert the SAML assertion at any position in the
75 * Security header.
76 *
77 * @param secHeader
78 * The security header that holds the Signature element.
79 */
80 public void prependToHeader(WSSecHeader secHeader) {
81 try {
82 Element element = (Element) saml.toDOM(document);
83 WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), element);
84 } catch (WSSecurityException ex) {
85 throw new RuntimeException(ex.toString(), ex);
86 }
87 }
88
89 /**
90 * Get the id generated during <code>prepare()</code>.
91 *
92 * Returns the the value of wsu:Id attribute of this Timestamp.
93 *
94 * @return Return the wsu:Id of this token or null if <code>prepareToken()</code>
95 * was not called before.
96 */
97 public String getId() {
98 if (saml == null) {
99 return null;
100 }
101 return saml.getId();
102 }
103
104 /**
105 * Adds a new <code>SAMLAssertion</code> to a soap envelope.
106 * <p/>
107 * A complete <code>SAMLAssertion</code> is added to the
108 * <code>wsse:Security</code> header.
109 *
110 * @param doc The SOAP envelope as W3C document
111 * @param assertion TODO
112 * @return Document with UsernameToken added
113 */
114 public Document build(Document doc, AssertionWrapper assertion, WSSecHeader secHeader) {
115 log.debug("Begin add SAMLAssertion token...");
116
117 prepare(doc, assertion);
118 prependToHeader(secHeader);
119
120 return doc;
121 }
122 }