SAMLSignedObject

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

gov.nih.nci.cagrid.opensaml
Class SAMLSignedObject

java.lang.Object
  gov.nih.nci.cagrid.opensaml.SAMLObject
      gov.nih.nci.cagrid.opensaml.SAMLSignedObject

All Implemented Interfaces:: java.lang.Cloneable

Direct Known Subclasses:: SAMLAssertion, SAMLRequest, SAMLResponse

public abstract class SAMLSignedObject
extends SAMLObject
implements java.lang.Cloneable
extends SAMLObject
implements java.lang.Cloneable

Abstract base class for all SAML objects that can be signed

Author:: Scott Cantor

Field Summary

Fields inherited from class gov.nih.nci.cagrid.opensaml.SAMLObject
`config, dirty, log, parentObject, root`

Constructor Summary
`SAMLSignedObject()`

Method Summary
`protected java.lang.Object`	`clone()` Copies a SAML object such that no dependencies exist between the original and the copy.
`void`	`fromDOM(org.w3c.dom.Element e)` Initialization of an object from a DOM element
`java.lang.String`	`getDigestAlgorithm()` Returns the digest algorithm identifier from the signature
`abstract java.lang.String`	`getId()` Gets the ID of the signed object
`java.lang.Object`	`getNativeSignature()` Debugging aid to access the internal XML Signature implementation
`java.lang.String`	`getSignatureAlgorithm()` Returns the signing algorithm identifier from the signature
`protected org.w3c.dom.Element`	`getSignatureElement()` Get the DOM element containing the signature
`java.util.Iterator`	`getX509Certificates()` Returns an iterator over the X.509 certificates included in the signature, if any
`protected abstract void`	`insertSignature()` Places the signature into the object's DOM to prepare for signing
`boolean`	`isSigned()` Returns true iff the object contains a signature
`protected void`	`setDirty(boolean flag)` Sets or clears the object's dirty bit.
`void`	`sign(java.lang.String sigalg, java.security.Key k, java.util.Collection certs)` Sign the SAML object according to the input parameters, using a default digest algorithm.
`void`	`sign(java.lang.String sigalg, java.lang.String digalg, java.security.Key k, java.util.Collection certs)` Sign the SAML object according to the input parameters
`org.w3c.dom.Node`	`toDOM(boolean xmlns)` Transforms the object into a DOM tree without an existing document context
`void`	`unsign()` Remove the signature and turn this into an unsigned object.
`void`	`verify()` Verifies the signature using only the keying material included within it
`void`	`verify(java.security.cert.Certificate cert)` Verifies the signature using the keying material provided
`void`	`verify(java.security.Key k)` Verifies the signature using the keying material provided

Methods inherited from class gov.nih.nci.cagrid.opensaml.SAMLObject
`buildRoot, checkValidity, fromStream, fromStream, getParent, plantRoot, setParent, toBase64, toDOM, toDOM, toDOM, toStream, toString`

Methods inherited from class java.lang.Object
`equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Constructor Detail

SAMLSignedObject

public SAMLSignedObject()

Method Detail

getNativeSignature

public java.lang.Object getNativeSignature()

Debugging aid to access the internal XML Signature implementation

Returns:: Returns a Java object corresponding to the native class used by the underlying XML Signature implementation to represent a signature. Be careful using this method, unless you're debugging or know what you're doing.

getId

public abstract java.lang.String getId()

Gets the ID of the signed object

Returns:: The XML ID

fromDOM

public void fromDOM(org.w3c.dom.Element e)
             throws SAMLException

Description copied from class: SAMLObject

Initialization of an object from a DOM element

Overrides:: fromDOM in class SAMLObject

Parameters:: e - Root element of a DOM tree
Throws:: SAMLException - Raised if an exception occurs while constructing the object
See Also:: SAMLObject.fromDOM(Element e)

toDOM

public org.w3c.dom.Node toDOM(boolean xmlns)
                       throws SAMLException

Description copied from class: SAMLObject

Transforms the object into a DOM tree without an existing document context

Overrides:: toDOM in class SAMLObject

Parameters:: xmlns - Include namespace(s) on root element?
Returns:: Root element node of the DOM tree capturing the object
Throws:: SAMLException - Raised if the object is incompletely defined
See Also:: SAMLObject.toDOM(boolean xmlns)

insertSignature

protected abstract void insertSignature()
                                 throws SAMLException

Places the signature into the object's DOM to prepare for signing

Must be overridden by subclass that knows where to place it

Throws:: SAMLException - Thrown if an error occurs while placing the signature

getSignatureElement

protected org.w3c.dom.Element getSignatureElement()

Get the DOM element containing the signature

Returns:: The ds:Signature element of a signature

setDirty

protected void setDirty(boolean flag)

Description copied from class: SAMLObject

Sets or clears the object's dirty bit. When set, serialization will flush an existing DOM. All parent objects will also be flagged.

Overrides:: setDirty in class SAMLObject

Parameters:: flag - The new value of the dirty bit
See Also:: gov.nih.nci.cagrid.opensaml.SAMLObject#setDirty()

unsign

public void unsign()

Remove the signature and turn this into an unsigned object. Modifying an object after signing will automatically unsign it.

sign

public void sign(java.lang.String sigalg,
                 java.security.Key k,
                 java.util.Collection certs)
          throws SAMLException

Sign the SAML object according to the input parameters, using a default digest algorithm.

Parameters:: sigalg - The XML signature algorithm to apply; k - The secret or private key to sign the resulting digest; certs - The public key certificate(s) to embed in the object, if any
Throws:: SAMLException - Thrown if an error occurs while constructing the signature

sign

public void sign(java.lang.String sigalg,
                 java.lang.String digalg,
                 java.security.Key k,
                 java.util.Collection certs)
          throws SAMLException

Sign the SAML object according to the input parameters

Parameters:: sigalg - The XML signature algorithm to apply; digalg - The digest algorithm to apply; k - The secret or private key to sign the resulting digest; certs - The public key certificate(s) to embed in the object, if any
Throws:: SAMLException - Thrown if an error occurs while constructing the signature

verify

public void verify()
            throws SAMLException

Verifies the signature using only the keying material included within it

Throws:: SAMLException - Thrown if the signature is invalid or if an error occurs

verify

public void verify(java.security.cert.Certificate cert)
            throws SAMLException

Verifies the signature using the keying material provided

Parameters:: cert - A public key certificate to use in verifying the signature
Throws:: SAMLException - Thrown if the signature is invalid or if an error occurs

verify

public void verify(java.security.Key k)
            throws SAMLException

Verifies the signature using the keying material provided

Parameters:: k - A secret or public key to use in verifying the signature
Throws:: SAMLException - Thrown if the signature is invalid or if an error occurs

getX509Certificates

public java.util.Iterator getX509Certificates()
                                       throws SAMLException

Returns an iterator over the X.509 certificates included in the signature, if any

Returns:: Provides access to the certificates
Throws:: SAMLException - Thrown if the signature is missing

getSignatureAlgorithm

public java.lang.String getSignatureAlgorithm()
                                       throws SAMLException

Returns the signing algorithm identifier from the signature

Returns:: The algorithm identifier
Throws:: SAMLException - Thrown if the signature is missing

getDigestAlgorithm

public java.lang.String getDigestAlgorithm()
                                    throws SAMLException

Returns the digest algorithm identifier from the signature

Returns:: The algorithm identifier
Throws:: SAMLException - Thrown if the signature is missing

isSigned

public boolean isSigned()

Returns true iff the object contains a signature

Returns:: true iff the object contains a signature

clone

protected java.lang.Object clone()
                          throws java.lang.CloneNotSupportedException

Copies a SAML object such that no dependencies exist between the original and the copy.

Overrides:: clone in class SAMLObject

Returns:: The new object
Throws:: java.lang.CloneNotSupportedException
See Also:: Object.clone()

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

gov.nih.nci.cagrid.opensaml Class SAMLSignedObject

SAMLSignedObject

getNativeSignature

getId

fromDOM

toDOM

insertSignature

getSignatureElement

setDirty

unsign

sign

sign

verify

verify

verify

getX509Certificates

getSignatureAlgorithm

getDigestAlgorithm

isSigned

clone

gov.nih.nci.cagrid.opensaml
Class SAMLSignedObject