org.opensaml
Class SAMLSignedObject

java.lang.Object
  extended byorg.opensaml.SAMLObject
      extended byorg.opensaml.SAMLSignedObject
All Implemented Interfaces:
java.lang.Cloneable
Direct Known Subclasses:
SAMLAssertion, SAMLRequest, SAMLResponse

public abstract class SAMLSignedObject
extends SAMLObject
implements java.lang.Cloneable

Abstract base class for all SAML objects that can be signed

Author:
Scott Cantor

Field Summary
 
Fields inherited from class org.opensaml.SAMLObject
config, log, root
 
Constructor Summary
SAMLSignedObject()
           
 
Method Summary
protected  java.lang.Object clone()
          Copies a SAML object such that no dependencies exist between the original and the copy.
 void fromDOM(org.w3c.dom.Element e)
          Initialization of an object from a DOM element
abstract  java.lang.String getId()
          Gets the ID of the signed object
 java.lang.Object getNativeSignature()
          Debugging aid to access the internal XML Signature implementation
 java.lang.String getSignatureAlgorithm()
          Returns the algorithm identifier from the signature
protected  org.w3c.dom.Element getSignatureElement()
          Get the DOM element containing the signature
 java.util.Iterator getX509Certificates()
          Returns an iterator over the X.509 certificates included in the signature, if any
protected abstract  void insertSignature()
          Places the signature into the object's DOM to prepare for signing
 boolean isSigned()
          Returns true iff the object contains a signature
 void sign(java.lang.String alg, java.security.Key k, java.util.Collection certs)
          Sign the SAML object according to the input parameters
 org.w3c.dom.Node toDOM()
          Transforms the object into a DOM tree without an existing document context, including namespace declarations
 void unsign()
          Remove the signature and turn this into an unsigned object.
 void verify()
          Verifies the signature using only the keying material included within it
 void verify(java.security.cert.Certificate cert)
          Verifies the signature using the keying material provided
 void verify(java.security.Key k)
          Verifies the signature using the keying material provided
 
Methods inherited from class org.opensaml.SAMLObject
checkValidity, fromStream, plantRoot, toBase64, toDOM, toDOM, toDOM, toStream, toString
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

SAMLSignedObject

public SAMLSignedObject()
Method Detail

getNativeSignature

public java.lang.Object getNativeSignature()
Debugging aid to access the internal XML Signature implementation

Returns:
Returns a Java object corresponding to the native class used by the underlying XML Signature implementation to represent a signature. Be careful using this method, unless you're debugging or know what you're doing.

getId

public abstract java.lang.String getId()
Gets the ID of the signed object

Returns:
The XML ID

fromDOM

public void fromDOM(org.w3c.dom.Element e)
             throws SAMLException
Description copied from class: SAMLObject
Initialization of an object from a DOM element

Overrides:
fromDOM in class SAMLObject
Parameters:
e - Root element of a DOM tree
Throws:
SAMLException - Raised if an exception occurs while constructing the object
See Also:
SAMLObject.fromDOM(Element e)

toDOM

public org.w3c.dom.Node toDOM()
                       throws SAMLException
Description copied from class: SAMLObject
Transforms the object into a DOM tree without an existing document context, including namespace declarations

Overrides:
toDOM in class SAMLObject
Returns:
Root element node of the DOM tree capturing the object
Throws:
SAMLException - Raised if the object is incompletely defined
See Also:
SAMLObject.toDOM()

insertSignature

protected abstract void insertSignature()
                                 throws SAMLException
Places the signature into the object's DOM to prepare for signing

Must be overridden by subclass that knows where to place it

Throws:
SAMLException - Thrown if an error occurs while placing the signature

getSignatureElement

protected org.w3c.dom.Element getSignatureElement()
Get the DOM element containing the signature

Returns:
The ds:Signature element of a signature

unsign

public void unsign()
Remove the signature and turn this into an unsigned object. Modifying an object after signing will automatically unsign it.


sign

public void sign(java.lang.String alg,
                 java.security.Key k,
                 java.util.Collection certs)
          throws SAMLException
Sign the SAML object according to the input parameters

Parameters:
alg - The XML signature algorithm to apply
k - The secret or private key to sign the resulting digest
certs - The public key certificate(s) to embed in the object, if any
Throws:
SAMLException - Thrown if an error occurs while constructing the signature

verify

public void verify()
            throws SAMLException
Verifies the signature using only the keying material included within it

Throws:
SAMLException - Thrown if the signature is invalid or if an error occurs

verify

public void verify(java.security.cert.Certificate cert)
            throws SAMLException
Verifies the signature using the keying material provided

Parameters:
cert - A public key certificate to use in verifying the signature
Throws:
SAMLException - Thrown if the signature is invalid or if an error occurs

verify

public void verify(java.security.Key k)
            throws SAMLException
Verifies the signature using the keying material provided

Parameters:
k - A secret or public key to use in verifying the signature
Throws:
SAMLException - Thrown if the signature is invalid or if an error occurs

getX509Certificates

public java.util.Iterator getX509Certificates()
                                       throws SAMLException
Returns an iterator over the X.509 certificates included in the signature, if any

Returns:
Provides access to the certificates
Throws:
SAMLException - Thrown if the signature is missing

getSignatureAlgorithm

public java.lang.String getSignatureAlgorithm()
                                       throws SAMLException
Returns the algorithm identifier from the signature

Returns:
The algorithm identifier
Throws:
SAMLException - Thrown if the signature is missing

isSigned

public boolean isSigned()
Returns true iff the object contains a signature

Returns:
true iff the object contains a signature

clone

protected java.lang.Object clone()
                          throws java.lang.CloneNotSupportedException
Copies a SAML object such that no dependencies exist between the original and the copy.

Overrides:
clone in class SAMLObject
Returns:
The new object
Throws:
java.lang.CloneNotSupportedException
See Also:
Object.clone()


Copyright ? 2002 UCAID. All Rights Reserved.