Author: coheigea
Date: Tue Jun 14 14:25:20 2011
New Revision: 1135604
URL: http://svn.apache.org/viewvc?rev=1135604&view=rev
Log:
Added support to create an AudienceRestrictionConditions element to a SAML 1.1
assertion
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java?rev=1135604&r1=1135603&r2=1135604&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
Tue Jun 14 14:25:20 2011
@@ -41,6 +41,8 @@ import org.opensaml.saml1.core.Assertion
import org.opensaml.saml1.core.Attribute;
import org.opensaml.saml1.core.AttributeStatement;
import org.opensaml.saml1.core.AttributeValue;
+import org.opensaml.saml1.core.Audience;
+import org.opensaml.saml1.core.AudienceRestrictionCondition;
import org.opensaml.saml1.core.AuthenticationStatement;
import org.opensaml.saml1.core.AuthorizationDecisionStatement;
import org.opensaml.saml1.core.Conditions;
@@ -73,6 +75,10 @@ public class SAML1ComponentBuilder {
private static SAMLObjectBuilder<Conditions> conditionsV1Builder;
+ private static SAMLObjectBuilder<AudienceRestrictionCondition>
audienceRestrictionV1Builder;
+
+ private static SAMLObjectBuilder<Audience> audienceV1Builder;
+
private static SAMLObjectBuilder<AuthenticationStatement>
authenticationStatementV1Builder;
private static SAMLObjectBuilder<Subject> subjectV1Builder;
@@ -260,8 +266,41 @@ public class SAML1ComponentBuilder {
conditions.setNotBefore(newNotBefore);
conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
}
+
+ if (conditionsBean.getAudienceURI() != null) {
+ AudienceRestrictionCondition audienceRestriction =
+
createSamlv1AudienceRestriction(conditionsBean.getAudienceURI());
+
conditions.getAudienceRestrictionConditions().add(audienceRestriction);
+ }
+
return conditions;
}
+
+ /**
+ * Create an AudienceRestrictionCondition object
+ *
+ * @param audienceURI of type String
+ * @return an AudienceRestrictionCondition object
+ */
+ @SuppressWarnings("unchecked")
+ public static AudienceRestrictionCondition
+ createSamlv1AudienceRestriction(String audienceURI) {
+ if (audienceRestrictionV1Builder == null) {
+ audienceRestrictionV1Builder =
(SAMLObjectBuilder<AudienceRestrictionCondition>)
+
builderFactory.getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME);
+ }
+ if (audienceV1Builder == null) {
+ audienceV1Builder = (SAMLObjectBuilder<Audience>)
+ builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
+ }
+
+ AudienceRestrictionCondition audienceRestriction =
+ audienceRestrictionV1Builder.buildObject();
+ Audience audience = audienceV1Builder.buildObject();
+ audience.setUri(audienceURI);
+ audienceRestriction.getAudiences().add(audience);
+ return audienceRestriction;
+ }
/**
* Create SAML 1.1 authentication statement(s)
