From 442426b3c167d0330a76702ebdbcf927be07aeaf Mon Sep 17 00:00:00 2001 From: "(no author)" <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> Date: Thu, 20 Jan 2005 13:26:03 +0000 Subject: This commit was manufactured by cvs2svn to create tag 'Build-SPSS-1_2_0_D03'. git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/tags/Build-SPSS-1_2_0_D03@233 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../CreateXMLSignatureResponseValidator.java | 108 --------------------- 1 file changed, 108 deletions(-) delete mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java') diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java deleted file mode 100644 index 3c15b9ec4..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ /dev/null @@ -1,108 +0,0 @@ -package at.gv.egovernment.moa.id.auth.validator; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * - * This class is used to validate an {@link CreateXMLSignatureResponse} - * returned by the security layer. - * This class implements the Singleton pattern. - * @author Stefan Knirsch - * @version $Id$ - */ -public class CreateXMLSignatureResponseValidator { - - /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */ - private static final String SAML = Constants.SAML_PREFIX + ":"; - /** Xpath prefix for reaching XML-DSIG Namespaces */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - /** Xpath expression to the SAML:Assertion element */ - private static final String ROOT = SAML + "Assertion"; - /** Xpath expression to the SAML:NameIdentifier element */ - private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = - SAML + "AttributeStatement/" + SAML + "Subject/" + - SAML + "NameIdentifier"; - /** Xpath expression to the SAML:Attribute element */ - private static final String SAML_ATTRIBUTE_XPATH = - ROOT + "/" + SAML + "AttributeStatement/" + SAML + "Attribute"; - /** Xpath expression to the SAML:AttributeValue element */ - private static final String SAML_ATTRIBUTE_VALUE_XPATH = - SAML + "AttributeValue"; - - - /** Singleton instance. null, if none has been created. */ - private static CreateXMLSignatureResponseValidator instance; - - /** - * Constructor for a singleton CreateXMLSignatureResponseValidator. - * @return an instance of CreateXMLSignatureResponseValidator - * @throws ValidateException if no instance can be created - */ - public static synchronized CreateXMLSignatureResponseValidator getInstance() - throws ValidateException { - if (instance == null) { - instance = new CreateXMLSignatureResponseValidator(); - } - return instance; - } - - - /** - * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse} - * @param createXMLSignatureResponse - * @param gbTarget - * @param oaURL - * @throws ValidateException - */ - public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, String gbTarget, String oaURL) - throws ValidateException { - - // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier - - - XPathUtils.selectNodeList(createXMLSignatureResponse.getSamlAssertion(),SAML_SUBJECT_NAME_IDENTIFIER_XPATH); - - SAMLAttribute[] samlattributes = createXMLSignatureResponse.getSamlAttributes(); - - boolean foundOA = false; - boolean foundGB = false; - for (int i = 0; i < samlattributes.length; i++) - { - if (samlattributes[i].getName().equals("Geschaeftsbereich")) - if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) - - { - foundGB = true; - if (!gbTarget.equals(samlattributes[i].getValue())) - { - throw new ValidateException("validator.13", null); - } - } - else throw new ValidateException("validator.12", null); - if (samlattributes[i].getName().equals("OA")) - if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) - { - foundOA = true; - if (!oaURL.equals(samlattributes[i].getValue())) // CHECKS für die AttributeVALUES fehlen noch - { - throw new ValidateException("validator.16", new Object[] {":gefunden wurde '" + oaURL + "', erwartet wurde '" + samlattributes[i].getValue()}); - } - - } - else throw new ValidateException("validator.15", null); - } - if (!foundOA) throw new ValidateException("validator.14", null); - if (!foundGB) throw new ValidateException("validator.11", null); - - //Check if dsig:Signature exists - Element dsigSignature = (Element) XPathUtils.selectSingleNode(createXMLSignatureResponse.getSamlAssertion(),DSIG + "Signature"); - if (dsigSignature==null) throw new ValidateException("validator.05", null); - - - } -} -- cgit v1.2.3