Class SAML2Signature
- java.lang.Object
-
- org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature
-
public class SAML2Signature extends Object
Class that deals with SAML2 Signature- Since:
- May 26, 2009
- Author:
- Anil.Saldhana@redhat.com, alessio.soldano@jboss.com
-
-
Constructor Summary
Constructors Constructor Description SAML2Signature()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static void
configureIdAttribute(Document document)
Sets the IDness of the ID attribute.static void
configureIdAttribute(Element element)
String
getDigestMethod()
Node
getNextSiblingOfIssuer(Document doc)
String
getSignatureMethod()
void
setDigestMethod(String digestMethod)
void
setNextSibling(Node sibling)
void
setSignatureIncludeKeyInfo(boolean val)
Set to false, if you do not want to include keyinfo in the signaturevoid
setSignatureMethod(String signatureMethod)
void
setX509Certificate(X509Certificate x509Certificate)
Set theX509Certificate
if you desire to have the SignedInfo have X509 Data This method needs to be called before any of the sign methods.Document
sign(Document doc, String referenceID, String keyName, KeyPair keyPair, String canonicalizationMethodType)
Sign an Document at the rootvoid
signSAMLDocument(Document samlDocument, String keyName, KeyPair keypair, String canonicalizationMethodType)
Sign a SAML Documentboolean
validate(Document signedDocument, KeyLocator keyLocator)
Validate the SAML2 Document
-
-
-
Method Detail
-
getSignatureMethod
public String getSignatureMethod()
-
setSignatureMethod
public void setSignatureMethod(String signatureMethod)
-
getDigestMethod
public String getDigestMethod()
-
setDigestMethod
public void setDigestMethod(String digestMethod)
-
setNextSibling
public void setNextSibling(Node sibling)
-
setSignatureIncludeKeyInfo
public void setSignatureIncludeKeyInfo(boolean val)
Set to false, if you do not want to include keyinfo in the signature- Parameters:
val
-- Since:
- v2.0.1
-
setX509Certificate
public void setX509Certificate(X509Certificate x509Certificate)
Set theX509Certificate
if you desire to have the SignedInfo have X509 Data This method needs to be called before any of the sign methods.- Parameters:
x509Certificate
-- Since:
- v2.5.0
-
sign
public Document sign(Document doc, String referenceID, String keyName, KeyPair keyPair, String canonicalizationMethodType) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
Sign an Document at the root- Parameters:
keyPair
- Key Pair- Returns:
- Throws:
ParserConfigurationException
XMLSignatureException
MarshalException
GeneralSecurityException
-
signSAMLDocument
public void signSAMLDocument(Document samlDocument, String keyName, KeyPair keypair, String canonicalizationMethodType) throws ProcessingException
Sign a SAML Document- Parameters:
samlDocument
-keypair
-- Throws:
ProcessingException
-
validate
public boolean validate(Document signedDocument, KeyLocator keyLocator) throws ProcessingException
Validate the SAML2 Document- Parameters:
signedDocument
-keyLocator
-- Returns:
- Throws:
ProcessingException
-
configureIdAttribute
public static void configureIdAttribute(Document document)
Sets the IDness of the ID attribute. Santuario 1.5.1 does not assumes IDness based on attribute names anymore. This method should be called before signing/validating a saml document.
- Parameters:
document
- SAML document to have its ID attribute configured.
-
configureIdAttribute
public static void configureIdAttribute(Element element)
-
-