Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.common.impl
Class SAMLObjectContentReference

java.lang.Object
  extended by org.opensaml.common.impl.SAMLObjectContentReference
All Implemented Interfaces:
ContentReference
public class SAMLObjectContentReference
extends Object
implements ContentReference

A content reference for SAML objects that will be signed. The reference is created per the SAML specification.

The default digest algorithm used is the value configured in the global security configuration's SecurityConfiguration.getSignatureReferenceDigestMethod(), if available, otherwise it will be SignatureConstants.ALGO_ID_DIGEST_SHA1.

The default set of transforms applied consists of SignatureConstants.TRANSFORM_ENVELOPED_SIGNATURE and SignatureConstants.TRANSFORM_C14N_EXCL_WITH_COMMENTS.

When generating an exclusive canonicalization transform, an inclusive namespace list is generated from the namespaces, retrieved from XMLObject.getNamespaces(), used by the SAML object to be signed and all of it's descendants.

Note that the SAML specification states that: 1) an exclusive canonicalization transform (either with or without comments) SHOULD be used. 2) transforms other than enveloped signature and one of the two exclusive canonicalizations SHOULD NOT be used. Careful consideration should be made before deviating from these recommendations.

Field Summary
private  String digestAlgorithm
          Algorithm used to digest the content.
private  org.slf4j.Logger log
          Class logger.
private  SignableSAMLObject signableObject
          SAMLObject this reference refers to.
private  List<String> transforms
          Transforms applied to the content.
 
Constructor Summary
SAMLObjectContentReference(SignableSAMLObject newSignableObject)
          Constructor.
 
Method Summary
 void createReference(org.apache.xml.security.signature.XMLSignature signature)
          
 String getDigestAlgorithm()
          Gets the algorithm used to digest the content.
 List<String> getTransforms()
          Gets the transforms applied to the content prior to digest generation.
private  void populateNamespacePrefixes(Set<String> namespacePrefixes, XMLObject signatureContent)
          Populates the given set with the non-visibly used namespace prefixes used by the given XMLObject and all of its descendants, as determined by the signature content object's namespace manager.
private  void processExclusiveTransform(org.apache.xml.security.signature.XMLSignature signature, org.apache.xml.security.transforms.Transform transform)
          Populate the inclusive namspace prefixes on the specified Apache (exclusive) transform object.
 void setDigestAlgorithm(String newAlgorithm)
          Sets the algorithm used to digest the content.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

private final org.slf4j.Logger log
Class logger.

signableObject

private SignableSAMLObject signableObject
SAMLObject this reference refers to.

digestAlgorithm

private String digestAlgorithm
Algorithm used to digest the content.

transforms

private List<String> transforms
Transforms applied to the content.

Constructor Detail

SAMLObjectContentReference

public SAMLObjectContentReference(SignableSAMLObject newSignableObject)
Constructor.

Parameters:
newSignableObject - the SAMLObject this reference refers to
Method Detail

getTransforms

public List<String> getTransforms()
Gets the transforms applied to the content prior to digest generation.

Returns:
the transforms applied to the content prior to digest generation

getDigestAlgorithm

public String getDigestAlgorithm()
Gets the algorithm used to digest the content.

Returns:
the algorithm used to digest the content

setDigestAlgorithm

public void setDigestAlgorithm(String newAlgorithm)
Sets the algorithm used to digest the content.

Parameters:
newAlgorithm - the algorithm used to digest the content

createReference

public void createReference(org.apache.xml.security.signature.XMLSignature signature)

Specified by:
createReference in interface ContentReference

processExclusiveTransform

private void processExclusiveTransform(org.apache.xml.security.signature.XMLSignature signature,
                                       org.apache.xml.security.transforms.Transform transform)
Populate the inclusive namspace prefixes on the specified Apache (exclusive) transform object.

Parameters:
signature - the Apache XMLSignature object
transform - the Apache Transform object representing an exclusive transform

populateNamespacePrefixes

private void populateNamespacePrefixes(Set<String> namespacePrefixes,
                                       XMLObject signatureContent)
Populates the given set with the non-visibly used namespace prefixes used by the given XMLObject and all of its descendants, as determined by the signature content object's namespace manager.

Parameters:
namespacePrefixes - the namespace prefix set to be populated
signatureContent - the XMLObject whose namespace prefixes will be used to populate the set
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2012. All Rights Reserved.