public class SAMLSignatureProfileValidator extends Object implements org.opensaml.xml.validation.Validator<org.opensaml.xml.signature.Signature>
Signature
, which validates that the signature meets security-related
requirements indicated by the SAML profile of XML Signature.Constructor and Description |
---|
SAMLSignatureProfileValidator() |
Modifier and Type | Method and Description |
---|---|
void |
validate(org.opensaml.xml.signature.Signature signature) |
protected void |
validateObjectChildren(org.apache.xml.security.signature.XMLSignature apacheSig)
Validate that the Signature instance does not contain any ds:Object children.
|
protected org.apache.xml.security.signature.Reference |
validateReference(org.apache.xml.security.signature.XMLSignature apacheSig)
Validate the Signature's SignedInfo Reference.
|
protected void |
validateReferenceURI(String uri,
SignableSAMLObject signableObject)
Validate the Signature's Reference URI.
|
protected void |
validateReferenceURI(String uri,
String id)
Validate the Reference URI and parent ID attribute values.
|
protected void |
validateSignatureImpl(org.opensaml.xml.signature.impl.SignatureImpl sigImpl)
Validate an instance of
SignatureImpl , which is in turn based on underlying Apache XML Security
XMLSignature instance. |
protected void |
validateTransforms(org.apache.xml.security.signature.Reference reference)
Validate the transforms included in the Signature Reference.
|
public void validate(org.opensaml.xml.signature.Signature signature) throws org.opensaml.xml.validation.ValidationException
validate
in interface org.opensaml.xml.validation.Validator<org.opensaml.xml.signature.Signature>
org.opensaml.xml.validation.ValidationException
protected void validateSignatureImpl(org.opensaml.xml.signature.impl.SignatureImpl sigImpl) throws org.opensaml.xml.validation.ValidationException
SignatureImpl
, which is in turn based on underlying Apache XML Security
XMLSignature
instance.sigImpl
- the signature implementation object to validateorg.opensaml.xml.validation.ValidationException
- thrown if the signature is not valid with respect to the profileprotected org.apache.xml.security.signature.Reference validateReference(org.apache.xml.security.signature.XMLSignature apacheSig) throws org.opensaml.xml.validation.ValidationException
apacheSig
- the Apache XML Signature instanceorg.opensaml.xml.validation.ValidationException
- thrown if the Signature does not contain exactly 1 Reference, or if there is an error
obtaining the Reference instanceprotected void validateReferenceURI(String uri, SignableSAMLObject signableObject) throws org.opensaml.xml.validation.ValidationException
uri
- the Signature Reference URI attribute valuesignableObject
- the SignableSAMLObject whose signature is being validatedorg.opensaml.xml.validation.ValidationException
- if the URI is invalid or doesn't resolve to the expected DOM nodeprotected void validateReferenceURI(String uri, String id) throws org.opensaml.xml.validation.ValidationException
uri
- the Signature Reference URI attribute valueid
- the Signature parents ID attribute valueorg.opensaml.xml.validation.ValidationException
- thrown if the URI or ID attribute values are invalidprotected void validateTransforms(org.apache.xml.security.signature.Reference reference) throws org.opensaml.xml.validation.ValidationException
reference
- the Signature reference containing the transforms to evaluateorg.opensaml.xml.validation.ValidationException
- thrown if the set of transforms is invalidprotected void validateObjectChildren(org.apache.xml.security.signature.XMLSignature apacheSig) throws org.opensaml.xml.validation.ValidationException
apacheSig
- the Apache XML Signature instanceorg.opensaml.xml.validation.ValidationException
- if the signature contains ds:Object childrenCopyright © 1999-2013. All Rights Reserved.