Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.gridshib.security.util
Class SAMLUtil

java.lang.Object
  extended by org.globus.gridshib.security.util.SAMLUtil

public class SAMLUtil
extends Object

Constructor Summary
SAMLUtil()
           
 
Method Summary
static void consumeSAMLAssertions(Subject subject)
          First obtain the certificate chain of the authenticated user from the existing security context, and then traverse the certificate chain and search for bound SAML assertions.
static SAMLSubjectAssertion getSAMLAssertion(X509Certificate cert)
          Deprecated. This method will be removed in a future version of the GridShib Security Framework. Use org.globus.gridshib.security.x509.SAMLX509Extension.getSAMLAssertion(X509Certificate) instead.
static SAMLSubjectAssertion[] getSAMLAssertions(X509Certificate[] certs)
          Gets all the SAML assertions from the given certificate chain, up to and including the first non-impersonation proxy.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAMLUtil

public SAMLUtil()
Method Detail

getSAMLAssertions

public static SAMLSubjectAssertion[] getSAMLAssertions(X509Certificate[] certs)
                                                throws IOException,
                                                       SAMLException,
                                                       CertificateException
Gets all the SAML assertions from the given certificate chain, up to and including the first non-impersonation proxy.

Parameters:
certs - an X.509 certificate chain
Returns:
an array of SAML subject assertions (or null if the given certificate chain does not contain any embedded SAML assertions)
Throws:
IOException - If unable to decode a certificate extension
SAMLException - If unable to parse a SAML assertion
CertificateException - If unable to determine if a certificate is an impersonation proxy

getSAMLAssertion

public static SAMLSubjectAssertion getSAMLAssertion(X509Certificate cert)
                                             throws IOException,
                                                    SAMLException
Deprecated. This method will be removed in a future version of the GridShib Security Framework. Use org.globus.gridshib.security.x509.SAMLX509Extension.getSAMLAssertion(X509Certificate) instead.

Gets the SAML certificate extension value from the given certificate and parses it as a SAML assertion. If the extension does not exist, this method returns null.

Parameters:
cert - an X.509 certificate that may or may not contain an embedded SAML assertion
Returns:
a SAML subject assertion (or null if the given certificate does not contain an embedded SAML assertion)
Throws:
IOException - If unable to decode the certificate extension
SAMLException - If unable to parse the SAML assertion

consumeSAMLAssertions

public static void consumeSAMLAssertions(Subject subject)
                                  throws IOException,
                                         SAMLException,
                                         CertificateException
First obtain the certificate chain of the authenticated user from the existing security context, and then traverse the certificate chain and search for bound SAML assertions. Add the parsed SAML assertions to the user's security context.

Parameters:
subject - the authenticated subject
Throws:
IOException - If unable to decode a certificate extension
SAMLException - If unable to parse a SAML assertion
CertificateException - If unable to determine if a certificate is an impersonation proxy
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2007-2008 University of Illinois. All Rights Reserved.