SamlAssertionValidator (Apache WSS4J 1.6.10 API)

java.lang.Object
- org.apache.ws.security.validate.SignatureTrustValidator
- - org.apache.ws.security.validate.SamlAssertionValidator

All Implemented Interfaces:

Validator
```
public class SamlAssertionValidator
extends SignatureTrustValidator
```
This class validates a SAML Assertion, which is wrapped in an "AssertionWrapper" instance. It assumes that the AssertionWrapper instance has already verified the signature on the assertion (done by the SAMLTokenProcessor). It verifies trust in the signature, and also checks that the Subject contains a KeyInfo (and processes it) for the holder-of-key case, and verifies that the Assertion is signed as well for holder-of-key.

Constructor Summary

Constructors
Constructor and Description

SamlAssertionValidator()

Constructors
Constructor and Description
`SamlAssertionValidator()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected void`	`checkConditions(AssertionWrapper assertion)` Check the Conditions of the Assertion.
`boolean`	`isValidateSignatureAgainstProfile()` Whether to validate the signature of the Assertion (if it exists) against the relevant profile.
`void`	`setFutureTTL(int newFutureTTL)` Set the time in seconds in the future within which the NotBefore time of an incoming Assertion is valid.
`void`	`setValidateSignatureAgainstProfile(boolean validateSignatureAgainstProfile)` Whether to validate the signature of the Assertion (if it exists) against the relevant profile.
`Credential`	`validate(Credential credential, RequestData data)` Validate the credential argument.
`protected void`	`validateAssertion(AssertionWrapper assertion)` Validate the assertion against schemas/profiles
`protected Credential`	`verifySignedAssertion(AssertionWrapper assertion, RequestData data)` Verify trust in the signature of a signed Assertion.

Methods inherited from class org.apache.ws.security.validate.SignatureTrustValidator
getCrypto, isCertificateInKeyStore, matches, validateCertificates, validatePublicKey, verifyTrustInCert, verifyTrustInCert, verifyTrustInCert, verifyTrustInCerts, verifyTrustInCerts, verifyTrustInCerts

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SamlAssertionValidator
```
public SamlAssertionValidator()
```
- Method Detail
  - setFutureTTL
```
public void setFutureTTL(int newFutureTTL)
```
    Set the time in seconds in the future within which the NotBefore time of an incoming Assertion is valid. The default is 60 seconds.
  - validate
```
public Credential validate(Credential credential,
                  RequestData data)
                    throws WSSecurityException
```
    Validate the credential argument. It must contain a non-null AssertionWrapper. A Crypto and a CallbackHandler implementation is also required to be set.
    
    Specified by:
    
    validate in interface Validator
    
    Overrides:
    
    validate in class SignatureTrustValidator
    
    Parameters:
    credential - the Credential to be validated
    data - the RequestData associated with the request
    
    Returns:
    a validated Credential
    
    Throws:
    
    WSSecurityException - on a failed validation
  - verifySignedAssertion
```
protected Credential verifySignedAssertion(AssertionWrapper assertion,
                               RequestData data)
                                    throws WSSecurityException
```
    Verify trust in the signature of a signed Assertion. This method is separate so that the user can override if if they want.
    
    Parameters:
    assertion - The signed Assertion
    data - The RequestData context
    
    Returns:
    A Credential instance
    
    Throws:
    
    WSSecurityException
  - checkConditions
```
protected void checkConditions(AssertionWrapper assertion)
                        throws WSSecurityException
```
    Check the Conditions of the Assertion.
    
    Throws:
    
    WSSecurityException
  - validateAssertion
```
protected void validateAssertion(AssertionWrapper assertion)
                          throws WSSecurityException
```
    Validate the assertion against schemas/profiles
    
    Throws:
    
    WSSecurityException
  - isValidateSignatureAgainstProfile
```
public boolean isValidateSignatureAgainstProfile()
```
    Whether to validate the signature of the Assertion (if it exists) against the relevant profile. Default is true.
  - setValidateSignatureAgainstProfile
```
public void setValidateSignatureAgainstProfile(boolean validateSignatureAgainstProfile)
```
    Whether to validate the signature of the Assertion (if it exists) against the relevant profile. Default is true.

Class SamlAssertionValidator

Constructor Summary

Method Summary

Methods inherited from class org.apache.ws.security.validate.SignatureTrustValidator

Methods inherited from class java.lang.Object

Constructor Detail

SamlAssertionValidator

Method Detail

setFutureTTL

validate

verifySignedAssertion

checkConditions

validateAssertion

isValidateSignatureAgainstProfile

setValidateSignatureAgainstProfile