Created
June 24, 2017 05:08
-
-
Save Pushpalanka/dcc650721d038786c49385336843cc2e to your computer and use it in GitHub Desktop.
Customize Signing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Override | |
public Assertion doSetSignature(Assertion assertion, String signatureAlgorithm, X509Credential cred) throws IdentityException { | |
try { | |
//override the credentials with our desired one | |
cred = getRequiredCredentials(); | |
Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME); | |
signature.setSigningCredential(cred); | |
signature.setSignatureAlgorithm(signatureAlgorithm); | |
signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); | |
try { | |
KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME); | |
X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME); | |
X509Certificate cert = (X509Certificate) buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME); | |
String value = org.apache.xml.security.utils.Base64.encode(cred | |
.getEntityCertificate().getEncoded()); | |
cert.setValue(value); | |
data.getX509Certificates().add(cert); | |
keyInfo.getX509Datas().add(data); | |
signature.setKeyInfo(keyInfo); | |
} catch (CertificateEncodingException e) { | |
throw new IdentityException("errorGettingCert"); | |
} | |
assertion.setSignature(signature); | |
List<Signature> signatureList = new ArrayList<Signature>(); | |
signatureList.add(signature); | |
// Marshall and Sign | |
MarshallerFactory marshallerFactory = org.opensaml.xml.Configuration | |
.getMarshallerFactory(); | |
Marshaller marshaller = marshallerFactory.getMarshaller(assertion); | |
marshaller.marshall(assertion); | |
org.apache.xml.security.Init.init(); | |
Signer.signObjects(signatureList); | |
return assertion; | |
} catch (Exception e) { | |
throw new IdentityException("Error while signing the SAML Response message.", e); | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment